383 files changed, 101185 insertions, 76119 deletions

diff --git a/COPYING b/COPYING
index fb94427d..23e43728 100644
--- a/COPYING
+++ b/COPYING
@@ -1,7 +1,7 @@
-xmlsec, xmlsec-openssl, xmlsec-gnutls libraries
+xmlsec, xmlsec-openssl, xmlsec-gnutls, xmlsec-gcrypt libraries
 ------------------------------------------------------------------------------
 
-Copyright (C) 2002-2003 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -27,7 +27,7 @@ ings in this Software without prior written authorization from him.
 
 xmlsec-nss library
 ------------------------------------------------------------------------------
-Copyright (C) 2002-2003 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
 Copyright (c) 2003 America Online, Inc.  All rights reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -57,3 +57,49 @@ Except as contained in this notice, the name of Aleksey Sanin shall not
 be used in advertising or otherwise to promote the sale, use or other deal-
 ings in this Software without prior written authorization from him.
 
+
+xmlsec-mscrypto library
+------------------------------------------------------------------------------
+
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2003 Cordys R&D BV, All rights reserved.
+Copyright (C) 2007 Roumen Petrov.
+Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
+
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is fur-
+nished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT-
+NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON-
+NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of Aleksey Sanin shall not
+be used in advertising or otherwise to promote the sale, use or other deal-
+ings in this Software without prior written authorization from him.
+
+
+
+References
+------------------------------------------------------------------------------
+
+* AOL
+http://www.aleksey.com/pipermail/xmlsec/2003/005488.html
+http://www.aleksey.com/pipermail/xmlsec/attachments/20030729/0e25648e/attachment.htm
+
+* Cordys R&D BV
+http://www.aleksey.com/pipermail/xmlsec/2003/005581.html
+
+* Cryptocom LTD
+http://www.aleksey.com/pipermail/xmlsec/2006/007410.html
+
diff --git a/ChangeLog b/ChangeLog
index b63503ce..5789143b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,138 @@
+2013-03-24 Aleksey Sanin  <aleksey@aleksey.com>
+	* 1.2.19 release
+
+2013-01-18 Aleksey Sanin  <aleksey@aleksey.com>
+	* Added support for DSA-SHA256, ECDSA-SHA1, ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 (Mak Kolybabi)
+
+2011-09-06  Aleksey Sanin  <aleksey@aleksey.com>
+        * GOST support for xmlsec-openssl (patch from Dmitry Belyavsky)
+
+2011-05-11  Aleksey Sanin  <aleksey@aleksey.com>
+        * 1.2.18 release
+
+2011-05-01  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed crasher in 64 bit (reported by Roumen)
+
+2011-03-31  Aleksey Sanin  <aleksey@aleksey.com>
+        * 1.2.17 release
+
+2011-03-30  Aleksey Sanin  <aleksey@aleksey.com>
+        * Preparations for 1.2.17 release
+
+2011-03-29  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire)
+
+2011-02-05  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed pkcs12 file loading (based on patch from Andre de Souza Pinto)
+
+2010-11-23  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed comments (based on patch from Wolfgang Woehl)
+
+2010-11-09  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed extra quotes in configure (bug #631258)
+
+2010-07-19  Aleksey Sanin  <aleksey@aleksey.com>
+        * Fixed configure issue with empty --with-libxml/libxsl and config scripts in /bin directory
+
+2010-06-27  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fixed gcrypt init/shutdown (patch from Roumen)
+
+2010-04-25  Aleksey Sanin  <aleksey@aleksey.com>
+	* 1.2.16 release
+
+2010-04-24  Aleksey Sanin  <aleksey@aleksey.com>
+	* Preparation for 1.2.16 release
+
+2010-05-23  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added X509Data support to xmlsec-gnutls
+
+2010-05-12  Aleksey Sanin  <aleksey@aleksey.com>
+	* Several patches from Roumen: support NSS/NSPR from seamonkey
+	package; reorder libxmlsec as dep. lib for mingw; fix gcrypt/src/asn1.h
+	include; fix Unicode build for mingw
+	* Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gnutls
+	* Added DSA/SHA1 for xmlsec-gnutls
+
+2010-05-10  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added RSA/SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160 for xmlsec-gcrypt
+	* Added DSA/SHA1 for xmlsec-gcrypt
+
+2010-05-09  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added DES KW support for xmlsec-mscrypto
+	* Added DES KW support for xmlsec-gnutls
+	* Separated xmlsec-gnutls and xmlsec-gcrypt libraries
+
+2010-05-08  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added AES KW support for xmlsec-mscrypto
+	* Added AES KW support for xmlsec-gnutls
+
+2010-04-30  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added RSA/OAEP support for xmlsec-mscrypto
+
+2010-04-29  Aleksey Sanin  <aleksey@aleksey.com>
+	* 1.2.15 release
+
+2010-04-28  Aleksey Sanin  <aleksey@aleksey.com>
+	* Preparation for 1.2.15 release
+
+2010-04-27  Aleksey Sanin  <aleksey@aleksey.com>
+	* Converted xmlsec-mscrypto to unicode and provided a compile time 
+	option to switch between unicode/non-unicode builds
+	* Deleted support for old gnutls, new required version 2.8.0
+	* Added SHA256/384/512 support for xmlsec-gnutls
+
+2010-04-26  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added support for HMAC with MD5, SHA1, SHA256/384/512 in xmlsec-mscrypto
+	* Added support for MD5 RSA/MD5 in xmlsec-mscrypto
+
+2010-04-25  Aleksey Sanin  <aleksey@aleksey.com>
+	* Added support for SHA256/384/512 for digest, HMAC and RSA in xmlsec-nss
+	(requires nss 3.8 + nspr 4.3 or greater)
+	* Added support for MD5 for digest and RSA in xmlsec-nss
+	* Minor fixes to xmlsec-nss (xmlsec bug #118630), bumping nss min 
+	version to 3.9 + nspr 4.4.1 or greater
+	Other minor fixes for xmlsec-nss
+
+2010-04-24  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix PK_CONFIG problem (reported by Roumen)
+	* Enable --crypto for transform checks
+
+2010-04-23  Aleksey Sanin  <aleksey@aleksey.com>
+	* Enable RSA/SHA2 support in xmlsec-mscrypto
+	* Misc. cleanups in xmlsec-mscrypto
+	* Fix PK_CONFIG problem (reported by Roumen)
+	* Fix DSA support in xmlsec-nss (https://bugzilla.mozilla.org/show_bug.cgi?id=561598)
+
+2010-04-23  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix search for certificates with UTF-8 subject on Windows in xmlsec-mscrypto
+	* Remove spaces at the end of lines
+
+2010-04-22  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix search for certificates with Unicode subject on Windows in xmlsec-mscrypto
+	* Copy *.manifest files to installation for Windows builds
+	* Convert tabs to spaces
+
+2010-04-21  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix key name conversion to unicode problem in xmlsec-mscrypto
+
+2010-04-20  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix compile warnings in xmlsec-openssl
+	* Fix linking order issue (based on patch from Roumen)
+
+2010-03-30  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix typo Copyrigth -> Copyright
+	* Add xmlsec-mscrypto to the top level 	copyright file
+	* Refresh the copyright date to 2010
+	* Add references to licenses
+
+2010-03-18  Aleksey Sanin  <aleksey@aleksey.com>
+	* Ensure we have only one copy of key's cert after reading pkcs12
+	from openssl
+
+2010-01-13  Aleksey Sanin  <aleksey@aleksey.com>
+	* Fix valgrind's invalid read with chained XPath transforms (based
+	on patch from Frank Gross).
+
 2009-09-05  Aleksey Sanin  <aleksey@aleksey.com>
 	* preparation for 1.2.14 release
 
@@ -1668,7 +1803,7 @@ Sat 30 Mar 2002 12:55:30 AM PST Aleksey Sanin <aleksey@aleksey.com>
     
 Wed 27 Mar 2002 11:20:42 PM PST Aleksey Sanin <aleksey@aleksey.com> 
 	*: Added x509 verification support and a skeleton for x509 
-          x509 based sigantures
+          x509 based signatures
     
 Tue 26 Mar 2002 06:30:10 PM PST Aleksey Sanin <aleksey@aleksey.com>
 	*: The result of operation (sign/verify) is returned in the
diff --git a/Copyright b/Copyright
index fb94427d..23e43728 100644
--- a/Copyright
+++ b/Copyright
@@ -1,7 +1,7 @@
-xmlsec, xmlsec-openssl, xmlsec-gnutls libraries
+xmlsec, xmlsec-openssl, xmlsec-gnutls, xmlsec-gcrypt libraries
 ------------------------------------------------------------------------------
 
-Copyright (C) 2002-2003 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -27,7 +27,7 @@ ings in this Software without prior written authorization from him.
 
 xmlsec-nss library
 ------------------------------------------------------------------------------
-Copyright (C) 2002-2003 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
 Copyright (c) 2003 America Online, Inc.  All rights reserved.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -57,3 +57,49 @@ Except as contained in this notice, the name of Aleksey Sanin shall not
 be used in advertising or otherwise to promote the sale, use or other deal-
 ings in this Software without prior written authorization from him.
 
+
+xmlsec-mscrypto library
+------------------------------------------------------------------------------
+
+Copyright (C) 2002-2010 Aleksey Sanin.  All Rights Reserved.
+Copyright (C) 2003 Cordys R&D BV, All rights reserved.
+Copyright (C) 2007 Roumen Petrov.
+Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
+
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is fur-
+nished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT-
+NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+ALEKSEY SANIN BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON-
+NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of Aleksey Sanin shall not
+be used in advertising or otherwise to promote the sale, use or other deal-
+ings in this Software without prior written authorization from him.
+
+
+
+References
+------------------------------------------------------------------------------
+
+* AOL
+http://www.aleksey.com/pipermail/xmlsec/2003/005488.html
+http://www.aleksey.com/pipermail/xmlsec/attachments/20030729/0e25648e/attachment.htm
+
+* Cordys R&D BV
+http://www.aleksey.com/pipermail/xmlsec/2003/005581.html
+
+* Cryptocom LTD
+http://www.aleksey.com/pipermail/xmlsec/2006/007410.html
+
diff --git a/HACKING b/HACKING
index 0b51ddfe..851d1628 100644
--- a/HACKING
+++ b/HACKING
@@ -153,6 +153,45 @@ If you want to submit a patch please do following:
     (http://www.aleksey.com/xmlsec/bugs.html) for the record. Do not forget
     to put link or bug number in your message if the bug is in bugzilla.
     
+4) Building a release
+- Cleanup, make sure no other changes are pending
+  - make distclean
+  - git status 
+- Update Changelog
+- Write about release changes in the release
+  - docs/index.html and docs/news.html
+- Update release number in 
+  - configure.in (2 places at the top)
+  - docs/download.html
+- Create build
+  - ./autogen.sh
+  - make
+- Build docs (watch for errors!)
+  - make docs
+- Commit the "prepare for X.Y.Z" release
+  - git commit -m"prepare for X.Y.Z release" -a
+- Run tests, make sure everything is OK
+  - make check
+- Build release
+  - sudo ./scripts/build_release.sh
+- Extract tar file, make sure it works
+  - cd /tmp
+  - tar xvfz /usr/src/redhat/SOURCE/xmlsec1-X.Y.z.tar.gz 
+  - cd xmlsec1-X.Y.z
+  - ./configure
+  - make
+  - make check
+- Copy tar file to FTP/Web Download
+- Copy docs/ folder to Web folder
+- Write an announcement email to xmlsec@aleksey.com
+- Update freshmeat.net
+- Relax
+
+
+
+
+
+
 
 
     
diff --git a/Makefile.am b/Makefile.am
index 3fce5488..669f996b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -17,7 +17,11 @@ ACLOCAL_AMFLAGS	= -I m4
 
 DISTCLEANFILES = \
 	xmlsec1Conf.sh \
-	xmlsec1.pc xmlsec1-openssl.pc xmlsec1-gnutls.pc xmlsec1-nss.pc \
+	xmlsec1.pc \
+	xmlsec1-openssl.pc \
+	xmlsec1-nss.pc \
+	xmlsec1-gnutls.pc \
+	xmlsec1-gcrypt.pc \
 	xmlsec1-config \
 	xmlsec1.spec \
 	stamp-h2 \
@@ -36,7 +40,10 @@ EXTRA_DIST = \
 	ChangeLog \
 	Copyright \
 	HACKING \
-	xmlsec-openssl.pc.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in\
+	xmlsec-openssl.pc.in \
+	xmlsec-nss.pc.in\
+	xmlsec-gnutls.pc.in \
+	xmlsec-gcrypt.pc.in \
 	xmlsec-config.in \
 	xmlsecConf.sh.in \
 	xmlsec.spec.in \
@@ -57,9 +64,6 @@ if XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING
 PRECHECK_COMMANDS = \
 	cd $(ABS_SRCDIR) \
 	$(NULL)
-CHECK_CRYPTO_LIST = \
-	"default" \
-	$(NULL)
 else
 PRECHECK_COMMANDS= \
 	for i in $(XMLSEC_CRYPTO_LIST) ; do \
@@ -67,10 +71,10 @@ PRECHECK_COMMANDS= \
 	done && \
 	cd $(ABS_SRCDIR) \
 	$(NULL)	
+endif
 CHECK_CRYPTO_LIST = \
 	$(XMLSEC_CRYPTO_LIST) \
 	$(NULL)
-endif
 
 docs: docs-man
 	@(cd docs && $(MAKE) docs)
@@ -81,47 +85,85 @@ docs-clean:
 docs-man: 
 	@(cd man && $(MAKE) docs)
 
-check: check-all check-info 
+check: check-all check-info
 
 check-all: $(TEST_APP) 
 	@($(PRECHECK_COMMANDS) && \
-	for i in $(CHECK_CRYPTO_LIST) ; do \
-	    echo "=================== Checking xmlsec-$$i =================================" && \
-	    $(SHELL) ./tests/testKeys.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
-	    $(SHELL) ./tests/testDSig.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
-	    $(SHELL) ./tests/testEnc.sh  $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der ; \
+	for crypto in $(CHECK_CRYPTO_LIST) ; do \
+	    echo "=================== Checking xmlsec-$$crypto =================================" && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testKeys.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) der \
+	    && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testDSig.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) \
+	        der \
+	    && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testEnc.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) \
+	        der \
+	    ; \
 	done; )
 
 check-info:
-	@echo "-------------------------- ATTENTION -----------------------------------"
-	@echo "--- 1) Some of the following tests use resources located on external ---"
-	@echo "--- HTTP servers. If you have no Internet connection or the external ---"
-	@echo "--- resource is not responding then the test will fail.              ---"
-	@echo "--- 2) The test fails if corresponding feature(s) is disabled.       ---"
-	@echo "--- Please, don't be surprised that many XML Encryption tests fails  ---"
-	@echo "--- when you use OpenSSL 0.9.6 (see the FAQ for details)             ---"
-	@echo "-------------------------- ATTENTION -----------------------------------"
-
-check-km: $(TEST_APP)
+	@echo "---------------------------- ATTENTION -----------------------------------"
+	@echo "--- Some of the tests use resources located on external HTTP servers.  ---"
+	@echo "--- If you have no Internet connection or the external resource is not ---"
+	@echo "--- responding then the test will fail.                                ---"
+	@echo "---------------------------- ATTENTION -----------------------------------"
+
+check-keys: $(TEST_APP)
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testKeys.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testKeys.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
 check-dsig: $(TEST_APP) 	
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testDSig.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testDSig.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
-check-xkms: $(TEST_APP) 	
+check-enc: $(TEST_APP) 
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testXKMS.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testEnc.sh  \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
-check-enc: $(TEST_APP) 
+check-xkms: $(TEST_APP) 	
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testEnc.sh  default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testXKMS.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
 memcheck-res:
-	@grep -i lost /tmp/*.log | sed 's/==.*== *//' | sort -u
-	@grep -i leak /tmp/*.log | sed 's/==.*== *//' | sort -u
-	@grep -i 'in use' /tmp/*.log | sed 's/==.*== *//' | sort -u
+	@grep -i 'ERROR SUMMARY' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+	@grep -i 'in use at exit' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+	@grep -i 'total heap usage' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
 
 memcheck: $(TEST_APP)
 	@(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res)
@@ -134,9 +176,11 @@ dist-hook:
 cleantar:
 	@($(RM) -f xmlsec*.tar.gz COPYING.LIB)
 
-rpm: cleantar
-	@(unset CDPATH && $(MAKE) dist && rpmbuild -ta $(distdir).tar.gz)
+tar-release: clean cleantar
+	@(unset CDPATH && $(MAKE) dist)
 
-rpm-release: clean cleantar rpm 
-	
+rpm: cleantar tar-release
+	@(unset CDPATH && rpmbuild -ta $(distdir).tar.gz)
 
+rpm-release: clean cleantar rpm
+	
diff --git a/Makefile.in b/Makefile.in
index 45e5a169..25e60871 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,23 +38,27 @@ host_triplet = @host@
 subdir = .
 DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
 	$(srcdir)/Makefile.in $(srcdir)/config.h.in \
-	$(srcdir)/xmlsec-config.in $(srcdir)/xmlsec-gnutls.pc.in \
-	$(srcdir)/xmlsec-nss.pc.in $(srcdir)/xmlsec-openssl.pc.in \
-	$(srcdir)/xmlsec.pc.in $(srcdir)/xmlsec.spec.in \
-	$(srcdir)/xmlsecConf.sh.in $(top_srcdir)/configure AUTHORS \
-	COPYING ChangeLog INSTALL NEWS TODO config.guess config.sub \
-	depcomp install-sh ltmain.sh missing mkinstalldirs
+	$(srcdir)/xmlsec-config.in $(srcdir)/xmlsec-gcrypt.pc.in \
+	$(srcdir)/xmlsec-gnutls.pc.in $(srcdir)/xmlsec-nss.pc.in \
+	$(srcdir)/xmlsec-openssl.pc.in $(srcdir)/xmlsec.pc.in \
+	$(srcdir)/xmlsec.spec.in $(srcdir)/xmlsecConf.sh.in \
+	$(top_srcdir)/configure AUTHORS COPYING ChangeLog INSTALL NEWS \
+	TODO config.guess config.sub depcomp install-sh ltmain.sh \
+	missing
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
  configure.lineno config.status.lineno
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = config.h
 CONFIG_CLEAN_FILES = xmlsec1.pc xmlsec1Conf.sh xmlsec1-config \
-	xmlsec1-openssl.pc xmlsec1-gnutls.pc xmlsec1-nss.pc \
-	xmlsec1.spec
+	xmlsec1-openssl.pc xmlsec1-gnutls.pc xmlsec1-gcrypt.pc \
+	xmlsec1-nss.pc xmlsec1.spec
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
 am__vpath_adj = case $$p in \
@@ -77,9 +81,21 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(confexecdir)" \
 	"$(DESTDIR)$(m4datadir)" "$(DESTDIR)$(pkgconfigdir)"
 SCRIPTS = $(bin_SCRIPTS)
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@@ -102,9 +118,11 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 distdir = $(PACKAGE)-$(VERSION)
 top_distdir = $(distdir)
 am__remove_distdir = \
-  { test ! -d "$(distdir)" \
-    || { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
-         && rm -fr "$(distdir)"; }; }
+  if test -d "$(distdir)"; then \
+    find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
+      && rm -rf "$(distdir)" \
+      || { sleep 5 && rm -rf "$(distdir)"; }; \
+  else :; fi
 am__relativize = \
   dir0=`pwd`; \
   sed_first='s,^\([^/]*\)/.*$$,\1,'; \
@@ -133,9 +151,12 @@ am__relativize = \
 DIST_ARCHIVES = $(distdir).tar.gz
 GZIP_ENV = --best
 distuninstallcheck_listfiles = find . -type f -print
+am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \
+  | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$'
 distcleancheck_listfiles = find . -type f -print
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -150,6 +171,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -158,6 +180,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -188,6 +214,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -219,8 +246,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -228,7 +257,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -247,6 +275,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -256,6 +286,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -291,6 +322,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -323,7 +355,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -354,7 +385,11 @@ m4data_DATA = xmlsec1.m4
 ACLOCAL_AMFLAGS = -I m4
 DISTCLEANFILES = \
 	xmlsec1Conf.sh \
-	xmlsec1.pc xmlsec1-openssl.pc xmlsec1-gnutls.pc xmlsec1-nss.pc \
+	xmlsec1.pc \
+	xmlsec1-openssl.pc \
+	xmlsec1-nss.pc \
+	xmlsec1-gnutls.pc \
+	xmlsec1-gcrypt.pc \
 	xmlsec1-config \
 	xmlsec1.spec \
 	stamp-h2 \
@@ -373,7 +408,10 @@ EXTRA_DIST = \
 	ChangeLog \
 	Copyright \
 	HACKING \
-	xmlsec-openssl.pc.in xmlsec-gnutls.pc.in xmlsec-nss.pc.in\
+	xmlsec-openssl.pc.in \
+	xmlsec-nss.pc.in\
+	xmlsec-gnutls.pc.in \
+	xmlsec-gcrypt.pc.in \
 	xmlsec-config.in \
 	xmlsecConf.sh.in \
 	xmlsec.spec.in \
@@ -401,19 +439,15 @@ ABS_BUILDDIR = @abs_builddir@
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	cd $(ABS_SRCDIR) \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(NULL)
 
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CHECK_CRYPTO_LIST = \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(XMLSEC_CRYPTO_LIST) \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(NULL)
-
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CHECK_CRYPTO_LIST = \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	"default" \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(NULL)
+CHECK_CRYPTO_LIST = \
+	$(XMLSEC_CRYPTO_LIST) \
+	$(NULL)
 
 all: config.h
 	$(MAKE) $(AM_MAKEFLAGS) all-recursive
 
 .SUFFIXES:
-am--refresh:
+am--refresh: Makefile
 	@:
 $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
 	@for dep in $?; do \
@@ -449,10 +483,8 @@ $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
 $(am__aclocal_m4_deps):
 
 config.h: stamp-h1
-	@if test ! -f $@; then \
-	  rm -f stamp-h1; \
-	  $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \
-	else :; fi
+	@if test ! -f $@; then rm -f stamp-h1; else :; fi
+	@if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) stamp-h1; else :; fi
 
 stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status
 	@rm -f stamp-h1
@@ -474,6 +506,8 @@ xmlsec1-openssl.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-openssl.pc.in
 	cd $(top_builddir) && $(SHELL) ./config.status $@
 xmlsec1-gnutls.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gnutls.pc.in
 	cd $(top_builddir) && $(SHELL) ./config.status $@
+xmlsec1-gcrypt.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-gcrypt.pc.in
+	cd $(top_builddir) && $(SHELL) ./config.status $@
 xmlsec1-nss.pc: $(top_builddir)/config.status $(srcdir)/xmlsec-nss.pc.in
 	cd $(top_builddir) && $(SHELL) ./config.status $@
 xmlsec1.spec: $(top_builddir)/config.status $(srcdir)/xmlsec.spec.in
@@ -509,9 +543,7 @@ uninstall-binSCRIPTS:
 	@list='$(bin_SCRIPTS)'; test -n "$(bindir)" || exit 0; \
 	files=`for p in $$list; do echo "$$p"; done | \
 	       sed -e 's,.*/,,;$(transform)'`; \
-	test -n "$$list" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(bindir)" && rm -f $$files
+	dir='$(DESTDIR)$(bindir)'; $(am__uninstall_files_from_dir)
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -538,9 +570,7 @@ uninstall-confexecDATA:
 	@$(NORMAL_UNINSTALL)
 	@list='$(confexec_DATA)'; test -n "$(confexecdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(confexecdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(confexecdir)" && rm -f $$files
+	dir='$(DESTDIR)$(confexecdir)'; $(am__uninstall_files_from_dir)
 install-m4dataDATA: $(m4data_DATA)
 	@$(NORMAL_INSTALL)
 	test -z "$(m4datadir)" || $(MKDIR_P) "$(DESTDIR)$(m4datadir)"
@@ -558,9 +588,7 @@ uninstall-m4dataDATA:
 	@$(NORMAL_UNINSTALL)
 	@list='$(m4data_DATA)'; test -n "$(m4datadir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(m4datadir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(m4datadir)" && rm -f $$files
+	dir='$(DESTDIR)$(m4datadir)'; $(am__uninstall_files_from_dir)
 install-pkgconfigDATA: $(pkgconfig_DATA)
 	@$(NORMAL_INSTALL)
 	test -z "$(pkgconfigdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)"
@@ -578,9 +606,7 @@ uninstall-pkgconfigDATA:
 	@$(NORMAL_UNINSTALL)
 	@list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(pkgconfigdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(pkgconfigdir)" && rm -f $$files
+	dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir)
 
 # This directory's subdirectories are mostly independent; you can cd
 # into them and run `make' without going through this Makefile.
@@ -589,7 +615,7 @@ uninstall-pkgconfigDATA:
 #     (which will cause the Makefiles to be regenerated when you run `make');
 # (2) otherwise, pass the desired values on the `make' command line.
 $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -614,7 +640,7 @@ $(RECURSIVE_TARGETS):
 	fi; test -z "$$fail"
 
 $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -781,7 +807,8 @@ distdir: $(DISTFILES)
 	  top_distdir="$(top_distdir)" distdir="$(distdir)" \
 	  dist-hook
 	-test -n "$(am__skip_mode_fix)" \
-	|| find "$(distdir)" -type d ! -perm -777 -exec chmod a+rwx {} \; -o \
+	|| find "$(distdir)" -type d ! -perm -755 \
+		-exec chmod u+rwx,go+rx {} \; -o \
 	  ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \
 	  ! -type d ! -perm -400 -exec chmod a+r {} \; -o \
 	  ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \
@@ -791,7 +818,11 @@ dist-gzip: distdir
 	$(am__remove_distdir)
 
 dist-bzip2: distdir
-	tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2
+	tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
+	$(am__remove_distdir)
+
+dist-lzip: distdir
+	tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
 	$(am__remove_distdir)
 
 dist-lzma: distdir
@@ -799,7 +830,7 @@ dist-lzma: distdir
 	$(am__remove_distdir)
 
 dist-xz: distdir
-	tardir=$(distdir) && $(am__tar) | xz -c >$(distdir).tar.xz
+	tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz
 	$(am__remove_distdir)
 
 dist-tarZ: distdir
@@ -825,17 +856,19 @@ dist dist-all: distdir
 distcheck: dist
 	case '$(DIST_ARCHIVES)' in \
 	*.tar.gz*) \
-	  GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\
+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\
 	*.tar.bz2*) \
-	  bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\
+	  bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
 	*.tar.lzma*) \
-	  unlzma -c $(distdir).tar.lzma | $(am__untar) ;;\
+	  lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
+	*.tar.lz*) \
+	  lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
 	*.tar.xz*) \
 	  xz -dc $(distdir).tar.xz | $(am__untar) ;;\
 	*.tar.Z*) \
 	  uncompress -c $(distdir).tar.Z | $(am__untar) ;;\
 	*.shar.gz*) \
-	  GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\
+	  GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\
 	*.zip*) \
 	  unzip $(distdir).zip ;;\
 	esac
@@ -849,6 +882,7 @@ distcheck: dist
 	  && am__cwd=`pwd` \
 	  && $(am__cd) $(distdir)/_build \
 	  && ../configure --srcdir=.. --prefix="$$dc_install_base" \
+	    $(AM_DISTCHECK_CONFIGURE_FLAGS) \
 	    $(DISTCHECK_CONFIGURE_FLAGS) \
 	  && $(MAKE) $(AM_MAKEFLAGS) \
 	  && $(MAKE) $(AM_MAKEFLAGS) dvi \
@@ -877,8 +911,16 @@ distcheck: dist
 	  list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \
 	  sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x'
 distuninstallcheck:
-	@$(am__cd) '$(distuninstallcheck_dir)' \
-	&& test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \
+	@test -n '$(distuninstallcheck_dir)' || { \
+	  echo 'ERROR: trying to run $@ with an empty' \
+	       '$$(distuninstallcheck_dir)' >&2; \
+	  exit 1; \
+	}; \
+	$(am__cd) '$(distuninstallcheck_dir)' || { \
+	  echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \
+	  exit 1; \
+	}; \
+	test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \
 	   || { echo "ERROR: files left after uninstall:" ; \
 	        if test -n "$(DESTDIR)"; then \
 	          echo "  (check DESTDIR support)"; \
@@ -912,10 +954,15 @@ install-am: all-am
 
 installcheck: installcheck-recursive
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
@@ -1005,22 +1052,22 @@ uninstall-am: uninstall-binSCRIPTS uninstall-confexecDATA \
 .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
 	all all-am am--refresh check check-am clean clean-generic \
 	clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \
-	dist-gzip dist-hook dist-lzma dist-shar dist-tarZ dist-xz \
-	dist-zip distcheck distclean distclean-generic distclean-hdr \
-	distclean-libtool distclean-tags distcleancheck distdir \
-	distuninstallcheck dvi dvi-am html html-am info info-am \
-	install install-am install-binSCRIPTS install-confexecDATA \
-	install-data install-data-am install-dvi install-dvi-am \
-	install-exec install-exec-am install-html install-html-am \
-	install-info install-info-am install-m4dataDATA install-man \
-	install-pdf install-pdf-am install-pkgconfigDATA install-ps \
-	install-ps-am install-strip installcheck installcheck-am \
-	installdirs installdirs-am maintainer-clean \
-	maintainer-clean-generic mostlyclean mostlyclean-generic \
-	mostlyclean-libtool pdf pdf-am ps ps-am tags tags-recursive \
-	uninstall uninstall-am uninstall-binSCRIPTS \
-	uninstall-confexecDATA uninstall-m4dataDATA \
-	uninstall-pkgconfigDATA
+	dist-gzip dist-hook dist-lzip dist-lzma dist-shar dist-tarZ \
+	dist-xz dist-zip distcheck distclean distclean-generic \
+	distclean-hdr distclean-libtool distclean-tags distcleancheck \
+	distdir distuninstallcheck dvi dvi-am html html-am info \
+	info-am install install-am install-binSCRIPTS \
+	install-confexecDATA install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-m4dataDATA install-man install-pdf install-pdf-am \
+	install-pkgconfigDATA install-ps install-ps-am install-strip \
+	installcheck installcheck-am installdirs installdirs-am \
+	maintainer-clean maintainer-clean-generic mostlyclean \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags tags-recursive uninstall uninstall-am \
+	uninstall-binSCRIPTS uninstall-confexecDATA \
+	uninstall-m4dataDATA uninstall-pkgconfigDATA
 
 
 docs: docs-man
@@ -1032,47 +1079,85 @@ docs-clean:
 docs-man: 
 	@(cd man && $(MAKE) docs)
 
-check: check-all check-info 
+check: check-all check-info
 
 check-all: $(TEST_APP) 
 	@($(PRECHECK_COMMANDS) && \
-	for i in $(CHECK_CRYPTO_LIST) ; do \
-	    echo "=================== Checking xmlsec-$$i =================================" && \
-	    $(SHELL) ./tests/testKeys.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
-	    $(SHELL) ./tests/testDSig.sh $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der && \
-	    $(SHELL) ./tests/testEnc.sh  $$i $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der ; \
+	for crypto in $(CHECK_CRYPTO_LIST) ; do \
+	    echo "=================== Checking xmlsec-$$crypto =================================" && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testKeys.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) der \
+	    && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testDSig.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) \
+	        der \
+	    && \
+	    $(SHELL) ./tests/testrun.sh \
+	        $(ABS_SRCDIR)/tests/testEnc.sh \
+	        $$crypto \
+	        $(ABS_SRCDIR)/tests \
+	        $(ABS_BUILDDIR)/$(TEST_APP) \
+	        der \
+	    ; \
 	done; )
 
 check-info:
-	@echo "-------------------------- ATTENTION -----------------------------------"
-	@echo "--- 1) Some of the following tests use resources located on external ---"
-	@echo "--- HTTP servers. If you have no Internet connection or the external ---"
-	@echo "--- resource is not responding then the test will fail.              ---"
-	@echo "--- 2) The test fails if corresponding feature(s) is disabled.       ---"
-	@echo "--- Please, don't be surprised that many XML Encryption tests fails  ---"
-	@echo "--- when you use OpenSSL 0.9.6 (see the FAQ for details)             ---"
-	@echo "-------------------------- ATTENTION -----------------------------------"
-
-check-km: $(TEST_APP)
+	@echo "---------------------------- ATTENTION -----------------------------------"
+	@echo "--- Some of the tests use resources located on external HTTP servers.  ---"
+	@echo "--- If you have no Internet connection or the external resource is not ---"
+	@echo "--- responding then the test will fail.                                ---"
+	@echo "---------------------------- ATTENTION -----------------------------------"
+
+check-keys: $(TEST_APP)
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testKeys.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testKeys.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
 check-dsig: $(TEST_APP) 	
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testDSig.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testDSig.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
-check-xkms: $(TEST_APP) 	
+check-enc: $(TEST_APP) 
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testXKMS.sh default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testEnc.sh  \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
-check-enc: $(TEST_APP) 
+check-xkms: $(TEST_APP) 	
 	@($(PRECHECK_COMMANDS) && \
-	$(SHELL) ./tests/testEnc.sh  default $(ABS_SRCDIR)/tests $(ABS_BUILDDIR)/$(TEST_APP) der)
+	$(SHELL) ./tests/testrun.sh \
+	    $(ABS_SRCDIR)/tests/testXKMS.sh \
+	    $(DEFAULT_CRYPTO) \
+	    $(ABS_SRCDIR)/tests \
+	    $(ABS_BUILDDIR)/$(TEST_APP) \
+	    der \
+	)
 
 memcheck-res:
-	@grep -i lost /tmp/*.log | sed 's/==.*== *//' | sort -u
-	@grep -i leak /tmp/*.log | sed 's/==.*== *//' | sort -u
-	@grep -i 'in use' /tmp/*.log | sed 's/==.*== *//' | sort -u
+	@grep -i 'ERROR SUMMARY' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+	@grep -i 'in use at exit' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
+	@grep -i 'total heap usage' /tmp/*.log | sed 's/.*==.*== *//' | sort -u
 
 memcheck: $(TEST_APP)
 	@(export DEBUG_MEMORY=1 && $(MAKE) check && $(MAKE) memcheck-res)
@@ -1085,10 +1170,13 @@ dist-hook:
 cleantar:
 	@($(RM) -f xmlsec*.tar.gz COPYING.LIB)
 
-rpm: cleantar
-	@(unset CDPATH && $(MAKE) dist && rpmbuild -ta $(distdir).tar.gz)
+tar-release: clean cleantar
+	@(unset CDPATH && $(MAKE) dist)
+
+rpm: cleantar tar-release
+	@(unset CDPATH && rpmbuild -ta $(distdir).tar.gz)
 
-rpm-release: clean cleantar rpm 
+rpm-release: clean cleantar rpm
 
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
diff --git a/TODO b/TODO
index 280c9836..7adb9694 100644
--- a/TODO
+++ b/TODO
@@ -1,6 +1,156 @@
-- Unify password callback (one of parameters: filename)
-- get key usage from certs
-- extend keys manager to return more info when key is found or not found
-(what cheks were performed, etc.)
+*************************************************
+                   General
+*************************************************
 
-    
\ No newline at end of file
+* Unify password callback (one of parameters: filename)
+* Get key usage from certs
+* Extend keys manager to return more info when key is found or not found 
+  (what cheks were performed, etc.)
+
+
+*************************************************
+                  Tests status
+*************************************************
+
+-------------------------------------------------
+* xmlsec-openssl (April 26, 2010 using OpenSSL 0.9.8g)
+-------------------------------------------------
+
+** Skipped tests due to missing transforms: GOST
+
+aleksey-xmldsig-01/enveloped-gost
+
+
+-------------------------------------------------
+* xmlsec-nss (April 26, 2010 using NSS 3.12.6)
+-------------------------------------------------
+
+** Skipped tests due to missing transforms: RIPEMD160, SHA224, RSA/OAEP, GOST
+
+aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160
+aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64
+aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160
+aleksey-xmldsig-01/enveloping-sha224-rsa-sha224
+aleksey-xmldsig-01/enveloped-gost
+merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes
+merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p
+01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1
+
+** Failed tests due to no support for CRLs in XML document
+
+merlin-xmldsig-twenty-three/signature-x509-crt-crl
+
+
+-------------------------------------------------
+* xmlsec-mscrypto (May 09, 2010 using Windows XP SP3)
+-------------------------------------------------
+
+** Skipped tests due to missing transforms: RIPEMD160, SHA224
+
+aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160
+aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64
+aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160
+aleksey-xmldsig-01/enveloping-sha224-rsa-sha224
+merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes
+
+** Failed tests due to no GOST crypto providers on test machine
+
+aleksey-xmldsig-01/enveloped-gost
+
+-------------------------------------------------
+* xmlsec-gnutls (May 24, 2010 using GnuTLS)
+-------------------------------------------------
+
+** Skipped tests due to missing transforms: RSA PKCS/OAEP, GOST
+
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64
+aleksey-xmldsig-01/enveloping-sha224-rsa-sha224
+merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5
+merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p
+aleksey-xmldsig-01/enveloped-gost
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl
+
+01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5
+01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5
+01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5
+01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5
+01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1
+
+-------------------------------------------------
+* xmlsec-gcrypt (May 09, 2010 using GCrypt)
+-------------------------------------------------
+
+** Skipped tests due to missing transforms: DSA, RSA PKCS/OAEP, X509, GOST
+
+aleksey-xmldsig-01/enveloping-dsa-x509chain
+aleksey-xmldsig-01/enveloping-rsa-x509chain
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224
+aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64
+aleksey-xmldsig-01/enveloping-md5-rsa-md5
+aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160
+aleksey-xmldsig-01/enveloping-sha1-rsa-sha1
+aleksey-xmldsig-01/enveloping-sha224-rsa-sha224
+aleksey-xmldsig-01/enveloping-sha256-rsa-sha256
+aleksey-xmldsig-01/enveloping-sha384-rsa-sha384
+aleksey-xmldsig-01/enveloping-sha512-rsa-sha512
+aleksey-xmldsig-01/enveloping-expired-cert
+aleksey-xmldsig-01/x509data-test
+aleksey-xmldsig-01/x509data-sn-test
+
+merlin-xmldsig-twenty-three/signature-keyname
+merlin-xmldsig-twenty-three/signature-x509-crt
+merlin-xmldsig-twenty-three/signature-x509-sn
+merlin-xmldsig-twenty-three/signature-x509-is
+merlin-xmldsig-twenty-three/signature-x509-ski
+merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt
+merlin-xmldsig-twenty-three/signature
+merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5
+merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p
+phaos-xmldsig-three/signature-big
+phaos-xmldsig-three/signature-dsa-detached
+phaos-xmldsig-three/signature-dsa-enveloped
+phaos-xmldsig-three/signature-dsa-enveloping
+phaos-xmldsig-three/signature-dsa-manifest
+phaos-xmldsig-three/signature-rsa-detached-b64-transform
+phaos-xmldsig-three/signature-rsa-detached
+phaos-xmldsig-three/signature-rsa-detached-xpath-transform
+phaos-xmldsig-three/signature-rsa-detached-xslt-transform-retrieval-method
+phaos-xmldsig-three/signature-rsa-detached-xslt-transform
+phaos-xmldsig-three/signature-rsa-enveloped
+phaos-xmldsig-three/signature-rsa-enveloping
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert-chain
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-cert
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-issuer-serial
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-ski
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-subject-name
+phaos-xmldsig-three/signature-rsa-manifest
+phaos-xmldsig-three/signature-rsa-xpath-transform-enveloped
+aleksey-xmldsig-01/enveloped-gost
+merlin-xmldsig-twenty-three/signature-x509-crt-crl
+aleksey-xmldsig-01/enveloping-expired-cert
+phaos-xmldsig-three/signature-rsa-detached-xslt-transform-bad-retrieval-method
+phaos-xmldsig-three/signature-rsa-enveloped-bad-digest-val
+phaos-xmldsig-three/signature-rsa-enveloped-bad-sig
+phaos-xmldsig-three/signature-rsa-manifest-x509-data-crl
+
+merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5
+merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p
+01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5
+01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5
+01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1
+01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5
+01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5
+01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1
diff --git a/aclocal.m4 b/aclocal.m4
index c2f7f2b5..9b6665ee 100644
--- a/aclocal.m4
+++ b/aclocal.m4
@@ -1,7 +1,8 @@
-# generated automatically by aclocal 1.11 -*- Autoconf -*-
+# generated automatically by aclocal 1.11.3 -*- Autoconf -*-
 
 # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
-# 2005, 2006, 2007, 2008, 2009  Free Software Foundation, Inc.
+# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,
+# Inc.
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -13,7978 +14,14 @@
 
 m4_ifndef([AC_AUTOCONF_VERSION],
   [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
-m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.64],,
-[m4_warning([this file was generated for autoconf 2.64.
+m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],,
+[m4_warning([this file was generated for autoconf 2.69.
 You have another version of autoconf.  It may work, but is not guaranteed to.
 If you have problems, you may need to regenerate the build system entirely.
 To do so, use the procedure documented by the package, typically `autoreconf'.])])
 
-# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
-#
-#   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-#                 2006, 2007, 2008 Free Software Foundation, Inc.
-#   Written by Gordon Matzigkeit, 1996
-#
-# This file is free software; the Free Software Foundation gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-
-m4_define([_LT_COPYING], [dnl
-#   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-#                 2006, 2007, 2008 Free Software Foundation, Inc.
-#   Written by Gordon Matzigkeit, 1996
-#
-#   This file is part of GNU Libtool.
-#
-# GNU Libtool is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 2 of
-# the License, or (at your option) any later version.
-#
-# As a special exception to the GNU General Public License,
-# if you distribute this file as part of a program or library that
-# is built using GNU Libtool, you may include this file under the
-# same distribution terms that you use for the rest of that program.
-#
-# GNU Libtool is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GNU Libtool; see the file COPYING.  If not, a copy
-# can be downloaded from http://www.gnu.org/licenses/gpl.html, or
-# obtained by writing to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-])
-
-# serial 56 LT_INIT
-
-
-# LT_PREREQ(VERSION)
-# ------------------
-# Complain and exit if this libtool version is less that VERSION.
-m4_defun([LT_PREREQ],
-[m4_if(m4_version_compare(m4_defn([LT_PACKAGE_VERSION]), [$1]), -1,
-       [m4_default([$3],
-		   [m4_fatal([Libtool version $1 or higher is required],
-		             63)])],
-       [$2])])
-
-
-# _LT_CHECK_BUILDDIR
-# ------------------
-# Complain if the absolute build directory name contains unusual characters
-m4_defun([_LT_CHECK_BUILDDIR],
-[case `pwd` in
-  *\ * | *\	*)
-    AC_MSG_WARN([Libtool does not cope well with whitespace in `pwd`]) ;;
-esac
-])
-
-
-# LT_INIT([OPTIONS])
-# ------------------
-AC_DEFUN([LT_INIT],
-[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT
-AC_BEFORE([$0], [LT_LANG])dnl
-AC_BEFORE([$0], [LT_OUTPUT])dnl
-AC_BEFORE([$0], [LTDL_INIT])dnl
-m4_require([_LT_CHECK_BUILDDIR])dnl
-
-dnl Autoconf doesn't catch unexpanded LT_ macros by default:
-m4_pattern_forbid([^_?LT_[A-Z_]+$])dnl
-m4_pattern_allow([^(_LT_EOF|LT_DLGLOBAL|LT_DLLAZY_OR_NOW|LT_MULTI_MODULE)$])dnl
-dnl aclocal doesn't pull ltoptions.m4, ltsugar.m4, or ltversion.m4
-dnl unless we require an AC_DEFUNed macro:
-AC_REQUIRE([LTOPTIONS_VERSION])dnl
-AC_REQUIRE([LTSUGAR_VERSION])dnl
-AC_REQUIRE([LTVERSION_VERSION])dnl
-AC_REQUIRE([LTOBSOLETE_VERSION])dnl
-m4_require([_LT_PROG_LTMAIN])dnl
-
-dnl Parse OPTIONS
-_LT_SET_OPTIONS([$0], [$1])
-
-# This can be used to rebuild libtool when needed
-LIBTOOL_DEPS="$ltmain"
-
-# Always use our own libtool.
-LIBTOOL='$(SHELL) $(top_builddir)/libtool'
-AC_SUBST(LIBTOOL)dnl
-
-_LT_SETUP
-
-# Only expand once:
-m4_define([LT_INIT])
-])# LT_INIT
-
-# Old names:
-AU_ALIAS([AC_PROG_LIBTOOL], [LT_INIT])
-AU_ALIAS([AM_PROG_LIBTOOL], [LT_INIT])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_PROG_LIBTOOL], [])
-dnl AC_DEFUN([AM_PROG_LIBTOOL], [])
-
-
-# _LT_CC_BASENAME(CC)
-# -------------------
-# Calculate cc_basename.  Skip known compiler wrappers and cross-prefix.
-m4_defun([_LT_CC_BASENAME],
-[for cc_temp in $1""; do
-  case $cc_temp in
-    compile | *[[\\/]]compile | ccache | *[[\\/]]ccache ) ;;
-    distcc | *[[\\/]]distcc | purify | *[[\\/]]purify ) ;;
-    \-*) ;;
-    *) break;;
-  esac
-done
-cc_basename=`$ECHO "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
-])
-
-
-# _LT_FILEUTILS_DEFAULTS
-# ----------------------
-# It is okay to use these file commands and assume they have been set
-# sensibly after `m4_require([_LT_FILEUTILS_DEFAULTS])'.
-m4_defun([_LT_FILEUTILS_DEFAULTS],
-[: ${CP="cp -f"}
-: ${MV="mv -f"}
-: ${RM="rm -f"}
-])# _LT_FILEUTILS_DEFAULTS
-
-
-# _LT_SETUP
-# ---------
-m4_defun([_LT_SETUP],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-AC_REQUIRE([AC_CANONICAL_BUILD])dnl
-_LT_DECL([], [host_alias], [0], [The host system])dnl
-_LT_DECL([], [host], [0])dnl
-_LT_DECL([], [host_os], [0])dnl
-dnl
-_LT_DECL([], [build_alias], [0], [The build system])dnl
-_LT_DECL([], [build], [0])dnl
-_LT_DECL([], [build_os], [0])dnl
-dnl
-AC_REQUIRE([AC_PROG_CC])dnl
-AC_REQUIRE([LT_PATH_LD])dnl
-AC_REQUIRE([LT_PATH_NM])dnl
-dnl
-AC_REQUIRE([AC_PROG_LN_S])dnl
-test -z "$LN_S" && LN_S="ln -s"
-_LT_DECL([], [LN_S], [1], [Whether we need soft or hard links])dnl
-dnl
-AC_REQUIRE([LT_CMD_MAX_LEN])dnl
-_LT_DECL([objext], [ac_objext], [0], [Object file suffix (normally "o")])dnl
-_LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl
-dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_CHECK_SHELL_FEATURES])dnl
-m4_require([_LT_CMD_RELOAD])dnl
-m4_require([_LT_CHECK_MAGIC_METHOD])dnl
-m4_require([_LT_CMD_OLD_ARCHIVE])dnl
-m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
-
-_LT_CONFIG_LIBTOOL_INIT([
-# See if we are running on zsh, and set the options which allow our
-# commands through without removal of \ escapes INIT.
-if test -n "\${ZSH_VERSION+set}" ; then
-   setopt NO_GLOB_SUBST
-fi
-])
-if test -n "${ZSH_VERSION+set}" ; then
-   setopt NO_GLOB_SUBST
-fi
-
-_LT_CHECK_OBJDIR
-
-m4_require([_LT_TAG_COMPILER])dnl
-_LT_PROG_ECHO_BACKSLASH
-
-case $host_os in
-aix3*)
-  # AIX sometimes has problems with the GCC collect2 program.  For some
-  # reason, if we set the COLLECT_NAMES environment variable, the problems
-  # vanish in a puff of smoke.
-  if test "X${COLLECT_NAMES+set}" != Xset; then
-    COLLECT_NAMES=
-    export COLLECT_NAMES
-  fi
-  ;;
-esac
-
-# Sed substitution that helps us do robust quoting.  It backslashifies
-# metacharacters that are still active within double-quoted strings.
-sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
-
-# Same as above, but do not quote variable references.
-double_quote_subst='s/\([["`\\]]\)/\\\1/g'
-
-# Sed substitution to delay expansion of an escaped shell variable in a
-# double_quote_subst'ed string.
-delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
-
-# Sed substitution to delay expansion of an escaped single quote.
-delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
-
-# Sed substitution to avoid accidental globbing in evaled expressions
-no_glob_subst='s/\*/\\\*/g'
-
-# Global variables:
-ofile=libtool
-can_build_shared=yes
-
-# All known linkers require a `.a' archive for static linking (except MSVC,
-# which needs '.lib').
-libext=a
-
-with_gnu_ld="$lt_cv_prog_gnu_ld"
-
-old_CC="$CC"
-old_CFLAGS="$CFLAGS"
-
-# Set sane defaults for various variables
-test -z "$CC" && CC=cc
-test -z "$LTCC" && LTCC=$CC
-test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS
-test -z "$LD" && LD=ld
-test -z "$ac_objext" && ac_objext=o
-
-_LT_CC_BASENAME([$compiler])
-
-# Only perform the check for file, if the check method requires it
-test -z "$MAGIC_CMD" && MAGIC_CMD=file
-case $deplibs_check_method in
-file_magic*)
-  if test "$file_magic_cmd" = '$MAGIC_CMD'; then
-    _LT_PATH_MAGIC
-  fi
-  ;;
-esac
-
-# Use C for the default configuration in the libtool script
-LT_SUPPORTED_TAG([CC])
-_LT_LANG_C_CONFIG
-_LT_LANG_DEFAULT_CONFIG
-_LT_CONFIG_COMMANDS
-])# _LT_SETUP
-
-
-# _LT_PROG_LTMAIN
-# ---------------
-# Note that this code is called both from `configure', and `config.status'
-# now that we use AC_CONFIG_COMMANDS to generate libtool.  Notably,
-# `config.status' has no value for ac_aux_dir unless we are using Automake,
-# so we pass a copy along to make sure it has a sensible value anyway.
-m4_defun([_LT_PROG_LTMAIN],
-[m4_ifdef([AC_REQUIRE_AUX_FILE], [AC_REQUIRE_AUX_FILE([ltmain.sh])])dnl
-_LT_CONFIG_LIBTOOL_INIT([ac_aux_dir='$ac_aux_dir'])
-ltmain="$ac_aux_dir/ltmain.sh"
-])# _LT_PROG_LTMAIN
-
-
-
-# So that we can recreate a full libtool script including additional
-# tags, we accumulate the chunks of code to send to AC_CONFIG_COMMANDS
-# in macros and then make a single call at the end using the `libtool'
-# label.
-
-
-# _LT_CONFIG_LIBTOOL_INIT([INIT-COMMANDS])
-# ----------------------------------------
-# Register INIT-COMMANDS to be passed to AC_CONFIG_COMMANDS later.
-m4_define([_LT_CONFIG_LIBTOOL_INIT],
-[m4_ifval([$1],
-          [m4_append([_LT_OUTPUT_LIBTOOL_INIT],
-                     [$1
-])])])
-
-# Initialize.
-m4_define([_LT_OUTPUT_LIBTOOL_INIT])
-
-
-# _LT_CONFIG_LIBTOOL([COMMANDS])
-# ------------------------------
-# Register COMMANDS to be passed to AC_CONFIG_COMMANDS later.
-m4_define([_LT_CONFIG_LIBTOOL],
-[m4_ifval([$1],
-          [m4_append([_LT_OUTPUT_LIBTOOL_COMMANDS],
-                     [$1
-])])])
-
-# Initialize.
-m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS])
-
-
-# _LT_CONFIG_SAVE_COMMANDS([COMMANDS], [INIT_COMMANDS])
-# -----------------------------------------------------
-m4_defun([_LT_CONFIG_SAVE_COMMANDS],
-[_LT_CONFIG_LIBTOOL([$1])
-_LT_CONFIG_LIBTOOL_INIT([$2])
-])
-
-
-# _LT_FORMAT_COMMENT([COMMENT])
-# -----------------------------
-# Add leading comment marks to the start of each line, and a trailing
-# full-stop to the whole comment if one is not present already.
-m4_define([_LT_FORMAT_COMMENT],
-[m4_ifval([$1], [
-m4_bpatsubst([m4_bpatsubst([$1], [^ *], [# ])],
-              [['`$\]], [\\\&])]m4_bmatch([$1], [[!?.]$], [], [.])
-)])
-
-
-
-
-
-# _LT_DECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION], [IS-TAGGED?])
-# -------------------------------------------------------------------
-# CONFIGNAME is the name given to the value in the libtool script.
-# VARNAME is the (base) name used in the configure script.
-# VALUE may be 0, 1 or 2 for a computed quote escaped value based on
-# VARNAME.  Any other value will be used directly.
-m4_define([_LT_DECL],
-[lt_if_append_uniq([lt_decl_varnames], [$2], [, ],
-    [lt_dict_add_subkey([lt_decl_dict], [$2], [libtool_name],
-	[m4_ifval([$1], [$1], [$2])])
-    lt_dict_add_subkey([lt_decl_dict], [$2], [value], [$3])
-    m4_ifval([$4],
-	[lt_dict_add_subkey([lt_decl_dict], [$2], [description], [$4])])
-    lt_dict_add_subkey([lt_decl_dict], [$2],
-	[tagged?], [m4_ifval([$5], [yes], [no])])])
-])
-
-
-# _LT_TAGDECL([CONFIGNAME], VARNAME, VALUE, [DESCRIPTION])
-# --------------------------------------------------------
-m4_define([_LT_TAGDECL], [_LT_DECL([$1], [$2], [$3], [$4], [yes])])
-
-
-# lt_decl_tag_varnames([SEPARATOR], [VARNAME1...])
-# ------------------------------------------------
-m4_define([lt_decl_tag_varnames],
-[_lt_decl_filter([tagged?], [yes], $@)])
-
-
-# _lt_decl_filter(SUBKEY, VALUE, [SEPARATOR], [VARNAME1..])
-# ---------------------------------------------------------
-m4_define([_lt_decl_filter],
-[m4_case([$#],
-  [0], [m4_fatal([$0: too few arguments: $#])],
-  [1], [m4_fatal([$0: too few arguments: $#: $1])],
-  [2], [lt_dict_filter([lt_decl_dict], [$1], [$2], [], lt_decl_varnames)],
-  [3], [lt_dict_filter([lt_decl_dict], [$1], [$2], [$3], lt_decl_varnames)],
-  [lt_dict_filter([lt_decl_dict], $@)])[]dnl
-])
-
-
-# lt_decl_quote_varnames([SEPARATOR], [VARNAME1...])
-# --------------------------------------------------
-m4_define([lt_decl_quote_varnames],
-[_lt_decl_filter([value], [1], $@)])
-
-
-# lt_decl_dquote_varnames([SEPARATOR], [VARNAME1...])
-# ---------------------------------------------------
-m4_define([lt_decl_dquote_varnames],
-[_lt_decl_filter([value], [2], $@)])
-
-
-# lt_decl_varnames_tagged([SEPARATOR], [VARNAME1...])
-# ---------------------------------------------------
-m4_define([lt_decl_varnames_tagged],
-[m4_assert([$# <= 2])dnl
-_$0(m4_quote(m4_default([$1], [[, ]])),
-    m4_ifval([$2], [[$2]], [m4_dquote(lt_decl_tag_varnames)]),
-    m4_split(m4_normalize(m4_quote(_LT_TAGS)), [ ]))])
-m4_define([_lt_decl_varnames_tagged],
-[m4_ifval([$3], [lt_combine([$1], [$2], [_], $3)])])
-
-
-# lt_decl_all_varnames([SEPARATOR], [VARNAME1...])
-# ------------------------------------------------
-m4_define([lt_decl_all_varnames],
-[_$0(m4_quote(m4_default([$1], [[, ]])),
-     m4_if([$2], [],
-	   m4_quote(lt_decl_varnames),
-	m4_quote(m4_shift($@))))[]dnl
-])
-m4_define([_lt_decl_all_varnames],
-[lt_join($@, lt_decl_varnames_tagged([$1],
-			lt_decl_tag_varnames([[, ]], m4_shift($@))))dnl
-])
-
-
-# _LT_CONFIG_STATUS_DECLARE([VARNAME])
-# ------------------------------------
-# Quote a variable value, and forward it to `config.status' so that its
-# declaration there will have the same value as in `configure'.  VARNAME
-# must have a single quote delimited value for this to work.
-m4_define([_LT_CONFIG_STATUS_DECLARE],
-[$1='`$ECHO "X$][$1" | $Xsed -e "$delay_single_quote_subst"`'])
-
-
-# _LT_CONFIG_STATUS_DECLARATIONS
-# ------------------------------
-# We delimit libtool config variables with single quotes, so when
-# we write them to config.status, we have to be sure to quote all
-# embedded single quotes properly.  In configure, this macro expands
-# each variable declared with _LT_DECL (and _LT_TAGDECL) into:
-#
-#    <var>='`$ECHO "X$<var>" | $Xsed -e "$delay_single_quote_subst"`'
-m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
-[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
-    [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
-
-
-# _LT_LIBTOOL_TAGS
-# ----------------
-# Output comment and list of tags supported by the script
-m4_defun([_LT_LIBTOOL_TAGS],
-[_LT_FORMAT_COMMENT([The names of the tagged configurations supported by this script])dnl
-available_tags="_LT_TAGS"dnl
-])
-
-
-# _LT_LIBTOOL_DECLARE(VARNAME, [TAG])
-# -----------------------------------
-# Extract the dictionary values for VARNAME (optionally with TAG) and
-# expand to a commented shell variable setting:
-#
-#    # Some comment about what VAR is for.
-#    visible_name=$lt_internal_name
-m4_define([_LT_LIBTOOL_DECLARE],
-[_LT_FORMAT_COMMENT(m4_quote(lt_dict_fetch([lt_decl_dict], [$1],
-					   [description])))[]dnl
-m4_pushdef([_libtool_name],
-    m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [libtool_name])))[]dnl
-m4_case(m4_quote(lt_dict_fetch([lt_decl_dict], [$1], [value])),
-    [0], [_libtool_name=[$]$1],
-    [1], [_libtool_name=$lt_[]$1],
-    [2], [_libtool_name=$lt_[]$1],
-    [_libtool_name=lt_dict_fetch([lt_decl_dict], [$1], [value])])[]dnl
-m4_ifval([$2], [_$2])[]m4_popdef([_libtool_name])[]dnl
-])
-
-
-# _LT_LIBTOOL_CONFIG_VARS
-# -----------------------
-# Produce commented declarations of non-tagged libtool config variables
-# suitable for insertion in the LIBTOOL CONFIG section of the `libtool'
-# script.  Tagged libtool config variables (even for the LIBTOOL CONFIG
-# section) are produced by _LT_LIBTOOL_TAG_VARS.
-m4_defun([_LT_LIBTOOL_CONFIG_VARS],
-[m4_foreach([_lt_var],
-    m4_quote(_lt_decl_filter([tagged?], [no], [], lt_decl_varnames)),
-    [m4_n([_LT_LIBTOOL_DECLARE(_lt_var)])])])
-
-
-# _LT_LIBTOOL_TAG_VARS(TAG)
-# -------------------------
-m4_define([_LT_LIBTOOL_TAG_VARS],
-[m4_foreach([_lt_var], m4_quote(lt_decl_tag_varnames),
-    [m4_n([_LT_LIBTOOL_DECLARE(_lt_var, [$1])])])])
-
-
-# _LT_TAGVAR(VARNAME, [TAGNAME])
-# ------------------------------
-m4_define([_LT_TAGVAR], [m4_ifval([$2], [$1_$2], [$1])])
-
-
-# _LT_CONFIG_COMMANDS
-# -------------------
-# Send accumulated output to $CONFIG_STATUS.  Thanks to the lists of
-# variables for single and double quote escaping we saved from calls
-# to _LT_DECL, we can put quote escaped variables declarations
-# into `config.status', and then the shell code to quote escape them in
-# for loops in `config.status'.  Finally, any additional code accumulated
-# from calls to _LT_CONFIG_LIBTOOL_INIT is expanded.
-m4_defun([_LT_CONFIG_COMMANDS],
-[AC_PROVIDE_IFELSE([LT_OUTPUT],
-	dnl If the libtool generation code has been placed in $CONFIG_LT,
-	dnl instead of duplicating it all over again into config.status,
-	dnl then we will have config.status run $CONFIG_LT later, so it
-	dnl needs to know what name is stored there:
-        [AC_CONFIG_COMMANDS([libtool],
-            [$SHELL $CONFIG_LT || AS_EXIT(1)], [CONFIG_LT='$CONFIG_LT'])],
-    dnl If the libtool generation code is destined for config.status,
-    dnl expand the accumulated commands and init code now:
-    [AC_CONFIG_COMMANDS([libtool],
-        [_LT_OUTPUT_LIBTOOL_COMMANDS], [_LT_OUTPUT_LIBTOOL_COMMANDS_INIT])])
-])#_LT_CONFIG_COMMANDS
-
-
-# Initialize.
-m4_define([_LT_OUTPUT_LIBTOOL_COMMANDS_INIT],
-[
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-sed_quote_subst='$sed_quote_subst'
-double_quote_subst='$double_quote_subst'
-delay_variable_subst='$delay_variable_subst'
-_LT_CONFIG_STATUS_DECLARATIONS
-LTCC='$LTCC'
-LTCFLAGS='$LTCFLAGS'
-compiler='$compiler_DEFAULT'
-
-# Quote evaled strings.
-for var in lt_decl_all_varnames([[ \
-]], lt_decl_quote_varnames); do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
-    *[[\\\\\\\`\\"\\\$]]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
-      ;;
-    *)
-      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
-      ;;
-    esac
-done
-
-# Double-quote double-evaled strings.
-for var in lt_decl_all_varnames([[ \
-]], lt_decl_dquote_varnames); do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
-    *[[\\\\\\\`\\"\\\$]]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
-      ;;
-    *)
-      eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
-      ;;
-    esac
-done
-
-# Fix-up fallback echo if it was mangled by the above quoting rules.
-case \$lt_ECHO in
-*'\\\[$]0 --fallback-echo"')dnl "
-  lt_ECHO=\`\$ECHO "X\$lt_ECHO" | \$Xsed -e 's/\\\\\\\\\\\\\\\[$]0 --fallback-echo"\[$]/\[$]0 --fallback-echo"/'\`
-  ;;
-esac
-
-_LT_OUTPUT_LIBTOOL_INIT
-])
-
-
-# LT_OUTPUT
-# ---------
-# This macro allows early generation of the libtool script (before
-# AC_OUTPUT is called), incase it is used in configure for compilation
-# tests.
-AC_DEFUN([LT_OUTPUT],
-[: ${CONFIG_LT=./config.lt}
-AC_MSG_NOTICE([creating $CONFIG_LT])
-cat >"$CONFIG_LT" <<_LTEOF
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate a libtool stub with the current configuration.
-
-lt_cl_silent=false
-SHELL=\${CONFIG_SHELL-$SHELL}
-_LTEOF
-
-cat >>"$CONFIG_LT" <<\_LTEOF
-AS_SHELL_SANITIZE
-_AS_PREPARE
-
-exec AS_MESSAGE_FD>&1
-exec AS_MESSAGE_LOG_FD>>config.log
-{
-  echo
-  AS_BOX([Running $as_me.])
-} >&AS_MESSAGE_LOG_FD
-
-lt_cl_help="\
-\`$as_me' creates a local libtool stub from the current configuration,
-for use in further configure time tests before the real libtool is
-generated.
-
-Usage: $[0] [[OPTIONS]]
-
-  -h, --help      print this help, then exit
-  -V, --version   print version number, then exit
-  -q, --quiet     do not print progress messages
-  -d, --debug     don't remove temporary files
-
-Report bugs to <bug-libtool@gnu.org>."
-
-lt_cl_version="\
-m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl
-m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
-configured by $[0], generated by m4_PACKAGE_STRING.
-
-Copyright (C) 2008 Free Software Foundation, Inc.
-This config.lt script is free software; the Free Software Foundation
-gives unlimited permision to copy, distribute and modify it."
-
-while test $[#] != 0
-do
-  case $[1] in
-    --version | --v* | -V )
-      echo "$lt_cl_version"; exit 0 ;;
-    --help | --h* | -h )
-      echo "$lt_cl_help"; exit 0 ;;
-    --debug | --d* | -d )
-      debug=: ;;
-    --quiet | --q* | --silent | --s* | -q )
-      lt_cl_silent=: ;;
-
-    -*) AC_MSG_ERROR([unrecognized option: $[1]
-Try \`$[0] --help' for more information.]) ;;
-
-    *) AC_MSG_ERROR([unrecognized argument: $[1]
-Try \`$[0] --help' for more information.]) ;;
-  esac
-  shift
-done
-
-if $lt_cl_silent; then
-  exec AS_MESSAGE_FD>/dev/null
-fi
-_LTEOF
-
-cat >>"$CONFIG_LT" <<_LTEOF
-_LT_OUTPUT_LIBTOOL_COMMANDS_INIT
-_LTEOF
-
-cat >>"$CONFIG_LT" <<\_LTEOF
-AC_MSG_NOTICE([creating $ofile])
-_LT_OUTPUT_LIBTOOL_COMMANDS
-AS_EXIT(0)
-_LTEOF
-chmod +x "$CONFIG_LT"
-
-# configure is writing to config.log, but config.lt does its own redirection,
-# appending to config.log, which fails on DOS, as config.log is still kept
-# open by configure.  Here we exec the FD to /dev/null, effectively closing
-# config.log, so it can be properly (re)opened and appended to by config.lt.
-if test "$no_create" != yes; then
-  lt_cl_success=:
-  test "$silent" = yes &&
-    lt_config_lt_args="$lt_config_lt_args --quiet"
-  exec AS_MESSAGE_LOG_FD>/dev/null
-  $SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
-  exec AS_MESSAGE_LOG_FD>>config.log
-  $lt_cl_success || AS_EXIT(1)
-fi
-])# LT_OUTPUT
-
-
-# _LT_CONFIG(TAG)
-# ---------------
-# If TAG is the built-in tag, create an initial libtool script with a
-# default configuration from the untagged config vars.  Otherwise add code
-# to config.status for appending the configuration named by TAG from the
-# matching tagged config vars.
-m4_defun([_LT_CONFIG],
-[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-_LT_CONFIG_SAVE_COMMANDS([
-  m4_define([_LT_TAG], m4_if([$1], [], [C], [$1]))dnl
-  m4_if(_LT_TAG, [C], [
-    # See if we are running on zsh, and set the options which allow our
-    # commands through without removal of \ escapes.
-    if test -n "${ZSH_VERSION+set}" ; then
-      setopt NO_GLOB_SUBST
-    fi
-
-    cfgfile="${ofile}T"
-    trap "$RM \"$cfgfile\"; exit 1" 1 2 15
-    $RM "$cfgfile"
-
-    cat <<_LT_EOF >> "$cfgfile"
-#! $SHELL
-
-# `$ECHO "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
-# Generated automatically by $as_me ($PACKAGE$TIMESTAMP) $VERSION
-# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-# NOTE: Changes made to this file will be lost: look at ltmain.sh.
-#
-_LT_COPYING
-_LT_LIBTOOL_TAGS
-
-# ### BEGIN LIBTOOL CONFIG
-_LT_LIBTOOL_CONFIG_VARS
-_LT_LIBTOOL_TAG_VARS
-# ### END LIBTOOL CONFIG
-
-_LT_EOF
-
-  case $host_os in
-  aix3*)
-    cat <<\_LT_EOF >> "$cfgfile"
-# AIX sometimes has problems with the GCC collect2 program.  For some
-# reason, if we set the COLLECT_NAMES environment variable, the problems
-# vanish in a puff of smoke.
-if test "X${COLLECT_NAMES+set}" != Xset; then
-  COLLECT_NAMES=
-  export COLLECT_NAMES
-fi
-_LT_EOF
-    ;;
-  esac
-
-  _LT_PROG_LTMAIN
-
-  # We use sed instead of cat because bash on DJGPP gets confused if
-  # if finds mixed CR/LF and LF-only lines.  Since sed operates in
-  # text mode, it properly converts lines to CR/LF.  This bash problem
-  # is reportedly fixed, but why not run on old versions too?
-  sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
-
-  _LT_PROG_XSI_SHELLFNS
-
-  sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
-
-  mv -f "$cfgfile" "$ofile" ||
-    (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
-  chmod +x "$ofile"
-],
-[cat <<_LT_EOF >> "$ofile"
-
-dnl Unfortunately we have to use $1 here, since _LT_TAG is not expanded
-dnl in a comment (ie after a #).
-# ### BEGIN LIBTOOL TAG CONFIG: $1
-_LT_LIBTOOL_TAG_VARS(_LT_TAG)
-# ### END LIBTOOL TAG CONFIG: $1
-_LT_EOF
-])dnl /m4_if
-],
-[m4_if([$1], [], [
-    PACKAGE='$PACKAGE'
-    VERSION='$VERSION'
-    TIMESTAMP='$TIMESTAMP'
-    RM='$RM'
-    ofile='$ofile'], [])
-])dnl /_LT_CONFIG_SAVE_COMMANDS
-])# _LT_CONFIG
-
-
-# LT_SUPPORTED_TAG(TAG)
-# ---------------------
-# Trace this macro to discover what tags are supported by the libtool
-# --tag option, using:
-#    autoconf --trace 'LT_SUPPORTED_TAG:$1'
-AC_DEFUN([LT_SUPPORTED_TAG], [])
-
-
-# C support is built-in for now
-m4_define([_LT_LANG_C_enabled], [])
-m4_define([_LT_TAGS], [])
-
-
-# LT_LANG(LANG)
-# -------------
-# Enable libtool support for the given language if not already enabled.
-AC_DEFUN([LT_LANG],
-[AC_BEFORE([$0], [LT_OUTPUT])dnl
-m4_case([$1],
-  [C],			[_LT_LANG(C)],
-  [C++],		[_LT_LANG(CXX)],
-  [Java],		[_LT_LANG(GCJ)],
-  [Fortran 77],		[_LT_LANG(F77)],
-  [Fortran],		[_LT_LANG(FC)],
-  [Windows Resource],	[_LT_LANG(RC)],
-  [m4_ifdef([_LT_LANG_]$1[_CONFIG],
-    [_LT_LANG($1)],
-    [m4_fatal([$0: unsupported language: "$1"])])])dnl
-])# LT_LANG
-
-
-# _LT_LANG(LANGNAME)
-# ------------------
-m4_defun([_LT_LANG],
-[m4_ifdef([_LT_LANG_]$1[_enabled], [],
-  [LT_SUPPORTED_TAG([$1])dnl
-  m4_append([_LT_TAGS], [$1 ])dnl
-  m4_define([_LT_LANG_]$1[_enabled], [])dnl
-  _LT_LANG_$1_CONFIG($1)])dnl
-])# _LT_LANG
-
-
-# _LT_LANG_DEFAULT_CONFIG
-# -----------------------
-m4_defun([_LT_LANG_DEFAULT_CONFIG],
-[AC_PROVIDE_IFELSE([AC_PROG_CXX],
-  [LT_LANG(CXX)],
-  [m4_define([AC_PROG_CXX], defn([AC_PROG_CXX])[LT_LANG(CXX)])])
-
-AC_PROVIDE_IFELSE([AC_PROG_F77],
-  [LT_LANG(F77)],
-  [m4_define([AC_PROG_F77], defn([AC_PROG_F77])[LT_LANG(F77)])])
-
-AC_PROVIDE_IFELSE([AC_PROG_FC],
-  [LT_LANG(FC)],
-  [m4_define([AC_PROG_FC], defn([AC_PROG_FC])[LT_LANG(FC)])])
-
-dnl The call to [A][M_PROG_GCJ] is quoted like that to stop aclocal
-dnl pulling things in needlessly.
-AC_PROVIDE_IFELSE([AC_PROG_GCJ],
-  [LT_LANG(GCJ)],
-  [AC_PROVIDE_IFELSE([A][M_PROG_GCJ],
-    [LT_LANG(GCJ)],
-    [AC_PROVIDE_IFELSE([LT_PROG_GCJ],
-      [LT_LANG(GCJ)],
-      [m4_ifdef([AC_PROG_GCJ],
-	[m4_define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[LT_LANG(GCJ)])])
-       m4_ifdef([A][M_PROG_GCJ],
-	[m4_define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[LT_LANG(GCJ)])])
-       m4_ifdef([LT_PROG_GCJ],
-	[m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])])
-
-AC_PROVIDE_IFELSE([LT_PROG_RC],
-  [LT_LANG(RC)],
-  [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])])
-])# _LT_LANG_DEFAULT_CONFIG
-
-# Obsolete macros:
-AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)])
-AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
-AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
-AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
-dnl AC_DEFUN([AC_LIBTOOL_F77], [])
-dnl AC_DEFUN([AC_LIBTOOL_FC], [])
-dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
-
-
-# _LT_TAG_COMPILER
-# ----------------
-m4_defun([_LT_TAG_COMPILER],
-[AC_REQUIRE([AC_PROG_CC])dnl
-
-_LT_DECL([LTCC], [CC], [1], [A C compiler])dnl
-_LT_DECL([LTCFLAGS], [CFLAGS], [1], [LTCC compiler flags])dnl
-_LT_TAGDECL([CC], [compiler], [1], [A language specific compiler])dnl
-_LT_TAGDECL([with_gcc], [GCC], [0], [Is the compiler the GNU compiler?])dnl
-
-# If no C compiler was specified, use CC.
-LTCC=${LTCC-"$CC"}
-
-# If no C compiler flags were specified, use CFLAGS.
-LTCFLAGS=${LTCFLAGS-"$CFLAGS"}
-
-# Allow CC to be a program name with arguments.
-compiler=$CC
-])# _LT_TAG_COMPILER
-
-
-# _LT_COMPILER_BOILERPLATE
-# ------------------------
-# Check for compiler boilerplate output or warnings with
-# the simple compiler test code.
-m4_defun([_LT_COMPILER_BOILERPLATE],
-[m4_require([_LT_DECL_SED])dnl
-ac_outfile=conftest.$ac_objext
-echo "$lt_simple_compile_test_code" >conftest.$ac_ext
-eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
-_lt_compiler_boilerplate=`cat conftest.err`
-$RM conftest*
-])# _LT_COMPILER_BOILERPLATE
-
-
-# _LT_LINKER_BOILERPLATE
-# ----------------------
-# Check for linker boilerplate output or warnings with
-# the simple link test code.
-m4_defun([_LT_LINKER_BOILERPLATE],
-[m4_require([_LT_DECL_SED])dnl
-ac_outfile=conftest.$ac_objext
-echo "$lt_simple_link_test_code" >conftest.$ac_ext
-eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err
-_lt_linker_boilerplate=`cat conftest.err`
-$RM -r conftest*
-])# _LT_LINKER_BOILERPLATE
-
-# _LT_REQUIRED_DARWIN_CHECKS
-# -------------------------
-m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
-  case $host_os in
-    rhapsody* | darwin*)
-    AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:])
-    AC_CHECK_TOOL([NMEDIT], [nmedit], [:])
-    AC_CHECK_TOOL([LIPO], [lipo], [:])
-    AC_CHECK_TOOL([OTOOL], [otool], [:])
-    AC_CHECK_TOOL([OTOOL64], [otool64], [:])
-    _LT_DECL([], [DSYMUTIL], [1],
-      [Tool to manipulate archived DWARF debug symbol files on Mac OS X])
-    _LT_DECL([], [NMEDIT], [1],
-      [Tool to change global to local symbols on Mac OS X])
-    _LT_DECL([], [LIPO], [1],
-      [Tool to manipulate fat objects and archives on Mac OS X])
-    _LT_DECL([], [OTOOL], [1],
-      [ldd/readelf like tool for Mach-O binaries on Mac OS X])
-    _LT_DECL([], [OTOOL64], [1],
-      [ldd/readelf like tool for 64 bit Mach-O binaries on Mac OS X 10.4])
-
-    AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod],
-      [lt_cv_apple_cc_single_mod=no
-      if test -z "${LT_MULTI_MODULE}"; then
-	# By default we will add the -single_module flag. You can override
-	# by either setting the environment variable LT_MULTI_MODULE
-	# non-empty at configure time, or by adding -multi_module to the
-	# link flags.
-	rm -rf libconftest.dylib*
-	echo "int foo(void){return 1;}" > conftest.c
-	echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
--dynamiclib -Wl,-single_module conftest.c" >&AS_MESSAGE_LOG_FD
-	$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
-	  -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
-        _lt_result=$?
-	if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then
-	  lt_cv_apple_cc_single_mod=yes
-	else
-	  cat conftest.err >&AS_MESSAGE_LOG_FD
-	fi
-	rm -rf libconftest.dylib*
-	rm -f conftest.*
-      fi])
-    AC_CACHE_CHECK([for -exported_symbols_list linker flag],
-      [lt_cv_ld_exported_symbols_list],
-      [lt_cv_ld_exported_symbols_list=no
-      save_LDFLAGS=$LDFLAGS
-      echo "_main" > conftest.sym
-      LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym"
-      AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
-	[lt_cv_ld_exported_symbols_list=yes],
-	[lt_cv_ld_exported_symbols_list=no])
-	LDFLAGS="$save_LDFLAGS"
-    ])
-    case $host_os in
-    rhapsody* | darwin1.[[012]])
-      _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
-    darwin1.*)
-      _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
-    darwin*) # darwin 5.x on
-      # if running on 10.5 or later, the deployment target defaults
-      # to the OS version, if on x86, and 10.4, the deployment
-      # target defaults to 10.4. Don't you love it?
-      case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in
-	10.0,*86*-darwin8*|10.0,*-darwin[[91]]*)
-	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
-	10.[[012]]*)
-	  _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;;
-	10.*)
-	  _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;;
-      esac
-    ;;
-  esac
-    if test "$lt_cv_apple_cc_single_mod" = "yes"; then
-      _lt_dar_single_mod='$single_module'
-    fi
-    if test "$lt_cv_ld_exported_symbols_list" = "yes"; then
-      _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym'
-    else
-      _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
-    fi
-    if test "$DSYMUTIL" != ":"; then
-      _lt_dsymutil='~$DSYMUTIL $lib || :'
-    else
-      _lt_dsymutil=
-    fi
-    ;;
-  esac
-])
-
-
-# _LT_DARWIN_LINKER_FEATURES
-# --------------------------
-# Checks for linker and compiler features on darwin
-m4_defun([_LT_DARWIN_LINKER_FEATURES],
-[
-  m4_require([_LT_REQUIRED_DARWIN_CHECKS])
-  _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-  _LT_TAGVAR(hardcode_direct, $1)=no
-  _LT_TAGVAR(hardcode_automatic, $1)=yes
-  _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
-  _LT_TAGVAR(whole_archive_flag_spec, $1)=''
-  _LT_TAGVAR(link_all_deplibs, $1)=yes
-  _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
-  case $cc_basename in
-     ifort*) _lt_dar_can_shared=yes ;;
-     *) _lt_dar_can_shared=$GCC ;;
-  esac
-  if test "$_lt_dar_can_shared" = "yes"; then
-    output_verbose_link_cmd=echo
-    _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
-    _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
-    _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
-    _LT_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}"
-    m4_if([$1], [CXX],
-[   if test "$lt_cv_apple_cc_single_mod" != "yes"; then
-      _LT_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}"
-      _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}"
-    fi
-],[])
-  else
-  _LT_TAGVAR(ld_shlibs, $1)=no
-  fi
-])
-
-# _LT_SYS_MODULE_PATH_AIX
-# -----------------------
-# Links a minimal program and checks the executable
-# for the system default hardcoded library path. In most cases,
-# this is /usr/lib:/lib, but when the MPI compilers are used
-# the location of the communication and MPI libs are included too.
-# If we don't find anything, use the default library path according
-# to the aix ld manual.
-m4_defun([_LT_SYS_MODULE_PATH_AIX],
-[m4_require([_LT_DECL_SED])dnl
-AC_LINK_IFELSE(AC_LANG_PROGRAM,[
-lt_aix_libpath_sed='
-    /Import File Strings/,/^$/ {
-	/^0/ {
-	    s/^0  *\(.*\)$/\1/
-	    p
-	}
-    }'
-aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-# Check for a 64-bit object if we didn't find anything.
-if test -z "$aix_libpath"; then
-  aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-fi],[])
-if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
-])# _LT_SYS_MODULE_PATH_AIX
-
-
-# _LT_SHELL_INIT(ARG)
-# -------------------
-m4_define([_LT_SHELL_INIT],
-[ifdef([AC_DIVERSION_NOTICE],
-	     [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
-	 [AC_DIVERT_PUSH(NOTICE)])
-$1
-AC_DIVERT_POP
-])# _LT_SHELL_INIT
-
-
-# _LT_PROG_ECHO_BACKSLASH
-# -----------------------
-# Add some code to the start of the generated configure script which
-# will find an echo command which doesn't interpret backslashes.
-m4_defun([_LT_PROG_ECHO_BACKSLASH],
-[_LT_SHELL_INIT([
-# Check that we are running under the correct shell.
-SHELL=${CONFIG_SHELL-/bin/sh}
-
-case X$lt_ECHO in
-X*--fallback-echo)
-  # Remove one level of quotation (which was required for Make).
-  ECHO=`echo "$lt_ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
-  ;;
-esac
-
-ECHO=${lt_ECHO-echo}
-if test "X[$]1" = X--no-reexec; then
-  # Discard the --no-reexec flag, and continue.
-  shift
-elif test "X[$]1" = X--fallback-echo; then
-  # Avoid inline document here, it may be left over
-  :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' ; then
-  # Yippee, $ECHO works!
-  :
-else
-  # Restart under the correct shell.
-  exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
-fi
-
-if test "X[$]1" = X--fallback-echo; then
-  # used as fallback echo
-  shift
-  cat <<_LT_EOF
-[$]*
-_LT_EOF
-  exit 0
-fi
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test -z "$lt_ECHO"; then
-  if test "X${echo_test_string+set}" != Xset; then
-    # find a string as large as possible, as long as the shell can cope with it
-    for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
-      # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
-      if { echo_test_string=`eval $cmd`; } 2>/dev/null &&
-	 { test "X$echo_test_string" = "X$echo_test_string"; } 2>/dev/null
-      then
-        break
-      fi
-    done
-  fi
-
-  if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-     echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-     test "X$echo_testing_string" = "X$echo_test_string"; then
-    :
-  else
-    # The Solaris, AIX, and Digital Unix default echo programs unquote
-    # backslashes.  This makes it impossible to quote backslashes using
-    #   echo "$something" | sed 's/\\/\\\\/g'
-    #
-    # So, first we look for a working echo in the user's PATH.
-
-    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-    for dir in $PATH /usr/ucb; do
-      IFS="$lt_save_ifs"
-      if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
-         test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        ECHO="$dir/echo"
-        break
-      fi
-    done
-    IFS="$lt_save_ifs"
-
-    if test "X$ECHO" = Xecho; then
-      # We didn't find a better echo, so look for alternatives.
-      if test "X`{ print -r '\t'; } 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`{ print -r "$echo_test_string"; } 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        # This shell has a builtin print -r that does the trick.
-        ECHO='print -r'
-      elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
-	   test "X$CONFIG_SHELL" != X/bin/ksh; then
-        # If we have ksh, try running configure again with it.
-        ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
-        export ORIGINAL_CONFIG_SHELL
-        CONFIG_SHELL=/bin/ksh
-        export CONFIG_SHELL
-        exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
-      else
-        # Try using printf.
-        ECHO='printf %s\n'
-        if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-	   echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-	   test "X$echo_testing_string" = "X$echo_test_string"; then
-	  # Cool, printf works
-	  :
-        elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
-	  export CONFIG_SHELL
-	  SHELL="$CONFIG_SHELL"
-	  export SHELL
-	  ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
-        elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
-        else
-	  # maybe with a smaller string...
-	  prev=:
-
-	  for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
-	    if { test "X$echo_test_string" = "X`eval $cmd`"; } 2>/dev/null
-	    then
-	      break
-	    fi
-	    prev="$cmd"
-	  done
-
-	  if test "$prev" != 'sed 50q "[$]0"'; then
-	    echo_test_string=`eval $prev`
-	    export echo_test_string
-	    exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
-	  else
-	    # Oops.  We lost completely, so just stick with echo.
-	    ECHO=echo
-	  fi
-        fi
-      fi
-    fi
-  fi
-fi
-
-# Copy echo and quote the copy suitably for passing to libtool from
-# the Makefile, instead of quoting the original, which is used later.
-lt_ECHO=$ECHO
-if test "X$lt_ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
-   lt_ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
-fi
-
-AC_SUBST(lt_ECHO)
-])
-_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
-_LT_DECL([], [ECHO], [1],
-    [An echo program that does not interpret backslashes])
-])# _LT_PROG_ECHO_BACKSLASH
-
-
-# _LT_ENABLE_LOCK
-# ---------------
-m4_defun([_LT_ENABLE_LOCK],
-[AC_ARG_ENABLE([libtool-lock],
-  [AS_HELP_STRING([--disable-libtool-lock],
-    [avoid locking (might break parallel builds)])])
-test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
-
-# Some flags need to be propagated to the compiler or linker for good
-# libtool support.
-case $host in
-ia64-*-hpux*)
-  # Find out which ABI we are using.
-  echo 'int i;' > conftest.$ac_ext
-  if AC_TRY_EVAL(ac_compile); then
-    case `/usr/bin/file conftest.$ac_objext` in
-      *ELF-32*)
-	HPUX_IA64_MODE="32"
-	;;
-      *ELF-64*)
-	HPUX_IA64_MODE="64"
-	;;
-    esac
-  fi
-  rm -rf conftest*
-  ;;
-*-*-irix6*)
-  # Find out which ABI we are using.
-  echo '[#]line __oline__ "configure"' > conftest.$ac_ext
-  if AC_TRY_EVAL(ac_compile); then
-    if test "$lt_cv_prog_gnu_ld" = yes; then
-      case `/usr/bin/file conftest.$ac_objext` in
-	*32-bit*)
-	  LD="${LD-ld} -melf32bsmip"
-	  ;;
-	*N32*)
-	  LD="${LD-ld} -melf32bmipn32"
-	  ;;
-	*64-bit*)
-	  LD="${LD-ld} -melf64bmip"
-	;;
-      esac
-    else
-      case `/usr/bin/file conftest.$ac_objext` in
-	*32-bit*)
-	  LD="${LD-ld} -32"
-	  ;;
-	*N32*)
-	  LD="${LD-ld} -n32"
-	  ;;
-	*64-bit*)
-	  LD="${LD-ld} -64"
-	  ;;
-      esac
-    fi
-  fi
-  rm -rf conftest*
-  ;;
-
-x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \
-s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
-  # Find out which ABI we are using.
-  echo 'int i;' > conftest.$ac_ext
-  if AC_TRY_EVAL(ac_compile); then
-    case `/usr/bin/file conftest.o` in
-      *32-bit*)
-	case $host in
-	  x86_64-*kfreebsd*-gnu)
-	    LD="${LD-ld} -m elf_i386_fbsd"
-	    ;;
-	  x86_64-*linux*)
-	    LD="${LD-ld} -m elf_i386"
-	    ;;
-	  ppc64-*linux*|powerpc64-*linux*)
-	    LD="${LD-ld} -m elf32ppclinux"
-	    ;;
-	  s390x-*linux*)
-	    LD="${LD-ld} -m elf_s390"
-	    ;;
-	  sparc64-*linux*)
-	    LD="${LD-ld} -m elf32_sparc"
-	    ;;
-	esac
-	;;
-      *64-bit*)
-	case $host in
-	  x86_64-*kfreebsd*-gnu)
-	    LD="${LD-ld} -m elf_x86_64_fbsd"
-	    ;;
-	  x86_64-*linux*)
-	    LD="${LD-ld} -m elf_x86_64"
-	    ;;
-	  ppc*-*linux*|powerpc*-*linux*)
-	    LD="${LD-ld} -m elf64ppc"
-	    ;;
-	  s390*-*linux*|s390*-*tpf*)
-	    LD="${LD-ld} -m elf64_s390"
-	    ;;
-	  sparc*-*linux*)
-	    LD="${LD-ld} -m elf64_sparc"
-	    ;;
-	esac
-	;;
-    esac
-  fi
-  rm -rf conftest*
-  ;;
-
-*-*-sco3.2v5*)
-  # On SCO OpenServer 5, we need -belf to get full-featured binaries.
-  SAVE_CFLAGS="$CFLAGS"
-  CFLAGS="$CFLAGS -belf"
-  AC_CACHE_CHECK([whether the C compiler needs -belf], lt_cv_cc_needs_belf,
-    [AC_LANG_PUSH(C)
-     AC_LINK_IFELSE([AC_LANG_PROGRAM([[]],[[]])],[lt_cv_cc_needs_belf=yes],[lt_cv_cc_needs_belf=no])
-     AC_LANG_POP])
-  if test x"$lt_cv_cc_needs_belf" != x"yes"; then
-    # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf
-    CFLAGS="$SAVE_CFLAGS"
-  fi
-  ;;
-sparc*-*solaris*)
-  # Find out which ABI we are using.
-  echo 'int i;' > conftest.$ac_ext
-  if AC_TRY_EVAL(ac_compile); then
-    case `/usr/bin/file conftest.o` in
-    *64-bit*)
-      case $lt_cv_prog_gnu_ld in
-      yes*) LD="${LD-ld} -m elf64_sparc" ;;
-      *)
-	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
-	  LD="${LD-ld} -64"
-	fi
-	;;
-      esac
-      ;;
-    esac
-  fi
-  rm -rf conftest*
-  ;;
-esac
-
-need_locks="$enable_libtool_lock"
-])# _LT_ENABLE_LOCK
-
-
-# _LT_CMD_OLD_ARCHIVE
-# -------------------
-m4_defun([_LT_CMD_OLD_ARCHIVE],
-[AC_CHECK_TOOL(AR, ar, false)
-test -z "$AR" && AR=ar
-test -z "$AR_FLAGS" && AR_FLAGS=cru
-_LT_DECL([], [AR], [1], [The archiver])
-_LT_DECL([], [AR_FLAGS], [1])
-
-AC_CHECK_TOOL(STRIP, strip, :)
-test -z "$STRIP" && STRIP=:
-_LT_DECL([], [STRIP], [1], [A symbol stripping program])
-
-AC_CHECK_TOOL(RANLIB, ranlib, :)
-test -z "$RANLIB" && RANLIB=:
-_LT_DECL([], [RANLIB], [1],
-    [Commands used to install an old-style archive])
-
-# Determine commands to create old-style static archives.
-old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs'
-old_postinstall_cmds='chmod 644 $oldlib'
-old_postuninstall_cmds=
-
-if test -n "$RANLIB"; then
-  case $host_os in
-  openbsd*)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
-    ;;
-  *)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
-    ;;
-  esac
-  old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
-fi
-_LT_DECL([], [old_postinstall_cmds], [2])
-_LT_DECL([], [old_postuninstall_cmds], [2])
-_LT_TAGDECL([], [old_archive_cmds], [2],
-    [Commands used to build an old-style archive])
-])# _LT_CMD_OLD_ARCHIVE
-
-
-# _LT_COMPILER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
-#		[OUTPUT-FILE], [ACTION-SUCCESS], [ACTION-FAILURE])
-# ----------------------------------------------------------------
-# Check whether the given compiler option works
-AC_DEFUN([_LT_COMPILER_OPTION],
-[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_DECL_SED])dnl
-AC_CACHE_CHECK([$1], [$2],
-  [$2=no
-   m4_if([$4], , [ac_outfile=conftest.$ac_objext], [ac_outfile=$4])
-   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-   lt_compiler_flag="$3"
-   # Insert the option either (1) after the last *FLAGS variable, or
-   # (2) before a word containing "conftest.", or (3) at the end.
-   # Note that $ac_compile itself does not contain backslashes and begins
-   # with a dollar sign (not a hyphen), so the echo should work correctly.
-   # The option is referenced via a variable to avoid confusing sed.
-   lt_compile=`echo "$ac_compile" | $SED \
-   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-   -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
-   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
-   (eval "$lt_compile" 2>conftest.err)
-   ac_status=$?
-   cat conftest.err >&AS_MESSAGE_LOG_FD
-   echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
-   if (exit $ac_status) && test -s "$ac_outfile"; then
-     # The compiler can only warn and ignore the option if not recognized
-     # So say no if there are warnings other than the usual output.
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
-     $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
-     if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
-       $2=yes
-     fi
-   fi
-   $RM conftest*
-])
-
-if test x"[$]$2" = xyes; then
-    m4_if([$5], , :, [$5])
-else
-    m4_if([$6], , :, [$6])
-fi
-])# _LT_COMPILER_OPTION
-
-# Old name:
-AU_ALIAS([AC_LIBTOOL_COMPILER_OPTION], [_LT_COMPILER_OPTION])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_COMPILER_OPTION], [])
-
-
-# _LT_LINKER_OPTION(MESSAGE, VARIABLE-NAME, FLAGS,
-#                  [ACTION-SUCCESS], [ACTION-FAILURE])
-# ----------------------------------------------------
-# Check whether the given linker option works
-AC_DEFUN([_LT_LINKER_OPTION],
-[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_DECL_SED])dnl
-AC_CACHE_CHECK([$1], [$2],
-  [$2=no
-   save_LDFLAGS="$LDFLAGS"
-   LDFLAGS="$LDFLAGS $3"
-   echo "$lt_simple_link_test_code" > conftest.$ac_ext
-   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
-     # The linker can only warn and ignore the option if not recognized
-     # So say no if there are warnings
-     if test -s conftest.err; then
-       # Append any errors to the config.log.
-       cat conftest.err 1>&AS_MESSAGE_LOG_FD
-       $ECHO "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
-       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
-       if diff conftest.exp conftest.er2 >/dev/null; then
-         $2=yes
-       fi
-     else
-       $2=yes
-     fi
-   fi
-   $RM -r conftest*
-   LDFLAGS="$save_LDFLAGS"
-])
-
-if test x"[$]$2" = xyes; then
-    m4_if([$4], , :, [$4])
-else
-    m4_if([$5], , :, [$5])
-fi
-])# _LT_LINKER_OPTION
-
-# Old name:
-AU_ALIAS([AC_LIBTOOL_LINKER_OPTION], [_LT_LINKER_OPTION])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_LINKER_OPTION], [])
-
-
-# LT_CMD_MAX_LEN
-#---------------
-AC_DEFUN([LT_CMD_MAX_LEN],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-# find the maximum length of command line arguments
-AC_MSG_CHECKING([the maximum length of command line arguments])
-AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
-  i=0
-  teststring="ABCD"
-
-  case $build_os in
-  msdosdjgpp*)
-    # On DJGPP, this test can blow up pretty badly due to problems in libc
-    # (any single argument exceeding 2000 bytes causes a buffer overrun
-    # during glob expansion).  Even if it were fixed, the result of this
-    # check would be larger than it should be.
-    lt_cv_sys_max_cmd_len=12288;    # 12K is about right
-    ;;
-
-  gnu*)
-    # Under GNU Hurd, this test is not required because there is
-    # no limit to the length of command line arguments.
-    # Libtool will interpret -1 as no limit whatsoever
-    lt_cv_sys_max_cmd_len=-1;
-    ;;
-
-  cygwin* | mingw* | cegcc*)
-    # On Win9x/ME, this test blows up -- it succeeds, but takes
-    # about 5 minutes as the teststring grows exponentially.
-    # Worse, since 9x/ME are not pre-emptively multitasking,
-    # you end up with a "frozen" computer, even though with patience
-    # the test eventually succeeds (with a max line length of 256k).
-    # Instead, let's just punt: use the minimum linelength reported by
-    # all of the supported platforms: 8192 (on NT/2K/XP).
-    lt_cv_sys_max_cmd_len=8192;
-    ;;
-
-  amigaos*)
-    # On AmigaOS with pdksh, this test takes hours, literally.
-    # So we just punt and use a minimum line length of 8192.
-    lt_cv_sys_max_cmd_len=8192;
-    ;;
-
-  netbsd* | freebsd* | openbsd* | darwin* | dragonfly*)
-    # This has been around since 386BSD, at least.  Likely further.
-    if test -x /sbin/sysctl; then
-      lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax`
-    elif test -x /usr/sbin/sysctl; then
-      lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax`
-    else
-      lt_cv_sys_max_cmd_len=65536	# usable default for all BSDs
-    fi
-    # And add a safety zone
-    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
-    lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
-    ;;
-
-  interix*)
-    # We know the value 262144 and hardcode it with a safety zone (like BSD)
-    lt_cv_sys_max_cmd_len=196608
-    ;;
-
-  osf*)
-    # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
-    # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
-    # nice to cause kernel panics so lets avoid the loop below.
-    # First set a reasonable default.
-    lt_cv_sys_max_cmd_len=16384
-    #
-    if test -x /sbin/sysconfig; then
-      case `/sbin/sysconfig -q proc exec_disable_arg_limit` in
-        *1*) lt_cv_sys_max_cmd_len=-1 ;;
-      esac
-    fi
-    ;;
-  sco3.2v5*)
-    lt_cv_sys_max_cmd_len=102400
-    ;;
-  sysv5* | sco5v6* | sysv4.2uw2*)
-    kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null`
-    if test -n "$kargmax"; then
-      lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[[	 ]]//'`
-    else
-      lt_cv_sys_max_cmd_len=32768
-    fi
-    ;;
-  *)
-    lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
-    if test -n "$lt_cv_sys_max_cmd_len"; then
-      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
-      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
-    else
-      # Make teststring a little bigger before we do anything with it.
-      # a 1K string should be a reasonable start.
-      for i in 1 2 3 4 5 6 7 8 ; do
-        teststring=$teststring$teststring
-      done
-      SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}}
-      # If test is not a shell built-in, we'll probably end up computing a
-      # maximum length that is only half of the actual maximum length, but
-      # we can't tell.
-      while { test "X"`$SHELL [$]0 --fallback-echo "X$teststring$teststring" 2>/dev/null` \
-	         = "XX$teststring$teststring"; } >/dev/null 2>&1 &&
-	      test $i != 17 # 1/2 MB should be enough
-      do
-        i=`expr $i + 1`
-        teststring=$teststring$teststring
-      done
-      # Only check the string length outside the loop.
-      lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1`
-      teststring=
-      # Add a significant safety factor because C++ compilers can tack on
-      # massive amounts of additional arguments before passing them to the
-      # linker.  It appears as though 1/2 is a usable value.
-      lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2`
-    fi
-    ;;
-  esac
-])
-if test -n $lt_cv_sys_max_cmd_len ; then
-  AC_MSG_RESULT($lt_cv_sys_max_cmd_len)
-else
-  AC_MSG_RESULT(none)
-fi
-max_cmd_len=$lt_cv_sys_max_cmd_len
-_LT_DECL([], [max_cmd_len], [0],
-    [What is the maximum length of a command?])
-])# LT_CMD_MAX_LEN
-
-# Old name:
-AU_ALIAS([AC_LIBTOOL_SYS_MAX_CMD_LEN], [LT_CMD_MAX_LEN])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_SYS_MAX_CMD_LEN], [])
-
-
-# _LT_HEADER_DLFCN
-# ----------------
-m4_defun([_LT_HEADER_DLFCN],
-[AC_CHECK_HEADERS([dlfcn.h], [], [], [AC_INCLUDES_DEFAULT])dnl
-])# _LT_HEADER_DLFCN
-
-
-# _LT_TRY_DLOPEN_SELF (ACTION-IF-TRUE, ACTION-IF-TRUE-W-USCORE,
-#                      ACTION-IF-FALSE, ACTION-IF-CROSS-COMPILING)
-# ----------------------------------------------------------------
-m4_defun([_LT_TRY_DLOPEN_SELF],
-[m4_require([_LT_HEADER_DLFCN])dnl
-if test "$cross_compiling" = yes; then :
-  [$4]
-else
-  lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
-  lt_status=$lt_dlunknown
-  cat > conftest.$ac_ext <<_LT_EOF
-[#line __oline__ "configure"
-#include "confdefs.h"
-
-#if HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
-
-#include <stdio.h>
-
-#ifdef RTLD_GLOBAL
-#  define LT_DLGLOBAL		RTLD_GLOBAL
-#else
-#  ifdef DL_GLOBAL
-#    define LT_DLGLOBAL		DL_GLOBAL
-#  else
-#    define LT_DLGLOBAL		0
-#  endif
-#endif
-
-/* We may have to define LT_DLLAZY_OR_NOW in the command line if we
-   find out it does not work in some platform. */
-#ifndef LT_DLLAZY_OR_NOW
-#  ifdef RTLD_LAZY
-#    define LT_DLLAZY_OR_NOW		RTLD_LAZY
-#  else
-#    ifdef DL_LAZY
-#      define LT_DLLAZY_OR_NOW		DL_LAZY
-#    else
-#      ifdef RTLD_NOW
-#        define LT_DLLAZY_OR_NOW	RTLD_NOW
-#      else
-#        ifdef DL_NOW
-#          define LT_DLLAZY_OR_NOW	DL_NOW
-#        else
-#          define LT_DLLAZY_OR_NOW	0
-#        endif
-#      endif
-#    endif
-#  endif
-#endif
-
-void fnord() { int i=42;}
-int main ()
-{
-  void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
-  int status = $lt_dlunknown;
-
-  if (self)
-    {
-      if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
-      else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
-      /* dlclose (self); */
-    }
-  else
-    puts (dlerror ());
-
-  return status;
-}]
-_LT_EOF
-  if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext} 2>/dev/null; then
-    (./conftest; exit; ) >&AS_MESSAGE_LOG_FD 2>/dev/null
-    lt_status=$?
-    case x$lt_status in
-      x$lt_dlno_uscore) $1 ;;
-      x$lt_dlneed_uscore) $2 ;;
-      x$lt_dlunknown|x*) $3 ;;
-    esac
-  else :
-    # compilation failed
-    $3
-  fi
-fi
-rm -fr conftest*
-])# _LT_TRY_DLOPEN_SELF
-
-
-# LT_SYS_DLOPEN_SELF
-# ------------------
-AC_DEFUN([LT_SYS_DLOPEN_SELF],
-[m4_require([_LT_HEADER_DLFCN])dnl
-if test "x$enable_dlopen" != xyes; then
-  enable_dlopen=unknown
-  enable_dlopen_self=unknown
-  enable_dlopen_self_static=unknown
-else
-  lt_cv_dlopen=no
-  lt_cv_dlopen_libs=
-
-  case $host_os in
-  beos*)
-    lt_cv_dlopen="load_add_on"
-    lt_cv_dlopen_libs=
-    lt_cv_dlopen_self=yes
-    ;;
-
-  mingw* | pw32* | cegcc*)
-    lt_cv_dlopen="LoadLibrary"
-    lt_cv_dlopen_libs=
-    ;;
-
-  cygwin*)
-    lt_cv_dlopen="dlopen"
-    lt_cv_dlopen_libs=
-    ;;
-
-  darwin*)
-  # if libdl is installed we need to link against it
-    AC_CHECK_LIB([dl], [dlopen],
-		[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],[
-    lt_cv_dlopen="dyld"
-    lt_cv_dlopen_libs=
-    lt_cv_dlopen_self=yes
-    ])
-    ;;
-
-  *)
-    AC_CHECK_FUNC([shl_load],
-	  [lt_cv_dlopen="shl_load"],
-      [AC_CHECK_LIB([dld], [shl_load],
-	    [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"],
-	[AC_CHECK_FUNC([dlopen],
-	      [lt_cv_dlopen="dlopen"],
-	  [AC_CHECK_LIB([dl], [dlopen],
-		[lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"],
-	    [AC_CHECK_LIB([svld], [dlopen],
-		  [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"],
-	      [AC_CHECK_LIB([dld], [dld_link],
-		    [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"])
-	      ])
-	    ])
-	  ])
-	])
-      ])
-    ;;
-  esac
-
-  if test "x$lt_cv_dlopen" != xno; then
-    enable_dlopen=yes
-  else
-    enable_dlopen=no
-  fi
-
-  case $lt_cv_dlopen in
-  dlopen)
-    save_CPPFLAGS="$CPPFLAGS"
-    test "x$ac_cv_header_dlfcn_h" = xyes && CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
-
-    save_LDFLAGS="$LDFLAGS"
-    wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
-
-    save_LIBS="$LIBS"
-    LIBS="$lt_cv_dlopen_libs $LIBS"
-
-    AC_CACHE_CHECK([whether a program can dlopen itself],
-	  lt_cv_dlopen_self, [dnl
-	  _LT_TRY_DLOPEN_SELF(
-	    lt_cv_dlopen_self=yes, lt_cv_dlopen_self=yes,
-	    lt_cv_dlopen_self=no, lt_cv_dlopen_self=cross)
-    ])
-
-    if test "x$lt_cv_dlopen_self" = xyes; then
-      wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
-      AC_CACHE_CHECK([whether a statically linked program can dlopen itself],
-	  lt_cv_dlopen_self_static, [dnl
-	  _LT_TRY_DLOPEN_SELF(
-	    lt_cv_dlopen_self_static=yes, lt_cv_dlopen_self_static=yes,
-	    lt_cv_dlopen_self_static=no,  lt_cv_dlopen_self_static=cross)
-      ])
-    fi
-
-    CPPFLAGS="$save_CPPFLAGS"
-    LDFLAGS="$save_LDFLAGS"
-    LIBS="$save_LIBS"
-    ;;
-  esac
-
-  case $lt_cv_dlopen_self in
-  yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
-  *) enable_dlopen_self=unknown ;;
-  esac
-
-  case $lt_cv_dlopen_self_static in
-  yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
-  *) enable_dlopen_self_static=unknown ;;
-  esac
-fi
-_LT_DECL([dlopen_support], [enable_dlopen], [0],
-	 [Whether dlopen is supported])
-_LT_DECL([dlopen_self], [enable_dlopen_self], [0],
-	 [Whether dlopen of programs is supported])
-_LT_DECL([dlopen_self_static], [enable_dlopen_self_static], [0],
-	 [Whether dlopen of statically linked programs is supported])
-])# LT_SYS_DLOPEN_SELF
-
-# Old name:
-AU_ALIAS([AC_LIBTOOL_DLOPEN_SELF], [LT_SYS_DLOPEN_SELF])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_DLOPEN_SELF], [])
-
-
-# _LT_COMPILER_C_O([TAGNAME])
-# ---------------------------
-# Check to see if options -c and -o are simultaneously supported by compiler.
-# This macro does not hard code the compiler like AC_PROG_CC_C_O.
-m4_defun([_LT_COMPILER_C_O],
-[m4_require([_LT_DECL_SED])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_TAG_COMPILER])dnl
-AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
-  [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)],
-  [_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=no
-   $RM -r conftest 2>/dev/null
-   mkdir conftest
-   cd conftest
-   mkdir out
-   echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
-   lt_compiler_flag="-o out/conftest2.$ac_objext"
-   # Insert the option either (1) after the last *FLAGS variable, or
-   # (2) before a word containing "conftest.", or (3) at the end.
-   # Note that $ac_compile itself does not contain backslashes and begins
-   # with a dollar sign (not a hyphen), so the echo should work correctly.
-   lt_compile=`echo "$ac_compile" | $SED \
-   -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-   -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
-   -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
-   (eval "$lt_compile" 2>out/conftest.err)
-   ac_status=$?
-   cat out/conftest.err >&AS_MESSAGE_LOG_FD
-   echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
-   if (exit $ac_status) && test -s out/conftest2.$ac_objext
-   then
-     # The compiler can only warn and ignore the option if not recognized
-     # So say no if there are warnings
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
-     $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
-     if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
-       _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
-     fi
-   fi
-   chmod u+w . 2>&AS_MESSAGE_LOG_FD
-   $RM conftest*
-   # SGI C++ compiler will create directory out/ii_files/ for
-   # template instantiation
-   test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files
-   $RM out/* && rmdir out
-   cd ..
-   $RM -r conftest
-   $RM conftest*
-])
-_LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1],
-	[Does compiler simultaneously support -c and -o options?])
-])# _LT_COMPILER_C_O
-
-
-# _LT_COMPILER_FILE_LOCKS([TAGNAME])
-# ----------------------------------
-# Check to see if we can do hard links to lock some files if needed
-m4_defun([_LT_COMPILER_FILE_LOCKS],
-[m4_require([_LT_ENABLE_LOCK])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-_LT_COMPILER_C_O([$1])
-
-hard_links="nottested"
-if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != no; then
-  # do not overwrite the value of need_locks provided by the user
-  AC_MSG_CHECKING([if we can lock with hard links])
-  hard_links=yes
-  $RM conftest*
-  ln conftest.a conftest.b 2>/dev/null && hard_links=no
-  touch conftest.a
-  ln conftest.a conftest.b 2>&5 || hard_links=no
-  ln conftest.a conftest.b 2>/dev/null && hard_links=no
-  AC_MSG_RESULT([$hard_links])
-  if test "$hard_links" = no; then
-    AC_MSG_WARN([`$CC' does not support `-c -o', so `make -j' may be unsafe])
-    need_locks=warn
-  fi
-else
-  need_locks=no
-fi
-_LT_DECL([], [need_locks], [1], [Must we lock files when doing compilation?])
-])# _LT_COMPILER_FILE_LOCKS
-
-
-# _LT_CHECK_OBJDIR
-# ----------------
-m4_defun([_LT_CHECK_OBJDIR],
-[AC_CACHE_CHECK([for objdir], [lt_cv_objdir],
-[rm -f .libs 2>/dev/null
-mkdir .libs 2>/dev/null
-if test -d .libs; then
-  lt_cv_objdir=.libs
-else
-  # MS-DOS does not allow filenames that begin with a dot.
-  lt_cv_objdir=_libs
-fi
-rmdir .libs 2>/dev/null])
-objdir=$lt_cv_objdir
-_LT_DECL([], [objdir], [0],
-         [The name of the directory that contains temporary libtool files])dnl
-m4_pattern_allow([LT_OBJDIR])dnl
-AC_DEFINE_UNQUOTED(LT_OBJDIR, "$lt_cv_objdir/",
-  [Define to the sub-directory in which libtool stores uninstalled libraries.])
-])# _LT_CHECK_OBJDIR
-
-
-# _LT_LINKER_HARDCODE_LIBPATH([TAGNAME])
-# --------------------------------------
-# Check hardcoding attributes.
-m4_defun([_LT_LINKER_HARDCODE_LIBPATH],
-[AC_MSG_CHECKING([how to hardcode library paths into programs])
-_LT_TAGVAR(hardcode_action, $1)=
-if test -n "$_LT_TAGVAR(hardcode_libdir_flag_spec, $1)" ||
-   test -n "$_LT_TAGVAR(runpath_var, $1)" ||
-   test "X$_LT_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then
-
-  # We can hardcode non-existent directories.
-  if test "$_LT_TAGVAR(hardcode_direct, $1)" != no &&
-     # If the only mechanism to avoid hardcoding is shlibpath_var, we
-     # have to relink, otherwise we might link with an installed library
-     # when we should be linking with a yet-to-be-installed one
-     ## test "$_LT_TAGVAR(hardcode_shlibpath_var, $1)" != no &&
-     test "$_LT_TAGVAR(hardcode_minus_L, $1)" != no; then
-    # Linking always hardcodes the temporary library directory.
-    _LT_TAGVAR(hardcode_action, $1)=relink
-  else
-    # We can link without hardcoding, and we can hardcode nonexisting dirs.
-    _LT_TAGVAR(hardcode_action, $1)=immediate
-  fi
-else
-  # We cannot hardcode anything, or else we can only hardcode existing
-  # directories.
-  _LT_TAGVAR(hardcode_action, $1)=unsupported
-fi
-AC_MSG_RESULT([$_LT_TAGVAR(hardcode_action, $1)])
-
-if test "$_LT_TAGVAR(hardcode_action, $1)" = relink ||
-   test "$_LT_TAGVAR(inherit_rpath, $1)" = yes; then
-  # Fast installation is not supported
-  enable_fast_install=no
-elif test "$shlibpath_overrides_runpath" = yes ||
-     test "$enable_shared" = no; then
-  # Fast installation is not necessary
-  enable_fast_install=needless
-fi
-_LT_TAGDECL([], [hardcode_action], [0],
-    [How to hardcode a shared library path into an executable])
-])# _LT_LINKER_HARDCODE_LIBPATH
-
-
-# _LT_CMD_STRIPLIB
-# ----------------
-m4_defun([_LT_CMD_STRIPLIB],
-[m4_require([_LT_DECL_EGREP])
-striplib=
-old_striplib=
-AC_MSG_CHECKING([whether stripping libraries is possible])
-if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then
-  test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
-  test -z "$striplib" && striplib="$STRIP --strip-unneeded"
-  AC_MSG_RESULT([yes])
-else
-# FIXME - insert some real tests, host_os isn't really good enough
-  case $host_os in
-  darwin*)
-    if test -n "$STRIP" ; then
-      striplib="$STRIP -x"
-      old_striplib="$STRIP -S"
-      AC_MSG_RESULT([yes])
-    else
-      AC_MSG_RESULT([no])
-    fi
-    ;;
-  *)
-    AC_MSG_RESULT([no])
-    ;;
-  esac
-fi
-_LT_DECL([], [old_striplib], [1], [Commands to strip libraries])
-_LT_DECL([], [striplib], [1])
-])# _LT_CMD_STRIPLIB
-
-
-# _LT_SYS_DYNAMIC_LINKER([TAG])
-# -----------------------------
-# PORTME Fill in your ld.so characteristics
-m4_defun([_LT_SYS_DYNAMIC_LINKER],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-m4_require([_LT_DECL_EGREP])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_DECL_OBJDUMP])dnl
-m4_require([_LT_DECL_SED])dnl
-AC_MSG_CHECKING([dynamic linker characteristics])
-m4_if([$1],
-	[], [
-if test "$GCC" = yes; then
-  case $host_os in
-    darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
-    *) lt_awk_arg="/^libraries:/" ;;
-  esac
-  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-  if $ECHO "$lt_search_path_spec" | $GREP ';' >/dev/null ; then
-    # if the path contains ";" then we assume it to be the separator
-    # otherwise default to the standard path separator (i.e. ":") - it is
-    # assumed that no part of a normal pathname contains ";" but that should
-    # okay in the real world where ";" in dirpaths is itself problematic.
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e 's/;/ /g'`
-  else
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-  fi
-  # Ok, now we have the path, separated by spaces, we can step through it
-  # and add multilib dir if necessary.
-  lt_tmp_lt_search_path_spec=
-  lt_multi_os_dir=`$CC $CPPFLAGS $CFLAGS $LDFLAGS -print-multi-os-directory 2>/dev/null`
-  for lt_sys_path in $lt_search_path_spec; do
-    if test -d "$lt_sys_path/$lt_multi_os_dir"; then
-      lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path/$lt_multi_os_dir"
-    else
-      test -d "$lt_sys_path" && \
-	lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
-    fi
-  done
-  lt_search_path_spec=`$ECHO $lt_tmp_lt_search_path_spec | awk '
-BEGIN {RS=" "; FS="/|\n";} {
-  lt_foo="";
-  lt_count=0;
-  for (lt_i = NF; lt_i > 0; lt_i--) {
-    if ($lt_i != "" && $lt_i != ".") {
-      if ($lt_i == "..") {
-        lt_count++;
-      } else {
-        if (lt_count == 0) {
-          lt_foo="/" $lt_i lt_foo;
-        } else {
-          lt_count--;
-        }
-      }
-    }
-  }
-  if (lt_foo != "") { lt_freq[[lt_foo]]++; }
-  if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
-}'`
-  sys_lib_search_path_spec=`$ECHO $lt_search_path_spec`
-else
-  sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
-fi])
-library_names_spec=
-libname_spec='lib$name'
-soname_spec=
-shrext_cmds=".so"
-postinstall_cmds=
-postuninstall_cmds=
-finish_cmds=
-finish_eval=
-shlibpath_var=
-shlibpath_overrides_runpath=unknown
-version_type=none
-dynamic_linker="$host_os ld.so"
-sys_lib_dlsearch_path_spec="/lib /usr/lib"
-need_lib_prefix=unknown
-hardcode_into_libs=no
-
-# when you set need_version to no, make sure it does not cause -set_version
-# flags to be left without arguments
-need_version=unknown
-
-case $host_os in
-aix3*)
-  version_type=linux
-  library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
-  shlibpath_var=LIBPATH
-
-  # AIX 3 has no versioning support, so we append a major version to the name.
-  soname_spec='${libname}${release}${shared_ext}$major'
-  ;;
-
-aix[[4-9]]*)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  hardcode_into_libs=yes
-  if test "$host_cpu" = ia64; then
-    # AIX 5 supports IA64
-    library_names_spec='${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext}$versuffix $libname${shared_ext}'
-    shlibpath_var=LD_LIBRARY_PATH
-  else
-    # With GCC up to 2.95.x, collect2 would create an import file
-    # for dependence libraries.  The import file would start with
-    # the line `#! .'.  This would cause the generated library to
-    # depend on `.', always an invalid library.  This was fixed in
-    # development snapshots of GCC prior to 3.0.
-    case $host_os in
-      aix4 | aix4.[[01]] | aix4.[[01]].*)
-      if { echo '#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 97)'
-	   echo ' yes '
-	   echo '#endif'; } | ${CC} -E - | $GREP yes > /dev/null; then
-	:
-      else
-	can_build_shared=no
-      fi
-      ;;
-    esac
-    # AIX (on Power*) has no versioning support, so currently we can not hardcode correct
-    # soname into executable. Probably we can add versioning support to
-    # collect2, so additional links can be useful in future.
-    if test "$aix_use_runtimelinking" = yes; then
-      # If using run time linking (on AIX 4.2 or later) use lib<name>.so
-      # instead of lib<name>.a to let people know that these are not
-      # typical AIX shared libraries.
-      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-    else
-      # We preserve .a as extension for shared libraries through AIX4.2
-      # and later when we are not doing run time linking.
-      library_names_spec='${libname}${release}.a $libname.a'
-      soname_spec='${libname}${release}${shared_ext}$major'
-    fi
-    shlibpath_var=LIBPATH
-  fi
-  ;;
-
-amigaos*)
-  case $host_cpu in
-  powerpc)
-    # Since July 2007 AmigaOS4 officially supports .so libraries.
-    # When compiling the executable, add -use-dynld -Lsobjs: to the compileline.
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-    ;;
-  m68k)
-    library_names_spec='$libname.ixlibrary $libname.a'
-    # Create ${libname}_ixlibrary.a entries in /sys/libs.
-    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$ECHO "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
-    ;;
-  esac
-  ;;
-
-beos*)
-  library_names_spec='${libname}${shared_ext}'
-  dynamic_linker="$host_os ld.so"
-  shlibpath_var=LIBRARY_PATH
-  ;;
-
-bsdi[[45]]*)
-  version_type=linux
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
-  shlibpath_var=LD_LIBRARY_PATH
-  sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
-  sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
-  # the default ld.so.conf also contains /usr/contrib/lib and
-  # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
-  # libtool to hard-code these into programs
-  ;;
-
-cygwin* | mingw* | pw32* | cegcc*)
-  version_type=windows
-  shrext_cmds=".dll"
-  need_version=no
-  need_lib_prefix=no
-
-  case $GCC,$host_os in
-  yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*)
-    library_names_spec='$libname.dll.a'
-    # DLL is installed to $(libdir)/../bin by postinstall_cmds
-    postinstall_cmds='base_file=`basename \${file}`~
-      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
-      dldir=$destdir/`dirname \$dlpath`~
-      test -d \$dldir || mkdir -p \$dldir~
-      $install_prog $dir/$dlname \$dldir/$dlname~
-      chmod a+x \$dldir/$dlname~
-      if test -n '\''$stripme'\'' && test -n '\''$striplib'\''; then
-        eval '\''$striplib \$dldir/$dlname'\'' || exit \$?;
-      fi'
-    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
-      dlpath=$dir/\$dldll~
-       $RM \$dlpath'
-    shlibpath_overrides_runpath=yes
-
-    case $host_os in
-    cygwin*)
-      # Cygwin DLLs use 'cyg' prefix rather than 'lib'
-      soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
-      ;;
-    mingw* | cegcc*)
-      # MinGW DLLs use traditional 'lib' prefix
-      soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec=`$CC -print-search-dirs | $GREP "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-      if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
-        # It is most probably a Windows format PATH printed by
-        # mingw gcc, but we are running on Cygwin. Gcc prints its search
-        # path with ; separators, and with drive letters. We can handle the
-        # drive letters (cygwin fileutils understands them), so leave them,
-        # especially as we might pass files found there to a mingw objdump,
-        # which wouldn't understand a cygwinified path. Ahh.
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
-      else
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-      fi
-      ;;
-    pw32*)
-      # pw32 DLLs use 'pw' prefix rather than 'lib'
-      library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
-      ;;
-    esac
-    ;;
-
-  *)
-    library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
-    ;;
-  esac
-  dynamic_linker='Win32 ld.exe'
-  # FIXME: first we should search . and the directory the executable is in
-  shlibpath_var=PATH
-  ;;
-
-darwin* | rhapsody*)
-  dynamic_linker="$host_os dyld"
-  version_type=darwin
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext'
-  soname_spec='${libname}${release}${major}$shared_ext'
-  shlibpath_overrides_runpath=yes
-  shlibpath_var=DYLD_LIBRARY_PATH
-  shrext_cmds='`test .$module = .yes && echo .so || echo .dylib`'
-m4_if([$1], [],[
-  sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/local/lib"])
-  sys_lib_dlsearch_path_spec='/usr/local/lib /lib /usr/lib'
-  ;;
-
-dgux*)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  ;;
-
-freebsd1*)
-  dynamic_linker=no
-  ;;
-
-freebsd* | dragonfly*)
-  # DragonFly does not have aout.  When/if they implement a new
-  # versioning mechanism, adjust this.
-  if test -x /usr/bin/objformat; then
-    objformat=`/usr/bin/objformat`
-  else
-    case $host_os in
-    freebsd[[123]]*) objformat=aout ;;
-    *) objformat=elf ;;
-    esac
-  fi
-  version_type=freebsd-$objformat
-  case $version_type in
-    freebsd-elf*)
-      library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
-      need_version=no
-      need_lib_prefix=no
-      ;;
-    freebsd-*)
-      library_names_spec='${libname}${release}${shared_ext}$versuffix $libname${shared_ext}$versuffix'
-      need_version=yes
-      ;;
-  esac
-  shlibpath_var=LD_LIBRARY_PATH
-  case $host_os in
-  freebsd2*)
-    shlibpath_overrides_runpath=yes
-    ;;
-  freebsd3.[[01]]* | freebsdelf3.[[01]]*)
-    shlibpath_overrides_runpath=yes
-    hardcode_into_libs=yes
-    ;;
-  freebsd3.[[2-9]]* | freebsdelf3.[[2-9]]* | \
-  freebsd4.[[0-5]] | freebsdelf4.[[0-5]] | freebsd4.1.1 | freebsdelf4.1.1)
-    shlibpath_overrides_runpath=no
-    hardcode_into_libs=yes
-    ;;
-  *) # from 4.6 on, and DragonFly
-    shlibpath_overrides_runpath=yes
-    hardcode_into_libs=yes
-    ;;
-  esac
-  ;;
-
-gnu*)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  hardcode_into_libs=yes
-  ;;
-
-hpux9* | hpux10* | hpux11*)
-  # Give a soname corresponding to the major version so that dld.sl refuses to
-  # link against other versions.
-  version_type=sunos
-  need_lib_prefix=no
-  need_version=no
-  case $host_cpu in
-  ia64*)
-    shrext_cmds='.so'
-    hardcode_into_libs=yes
-    dynamic_linker="$host_os dld.so"
-    shlibpath_var=LD_LIBRARY_PATH
-    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-    soname_spec='${libname}${release}${shared_ext}$major'
-    if test "X$HPUX_IA64_MODE" = X32; then
-      sys_lib_search_path_spec="/usr/lib/hpux32 /usr/local/lib/hpux32 /usr/local/lib"
-    else
-      sys_lib_search_path_spec="/usr/lib/hpux64 /usr/local/lib/hpux64"
-    fi
-    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
-    ;;
-  hppa*64*)
-    shrext_cmds='.sl'
-    hardcode_into_libs=yes
-    dynamic_linker="$host_os dld.sl"
-    shlibpath_var=LD_LIBRARY_PATH # How should we handle SHLIB_PATH
-    shlibpath_overrides_runpath=yes # Unless +noenvvar is specified.
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-    soname_spec='${libname}${release}${shared_ext}$major'
-    sys_lib_search_path_spec="/usr/lib/pa20_64 /usr/ccs/lib/pa20_64"
-    sys_lib_dlsearch_path_spec=$sys_lib_search_path_spec
-    ;;
-  *)
-    shrext_cmds='.sl'
-    dynamic_linker="$host_os dld.sl"
-    shlibpath_var=SHLIB_PATH
-    shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-    soname_spec='${libname}${release}${shared_ext}$major'
-    ;;
-  esac
-  # HP-UX runs *really* slowly unless shared libraries are mode 555.
-  postinstall_cmds='chmod 555 $lib'
-  ;;
-
-interix[[3-9]]*)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  dynamic_linker='Interix 3.x ld.so.1 (PE, like ELF)'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  hardcode_into_libs=yes
-  ;;
-
-irix5* | irix6* | nonstopux*)
-  case $host_os in
-    nonstopux*) version_type=nonstopux ;;
-    *)
-	if test "$lt_cv_prog_gnu_ld" = yes; then
-		version_type=linux
-	else
-		version_type=irix
-	fi ;;
-  esac
-  need_lib_prefix=no
-  need_version=no
-  soname_spec='${libname}${release}${shared_ext}$major'
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${release}${shared_ext} $libname${shared_ext}'
-  case $host_os in
-  irix5* | nonstopux*)
-    libsuff= shlibsuff=
-    ;;
-  *)
-    case $LD in # libtool.m4 will add one of these switches to LD
-    *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ")
-      libsuff= shlibsuff= libmagic=32-bit;;
-    *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ")
-      libsuff=32 shlibsuff=N32 libmagic=N32;;
-    *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ")
-      libsuff=64 shlibsuff=64 libmagic=64-bit;;
-    *) libsuff= shlibsuff= libmagic=never-match;;
-    esac
-    ;;
-  esac
-  shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
-  shlibpath_overrides_runpath=no
-  sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
-  sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
-  hardcode_into_libs=yes
-  ;;
-
-# No shared lib support for Linux oldld, aout, or coff.
-linux*oldld* | linux*aout* | linux*coff*)
-  dynamic_linker=no
-  ;;
-
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  # Some binutils ld are patched to set DT_RUNPATH
-  save_LDFLAGS=$LDFLAGS
-  save_libdir=$libdir
-  eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
-       LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
-  AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
-    [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
-       [shlibpath_overrides_runpath=yes])])
-  LDFLAGS=$save_LDFLAGS
-  libdir=$save_libdir
-
-  # This implies no fast_install, which is unacceptable.
-  # Some rework will be needed to allow for fast_install
-  # before this can be enabled.
-  hardcode_into_libs=yes
-
-  # Append ld.so.conf contents to the search path
-  if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
-    sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
-  fi
-
-  # We used to test for /lib/ld.so.1 and disable shared libraries on
-  # powerpc, because MkLinux only supported shared libraries with the
-  # GNU dynamic linker.  Since this was broken with cross compilers,
-  # most powerpc-linux boxes support dynamic linking these days and
-  # people can always --disable-shared, the test was removed, and we
-  # assume the GNU/Linux dynamic linker is in use.
-  dynamic_linker='GNU/Linux ld.so'
-  ;;
-
-netbsdelf*-gnu)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  hardcode_into_libs=yes
-  dynamic_linker='NetBSD ld.elf_so'
-  ;;
-
-netbsd*)
-  version_type=sunos
-  need_lib_prefix=no
-  need_version=no
-  if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
-    finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
-    dynamic_linker='NetBSD (a.out) ld.so'
-  else
-    library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
-    soname_spec='${libname}${release}${shared_ext}$major'
-    dynamic_linker='NetBSD ld.elf_so'
-  fi
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=yes
-  hardcode_into_libs=yes
-  ;;
-
-newsos6)
-  version_type=linux
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=yes
-  ;;
-
-*nto* | *qnx*)
-  version_type=qnx
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  hardcode_into_libs=yes
-  dynamic_linker='ldqnx.so'
-  ;;
-
-openbsd*)
-  version_type=sunos
-  sys_lib_dlsearch_path_spec="/usr/lib"
-  need_lib_prefix=no
-  # Some older versions of OpenBSD (3.3 at least) *do* need versioned libs.
-  case $host_os in
-    openbsd3.3 | openbsd3.3.*)	need_version=yes ;;
-    *)				need_version=no  ;;
-  esac
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
-  finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
-  shlibpath_var=LD_LIBRARY_PATH
-  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
-    case $host_os in
-      openbsd2.[[89]] | openbsd2.[[89]].*)
-	shlibpath_overrides_runpath=no
-	;;
-      *)
-	shlibpath_overrides_runpath=yes
-	;;
-      esac
-  else
-    shlibpath_overrides_runpath=yes
-  fi
-  ;;
-
-os2*)
-  libname_spec='$name'
-  shrext_cmds=".dll"
-  need_lib_prefix=no
-  library_names_spec='$libname${shared_ext} $libname.a'
-  dynamic_linker='OS/2 ld.exe'
-  shlibpath_var=LIBPATH
-  ;;
-
-osf3* | osf4* | osf5*)
-  version_type=osf
-  need_lib_prefix=no
-  need_version=no
-  soname_spec='${libname}${release}${shared_ext}$major'
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  shlibpath_var=LD_LIBRARY_PATH
-  sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
-  sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
-  ;;
-
-rdos*)
-  dynamic_linker=no
-  ;;
-
-solaris*)
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=yes
-  hardcode_into_libs=yes
-  # ldd complains unless libraries are executable
-  postinstall_cmds='chmod +x $lib'
-  ;;
-
-sunos4*)
-  version_type=sunos
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${shared_ext}$versuffix'
-  finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=yes
-  if test "$with_gnu_ld" = yes; then
-    need_lib_prefix=no
-  fi
-  need_version=yes
-  ;;
-
-sysv4 | sysv4.3*)
-  version_type=linux
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  case $host_vendor in
-    sni)
-      shlibpath_overrides_runpath=no
-      need_lib_prefix=no
-      runpath_var=LD_RUN_PATH
-      ;;
-    siemens)
-      need_lib_prefix=no
-      ;;
-    motorola)
-      need_lib_prefix=no
-      need_version=no
-      shlibpath_overrides_runpath=no
-      sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
-      ;;
-  esac
-  ;;
-
-sysv4*MP*)
-  if test -d /usr/nec ;then
-    version_type=linux
-    library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
-    soname_spec='$libname${shared_ext}.$major'
-    shlibpath_var=LD_LIBRARY_PATH
-  fi
-  ;;
-
-sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
-  version_type=freebsd-elf
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext} $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=yes
-  hardcode_into_libs=yes
-  if test "$with_gnu_ld" = yes; then
-    sys_lib_search_path_spec='/usr/local/lib /usr/gnu/lib /usr/ccs/lib /usr/lib /lib'
-  else
-    sys_lib_search_path_spec='/usr/ccs/lib /usr/lib'
-    case $host_os in
-      sco3.2v5*)
-        sys_lib_search_path_spec="$sys_lib_search_path_spec /lib"
-	;;
-    esac
-  fi
-  sys_lib_dlsearch_path_spec='/usr/lib'
-  ;;
-
-tpf*)
-  # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
-  version_type=linux
-  need_lib_prefix=no
-  need_version=no
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  shlibpath_var=LD_LIBRARY_PATH
-  shlibpath_overrides_runpath=no
-  hardcode_into_libs=yes
-  ;;
-
-uts4*)
-  version_type=linux
-  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
-  soname_spec='${libname}${release}${shared_ext}$major'
-  shlibpath_var=LD_LIBRARY_PATH
-  ;;
-
-*)
-  dynamic_linker=no
-  ;;
-esac
-AC_MSG_RESULT([$dynamic_linker])
-test "$dynamic_linker" = no && can_build_shared=no
-
-variables_saved_for_relink="PATH $shlibpath_var $runpath_var"
-if test "$GCC" = yes; then
-  variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH"
-fi
-
-if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then
-  sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec"
-fi
-if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then
-  sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec"
-fi
-
-_LT_DECL([], [variables_saved_for_relink], [1],
-    [Variables whose values should be saved in libtool wrapper scripts and
-    restored at link time])
-_LT_DECL([], [need_lib_prefix], [0],
-    [Do we need the "lib" prefix for modules?])
-_LT_DECL([], [need_version], [0], [Do we need a version for libraries?])
-_LT_DECL([], [version_type], [0], [Library versioning type])
-_LT_DECL([], [runpath_var], [0],  [Shared library runtime path variable])
-_LT_DECL([], [shlibpath_var], [0],[Shared library path variable])
-_LT_DECL([], [shlibpath_overrides_runpath], [0],
-    [Is shlibpath searched before the hard-coded library search path?])
-_LT_DECL([], [libname_spec], [1], [Format of library name prefix])
-_LT_DECL([], [library_names_spec], [1],
-    [[List of archive names.  First name is the real one, the rest are links.
-    The last name is the one that the linker finds with -lNAME]])
-_LT_DECL([], [soname_spec], [1],
-    [[The coded name of the library, if different from the real name]])
-_LT_DECL([], [postinstall_cmds], [2],
-    [Command to use after installation of a shared archive])
-_LT_DECL([], [postuninstall_cmds], [2],
-    [Command to use after uninstallation of a shared archive])
-_LT_DECL([], [finish_cmds], [2],
-    [Commands used to finish a libtool library installation in a directory])
-_LT_DECL([], [finish_eval], [1],
-    [[As "finish_cmds", except a single script fragment to be evaled but
-    not shown]])
-_LT_DECL([], [hardcode_into_libs], [0],
-    [Whether we should hardcode library paths into libraries])
-_LT_DECL([], [sys_lib_search_path_spec], [2],
-    [Compile-time system search path for libraries])
-_LT_DECL([], [sys_lib_dlsearch_path_spec], [2],
-    [Run-time system search path for libraries])
-])# _LT_SYS_DYNAMIC_LINKER
-
-
-# _LT_PATH_TOOL_PREFIX(TOOL)
-# --------------------------
-# find a file program which can recognize shared library
-AC_DEFUN([_LT_PATH_TOOL_PREFIX],
-[m4_require([_LT_DECL_EGREP])dnl
-AC_MSG_CHECKING([for $1])
-AC_CACHE_VAL(lt_cv_path_MAGIC_CMD,
-[case $MAGIC_CMD in
-[[\\/*] |  ?:[\\/]*])
-  lt_cv_path_MAGIC_CMD="$MAGIC_CMD" # Let the user override the test with a path.
-  ;;
-*)
-  lt_save_MAGIC_CMD="$MAGIC_CMD"
-  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-dnl $ac_dummy forces splitting on constant user-supplied paths.
-dnl POSIX.2 word splitting is done only on the output of word expansions,
-dnl not every word.  This closes a longstanding sh security hole.
-  ac_dummy="m4_if([$2], , $PATH, [$2])"
-  for ac_dir in $ac_dummy; do
-    IFS="$lt_save_ifs"
-    test -z "$ac_dir" && ac_dir=.
-    if test -f $ac_dir/$1; then
-      lt_cv_path_MAGIC_CMD="$ac_dir/$1"
-      if test -n "$file_magic_test_file"; then
-	case $deplibs_check_method in
-	"file_magic "*)
-	  file_magic_regex=`expr "$deplibs_check_method" : "file_magic \(.*\)"`
-	  MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
-	  if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
-	    $EGREP "$file_magic_regex" > /dev/null; then
-	    :
-	  else
-	    cat <<_LT_EOF 1>&2
-
-*** Warning: the command libtool uses to detect shared libraries,
-*** $file_magic_cmd, produces output that libtool cannot recognize.
-*** The result is that libtool may fail to recognize shared libraries
-*** as such.  This will affect the creation of libtool libraries that
-*** depend on shared libraries, but programs linked with such libtool
-*** libraries will work regardless of this problem.  Nevertheless, you
-*** may want to report the problem to your system manager and/or to
-*** bug-libtool@gnu.org
-
-_LT_EOF
-	  fi ;;
-	esac
-      fi
-      break
-    fi
-  done
-  IFS="$lt_save_ifs"
-  MAGIC_CMD="$lt_save_MAGIC_CMD"
-  ;;
-esac])
-MAGIC_CMD="$lt_cv_path_MAGIC_CMD"
-if test -n "$MAGIC_CMD"; then
-  AC_MSG_RESULT($MAGIC_CMD)
-else
-  AC_MSG_RESULT(no)
-fi
-_LT_DECL([], [MAGIC_CMD], [0],
-	 [Used to examine libraries when file_magic_cmd begins with "file"])dnl
-])# _LT_PATH_TOOL_PREFIX
-
-# Old name:
-AU_ALIAS([AC_PATH_TOOL_PREFIX], [_LT_PATH_TOOL_PREFIX])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_PATH_TOOL_PREFIX], [])
-
-
-# _LT_PATH_MAGIC
-# --------------
-# find a file program which can recognize a shared library
-m4_defun([_LT_PATH_MAGIC],
-[_LT_PATH_TOOL_PREFIX(${ac_tool_prefix}file, /usr/bin$PATH_SEPARATOR$PATH)
-if test -z "$lt_cv_path_MAGIC_CMD"; then
-  if test -n "$ac_tool_prefix"; then
-    _LT_PATH_TOOL_PREFIX(file, /usr/bin$PATH_SEPARATOR$PATH)
-  else
-    MAGIC_CMD=:
-  fi
-fi
-])# _LT_PATH_MAGIC
-
-
-# LT_PATH_LD
-# ----------
-# find the pathname to the GNU or non-GNU linker
-AC_DEFUN([LT_PATH_LD],
-[AC_REQUIRE([AC_PROG_CC])dnl
-AC_REQUIRE([AC_CANONICAL_HOST])dnl
-AC_REQUIRE([AC_CANONICAL_BUILD])dnl
-m4_require([_LT_DECL_SED])dnl
-m4_require([_LT_DECL_EGREP])dnl
-
-AC_ARG_WITH([gnu-ld],
-    [AS_HELP_STRING([--with-gnu-ld],
-	[assume the C compiler uses GNU ld @<:@default=no@:>@])],
-    [test "$withval" = no || with_gnu_ld=yes],
-    [with_gnu_ld=no])dnl
-
-ac_prog=ld
-if test "$GCC" = yes; then
-  # Check if gcc -print-prog-name=ld gives a path.
-  AC_MSG_CHECKING([for ld used by $CC])
-  case $host in
-  *-*-mingw*)
-    # gcc leaves a trailing carriage return which upsets mingw
-    ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;;
-  *)
-    ac_prog=`($CC -print-prog-name=ld) 2>&5` ;;
-  esac
-  case $ac_prog in
-    # Accept absolute paths.
-    [[\\/]]* | ?:[[\\/]]*)
-      re_direlt='/[[^/]][[^/]]*/\.\./'
-      # Canonicalize the pathname of ld
-      ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'`
-      while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do
-	ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"`
-      done
-      test -z "$LD" && LD="$ac_prog"
-      ;;
-  "")
-    # If it fails, then pretend we aren't using GCC.
-    ac_prog=ld
-    ;;
-  *)
-    # If it is relative, then search for the first ld in PATH.
-    with_gnu_ld=unknown
-    ;;
-  esac
-elif test "$with_gnu_ld" = yes; then
-  AC_MSG_CHECKING([for GNU ld])
-else
-  AC_MSG_CHECKING([for non-GNU ld])
-fi
-AC_CACHE_VAL(lt_cv_path_LD,
-[if test -z "$LD"; then
-  lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-  for ac_dir in $PATH; do
-    IFS="$lt_save_ifs"
-    test -z "$ac_dir" && ac_dir=.
-    if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
-      lt_cv_path_LD="$ac_dir/$ac_prog"
-      # Check to see if the program is GNU ld.  I'd rather use --version,
-      # but apparently some variants of GNU ld only accept -v.
-      # Break only if it was the GNU/non-GNU ld that we prefer.
-      case `"$lt_cv_path_LD" -v 2>&1 </dev/null` in
-      *GNU* | *'with BFD'*)
-	test "$with_gnu_ld" != no && break
-	;;
-      *)
-	test "$with_gnu_ld" != yes && break
-	;;
-      esac
-    fi
-  done
-  IFS="$lt_save_ifs"
-else
-  lt_cv_path_LD="$LD" # Let the user override the test with a path.
-fi])
-LD="$lt_cv_path_LD"
-if test -n "$LD"; then
-  AC_MSG_RESULT($LD)
-else
-  AC_MSG_RESULT(no)
-fi
-test -z "$LD" && AC_MSG_ERROR([no acceptable ld found in \$PATH])
-_LT_PATH_LD_GNU
-AC_SUBST([LD])
-
-_LT_TAGDECL([], [LD], [1], [The linker used to build libraries])
-])# LT_PATH_LD
-
-# Old names:
-AU_ALIAS([AM_PROG_LD], [LT_PATH_LD])
-AU_ALIAS([AC_PROG_LD], [LT_PATH_LD])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AM_PROG_LD], [])
-dnl AC_DEFUN([AC_PROG_LD], [])
-
-
-# _LT_PATH_LD_GNU
-#- --------------
-m4_defun([_LT_PATH_LD_GNU],
-[AC_CACHE_CHECK([if the linker ($LD) is GNU ld], lt_cv_prog_gnu_ld,
-[# I'd rather use --version here, but apparently some GNU lds only accept -v.
-case `$LD -v 2>&1 </dev/null` in
-*GNU* | *'with BFD'*)
-  lt_cv_prog_gnu_ld=yes
-  ;;
-*)
-  lt_cv_prog_gnu_ld=no
-  ;;
-esac])
-with_gnu_ld=$lt_cv_prog_gnu_ld
-])# _LT_PATH_LD_GNU
-
-
-# _LT_CMD_RELOAD
-# --------------
-# find reload flag for linker
-#   -- PORTME Some linkers may need a different reload flag.
-m4_defun([_LT_CMD_RELOAD],
-[AC_CACHE_CHECK([for $LD option to reload object files],
-  lt_cv_ld_reload_flag,
-  [lt_cv_ld_reload_flag='-r'])
-reload_flag=$lt_cv_ld_reload_flag
-case $reload_flag in
-"" | " "*) ;;
-*) reload_flag=" $reload_flag" ;;
-esac
-reload_cmds='$LD$reload_flag -o $output$reload_objs'
-case $host_os in
-  darwin*)
-    if test "$GCC" = yes; then
-      reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
-    else
-      reload_cmds='$LD$reload_flag -o $output$reload_objs'
-    fi
-    ;;
-esac
-_LT_DECL([], [reload_flag], [1], [How to create reloadable object files])dnl
-_LT_DECL([], [reload_cmds], [2])dnl
-])# _LT_CMD_RELOAD
-
-
-# _LT_CHECK_MAGIC_METHOD
-# ----------------------
-# how to check for library dependencies
-#  -- PORTME fill in with the dynamic library characteristics
-m4_defun([_LT_CHECK_MAGIC_METHOD],
-[m4_require([_LT_DECL_EGREP])
-m4_require([_LT_DECL_OBJDUMP])
-AC_CACHE_CHECK([how to recognize dependent libraries],
-lt_cv_deplibs_check_method,
-[lt_cv_file_magic_cmd='$MAGIC_CMD'
-lt_cv_file_magic_test_file=
-lt_cv_deplibs_check_method='unknown'
-# Need to set the preceding variable on all platforms that support
-# interlibrary dependencies.
-# 'none' -- dependencies not supported.
-# `unknown' -- same as none, but documents that we really don't know.
-# 'pass_all' -- all dependencies passed with no checks.
-# 'test_compile' -- check by making test program.
-# 'file_magic [[regex]]' -- check by looking for files in library path
-# which responds to the $file_magic_cmd with a given extended regex.
-# If you have `file' or equivalent on your system and you're not sure
-# whether `pass_all' will *always* work, you probably want this one.
-
-case $host_os in
-aix[[4-9]]*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-beos*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-bsdi[[45]]*)
-  lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib)'
-  lt_cv_file_magic_cmd='/usr/bin/file -L'
-  lt_cv_file_magic_test_file=/shlib/libc.so
-  ;;
-
-cygwin*)
-  # func_win32_libid is a shell function defined in ltmain.sh
-  lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
-  lt_cv_file_magic_cmd='func_win32_libid'
-  ;;
-
-mingw* | pw32*)
-  # Base MSYS/MinGW do not provide the 'file' command needed by
-  # func_win32_libid shell function, so use a weaker test based on 'objdump',
-  # unless we find 'file', for example because we are cross-compiling.
-  if ( file / ) >/dev/null 2>&1; then
-    lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
-    lt_cv_file_magic_cmd='func_win32_libid'
-  else
-    lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
-    lt_cv_file_magic_cmd='$OBJDUMP -f'
-  fi
-  ;;
-
-cegcc)
-  # use the weaker test based on 'objdump'. See mingw*.
-  lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
-  lt_cv_file_magic_cmd='$OBJDUMP -f'
-  ;;
-
-darwin* | rhapsody*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-freebsd* | dragonfly*)
-  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
-    case $host_cpu in
-    i*86 )
-      # Not sure whether the presence of OpenBSD here was a mistake.
-      # Let's accept both of them until this is cleared up.
-      lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[[3-9]]86 (compact )?demand paged shared library'
-      lt_cv_file_magic_cmd=/usr/bin/file
-      lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*`
-      ;;
-    esac
-  else
-    lt_cv_deplibs_check_method=pass_all
-  fi
-  ;;
-
-gnu*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-hpux10.20* | hpux11*)
-  lt_cv_file_magic_cmd=/usr/bin/file
-  case $host_cpu in
-  ia64*)
-    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|ELF-[[0-9]][[0-9]]) shared object file - IA64'
-    lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
-    ;;
-  hppa*64*)
-    [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
-    lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
-    ;;
-  *)
-    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
-    lt_cv_file_magic_test_file=/usr/lib/libc.sl
-    ;;
-  esac
-  ;;
-
-interix[[3-9]]*)
-  # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here
-  lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|\.a)$'
-  ;;
-
-irix5* | irix6* | nonstopux*)
-  case $LD in
-  *-32|*"-32 ") libmagic=32-bit;;
-  *-n32|*"-n32 ") libmagic=N32;;
-  *-64|*"-64 ") libmagic=64-bit;;
-  *) libmagic=never-match;;
-  esac
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-netbsd* | netbsdelf*-gnu)
-  if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
-    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
-  else
-    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so|_pic\.a)$'
-  fi
-  ;;
-
-newos6*)
-  lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (executable|dynamic lib)'
-  lt_cv_file_magic_cmd=/usr/bin/file
-  lt_cv_file_magic_test_file=/usr/lib/libnls.so
-  ;;
-
-*nto* | *qnx*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-openbsd*)
-  if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
-    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|\.so|_pic\.a)$'
-  else
-    lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
-  fi
-  ;;
-
-osf3* | osf4* | osf5*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-rdos*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-solaris*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-
-sysv4 | sysv4.3*)
-  case $host_vendor in
-  motorola)
-    lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[ML]]SB (shared object|dynamic lib) M[[0-9]][[0-9]]* Version [[0-9]]'
-    lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*`
-    ;;
-  ncr)
-    lt_cv_deplibs_check_method=pass_all
-    ;;
-  sequent)
-    lt_cv_file_magic_cmd='/bin/file'
-    lt_cv_deplibs_check_method='file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB (shared object|dynamic lib )'
-    ;;
-  sni)
-    lt_cv_file_magic_cmd='/bin/file'
-    lt_cv_deplibs_check_method="file_magic ELF [[0-9]][[0-9]]*-bit [[LM]]SB dynamic lib"
-    lt_cv_file_magic_test_file=/lib/libc.so
-    ;;
-  siemens)
-    lt_cv_deplibs_check_method=pass_all
-    ;;
-  pc)
-    lt_cv_deplibs_check_method=pass_all
-    ;;
-  esac
-  ;;
-
-tpf*)
-  lt_cv_deplibs_check_method=pass_all
-  ;;
-esac
-])
-file_magic_cmd=$lt_cv_file_magic_cmd
-deplibs_check_method=$lt_cv_deplibs_check_method
-test -z "$deplibs_check_method" && deplibs_check_method=unknown
-
-_LT_DECL([], [deplibs_check_method], [1],
-    [Method to check whether dependent libraries are shared objects])
-_LT_DECL([], [file_magic_cmd], [1],
-    [Command to use when deplibs_check_method == "file_magic"])
-])# _LT_CHECK_MAGIC_METHOD
-
-
-# LT_PATH_NM
-# ----------
-# find the pathname to a BSD- or MS-compatible name lister
-AC_DEFUN([LT_PATH_NM],
-[AC_REQUIRE([AC_PROG_CC])dnl
-AC_CACHE_CHECK([for BSD- or MS-compatible name lister (nm)], lt_cv_path_NM,
-[if test -n "$NM"; then
-  # Let the user override the test.
-  lt_cv_path_NM="$NM"
-else
-  lt_nm_to_check="${ac_tool_prefix}nm"
-  if test -n "$ac_tool_prefix" && test "$build" = "$host"; then
-    lt_nm_to_check="$lt_nm_to_check nm"
-  fi
-  for lt_tmp_nm in $lt_nm_to_check; do
-    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-    for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do
-      IFS="$lt_save_ifs"
-      test -z "$ac_dir" && ac_dir=.
-      tmp_nm="$ac_dir/$lt_tmp_nm"
-      if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then
-	# Check to see if the nm accepts a BSD-compat flag.
-	# Adding the `sed 1q' prevents false positives on HP-UX, which says:
-	#   nm: unknown option "B" ignored
-	# Tru64's nm complains that /dev/null is an invalid object file
-	case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in
-	*/dev/null* | *'Invalid file or object type'*)
-	  lt_cv_path_NM="$tmp_nm -B"
-	  break
-	  ;;
-	*)
-	  case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in
-	  */dev/null*)
-	    lt_cv_path_NM="$tmp_nm -p"
-	    break
-	    ;;
-	  *)
-	    lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but
-	    continue # so that we can try to find one that supports BSD flags
-	    ;;
-	  esac
-	  ;;
-	esac
-      fi
-    done
-    IFS="$lt_save_ifs"
-  done
-  : ${lt_cv_path_NM=no}
-fi])
-if test "$lt_cv_path_NM" != "no"; then
-  NM="$lt_cv_path_NM"
-else
-  # Didn't find any BSD compatible name lister, look for dumpbin.
-  AC_CHECK_TOOLS(DUMPBIN, ["dumpbin -symbols" "link -dump -symbols"], :)
-  AC_SUBST([DUMPBIN])
-  if test "$DUMPBIN" != ":"; then
-    NM="$DUMPBIN"
-  fi
-fi
-test -z "$NM" && NM=nm
-AC_SUBST([NM])
-_LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl
-
-AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
-  [lt_cv_nm_interface="BSD nm"
-  echo "int some_variable = 0;" > conftest.$ac_ext
-  (eval echo "\"\$as_me:__oline__: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
-  (eval "$ac_compile" 2>conftest.err)
-  cat conftest.err >&AS_MESSAGE_LOG_FD
-  (eval echo "\"\$as_me:__oline__: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
-  (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
-  cat conftest.err >&AS_MESSAGE_LOG_FD
-  (eval echo "\"\$as_me:__oline__: output\"" >&AS_MESSAGE_LOG_FD)
-  cat conftest.out >&AS_MESSAGE_LOG_FD
-  if $GREP 'External.*some_variable' conftest.out > /dev/null; then
-    lt_cv_nm_interface="MS dumpbin"
-  fi
-  rm -f conftest*])
-])# LT_PATH_NM
-
-# Old names:
-AU_ALIAS([AM_PROG_NM], [LT_PATH_NM])
-AU_ALIAS([AC_PROG_NM], [LT_PATH_NM])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AM_PROG_NM], [])
-dnl AC_DEFUN([AC_PROG_NM], [])
-
-
-# LT_LIB_M
-# --------
-# check for math library
-AC_DEFUN([LT_LIB_M],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-LIBM=
-case $host in
-*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
-  # These system don't have libm, or don't need it
-  ;;
-*-ncr-sysv4.3*)
-  AC_CHECK_LIB(mw, _mwvalidcheckl, LIBM="-lmw")
-  AC_CHECK_LIB(m, cos, LIBM="$LIBM -lm")
-  ;;
-*)
-  AC_CHECK_LIB(m, cos, LIBM="-lm")
-  ;;
-esac
-AC_SUBST([LIBM])
-])# LT_LIB_M
-
-# Old name:
-AU_ALIAS([AC_CHECK_LIBM], [LT_LIB_M])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_CHECK_LIBM], [])
-
-
-# _LT_COMPILER_NO_RTTI([TAGNAME])
-# -------------------------------
-m4_defun([_LT_COMPILER_NO_RTTI],
-[m4_require([_LT_TAG_COMPILER])dnl
-
-_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
-
-if test "$GCC" = yes; then
-  _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
-
-  _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
-    lt_cv_prog_compiler_rtti_exceptions,
-    [-fno-rtti -fno-exceptions], [],
-    [_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)="$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1) -fno-rtti -fno-exceptions"])
-fi
-_LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1],
-	[Compiler flag to turn off builtin functions])
-])# _LT_COMPILER_NO_RTTI
-
-
-# _LT_CMD_GLOBAL_SYMBOLS
-# ----------------------
-m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-AC_REQUIRE([AC_PROG_CC])dnl
-AC_REQUIRE([LT_PATH_NM])dnl
-AC_REQUIRE([LT_PATH_LD])dnl
-m4_require([_LT_DECL_SED])dnl
-m4_require([_LT_DECL_EGREP])dnl
-m4_require([_LT_TAG_COMPILER])dnl
-
-# Check for command to grab the raw symbol name followed by C symbol from nm.
-AC_MSG_CHECKING([command to parse $NM output from $compiler object])
-AC_CACHE_VAL([lt_cv_sys_global_symbol_pipe],
-[
-# These are sane defaults that work on at least a few old systems.
-# [They come from Ultrix.  What could be older than Ultrix?!! ;)]
-
-# Character class describing NM global symbol codes.
-symcode='[[BCDEGRST]]'
-
-# Regexp to match symbols that can be accessed directly from C.
-sympat='\([[_A-Za-z]][[_A-Za-z0-9]]*\)'
-
-# Define system-specific variables.
-case $host_os in
-aix*)
-  symcode='[[BCDT]]'
-  ;;
-cygwin* | mingw* | pw32* | cegcc*)
-  symcode='[[ABCDGISTW]]'
-  ;;
-hpux*)
-  if test "$host_cpu" = ia64; then
-    symcode='[[ABCDEGRST]]'
-  fi
-  ;;
-irix* | nonstopux*)
-  symcode='[[BCDEGRST]]'
-  ;;
-osf*)
-  symcode='[[BCDEGQRST]]'
-  ;;
-solaris*)
-  symcode='[[BDRT]]'
-  ;;
-sco3.2v5*)
-  symcode='[[DT]]'
-  ;;
-sysv4.2uw2*)
-  symcode='[[DT]]'
-  ;;
-sysv5* | sco5v6* | unixware* | OpenUNIX*)
-  symcode='[[ABDT]]'
-  ;;
-sysv4)
-  symcode='[[DFNSTU]]'
-  ;;
-esac
-
-# If we're using GNU nm, then use its standard symbol codes.
-case `$NM -V 2>&1` in
-*GNU* | *'with BFD'*)
-  symcode='[[ABCDGIRSTW]]' ;;
-esac
-
-# Transform an extracted symbol line into a proper C declaration.
-# Some systems (esp. on ia64) link data and code symbols differently,
-# so use this general approach.
-lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
-
-# Transform an extracted symbol line into symbol name and symbol address
-lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p'"
-lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
-
-# Handle CRLF in mingw tool chain
-opt_cr=
-case $build_os in
-mingw*)
-  opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp
-  ;;
-esac
-
-# Try without a prefix underscore, then with it.
-for ac_symprfx in "" "_"; do
-
-  # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol.
-  symxfrm="\\1 $ac_symprfx\\2 \\2"
-
-  # Write the raw and C identifiers.
-  if test "$lt_cv_nm_interface" = "MS dumpbin"; then
-    # Fake it for dumpbin and say T for any non-static function
-    # and D for any global variable.
-    # Also find C++ and __fastcall symbols from MSVC++,
-    # which start with @ or ?.
-    lt_cv_sys_global_symbol_pipe="$AWK ['"\
-"     {last_section=section; section=\$ 3};"\
-"     /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
-"     \$ 0!~/External *\|/{next};"\
-"     / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
-"     {if(hide[section]) next};"\
-"     {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\
-"     {split(\$ 0, a, /\||\r/); split(a[2], s)};"\
-"     s[1]~/^[@?]/{print s[1], s[1]; next};"\
-"     s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\
-"     ' prfx=^$ac_symprfx]"
-  else
-    lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[	 ]]\($symcode$symcode*\)[[	 ]][[	 ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
-  fi
-
-  # Check to see that the pipe works correctly.
-  pipe_works=no
-
-  rm -f conftest*
-  cat > conftest.$ac_ext <<_LT_EOF
-#ifdef __cplusplus
-extern "C" {
-#endif
-char nm_test_var;
-void nm_test_func(void);
-void nm_test_func(void){}
-#ifdef __cplusplus
-}
-#endif
-int main(){nm_test_var='a';nm_test_func();return(0);}
-_LT_EOF
-
-  if AC_TRY_EVAL(ac_compile); then
-    # Now try to grab the symbols.
-    nlist=conftest.nm
-    if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
-      # Try sorting and uniquifying the output.
-      if sort "$nlist" | uniq > "$nlist"T; then
-	mv -f "$nlist"T "$nlist"
-      else
-	rm -f "$nlist"T
-      fi
-
-      # Make sure that we snagged all the symbols we need.
-      if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
-	if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
-	  cat <<_LT_EOF > conftest.$ac_ext
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-_LT_EOF
-	  # Now generate the symbol file.
-	  eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext'
-
-	  cat <<_LT_EOF >> conftest.$ac_ext
-
-/* The mapping between symbol names and symbols.  */
-const struct {
-  const char *name;
-  void       *address;
-}
-lt__PROGRAM__LTX_preloaded_symbols[[]] =
-{
-  { "@PROGRAM@", (void *) 0 },
-_LT_EOF
-	  $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/  {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext
-	  cat <<\_LT_EOF >> conftest.$ac_ext
-  {0, (void *) 0}
-};
-
-/* This works around a problem in FreeBSD linker */
-#ifdef FREEBSD_WORKAROUND
-static const void *lt_preloaded_setup() {
-  return lt__PROGRAM__LTX_preloaded_symbols;
-}
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-_LT_EOF
-	  # Now try linking the two files.
-	  mv conftest.$ac_objext conftstm.$ac_objext
-	  lt_save_LIBS="$LIBS"
-	  lt_save_CFLAGS="$CFLAGS"
-	  LIBS="conftstm.$ac_objext"
-	  CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
-	  if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
-	    pipe_works=yes
-	  fi
-	  LIBS="$lt_save_LIBS"
-	  CFLAGS="$lt_save_CFLAGS"
-	else
-	  echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
-	fi
-      else
-	echo "cannot find nm_test_var in $nlist" >&AS_MESSAGE_LOG_FD
-      fi
-    else
-      echo "cannot run $lt_cv_sys_global_symbol_pipe" >&AS_MESSAGE_LOG_FD
-    fi
-  else
-    echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD
-    cat conftest.$ac_ext >&5
-  fi
-  rm -rf conftest* conftst*
-
-  # Do not use the global_symbol_pipe unless it works.
-  if test "$pipe_works" = yes; then
-    break
-  else
-    lt_cv_sys_global_symbol_pipe=
-  fi
-done
-])
-if test -z "$lt_cv_sys_global_symbol_pipe"; then
-  lt_cv_sys_global_symbol_to_cdecl=
-fi
-if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then
-  AC_MSG_RESULT(failed)
-else
-  AC_MSG_RESULT(ok)
-fi
-
-_LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1],
-    [Take the output of nm and produce a listing of raw symbols and C names])
-_LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1],
-    [Transform the output of nm in a proper C declaration])
-_LT_DECL([global_symbol_to_c_name_address],
-    [lt_cv_sys_global_symbol_to_c_name_address], [1],
-    [Transform the output of nm in a C name address pair])
-_LT_DECL([global_symbol_to_c_name_address_lib_prefix],
-    [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1],
-    [Transform the output of nm in a C name address pair when lib prefix is needed])
-]) # _LT_CMD_GLOBAL_SYMBOLS
-
-
-# _LT_COMPILER_PIC([TAGNAME])
-# ---------------------------
-m4_defun([_LT_COMPILER_PIC],
-[m4_require([_LT_TAG_COMPILER])dnl
-_LT_TAGVAR(lt_prog_compiler_wl, $1)=
-_LT_TAGVAR(lt_prog_compiler_pic, $1)=
-_LT_TAGVAR(lt_prog_compiler_static, $1)=
-
-AC_MSG_CHECKING([for $compiler option to produce PIC])
-m4_if([$1], [CXX], [
-  # C++ specific cases for pic, static, wl, etc.
-  if test "$GXX" = yes; then
-    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-
-    case $host_os in
-    aix*)
-      # All AIX code is PIC.
-      if test "$host_cpu" = ia64; then
-	# AIX 5 now supports IA64 processor
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      fi
-      ;;
-
-    amigaos*)
-      case $host_cpu in
-      powerpc)
-            # see comment about AmigaOS4 .so support
-            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-        ;;
-      m68k)
-            # FIXME: we need at least 68020 code to build shared libraries, but
-            # adding the `-m68020' flag to GCC prevents building anything better,
-            # like `-m68040'.
-            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
-        ;;
-      esac
-      ;;
-
-    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
-      # PIC is the default for these OSes.
-      ;;
-    mingw* | cygwin* | os2* | pw32* | cegcc*)
-      # This hack is so that the source file can tell whether it is being
-      # built for inclusion in a dll (and should export symbols for example).
-      # Although the cygwin gcc ignores -fPIC, still need this for old-style
-      # (--disable-auto-import) libraries
-      m4_if([$1], [GCJ], [],
-	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
-      ;;
-    darwin* | rhapsody*)
-      # PIC is the default on this platform
-      # Common symbols not allowed in MH_DYLIB files
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
-      ;;
-    *djgpp*)
-      # DJGPP does not support shared libraries at all
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)=
-      ;;
-    interix[[3-9]]*)
-      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
-      # Instead, we relocate shared libraries at runtime.
-      ;;
-    sysv4*MP*)
-      if test -d /usr/nec; then
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
-      fi
-      ;;
-    hpux*)
-      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
-      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
-      # sets the default TLS model and affects inlining.
-      case $host_cpu in
-      hppa*64*)
-	;;
-      *)
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-	;;
-      esac
-      ;;
-    *qnx* | *nto*)
-      # QNX uses GNU C++, but need to define -shared option too, otherwise
-      # it will coredump.
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
-      ;;
-    *)
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-      ;;
-    esac
-  else
-    case $host_os in
-      aix[[4-9]]*)
-	# All AIX code is PIC.
-	if test "$host_cpu" = ia64; then
-	  # AIX 5 now supports IA64 processor
-	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	else
-	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
-	fi
-	;;
-      chorus*)
-	case $cc_basename in
-	cxch68*)
-	  # Green Hills C++ Compiler
-	  # _LT_TAGVAR(lt_prog_compiler_static, $1)="--no_auto_instantiation -u __main -u __premain -u _abort -r $COOL_DIR/lib/libOrb.a $MVME_DIR/lib/CC/libC.a $MVME_DIR/lib/classix/libcx.s.a"
-	  ;;
-	esac
-	;;
-      dgux*)
-	case $cc_basename in
-	  ec++*)
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	    ;;
-	  ghcx*)
-	    # Green Hills C++ Compiler
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      freebsd* | dragonfly*)
-	# FreeBSD uses GNU C++
-	;;
-      hpux9* | hpux10* | hpux11*)
-	case $cc_basename in
-	  CC*)
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
-	    if test "$host_cpu" != ia64; then
-	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
-	    fi
-	    ;;
-	  aCC*)
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
-	    case $host_cpu in
-	    hppa*64*|ia64*)
-	      # +Z the default
-	      ;;
-	    *)
-	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
-	      ;;
-	    esac
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      interix*)
-	# This is c89, which is MS Visual C++ (no shared libs)
-	# Anyone wants to do a port?
-	;;
-      irix5* | irix6* | nonstopux*)
-	case $cc_basename in
-	  CC*)
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-	    # CC pic flag -KPIC is the default.
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      linux* | k*bsd*-gnu)
-	case $cc_basename in
-	  KCC*)
-	    # KAI C++ Compiler
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-	    ;;
-	  ecpc* )
-	    # old Intel C++ for x86_64 which still supported -KPIC.
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-	    ;;
-	  icpc* )
-	    # Intel C++, used to be incompatible with GCC.
-	    # ICC 10 doesn't accept -KPIC any more.
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-	    ;;
-	  pgCC* | pgcpp*)
-	    # Portland Group C++ compiler
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	    ;;
-	  cxx*)
-	    # Compaq C++
-	    # Make sure the PIC flag is empty.  It appears that all Alpha
-	    # Linux and Compaq Tru64 Unix objects are PIC.
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-	    ;;
-	  xlc* | xlC*)
-	    # IBM XL 8.0 on PPC
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
-	    ;;
-	  *)
-	    case `$CC -V 2>&1 | sed 5q` in
-	    *Sun\ C*)
-	      # Sun C++ 5.9
-	      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
-	      ;;
-	    esac
-	    ;;
-	esac
-	;;
-      lynxos*)
-	;;
-      m88k*)
-	;;
-      mvs*)
-	case $cc_basename in
-	  cxx*)
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-W c,exportall'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      netbsd* | netbsdelf*-gnu)
-	;;
-      *qnx* | *nto*)
-        # QNX uses GNU C++, but need to define -shared option too, otherwise
-        # it will coredump.
-        _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
-        ;;
-      osf3* | osf4* | osf5*)
-	case $cc_basename in
-	  KCC*)
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='--backend -Wl,'
-	    ;;
-	  RCC*)
-	    # Rational C++ 2.4.1
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
-	    ;;
-	  cxx*)
-	    # Digital/Compaq C++
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    # Make sure the PIC flag is empty.  It appears that all Alpha
-	    # Linux and Compaq Tru64 Unix objects are PIC.
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      psos*)
-	;;
-      solaris*)
-	case $cc_basename in
-	  CC*)
-	    # Sun C++ 4.2, 5.x and Centerline C++
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
-	    ;;
-	  gcx*)
-	    # Green Hills C++ Compiler
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      sunos4*)
-	case $cc_basename in
-	  CC*)
-	    # Sun C++ 4.x
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	    ;;
-	  lcc*)
-	    # Lucid
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
-	case $cc_basename in
-	  CC*)
-	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	    ;;
-	esac
-	;;
-      tandem*)
-	case $cc_basename in
-	  NCC*)
-	    # NonStop-UX NCC 3.20
-	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	    ;;
-	  *)
-	    ;;
-	esac
-	;;
-      vxworks*)
-	;;
-      *)
-	_LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
-	;;
-    esac
-  fi
-],
-[
-  if test "$GCC" = yes; then
-    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-    _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-
-    case $host_os in
-      aix*)
-      # All AIX code is PIC.
-      if test "$host_cpu" = ia64; then
-	# AIX 5 now supports IA64 processor
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      fi
-      ;;
-
-    amigaos*)
-      case $host_cpu in
-      powerpc)
-            # see comment about AmigaOS4 .so support
-            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-        ;;
-      m68k)
-            # FIXME: we need at least 68020 code to build shared libraries, but
-            # adding the `-m68020' flag to GCC prevents building anything better,
-            # like `-m68040'.
-            _LT_TAGVAR(lt_prog_compiler_pic, $1)='-m68020 -resident32 -malways-restore-a4'
-        ;;
-      esac
-      ;;
-
-    beos* | irix5* | irix6* | nonstopux* | osf3* | osf4* | osf5*)
-      # PIC is the default for these OSes.
-      ;;
-
-    mingw* | cygwin* | pw32* | os2* | cegcc*)
-      # This hack is so that the source file can tell whether it is being
-      # built for inclusion in a dll (and should export symbols for example).
-      # Although the cygwin gcc ignores -fPIC, still need this for old-style
-      # (--disable-auto-import) libraries
-      m4_if([$1], [GCJ], [],
-	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
-      ;;
-
-    darwin* | rhapsody*)
-      # PIC is the default on this platform
-      # Common symbols not allowed in MH_DYLIB files
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
-      ;;
-
-    hpux*)
-      # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
-      # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
-      # sets the default TLS model and affects inlining.
-      case $host_cpu in
-      hppa*64*)
-	# +Z the default
-	;;
-      *)
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-	;;
-      esac
-      ;;
-
-    interix[[3-9]]*)
-      # Interix 3.x gcc -fpic/-fPIC options generate broken code.
-      # Instead, we relocate shared libraries at runtime.
-      ;;
-
-    msdosdjgpp*)
-      # Just because we use GCC doesn't mean we suddenly get shared libraries
-      # on systems that don't support them.
-      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
-      enable_shared=no
-      ;;
-
-    *nto* | *qnx*)
-      # QNX uses GNU C++, but need to define -shared option too, otherwise
-      # it will coredump.
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
-      ;;
-
-    sysv4*MP*)
-      if test -d /usr/nec; then
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)=-Kconform_pic
-      fi
-      ;;
-
-    *)
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-      ;;
-    esac
-  else
-    # PORTME Check for flag to pass linker flags through the system compiler.
-    case $host_os in
-    aix*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      if test "$host_cpu" = ia64; then
-	# AIX 5 now supports IA64 processor
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      else
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-bnso -bI:/lib/syscalls.exp'
-      fi
-      ;;
-
-    mingw* | cygwin* | pw32* | os2* | cegcc*)
-      # This hack is so that the source file can tell whether it is being
-      # built for inclusion in a dll (and should export symbols for example).
-      m4_if([$1], [GCJ], [],
-	[_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
-      ;;
-
-    hpux9* | hpux10* | hpux11*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      # PIC is the default for IA64 HP-UX and 64-bit HP-UX, but
-      # not for PA HP-UX.
-      case $host_cpu in
-      hppa*64*|ia64*)
-	# +Z the default
-	;;
-      *)
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='+Z'
-	;;
-      esac
-      # Is there a better lt_prog_compiler_static that works with the bundled CC?
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='${wl}-a ${wl}archive'
-      ;;
-
-    irix5* | irix6* | nonstopux*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      # PIC (with -KPIC) is the default.
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-      ;;
-
-    linux* | k*bsd*-gnu)
-      case $cc_basename in
-      # old Intel for x86_64 which still supported -KPIC.
-      ecc*)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-        ;;
-      # icc used to be incompatible with GCC.
-      # ICC 10 doesn't accept -KPIC any more.
-      icc* | ifort*)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
-        ;;
-      # Lahey Fortran 8.1.
-      lf95*)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
-	;;
-      pgcc* | pgf77* | pgf90* | pgf95*)
-        # Portland Group compilers (*not* the Pentium gcc compiler,
-	# which looks to be a dead project)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-        ;;
-      ccc*)
-        _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-        # All Alpha code is PIC.
-        _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-        ;;
-      xl*)
-	# IBM XL C 8.0/Fortran 10.1 on PPC
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
-	;;
-      *)
-	case `$CC -V 2>&1 | sed 5q` in
-	*Sun\ C*)
-	  # Sun C 5.9
-	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-	  ;;
-	*Sun\ F*)
-	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
-	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	  _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
-	  ;;
-	esac
-	;;
-      esac
-      ;;
-
-    newsos6)
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      ;;
-
-    *nto* | *qnx*)
-      # QNX uses GNU C++, but need to define -shared option too, otherwise
-      # it will coredump.
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC -shared'
-      ;;
-
-    osf3* | osf4* | osf5*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      # All OSF/1 code is PIC.
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-      ;;
-
-    rdos*)
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
-      ;;
-
-    solaris*)
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      case $cc_basename in
-      f77* | f90* | f95*)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
-      *)
-	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
-      esac
-      ;;
-
-    sunos4*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      ;;
-
-    sysv4 | sysv4.2uw2* | sysv4.3*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      ;;
-
-    sysv4*MP*)
-      if test -d /usr/nec ;then
-	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-Kconform_pic'
-	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      fi
-      ;;
-
-    sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      ;;
-
-    unicos*)
-      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
-      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
-      ;;
-
-    uts4*)
-      _LT_TAGVAR(lt_prog_compiler_pic, $1)='-pic'
-      _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-      ;;
-
-    *)
-      _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no
-      ;;
-    esac
-  fi
-])
-case $host_os in
-  # For platforms which do not support PIC, -DPIC is meaningless:
-  *djgpp*)
-    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
-    ;;
-  *)
-    _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])"
-    ;;
-esac
-AC_MSG_RESULT([$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
-_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
-	[How to pass a linker flag through the compiler])
-
-#
-# Check to make sure the PIC flag actually works.
-#
-if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
-  _LT_COMPILER_OPTION([if $compiler PIC flag $_LT_TAGVAR(lt_prog_compiler_pic, $1) works],
-    [_LT_TAGVAR(lt_cv_prog_compiler_pic_works, $1)],
-    [$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])], [],
-    [case $_LT_TAGVAR(lt_prog_compiler_pic, $1) in
-     "" | " "*) ;;
-     *) _LT_TAGVAR(lt_prog_compiler_pic, $1)=" $_LT_TAGVAR(lt_prog_compiler_pic, $1)" ;;
-     esac],
-    [_LT_TAGVAR(lt_prog_compiler_pic, $1)=
-     _LT_TAGVAR(lt_prog_compiler_can_build_shared, $1)=no])
-fi
-_LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1],
-	[Additional compiler flags for building library objects])
-
-#
-# Check to make sure the static flag actually works.
-#
-wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_TAGVAR(lt_prog_compiler_static, $1)\"
-_LT_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works],
-  _LT_TAGVAR(lt_cv_prog_compiler_static_works, $1),
-  $lt_tmp_static_flag,
-  [],
-  [_LT_TAGVAR(lt_prog_compiler_static, $1)=])
-_LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1],
-	[Compiler flag to prevent dynamic linking])
-])# _LT_COMPILER_PIC
-
-
-# _LT_LINKER_SHLIBS([TAGNAME])
-# ----------------------------
-# See if the linker supports building shared libraries.
-m4_defun([_LT_LINKER_SHLIBS],
-[AC_REQUIRE([LT_PATH_LD])dnl
-AC_REQUIRE([LT_PATH_NM])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_DECL_EGREP])dnl
-m4_require([_LT_DECL_SED])dnl
-m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
-m4_require([_LT_TAG_COMPILER])dnl
-AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
-m4_if([$1], [CXX], [
-  _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
-  case $host_os in
-  aix[[4-9]]*)
-    # If we're using GNU nm, then we don't want the "-C" option.
-    # -C means demangle to AIX nm, but means don't demangle with GNU nm
-    if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
-      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
-    else
-      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
-    fi
-    ;;
-  pw32*)
-    _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
-  ;;
-  cygwin* | mingw* | cegcc*)
-    _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
-  ;;
-  linux* | k*bsd*-gnu)
-    _LT_TAGVAR(link_all_deplibs, $1)=no
-  ;;
-  *)
-    _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
-  ;;
-  esac
-  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
-], [
-  runpath_var=
-  _LT_TAGVAR(allow_undefined_flag, $1)=
-  _LT_TAGVAR(always_export_symbols, $1)=no
-  _LT_TAGVAR(archive_cmds, $1)=
-  _LT_TAGVAR(archive_expsym_cmds, $1)=
-  _LT_TAGVAR(compiler_needs_object, $1)=no
-  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-  _LT_TAGVAR(export_dynamic_flag_spec, $1)=
-  _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
-  _LT_TAGVAR(hardcode_automatic, $1)=no
-  _LT_TAGVAR(hardcode_direct, $1)=no
-  _LT_TAGVAR(hardcode_direct_absolute, $1)=no
-  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-  _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-  _LT_TAGVAR(hardcode_libdir_separator, $1)=
-  _LT_TAGVAR(hardcode_minus_L, $1)=no
-  _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
-  _LT_TAGVAR(inherit_rpath, $1)=no
-  _LT_TAGVAR(link_all_deplibs, $1)=unknown
-  _LT_TAGVAR(module_cmds, $1)=
-  _LT_TAGVAR(module_expsym_cmds, $1)=
-  _LT_TAGVAR(old_archive_from_new_cmds, $1)=
-  _LT_TAGVAR(old_archive_from_expsyms_cmds, $1)=
-  _LT_TAGVAR(thread_safe_flag_spec, $1)=
-  _LT_TAGVAR(whole_archive_flag_spec, $1)=
-  # include_expsyms should be a list of space-separated symbols to be *always*
-  # included in the symbol list
-  _LT_TAGVAR(include_expsyms, $1)=
-  # exclude_expsyms can be an extended regexp of symbols to exclude
-  # it will be wrapped by ` (' and `)$', so one must not match beginning or
-  # end of line.  Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
-  # as well as any symbol that contains `d'.
-  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
-  # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
-  # platforms (ab)use it in PIC code, but their linkers get confused if
-  # the symbol is explicitly referenced.  Since portable code cannot
-  # rely on this symbol name, it's probably fine to never include it in
-  # preloaded symbol tables.
-  # Exclude shared library initialization/finalization symbols.
-dnl Note also adjust exclude_expsyms for C++ above.
-  extract_expsyms_cmds=
-
-  case $host_os in
-  cygwin* | mingw* | pw32* | cegcc*)
-    # FIXME: the MSVC++ port hasn't been tested in a loooong time
-    # When not using gcc, we currently assume that we are using
-    # Microsoft Visual C++.
-    if test "$GCC" != yes; then
-      with_gnu_ld=no
-    fi
-    ;;
-  interix*)
-    # we just hope/assume this is gcc and not c89 (= MSVC++)
-    with_gnu_ld=yes
-    ;;
-  openbsd*)
-    with_gnu_ld=no
-    ;;
-  linux* | k*bsd*-gnu)
-    _LT_TAGVAR(link_all_deplibs, $1)=no
-    ;;
-  esac
-
-  _LT_TAGVAR(ld_shlibs, $1)=yes
-  if test "$with_gnu_ld" = yes; then
-    # If archive_cmds runs LD, not CC, wlarc should be empty
-    wlarc='${wl}'
-
-    # Set some defaults for GNU ld with shared library support. These
-    # are reset later if shared libraries are not supported. Putting them
-    # here allows them to be overridden if necessary.
-    runpath_var=LD_RUN_PATH
-    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-    # ancient GNU ld didn't support --whole-archive et. al.
-    if $LD --help 2>&1 | $GREP 'no-whole-archive' > /dev/null; then
-      _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
-    else
-      _LT_TAGVAR(whole_archive_flag_spec, $1)=
-    fi
-    supports_anon_versioning=no
-    case `$LD -v 2>&1` in
-      *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
-      *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
-      *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
-      *\ 2.11.*) ;; # other 2.11 versions
-      *) supports_anon_versioning=yes ;;
-    esac
-
-    # See if GNU ld supports shared libraries.
-    case $host_os in
-    aix[[3-9]]*)
-      # On AIX/PPC, the GNU linker is very broken
-      if test "$host_cpu" != ia64; then
-	_LT_TAGVAR(ld_shlibs, $1)=no
-	cat <<_LT_EOF 1>&2
-
-*** Warning: the GNU linker, at least up to release 2.9.1, is reported
-*** to be unable to reliably create shared libraries on AIX.
-*** Therefore, libtool is disabling shared libraries support.  If you
-*** really care for shared libraries, you may want to modify your PATH
-*** so that a non-GNU linker is found, and then restart.
-
-_LT_EOF
-      fi
-      ;;
-
-    amigaos*)
-      case $host_cpu in
-      powerpc)
-            # see comment about AmigaOS4 .so support
-            _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-            _LT_TAGVAR(archive_expsym_cmds, $1)=''
-        ;;
-      m68k)
-            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
-            _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-            _LT_TAGVAR(hardcode_minus_L, $1)=yes
-        ;;
-      esac
-      ;;
-
-    beos*)
-      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-	# Joseph Beckenbach <jrb3@best.com> says some releases of gcc
-	# support --undefined.  This deserves some investigation.  FIXME
-	_LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-      else
-	_LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-
-    cygwin* | mingw* | pw32* | cegcc*)
-      # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
-      # as there is no search path for DLLs.
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      _LT_TAGVAR(always_export_symbols, $1)=no
-      _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
-
-      if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
-        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-	# If the export-symbols file already is a .def file (1st line
-	# is EXPORTS), use it as is; otherwise, prepend...
-	_LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
-	  cp $export_symbols $output_objdir/$soname.def;
-	else
-	  echo EXPORTS > $output_objdir/$soname.def;
-	  cat $export_symbols >> $output_objdir/$soname.def;
-	fi~
-	$CC -shared $output_objdir/$soname.def $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-      else
-	_LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-
-    interix[[3-9]]*)
-      _LT_TAGVAR(hardcode_direct, $1)=no
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-      # Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
-      # Instead, shared libraries are loaded at an image base (0x10000000 by
-      # default) and relocated if they conflict, which is a slow very memory
-      # consuming and fragmenting process.  To avoid this, we pick a random,
-      # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
-      # time.  Moving up from 0x10000000 also allows more sbrk(2) space.
-      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
-      _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
-      ;;
-
-    gnu* | linux* | tpf* | k*bsd*-gnu)
-      tmp_diet=no
-      if test "$host_os" = linux-dietlibc; then
-	case $cc_basename in
-	  diet\ *) tmp_diet=yes;;	# linux-dietlibc with static linking (!diet-dyn)
-	esac
-      fi
-      if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
-	 && test "$tmp_diet" = no
-      then
-	tmp_addflag=
-	tmp_sharedflag='-shared'
-	case $cc_basename,$host_cpu in
-        pgcc*)				# Portland Group C compiler
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
-	  tmp_addflag=' $pic_flag'
-	  ;;
-	pgf77* | pgf90* | pgf95*)	# Portland Group f77 and f90 compilers
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
-	  tmp_addflag=' $pic_flag -Mnomain' ;;
-	ecc*,ia64* | icc*,ia64*)	# Intel C compiler on ia64
-	  tmp_addflag=' -i_dynamic' ;;
-	efc*,ia64* | ifort*,ia64*)	# Intel Fortran compiler on ia64
-	  tmp_addflag=' -i_dynamic -nofor_main' ;;
-	ifc* | ifort*)			# Intel Fortran compiler
-	  tmp_addflag=' -nofor_main' ;;
-	lf95*)				# Lahey Fortran 8.1
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)=
-	  tmp_sharedflag='--shared' ;;
-	xl[[cC]]*)			# IBM XL C 8.0 on PPC (deal with xlf below)
-	  tmp_sharedflag='-qmkshrobj'
-	  tmp_addflag= ;;
-	esac
-	case `$CC -V 2>&1 | sed 5q` in
-	*Sun\ C*)			# Sun C 5.9
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
-	  _LT_TAGVAR(compiler_needs_object, $1)=yes
-	  tmp_sharedflag='-G' ;;
-	*Sun\ F*)			# Sun Fortran 8.3
-	  tmp_sharedflag='-G' ;;
-	esac
-	_LT_TAGVAR(archive_cmds, $1)='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-
-        if test "x$supports_anon_versioning" = xyes; then
-          _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
-	    cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
-	    echo "local: *; };" >> $output_objdir/$libname.ver~
-	    $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
-        fi
-
-	case $cc_basename in
-	xlf*)
-	  # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-	  _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $compiler_flags -soname $soname -o $lib'
-	  if test "x$supports_anon_versioning" = xyes; then
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
-	      cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
-	      echo "local: *; };" >> $output_objdir/$libname.ver~
-	      $LD -shared $libobjs $deplibs $compiler_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
-	  fi
-	  ;;
-	esac
-      else
-        _LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-
-    netbsd* | netbsdelf*-gnu)
-      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
-	wlarc=
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-      fi
-      ;;
-
-    solaris*)
-      if $LD -v 2>&1 | $GREP 'BFD 2\.8' > /dev/null; then
-	_LT_TAGVAR(ld_shlibs, $1)=no
-	cat <<_LT_EOF 1>&2
-
-*** Warning: The releases 2.8.* of the GNU linker cannot reliably
-*** create shared libraries on Solaris systems.  Therefore, libtool
-*** is disabling shared libraries support.  We urge you to upgrade GNU
-*** binutils to release 2.9.1 or newer.  Another option is to modify
-*** your PATH or compiler configuration so that the native linker is
-*** used, and then restart.
-
-_LT_EOF
-      elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-      else
-	_LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-
-    sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
-      case `$LD -v 2>&1` in
-        *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.1[[0-5]].*)
-	_LT_TAGVAR(ld_shlibs, $1)=no
-	cat <<_LT_EOF 1>&2
-
-*** Warning: Releases of the GNU linker prior to 2.16.91.0.3 can not
-*** reliably create shared libraries on SCO systems.  Therefore, libtool
-*** is disabling shared libraries support.  We urge you to upgrade GNU
-*** binutils to release 2.16.91.0.3 or newer.  Another option is to modify
-*** your PATH or compiler configuration so that the native linker is
-*** used, and then restart.
-
-_LT_EOF
-	;;
-	*)
-	  # For security reasons, it is highly recommended that you always
-	  # use absolute paths for naming shared libraries, and exclude the
-	  # DT_RUNPATH tag from executables and libraries.  But doing so
-	  # requires that you compile everything twice, which is a pain.
-	  if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-	  else
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	  fi
-	;;
-      esac
-      ;;
-
-    sunos4*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linker_flags'
-      wlarc=
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    *)
-      if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-      else
-	_LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-    esac
-
-    if test "$_LT_TAGVAR(ld_shlibs, $1)" = no; then
-      runpath_var=
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)=
-      _LT_TAGVAR(whole_archive_flag_spec, $1)=
-    fi
-  else
-    # PORTME fill in a description of your system's linker (not GNU ld)
-    case $host_os in
-    aix3*)
-      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      _LT_TAGVAR(always_export_symbols, $1)=yes
-      _LT_TAGVAR(archive_expsym_cmds, $1)='$LD -o $output_objdir/$soname $libobjs $deplibs $linker_flags -bE:$export_symbols -T512 -H512 -bM:SRE~$AR $AR_FLAGS $lib $output_objdir/$soname'
-      # Note: this linker hardcodes the directories in LIBPATH if there
-      # are no directories specified by -L.
-      _LT_TAGVAR(hardcode_minus_L, $1)=yes
-      if test "$GCC" = yes && test -z "$lt_prog_compiler_static"; then
-	# Neither direct hardcoding nor static linking is supported with a
-	# broken collect2.
-	_LT_TAGVAR(hardcode_direct, $1)=unsupported
-      fi
-      ;;
-
-    aix[[4-9]]*)
-      if test "$host_cpu" = ia64; then
-	# On IA64, the linker does run time linking by default, so we don't
-	# have to do anything special.
-	aix_use_runtimelinking=no
-	exp_sym_flag='-Bexport'
-	no_entry_flag=""
-      else
-	# If we're using GNU nm, then we don't want the "-C" option.
-	# -C means demangle to AIX nm, but means don't demangle with GNU nm
-	if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
-	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
-	else
-	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
-	fi
-	aix_use_runtimelinking=no
-
-	# Test if we are trying to use run time linking or normal
-	# AIX style linking. If -brtl is somewhere in LDFLAGS, we
-	# need to do runtime linking.
-	case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
-	  for ld_flag in $LDFLAGS; do
-	  if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
-	    aix_use_runtimelinking=yes
-	    break
-	  fi
-	  done
-	  ;;
-	esac
-
-	exp_sym_flag='-bexport'
-	no_entry_flag='-bnoentry'
-      fi
-
-      # When large executables or shared objects are built, AIX ld can
-      # have problems creating the table of contents.  If linking a library
-      # or program results in "error TOC overflow" add -mminimal-toc to
-      # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
-      # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
-
-      _LT_TAGVAR(archive_cmds, $1)=''
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
-      _LT_TAGVAR(link_all_deplibs, $1)=yes
-      _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
-
-      if test "$GCC" = yes; then
-	case $host_os in aix4.[[012]]|aix4.[[012]].*)
-	# We only want to do this on AIX 4.2 and lower, the check
-	# below for broken collect2 doesn't work under 4.3+
-	  collect2name=`${CC} -print-prog-name=collect2`
-	  if test -f "$collect2name" &&
-	   strings "$collect2name" | $GREP resolve_lib_name >/dev/null
-	  then
-	  # We have reworked collect2
-	  :
-	  else
-	  # We have old collect2
-	  _LT_TAGVAR(hardcode_direct, $1)=unsupported
-	  # It fails to find uninstalled libraries when the uninstalled
-	  # path is not listed in the libpath.  Setting hardcode_minus_L
-	  # to unsupported forces relinking
-	  _LT_TAGVAR(hardcode_minus_L, $1)=yes
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-	  _LT_TAGVAR(hardcode_libdir_separator, $1)=
-	  fi
-	  ;;
-	esac
-	shared_flag='-shared'
-	if test "$aix_use_runtimelinking" = yes; then
-	  shared_flag="$shared_flag "'${wl}-G'
-	fi
-	_LT_TAGVAR(link_all_deplibs, $1)=no
-      else
-	# not using gcc
-	if test "$host_cpu" = ia64; then
-	# VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
-	# chokes on -Wl,-G. The following line is correct:
-	  shared_flag='-G'
-	else
-	  if test "$aix_use_runtimelinking" = yes; then
-	    shared_flag='${wl}-G'
-	  else
-	    shared_flag='${wl}-bM:SRE'
-	  fi
-	fi
-      fi
-
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
-      # It seems that -bexpall does not export symbols beginning with
-      # underscore (_), so it is better to generate a list of symbols to export.
-      _LT_TAGVAR(always_export_symbols, $1)=yes
-      if test "$aix_use_runtimelinking" = yes; then
-	# Warning - without using the other runtime loading flags (-brtl),
-	# -berok will link without error, but may produce a broken library.
-	_LT_TAGVAR(allow_undefined_flag, $1)='-berok'
-        # Determine the default libpath from the value encoded in an
-        # empty executable.
-        _LT_SYS_MODULE_PATH_AIX
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
-      else
-	if test "$host_cpu" = ia64; then
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
-	  _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
-	  _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
-	else
-	 # Determine the default libpath from the value encoded in an
-	 # empty executable.
-	 _LT_SYS_MODULE_PATH_AIX
-	 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-	  # Warning - without using the other run time loading flags,
-	  # -berok will link without error, but may produce a broken library.
-	  _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
-	  _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
-	  # Exported symbols can be pulled into shared objects from archives
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
-	  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
-	  # This is similar to how AIX traditionally builds its shared libraries.
-	  _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
-	fi
-      fi
-      ;;
-
-    amigaos*)
-      case $host_cpu in
-      powerpc)
-            # see comment about AmigaOS4 .so support
-            _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-            _LT_TAGVAR(archive_expsym_cmds, $1)=''
-        ;;
-      m68k)
-            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/a2ixlibrary.data~$ECHO "#define NAME $libname" > $output_objdir/a2ixlibrary.data~$ECHO "#define LIBRARY_ID 1" >> $output_objdir/a2ixlibrary.data~$ECHO "#define VERSION $major" >> $output_objdir/a2ixlibrary.data~$ECHO "#define REVISION $revision" >> $output_objdir/a2ixlibrary.data~$AR $AR_FLAGS $lib $libobjs~$RANLIB $lib~(cd $output_objdir && a2ixlibrary -32)'
-            _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-            _LT_TAGVAR(hardcode_minus_L, $1)=yes
-        ;;
-      esac
-      ;;
-
-    bsdi[[45]]*)
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)=-rdynamic
-      ;;
-
-    cygwin* | mingw* | pw32* | cegcc*)
-      # When not using gcc, we currently assume that we are using
-      # Microsoft Visual C++.
-      # hardcode_libdir_flag_spec is actually meaningless, as there is
-      # no search path for DLLs.
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
-      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      # Tell ltmain to make .lib files, not .a files.
-      libext=lib
-      # Tell ltmain to make .dll files, not .so files.
-      shrext_cmds=".dll"
-      # FIXME: Setting linknames here is a bad hack.
-      _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `$ECHO "X$deplibs" | $Xsed -e '\''s/ -lc$//'\''` -link -dll~linknames='
-      # The linker will automatically build a .lib file if we build a DLL.
-      _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
-      # FIXME: Should let the user specify the lib program.
-      _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
-      _LT_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`'
-      _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-      ;;
-
-    darwin* | rhapsody*)
-      _LT_DARWIN_LINKER_FEATURES($1)
-      ;;
-
-    dgux*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    freebsd1*)
-      _LT_TAGVAR(ld_shlibs, $1)=no
-      ;;
-
-    # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
-    # support.  Future versions do this automatically, but an explicit c++rt0.o
-    # does not break anything, and helps significantly (at the cost of a little
-    # extra space).
-    freebsd2.2*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags /usr/lib/c++rt0.o'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    # Unfortunately, older versions of FreeBSD 2 do not have this feature.
-    freebsd2*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_minus_L, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
-    freebsd* | dragonfly*)
-      _LT_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    hpux9*)
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
-      fi
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-
-      # hardcode_minus_L: Not really in the search PATH,
-      # but as the default location of the library.
-      _LT_TAGVAR(hardcode_minus_L, $1)=yes
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-      ;;
-
-    hpux10*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
-      fi
-      if test "$with_gnu_ld" = no; then
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-	_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
-	_LT_TAGVAR(hardcode_libdir_separator, $1)=:
-	_LT_TAGVAR(hardcode_direct, $1)=yes
-	_LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-	# hardcode_minus_L: Not really in the search PATH,
-	# but as the default location of the library.
-	_LT_TAGVAR(hardcode_minus_L, $1)=yes
-      fi
-      ;;
-
-    hpux11*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
-	case $host_cpu in
-	hppa*64*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	ia64*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	esac
-      else
-	case $host_cpu in
-	hppa*64*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	ia64*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	esac
-      fi
-      if test "$with_gnu_ld" = no; then
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-	_LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-	case $host_cpu in
-	hppa*64*|ia64*)
-	  _LT_TAGVAR(hardcode_direct, $1)=no
-	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	  ;;
-	*)
-	  _LT_TAGVAR(hardcode_direct, $1)=yes
-	  _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-
-	  # hardcode_minus_L: Not really in the search PATH,
-	  # but as the default location of the library.
-	  _LT_TAGVAR(hardcode_minus_L, $1)=yes
-	  ;;
-	esac
-      fi
-      ;;
-
-    irix5* | irix6* | nonstopux*)
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-	# Try to use the -exported_symbol ld option, if it does not
-	# work, assume that -exports_file does not work either and
-	# implicitly export all symbols.
-        save_LDFLAGS="$LDFLAGS"
-        LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
-        AC_LINK_IFELSE(int foo(void) {},
-          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
-        )
-        LDFLAGS="$save_LDFLAGS"
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
-      fi
-      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-      _LT_TAGVAR(inherit_rpath, $1)=yes
-      _LT_TAGVAR(link_all_deplibs, $1)=yes
-      ;;
-
-    netbsd* | netbsdelf*-gnu)
-      if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'  # a.out
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$LD -shared -o $lib $libobjs $deplibs $linker_flags'      # ELF
-      fi
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    newsos6)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    *nto* | *qnx*)
-      ;;
-
-    openbsd*)
-      if test -f /usr/libexec/ld.so; then
-	_LT_TAGVAR(hardcode_direct, $1)=yes
-	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	_LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-	if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
-	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags ${wl}-retain-symbols-file,$export_symbols'
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-	else
-	  case $host_os in
-	   openbsd[[01]].* | openbsd2.[[0-7]] | openbsd2.[[0-7]].*)
-	     _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
-	     _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-	     ;;
-	   *)
-	     _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
-	     _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	     ;;
-	  esac
-	fi
-      else
-	_LT_TAGVAR(ld_shlibs, $1)=no
-      fi
-      ;;
-
-    os2*)
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-      _LT_TAGVAR(hardcode_minus_L, $1)=yes
-      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$ECHO DATA >> $output_objdir/$libname.def~$ECHO " SINGLE NONSHARED" >> $output_objdir/$libname.def~$ECHO EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
-      _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
-      ;;
-
-    osf3*)
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-      else
-	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-      fi
-      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-      ;;
-
-    osf4* | osf5*)	# as osf3* with the addition of -msym flag
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-      else
-	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
-	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
-
-	# Both c and cxx compiler support -rpath directly
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
-      fi
-      _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-      ;;
-
-    solaris*)
-      _LT_TAGVAR(no_undefined_flag, $1)=' -z defs'
-      if test "$GCC" = yes; then
-	wlarc='${wl}'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	  $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
-      else
-	case `$CC -V 2>&1` in
-	*"Compilers 5.0"*)
-	  wlarc=''
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linker_flags'
-	  _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	  $LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linker_flags~$RM $lib.exp'
-	  ;;
-	*)
-	  wlarc='${wl}'
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $compiler_flags'
-	  _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	  $CC -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
-	  ;;
-	esac
-      fi
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      case $host_os in
-      solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
-      *)
-	# The compiler driver will combine and reorder linker options,
-	# but understands `-z linker_flag'.  GCC discards it without `$wl',
-	# but is careful enough not to reorder.
-	# Supported since Solaris 2.6 (maybe 2.5.1?)
-	if test "$GCC" = yes; then
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
-	else
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
-	fi
-	;;
-      esac
-      _LT_TAGVAR(link_all_deplibs, $1)=yes
-      ;;
-
-    sunos4*)
-      if test "x$host_vendor" = xsequent; then
-	# Use $CC to link under sequent, because it throws in some extra .o
-	# files that make .init and .fini sections work.
-	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h $soname -o $lib $libobjs $deplibs $compiler_flags'
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linker_flags'
-      fi
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-      _LT_TAGVAR(hardcode_direct, $1)=yes
-      _LT_TAGVAR(hardcode_minus_L, $1)=yes
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    sysv4)
-      case $host_vendor in
-	sni)
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-	  _LT_TAGVAR(hardcode_direct, $1)=yes # is this really true???
-	;;
-	siemens)
-	  ## LD is ld it makes a PLAMLIB
-	  ## CC just makes a GrossModule.
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -o $lib $libobjs $deplibs $linker_flags'
-	  _LT_TAGVAR(reload_cmds, $1)='$CC -r -o $output$reload_objs'
-	  _LT_TAGVAR(hardcode_direct, $1)=no
-        ;;
-	motorola)
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-	  _LT_TAGVAR(hardcode_direct, $1)=no #Motorola manual says yes, but my tests say they lie
-	;;
-      esac
-      runpath_var='LD_RUN_PATH'
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    sysv4.3*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)='-Bexport'
-      ;;
-
-    sysv4*MP*)
-      if test -d /usr/nec; then
-	_LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	runpath_var=LD_RUN_PATH
-	hardcode_runpath_var=yes
-	_LT_TAGVAR(ld_shlibs, $1)=yes
-      fi
-      ;;
-
-    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
-      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
-      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      runpath_var='LD_RUN_PATH'
-
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-      fi
-      ;;
-
-    sysv5* | sco3.2v5* | sco5v6*)
-      # Note: We can NOT use -z defs as we might desire, because we do not
-      # link with -lc, and that would cause any symbols used from libc to
-      # always be unresolved, which means just about no library would
-      # ever link correctly.  If we're not using GNU ld we use -z text
-      # though, which does catch some bad symbols but isn't as heavy-handed
-      # as -z defs.
-      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
-      _LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
-      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
-      _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
-      _LT_TAGVAR(link_all_deplibs, $1)=yes
-      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
-      runpath_var='LD_RUN_PATH'
-
-      if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-      else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-      fi
-      ;;
-
-    uts4*)
-      _LT_TAGVAR(archive_cmds, $1)='$LD -G -h $soname -o $lib $libobjs $deplibs $linker_flags'
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      ;;
-
-    *)
-      _LT_TAGVAR(ld_shlibs, $1)=no
-      ;;
-    esac
-
-    if test x$host_vendor = xsni; then
-      case $host in
-      sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
-	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Blargedynsym'
-	;;
-      esac
-    fi
-  fi
-])
-AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
-test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
-
-_LT_TAGVAR(with_gnu_ld, $1)=$with_gnu_ld
-
-_LT_DECL([], [libext], [0], [Old archive suffix (normally "a")])dnl
-_LT_DECL([], [shrext_cmds], [1], [Shared library suffix (normally ".so")])dnl
-_LT_DECL([], [extract_expsyms_cmds], [2],
-    [The commands to extract the exported symbol list from a shared archive])
-
-#
-# Do we need to explicitly link libc?
-#
-case "x$_LT_TAGVAR(archive_cmds_need_lc, $1)" in
-x|xyes)
-  # Assume -lc should be added
-  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
-
-  if test "$enable_shared" = yes && test "$GCC" = yes; then
-    case $_LT_TAGVAR(archive_cmds, $1) in
-    *'~'*)
-      # FIXME: we may have to deal with multi-command sequences.
-      ;;
-    '$CC '*)
-      # Test whether the compiler implicitly links with -lc since on some
-      # systems, -lgcc has to come before -lc. If gcc already passes -lc
-      # to ld, don't add -lc before -lgcc.
-      AC_MSG_CHECKING([whether -lc should be explicitly linked in])
-      $RM conftest*
-      echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
-      if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
-        soname=conftest
-        lib=conftest
-        libobjs=conftest.$ac_objext
-        deplibs=
-        wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
-	pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
-        compiler_flags=-v
-        linker_flags=-v
-        verstring=
-        output_objdir=.
-        libname=conftest
-        lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
-        _LT_TAGVAR(allow_undefined_flag, $1)=
-        if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
-        then
-	  _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-        else
-	  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
-        fi
-        _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
-      else
-        cat conftest.err 1>&5
-      fi
-      $RM conftest*
-      AC_MSG_RESULT([$_LT_TAGVAR(archive_cmds_need_lc, $1)])
-      ;;
-    esac
-  fi
-  ;;
-esac
-
-_LT_TAGDECL([build_libtool_need_lc], [archive_cmds_need_lc], [0],
-    [Whether or not to add -lc for building shared libraries])
-_LT_TAGDECL([allow_libtool_libs_with_static_runtimes],
-    [enable_shared_with_static_runtimes], [0],
-    [Whether or not to disallow shared libs when runtime libs are static])
-_LT_TAGDECL([], [export_dynamic_flag_spec], [1],
-    [Compiler flag to allow reflexive dlopens])
-_LT_TAGDECL([], [whole_archive_flag_spec], [1],
-    [Compiler flag to generate shared objects directly from archives])
-_LT_TAGDECL([], [compiler_needs_object], [1],
-    [Whether the compiler copes with passing no objects directly])
-_LT_TAGDECL([], [old_archive_from_new_cmds], [2],
-    [Create an old-style archive from a shared archive])
-_LT_TAGDECL([], [old_archive_from_expsyms_cmds], [2],
-    [Create a temporary old-style archive to link instead of a shared archive])
-_LT_TAGDECL([], [archive_cmds], [2], [Commands used to build a shared archive])
-_LT_TAGDECL([], [archive_expsym_cmds], [2])
-_LT_TAGDECL([], [module_cmds], [2],
-    [Commands used to build a loadable module if different from building
-    a shared archive.])
-_LT_TAGDECL([], [module_expsym_cmds], [2])
-_LT_TAGDECL([], [with_gnu_ld], [1],
-    [Whether we are building with GNU ld or not])
-_LT_TAGDECL([], [allow_undefined_flag], [1],
-    [Flag that allows shared libraries with undefined symbols to be built])
-_LT_TAGDECL([], [no_undefined_flag], [1],
-    [Flag that enforces no undefined symbols])
-_LT_TAGDECL([], [hardcode_libdir_flag_spec], [1],
-    [Flag to hardcode $libdir into a binary during linking.
-    This must work even if $libdir does not exist])
-_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1],
-    [[If ld is used when linking, flag to hardcode $libdir into a binary
-    during linking.  This must work even if $libdir does not exist]])
-_LT_TAGDECL([], [hardcode_libdir_separator], [1],
-    [Whether we need a single "-rpath" flag with a separated argument])
-_LT_TAGDECL([], [hardcode_direct], [0],
-    [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
-    DIR into the resulting binary])
-_LT_TAGDECL([], [hardcode_direct_absolute], [0],
-    [Set to "yes" if using DIR/libNAME${shared_ext} during linking hardcodes
-    DIR into the resulting binary and the resulting library dependency is
-    "absolute", i.e impossible to change by setting ${shlibpath_var} if the
-    library is relocated])
-_LT_TAGDECL([], [hardcode_minus_L], [0],
-    [Set to "yes" if using the -LDIR flag during linking hardcodes DIR
-    into the resulting binary])
-_LT_TAGDECL([], [hardcode_shlibpath_var], [0],
-    [Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR
-    into the resulting binary])
-_LT_TAGDECL([], [hardcode_automatic], [0],
-    [Set to "yes" if building a shared library automatically hardcodes DIR
-    into the library and all subsequent libraries and executables linked
-    against it])
-_LT_TAGDECL([], [inherit_rpath], [0],
-    [Set to yes if linker adds runtime paths of dependent libraries
-    to runtime path list])
-_LT_TAGDECL([], [link_all_deplibs], [0],
-    [Whether libtool must link a program against all its dependency libraries])
-_LT_TAGDECL([], [fix_srcfile_path], [1],
-    [Fix the shell variable $srcfile for the compiler])
-_LT_TAGDECL([], [always_export_symbols], [0],
-    [Set to "yes" if exported symbols are required])
-_LT_TAGDECL([], [export_symbols_cmds], [2],
-    [The commands to list exported symbols])
-_LT_TAGDECL([], [exclude_expsyms], [1],
-    [Symbols that should not be listed in the preloaded symbols])
-_LT_TAGDECL([], [include_expsyms], [1],
-    [Symbols that must always be exported])
-_LT_TAGDECL([], [prelink_cmds], [2],
-    [Commands necessary for linking programs (against libraries) with templates])
-_LT_TAGDECL([], [file_list_spec], [1],
-    [Specify filename containing input files])
-dnl FIXME: Not yet implemented
-dnl _LT_TAGDECL([], [thread_safe_flag_spec], [1],
-dnl    [Compiler flag to generate thread safe objects])
-])# _LT_LINKER_SHLIBS
-
-
-# _LT_LANG_C_CONFIG([TAG])
-# ------------------------
-# Ensure that the configuration variables for a C compiler are suitably
-# defined.  These variables are subsequently used by _LT_CONFIG to write
-# the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_C_CONFIG],
-[m4_require([_LT_DECL_EGREP])dnl
-lt_save_CC="$CC"
-AC_LANG_PUSH(C)
-
-# Source file extension for C test sources.
-ac_ext=c
-
-# Object file extension for compiled C test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="int some_variable = 0;"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code='int main(){return(0);}'
-
-_LT_TAG_COMPILER
-# Save the default compiler, since it gets overwritten when the other
-# tags are being tested, and _LT_TAGVAR(compiler, []) is a NOP.
-compiler_DEFAULT=$CC
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-if test -n "$compiler"; then
-  _LT_COMPILER_NO_RTTI($1)
-  _LT_COMPILER_PIC($1)
-  _LT_COMPILER_C_O($1)
-  _LT_COMPILER_FILE_LOCKS($1)
-  _LT_LINKER_SHLIBS($1)
-  _LT_SYS_DYNAMIC_LINKER($1)
-  _LT_LINKER_HARDCODE_LIBPATH($1)
-  LT_SYS_DLOPEN_SELF
-  _LT_CMD_STRIPLIB
-
-  # Report which library types will actually be built
-  AC_MSG_CHECKING([if libtool supports shared libraries])
-  AC_MSG_RESULT([$can_build_shared])
-
-  AC_MSG_CHECKING([whether to build shared libraries])
-  test "$can_build_shared" = "no" && enable_shared=no
-
-  # On AIX, shared libraries and static libraries use the same namespace, and
-  # are all built from PIC.
-  case $host_os in
-  aix3*)
-    test "$enable_shared" = yes && enable_static=no
-    if test -n "$RANLIB"; then
-      archive_cmds="$archive_cmds~\$RANLIB \$lib"
-      postinstall_cmds='$RANLIB $lib'
-    fi
-    ;;
-
-  aix[[4-9]]*)
-    if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
-      test "$enable_shared" = yes && enable_static=no
-    fi
-    ;;
-  esac
-  AC_MSG_RESULT([$enable_shared])
-
-  AC_MSG_CHECKING([whether to build static libraries])
-  # Make sure either enable_shared or enable_static is yes.
-  test "$enable_shared" = yes || enable_static=yes
-  AC_MSG_RESULT([$enable_static])
-
-  _LT_CONFIG($1)
-fi
-AC_LANG_POP
-CC="$lt_save_CC"
-])# _LT_LANG_C_CONFIG
-
-
-# _LT_PROG_CXX
-# ------------
-# Since AC_PROG_CXX is broken, in that it returns g++ if there is no c++
-# compiler, we have our own version here.
-m4_defun([_LT_PROG_CXX],
-[
-pushdef([AC_MSG_ERROR], [_lt_caught_CXX_error=yes])
-AC_PROG_CXX
-if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
-    ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
-    (test "X$CXX" != "Xg++"))) ; then
-  AC_PROG_CXXCPP
-else
-  _lt_caught_CXX_error=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_CXX
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_CXX], [])
-
-
-# _LT_LANG_CXX_CONFIG([TAG])
-# --------------------------
-# Ensure that the configuration variables for a C++ compiler are suitably
-# defined.  These variables are subsequently used by _LT_CONFIG to write
-# the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_CXX_CONFIG],
-[AC_REQUIRE([_LT_PROG_CXX])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-m4_require([_LT_DECL_EGREP])dnl
-
-AC_LANG_PUSH(C++)
-_LT_TAGVAR(archive_cmds_need_lc, $1)=no
-_LT_TAGVAR(allow_undefined_flag, $1)=
-_LT_TAGVAR(always_export_symbols, $1)=no
-_LT_TAGVAR(archive_expsym_cmds, $1)=
-_LT_TAGVAR(compiler_needs_object, $1)=no
-_LT_TAGVAR(export_dynamic_flag_spec, $1)=
-_LT_TAGVAR(hardcode_direct, $1)=no
-_LT_TAGVAR(hardcode_direct_absolute, $1)=no
-_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-_LT_TAGVAR(hardcode_libdir_separator, $1)=
-_LT_TAGVAR(hardcode_minus_L, $1)=no
-_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
-_LT_TAGVAR(hardcode_automatic, $1)=no
-_LT_TAGVAR(inherit_rpath, $1)=no
-_LT_TAGVAR(module_cmds, $1)=
-_LT_TAGVAR(module_expsym_cmds, $1)=
-_LT_TAGVAR(link_all_deplibs, $1)=unknown
-_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-_LT_TAGVAR(no_undefined_flag, $1)=
-_LT_TAGVAR(whole_archive_flag_spec, $1)=
-_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-
-# Source file extension for C++ test sources.
-ac_ext=cpp
-
-# Object file extension for compiled C++ test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# No sense in running all these tests if we already determined that
-# the CXX compiler isn't working.  Some variables (like enable_shared)
-# are currently assumed to apply to all compilers on this platform,
-# and will be corrupted by setting them based on a non-working compiler.
-if test "$_lt_caught_CXX_error" != yes; then
-  # Code to be used in simple compile tests
-  lt_simple_compile_test_code="int some_variable = 0;"
-
-  # Code to be used in simple link tests
-  lt_simple_link_test_code='int main(int, char *[[]]) { return(0); }'
-
-  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
-  _LT_TAG_COMPILER
-
-  # save warnings/boilerplate of simple test code
-  _LT_COMPILER_BOILERPLATE
-  _LT_LINKER_BOILERPLATE
-
-  # Allow CC to be a program name with arguments.
-  lt_save_CC=$CC
-  lt_save_LD=$LD
-  lt_save_GCC=$GCC
-  GCC=$GXX
-  lt_save_with_gnu_ld=$with_gnu_ld
-  lt_save_path_LD=$lt_cv_path_LD
-  if test -n "${lt_cv_prog_gnu_ldcxx+set}"; then
-    lt_cv_prog_gnu_ld=$lt_cv_prog_gnu_ldcxx
-  else
-    $as_unset lt_cv_prog_gnu_ld
-  fi
-  if test -n "${lt_cv_path_LDCXX+set}"; then
-    lt_cv_path_LD=$lt_cv_path_LDCXX
-  else
-    $as_unset lt_cv_path_LD
-  fi
-  test -z "${LDCXX+set}" || LD=$LDCXX
-  CC=${CXX-"c++"}
-  compiler=$CC
-  _LT_TAGVAR(compiler, $1)=$CC
-  _LT_CC_BASENAME([$compiler])
-
-  if test -n "$compiler"; then
-    # We don't want -fno-exception when compiling C++ code, so set the
-    # no_builtin_flag separately
-    if test "$GXX" = yes; then
-      _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
-    else
-      _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
-    fi
-
-    if test "$GXX" = yes; then
-      # Set up default GNU C++ configuration
-
-      LT_PATH_LD
-
-      # Check if GNU C++ uses GNU ld as the underlying linker, since the
-      # archiving commands below assume that GNU ld is being used.
-      if test "$with_gnu_ld" = yes; then
-        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
-        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-
-        # If archive_cmds runs LD, not CC, wlarc should be empty
-        # XXX I think wlarc can be eliminated in ltcf-cxx, but I need to
-        #     investigate it a little bit more. (MM)
-        wlarc='${wl}'
-
-        # ancient GNU ld didn't support --whole-archive et. al.
-        if eval "`$CC -print-prog-name=ld` --help 2>&1" |
-	  $GREP 'no-whole-archive' > /dev/null; then
-          _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
-        else
-          _LT_TAGVAR(whole_archive_flag_spec, $1)=
-        fi
-      else
-        with_gnu_ld=no
-        wlarc=
-
-        # A generic and very simple default shared library creation
-        # command for GNU C++ for the case where it uses the native
-        # linker, instead of GNU ld.  If possible, this setting should
-        # overridden to take advantage of the native linker features on
-        # the platform it is being used on.
-        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
-      fi
-
-      # Commands to make compiler produce verbose output that lists
-      # what "hidden" libraries, object files and flags are used when
-      # linking a shared library.
-      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
-
-    else
-      GXX=no
-      with_gnu_ld=no
-      wlarc=
-    fi
-
-    # PORTME: fill in a description of your system's C++ link characteristics
-    AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
-    _LT_TAGVAR(ld_shlibs, $1)=yes
-    case $host_os in
-      aix3*)
-        # FIXME: insert proper C++ library support
-        _LT_TAGVAR(ld_shlibs, $1)=no
-        ;;
-      aix[[4-9]]*)
-        if test "$host_cpu" = ia64; then
-          # On IA64, the linker does run time linking by default, so we don't
-          # have to do anything special.
-          aix_use_runtimelinking=no
-          exp_sym_flag='-Bexport'
-          no_entry_flag=""
-        else
-          aix_use_runtimelinking=no
-
-          # Test if we are trying to use run time linking or normal
-          # AIX style linking. If -brtl is somewhere in LDFLAGS, we
-          # need to do runtime linking.
-          case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*)
-	    for ld_flag in $LDFLAGS; do
-	      case $ld_flag in
-	      *-brtl*)
-	        aix_use_runtimelinking=yes
-	        break
-	        ;;
-	      esac
-	    done
-	    ;;
-          esac
-
-          exp_sym_flag='-bexport'
-          no_entry_flag='-bnoentry'
-        fi
-
-        # When large executables or shared objects are built, AIX ld can
-        # have problems creating the table of contents.  If linking a library
-        # or program results in "error TOC overflow" add -mminimal-toc to
-        # CXXFLAGS/CFLAGS for g++/gcc.  In the cases where that is not
-        # enough to fix the problem, add -Wl,-bbigtoc to LDFLAGS.
-
-        _LT_TAGVAR(archive_cmds, $1)=''
-        _LT_TAGVAR(hardcode_direct, $1)=yes
-        _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-        _LT_TAGVAR(hardcode_libdir_separator, $1)=':'
-        _LT_TAGVAR(link_all_deplibs, $1)=yes
-        _LT_TAGVAR(file_list_spec, $1)='${wl}-f,'
-
-        if test "$GXX" = yes; then
-          case $host_os in aix4.[[012]]|aix4.[[012]].*)
-          # We only want to do this on AIX 4.2 and lower, the check
-          # below for broken collect2 doesn't work under 4.3+
-	  collect2name=`${CC} -print-prog-name=collect2`
-	  if test -f "$collect2name" &&
-	     strings "$collect2name" | $GREP resolve_lib_name >/dev/null
-	  then
-	    # We have reworked collect2
-	    :
-	  else
-	    # We have old collect2
-	    _LT_TAGVAR(hardcode_direct, $1)=unsupported
-	    # It fails to find uninstalled libraries when the uninstalled
-	    # path is not listed in the libpath.  Setting hardcode_minus_L
-	    # to unsupported forces relinking
-	    _LT_TAGVAR(hardcode_minus_L, $1)=yes
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-	    _LT_TAGVAR(hardcode_libdir_separator, $1)=
-	  fi
-          esac
-          shared_flag='-shared'
-	  if test "$aix_use_runtimelinking" = yes; then
-	    shared_flag="$shared_flag "'${wl}-G'
-	  fi
-        else
-          # not using gcc
-          if test "$host_cpu" = ia64; then
-	  # VisualAge C++, Version 5.5 for AIX 5L for IA-64, Beta 3 Release
-	  # chokes on -Wl,-G. The following line is correct:
-	  shared_flag='-G'
-          else
-	    if test "$aix_use_runtimelinking" = yes; then
-	      shared_flag='${wl}-G'
-	    else
-	      shared_flag='${wl}-bM:SRE'
-	    fi
-          fi
-        fi
-
-        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-bexpall'
-        # It seems that -bexpall does not export symbols beginning with
-        # underscore (_), so it is better to generate a list of symbols to
-	# export.
-        _LT_TAGVAR(always_export_symbols, $1)=yes
-        if test "$aix_use_runtimelinking" = yes; then
-          # Warning - without using the other runtime loading flags (-brtl),
-          # -berok will link without error, but may produce a broken library.
-          _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
-          # Determine the default libpath from the value encoded in an empty
-          # executable.
-          _LT_SYS_MODULE_PATH_AIX
-          _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-
-          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
-        else
-          if test "$host_cpu" = ia64; then
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
-	    _LT_TAGVAR(allow_undefined_flag, $1)="-z nodefs"
-	    _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags ${wl}${allow_undefined_flag} '"\${wl}$exp_sym_flag:\$export_symbols"
-          else
-	    # Determine the default libpath from the value encoded in an
-	    # empty executable.
-	    _LT_SYS_MODULE_PATH_AIX
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-	    # Warning - without using the other run time loading flags,
-	    # -berok will link without error, but may produce a broken library.
-	    _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
-	    _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
-	    # Exported symbols can be pulled into shared objects from archives
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
-	    _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
-	    # This is similar to how AIX traditionally builds its shared
-	    # libraries.
-	    _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
-          fi
-        fi
-        ;;
-
-      beos*)
-	if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-	  # Joseph Beckenbach <jrb3@best.com> says some releases of gcc
-	  # support --undefined.  This deserves some investigation.  FIXME
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -nostart $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	else
-	  _LT_TAGVAR(ld_shlibs, $1)=no
-	fi
-	;;
-
-      chorus*)
-        case $cc_basename in
-          *)
-	  # FIXME: insert proper C++ library support
-	  _LT_TAGVAR(ld_shlibs, $1)=no
-	  ;;
-        esac
-        ;;
-
-      cygwin* | mingw* | pw32* | cegcc*)
-        # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
-        # as there is no search path for DLLs.
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-        _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-        _LT_TAGVAR(always_export_symbols, $1)=no
-        _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-
-        if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
-          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-          # If the export-symbols file already is a .def file (1st line
-          # is EXPORTS), use it as is; otherwise, prepend...
-          _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
-	    cp $export_symbols $output_objdir/$soname.def;
-          else
-	    echo EXPORTS > $output_objdir/$soname.def;
-	    cat $export_symbols >> $output_objdir/$soname.def;
-          fi~
-          $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-        else
-          _LT_TAGVAR(ld_shlibs, $1)=no
-        fi
-        ;;
-      darwin* | rhapsody*)
-        _LT_DARWIN_LINKER_FEATURES($1)
-	;;
-
-      dgux*)
-        case $cc_basename in
-          ec++*)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          ghcx*)
-	    # Green Hills C++ Compiler
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          *)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-        esac
-        ;;
-
-      freebsd[[12]]*)
-        # C++ shared libraries reported to be fairly broken before
-	# switch to ELF
-        _LT_TAGVAR(ld_shlibs, $1)=no
-        ;;
-
-      freebsd-elf*)
-        _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-        ;;
-
-      freebsd* | dragonfly*)
-        # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF
-        # conventions
-        _LT_TAGVAR(ld_shlibs, $1)=yes
-        ;;
-
-      gnu*)
-        ;;
-
-      hpux9*)
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-        _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-        _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-        _LT_TAGVAR(hardcode_direct, $1)=yes
-        _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
-				             # but as the default
-				             # location of the library.
-
-        case $cc_basename in
-          CC*)
-            # FIXME: insert proper C++ library support
-            _LT_TAGVAR(ld_shlibs, $1)=no
-            ;;
-          aCC*)
-            _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -b ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
-            # Commands to make compiler produce verbose output that lists
-            # what "hidden" libraries, object files and flags are used when
-            # linking a shared library.
-            #
-            # There doesn't appear to be a way to prevent this compiler from
-            # explicitly linking system object files so we need to strip them
-            # from the output so that they don't get included in the library
-            # dependencies.
-            output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
-            ;;
-          *)
-            if test "$GXX" = yes; then
-              _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
-            else
-              # FIXME: insert proper C++ library support
-              _LT_TAGVAR(ld_shlibs, $1)=no
-            fi
-            ;;
-        esac
-        ;;
-
-      hpux10*|hpux11*)
-        if test $with_gnu_ld = no; then
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-	  _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-          case $host_cpu in
-            hppa*64*|ia64*)
-              ;;
-            *)
-	      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-              ;;
-          esac
-        fi
-        case $host_cpu in
-          hppa*64*|ia64*)
-            _LT_TAGVAR(hardcode_direct, $1)=no
-            _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-            ;;
-          *)
-            _LT_TAGVAR(hardcode_direct, $1)=yes
-            _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-            _LT_TAGVAR(hardcode_minus_L, $1)=yes # Not in the search PATH,
-					         # but as the default
-					         # location of the library.
-            ;;
-        esac
-
-        case $cc_basename in
-          CC*)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          aCC*)
-	    case $host_cpu in
-	      hppa*64*)
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	        ;;
-	      ia64*)
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	        ;;
-	      *)
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	        ;;
-	    esac
-	    # Commands to make compiler produce verbose output that lists
-	    # what "hidden" libraries, object files and flags are used when
-	    # linking a shared library.
-	    #
-	    # There doesn't appear to be a way to prevent this compiler from
-	    # explicitly linking system object files so we need to strip them
-	    # from the output so that they don't get included in the library
-	    # dependencies.
-	    output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
-	    ;;
-          *)
-	    if test "$GXX" = yes; then
-	      if test $with_gnu_ld = no; then
-	        case $host_cpu in
-	          hppa*64*)
-	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	            ;;
-	          ia64*)
-	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	            ;;
-	          *)
-	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	            ;;
-	        esac
-	      fi
-	    else
-	      # FIXME: insert proper C++ library support
-	      _LT_TAGVAR(ld_shlibs, $1)=no
-	    fi
-	    ;;
-        esac
-        ;;
-
-      interix[[3-9]]*)
-	_LT_TAGVAR(hardcode_direct, $1)=no
-	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-	# Hack: On Interix 3.x, we cannot compile PIC because of a broken gcc.
-	# Instead, shared libraries are loaded at an image base (0x10000000 by
-	# default) and relocated if they conflict, which is a slow very memory
-	# consuming and fragmenting process.  To avoid this, we pick a random,
-	# 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link
-	# time.  Moving up from 0x10000000 also allows more sbrk(2) space.
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
-	;;
-      irix5* | irix6*)
-        case $cc_basename in
-          CC*)
-	    # SGI C++
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-
-	    # Archives containing C++ object files must be created using
-	    # "CC -ar", where "CC" is the IRIX C++ compiler.  This is
-	    # necessary to make sure instantiated templates are included
-	    # in the archive.
-	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -ar -WR,-u -o $oldlib $oldobjs'
-	    ;;
-          *)
-	    if test "$GXX" = yes; then
-	      if test "$with_gnu_ld" = no; then
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-	      else
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` -o $lib'
-	      fi
-	    fi
-	    _LT_TAGVAR(link_all_deplibs, $1)=yes
-	    ;;
-        esac
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-        _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-        _LT_TAGVAR(inherit_rpath, $1)=yes
-        ;;
-
-      linux* | k*bsd*-gnu)
-        case $cc_basename in
-          KCC*)
-	    # Kuck and Associates, Inc. (KAI) C++ Compiler
-
-	    # KCC will only create a shared library if the output file
-	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
-	    # to its proper name (with version) after linking.
-	    _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo $lib | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib ${wl}-retain-symbols-file,$export_symbols; mv \$templib $lib'
-	    # Commands to make compiler produce verbose output that lists
-	    # what "hidden" libraries, object files and flags are used when
-	    # linking a shared library.
-	    #
-	    # There doesn't appear to be a way to prevent this compiler from
-	    # explicitly linking system object files so we need to strip them
-	    # from the output so that they don't get included in the library
-	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
-
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-
-	    # Archives containing C++ object files must be created using
-	    # "CC -Bstatic", where "CC" is the KAI C++ compiler.
-	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs'
-	    ;;
-	  icpc* | ecpc* )
-	    # Intel C++
-	    with_gnu_ld=yes
-	    # version 8.0 and above of icpc choke on multiply defined symbols
-	    # if we add $predep_objects and $postdep_objects, however 7.1 and
-	    # earlier do not add the objects themselves.
-	    case `$CC -V 2>&1` in
-	      *"Version 7."*)
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
-		_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-		;;
-	      *)  # Version 8.0 or newer
-	        tmp_idyn=
-	        case $host_cpu in
-		  ia64*) tmp_idyn=' -i_dynamic';;
-		esac
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-		_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared'"$tmp_idyn"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
-		;;
-	    esac
-	    _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
-	    ;;
-          pgCC* | pgcpp*)
-            # Portland Group C++ compiler
-	    case `$CC -V` in
-	    *pgCC\ [[1-5]]* | *pgcpp\ [[1-5]]*)
-	      _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
-		rm -rf $tpldir~
-		$CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
-		compile_command="$compile_command `find $tpldir -name \*.o | $NL2SP`"'
-	      _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
-		rm -rf $tpldir~
-		$CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
-		$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | $NL2SP`~
-		$RANLIB $oldlib'
-	      _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
-		rm -rf $tpldir~
-		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
-		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
-	      _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
-		rm -rf $tpldir~
-		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
-		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
-	      ;;
-	    *) # Version 6 will use weak symbols
-	      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
-	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
-	      ;;
-	    esac
-
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
-	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
-            ;;
-	  cxx*)
-	    # Compaq C++
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname  -o $lib ${wl}-retain-symbols-file $wl$export_symbols'
-
-	    runpath_var=LD_RUN_PATH
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
-	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-	    # Commands to make compiler produce verbose output that lists
-	    # what "hidden" libraries, object files and flags are used when
-	    # linking a shared library.
-	    #
-	    # There doesn't appear to be a way to prevent this compiler from
-	    # explicitly linking system object files so we need to strip them
-	    # from the output so that they don't get included in the library
-	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
-	    ;;
-	  xl*)
-	    # IBM XL 8.0 on PPC, with GNU ld
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	    if test "x$supports_anon_versioning" = xyes; then
-	      _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
-		cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
-		echo "local: *; };" >> $output_objdir/$libname.ver~
-		$CC -qmkshrobj $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib'
-	    fi
-	    ;;
-	  *)
-	    case `$CC -V 2>&1 | sed 5q` in
-	    *Sun\ C*)
-	      # Sun C++ 5.9
-	      _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
-	      _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
-	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
-	      _LT_TAGVAR(compiler_needs_object, $1)=yes
-
-	      # Not sure whether something based on
-	      # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
-	      # would be better.
-	      output_verbose_link_cmd='echo'
-
-	      # Archives containing C++ object files must be created using
-	      # "CC -xar", where "CC" is the Sun C++ compiler.  This is
-	      # necessary to make sure instantiated templates are included
-	      # in the archive.
-	      _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
-	      ;;
-	    esac
-	    ;;
-	esac
-	;;
-
-      lynxos*)
-        # FIXME: insert proper C++ library support
-	_LT_TAGVAR(ld_shlibs, $1)=no
-	;;
-
-      m88k*)
-        # FIXME: insert proper C++ library support
-        _LT_TAGVAR(ld_shlibs, $1)=no
-	;;
-
-      mvs*)
-        case $cc_basename in
-          cxx*)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-	  *)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-	esac
-	;;
-
-      netbsd*)
-        if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable  -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags'
-	  wlarc=
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-	  _LT_TAGVAR(hardcode_direct, $1)=yes
-	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	fi
-	# Workaround some broken pre-1.5 toolchains
-	output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP conftest.$objext | $SED -e "s:-lgcc -lc -lgcc::"'
-	;;
-
-      *nto* | *qnx*)
-        _LT_TAGVAR(ld_shlibs, $1)=yes
-	;;
-
-      openbsd2*)
-        # C++ shared libraries are fairly broken
-	_LT_TAGVAR(ld_shlibs, $1)=no
-	;;
-
-      openbsd*)
-	if test -f /usr/libexec/ld.so; then
-	  _LT_TAGVAR(hardcode_direct, $1)=yes
-	  _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	  _LT_TAGVAR(hardcode_direct_absolute, $1)=yes
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $lib'
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	  if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file,$export_symbols -o $lib'
-	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
-	  fi
-	  output_verbose_link_cmd=echo
-	else
-	  _LT_TAGVAR(ld_shlibs, $1)=no
-	fi
-	;;
-
-      osf3* | osf4* | osf5*)
-        case $cc_basename in
-          KCC*)
-	    # Kuck and Associates, Inc. (KAI) C++ Compiler
-
-	    # KCC will only create a shared library if the output file
-	    # ends with ".so" (or ".sl" for HP-UX), so rename the library
-	    # to its proper name (with version) after linking.
-	    _LT_TAGVAR(archive_cmds, $1)='tempext=`echo $shared_ext | $SED -e '\''s/\([[^()0-9A-Za-z{}]]\)/\\\\\1/g'\''`; templib=`echo "$lib" | $SED -e "s/\${tempext}\..*/.so/"`; $CC $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags --soname $soname -o \$templib; mv \$templib $lib'
-
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
-	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-	    # Archives containing C++ object files must be created using
-	    # the KAI C++ compiler.
-	    case $host in
-	      osf3*) _LT_TAGVAR(old_archive_cmds, $1)='$CC -Bstatic -o $oldlib $oldobjs' ;;
-	      *) _LT_TAGVAR(old_archive_cmds, $1)='$CC -o $oldlib $oldobjs' ;;
-	    esac
-	    ;;
-          RCC*)
-	    # Rational C++ 2.4.1
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          cxx*)
-	    case $host in
-	      osf3*)
-	        _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && $ECHO "X${wl}-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-		;;
-	      *)
-	        _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	        _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
-	          echo "-hidden">> $lib.exp~
-	          $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp  `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~
-	          $RM $lib.exp'
-	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
-		;;
-	    esac
-
-	    _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-	    # Commands to make compiler produce verbose output that lists
-	    # what "hidden" libraries, object files and flags are used when
-	    # linking a shared library.
-	    #
-	    # There doesn't appear to be a way to prevent this compiler from
-	    # explicitly linking system object files so we need to strip them
-	    # from the output so that they don't get included in the library
-	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
-	    ;;
-	  *)
-	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
-	      _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	      case $host in
-	        osf3*)
-	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-		  ;;
-	        *)
-	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
-		  ;;
-	      esac
-
-	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
-	      _LT_TAGVAR(hardcode_libdir_separator, $1)=:
-
-	      # Commands to make compiler produce verbose output that lists
-	      # what "hidden" libraries, object files and flags are used when
-	      # linking a shared library.
-	      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
-
-	    else
-	      # FIXME: insert proper C++ library support
-	      _LT_TAGVAR(ld_shlibs, $1)=no
-	    fi
-	    ;;
-        esac
-        ;;
-
-      psos*)
-        # FIXME: insert proper C++ library support
-        _LT_TAGVAR(ld_shlibs, $1)=no
-        ;;
-
-      sunos4*)
-        case $cc_basename in
-          CC*)
-	    # Sun C++ 4.x
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          lcc*)
-	    # Lucid
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          *)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-        esac
-        ;;
-
-      solaris*)
-        case $cc_basename in
-          CC*)
-	    # Sun C++ 4.2, 5.x and Centerline C++
-            _LT_TAGVAR(archive_cmds_need_lc,$1)=yes
-	    _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag}  -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	      $CC -G${allow_undefined_flag} ${wl}-M ${wl}$lib.exp -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
-
-	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-	    _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	    case $host_os in
-	      solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
-	      *)
-		# The compiler driver will combine and reorder linker options,
-		# but understands `-z linker_flag'.
-	        # Supported since Solaris 2.6 (maybe 2.5.1?)
-		_LT_TAGVAR(whole_archive_flag_spec, $1)='-z allextract$convenience -z defaultextract'
-	        ;;
-	    esac
-	    _LT_TAGVAR(link_all_deplibs, $1)=yes
-
-	    output_verbose_link_cmd='echo'
-
-	    # Archives containing C++ object files must be created using
-	    # "CC -xar", where "CC" is the Sun C++ compiler.  This is
-	    # necessary to make sure instantiated templates are included
-	    # in the archive.
-	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -xar -o $oldlib $oldobjs'
-	    ;;
-          gcx*)
-	    # Green Hills C++ Compiler
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
-
-	    # The C++ compiler must be used to create the archive.
-	    _LT_TAGVAR(old_archive_cmds, $1)='$CC $LDFLAGS -archive -o $oldlib $oldobjs'
-	    ;;
-          *)
-	    # GNU C++ compiler with Solaris linker
-	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
-	      _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
-	      if $CC --version | $GREP -v '^2\.7' > /dev/null; then
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
-	        _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-		  $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
-
-	        # Commands to make compiler produce verbose output that lists
-	        # what "hidden" libraries, object files and flags are used when
-	        # linking a shared library.
-	        output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
-	      else
-	        # g++ 2.7 appears to require `-G' NOT `-shared' on this
-	        # platform.
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -G -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
-	        _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-		  $CC -G -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
-
-	        # Commands to make compiler produce verbose output that lists
-	        # what "hidden" libraries, object files and flags are used when
-	        # linking a shared library.
-	        output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
-	      fi
-
-	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
-	      case $host_os in
-		solaris2.[[0-5]] | solaris2.[[0-5]].*) ;;
-		*)
-		  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}-z ${wl}allextract$convenience ${wl}-z ${wl}defaultextract'
-		  ;;
-	      esac
-	    fi
-	    ;;
-        esac
-        ;;
-
-    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[[01]].[[10]]* | unixware7* | sco3.2v5.0.[[024]]*)
-      _LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
-      _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-      _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-      runpath_var='LD_RUN_PATH'
-
-      case $cc_basename in
-        CC*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-	*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	  ;;
-      esac
-      ;;
-
-      sysv5* | sco3.2v5* | sco5v6*)
-	# Note: We can NOT use -z defs as we might desire, because we do not
-	# link with -lc, and that would cause any symbols used from libc to
-	# always be unresolved, which means just about no library would
-	# ever link correctly.  If we're not using GNU ld we use -z text
-	# though, which does catch some bad symbols but isn't as heavy-handed
-	# as -z defs.
-	_LT_TAGVAR(no_undefined_flag, $1)='${wl}-z,text'
-	_LT_TAGVAR(allow_undefined_flag, $1)='${wl}-z,nodefs'
-	_LT_TAGVAR(archive_cmds_need_lc, $1)=no
-	_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
-	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R,$libdir'
-	_LT_TAGVAR(hardcode_libdir_separator, $1)=':'
-	_LT_TAGVAR(link_all_deplibs, $1)=yes
-	_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-Bexport'
-	runpath_var='LD_RUN_PATH'
-
-	case $cc_basename in
-          CC*)
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	    ;;
-	  *)
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
-	    ;;
-	esac
-      ;;
-
-      tandem*)
-        case $cc_basename in
-          NCC*)
-	    # NonStop-UX NCC 3.20
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-          *)
-	    # FIXME: insert proper C++ library support
-	    _LT_TAGVAR(ld_shlibs, $1)=no
-	    ;;
-        esac
-        ;;
-
-      vxworks*)
-        # FIXME: insert proper C++ library support
-        _LT_TAGVAR(ld_shlibs, $1)=no
-        ;;
-
-      *)
-        # FIXME: insert proper C++ library support
-        _LT_TAGVAR(ld_shlibs, $1)=no
-        ;;
-    esac
-
-    AC_MSG_RESULT([$_LT_TAGVAR(ld_shlibs, $1)])
-    test "$_LT_TAGVAR(ld_shlibs, $1)" = no && can_build_shared=no
-
-    _LT_TAGVAR(GCC, $1)="$GXX"
-    _LT_TAGVAR(LD, $1)="$LD"
-
-    ## CAVEAT EMPTOR:
-    ## There is no encapsulation within the following macros, do not change
-    ## the running order or otherwise move them around unless you know exactly
-    ## what you are doing...
-    _LT_SYS_HIDDEN_LIBDEPS($1)
-    _LT_COMPILER_PIC($1)
-    _LT_COMPILER_C_O($1)
-    _LT_COMPILER_FILE_LOCKS($1)
-    _LT_LINKER_SHLIBS($1)
-    _LT_SYS_DYNAMIC_LINKER($1)
-    _LT_LINKER_HARDCODE_LIBPATH($1)
-
-    _LT_CONFIG($1)
-  fi # test -n "$compiler"
-
-  CC=$lt_save_CC
-  LDCXX=$LD
-  LD=$lt_save_LD
-  GCC=$lt_save_GCC
-  with_gnu_ld=$lt_save_with_gnu_ld
-  lt_cv_path_LDCXX=$lt_cv_path_LD
-  lt_cv_path_LD=$lt_save_path_LD
-  lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld
-  lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld
-fi # test "$_lt_caught_CXX_error" != yes
-
-AC_LANG_POP
-])# _LT_LANG_CXX_CONFIG
-
-
-# _LT_SYS_HIDDEN_LIBDEPS([TAGNAME])
-# ---------------------------------
-# Figure out "hidden" library dependencies from verbose
-# compiler output when linking a shared library.
-# Parse the compiler output and extract the necessary
-# objects, libraries and library flags.
-m4_defun([_LT_SYS_HIDDEN_LIBDEPS],
-[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
-# Dependencies to place before and after the object being linked:
-_LT_TAGVAR(predep_objects, $1)=
-_LT_TAGVAR(postdep_objects, $1)=
-_LT_TAGVAR(predeps, $1)=
-_LT_TAGVAR(postdeps, $1)=
-_LT_TAGVAR(compiler_lib_search_path, $1)=
-
-dnl we can't use the lt_simple_compile_test_code here,
-dnl because it contains code intended for an executable,
-dnl not a library.  It's possible we should let each
-dnl tag define a new lt_????_link_test_code variable,
-dnl but it's only used here...
-m4_if([$1], [], [cat > conftest.$ac_ext <<_LT_EOF
-int a;
-void foo (void) { a = 0; }
-_LT_EOF
-], [$1], [CXX], [cat > conftest.$ac_ext <<_LT_EOF
-class Foo
-{
-public:
-  Foo (void) { a = 0; }
-private:
-  int a;
-};
-_LT_EOF
-], [$1], [F77], [cat > conftest.$ac_ext <<_LT_EOF
-      subroutine foo
-      implicit none
-      integer*4 a
-      a=0
-      return
-      end
-_LT_EOF
-], [$1], [FC], [cat > conftest.$ac_ext <<_LT_EOF
-      subroutine foo
-      implicit none
-      integer a
-      a=0
-      return
-      end
-_LT_EOF
-], [$1], [GCJ], [cat > conftest.$ac_ext <<_LT_EOF
-public class foo {
-  private int a;
-  public void bar (void) {
-    a = 0;
-  }
-};
-_LT_EOF
-])
-dnl Parse the compiler output and extract the necessary
-dnl objects, libraries and library flags.
-if AC_TRY_EVAL(ac_compile); then
-  # Parse the compiler output and extract the necessary
-  # objects, libraries and library flags.
-
-  # Sentinel used to keep track of whether or not we are before
-  # the conftest object file.
-  pre_test_object_deps_done=no
-
-  for p in `eval "$output_verbose_link_cmd"`; do
-    case $p in
-
-    -L* | -R* | -l*)
-       # Some compilers place space between "-{L,R}" and the path.
-       # Remove the space.
-       if test $p = "-L" ||
-          test $p = "-R"; then
-	 prev=$p
-	 continue
-       else
-	 prev=
-       fi
-
-       if test "$pre_test_object_deps_done" = no; then
-	 case $p in
-	 -L* | -R*)
-	   # Internal compiler library paths should come after those
-	   # provided the user.  The postdeps already come after the
-	   # user supplied libs so there is no need to process them.
-	   if test -z "$_LT_TAGVAR(compiler_lib_search_path, $1)"; then
-	     _LT_TAGVAR(compiler_lib_search_path, $1)="${prev}${p}"
-	   else
-	     _LT_TAGVAR(compiler_lib_search_path, $1)="${_LT_TAGVAR(compiler_lib_search_path, $1)} ${prev}${p}"
-	   fi
-	   ;;
-	 # The "-l" case would never come before the object being
-	 # linked, so don't bother handling this case.
-	 esac
-       else
-	 if test -z "$_LT_TAGVAR(postdeps, $1)"; then
-	   _LT_TAGVAR(postdeps, $1)="${prev}${p}"
-	 else
-	   _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}"
-	 fi
-       fi
-       ;;
-
-    *.$objext)
-       # This assumes that the test object file only shows up
-       # once in the compiler output.
-       if test "$p" = "conftest.$objext"; then
-	 pre_test_object_deps_done=yes
-	 continue
-       fi
-
-       if test "$pre_test_object_deps_done" = no; then
-	 if test -z "$_LT_TAGVAR(predep_objects, $1)"; then
-	   _LT_TAGVAR(predep_objects, $1)="$p"
-	 else
-	   _LT_TAGVAR(predep_objects, $1)="$_LT_TAGVAR(predep_objects, $1) $p"
-	 fi
-       else
-	 if test -z "$_LT_TAGVAR(postdep_objects, $1)"; then
-	   _LT_TAGVAR(postdep_objects, $1)="$p"
-	 else
-	   _LT_TAGVAR(postdep_objects, $1)="$_LT_TAGVAR(postdep_objects, $1) $p"
-	 fi
-       fi
-       ;;
-
-    *) ;; # Ignore the rest.
-
-    esac
-  done
-
-  # Clean up.
-  rm -f a.out a.exe
-else
-  echo "libtool.m4: error: problem compiling $1 test program"
-fi
-
-$RM -f confest.$objext
-
-# PORTME: override above test on systems where it is broken
-m4_if([$1], [CXX],
-[case $host_os in
-interix[[3-9]]*)
-  # Interix 3.5 installs completely hosed .la files for C++, so rather than
-  # hack all around it, let's just trust "g++" to DTRT.
-  _LT_TAGVAR(predep_objects,$1)=
-  _LT_TAGVAR(postdep_objects,$1)=
-  _LT_TAGVAR(postdeps,$1)=
-  ;;
-
-linux*)
-  case `$CC -V 2>&1 | sed 5q` in
-  *Sun\ C*)
-    # Sun C++ 5.9
-
-    # The more standards-conforming stlport4 library is
-    # incompatible with the Cstd library. Avoid specifying
-    # it if it's in CXXFLAGS. Ignore libCrun as
-    # -library=stlport4 depends on it.
-    case " $CXX $CXXFLAGS " in
-    *" -library=stlport4 "*)
-      solaris_use_stlport4=yes
-      ;;
-    esac
-
-    if test "$solaris_use_stlport4" != yes; then
-      _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
-    fi
-    ;;
-  esac
-  ;;
-
-solaris*)
-  case $cc_basename in
-  CC*)
-    # The more standards-conforming stlport4 library is
-    # incompatible with the Cstd library. Avoid specifying
-    # it if it's in CXXFLAGS. Ignore libCrun as
-    # -library=stlport4 depends on it.
-    case " $CXX $CXXFLAGS " in
-    *" -library=stlport4 "*)
-      solaris_use_stlport4=yes
-      ;;
-    esac
-
-    # Adding this requires a known-good setup of shared libraries for
-    # Sun compiler versions before 5.6, else PIC objects from an old
-    # archive will be linked into the output, leading to subtle bugs.
-    if test "$solaris_use_stlport4" != yes; then
-      _LT_TAGVAR(postdeps,$1)='-library=Cstd -library=Crun'
-    fi
-    ;;
-  esac
-  ;;
-esac
-])
-
-case " $_LT_TAGVAR(postdeps, $1) " in
-*" -lc "*) _LT_TAGVAR(archive_cmds_need_lc, $1)=no ;;
-esac
- _LT_TAGVAR(compiler_lib_search_dirs, $1)=
-if test -n "${_LT_TAGVAR(compiler_lib_search_path, $1)}"; then
- _LT_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'`
-fi
-_LT_TAGDECL([], [compiler_lib_search_dirs], [1],
-    [The directories searched by this compiler when creating a shared library])
-_LT_TAGDECL([], [predep_objects], [1],
-    [Dependencies to place before and after the objects being linked to
-    create a shared library])
-_LT_TAGDECL([], [postdep_objects], [1])
-_LT_TAGDECL([], [predeps], [1])
-_LT_TAGDECL([], [postdeps], [1])
-_LT_TAGDECL([], [compiler_lib_search_path], [1],
-    [The library search path used internally by the compiler when linking
-    a shared library])
-])# _LT_SYS_HIDDEN_LIBDEPS
-
-
-# _LT_PROG_F77
-# ------------
-# Since AC_PROG_F77 is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_F77],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_F77=yes])
-AC_PROG_F77
-if test -z "$F77" || test "X$F77" = "Xno"; then
-  _lt_disable_F77=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_F77
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_F77], [])
-
-
-# _LT_LANG_F77_CONFIG([TAG])
-# --------------------------
-# Ensure that the configuration variables for a Fortran 77 compiler are
-# suitably defined.  These variables are subsequently used by _LT_CONFIG
-# to write the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_F77_CONFIG],
-[AC_REQUIRE([_LT_PROG_F77])dnl
-AC_LANG_PUSH(Fortran 77)
-
-_LT_TAGVAR(archive_cmds_need_lc, $1)=no
-_LT_TAGVAR(allow_undefined_flag, $1)=
-_LT_TAGVAR(always_export_symbols, $1)=no
-_LT_TAGVAR(archive_expsym_cmds, $1)=
-_LT_TAGVAR(export_dynamic_flag_spec, $1)=
-_LT_TAGVAR(hardcode_direct, $1)=no
-_LT_TAGVAR(hardcode_direct_absolute, $1)=no
-_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-_LT_TAGVAR(hardcode_libdir_separator, $1)=
-_LT_TAGVAR(hardcode_minus_L, $1)=no
-_LT_TAGVAR(hardcode_automatic, $1)=no
-_LT_TAGVAR(inherit_rpath, $1)=no
-_LT_TAGVAR(module_cmds, $1)=
-_LT_TAGVAR(module_expsym_cmds, $1)=
-_LT_TAGVAR(link_all_deplibs, $1)=unknown
-_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-_LT_TAGVAR(no_undefined_flag, $1)=
-_LT_TAGVAR(whole_archive_flag_spec, $1)=
-_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-
-# Source file extension for f77 test sources.
-ac_ext=f
-
-# Object file extension for compiled f77 test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# No sense in running all these tests if we already determined that
-# the F77 compiler isn't working.  Some variables (like enable_shared)
-# are currently assumed to apply to all compilers on this platform,
-# and will be corrupted by setting them based on a non-working compiler.
-if test "$_lt_disable_F77" != yes; then
-  # Code to be used in simple compile tests
-  lt_simple_compile_test_code="\
-      subroutine t
-      return
-      end
-"
-
-  # Code to be used in simple link tests
-  lt_simple_link_test_code="\
-      program t
-      end
-"
-
-  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
-  _LT_TAG_COMPILER
-
-  # save warnings/boilerplate of simple test code
-  _LT_COMPILER_BOILERPLATE
-  _LT_LINKER_BOILERPLATE
-
-  # Allow CC to be a program name with arguments.
-  lt_save_CC="$CC"
-  lt_save_GCC=$GCC
-  CC=${F77-"f77"}
-  compiler=$CC
-  _LT_TAGVAR(compiler, $1)=$CC
-  _LT_CC_BASENAME([$compiler])
-  GCC=$G77
-  if test -n "$compiler"; then
-    AC_MSG_CHECKING([if libtool supports shared libraries])
-    AC_MSG_RESULT([$can_build_shared])
-
-    AC_MSG_CHECKING([whether to build shared libraries])
-    test "$can_build_shared" = "no" && enable_shared=no
-
-    # On AIX, shared libraries and static libraries use the same namespace, and
-    # are all built from PIC.
-    case $host_os in
-      aix3*)
-        test "$enable_shared" = yes && enable_static=no
-        if test -n "$RANLIB"; then
-          archive_cmds="$archive_cmds~\$RANLIB \$lib"
-          postinstall_cmds='$RANLIB $lib'
-        fi
-        ;;
-      aix[[4-9]]*)
-	if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
-	  test "$enable_shared" = yes && enable_static=no
-	fi
-        ;;
-    esac
-    AC_MSG_RESULT([$enable_shared])
-
-    AC_MSG_CHECKING([whether to build static libraries])
-    # Make sure either enable_shared or enable_static is yes.
-    test "$enable_shared" = yes || enable_static=yes
-    AC_MSG_RESULT([$enable_static])
-
-    _LT_TAGVAR(GCC, $1)="$G77"
-    _LT_TAGVAR(LD, $1)="$LD"
-
-    ## CAVEAT EMPTOR:
-    ## There is no encapsulation within the following macros, do not change
-    ## the running order or otherwise move them around unless you know exactly
-    ## what you are doing...
-    _LT_COMPILER_PIC($1)
-    _LT_COMPILER_C_O($1)
-    _LT_COMPILER_FILE_LOCKS($1)
-    _LT_LINKER_SHLIBS($1)
-    _LT_SYS_DYNAMIC_LINKER($1)
-    _LT_LINKER_HARDCODE_LIBPATH($1)
-
-    _LT_CONFIG($1)
-  fi # test -n "$compiler"
-
-  GCC=$lt_save_GCC
-  CC="$lt_save_CC"
-fi # test "$_lt_disable_F77" != yes
-
-AC_LANG_POP
-])# _LT_LANG_F77_CONFIG
-
-
-# _LT_PROG_FC
-# -----------
-# Since AC_PROG_FC is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_FC],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_FC=yes])
-AC_PROG_FC
-if test -z "$FC" || test "X$FC" = "Xno"; then
-  _lt_disable_FC=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_FC
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_FC], [])
-
-
-# _LT_LANG_FC_CONFIG([TAG])
-# -------------------------
-# Ensure that the configuration variables for a Fortran compiler are
-# suitably defined.  These variables are subsequently used by _LT_CONFIG
-# to write the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_FC_CONFIG],
-[AC_REQUIRE([_LT_PROG_FC])dnl
-AC_LANG_PUSH(Fortran)
-
-_LT_TAGVAR(archive_cmds_need_lc, $1)=no
-_LT_TAGVAR(allow_undefined_flag, $1)=
-_LT_TAGVAR(always_export_symbols, $1)=no
-_LT_TAGVAR(archive_expsym_cmds, $1)=
-_LT_TAGVAR(export_dynamic_flag_spec, $1)=
-_LT_TAGVAR(hardcode_direct, $1)=no
-_LT_TAGVAR(hardcode_direct_absolute, $1)=no
-_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
-_LT_TAGVAR(hardcode_libdir_separator, $1)=
-_LT_TAGVAR(hardcode_minus_L, $1)=no
-_LT_TAGVAR(hardcode_automatic, $1)=no
-_LT_TAGVAR(inherit_rpath, $1)=no
-_LT_TAGVAR(module_cmds, $1)=
-_LT_TAGVAR(module_expsym_cmds, $1)=
-_LT_TAGVAR(link_all_deplibs, $1)=unknown
-_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-_LT_TAGVAR(no_undefined_flag, $1)=
-_LT_TAGVAR(whole_archive_flag_spec, $1)=
-_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
-
-# Source file extension for fc test sources.
-ac_ext=${ac_fc_srcext-f}
-
-# Object file extension for compiled fc test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# No sense in running all these tests if we already determined that
-# the FC compiler isn't working.  Some variables (like enable_shared)
-# are currently assumed to apply to all compilers on this platform,
-# and will be corrupted by setting them based on a non-working compiler.
-if test "$_lt_disable_FC" != yes; then
-  # Code to be used in simple compile tests
-  lt_simple_compile_test_code="\
-      subroutine t
-      return
-      end
-"
-
-  # Code to be used in simple link tests
-  lt_simple_link_test_code="\
-      program t
-      end
-"
-
-  # ltmain only uses $CC for tagged configurations so make sure $CC is set.
-  _LT_TAG_COMPILER
-
-  # save warnings/boilerplate of simple test code
-  _LT_COMPILER_BOILERPLATE
-  _LT_LINKER_BOILERPLATE
-
-  # Allow CC to be a program name with arguments.
-  lt_save_CC="$CC"
-  lt_save_GCC=$GCC
-  CC=${FC-"f95"}
-  compiler=$CC
-  GCC=$ac_cv_fc_compiler_gnu
-
-  _LT_TAGVAR(compiler, $1)=$CC
-  _LT_CC_BASENAME([$compiler])
-
-  if test -n "$compiler"; then
-    AC_MSG_CHECKING([if libtool supports shared libraries])
-    AC_MSG_RESULT([$can_build_shared])
-
-    AC_MSG_CHECKING([whether to build shared libraries])
-    test "$can_build_shared" = "no" && enable_shared=no
-
-    # On AIX, shared libraries and static libraries use the same namespace, and
-    # are all built from PIC.
-    case $host_os in
-      aix3*)
-        test "$enable_shared" = yes && enable_static=no
-        if test -n "$RANLIB"; then
-          archive_cmds="$archive_cmds~\$RANLIB \$lib"
-          postinstall_cmds='$RANLIB $lib'
-        fi
-        ;;
-      aix[[4-9]]*)
-	if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then
-	  test "$enable_shared" = yes && enable_static=no
-	fi
-        ;;
-    esac
-    AC_MSG_RESULT([$enable_shared])
-
-    AC_MSG_CHECKING([whether to build static libraries])
-    # Make sure either enable_shared or enable_static is yes.
-    test "$enable_shared" = yes || enable_static=yes
-    AC_MSG_RESULT([$enable_static])
-
-    _LT_TAGVAR(GCC, $1)="$ac_cv_fc_compiler_gnu"
-    _LT_TAGVAR(LD, $1)="$LD"
-
-    ## CAVEAT EMPTOR:
-    ## There is no encapsulation within the following macros, do not change
-    ## the running order or otherwise move them around unless you know exactly
-    ## what you are doing...
-    _LT_SYS_HIDDEN_LIBDEPS($1)
-    _LT_COMPILER_PIC($1)
-    _LT_COMPILER_C_O($1)
-    _LT_COMPILER_FILE_LOCKS($1)
-    _LT_LINKER_SHLIBS($1)
-    _LT_SYS_DYNAMIC_LINKER($1)
-    _LT_LINKER_HARDCODE_LIBPATH($1)
-
-    _LT_CONFIG($1)
-  fi # test -n "$compiler"
-
-  GCC=$lt_save_GCC
-  CC="$lt_save_CC"
-fi # test "$_lt_disable_FC" != yes
-
-AC_LANG_POP
-])# _LT_LANG_FC_CONFIG
-
-
-# _LT_LANG_GCJ_CONFIG([TAG])
-# --------------------------
-# Ensure that the configuration variables for the GNU Java Compiler compiler
-# are suitably defined.  These variables are subsequently used by _LT_CONFIG
-# to write the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_GCJ_CONFIG],
-[AC_REQUIRE([LT_PROG_GCJ])dnl
-AC_LANG_SAVE
-
-# Source file extension for Java test sources.
-ac_ext=java
-
-# Object file extension for compiled Java test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code="class foo {}"
-
-# Code to be used in simple link tests
-lt_simple_link_test_code='public class conftest { public static void main(String[[]] argv) {}; }'
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_TAG_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
-lt_save_GCC=$GCC
-GCC=yes
-CC=${GCJ-"gcj"}
-compiler=$CC
-_LT_TAGVAR(compiler, $1)=$CC
-_LT_TAGVAR(LD, $1)="$LD"
-_LT_CC_BASENAME([$compiler])
-
-# GCJ did not exist at the time GCC didn't implicitly link libc in.
-_LT_TAGVAR(archive_cmds_need_lc, $1)=no
-
-_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
-
-if test -n "$compiler"; then
-  _LT_COMPILER_NO_RTTI($1)
-  _LT_COMPILER_PIC($1)
-  _LT_COMPILER_C_O($1)
-  _LT_COMPILER_FILE_LOCKS($1)
-  _LT_LINKER_SHLIBS($1)
-  _LT_LINKER_HARDCODE_LIBPATH($1)
-
-  _LT_CONFIG($1)
-fi
-
-AC_LANG_RESTORE
-
-GCC=$lt_save_GCC
-CC="$lt_save_CC"
-])# _LT_LANG_GCJ_CONFIG
-
-
-# _LT_LANG_RC_CONFIG([TAG])
-# -------------------------
-# Ensure that the configuration variables for the Windows resource compiler
-# are suitably defined.  These variables are subsequently used by _LT_CONFIG
-# to write the compiler configuration to `libtool'.
-m4_defun([_LT_LANG_RC_CONFIG],
-[AC_REQUIRE([LT_PROG_RC])dnl
-AC_LANG_SAVE
-
-# Source file extension for RC test sources.
-ac_ext=rc
-
-# Object file extension for compiled RC test sources.
-objext=o
-_LT_TAGVAR(objext, $1)=$objext
-
-# Code to be used in simple compile tests
-lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }'
-
-# Code to be used in simple link tests
-lt_simple_link_test_code="$lt_simple_compile_test_code"
-
-# ltmain only uses $CC for tagged configurations so make sure $CC is set.
-_LT_TAG_COMPILER
-
-# save warnings/boilerplate of simple test code
-_LT_COMPILER_BOILERPLATE
-_LT_LINKER_BOILERPLATE
-
-# Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
-lt_save_GCC=$GCC
-GCC=
-CC=${RC-"windres"}
-compiler=$CC
-_LT_TAGVAR(compiler, $1)=$CC
-_LT_CC_BASENAME([$compiler])
-_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
-
-if test -n "$compiler"; then
-  :
-  _LT_CONFIG($1)
-fi
-
-GCC=$lt_save_GCC
-AC_LANG_RESTORE
-CC="$lt_save_CC"
-])# _LT_LANG_RC_CONFIG
-
-
-# LT_PROG_GCJ
-# -----------
-AC_DEFUN([LT_PROG_GCJ],
-[m4_ifdef([AC_PROG_GCJ], [AC_PROG_GCJ],
-  [m4_ifdef([A][M_PROG_GCJ], [A][M_PROG_GCJ],
-    [AC_CHECK_TOOL(GCJ, gcj,)
-      test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2"
-      AC_SUBST(GCJFLAGS)])])[]dnl
-])
-
-# Old name:
-AU_ALIAS([LT_AC_PROG_GCJ], [LT_PROG_GCJ])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([LT_AC_PROG_GCJ], [])
-
-
-# LT_PROG_RC
-# ----------
-AC_DEFUN([LT_PROG_RC],
-[AC_CHECK_TOOL(RC, windres,)
-])
-
-# Old name:
-AU_ALIAS([LT_AC_PROG_RC], [LT_PROG_RC])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([LT_AC_PROG_RC], [])
-
-
-# _LT_DECL_EGREP
-# --------------
-# If we don't have a new enough Autoconf to choose the best grep
-# available, choose the one first in the user's PATH.
-m4_defun([_LT_DECL_EGREP],
-[AC_REQUIRE([AC_PROG_EGREP])dnl
-AC_REQUIRE([AC_PROG_FGREP])dnl
-test -z "$GREP" && GREP=grep
-_LT_DECL([], [GREP], [1], [A grep program that handles long lines])
-_LT_DECL([], [EGREP], [1], [An ERE matcher])
-_LT_DECL([], [FGREP], [1], [A literal string matcher])
-dnl Non-bleeding-edge autoconf doesn't subst GREP, so do it here too
-AC_SUBST([GREP])
-])
-
-
-# _LT_DECL_OBJDUMP
-# --------------
-# If we don't have a new enough Autoconf to choose the best objdump
-# available, choose the one first in the user's PATH.
-m4_defun([_LT_DECL_OBJDUMP],
-[AC_CHECK_TOOL(OBJDUMP, objdump, false)
-test -z "$OBJDUMP" && OBJDUMP=objdump
-_LT_DECL([], [OBJDUMP], [1], [An object symbol dumper])
-AC_SUBST([OBJDUMP])
-])
-
-
-# _LT_DECL_SED
-# ------------
-# Check for a fully-functional sed program, that truncates
-# as few characters as possible.  Prefer GNU sed if found.
-m4_defun([_LT_DECL_SED],
-[AC_PROG_SED
-test -z "$SED" && SED=sed
-Xsed="$SED -e 1s/^X//"
-_LT_DECL([], [SED], [1], [A sed program that does not truncate output])
-_LT_DECL([], [Xsed], ["\$SED -e 1s/^X//"],
-    [Sed that helps us avoid accidentally triggering echo(1) options like -n])
-])# _LT_DECL_SED
-
-m4_ifndef([AC_PROG_SED], [
-# NOTE: This macro has been submitted for inclusion into   #
-#  GNU Autoconf as AC_PROG_SED.  When it is available in   #
-#  a released version of Autoconf we should remove this    #
-#  macro and use it instead.                               #
-
-m4_defun([AC_PROG_SED],
-[AC_MSG_CHECKING([for a sed that does not truncate output])
-AC_CACHE_VAL(lt_cv_path_SED,
-[# Loop through the user's path and test for sed and gsed.
-# Then use that list of sed's as ones to test for truncation.
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-  for lt_ac_prog in sed gsed; do
-    for ac_exec_ext in '' $ac_executable_extensions; do
-      if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then
-        lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext"
-      fi
-    done
-  done
-done
-IFS=$as_save_IFS
-lt_ac_max=0
-lt_ac_count=0
-# Add /usr/xpg4/bin/sed as it is typically found on Solaris
-# along with /bin/sed that truncates output.
-for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do
-  test ! -f $lt_ac_sed && continue
-  cat /dev/null > conftest.in
-  lt_ac_count=0
-  echo $ECHO_N "0123456789$ECHO_C" >conftest.in
-  # Check for GNU sed and select it if it is found.
-  if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then
-    lt_cv_path_SED=$lt_ac_sed
-    break
-  fi
-  while true; do
-    cat conftest.in conftest.in >conftest.tmp
-    mv conftest.tmp conftest.in
-    cp conftest.in conftest.nl
-    echo >>conftest.nl
-    $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break
-    cmp -s conftest.out conftest.nl || break
-    # 10000 chars as input seems more than enough
-    test $lt_ac_count -gt 10 && break
-    lt_ac_count=`expr $lt_ac_count + 1`
-    if test $lt_ac_count -gt $lt_ac_max; then
-      lt_ac_max=$lt_ac_count
-      lt_cv_path_SED=$lt_ac_sed
-    fi
-  done
-done
-])
-SED=$lt_cv_path_SED
-AC_SUBST([SED])
-AC_MSG_RESULT([$SED])
-])#AC_PROG_SED
-])#m4_ifndef
-
-# Old name:
-AU_ALIAS([LT_AC_PROG_SED], [AC_PROG_SED])
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([LT_AC_PROG_SED], [])
-
-
-# _LT_CHECK_SHELL_FEATURES
-# ------------------------
-# Find out whether the shell is Bourne or XSI compatible,
-# or has some other useful features.
-m4_defun([_LT_CHECK_SHELL_FEATURES],
-[AC_MSG_CHECKING([whether the shell understands some XSI constructs])
-# Try some XSI features
-xsi_shell=no
-( _lt_dummy="a/b/c"
-  test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \
-      = c,a/b,, \
-    && eval 'test $(( 1 + 1 )) -eq 2 \
-    && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
-  && xsi_shell=yes
-AC_MSG_RESULT([$xsi_shell])
-_LT_CONFIG_LIBTOOL_INIT([xsi_shell='$xsi_shell'])
-
-AC_MSG_CHECKING([whether the shell understands "+="])
-lt_shell_append=no
-( foo=bar; set foo baz; eval "$[1]+=\$[2]" && test "$foo" = barbaz ) \
-    >/dev/null 2>&1 \
-  && lt_shell_append=yes
-AC_MSG_RESULT([$lt_shell_append])
-_LT_CONFIG_LIBTOOL_INIT([lt_shell_append='$lt_shell_append'])
-
-if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then
-  lt_unset=unset
-else
-  lt_unset=false
-fi
-_LT_DECL([], [lt_unset], [0], [whether the shell understands "unset"])dnl
-
-# test EBCDIC or ASCII
-case `echo X|tr X '\101'` in
- A) # ASCII based system
-    # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr
-  lt_SP2NL='tr \040 \012'
-  lt_NL2SP='tr \015\012 \040\040'
-  ;;
- *) # EBCDIC based system
-  lt_SP2NL='tr \100 \n'
-  lt_NL2SP='tr \r\n \100\100'
-  ;;
-esac
-_LT_DECL([SP2NL], [lt_SP2NL], [1], [turn spaces into newlines])dnl
-_LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl
-])# _LT_CHECK_SHELL_FEATURES
-
-
-# _LT_PROG_XSI_SHELLFNS
-# ---------------------
-# Bourne and XSI compatible variants of some useful shell functions.
-m4_defun([_LT_PROG_XSI_SHELLFNS],
-[case $xsi_shell in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-}
-
-# func_basename file
-func_basename ()
-{
-  func_basename_result="${1##*/}"
-}
-
-# func_dirname_and_basename file append nondir_replacement
-# perform func_basename and func_dirname in a single function
-# call:
-#   dirname:  Compute the dirname of FILE.  If nonempty,
-#             add APPEND to the result, otherwise set result
-#             to NONDIR_REPLACEMENT.
-#             value returned in "$func_dirname_result"
-#   basename: Compute filename of FILE.
-#             value retuned in "$func_basename_result"
-# Implementation must be kept synchronized with func_dirname
-# and func_basename. For efficiency, we do not delegate to
-# those functions but instead duplicate the functionality here.
-func_dirname_and_basename ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-  func_basename_result="${1##*/}"
-}
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-func_stripname ()
-{
-  # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
-  # positional parameters, so assign one to ordinary parameter first.
-  func_stripname_result=${3}
-  func_stripname_result=${func_stripname_result#"${1}"}
-  func_stripname_result=${func_stripname_result%"${2}"}
-}
-
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=${1%%=*}
-  func_opt_split_arg=${1#*=}
-}
-
-# func_lo2o object
-func_lo2o ()
-{
-  case ${1} in
-    *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
-    *)    func_lo2o_result=${1} ;;
-  esac
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=${1%.*}.lo
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=$(( $[*] ))
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=${#1}
-}
-
-_LT_EOF
-    ;;
-  *) # Bourne compatible functions.
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  # Extract subdirectory from the argument.
-  func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
-  if test "X$func_dirname_result" = "X${1}"; then
-    func_dirname_result="${3}"
-  else
-    func_dirname_result="$func_dirname_result${2}"
-  fi
-}
-
-# func_basename file
-func_basename ()
-{
-  func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
-}
-
-dnl func_dirname_and_basename
-dnl A portable version of this function is already defined in general.m4sh
-dnl so there is no need for it here.
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-# func_strip_suffix prefix name
-func_stripname ()
-{
-  case ${2} in
-    .*) func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%\\\\${2}\$%%"`;;
-    *)  func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%${2}\$%%"`;;
-  esac
-}
-
-# sed scripts:
-my_sed_long_opt='1s/^\(-[[^=]]*\)=.*/\1/;q'
-my_sed_long_arg='1s/^-[[^=]]*=//'
-
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_opt"`
-  func_opt_split_arg=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_arg"`
-}
-
-# func_lo2o object
-func_lo2o ()
-{
-  func_lo2o_result=`$ECHO "X${1}" | $Xsed -e "$lo2o"`
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=`$ECHO "X${1}" | $Xsed -e 's/\.[[^.]]*$/.lo/'`
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=`expr "$[@]"`
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=`expr "$[1]" : ".*" 2>/dev/null || echo $max_cmd_len`
-}
-
-_LT_EOF
-esac
-
-case $lt_shell_append in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$[1]+=\$[2]"
-}
-_LT_EOF
-    ;;
-  *)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$[1]=\$$[1]\$[2]"
-}
-
-_LT_EOF
-    ;;
-  esac
-])
-
-# Helper functions for option handling.                    -*- Autoconf -*-
-#
-#   Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
-#   Written by Gary V. Vaughan, 2004
-#
-# This file is free software; the Free Software Foundation gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-
-# serial 6 ltoptions.m4
-
-# This is to help aclocal find these macros, as it can't see m4_define.
-AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
-
-
-# _LT_MANGLE_OPTION(MACRO-NAME, OPTION-NAME)
-# ------------------------------------------
-m4_define([_LT_MANGLE_OPTION],
-[[_LT_OPTION_]m4_bpatsubst($1__$2, [[^a-zA-Z0-9_]], [_])])
-
-
-# _LT_SET_OPTION(MACRO-NAME, OPTION-NAME)
-# ---------------------------------------
-# Set option OPTION-NAME for macro MACRO-NAME, and if there is a
-# matching handler defined, dispatch to it.  Other OPTION-NAMEs are
-# saved as a flag.
-m4_define([_LT_SET_OPTION],
-[m4_define(_LT_MANGLE_OPTION([$1], [$2]))dnl
-m4_ifdef(_LT_MANGLE_DEFUN([$1], [$2]),
-        _LT_MANGLE_DEFUN([$1], [$2]),
-    [m4_warning([Unknown $1 option `$2'])])[]dnl
-])
-
-
-# _LT_IF_OPTION(MACRO-NAME, OPTION-NAME, IF-SET, [IF-NOT-SET])
-# ------------------------------------------------------------
-# Execute IF-SET if OPTION is set, IF-NOT-SET otherwise.
-m4_define([_LT_IF_OPTION],
-[m4_ifdef(_LT_MANGLE_OPTION([$1], [$2]), [$3], [$4])])
-
-
-# _LT_UNLESS_OPTIONS(MACRO-NAME, OPTION-LIST, IF-NOT-SET)
-# -------------------------------------------------------
-# Execute IF-NOT-SET unless all options in OPTION-LIST for MACRO-NAME
-# are set.
-m4_define([_LT_UNLESS_OPTIONS],
-[m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
-	    [m4_ifdef(_LT_MANGLE_OPTION([$1], _LT_Option),
-		      [m4_define([$0_found])])])[]dnl
-m4_ifdef([$0_found], [m4_undefine([$0_found])], [$3
-])[]dnl
-])
-
-
-# _LT_SET_OPTIONS(MACRO-NAME, OPTION-LIST)
-# ----------------------------------------
-# OPTION-LIST is a space-separated list of Libtool options associated
-# with MACRO-NAME.  If any OPTION has a matching handler declared with
-# LT_OPTION_DEFINE, dispatch to that macro; otherwise complain about
-# the unknown option and exit.
-m4_defun([_LT_SET_OPTIONS],
-[# Set options
-m4_foreach([_LT_Option], m4_split(m4_normalize([$2])),
-    [_LT_SET_OPTION([$1], _LT_Option)])
-
-m4_if([$1],[LT_INIT],[
-  dnl
-  dnl Simply set some default values (i.e off) if boolean options were not
-  dnl specified:
-  _LT_UNLESS_OPTIONS([LT_INIT], [dlopen], [enable_dlopen=no
-  ])
-  _LT_UNLESS_OPTIONS([LT_INIT], [win32-dll], [enable_win32_dll=no
-  ])
-  dnl
-  dnl If no reference was made to various pairs of opposing options, then
-  dnl we run the default mode handler for the pair.  For example, if neither
-  dnl `shared' nor `disable-shared' was passed, we enable building of shared
-  dnl archives by default:
-  _LT_UNLESS_OPTIONS([LT_INIT], [shared disable-shared], [_LT_ENABLE_SHARED])
-  _LT_UNLESS_OPTIONS([LT_INIT], [static disable-static], [_LT_ENABLE_STATIC])
-  _LT_UNLESS_OPTIONS([LT_INIT], [pic-only no-pic], [_LT_WITH_PIC])
-  _LT_UNLESS_OPTIONS([LT_INIT], [fast-install disable-fast-install],
-  		   [_LT_ENABLE_FAST_INSTALL])
-  ])
-])# _LT_SET_OPTIONS
-
-
-
-# _LT_MANGLE_DEFUN(MACRO-NAME, OPTION-NAME)
-# -----------------------------------------
-m4_define([_LT_MANGLE_DEFUN],
-[[_LT_OPTION_DEFUN_]m4_bpatsubst(m4_toupper([$1__$2]), [[^A-Z0-9_]], [_])])
-
-
-# LT_OPTION_DEFINE(MACRO-NAME, OPTION-NAME, CODE)
-# -----------------------------------------------
-m4_define([LT_OPTION_DEFINE],
-[m4_define(_LT_MANGLE_DEFUN([$1], [$2]), [$3])[]dnl
-])# LT_OPTION_DEFINE
-
-
-# dlopen
-# ------
-LT_OPTION_DEFINE([LT_INIT], [dlopen], [enable_dlopen=yes
-])
-
-AU_DEFUN([AC_LIBTOOL_DLOPEN],
-[_LT_SET_OPTION([LT_INIT], [dlopen])
-AC_DIAGNOSE([obsolete],
-[$0: Remove this warning and the call to _LT_SET_OPTION when you
-put the `dlopen' option into LT_INIT's first parameter.])
-])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_DLOPEN], [])
-
-
-# win32-dll
-# ---------
-# Declare package support for building win32 dll's.
-LT_OPTION_DEFINE([LT_INIT], [win32-dll],
-[enable_win32_dll=yes
-
-case $host in
-*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-cegcc*)
-  AC_CHECK_TOOL(AS, as, false)
-  AC_CHECK_TOOL(DLLTOOL, dlltool, false)
-  AC_CHECK_TOOL(OBJDUMP, objdump, false)
-  ;;
-esac
-
-test -z "$AS" && AS=as
-_LT_DECL([], [AS],      [0], [Assembler program])dnl
-
-test -z "$DLLTOOL" && DLLTOOL=dlltool
-_LT_DECL([], [DLLTOOL], [0], [DLL creation program])dnl
-
-test -z "$OBJDUMP" && OBJDUMP=objdump
-_LT_DECL([], [OBJDUMP], [0], [Object dumper program])dnl
-])# win32-dll
-
-AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
-[AC_REQUIRE([AC_CANONICAL_HOST])dnl
-_LT_SET_OPTION([LT_INIT], [win32-dll])
-AC_DIAGNOSE([obsolete],
-[$0: Remove this warning and the call to _LT_SET_OPTION when you
-put the `win32-dll' option into LT_INIT's first parameter.])
-])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_WIN32_DLL], [])
-
-
-# _LT_ENABLE_SHARED([DEFAULT])
-# ----------------------------
-# implement the --enable-shared flag, and supports the `shared' and
-# `disable-shared' LT_INIT options.
-# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
-m4_define([_LT_ENABLE_SHARED],
-[m4_define([_LT_ENABLE_SHARED_DEFAULT], [m4_if($1, no, no, yes)])dnl
-AC_ARG_ENABLE([shared],
-    [AS_HELP_STRING([--enable-shared@<:@=PKGS@:>@],
-	[build shared libraries @<:@default=]_LT_ENABLE_SHARED_DEFAULT[@:>@])],
-    [p=${PACKAGE-default}
-    case $enableval in
-    yes) enable_shared=yes ;;
-    no) enable_shared=no ;;
-    *)
-      enable_shared=no
-      # Look at the argument we got.  We use all the common list separators.
-      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
-      for pkg in $enableval; do
-	IFS="$lt_save_ifs"
-	if test "X$pkg" = "X$p"; then
-	  enable_shared=yes
-	fi
-      done
-      IFS="$lt_save_ifs"
-      ;;
-    esac],
-    [enable_shared=]_LT_ENABLE_SHARED_DEFAULT)
-
-    _LT_DECL([build_libtool_libs], [enable_shared], [0],
-	[Whether or not to build shared libraries])
-])# _LT_ENABLE_SHARED
-
-LT_OPTION_DEFINE([LT_INIT], [shared], [_LT_ENABLE_SHARED([yes])])
-LT_OPTION_DEFINE([LT_INIT], [disable-shared], [_LT_ENABLE_SHARED([no])])
-
-# Old names:
-AC_DEFUN([AC_ENABLE_SHARED],
-[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[shared])
-])
-
-AC_DEFUN([AC_DISABLE_SHARED],
-[_LT_SET_OPTION([LT_INIT], [disable-shared])
-])
-
-AU_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)])
-AU_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AM_ENABLE_SHARED], [])
-dnl AC_DEFUN([AM_DISABLE_SHARED], [])
-
-
-
-# _LT_ENABLE_STATIC([DEFAULT])
-# ----------------------------
-# implement the --enable-static flag, and support the `static' and
-# `disable-static' LT_INIT options.
-# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
-m4_define([_LT_ENABLE_STATIC],
-[m4_define([_LT_ENABLE_STATIC_DEFAULT], [m4_if($1, no, no, yes)])dnl
-AC_ARG_ENABLE([static],
-    [AS_HELP_STRING([--enable-static@<:@=PKGS@:>@],
-	[build static libraries @<:@default=]_LT_ENABLE_STATIC_DEFAULT[@:>@])],
-    [p=${PACKAGE-default}
-    case $enableval in
-    yes) enable_static=yes ;;
-    no) enable_static=no ;;
-    *)
-     enable_static=no
-      # Look at the argument we got.  We use all the common list separators.
-      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
-      for pkg in $enableval; do
-	IFS="$lt_save_ifs"
-	if test "X$pkg" = "X$p"; then
-	  enable_static=yes
-	fi
-      done
-      IFS="$lt_save_ifs"
-      ;;
-    esac],
-    [enable_static=]_LT_ENABLE_STATIC_DEFAULT)
-
-    _LT_DECL([build_old_libs], [enable_static], [0],
-	[Whether or not to build static libraries])
-])# _LT_ENABLE_STATIC
-
-LT_OPTION_DEFINE([LT_INIT], [static], [_LT_ENABLE_STATIC([yes])])
-LT_OPTION_DEFINE([LT_INIT], [disable-static], [_LT_ENABLE_STATIC([no])])
-
-# Old names:
-AC_DEFUN([AC_ENABLE_STATIC],
-[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[static])
-])
-
-AC_DEFUN([AC_DISABLE_STATIC],
-[_LT_SET_OPTION([LT_INIT], [disable-static])
-])
-
-AU_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)])
-AU_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AM_ENABLE_STATIC], [])
-dnl AC_DEFUN([AM_DISABLE_STATIC], [])
-
-
-
-# _LT_ENABLE_FAST_INSTALL([DEFAULT])
-# ----------------------------------
-# implement the --enable-fast-install flag, and support the `fast-install'
-# and `disable-fast-install' LT_INIT options.
-# DEFAULT is either `yes' or `no'.  If omitted, it defaults to `yes'.
-m4_define([_LT_ENABLE_FAST_INSTALL],
-[m4_define([_LT_ENABLE_FAST_INSTALL_DEFAULT], [m4_if($1, no, no, yes)])dnl
-AC_ARG_ENABLE([fast-install],
-    [AS_HELP_STRING([--enable-fast-install@<:@=PKGS@:>@],
-    [optimize for fast installation @<:@default=]_LT_ENABLE_FAST_INSTALL_DEFAULT[@:>@])],
-    [p=${PACKAGE-default}
-    case $enableval in
-    yes) enable_fast_install=yes ;;
-    no) enable_fast_install=no ;;
-    *)
-      enable_fast_install=no
-      # Look at the argument we got.  We use all the common list separators.
-      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
-      for pkg in $enableval; do
-	IFS="$lt_save_ifs"
-	if test "X$pkg" = "X$p"; then
-	  enable_fast_install=yes
-	fi
-      done
-      IFS="$lt_save_ifs"
-      ;;
-    esac],
-    [enable_fast_install=]_LT_ENABLE_FAST_INSTALL_DEFAULT)
-
-_LT_DECL([fast_install], [enable_fast_install], [0],
-	 [Whether or not to optimize for fast installation])dnl
-])# _LT_ENABLE_FAST_INSTALL
-
-LT_OPTION_DEFINE([LT_INIT], [fast-install], [_LT_ENABLE_FAST_INSTALL([yes])])
-LT_OPTION_DEFINE([LT_INIT], [disable-fast-install], [_LT_ENABLE_FAST_INSTALL([no])])
-
-# Old names:
-AU_DEFUN([AC_ENABLE_FAST_INSTALL],
-[_LT_SET_OPTION([LT_INIT], m4_if([$1], [no], [disable-])[fast-install])
-AC_DIAGNOSE([obsolete],
-[$0: Remove this warning and the call to _LT_SET_OPTION when you put
-the `fast-install' option into LT_INIT's first parameter.])
-])
-
-AU_DEFUN([AC_DISABLE_FAST_INSTALL],
-[_LT_SET_OPTION([LT_INIT], [disable-fast-install])
-AC_DIAGNOSE([obsolete],
-[$0: Remove this warning and the call to _LT_SET_OPTION when you put
-the `disable-fast-install' option into LT_INIT's first parameter.])
-])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_ENABLE_FAST_INSTALL], [])
-dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
-
-
-# _LT_WITH_PIC([MODE])
-# --------------------
-# implement the --with-pic flag, and support the `pic-only' and `no-pic'
-# LT_INIT options.
-# MODE is either `yes' or `no'.  If omitted, it defaults to `both'.
-m4_define([_LT_WITH_PIC],
-[AC_ARG_WITH([pic],
-    [AS_HELP_STRING([--with-pic],
-	[try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
-    [pic_mode="$withval"],
-    [pic_mode=default])
-
-test -z "$pic_mode" && pic_mode=m4_default([$1], [default])
-
-_LT_DECL([], [pic_mode], [0], [What type of objects to build])dnl
-])# _LT_WITH_PIC
-
-LT_OPTION_DEFINE([LT_INIT], [pic-only], [_LT_WITH_PIC([yes])])
-LT_OPTION_DEFINE([LT_INIT], [no-pic], [_LT_WITH_PIC([no])])
-
-# Old name:
-AU_DEFUN([AC_LIBTOOL_PICMODE],
-[_LT_SET_OPTION([LT_INIT], [pic-only])
-AC_DIAGNOSE([obsolete],
-[$0: Remove this warning and the call to _LT_SET_OPTION when you
-put the `pic-only' option into LT_INIT's first parameter.])
-])
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([AC_LIBTOOL_PICMODE], [])
-
-
-m4_define([_LTDL_MODE], [])
-LT_OPTION_DEFINE([LTDL_INIT], [nonrecursive],
-		 [m4_define([_LTDL_MODE], [nonrecursive])])
-LT_OPTION_DEFINE([LTDL_INIT], [recursive],
-		 [m4_define([_LTDL_MODE], [recursive])])
-LT_OPTION_DEFINE([LTDL_INIT], [subproject],
-		 [m4_define([_LTDL_MODE], [subproject])])
-
-m4_define([_LTDL_TYPE], [])
-LT_OPTION_DEFINE([LTDL_INIT], [installable],
-		 [m4_define([_LTDL_TYPE], [installable])])
-LT_OPTION_DEFINE([LTDL_INIT], [convenience],
-		 [m4_define([_LTDL_TYPE], [convenience])])
-
-# ltsugar.m4 -- libtool m4 base layer.                         -*-Autoconf-*-
-#
-# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
-# Written by Gary V. Vaughan, 2004
-#
-# This file is free software; the Free Software Foundation gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-
-# serial 6 ltsugar.m4
-
-# This is to help aclocal find these macros, as it can't see m4_define.
-AC_DEFUN([LTSUGAR_VERSION], [m4_if([0.1])])
-
-
-# lt_join(SEP, ARG1, [ARG2...])
-# -----------------------------
-# Produce ARG1SEPARG2...SEPARGn, omitting [] arguments and their
-# associated separator.
-# Needed until we can rely on m4_join from Autoconf 2.62, since all earlier
-# versions in m4sugar had bugs.
-m4_define([lt_join],
-[m4_if([$#], [1], [],
-       [$#], [2], [[$2]],
-       [m4_if([$2], [], [], [[$2]_])$0([$1], m4_shift(m4_shift($@)))])])
-m4_define([_lt_join],
-[m4_if([$#$2], [2], [],
-       [m4_if([$2], [], [], [[$1$2]])$0([$1], m4_shift(m4_shift($@)))])])
-
-
-# lt_car(LIST)
-# lt_cdr(LIST)
-# ------------
-# Manipulate m4 lists.
-# These macros are necessary as long as will still need to support
-# Autoconf-2.59 which quotes differently.
-m4_define([lt_car], [[$1]])
-m4_define([lt_cdr],
-[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
-       [$#], 1, [],
-       [m4_dquote(m4_shift($@))])])
-m4_define([lt_unquote], $1)
-
-
-# lt_append(MACRO-NAME, STRING, [SEPARATOR])
-# ------------------------------------------
-# Redefine MACRO-NAME to hold its former content plus `SEPARATOR'`STRING'.
-# Note that neither SEPARATOR nor STRING are expanded; they are appended
-# to MACRO-NAME as is (leaving the expansion for when MACRO-NAME is invoked).
-# No SEPARATOR is output if MACRO-NAME was previously undefined (different
-# than defined and empty).
-#
-# This macro is needed until we can rely on Autoconf 2.62, since earlier
-# versions of m4sugar mistakenly expanded SEPARATOR but not STRING.
-m4_define([lt_append],
-[m4_define([$1],
-	   m4_ifdef([$1], [m4_defn([$1])[$3]])[$2])])
-
-
-
-# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
-# ----------------------------------------------------------
-# Produce a SEP delimited list of all paired combinations of elements of
-# PREFIX-LIST with SUFFIX1 through SUFFIXn.  Each element of the list
-# has the form PREFIXmINFIXSUFFIXn.
-# Needed until we can rely on m4_combine added in Autoconf 2.62.
-m4_define([lt_combine],
-[m4_if(m4_eval([$# > 3]), [1],
-       [m4_pushdef([_Lt_sep], [m4_define([_Lt_sep], m4_defn([lt_car]))])]]dnl
-[[m4_foreach([_Lt_prefix], [$2],
-	     [m4_foreach([_Lt_suffix],
-		]m4_dquote(m4_dquote(m4_shift(m4_shift(m4_shift($@)))))[,
-	[_Lt_sep([$1])[]m4_defn([_Lt_prefix])[$3]m4_defn([_Lt_suffix])])])])])
-
-
-# lt_if_append_uniq(MACRO-NAME, VARNAME, [SEPARATOR], [UNIQ], [NOT-UNIQ])
-# -----------------------------------------------------------------------
-# Iff MACRO-NAME does not yet contain VARNAME, then append it (delimited
-# by SEPARATOR if supplied) and expand UNIQ, else NOT-UNIQ.
-m4_define([lt_if_append_uniq],
-[m4_ifdef([$1],
-	  [m4_if(m4_index([$3]m4_defn([$1])[$3], [$3$2$3]), [-1],
-		 [lt_append([$1], [$2], [$3])$4],
-		 [$5])],
-	  [lt_append([$1], [$2], [$3])$4])])
-
-
-# lt_dict_add(DICT, KEY, VALUE)
-# -----------------------------
-m4_define([lt_dict_add],
-[m4_define([$1($2)], [$3])])
-
-
-# lt_dict_add_subkey(DICT, KEY, SUBKEY, VALUE)
-# --------------------------------------------
-m4_define([lt_dict_add_subkey],
-[m4_define([$1($2:$3)], [$4])])
-
-
-# lt_dict_fetch(DICT, KEY, [SUBKEY])
-# ----------------------------------
-m4_define([lt_dict_fetch],
-[m4_ifval([$3],
-	m4_ifdef([$1($2:$3)], [m4_defn([$1($2:$3)])]),
-    m4_ifdef([$1($2)], [m4_defn([$1($2)])]))])
-
-
-# lt_if_dict_fetch(DICT, KEY, [SUBKEY], VALUE, IF-TRUE, [IF-FALSE])
-# -----------------------------------------------------------------
-m4_define([lt_if_dict_fetch],
-[m4_if(lt_dict_fetch([$1], [$2], [$3]), [$4],
-	[$5],
-    [$6])])
-
-
-# lt_dict_filter(DICT, [SUBKEY], VALUE, [SEPARATOR], KEY, [...])
-# --------------------------------------------------------------
-m4_define([lt_dict_filter],
-[m4_if([$5], [], [],
-  [lt_join(m4_quote(m4_default([$4], [[, ]])),
-           lt_unquote(m4_split(m4_normalize(m4_foreach(_Lt_key, lt_car([m4_shiftn(4, $@)]),
-		      [lt_if_dict_fetch([$1], _Lt_key, [$2], [$3], [_Lt_key ])])))))])[]dnl
-])
-
-# ltversion.m4 -- version numbers			-*- Autoconf -*-
-#
-#   Copyright (C) 2004 Free Software Foundation, Inc.
-#   Written by Scott James Remnant, 2004
-#
-# This file is free software; the Free Software Foundation gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-
-# Generated from ltversion.in.
-
-# serial 3012 ltversion.m4
-# This file is part of GNU Libtool
-
-m4_define([LT_PACKAGE_VERSION], [2.2.6])
-m4_define([LT_PACKAGE_REVISION], [1.3012])
-
-AC_DEFUN([LTVERSION_VERSION],
-[macro_version='2.2.6'
-macro_revision='1.3012'
-_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
-_LT_DECL(, macro_revision, 0)
-])
-
-# lt~obsolete.m4 -- aclocal satisfying obsolete definitions.    -*-Autoconf-*-
-#
-#   Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc.
-#   Written by Scott James Remnant, 2004.
-#
-# This file is free software; the Free Software Foundation gives
-# unlimited permission to copy and/or distribute it, with or without
-# modifications, as long as this notice is preserved.
-
-# serial 4 lt~obsolete.m4
-
-# These exist entirely to fool aclocal when bootstrapping libtool.
-#
-# In the past libtool.m4 has provided macros via AC_DEFUN (or AU_DEFUN)
-# which have later been changed to m4_define as they aren't part of the
-# exported API, or moved to Autoconf or Automake where they belong.
-#
-# The trouble is, aclocal is a bit thick.  It'll see the old AC_DEFUN
-# in /usr/share/aclocal/libtool.m4 and remember it, then when it sees us
-# using a macro with the same name in our local m4/libtool.m4 it'll
-# pull the old libtool.m4 in (it doesn't see our shiny new m4_define
-# and doesn't know about Autoconf macros at all.)
-#
-# So we provide this file, which has a silly filename so it's always
-# included after everything else.  This provides aclocal with the
-# AC_DEFUNs it wants, but when m4 processes it, it doesn't do anything
-# because those macros already exist, or will be overwritten later.
-# We use AC_DEFUN over AU_DEFUN for compatibility with aclocal-1.6. 
-#
-# Anytime we withdraw an AC_DEFUN or AU_DEFUN, remember to add it here.
-# Yes, that means every name once taken will need to remain here until
-# we give up compatibility with versions before 1.7, at which point
-# we need to keep only those names which we still refer to.
-
-# This is to help aclocal find these macros, as it can't see m4_define.
-AC_DEFUN([LTOBSOLETE_VERSION], [m4_if([1])])
-
-m4_ifndef([AC_LIBTOOL_LINKER_OPTION],	[AC_DEFUN([AC_LIBTOOL_LINKER_OPTION])])
-m4_ifndef([AC_PROG_EGREP],		[AC_DEFUN([AC_PROG_EGREP])])
-m4_ifndef([_LT_AC_PROG_ECHO_BACKSLASH],	[AC_DEFUN([_LT_AC_PROG_ECHO_BACKSLASH])])
-m4_ifndef([_LT_AC_SHELL_INIT],		[AC_DEFUN([_LT_AC_SHELL_INIT])])
-m4_ifndef([_LT_AC_SYS_LIBPATH_AIX],	[AC_DEFUN([_LT_AC_SYS_LIBPATH_AIX])])
-m4_ifndef([_LT_PROG_LTMAIN],		[AC_DEFUN([_LT_PROG_LTMAIN])])
-m4_ifndef([_LT_AC_TAGVAR],		[AC_DEFUN([_LT_AC_TAGVAR])])
-m4_ifndef([AC_LTDL_ENABLE_INSTALL],	[AC_DEFUN([AC_LTDL_ENABLE_INSTALL])])
-m4_ifndef([AC_LTDL_PREOPEN],		[AC_DEFUN([AC_LTDL_PREOPEN])])
-m4_ifndef([_LT_AC_SYS_COMPILER],	[AC_DEFUN([_LT_AC_SYS_COMPILER])])
-m4_ifndef([_LT_AC_LOCK],		[AC_DEFUN([_LT_AC_LOCK])])
-m4_ifndef([AC_LIBTOOL_SYS_OLD_ARCHIVE],	[AC_DEFUN([AC_LIBTOOL_SYS_OLD_ARCHIVE])])
-m4_ifndef([_LT_AC_TRY_DLOPEN_SELF],	[AC_DEFUN([_LT_AC_TRY_DLOPEN_SELF])])
-m4_ifndef([AC_LIBTOOL_PROG_CC_C_O],	[AC_DEFUN([AC_LIBTOOL_PROG_CC_C_O])])
-m4_ifndef([AC_LIBTOOL_SYS_HARD_LINK_LOCKS], [AC_DEFUN([AC_LIBTOOL_SYS_HARD_LINK_LOCKS])])
-m4_ifndef([AC_LIBTOOL_OBJDIR],		[AC_DEFUN([AC_LIBTOOL_OBJDIR])])
-m4_ifndef([AC_LTDL_OBJDIR],		[AC_DEFUN([AC_LTDL_OBJDIR])])
-m4_ifndef([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH], [AC_DEFUN([AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH])])
-m4_ifndef([AC_LIBTOOL_SYS_LIB_STRIP],	[AC_DEFUN([AC_LIBTOOL_SYS_LIB_STRIP])])
-m4_ifndef([AC_PATH_MAGIC],		[AC_DEFUN([AC_PATH_MAGIC])])
-m4_ifndef([AC_PROG_LD_GNU],		[AC_DEFUN([AC_PROG_LD_GNU])])
-m4_ifndef([AC_PROG_LD_RELOAD_FLAG],	[AC_DEFUN([AC_PROG_LD_RELOAD_FLAG])])
-m4_ifndef([AC_DEPLIBS_CHECK_METHOD],	[AC_DEFUN([AC_DEPLIBS_CHECK_METHOD])])
-m4_ifndef([AC_LIBTOOL_PROG_COMPILER_NO_RTTI], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_NO_RTTI])])
-m4_ifndef([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE], [AC_DEFUN([AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE])])
-m4_ifndef([AC_LIBTOOL_PROG_COMPILER_PIC], [AC_DEFUN([AC_LIBTOOL_PROG_COMPILER_PIC])])
-m4_ifndef([AC_LIBTOOL_PROG_LD_SHLIBS],	[AC_DEFUN([AC_LIBTOOL_PROG_LD_SHLIBS])])
-m4_ifndef([AC_LIBTOOL_POSTDEP_PREDEP],	[AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP])])
-m4_ifndef([LT_AC_PROG_EGREP],		[AC_DEFUN([LT_AC_PROG_EGREP])])
-m4_ifndef([LT_AC_PROG_SED],		[AC_DEFUN([LT_AC_PROG_SED])])
-m4_ifndef([_LT_CC_BASENAME],		[AC_DEFUN([_LT_CC_BASENAME])])
-m4_ifndef([_LT_COMPILER_BOILERPLATE],	[AC_DEFUN([_LT_COMPILER_BOILERPLATE])])
-m4_ifndef([_LT_LINKER_BOILERPLATE],	[AC_DEFUN([_LT_LINKER_BOILERPLATE])])
-m4_ifndef([_AC_PROG_LIBTOOL],		[AC_DEFUN([_AC_PROG_LIBTOOL])])
-m4_ifndef([AC_LIBTOOL_SETUP],		[AC_DEFUN([AC_LIBTOOL_SETUP])])
-m4_ifndef([_LT_AC_CHECK_DLFCN],		[AC_DEFUN([_LT_AC_CHECK_DLFCN])])
-m4_ifndef([AC_LIBTOOL_SYS_DYNAMIC_LINKER],	[AC_DEFUN([AC_LIBTOOL_SYS_DYNAMIC_LINKER])])
-m4_ifndef([_LT_AC_TAGCONFIG],		[AC_DEFUN([_LT_AC_TAGCONFIG])])
-m4_ifndef([AC_DISABLE_FAST_INSTALL],	[AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
-m4_ifndef([_LT_AC_LANG_CXX],		[AC_DEFUN([_LT_AC_LANG_CXX])])
-m4_ifndef([_LT_AC_LANG_F77],		[AC_DEFUN([_LT_AC_LANG_F77])])
-m4_ifndef([_LT_AC_LANG_GCJ],		[AC_DEFUN([_LT_AC_LANG_GCJ])])
-m4_ifndef([AC_LIBTOOL_RC],		[AC_DEFUN([AC_LIBTOOL_RC])])
-m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
-m4_ifndef([_LT_AC_LANG_C_CONFIG],	[AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
-m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
-m4_ifndef([_LT_AC_LANG_CXX_CONFIG],	[AC_DEFUN([_LT_AC_LANG_CXX_CONFIG])])
-m4_ifndef([AC_LIBTOOL_LANG_F77_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_F77_CONFIG])])
-m4_ifndef([_LT_AC_LANG_F77_CONFIG],	[AC_DEFUN([_LT_AC_LANG_F77_CONFIG])])
-m4_ifndef([AC_LIBTOOL_LANG_GCJ_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_GCJ_CONFIG])])
-m4_ifndef([_LT_AC_LANG_GCJ_CONFIG],	[AC_DEFUN([_LT_AC_LANG_GCJ_CONFIG])])
-m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
-m4_ifndef([_LT_AC_LANG_RC_CONFIG],	[AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
-m4_ifndef([AC_LIBTOOL_CONFIG],		[AC_DEFUN([AC_LIBTOOL_CONFIG])])
-m4_ifndef([_LT_AC_FILE_LTDLL_C],	[AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
-
 # pkg.m4 - Macros to locate and utilise pkg-config.            -*- Autoconf -*-
+# serial 1 (pkg-config-0.24)
 # 
 # Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
 #
@@ -8011,8 +48,12 @@ m4_ifndef([_LT_AC_FILE_LTDLL_C],	[AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
 # ----------------------------------
 AC_DEFUN([PKG_PROG_PKG_CONFIG],
 [m4_pattern_forbid([^_?PKG_[A-Z_]+$])
-m4_pattern_allow([^PKG_CONFIG(_PATH)?$])
-AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])dnl
+m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
+m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$])
+AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])
+AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path])
+AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path])
+
 if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
 	AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
 fi
@@ -8025,7 +66,6 @@ if test -n "$PKG_CONFIG"; then
 		AC_MSG_RESULT([no])
 		PKG_CONFIG=""
 	fi
-		
 fi[]dnl
 ])# PKG_PROG_PKG_CONFIG
 
@@ -8034,34 +74,32 @@ fi[]dnl
 # Check to see whether a particular set of modules exists.  Similar
 # to PKG_CHECK_MODULES(), but does not set variables or print errors.
 #
-#
-# Similar to PKG_CHECK_MODULES, make sure that the first instance of
-# this or PKG_CHECK_MODULES is called, or make sure to call
-# PKG_CHECK_EXISTS manually
+# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
+# only at the first occurence in configure.ac, so if the first place
+# it's called might be skipped (such as if it is within an "if", you
+# have to call PKG_CHECK_EXISTS manually
 # --------------------------------------------------------------
 AC_DEFUN([PKG_CHECK_EXISTS],
 [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
 if test -n "$PKG_CONFIG" && \
     AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
-  m4_ifval([$2], [$2], [:])
+  m4_default([$2], [:])
 m4_ifvaln([$3], [else
   $3])dnl
 fi])
 
-
 # _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
 # ---------------------------------------------
 m4_define([_PKG_CONFIG],
-[if test -n "$PKG_CONFIG"; then
-    if test -n "$$1"; then
-        pkg_cv_[]$1="$$1"
-    else
-        PKG_CHECK_EXISTS([$3],
-                         [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`],
-			 [pkg_failed=yes])
-    fi
-else
-	pkg_failed=untried
+[if test -n "$$1"; then
+    pkg_cv_[]$1="$$1"
+ elif test -n "$PKG_CONFIG"; then
+    PKG_CHECK_EXISTS([$3],
+                     [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes ],
+		     [pkg_failed=yes])
+ else
+    pkg_failed=untried
 fi[]dnl
 ])# _PKG_CONFIG
 
@@ -8103,16 +141,17 @@ and $1[]_LIBS to avoid the need to call pkg-config.
 See the pkg-config man page for more details.])
 
 if test $pkg_failed = yes; then
+   	AC_MSG_RESULT([no])
         _PKG_SHORT_ERRORS_SUPPORTED
         if test $_pkg_short_errors_supported = yes; then
-	        $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "$2"`
+	        $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
         else 
-	        $1[]_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "$2"`
+	        $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
 
-	ifelse([$4], , [AC_MSG_ERROR(dnl
+	m4_default([$4], [AC_MSG_ERROR(
 [Package requirements ($2) were not met:
 
 $$1_PKG_ERRORS
@@ -8120,34 +159,36 @@ $$1_PKG_ERRORS
 Consider adjusting the PKG_CONFIG_PATH environment variable if you
 installed software in a non-standard prefix.
 
-_PKG_TEXT
-])],
-		[AC_MSG_RESULT([no])
-                $4])
+_PKG_TEXT])[]dnl
+        ])
 elif test $pkg_failed = untried; then
-	ifelse([$4], , [AC_MSG_FAILURE(dnl
+     	AC_MSG_RESULT([no])
+	m4_default([$4], [AC_MSG_FAILURE(
 [The pkg-config script could not be found or is too old.  Make sure it
 is in your PATH or set the PKG_CONFIG environment variable to the full
 path to pkg-config.
 
 _PKG_TEXT
 
-To get pkg-config, see <http://pkg-config.freedesktop.org/>.])],
-		[$4])
+To get pkg-config, see <http://pkg-config.freedesktop.org/>.])[]dnl
+        ])
 else
 	$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
 	$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
         AC_MSG_RESULT([yes])
-	ifelse([$3], , :, [$3])
+	$3
 fi[]dnl
 ])# PKG_CHECK_MODULES
 
-# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008  Free Software Foundation, Inc.
+# Copyright (C) 2002, 2003, 2005, 2006, 2007, 2008, 2011 Free Software
+# Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
+# serial 1
+
 # AM_AUTOMAKE_VERSION(VERSION)
 # ----------------------------
 # Automake X.Y traces this macro to ensure aclocal.m4 has been
@@ -8157,7 +198,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
 [am__api_version='1.11'
 dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
 dnl require some minimum version.  Point them to the right macro.
-m4_if([$1], [1.11], [],
+m4_if([$1], [1.11.3], [],
       [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
 ])
 
@@ -8173,19 +214,21 @@ m4_define([_AM_AUTOCONF_VERSION], [])
 # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
 # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
 AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
-[AM_AUTOMAKE_VERSION([1.11])dnl
+[AM_AUTOMAKE_VERSION([1.11.3])dnl
 m4_ifndef([AC_AUTOCONF_VERSION],
   [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
 _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
 
 # AM_AUX_DIR_EXPAND                                         -*- Autoconf -*-
 
-# Copyright (C) 2001, 2003, 2005  Free Software Foundation, Inc.
+# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
+# serial 1
+
 # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets
 # $ac_aux_dir to `$srcdir/foo'.  In other projects, it is set to
 # `$srcdir', `$srcdir/..', or `$srcdir/../..'.
@@ -8267,14 +310,14 @@ AC_CONFIG_COMMANDS_PRE(
 Usually this means the macro was only invoked conditionally.]])
 fi])])
 
-# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009
-# Free Software Foundation, Inc.
+# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2009,
+# 2010, 2011 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
-# serial 10
+# serial 12
 
 # There are a few dirty hacks below to avoid letting `AC_PROG_CC' be
 # written in clear, in which case automake, when reading aclocal.m4,
@@ -8314,6 +357,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
   # instance it was reported that on HP-UX the gcc test will end up
   # making a dummy file named `D' -- because `-MD' means `put the output
   # in D'.
+  rm -rf conftest.dir
   mkdir conftest.dir
   # Copy depcomp to subdir because otherwise we won't find it if we're
   # using a relative directory.
@@ -8378,7 +422,7 @@ AC_CACHE_CHECK([dependency style of $depcc],
 	break
       fi
       ;;
-    msvisualcpp | msvcmsys)
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
       # This compiler won't grok `-c -o', but also, the minuso test has
       # not run yet.  These depmodes are late enough in the game, and
       # so weak that their functioning should not be impacted.
@@ -8443,10 +487,13 @@ AC_DEFUN([AM_DEP_TRACK],
 if test "x$enable_dependency_tracking" != xno; then
   am_depcomp="$ac_aux_dir/depcomp"
   AMDEPBACKSLASH='\'
+  am__nodep='_no'
 fi
 AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno])
 AC_SUBST([AMDEPBACKSLASH])dnl
 _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl
+AC_SUBST([am__nodep])dnl
+_AM_SUBST_NOTMAKE([am__nodep])dnl
 ])
 
 # Generate code to set up dependency tracking.              -*- Autoconf -*-
@@ -8668,12 +715,15 @@ for _am_header in $config_headers :; do
 done
 echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count])
 
-# Copyright (C) 2001, 2003, 2005, 2008  Free Software Foundation, Inc.
+# Copyright (C) 2001, 2003, 2005, 2008, 2011 Free Software Foundation,
+# Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
+# serial 1
+
 # AM_PROG_INSTALL_SH
 # ------------------
 # Define $install_sh.
@@ -8713,8 +763,8 @@ AC_SUBST([am__leading_dot])])
 # Add --enable-maintainer-mode option to configure.         -*- Autoconf -*-
 # From Jim Meyering
 
-# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008
-# Free Software Foundation, Inc.
+# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005, 2008,
+# 2011 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -8734,7 +784,7 @@ AC_DEFUN([AM_MAINTAINER_MODE],
        [disable], [m4_define([am_maintainer_other], [enable])],
        [m4_define([am_maintainer_other], [enable])
         m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])])
-AC_MSG_CHECKING([whether to am_maintainer_other maintainer-specific portions of Makefiles])
+AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles])
   dnl maintainer-mode's default is 'disable' unless 'enable' is passed
   AC_ARG_ENABLE([maintainer-mode],
 [  --][am_maintainer_other][-maintainer-mode  am_maintainer_other make rules and dependencies not useful
@@ -8845,12 +895,15 @@ else
 fi
 ])
 
-# Copyright (C) 2003, 2004, 2005, 2006  Free Software Foundation, Inc.
+# Copyright (C) 2003, 2004, 2005, 2006, 2011 Free Software Foundation,
+# Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
+# serial 1
+
 # AM_PROG_MKDIR_P
 # ---------------
 # Check for `mkdir -p'.
@@ -8873,13 +926,14 @@ esac
 
 # Helper functions for option handling.                     -*- Autoconf -*-
 
-# Copyright (C) 2001, 2002, 2003, 2005, 2008  Free Software Foundation, Inc.
+# Copyright (C) 2001, 2002, 2003, 2005, 2008, 2010 Free Software
+# Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
-# serial 4
+# serial 5
 
 # _AM_MANGLE_OPTION(NAME)
 # -----------------------
@@ -8887,13 +941,13 @@ AC_DEFUN([_AM_MANGLE_OPTION],
 [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])])
 
 # _AM_SET_OPTION(NAME)
-# ------------------------------
+# --------------------
 # Set option NAME.  Presently that only means defining a flag for this option.
 AC_DEFUN([_AM_SET_OPTION],
 [m4_define(_AM_MANGLE_OPTION([$1]), 1)])
 
 # _AM_SET_OPTIONS(OPTIONS)
-# ----------------------------------
+# ------------------------
 # OPTIONS is a space-separated list of Automake options.
 AC_DEFUN([_AM_SET_OPTIONS],
 [m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])])
@@ -8904,37 +958,13 @@ AC_DEFUN([_AM_SET_OPTIONS],
 AC_DEFUN([_AM_IF_OPTION],
 [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])])
 
-# Copyright (C) 1996, 1997, 1998, 2000, 2001, 2002, 2003, 2005, 2006
-# Free Software Foundation, Inc.
+# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
-# serial 5
-
-AC_DEFUN([AM_C_PROTOTYPES],
-[AC_REQUIRE([AC_C_PROTOTYPES])
-if test "$ac_cv_prog_cc_stdc" != no; then
-  U= ANSI2KNR=
-else
-  U=_ ANSI2KNR=./ansi2knr
-fi
-# Ensure some checks needed by ansi2knr itself.
-AC_REQUIRE([AC_HEADER_STDC])
-AC_CHECK_HEADERS([string.h])
-AC_SUBST([U])dnl
-AC_SUBST([ANSI2KNR])dnl
-_AM_SUBST_NOTMAKE([ANSI2KNR])dnl
-])
-
-AU_DEFUN([fp_C_PROTOTYPES], [AM_C_PROTOTYPES])
-
-# Copyright (C) 2001, 2003, 2005  Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
+# serial 1
 
 # AM_RUN_LOG(COMMAND)
 # -------------------
@@ -9012,12 +1042,71 @@ Check your system clock])
 fi
 AC_MSG_RESULT(yes)])
 
-# Copyright (C) 2001, 2003, 2005  Free Software Foundation, Inc.
+# Copyright (C) 2009, 2011  Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
+# serial 2
+
+# AM_SILENT_RULES([DEFAULT])
+# --------------------------
+# Enable less verbose build rules; with the default set to DEFAULT
+# (`yes' being less verbose, `no' or empty being verbose).
+AC_DEFUN([AM_SILENT_RULES],
+[AC_ARG_ENABLE([silent-rules],
+[  --enable-silent-rules          less verbose build output (undo: `make V=1')
+  --disable-silent-rules         verbose build output (undo: `make V=0')])
+case $enable_silent_rules in
+yes) AM_DEFAULT_VERBOSITY=0;;
+no)  AM_DEFAULT_VERBOSITY=1;;
+*)   AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);;
+esac
+dnl
+dnl A few `make' implementations (e.g., NonStop OS and NextStep)
+dnl do not support nested variable expansions.
+dnl See automake bug#9928 and bug#10237.
+am_make=${MAKE-make}
+AC_CACHE_CHECK([whether $am_make supports nested variables],
+   [am_cv_make_support_nested_variables],
+   [if AS_ECHO([['TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+	@$(TRUE)
+.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then
+  am_cv_make_support_nested_variables=yes
+else
+  am_cv_make_support_nested_variables=no
+fi])
+if test $am_cv_make_support_nested_variables = yes; then
+  dnl Using `$V' instead of `$(V)' breaks IRIX make.
+  AM_V='$(V)'
+  AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+  AM_V=$AM_DEFAULT_VERBOSITY
+  AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AC_SUBST([AM_V])dnl
+AM_SUBST_NOTMAKE([AM_V])dnl
+AC_SUBST([AM_DEFAULT_V])dnl
+AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl
+AC_SUBST([AM_DEFAULT_VERBOSITY])dnl
+AM_BACKSLASH='\'
+AC_SUBST([AM_BACKSLASH])dnl
+_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl
+])
+
+# Copyright (C) 2001, 2003, 2005, 2011 Free Software Foundation, Inc.
+#
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# serial 1
+
 # AM_PROG_INSTALL_STRIP
 # ---------------------
 # One issue with vendor `install' (even GNU) is that you can't
@@ -9040,13 +1129,13 @@ fi
 INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
 AC_SUBST([INSTALL_STRIP_PROGRAM])])
 
-# Copyright (C) 2006, 2008  Free Software Foundation, Inc.
+# Copyright (C) 2006, 2008, 2010 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
 
-# serial 2
+# serial 3
 
 # _AM_SUBST_NOTMAKE(VARIABLE)
 # ---------------------------
@@ -9055,13 +1144,13 @@ AC_SUBST([INSTALL_STRIP_PROGRAM])])
 AC_DEFUN([_AM_SUBST_NOTMAKE])
 
 # AM_SUBST_NOTMAKE(VARIABLE)
-# ---------------------------
+# --------------------------
 # Public sister of _AM_SUBST_NOTMAKE.
 AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
 
 # Check how to create a tarball.                            -*- Autoconf -*-
 
-# Copyright (C) 2004, 2005  Free Software Foundation, Inc.
+# Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc.
 #
 # This file is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
@@ -9083,10 +1172,11 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
 # a tarball read from stdin.
 #     $(am__untar) < result.tar
 AC_DEFUN([_AM_PROG_TAR],
-[# Always define AMTAR for backward compatibility.
-AM_MISSING_PROG([AMTAR], [tar])
+[# Always define AMTAR for backward compatibility.  Yes, it's still used
+# in the wild :-(  We should find a proper way to deprecate it ...
+AC_SUBST([AMTAR], ['$${TAR-tar}'])
 m4_if([$1], [v7],
-     [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'],
+     [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
      [m4_case([$1], [ustar],, [pax],,
               [m4_fatal([Unknown tar format])])
 AC_MSG_CHECKING([how to create a $1 tar archive])
@@ -9155,3 +1245,8 @@ AC_SUBST([am__tar])
 AC_SUBST([am__untar])
 ]) # _AM_PROG_TAR
 
+m4_include([m4/libtool.m4])
+m4_include([m4/ltoptions.m4])
+m4_include([m4/ltsugar.m4])
+m4_include([m4/ltversion.m4])
+m4_include([m4/lt~obsolete.m4])
diff --git a/apps/Makefile.am b/apps/Makefile.am
index eebbccac..278ddf49 100644
--- a/apps/Makefile.am
+++ b/apps/Makefile.am
@@ -2,12 +2,14 @@ NULL =
 
 bin_PROGRAMS = xmlsec1
 
+XMLSEC_LIBS = $(top_builddir)/src/libxmlsec1.la
+
+
 # check if we use dynamic loading for xmlsec-crypto or not
 if XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING
 
 CRYPTO_DEPS = \
 	$(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \
-	$(top_builddir)/src/libxmlsec1.la \
 	$(NULL)    
 
 CRYPTO_INCLUDES = \
@@ -18,14 +20,13 @@ CRYPTO_LD_FLAGS = \
 	$(NULL)
 
 CRYPTO_LD_ADD = \
-	$(CRYPTO_DEPS) \
 	$(XMLSEC_CRYPTO_LIBS) \
+	$(CRYPTO_DEPS) \
 	$(NULL)
 
 else
 
 CRYPTO_DEPS =  \
-	$(top_builddir)/src/libxmlsec1.la \
 	$(NULL)
 
 CRYPTO_INCLUDES = \
@@ -69,13 +70,15 @@ xmlsec1_LDFLAGS = \
 	$(NULL)
 
 xmlsec1_LDADD = \
-	$(CRYPTO_LD_ADD) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	$(CRYPTO_LD_ADD) \
+	$(XMLSEC_LIBS) \
 	$(XMLSEC_DL_LIBS) \
 	$(NULL)
 
 xmlsec1_DEPENDENCIES = \
 	$(CRYPTO_DEPS) \
+	$(XMLSEC_LIBS) \
 	$(NULL)
 
diff --git a/apps/Makefile.in b/apps/Makefile.in
index c361f4eb..601bf8d8 100644
--- a/apps/Makefile.in
+++ b/apps/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,10 +38,13 @@ bin_PROGRAMS = xmlsec1$(EXEEXT)
 subdir = apps
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -52,32 +55,46 @@ am_xmlsec1_OBJECTS = xmlsec.$(OBJEXT) crypto.$(OBJEXT) \
 	cmdline.$(OBJEXT) $(am__objects_1)
 xmlsec1_OBJECTS = $(am_xmlsec1_OBJECTS)
 am__DEPENDENCIES_1 =
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_2 = $(top_builddir)/src/libxmlsec1.la \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(am__DEPENDENCIES_1)
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1)
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_2 = $(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(top_builddir)/src/libxmlsec1.la \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(am__DEPENDENCIES_1)
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(am__DEPENDENCIES_1)
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_2) \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(am__DEPENDENCIES_1) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(am__DEPENDENCIES_2) \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(am__DEPENDENCIES_1)
-xmlsec1_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(xmlsec1_LDFLAGS) \
-	$(LDFLAGS) -o $@
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+xmlsec1_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(xmlsec1_LDFLAGS) $(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(xmlsec1_SOURCES)
 DIST_SOURCES = $(xmlsec1_SOURCES)
 ETAGS = etags
@@ -85,6 +102,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -99,6 +117,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -107,6 +126,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -137,6 +160,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -168,8 +192,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -177,7 +203,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -196,15 +221,18 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
-XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_LIBS = $(top_builddir)/src/libxmlsec1.la
 XMLSEC_NO_AES = @XMLSEC_NO_AES@
 XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -240,6 +268,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -272,7 +301,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -290,14 +318,12 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 NULL = 
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_DEPS = \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(top_builddir)/src/libxmlsec1.la \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(NULL)
 
 
 # check if we use dynamic loading for xmlsec-crypto or not
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_DEPS = \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(top_builddir)/src/$(XMLSEC_CRYPTO)/lib$(XMLSEC_CRYPTO_LIB).la \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(top_builddir)/src/libxmlsec1.la \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(NULL)    
 
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@CRYPTO_INCLUDES = \
@@ -318,8 +344,8 @@ NULL =
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE@	$(NULL)
 
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@CRYPTO_LD_ADD = \
-@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(CRYPTO_DEPS) \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(XMLSEC_CRYPTO_LIBS) \
+@XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(CRYPTO_DEPS) \
 @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE@	$(NULL)
 
 INCLUDES = \
@@ -349,14 +375,16 @@ xmlsec1_LDFLAGS = \
 	$(NULL)
 
 xmlsec1_LDADD = \
-	$(CRYPTO_LD_ADD) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	$(CRYPTO_LD_ADD) \
+	$(XMLSEC_LIBS) \
 	$(XMLSEC_DL_LIBS) \
 	$(NULL)
 
 xmlsec1_DEPENDENCIES = \
 	$(CRYPTO_DEPS) \
+	$(XMLSEC_LIBS) \
 	$(NULL)
 
 all: all-am
@@ -436,9 +464,9 @@ clean-binPROGRAMS:
 	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
 	echo " rm -f" $$list; \
 	rm -f $$list
-xmlsec1$(EXEEXT): $(xmlsec1_OBJECTS) $(xmlsec1_DEPENDENCIES) 
+xmlsec1$(EXEEXT): $(xmlsec1_OBJECTS) $(xmlsec1_DEPENDENCIES) $(EXTRA_xmlsec1_DEPENDENCIES) 
 	@rm -f xmlsec1$(EXEEXT)
-	$(xmlsec1_LINK) $(xmlsec1_OBJECTS) $(xmlsec1_LDADD) $(LIBS)
+	$(AM_V_CCLD)$(xmlsec1_LINK) $(xmlsec1_OBJECTS) $(xmlsec1_LDADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -451,25 +479,25 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xmlsec.Po@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -576,10 +604,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/apps/cmdline.c b/apps/cmdline.c
index fe09b7b1..b9ecafb5 100644
--- a/apps/cmdline.c
+++ b/apps/cmdline.c
@@ -19,18 +19,18 @@
 
 #include "cmdline.h"
 
-static int			xmlSecAppCmdLineMatchParam	(const char* argvParam,
-								 const char* paramName,
-								 int canHaveNameString);
-static xmlSecAppCmdLineParamPtr	xmlSecAppCmdLineParamsListFind	(xmlSecAppCmdLineParamPtr* params,
-								 xmlSecAppCmdLineParamTopic topics,
-								 const char* name);
-static int			xmlSecAppCmdLineParamRead	(xmlSecAppCmdLineParamPtr param,
-								 const char** argv, 
-								 int argc, 
-								 int pos);
-static int  			xmlSecAppCmdLineTimeParamRead	(const char* str, 
-								 time_t* t);
+static int                      xmlSecAppCmdLineMatchParam      (const char* argvParam,
+                                                                 const char* paramName,
+                                                                 int canHaveNameString);
+static xmlSecAppCmdLineParamPtr xmlSecAppCmdLineParamsListFind  (xmlSecAppCmdLineParamPtr* params,
+                                                                 xmlSecAppCmdLineParamTopic topics,
+                                                                 const char* name);
+static int                      xmlSecAppCmdLineParamRead       (xmlSecAppCmdLineParamPtr param,
+                                                                 const char** argv, 
+                                                                 int argc, 
+                                                                 int pos);
+static int                      xmlSecAppCmdLineTimeParamRead   (const char* str, 
+                                                                 time_t* t);
 
 int
 xmlSecAppCmdLineParamIsSet(xmlSecAppCmdLineParamPtr param) {
@@ -40,8 +40,8 @@ xmlSecAppCmdLineParamIsSet(xmlSecAppCmdLineParamPtr param) {
 const char* 
 xmlSecAppCmdLineParamGetString(xmlSecAppCmdLineParamPtr param) {
     if(param->type != xmlSecAppCmdLineParamTypeString) {
-	fprintf(stderr, "Error: parameter \"%s\" is not string.\n", param->fullName);
-	return(NULL);
+        fprintf(stderr, "Error: parameter \"%s\" is not string.\n", param->fullName);
+        return(NULL);
     }
     return((param->value != NULL) ? param->value->strValue : NULL);
 }
@@ -49,8 +49,8 @@ xmlSecAppCmdLineParamGetString(xmlSecAppCmdLineParamPtr param) {
 const char* 
 xmlSecAppCmdLineParamGetStringList(xmlSecAppCmdLineParamPtr param) {
     if(param->type != xmlSecAppCmdLineParamTypeStringList) {
-	fprintf(stderr, "Error: parameter \"%s\" is not string list.\n", param->fullName);
-	return(NULL);
+        fprintf(stderr, "Error: parameter \"%s\" is not string list.\n", param->fullName);
+        return(NULL);
     }
     return((param->value != NULL) ? param->value->strListValue : NULL);
 }
@@ -58,8 +58,8 @@ xmlSecAppCmdLineParamGetStringList(xmlSecAppCmdLineParamPtr param) {
 int 
 xmlSecAppCmdLineParamGetInt(xmlSecAppCmdLineParamPtr param, int def) {
     if(param->type != xmlSecAppCmdLineParamTypeNumber) {
-	fprintf(stderr, "Error: parameter \"%s\" is not integer.\n", param->fullName);
-	return(def);
+        fprintf(stderr, "Error: parameter \"%s\" is not integer.\n", param->fullName);
+        return(def);
     }
     return((param->value != NULL) ? param->value->intValue : def);
 }
@@ -67,16 +67,16 @@ xmlSecAppCmdLineParamGetInt(xmlSecAppCmdLineParamPtr param, int def) {
 time_t
 xmlSecAppCmdLineParamGetTime(xmlSecAppCmdLineParamPtr param, time_t def) {
     if(param->type != xmlSecAppCmdLineParamTypeTime) {
-	fprintf(stderr, "Error: parameter \"%s\" is not time.\n", param->fullName);
-	return(def);
+        fprintf(stderr, "Error: parameter \"%s\" is not time.\n", param->fullName);
+        return(def);
     }
     return((param->value != NULL) ? param->value->timeValue : def);
 }
 
 int 
 xmlSecAppCmdLineParamsListParse(xmlSecAppCmdLineParamPtr* params,
-				xmlSecAppCmdLineParamTopic topics,
-				const char** argv, int argc, int pos) {
+                                xmlSecAppCmdLineParamTopic topics,
+                                const char** argv, int argc, int pos) {
     xmlSecAppCmdLineParamPtr param;
     int ii;
     int ret;
@@ -85,27 +85,27 @@ xmlSecAppCmdLineParamsListParse(xmlSecAppCmdLineParamPtr* params,
     assert(argv != NULL);
     
     while((pos < argc) && (argv[pos][0] == '-')) {
-	param = xmlSecAppCmdLineParamsListFind(params, topics, argv[pos]);
-	if(param == NULL) {
-	    fprintf(stderr, "Error: parameter \"%s\" is not supported or the requested\nfeature might have been disabled during compilation.\n", argv[pos]);
-	    return(-1);
-	}
-	
-	ret = xmlSecAppCmdLineParamRead(param, argv, argc, pos);
-	if(ret < pos) {
-	    fprintf(stderr, "Error: failed to parse parameter \"%s\".\n", argv[pos]);
-	    return(-1);
-	}
-	pos = ret + 1;
+        param = xmlSecAppCmdLineParamsListFind(params, topics, argv[pos]);
+        if(param == NULL) {
+            fprintf(stderr, "Error: parameter \"%s\" is not supported or the requested\nfeature might have been disabled during compilation.\n", argv[pos]);
+            return(-1);
+        }
+        
+        ret = xmlSecAppCmdLineParamRead(param, argv, argc, pos);
+        if(ret < pos) {
+            fprintf(stderr, "Error: failed to parse parameter \"%s\".\n", argv[pos]);
+            return(-1);
+        }
+        pos = ret + 1;
     }
     
     /* check that all parameters at the end are filenames */
     for(ii = pos; (ii < argc); ++ii) {
-	if(argv[ii][0] == '-') {
-	    fprintf(stderr, "Error: filename is expected instead of parameter \"%s\".\n", argv[ii]);
-	    return(-1);
-	    
-	}
+        if(argv[ii][0] == '-') {
+            fprintf(stderr, "Error: filename is expected instead of parameter \"%s\".\n", argv[ii]);
+            return(-1);
+            
+        }
     }
     
     
@@ -121,27 +121,27 @@ xmlSecAppCmdLineParamsListClean(xmlSecAppCmdLineParamPtr* params) {
     assert(params != NULL);
     
     for(i = 0; params[i] != NULL; ++i) {
-	while(params[i]->value != NULL) {
-	    tmp = params[i]->value;
-	    params[i]->value = params[i]->value->next;
-	    xmlSecAppCmdLineValueDestroy(tmp);
-	}
+        while(params[i]->value != NULL) {
+            tmp = params[i]->value;
+            params[i]->value = params[i]->value->next;
+            xmlSecAppCmdLineValueDestroy(tmp);
+        }
     }
 }
 
 void 
 xmlSecAppCmdLineParamsListPrint(xmlSecAppCmdLineParamPtr* params,
-				xmlSecAppCmdLineParamTopic topics,
-				FILE* output) {
+                                xmlSecAppCmdLineParamTopic topics,
+                                FILE* output) {
     size_t i;
 
     assert(params != NULL);
     assert(output != NULL);
     
     for(i = 0; params[i] != NULL; ++i) {
-	if(((params[i]->topics & topics) != 0) && (params[i]->help != NULL)) {
-	    fprintf(output, "  %s\n", params[i]->help);
-	}
+        if(((params[i]->topics & topics) != 0) && (params[i]->help != NULL)) {
+            fprintf(output, "  %s\n", params[i]->help);
+        }
     }    
 }
 
@@ -152,8 +152,8 @@ xmlSecAppCmdLineValueCreate(xmlSecAppCmdLineParamPtr param, int pos) {
     assert(param != NULL);
     value = (xmlSecAppCmdLineValuePtr) malloc(sizeof(xmlSecAppCmdLineValue));
     if(value == NULL) {
-	fprintf(stderr, "Error: malloc failed (%d bytes).\n", sizeof(xmlSecAppCmdLineValue));
-	return(NULL);
+        fprintf(stderr, "Error: malloc failed (%d bytes).\n", sizeof(xmlSecAppCmdLineValue));
+        return(NULL);
     }
     memset(value, 0, sizeof(xmlSecAppCmdLineValue));
     
@@ -167,34 +167,34 @@ xmlSecAppCmdLineValueDestroy(xmlSecAppCmdLineValuePtr value) {
     assert(value != NULL);
     
     if(value->strListValue != NULL) {
-	free((void*)value->strListValue);
+        free((void*)value->strListValue);
     }
     free(value);
 }
 
 static int 
 xmlSecAppCmdLineMatchParam(const char* argvParam, const char* paramName,
-			   int canHaveNameString) {
+                           int canHaveNameString) {
     assert(argvParam != NULL);
     assert(paramName != NULL);
     
     if(canHaveNameString != 0) {
-	int len = strlen(paramName);
-	
-	if((strncmp(argvParam, paramName, len) == 0) &&
-	   ((argvParam[len] == '\0') || (argvParam[len] == ':'))) {
-	   
-	   return(1);
-	}
+        int len = strlen(paramName);
+        
+        if((strncmp(argvParam, paramName, len) == 0) &&
+           ((argvParam[len] == '\0') || (argvParam[len] == ':'))) {
+           
+           return(1);
+        }
     } else if(strcmp(argvParam, paramName) == 0) {
-	return(1);
+        return(1);
     }
     return(0);
 }
 
-static xmlSecAppCmdLineParamPtr	
+static xmlSecAppCmdLineParamPtr 
 xmlSecAppCmdLineParamsListFind(xmlSecAppCmdLineParamPtr* params, xmlSecAppCmdLineParamTopic topics,
-				const char* name) {
+                                const char* name) {
     size_t i;
     int canHaveNameString;
 
@@ -202,22 +202,22 @@ xmlSecAppCmdLineParamsListFind(xmlSecAppCmdLineParamPtr* params, xmlSecAppCmdLin
     assert(name != NULL);
 
     for(i = 0; params[i] != NULL; ++i) {
-	if((params[i]->topics & topics) == 0) {
-	    continue;
-	}
+        if((params[i]->topics & topics) == 0) {
+            continue;
+        }
 
-	canHaveNameString = ((params[i]->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) ? 1 : 0;
-	if((params[i]->fullName != NULL) && 
-	   (xmlSecAppCmdLineMatchParam(name, params[i]->fullName, canHaveNameString) == 1)) {
-	
-	    return(params[i]);
-	}
+        canHaveNameString = ((params[i]->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) ? 1 : 0;
+        if((params[i]->fullName != NULL) && 
+           (xmlSecAppCmdLineMatchParam(name, params[i]->fullName, canHaveNameString) == 1)) {
+        
+            return(params[i]);
+        }
 
-	if((params[i]->shortName != NULL) && 
-	   (xmlSecAppCmdLineMatchParam(name, params[i]->shortName, canHaveNameString) == 1)) {
-	
-	    return(params[i]);
-	}
+        if((params[i]->shortName != NULL) && 
+           (xmlSecAppCmdLineMatchParam(name, params[i]->shortName, canHaveNameString) == 1)) {
+        
+            return(params[i]);
+        }
     }
     
     return(NULL);
@@ -235,90 +235,90 @@ xmlSecAppCmdLineParamRead(xmlSecAppCmdLineParamPtr param, const char** argv, int
     
     /* first find the previous value in the list */
     if((param->flags & xmlSecAppCmdLineParamFlagMultipleValues) != 0) {
-	prev = param->value; 
-	while((prev != NULL) && (prev->next != NULL)) {
-	    prev = prev->next; 
-	}
+        prev = param->value; 
+        while((prev != NULL) && (prev->next != NULL)) {
+            prev = prev->next; 
+        }
     } else if(param->value != NULL) {
-	fprintf(stderr, "Error: only one parameter \"%s\" is allowed.\n", argv[pos]);
-	return(-1);
+        fprintf(stderr, "Error: only one parameter \"%s\" is allowed.\n", argv[pos]);
+        return(-1);
     }
     
     /* create new value and add to the list */
     value = xmlSecAppCmdLineValueCreate(param, pos);
     if(value == NULL) {
-	fprintf(stderr, "Error: failed to create value for parameter \"%s\".\n", argv[pos]);
-	return(-1);
+        fprintf(stderr, "Error: failed to create value for parameter \"%s\".\n", argv[pos]);
+        return(-1);
     }
     if(prev != NULL) {
-	assert(prev->next == NULL);
-	prev->next = value;
+        assert(prev->next == NULL);
+        prev->next = value;
     } else {
-	param->value = value;
+        param->value = value;
     }
         
     /* if we can have a string value after the name, parse it */
     if((param->flags & xmlSecAppCmdLineParamFlagParamNameValue) != 0) {
-	value->paramNameValue = strchr(argv[pos], ':');
-	if(value->paramNameValue != NULL) {
-	    ++value->paramNameValue;
-	}
+        value->paramNameValue = strchr(argv[pos], ':');
+        if(value->paramNameValue != NULL) {
+            ++value->paramNameValue;
+        }
     }
     
     switch(param->type) {
-	case xmlSecAppCmdLineParamTypeFlag:
-	    /* do nothing */
-	    break;
-	case xmlSecAppCmdLineParamTypeString:
-	    if(pos + 1 >= argc) {
-	        fprintf(stderr, "Error: string argument expected for parameter \"%s\".\n", argv[pos]);
-	        return(-1);
-	    }
-	    value->strValue = argv[++pos];
-	    break;
-	case xmlSecAppCmdLineParamTypeStringList:
-	    if(pos + 1 >= argc) {
-	        fprintf(stderr, "Error: string list argument expected for parameter \"%s\".\n", argv[pos]);
-	        return(-1);
-	    }
-	    value->strValue = argv[++pos];
-	    buf = (char*)malloc(strlen(value->strValue) + 2);
-	    if(buf == NULL) {
-	        fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", strlen(value->strValue) + 2);
-	        return(-1);
-	    }
-	    memset(buf, 0, strlen(value->strValue) + 2);
-	    memcpy(buf, value->strValue, strlen(value->strValue));
-	    value->strListValue = buf;
-	    while((*buf) != '\0') {
-		if((*buf) == ',') {
-		    (*buf) = '\0';
-		}
-		++buf;
-	    }
-	    break;
-	case xmlSecAppCmdLineParamTypeNumber:
-	    if(pos + 1 >= argc) {
-	        fprintf(stderr, "Error: integer argument expected for parameter \"%s\".\n", argv[pos]);
-	        return(-1);
-	    }    
-	    value->strValue = argv[++pos];
-	    if(sscanf(value->strValue, "%d", &(value->intValue)) != 1) {
-	        fprintf(stderr, "Error: integer argument \"%s\" is invalid.\n", value->strValue);
-	        return(-1);
-	    }    
-	    break;
-	case xmlSecAppCmdLineParamTypeTime:
-	    if(pos + 1 >= argc) {
-	        fprintf(stderr, "Error: time argument expected for parameter \"%s\".\n", argv[pos]);
-	        return(-1);
-	    }
-	    value->strValue = argv[++pos];
-	    if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue)) < 0) {
-	        fprintf(stderr, "Error: time argument \"%s\" is invalid, expected format is \"YYYY-MM-DD HH:MM:SS\").\n", value->strValue);
-	        return(-1);
-	    }    
-	    break;
+        case xmlSecAppCmdLineParamTypeFlag:
+            /* do nothing */
+            break;
+        case xmlSecAppCmdLineParamTypeString:
+            if(pos + 1 >= argc) {
+                fprintf(stderr, "Error: string argument expected for parameter \"%s\".\n", argv[pos]);
+                return(-1);
+            }
+            value->strValue = argv[++pos];
+            break;
+        case xmlSecAppCmdLineParamTypeStringList:
+            if(pos + 1 >= argc) {
+                fprintf(stderr, "Error: string list argument expected for parameter \"%s\".\n", argv[pos]);
+                return(-1);
+            }
+            value->strValue = argv[++pos];
+            buf = (char*)malloc(strlen(value->strValue) + 2);
+            if(buf == NULL) {
+                fprintf(stderr, "Error: failed to allocate memory (%d bytes).\n", strlen(value->strValue) + 2);
+                return(-1);
+            }
+            memset(buf, 0, strlen(value->strValue) + 2);
+            memcpy(buf, value->strValue, strlen(value->strValue));
+            value->strListValue = buf;
+            while((*buf) != '\0') {
+                if((*buf) == ',') {
+                    (*buf) = '\0';
+                }
+                ++buf;
+            }
+            break;
+        case xmlSecAppCmdLineParamTypeNumber:
+            if(pos + 1 >= argc) {
+                fprintf(stderr, "Error: integer argument expected for parameter \"%s\".\n", argv[pos]);
+                return(-1);
+            }    
+            value->strValue = argv[++pos];
+            if(sscanf(value->strValue, "%d", &(value->intValue)) != 1) {
+                fprintf(stderr, "Error: integer argument \"%s\" is invalid.\n", value->strValue);
+                return(-1);
+            }    
+            break;
+        case xmlSecAppCmdLineParamTypeTime:
+            if(pos + 1 >= argc) {
+                fprintf(stderr, "Error: time argument expected for parameter \"%s\".\n", argv[pos]);
+                return(-1);
+            }
+            value->strValue = argv[++pos];
+            if(xmlSecAppCmdLineTimeParamRead(value->strValue, &(value->timeValue)) < 0) {
+                fprintf(stderr, "Error: time argument \"%s\" is invalid, expected format is \"YYYY-MM-DD HH:MM:SS\").\n", value->strValue);
+                return(-1);
+            }    
+            break;
     }
     return(pos);
 }
@@ -329,21 +329,21 @@ xmlSecAppCmdLineTimeParamRead(const char* str, time_t* t) {
     int n;
     
     if((str == NULL) || (t == NULL)) {
-	return(-1);
+        return(-1);
     }
     memset(&tm, 0, sizeof(tm));
     tm.tm_isdst = -1;
     
     n = sscanf(str, "%4d-%2d-%2d%*c%2d:%2d:%2d", 
-			    &tm.tm_year, &tm.tm_mon, &tm.tm_mday,
-			    &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
+                            &tm.tm_year, &tm.tm_mon, &tm.tm_mday,
+                            &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
     if((n != 6) || (tm.tm_year < 1900) 
-		|| (tm.tm_mon  < 1) || (tm.tm_mon  > 12) 
-		|| (tm.tm_mday < 1) || (tm.tm_mday > 31)
-		|| (tm.tm_hour < 0) || (tm.tm_hour > 23)
-		|| (tm.tm_min  < 0) || (tm.tm_min  > 59)
-		|| (tm.tm_sec  < 0) || (tm.tm_sec  > 61)) {
-	return(-1);	    
+                || (tm.tm_mon  < 1) || (tm.tm_mon  > 12) 
+                || (tm.tm_mday < 1) || (tm.tm_mday > 31)
+                || (tm.tm_hour < 0) || (tm.tm_hour > 23)
+                || (tm.tm_min  < 0) || (tm.tm_min  > 59)
+                || (tm.tm_sec  < 0) || (tm.tm_sec  > 61)) {
+        return(-1);         
     }
 
     tm.tm_year -= 1900; /* tm relative format year */
diff --git a/apps/cmdline.h b/apps/cmdline.h
index 60391222..9466f972 100644
--- a/apps/cmdline.h
+++ b/apps/cmdline.h
@@ -16,15 +16,15 @@ extern "C" {
 
 #include <time.h>
 
-typedef struct _xmlSecAppCmdLineParam		xmlSecAppCmdLineParam,
-						*xmlSecAppCmdLineParamPtr;
-typedef struct _xmlSecAppCmdLineValue		xmlSecAppCmdLineValue,
-						*xmlSecAppCmdLineValuePtr;
-typedef unsigned int 				xmlSecAppCmdLineParamTopic;
+typedef struct _xmlSecAppCmdLineParam           xmlSecAppCmdLineParam,
+                                                *xmlSecAppCmdLineParamPtr;
+typedef struct _xmlSecAppCmdLineValue           xmlSecAppCmdLineValue,
+                                                *xmlSecAppCmdLineValuePtr;
+typedef unsigned int                            xmlSecAppCmdLineParamTopic;
 
-#define xmlSecAppCmdLineParamFlagNone			0x0000
-#define	xmlSecAppCmdLineParamFlagParamNameValue		0x0001
-#define	xmlSecAppCmdLineParamFlagMultipleValues		0x0002
+#define xmlSecAppCmdLineParamFlagNone                   0x0000
+#define xmlSecAppCmdLineParamFlagParamNameValue         0x0001
+#define xmlSecAppCmdLineParamFlagMultipleValues         0x0002
 
 typedef enum {
     xmlSecAppCmdLineParamTypeFlag,
@@ -35,48 +35,48 @@ typedef enum {
 } xmlSecAppCmdLineParamType;
 
 struct _xmlSecAppCmdLineParam {
-    xmlSecAppCmdLineParamTopic	topics;
-    const char* 		fullName;
-    const char* 		shortName;
-    const char*			help;
-    xmlSecAppCmdLineParamType	type;
-    int				flags;
-    xmlSecAppCmdLineValuePtr	value;
+    xmlSecAppCmdLineParamTopic  topics;
+    const char*                 fullName;
+    const char*                 shortName;
+    const char*                 help;
+    xmlSecAppCmdLineParamType   type;
+    int                         flags;
+    xmlSecAppCmdLineValuePtr    value;
 };
 
-int		xmlSecAppCmdLineParamIsSet		(xmlSecAppCmdLineParamPtr param);
-const char*	xmlSecAppCmdLineParamGetString		(xmlSecAppCmdLineParamPtr param);
-const char*	xmlSecAppCmdLineParamGetStringList	(xmlSecAppCmdLineParamPtr param);
-int		xmlSecAppCmdLineParamGetInt		(xmlSecAppCmdLineParamPtr param,
-							 int def);
-time_t		xmlSecAppCmdLineParamGetTime		(xmlSecAppCmdLineParamPtr param,
-							 time_t def);
-
-int		xmlSecAppCmdLineParamsListParse		(xmlSecAppCmdLineParamPtr* params,
-							 xmlSecAppCmdLineParamTopic topcis,
-							 const char** argv,
-							 int argc,
-							 int pos);
-void		xmlSecAppCmdLineParamsListClean		(xmlSecAppCmdLineParamPtr* params);
-void		xmlSecAppCmdLineParamsListPrint		(xmlSecAppCmdLineParamPtr* params,
-							 xmlSecAppCmdLineParamTopic topic,
-							 FILE* output);
+int             xmlSecAppCmdLineParamIsSet              (xmlSecAppCmdLineParamPtr param);
+const char*     xmlSecAppCmdLineParamGetString          (xmlSecAppCmdLineParamPtr param);
+const char*     xmlSecAppCmdLineParamGetStringList      (xmlSecAppCmdLineParamPtr param);
+int             xmlSecAppCmdLineParamGetInt             (xmlSecAppCmdLineParamPtr param,
+                                                         int def);
+time_t          xmlSecAppCmdLineParamGetTime            (xmlSecAppCmdLineParamPtr param,
+                                                         time_t def);
+
+int             xmlSecAppCmdLineParamsListParse         (xmlSecAppCmdLineParamPtr* params,
+                                                         xmlSecAppCmdLineParamTopic topcis,
+                                                         const char** argv,
+                                                         int argc,
+                                                         int pos);
+void            xmlSecAppCmdLineParamsListClean         (xmlSecAppCmdLineParamPtr* params);
+void            xmlSecAppCmdLineParamsListPrint         (xmlSecAppCmdLineParamPtr* params,
+                                                         xmlSecAppCmdLineParamTopic topic,
+                                                         FILE* output);
 
 struct _xmlSecAppCmdLineValue {
-    xmlSecAppCmdLineParamPtr	param;
-    int				pos;
-    const char*			paramNameValue;
-    const char*			strValue;
-    const char*			strListValue;
-    int				intValue;
-    time_t			timeValue;
-    xmlSecAppCmdLineValuePtr	next;
+    xmlSecAppCmdLineParamPtr    param;
+    int                         pos;
+    const char*                 paramNameValue;
+    const char*                 strValue;
+    const char*                 strListValue;
+    int                         intValue;
+    time_t                      timeValue;
+    xmlSecAppCmdLineValuePtr    next;
 };
 
 
-xmlSecAppCmdLineValuePtr xmlSecAppCmdLineValueCreate	(xmlSecAppCmdLineParamPtr param,
-							 int pos);
-void			 xmlSecAppCmdLineValueDestroy	(xmlSecAppCmdLineValuePtr value);								 
+xmlSecAppCmdLineValuePtr xmlSecAppCmdLineValueCreate    (xmlSecAppCmdLineParamPtr param,
+                                                         int pos);
+void                     xmlSecAppCmdLineValueDestroy   (xmlSecAppCmdLineValuePtr value);                                                                
 
 
 #ifdef __cplusplus
diff --git a/apps/crypto.c b/apps/crypto.c
index 5e3d5ca3..49dd127c 100644
--- a/apps/crypto.c
+++ b/apps/crypto.c
@@ -23,20 +23,20 @@
 int
 xmlSecAppCryptoInit(const char* config) {
     if(xmlSecCryptoAppInit(config) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if(xmlSecCryptoInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     
     return(0);
@@ -45,21 +45,21 @@ xmlSecAppCryptoInit(const char* config) {
 int
 xmlSecAppCryptoShutdown(void) {
     if(xmlSecCryptoShutdown() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoShutdown",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoShutdown",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if(xmlSecCryptoAppShutdown() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppShutdown",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppShutdown",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -89,11 +89,11 @@ xmlSecAppCryptoSimpleKeysMngrSave(xmlSecKeysMngrPtr mngr, const char *filename,
 
 int 
 xmlSecAppCryptoSimpleKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-				      xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
+                                      xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
 
-#ifndef XMLSEC_NO_X509	    
+#ifndef XMLSEC_NO_X509      
     return(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, format, type));
 #else /* XMLSEC_NO_X509 */
     return(-1);
@@ -102,9 +102,9 @@ xmlSecAppCryptoSimpleKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filena
 
 int 
 xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr, 
-					     const char* files, const char* pwd, 
-					     const char* name, 
-					     xmlSecKeyDataFormat format) {
+                                             const char* files, const char* pwd, 
+                                             const char* name, 
+                                             xmlSecKeyDataFormat format) {
     xmlSecKeyPtr key;
     int ret;
 
@@ -113,66 +113,66 @@ xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(xmlSecKeysMngrPtr mngr,
 
     /* first is the key file */
     key = xmlSecCryptoAppKeyLoad(files, format, pwd, 
-		xmlSecCryptoAppGetDefaultPwdCallback(), (void*)files);
+                xmlSecCryptoAppGetDefaultPwdCallback(), (void*)files);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppKeyLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", 
-		    xmlSecErrorsSafeString(files));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppKeyLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", 
+                    xmlSecErrorsSafeString(files));
+        return(-1);
     }
     
     if(name != NULL) {
-	ret = xmlSecKeySetName(key, BAD_CAST name);
-	if(ret < 0) {	
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeySetName",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s", 
-			xmlSecErrorsSafeString(name));
-	    xmlSecKeyDestroy(key);
-	    return(-1);
-	}
+        ret = xmlSecKeySetName(key, BAD_CAST name);
+        if(ret < 0) {   
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeySetName",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s", 
+                        xmlSecErrorsSafeString(name));
+            xmlSecKeyDestroy(key);
+            return(-1);
+        }
     }
 
 #ifndef XMLSEC_NO_X509     
     for(files += strlen(files) + 1; (files[0] != '\0'); files += strlen(files) + 1) {
-	ret = xmlSecCryptoAppKeyCertLoad(key, files, format);
-	if(ret < 0){
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecCryptoAppKeyCertLoad",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"uri=%s", 
-			xmlSecErrorsSafeString(files));
-	    xmlSecKeyDestroy(key);
-	    return(-1);
-	}
+        ret = xmlSecCryptoAppKeyCertLoad(key, files, format);
+        if(ret < 0){
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecCryptoAppKeyCertLoad",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "uri=%s", 
+                        xmlSecErrorsSafeString(files));
+            xmlSecKeyDestroy(key);
+            return(-1);
+        }
     }
 #else /* XMLSEC_NO_X509 */
     files += strlen(files) + 1;
     if(files[0] != '\0') {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "x509",
-		    XMLSEC_ERRORS_R_DISABLED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "x509",
+                    XMLSEC_ERRORS_R_DISABLED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 #endif /* XMLSEC_NO_X509 */        
 
     ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
     }
     
     return(0);
@@ -189,49 +189,49 @@ xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(xmlSecKeysMngrPtr mngr, const char *f
 
 #ifndef XMLSEC_NO_X509
     key = xmlSecCryptoAppKeyLoad(filename, xmlSecKeyDataFormatPkcs12, pwd, 
-		    xmlSecCryptoAppGetDefaultPwdCallback(), (void*)filename);
+                    xmlSecCryptoAppGetDefaultPwdCallback(), (void*)filename);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppKeyLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s",
-		    xmlSecErrorsSafeString(filename));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppKeyLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        return(-1);
     }
         
     if(name != NULL) {
-	ret = xmlSecKeySetName(key, BAD_CAST name);
-	if(ret < 0) {	
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeySetName",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(name));			
-	    xmlSecKeyDestroy(key);
-	    return(-1);
-	}
+        ret = xmlSecKeySetName(key, BAD_CAST name);
+        if(ret < 0) {   
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeySetName",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(name));                  
+            xmlSecKeyDestroy(key);
+            return(-1);
+        }
     }
     
     ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
     }
     
     return(0);
 #else /* XMLSEC_NO_X509 */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"x509",
-		XMLSEC_ERRORS_R_DISABLED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "x509",
+                XMLSEC_ERRORS_R_DISABLED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
 #endif /* XMLSEC_NO_X509 */
 }
@@ -248,49 +248,49 @@ xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(xmlSecKeysMngrPtr mngr, const char* k
 
     /* find requested data */
     dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST keyKlass, 
-					   xmlSecKeyDataUsageAny);
+                                           xmlSecKeyDataUsageAny);
     if(dataId == xmlSecKeyDataIdUnknown) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdListFindByName",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(keyKlass));
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdListFindByName",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(keyKlass));
+        return(-1);    
     }
 
     key = xmlSecKeyReadBinaryFile(dataId, filename);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyReadBinaryFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyReadBinaryFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);    
     }
     
     ret = xmlSecKeySetName(key, BAD_CAST name);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetName",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(name));
-	xmlSecKeyDestroy(key);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetName",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(name));
+        xmlSecKeyDestroy(key);
+        return(-1);    
     }
 
     /* finally add it to keys manager */    
     ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
     }
 
     return(0);
@@ -307,24 +307,24 @@ xmlSecAppCryptoSimpleKeysMngrKeyGenerate(xmlSecKeysMngrPtr mngr, const char* key
     
     key = xmlSecAppCryptoKeyGenerate(keyKlassAndSize, name, xmlSecKeyDataTypePermanent);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAppCryptoSimpleKeysMngrKeyGenerate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(name));
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAppCryptoSimpleKeysMngrKeyGenerate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(name));
+        return(-1);    
     }    
 
     ret = xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoAppDefaultKeysMngrAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
     }
     return(0);
 }
@@ -341,54 +341,54 @@ xmlSecAppCryptoKeyGenerate(const char* keyKlassAndSize, const char* name, xmlSec
 
     buf = (char*) xmlStrdup(BAD_CAST keyKlassAndSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_STRDUP_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(name));
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_STRDUP_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(name));
+        return(NULL);    
     }
         
     /* separate key klass and size */
     p = strchr(buf, '-');
     if(p == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "key size is not specified %s", 
-		    xmlSecErrorsSafeString(buf));
-	xmlFree(buf);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "key size is not specified %s", 
+                    xmlSecErrorsSafeString(buf));
+        xmlFree(buf);
+        return(NULL);
     }
     *(p++) = '\0';
     size = atoi(p);
     
     key = xmlSecKeyGenerateByName(BAD_CAST buf, size, type);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyGenerate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "klass=%s;size=%d",
-		    xmlSecErrorsSafeString(buf), 
-		    size);
-	xmlFree(buf);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyGenerate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "klass=%s;size=%d",
+                    xmlSecErrorsSafeString(buf), 
+                    size);
+        xmlFree(buf);
+        return(NULL);   
     }
     
     ret = xmlSecKeySetName(key, BAD_CAST name);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetName",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=\"%s\"", 
-		    xmlSecErrorsSafeString(name));
-	xmlSecKeyDestroy(key);
-	xmlFree(buf);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetName",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=\"%s\"", 
+                    xmlSecErrorsSafeString(name));
+        xmlSecKeyDestroy(key);
+        xmlFree(buf);
+        return(NULL);
     }
     
     xmlFree(buf);
diff --git a/apps/crypto.h b/apps/crypto.h
index 1ce2c3e9..63a94a40 100644
--- a/apps/crypto.h
+++ b/apps/crypto.h
@@ -20,44 +20,44 @@ extern "C" {
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/crypto.h>
 
-int	xmlSecAppCryptoInit					(const char* config);
-int	xmlSecAppCryptoShutdown					(void);
+int     xmlSecAppCryptoInit                                     (const char* config);
+int     xmlSecAppCryptoShutdown                                 (void);
 
-xmlSecKeyPtr xmlSecAppCryptoKeyGenerate				(const char* keyKlassAndSize,
-								 const char* name,
-								 xmlSecKeyDataType type);
+xmlSecKeyPtr xmlSecAppCryptoKeyGenerate                         (const char* keyKlassAndSize,
+                                                                 const char* name,
+                                                                 xmlSecKeyDataType type);
 
 /*****************************************************************************
  *
  * Simple keys manager
  *
  ****************************************************************************/
-int	xmlSecAppCryptoSimpleKeysMngrInit			(xmlSecKeysMngrPtr mngr);
-int	xmlSecAppCryptoSimpleKeysMngrLoad			(xmlSecKeysMngrPtr mngr, 
-								 const char *filename);
-int	xmlSecAppCryptoSimpleKeysMngrSave			(xmlSecKeysMngrPtr mngr, 
-								 const char *filename,
-								 xmlSecKeyDataType type);
-int 	xmlSecAppCryptoSimpleKeysMngrCertLoad			(xmlSecKeysMngrPtr mngr, 
-								 const char *filename, 
-								 xmlSecKeyDataFormat format,
-								 xmlSecKeyDataType type);
-int 	xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad		(xmlSecKeysMngrPtr mngr, 
-								 const char *files, 
-								 const char* pwd, 
-								 const char* name,
-								 xmlSecKeyDataFormat format);
-int 	xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad		(xmlSecKeysMngrPtr mngr, 
-								 const char *filename, 
-								 const char* pwd, 
-								 const char *name);
-int 	xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad		(xmlSecKeysMngrPtr mngr, 
-								 const char* keyKlass, 
-								 const char* filename, 
-								 const char *name);
-int	xmlSecAppCryptoSimpleKeysMngrKeyGenerate		(xmlSecKeysMngrPtr mngr, 
-								 const char* keyKlassAndSize,
-								 const char* name);
+int     xmlSecAppCryptoSimpleKeysMngrInit                       (xmlSecKeysMngrPtr mngr);
+int     xmlSecAppCryptoSimpleKeysMngrLoad                       (xmlSecKeysMngrPtr mngr, 
+                                                                 const char *filename);
+int     xmlSecAppCryptoSimpleKeysMngrSave                       (xmlSecKeysMngrPtr mngr, 
+                                                                 const char *filename,
+                                                                 xmlSecKeyDataType type);
+int     xmlSecAppCryptoSimpleKeysMngrCertLoad                   (xmlSecKeysMngrPtr mngr, 
+                                                                 const char *filename, 
+                                                                 xmlSecKeyDataFormat format,
+                                                                 xmlSecKeyDataType type);
+int     xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad            (xmlSecKeysMngrPtr mngr, 
+                                                                 const char *files, 
+                                                                 const char* pwd, 
+                                                                 const char* name,
+                                                                 xmlSecKeyDataFormat format);
+int     xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad              (xmlSecKeysMngrPtr mngr, 
+                                                                 const char *filename, 
+                                                                 const char* pwd, 
+                                                                 const char *name);
+int     xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad              (xmlSecKeysMngrPtr mngr, 
+                                                                 const char* keyKlass, 
+                                                                 const char* filename, 
+                                                                 const char *name);
+int     xmlSecAppCryptoSimpleKeysMngrKeyGenerate                (xmlSecKeysMngrPtr mngr, 
+                                                                 const char* keyKlassAndSize,
+                                                                 const char* name);
 
 
 #ifdef __cplusplus
diff --git a/apps/xmlsec.c b/apps/xmlsec.c
index f2fa9f64..d551b5a6 100644
--- a/apps/xmlsec.c
+++ b/apps/xmlsec.c
@@ -24,6 +24,7 @@
 #include <libxslt/extensions.h> 
 #include <libxslt/xsltInternals.h>
 #include <libxslt/xsltutils.h>
+#include <libxslt/security.h>
 #include <libexslt/exslt.h>
 #endif /* XMLSEC_NO_XSLT */
 
@@ -56,23 +57,23 @@ static const char helpCommands1[] =
     "\n"
     "xmlsec is a command line tool for signing, verifying, encrypting and\n"
     "decrypting XML documents. The allowed <command> values are:\n"
-    "  --help      "	"\tdisplay this help information and exit\n"
-    "  --help-all  "	"\tdisplay help information for all commands/options and exit\n"
-    "  --help-<cmd>"	"\tdisplay help information for command <cmd> and exit\n"
-    "  --version   "	"\tprint version information and exit\n"
-    "  --keys      "	"\tkeys XML file manipulation\n";
+    "  --help      "    "\tdisplay this help information and exit\n"
+    "  --help-all  "    "\tdisplay help information for all commands/options and exit\n"
+    "  --help-<cmd>"    "\tdisplay help information for command <cmd> and exit\n"
+    "  --version   "    "\tprint version information and exit\n"
+    "  --keys      "    "\tkeys XML file manipulation\n";
 
 static const char helpCommands2[] =     
 #ifndef XMLSEC_NO_XMLDSIG
-    "  --sign      "	"\tsign data and output XML document\n"
-    "  --verify    "	"\tverify signed document\n"
+    "  --sign      "    "\tsign data and output XML document\n"
+    "  --verify    "    "\tverify signed document\n"
 #ifndef XMLSEC_NO_TMPL_TEST
-    "  --sign-tmpl "	"\tcreate and sign dynamicaly generated signature template\n"
+    "  --sign-tmpl "    "\tcreate and sign dynamicaly generated signature template\n"
 #endif /* XMLSEC_NO_TMPL_TEST */
 #endif /* XMLSEC_NO_XMLDSIG */
 #ifndef XMLSEC_NO_XMLENC
-    "  --encrypt   "	"\tencrypt data and output XML document\n"
-    "  --decrypt   "	"\tdecrypt data from XML document\n"
+    "  --encrypt   "    "\tencrypt data and output XML document\n"
+    "  --decrypt   "    "\tdecrypt data from XML document\n"
 #endif /* XMLSEC_NO_XMLENC */
 #ifndef XMLSEC_NO_XKMS
     "  --xkms-server-request ""\tprocess data as XKMS server request\n"
@@ -132,18 +133,19 @@ static const char helpCheckTransforms[] =
     "Usage: xmlsec check-transforms <transform-name> [<transform-name> ... ]\n"
     "Checks the given transforms against the list of known transform klasses\n";
 
-#define xmlSecAppCmdLineTopicGeneral		0x0001
-#define xmlSecAppCmdLineTopicDSigCommon		0x0002
-#define xmlSecAppCmdLineTopicDSigSign		0x0004
-#define xmlSecAppCmdLineTopicDSigVerify		0x0008
-#define xmlSecAppCmdLineTopicEncCommon		0x0010
-#define xmlSecAppCmdLineTopicEncEncrypt		0x0020
-#define xmlSecAppCmdLineTopicEncDecrypt		0x0040
-#define xmlSecAppCmdLineTopicXkmsCommon		0x0080
-#define xmlSecAppCmdLineTopicKeysMngr		0x1000
-#define xmlSecAppCmdLineTopicX509Certs		0x2000
-#define xmlSecAppCmdLineTopicVersion		0x4000
-#define xmlSecAppCmdLineTopicAll		0xFFFF
+#define xmlSecAppCmdLineTopicGeneral            0x0001
+#define xmlSecAppCmdLineTopicDSigCommon         0x0002
+#define xmlSecAppCmdLineTopicDSigSign           0x0004
+#define xmlSecAppCmdLineTopicDSigVerify         0x0008
+#define xmlSecAppCmdLineTopicEncCommon          0x0010
+#define xmlSecAppCmdLineTopicEncEncrypt         0x0020
+#define xmlSecAppCmdLineTopicEncDecrypt         0x0040
+#define xmlSecAppCmdLineTopicXkmsCommon         0x0080
+#define xmlSecAppCmdLineTopicKeysMngr           0x1000
+#define xmlSecAppCmdLineTopicX509Certs          0x2000
+#define xmlSecAppCmdLineTopicVersion            0x4000
+#define xmlSecAppCmdLineTopicCryptoConfig       0x8000
+#define xmlSecAppCmdLineTopicAll                0xFFFF
 
 /****************************************************************
  *
@@ -159,25 +161,23 @@ static xmlSecAppCmdLineParam helpParam = {
     xmlSecAppCmdLineParamTypeFlag,
     xmlSecAppCmdLineParamFlagNone,
     NULL
-};    
+};
 
-#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 static xmlSecAppCmdLineParam cryptoParam = { 
-    xmlSecAppCmdLineTopicGeneral,
+    xmlSecAppCmdLineTopicCryptoConfig,
     "--crypto",
     NULL,
     "--crypto <name>"
     "\n\tthe name of the crypto engine to use from the following"
-    "\n\tlist: openssl, gnutls, nss, mscrypto (if no crypto engine is"
+    "\n\tlist: openssl, mscrypto, nss, gnutls, gcrypt (if no crypto engine is"
     "\n\tspecified then the default one is used)",
     xmlSecAppCmdLineParamTypeString,
     xmlSecAppCmdLineParamFlagNone,
     NULL
-};    
-#endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
+};
 
 static xmlSecAppCmdLineParam cryptoConfigParam = { 
-    xmlSecAppCmdLineTopicGeneral,
+    xmlSecAppCmdLineTopicCryptoConfig,
     "--crypto-config",
     NULL,
     "--crypto-config <path>"
@@ -185,11 +185,11 @@ static xmlSecAppCmdLineParam cryptoConfigParam = {
     xmlSecAppCmdLineParamTypeString,
     xmlSecAppCmdLineParamFlagNone,
     NULL
-};    
+};
 
 
 static xmlSecAppCmdLineParam repeatParam = { 
-    xmlSecAppCmdLineTopicGeneral,
+    xmlSecAppCmdLineTopicCryptoConfig,
     "--repeat",
     "-r",
     "--repeat <number>"
@@ -197,7 +197,7 @@ static xmlSecAppCmdLineParam repeatParam = {
     xmlSecAppCmdLineParamTypeNumber,
     xmlSecAppCmdLineParamFlagNone,
     NULL
-};    
+};
 
 
 static xmlSecAppCmdLineParam disableErrorMsgsParam = { 
@@ -898,9 +898,7 @@ static xmlSecAppCmdLineParamPtr parameters[] = {
 #endif /* XMLSEC_NO_X509 */    
     
     /* General configuration params */
-#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
     &cryptoParam,
-#endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
     &cryptoConfigParam,
     &repeatParam,
     &disableErrorMsgsParam,
@@ -929,71 +927,71 @@ typedef enum {
     xmlSecAppCommandXkmsServerRequest
 } xmlSecAppCommand;
 
-typedef struct _xmlSecAppXmlData				xmlSecAppXmlData,
-								*xmlSecAppXmlDataPtr;
+typedef struct _xmlSecAppXmlData                                xmlSecAppXmlData,
+                                                                *xmlSecAppXmlDataPtr;
 struct _xmlSecAppXmlData {
-    xmlDocPtr	doc;
-    xmlDtdPtr	dtd;
-    xmlNodePtr	startNode;
+    xmlDocPtr   doc;
+    xmlDtdPtr   dtd;
+    xmlNodePtr  startNode;
 };
 
-static xmlSecAppXmlDataPtr	xmlSecAppXmlDataCreate		(const char* filename,
-								 const xmlChar* defStartNodeName,
-								 const xmlChar* defStartNodeNs);
-static void			xmlSecAppXmlDataDestroy		(xmlSecAppXmlDataPtr data);
+static xmlSecAppXmlDataPtr      xmlSecAppXmlDataCreate          (const char* filename,
+                                                                 const xmlChar* defStartNodeName,
+                                                                 const xmlChar* defStartNodeNs);
+static void                     xmlSecAppXmlDataDestroy         (xmlSecAppXmlDataPtr data);
 
 
-static xmlSecAppCommand 	xmlSecAppParseCommand		(const char* cmd, 
-							         xmlSecAppCmdLineParamTopic* topics,
-								 xmlSecAppCommand* subCommand);
-static void 			xmlSecAppPrintHelp		(xmlSecAppCommand command, 
-								 xmlSecAppCmdLineParamTopic topics);
-#define				xmlSecAppPrintUsage()		xmlSecAppPrintHelp(xmlSecAppCommandUnknown, 0)
-static int			xmlSecAppInit			(void);
-static void			xmlSecAppShutdown		(void);
-static int			xmlSecAppLoadKeys		(void);
-static int			xmlSecAppPrepareKeyInfoReadCtx	(xmlSecKeyInfoCtxPtr ctx);
+static xmlSecAppCommand         xmlSecAppParseCommand           (const char* cmd, 
+                                                                 xmlSecAppCmdLineParamTopic* topics,
+                                                                 xmlSecAppCommand* subCommand);
+static void                     xmlSecAppPrintHelp              (xmlSecAppCommand command, 
+                                                                 xmlSecAppCmdLineParamTopic topics);
+#define                         xmlSecAppPrintUsage()           xmlSecAppPrintHelp(xmlSecAppCommandUnknown, 0)
+static int                      xmlSecAppInit                   (void);
+static void                     xmlSecAppShutdown               (void);
+static int                      xmlSecAppLoadKeys               (void);
+static int                      xmlSecAppPrepareKeyInfoReadCtx  (xmlSecKeyInfoCtxPtr ctx);
 
 #ifndef XMLSEC_NO_XMLDSIG
-static int			xmlSecAppSignFile		(const char* filename);
-static int			xmlSecAppVerifyFile		(const char* filename);
+static int                      xmlSecAppSignFile               (const char* filename);
+static int                      xmlSecAppVerifyFile             (const char* filename);
 #ifndef XMLSEC_NO_TMPL_TEST
-static int			xmlSecAppSignTmpl		(void);
+static int                      xmlSecAppSignTmpl               (void);
 #endif /* XMLSEC_NO_TMPL_TEST */
-static int			xmlSecAppPrepareDSigCtx		(xmlSecDSigCtxPtr dsigCtx);
-static void			xmlSecAppPrintDSigCtx		(xmlSecDSigCtxPtr dsigCtx);
+static int                      xmlSecAppPrepareDSigCtx         (xmlSecDSigCtxPtr dsigCtx);
+static void                     xmlSecAppPrintDSigCtx           (xmlSecDSigCtxPtr dsigCtx);
 #endif /* XMLSEC_NO_XMLDSIG */
 
 #ifndef XMLSEC_NO_XMLENC
-static int			xmlSecAppEncryptFile		(const char* filename);
-static int			xmlSecAppDecryptFile		(const char* filename);
+static int                      xmlSecAppEncryptFile            (const char* filename);
+static int                      xmlSecAppDecryptFile            (const char* filename);
 #ifndef XMLSEC_NO_TMPL_TEST
-static int			xmlSecAppEncryptTmpl		(void);
+static int                      xmlSecAppEncryptTmpl            (void);
 #endif /* XMLSEC_NO_TMPL_TEST */
-static int			xmlSecAppPrepareEncCtx		(xmlSecEncCtxPtr encCtx);
-static void			xmlSecAppPrintEncCtx		(xmlSecEncCtxPtr encCtx);
+static int                      xmlSecAppPrepareEncCtx          (xmlSecEncCtxPtr encCtx);
+static void                     xmlSecAppPrintEncCtx            (xmlSecEncCtxPtr encCtx);
 #endif /* XMLSEC_NO_XMLENC */
 
 #ifndef XMLSEC_NO_XKMS
-static int			xmlSecAppXkmsServerProcess	(const char* filename);
-static int			xmlSecAppPrepareXkmsServerCtx	(xmlSecXkmsServerCtxPtr xkmsServerCtx);
-static void			xmlSecAppPrintXkmsServerCtx	(xmlSecXkmsServerCtxPtr xkmsServerCtx);
+static int                      xmlSecAppXkmsServerProcess      (const char* filename);
+static int                      xmlSecAppPrepareXkmsServerCtx   (xmlSecXkmsServerCtxPtr xkmsServerCtx);
+static void                     xmlSecAppPrintXkmsServerCtx     (xmlSecXkmsServerCtxPtr xkmsServerCtx);
 #endif /* XMLSEC_NO_XKMS */
 
-static void			xmlSecAppListKeyData		(void);
-static int			xmlSecAppCheckKeyData	    (const char * name);
-static void			xmlSecAppListTransforms		(void);
-static int			xmlSecAppCheckTransform	    (const char * name);
-
-static xmlSecTransformUriType	xmlSecAppGetUriType		(const char* string);
-static FILE* 			xmlSecAppOpenFile		(const char* filename);
-static void			xmlSecAppCloseFile		(FILE* file);
-static int			xmlSecAppWriteResult		(xmlDocPtr doc,
-								 xmlSecBufferPtr buffer);
-static int 			xmlSecAppAddIDAttr		(xmlNodePtr cur,
-								 const xmlChar* attr,
-								 const xmlChar* node,
-								 const xmlChar* nsHref);								 
+static void                     xmlSecAppListKeyData            (void);
+static int                      xmlSecAppCheckKeyData       (const char * name);
+static void                     xmlSecAppListTransforms         (void);
+static int                      xmlSecAppCheckTransform     (const char * name);
+
+static xmlSecTransformUriType   xmlSecAppGetUriType             (const char* string);
+static FILE*                    xmlSecAppOpenFile               (const char* filename);
+static void                     xmlSecAppCloseFile              (FILE* file);
+static int                      xmlSecAppWriteResult            (xmlDocPtr doc,
+                                                                 xmlSecBufferPtr buffer);
+static int                      xmlSecAppAddIDAttr              (xmlNodePtr cur,
+                                                                 const xmlChar* attr,
+                                                                 const xmlChar* node,
+                                                                 const xmlChar* nsHref);                                                                 
 
 xmlSecKeysMngrPtr gKeysMngr = NULL;
 int repeats = 1;
@@ -1007,201 +1005,208 @@ int main(int argc, const char **argv) {
     xmlSecAppCommand command, subCommand;
     int pos, i;
     int res = 1;
-            
+
     /* read the command (first argument) */
     if(argc < 2) {
-	xmlSecAppPrintUsage();
-	goto fail;
+        xmlSecAppPrintUsage();
+        goto fail;
     }
     command = xmlSecAppParseCommand(argv[1], &cmdLineTopics, &subCommand);
     if(command == xmlSecAppCommandUnknown) {
-	fprintf(stderr, "Error: unknown command \"%s\"\n", argv[1]);
-	xmlSecAppPrintUsage();
-	goto fail;
+        fprintf(stderr, "Error: unknown command \"%s\"\n", argv[1]);
+        xmlSecAppPrintUsage();
+        goto fail;
     }
     
     /* do as much as we can w/o initialization */
     if(command == xmlSecAppCommandHelp) {
-	xmlSecAppPrintHelp(subCommand, cmdLineTopics);
-	goto success;
+        xmlSecAppPrintHelp(subCommand, cmdLineTopics);
+        goto success;
     } else if(command == xmlSecAppCommandVersion) {
-	fprintf(stdout, "%s %s (%s)\n", PACKAGE, XMLSEC_VERSION, xmlsec_crypto);
-	goto success;
+        fprintf(stdout, "%s %s (%s)\n", PACKAGE, XMLSEC_VERSION, xmlsec_crypto);
+        goto success;
     }
     
     /* parse command line */
     pos = xmlSecAppCmdLineParamsListParse(parameters, cmdLineTopics, argv, argc, 2);
     if(pos < 0) {
-	fprintf(stderr, "Error: invalid parameters\n");
-	xmlSecAppPrintUsage();
-	goto fail;
+        fprintf(stderr, "Error: invalid parameters\n");
+        xmlSecAppPrintUsage();
+        goto fail;
     }
     
     /* is it a help request? */    
     if(xmlSecAppCmdLineParamIsSet(&helpParam)) {
-	xmlSecAppPrintHelp(command, cmdLineTopics);
-	goto success;
+        xmlSecAppPrintHelp(command, cmdLineTopics);
+        goto success;
     }
     
     /* we need to have some files at the end */
     switch(command) {
-	case xmlSecAppCommandKeys:
-	case xmlSecAppCommandSign:
-	case xmlSecAppCommandVerify:
-	case xmlSecAppCommandEncrypt:
-	case xmlSecAppCommandDecrypt:
-	case xmlSecAppCommandXkmsServerRequest:
-	    if(pos >= argc) {
-		fprintf(stderr, "Error: <file> parameter is requried for this command\n");
-		xmlSecAppPrintUsage();
-		goto fail;
-	    }
-	    break;
-	default:
-	    break;
+        case xmlSecAppCommandKeys:
+        case xmlSecAppCommandSign:
+        case xmlSecAppCommandVerify:
+        case xmlSecAppCommandEncrypt:
+        case xmlSecAppCommandDecrypt:
+        case xmlSecAppCommandXkmsServerRequest:
+            if(pos >= argc) {
+                fprintf(stderr, "Error: <file> parameter is requried for this command\n");
+                xmlSecAppPrintUsage();
+                goto fail;
+            }
+            break;
+        default:
+            break;
     }
-    
+
     /* now init the xmlsec and all other libs */
-#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
+    /* ignore "--crypto" if we don't have dynamic loading */
     tmp = xmlSecAppCmdLineParamGetString(&cryptoParam);
+#if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
     if((tmp != NULL) && (strcmp(tmp, "default") != 0)) {
-	xmlsec_crypto = tmp;
+        xmlsec_crypto = tmp;
+    }
+#else /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
+    if((tmp != NULL) && (strcmp(tmp, xmlsec_crypto) != 0)) {
+        fprintf(stderr, "Error: dynaimc crypto libraries loading is disabled and the only available crypto library is '%s'\n", xmlsec_crypto);
+        xmlSecAppPrintUsage();
+        goto fail;
     }
 #endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
-    
+
     if(xmlSecAppInit() < 0) {
-	fprintf(stderr, "Error: initialization failed\n");
-	xmlSecAppPrintUsage();
-	goto fail;
+        fprintf(stderr, "Error: initialization failed\n");
+        xmlSecAppPrintUsage();
+        goto fail;
     }    
     
     /* load keys */
     if(xmlSecAppLoadKeys() < 0) {
-	fprintf(stderr, "Error: keys manager creation failed\n");
-	xmlSecAppPrintUsage();
-	goto fail;
+        fprintf(stderr, "Error: keys manager creation failed\n");
+        xmlSecAppPrintUsage();
+        goto fail;
     }
     
     /* get the "repeats" number */
     if(xmlSecAppCmdLineParamIsSet(&repeatParam) && 
        (xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) {
        
-	repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
+        repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
     }
 
     /* execute requested number of times */
     for(; repeats > 0; --repeats) {
-	switch(command) {
-	case xmlSecAppCommandListKeyData:
-	    xmlSecAppListKeyData();
-	    break;
-	case xmlSecAppCommandCheckKeyData:
-	    for(i = pos; i < argc; ++i) {
+        switch(command) {
+        case xmlSecAppCommandListKeyData:
+            xmlSecAppListKeyData();
+            break;
+        case xmlSecAppCommandCheckKeyData:
+            for(i = pos; i < argc; ++i) {
             if(xmlSecAppCheckKeyData(argv[i]) < 0) {
                 fprintf(stderr, "Error: key data \"%s\" not found\n", argv[i]);
                 goto fail;
             } else {
                 fprintf(stdout, "Key data \"%s\" found\n", argv[i]);
             }
-	    }
-	    break;
-	case xmlSecAppCommandListTransforms:
-	    xmlSecAppListTransforms();
-	    break;	    
-	case xmlSecAppCommandCheckTransforms:
-	    for(i = pos; i < argc; ++i) {
+            }
+            break;
+        case xmlSecAppCommandListTransforms:
+            xmlSecAppListTransforms();
+            break;          
+        case xmlSecAppCommandCheckTransforms:
+            for(i = pos; i < argc; ++i) {
             if(xmlSecAppCheckTransform(argv[i]) < 0) {
                 fprintf(stderr, "Error: transform \"%s\" not found\n", argv[i]);
                 goto fail;
             } else {
                 fprintf(stdout, "Transforms \"%s\" found\n", argv[i]);
             }
-	    }
-	    break;	    
-	case xmlSecAppCommandKeys:
-	    for(i = pos; i < argc; ++i) {
-    	    	if(xmlSecAppCryptoSimpleKeysMngrSave(gKeysMngr, argv[i], xmlSecKeyDataTypeAny) < 0) {
-		    fprintf(stderr, "Error: failed to save keys to file \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
+            }
+            break;          
+        case xmlSecAppCommandKeys:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppCryptoSimpleKeysMngrSave(gKeysMngr, argv[i], xmlSecKeyDataTypeAny) < 0) {
+                    fprintf(stderr, "Error: failed to save keys to file \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
 #ifndef XMLSEC_NO_XMLDSIG
-	case xmlSecAppCommandSign:
-	    for(i = pos; i < argc; ++i) {
-    	        if(xmlSecAppSignFile(argv[i]) < 0) {
-		    fprintf(stderr, "Error: failed to sign file \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
-	case xmlSecAppCommandVerify:
-	    for(i = pos; i < argc; ++i) {
-    	        if(xmlSecAppVerifyFile(argv[i]) < 0) {
-		    fprintf(stderr, "Error: failed to verify file \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
+        case xmlSecAppCommandSign:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppSignFile(argv[i]) < 0) {
+                    fprintf(stderr, "Error: failed to sign file \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
+        case xmlSecAppCommandVerify:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppVerifyFile(argv[i]) < 0) {
+                    fprintf(stderr, "Error: failed to verify file \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
 #ifndef XMLSEC_NO_TMPL_TEST
-	case xmlSecAppCommandSignTmpl:
-	    if(xmlSecAppSignTmpl() < 0) {
-		fprintf(stderr, "Error: failed to create and sign template\n");
-		goto fail;
-	    }
-	    break;
+        case xmlSecAppCommandSignTmpl:
+            if(xmlSecAppSignTmpl() < 0) {
+                fprintf(stderr, "Error: failed to create and sign template\n");
+                goto fail;
+            }
+            break;
 #endif /* XMLSEC_NO_TMPL_TEST */
 #endif /* XMLSEC_NO_XMLDSIG */
 
 #ifndef XMLSEC_NO_XMLENC
-	case xmlSecAppCommandEncrypt:
-	    for(i = pos; i < argc; ++i) {
-    	        if(xmlSecAppEncryptFile(argv[i]) < 0) {
-		    fprintf(stderr, "Error: failed to encrypt file with template \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
-	case xmlSecAppCommandDecrypt:
-	    for(i = pos; i < argc; ++i) {
-    	        if(xmlSecAppDecryptFile(argv[i]) < 0) {
-		    fprintf(stderr, "Error: failed to decrypt file \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
+        case xmlSecAppCommandEncrypt:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppEncryptFile(argv[i]) < 0) {
+                    fprintf(stderr, "Error: failed to encrypt file with template \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
+        case xmlSecAppCommandDecrypt:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppDecryptFile(argv[i]) < 0) {
+                    fprintf(stderr, "Error: failed to decrypt file \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
 #ifndef XMLSEC_NO_TMPL_TEST
-	case xmlSecAppCommandEncryptTmpl:
-	    if(xmlSecAppEncryptTmpl() < 0) {
-		fprintf(stderr, "Error: failed to create and encrypt template\n");
-		goto fail;
-	    }
-	    break;
+        case xmlSecAppCommandEncryptTmpl:
+            if(xmlSecAppEncryptTmpl() < 0) {
+                fprintf(stderr, "Error: failed to create and encrypt template\n");
+                goto fail;
+            }
+            break;
 #endif /* XMLSEC_NO_TMPL_TEST */
 #endif /* XMLSEC_NO_XMLENC */
 
 #ifndef XMLSEC_NO_XKMS
-	case xmlSecAppCommandXkmsServerRequest:
-	    for(i = pos; i < argc; ++i) {
-    	        if(xmlSecAppXkmsServerProcess(argv[i]) < 0) {
-		    fprintf(stderr, "Error: failed to process XKMS server request from file \"%s\"\n", argv[i]);
-		    goto fail;
-		}
-	    }
-	    break;
+        case xmlSecAppCommandXkmsServerRequest:
+            for(i = pos; i < argc; ++i) {
+                if(xmlSecAppXkmsServerProcess(argv[i]) < 0) {
+                    fprintf(stderr, "Error: failed to process XKMS server request from file \"%s\"\n", argv[i]);
+                    goto fail;
+                }
+            }
+            break;
 #endif /* XMLSEC_NO_XKMS */
-	default:
-	    fprintf(stderr, "Error: invalid command %d\n", command);
-	    xmlSecAppPrintUsage();
-	    goto fail;
-	}
+        default:
+            fprintf(stderr, "Error: invalid command %d\n", command);
+            xmlSecAppPrintUsage();
+            goto fail;
+        }
     }
 
     /* print perf stats results */
     if(xmlSecAppCmdLineParamIsSet(&repeatParam) && 
        (xmlSecAppCmdLineParamGetInt(&repeatParam, 1) > 0)) {
        
-	repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
+        repeats = xmlSecAppCmdLineParamGetInt(&repeatParam, 1);
         fprintf(stderr, "Executed %d tests in %ld msec\n", repeats, (1000 * total_time) / CLOCKS_PER_SEC);    
     }
 
@@ -1210,8 +1215,8 @@ success:
     res = 0;
 fail:
     if(gKeysMngr != NULL) {
-	xmlSecKeysMngrDestroy(gKeysMngr);
-	gKeysMngr = NULL;
+        xmlSecKeysMngrDestroy(gKeysMngr);
+        gKeysMngr = NULL;
     }
     xmlSecAppShutdown();
     xmlSecAppCmdLineParamsListClean(parameters);
@@ -1228,24 +1233,24 @@ xmlSecAppSignFile(const char* filename) {
     int res = -1;
     
     if(filename == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: dsig context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: dsig context initialization failed\n");
+        return(-1);
     }
 
     if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) {
-	fprintf(stderr, "Error: dsig context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: dsig context preparation failed\n");
+        goto done;
     }
 
     /* parse template and select start node */
     data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs);
     if(data == NULL) {
-	fprintf(stderr, "Error: failed to load template \"%s\"\n", filename);
-	goto done;
+        fprintf(stderr, "Error: failed to load template \"%s\"\n", filename);
+        goto done;
     }
 
     
@@ -1253,32 +1258,32 @@ xmlSecAppSignFile(const char* filename) {
     start_time = clock();
     if(xmlSecDSigCtxSign(&dsigCtx, data->startNode) < 0) {
         fprintf(stderr,"Error: signature failed \n");
-	goto done;
+        goto done;
     }
     total_time += clock() - start_time;    
 
     if(repeats <= 1) { 
-	FILE* f;
+        FILE* f;
         
-	f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
-	if(f == NULL) {
-	    fprintf(stderr,"Error: failed to open output file \"%s\"\n",
-		    xmlSecAppCmdLineParamGetString(&outputParam));
-	    goto done;
-	}
-	xmlDocDump(f, data->doc);
-	xmlSecAppCloseFile(f);
+        f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
+        if(f == NULL) {
+            fprintf(stderr,"Error: failed to open output file \"%s\"\n",
+                    xmlSecAppCmdLineParamGetString(&outputParam));
+            goto done;
+        }
+        xmlDocDump(f, data->doc);
+        xmlSecAppCloseFile(f);
     }
 
     res = 0;
 done:
     /* print debug info if requested */
     if(repeats <= 1) {
-    	xmlSecAppPrintDSigCtx(&dsigCtx);
+        xmlSecAppPrintDSigCtx(&dsigCtx);
     }
     xmlSecDSigCtxFinalize(&dsigCtx);
     if(data != NULL) {
-	xmlSecAppXmlDataDestroy(data);
+        xmlSecAppXmlDataDestroy(data);
     }
     return(res);
 }
@@ -1291,98 +1296,98 @@ xmlSecAppVerifyFile(const char* filename) {
     int res = -1;
     
     if(filename == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: dsig context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: dsig context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) {
-	fprintf(stderr, "Error: dsig context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: dsig context preparation failed\n");
+        goto done;
     }
     
     /* parse template and select start node */
     data = xmlSecAppXmlDataCreate(filename, xmlSecNodeSignature, xmlSecDSigNs);
     if(data == NULL) {
-	fprintf(stderr, "Error: failed to load document \"%s\"\n", filename);
-	goto done;
+        fprintf(stderr, "Error: failed to load document \"%s\"\n", filename);
+        goto done;
     }
 
     /* sign */
     start_time = clock();
     if(xmlSecDSigCtxVerify(&dsigCtx, data->startNode) < 0) {
         fprintf(stderr,"Error: signature failed \n");
-	goto done;
+        goto done;
     }
     total_time += clock() - start_time;    
 
     if((repeats <= 1) && (dsigCtx.status != xmlSecDSigStatusSucceeded)){ 
-	/* return an error if signature does not match */
-	goto done;
+        /* return an error if signature does not match */
+        goto done;
     }
 
     res = 0;
 done:
     /* print debug info if requested */
     if(repeats <= 1) {
-	xmlSecDSigReferenceCtxPtr dsigRefCtx;
-	xmlSecSize good, i, size;
-	FILE* f;
+        xmlSecDSigReferenceCtxPtr dsigRefCtx;
+        xmlSecSize good, i, size;
+        FILE* f;
         
-	f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
-	if(f == NULL) {
-	    fprintf(stderr,"Error: failed to open output file \"%s\"\n",
-		    xmlSecAppCmdLineParamGetString(&outputParam));
-	    goto done;
-	}
-	xmlSecAppCloseFile(f);
-
-	switch(dsigCtx.status) {
-	    case xmlSecDSigStatusUnknown:
-		fprintf(stderr, "ERROR\n");
-		break;
-	    case xmlSecDSigStatusSucceeded:
-		fprintf(stderr, "OK\n");
-		break;
-	    case xmlSecDSigStatusInvalid:
-		fprintf(stderr, "FAIL\n");
-		break;
-	}    
-
-	/* print stats about # of good/bad references/manifests */
-	size = xmlSecPtrListGetSize(&(dsigCtx.signedInfoReferences));
-	for(i = good = 0; i < size; ++i) {
-	    dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.signedInfoReferences), i);
-	    if(dsigRefCtx == NULL) {
-		fprintf(stderr,"Error: reference ctx is null\n");
-		goto done;
-	    }
-	    if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) {
-		++good;
-	    }
-	}
-	fprintf(stderr, "SignedInfo References (ok/all): %d/%d\n", good, size);
-
-	size = xmlSecPtrListGetSize(&(dsigCtx.manifestReferences));
-	for(i = good = 0; i < size; ++i) {
-	    dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.manifestReferences), i);
-	    if(dsigRefCtx == NULL) {
-		fprintf(stderr,"Error: reference ctx is null\n");
-		goto done;
-	    }
-	    if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) {
-		++good;
-	    }
-	}
-	fprintf(stderr, "Manifests References (ok/all): %d/%d\n", good, size);
-
-    	xmlSecAppPrintDSigCtx(&dsigCtx);
+        f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
+        if(f == NULL) {
+            fprintf(stderr,"Error: failed to open output file \"%s\"\n",
+                    xmlSecAppCmdLineParamGetString(&outputParam));
+            goto done;
+        }
+        xmlSecAppCloseFile(f);
+
+        switch(dsigCtx.status) {
+            case xmlSecDSigStatusUnknown:
+                fprintf(stderr, "ERROR\n");
+                break;
+            case xmlSecDSigStatusSucceeded:
+                fprintf(stderr, "OK\n");
+                break;
+            case xmlSecDSigStatusInvalid:
+                fprintf(stderr, "FAIL\n");
+                break;
+        }    
+
+        /* print stats about # of good/bad references/manifests */
+        size = xmlSecPtrListGetSize(&(dsigCtx.signedInfoReferences));
+        for(i = good = 0; i < size; ++i) {
+            dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.signedInfoReferences), i);
+            if(dsigRefCtx == NULL) {
+                fprintf(stderr,"Error: reference ctx is null\n");
+                goto done;
+            }
+            if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) {
+                ++good;
+            }
+        }
+        fprintf(stderr, "SignedInfo References (ok/all): %d/%d\n", good, size);
+
+        size = xmlSecPtrListGetSize(&(dsigCtx.manifestReferences));
+        for(i = good = 0; i < size; ++i) {
+            dsigRefCtx = (xmlSecDSigReferenceCtxPtr)xmlSecPtrListGetItem(&(dsigCtx.manifestReferences), i);
+            if(dsigRefCtx == NULL) {
+                fprintf(stderr,"Error: reference ctx is null\n");
+                goto done;
+            }
+            if(dsigRefCtx->status == xmlSecDSigStatusSucceeded) {
+                ++good;
+            }
+        }
+        fprintf(stderr, "Manifests References (ok/all): %d/%d\n", good, size);
+
+        xmlSecAppPrintDSigCtx(&dsigCtx);
     }
     xmlSecDSigCtxFinalize(&dsigCtx);
     if(data != NULL) {
-	xmlSecAppXmlDataDestroy(data);
+        xmlSecAppXmlDataDestroy(data);
     }
     return(res);
 }
@@ -1397,109 +1402,109 @@ xmlSecAppSignTmpl(void) {
     int res = -1;
         
     if(xmlSecDSigCtxInitialize(&dsigCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: dsig context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: dsig context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareDSigCtx(&dsigCtx) < 0) {
-	fprintf(stderr, "Error: dsig context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: dsig context preparation failed\n");
+        goto done;
     }
     
     /* prepare template */
     doc = xmlNewDoc(BAD_CAST "1.0");
     if(doc == NULL) {
-	fprintf(stderr, "Error: failed to create doc\n");
-	goto done;
+        fprintf(stderr, "Error: failed to create doc\n");
+        goto done;
     }
     
     cur = xmlSecTmplSignatureCreate(doc, xmlSecTransformInclC14NId,
-				    xmlSecTransformHmacSha1Id, NULL);
+                                    xmlSecTransformHmacSha1Id, NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to create Signature node\n");
-	goto done;
+        fprintf(stderr, "Error: failed to create Signature node\n");
+        goto done;
     }
     xmlDocSetRootElement(doc, cur);
 
     /* set hmac signature length */
     cur = xmlSecTmplSignatureGetSignMethodNode(xmlDocGetRootElement(doc));
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to find SignatureMethod node\n");
-	goto done;
+        fprintf(stderr, "Error: failed to find SignatureMethod node\n");
+        goto done;
     }
     if(xmlSecTmplTransformAddHmacOutputLength(cur, 93) < 0) {
-	fprintf(stderr, "Error: failed to set hmac length\n");
-	goto done;
+        fprintf(stderr, "Error: failed to set hmac length\n");
+        goto done;
     }
     
     cur = xmlSecTmplSignatureAddReference(xmlDocGetRootElement(doc), 
-				    xmlSecTransformSha1Id, 
-				    BAD_CAST "ref1", NULL, NULL);
+                                    xmlSecTransformSha1Id, 
+                                    BAD_CAST "ref1", NULL, NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to add Reference node\n");
-	goto done;
+        fprintf(stderr, "Error: failed to add Reference node\n");
+        goto done;
     }
     
     cur = xmlSecTmplReferenceAddTransform(cur, xmlSecTransformXPath2Id);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to add XPath transform\n");
-	goto done;
+        fprintf(stderr, "Error: failed to add XPath transform\n");
+        goto done;
     }
     
     if(xmlSecTmplTransformAddXPath2(cur, BAD_CAST "intersect", 
-				    BAD_CAST "//*[@Id='object1']", NULL) < 0) {
-	fprintf(stderr, "Error: failed to set XPath expression\n");
-	goto done;    
+                                    BAD_CAST "//*[@Id='object1']", NULL) < 0) {
+        fprintf(stderr, "Error: failed to set XPath expression\n");
+        goto done;    
     }
     
     cur = xmlSecTmplSignatureAddObject(xmlDocGetRootElement(doc), 
-				    BAD_CAST "object1", NULL, NULL);
+                                    BAD_CAST "object1", NULL, NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to add Object node\n");
-	goto done;
+        fprintf(stderr, "Error: failed to add Object node\n");
+        goto done;
     }
     xmlNodeSetContent(cur, BAD_CAST "This is signed data");
 
     /* add key information */
     cur = xmlSecTmplSignatureEnsureKeyInfo(xmlDocGetRootElement(doc), NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to add KeyInfo node\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to add KeyInfo node\n");
+        goto done;      
     }
     if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add KeyName node\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to add KeyName node\n");
+        goto done;      
     }
     
     /* sign */
     start_time = clock();
     if(xmlSecDSigCtxSign(&dsigCtx, xmlDocGetRootElement(doc)) < 0) {
         fprintf(stderr,"Error: signature failed \n");
-	goto done;
+        goto done;
     }
     total_time += clock() - start_time;    
 
     if(repeats <= 1) { 
-	FILE* f;
+        FILE* f;
         
-	f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
-	if(f == NULL) {
-	    fprintf(stderr,"Error: failed to open output file \"%s\"\n",
-		    xmlSecAppCmdLineParamGetString(&outputParam));
-	    goto done;
-	}
-	xmlDocDump(f, doc);
-	xmlSecAppCloseFile(f);
+        f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
+        if(f == NULL) {
+            fprintf(stderr,"Error: failed to open output file \"%s\"\n",
+                    xmlSecAppCmdLineParamGetString(&outputParam));
+            goto done;
+        }
+        xmlDocDump(f, doc);
+        xmlSecAppCloseFile(f);
     }
 
     res = 0;
 done:
     /* print debug info if requested */
     if(repeats <= 1) {
-    	xmlSecAppPrintDSigCtx(&dsigCtx);
+        xmlSecAppPrintDSigCtx(&dsigCtx);
     }
     xmlSecDSigCtxFinalize(&dsigCtx);
     if(doc != NULL) {
-	xmlFreeDoc(doc);
+        xmlFreeDoc(doc);
     }
     return(res);
 }
@@ -1508,51 +1513,51 @@ done:
 static int
 xmlSecAppPrepareDSigCtx(xmlSecDSigCtxPtr dsigCtx) {
     if(dsigCtx == NULL) {
-	fprintf(stderr, "Error: dsig context is null\n");
-	return(-1);
+        fprintf(stderr, "Error: dsig context is null\n");
+        return(-1);
     }
 
     /* set key info params */
     if(xmlSecAppPrepareKeyInfoReadCtx(&(dsigCtx->keyInfoReadCtx)) < 0) {
-	fprintf(stderr, "Error: failed to prepare key info context\n");
-	return(-1);
+        fprintf(stderr, "Error: failed to prepare key info context\n");
+        return(-1);
     }
 
     if(xmlSecAppCmdLineParamGetString(&sessionKeyParam) != NULL) {
-	dsigCtx->signKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam),
-				NULL, xmlSecKeyDataTypeSession);
-	if(dsigCtx->signKey == NULL) {
-	    fprintf(stderr, "Error: failed to generate a session key \"%s\"\n",
-		    xmlSecAppCmdLineParamGetString(&sessionKeyParam));
-	    return(-1);
-	}
+        dsigCtx->signKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam),
+                                NULL, xmlSecKeyDataTypeSession);
+        if(dsigCtx->signKey == NULL) {
+            fprintf(stderr, "Error: failed to generate a session key \"%s\"\n",
+                    xmlSecAppCmdLineParamGetString(&sessionKeyParam));
+            return(-1);
+        }
     }
 
     /* set dsig params */
     if(xmlSecAppCmdLineParamIsSet(&ignoreManifestsParam)) {
-	dsigCtx->flags |= XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS; 
+        dsigCtx->flags |= XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS; 
     }
     if(xmlSecAppCmdLineParamIsSet(&storeReferencesParam)) {
-	dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
-			  XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES; 
-	print_debug = 1;
+        dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
+                          XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES; 
+        print_debug = 1;
     }
     if(xmlSecAppCmdLineParamIsSet(&storeSignaturesParam)) {
-	dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE; 
-	print_debug = 1;
+        dsigCtx->flags |= XMLSEC_DSIG_FLAGS_STORE_SIGNATURE; 
+        print_debug = 1;
     }
     if(xmlSecAppCmdLineParamIsSet(&enableVisa3DHackParam)) {
-	dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK; 
+        dsigCtx->flags |= XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK; 
     }
     
     if(xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam) != NULL) {
-	dsigCtx->enabledReferenceUris = xmlSecAppGetUriType(
-		    xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam));
-	if(dsigCtx->enabledReferenceUris == xmlSecTransformUriTypeNone) {
-	    fprintf(stderr, "Error: failed to parse \"%s\"\n",
-		    xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam));
-	    return(-1);
-	}
+        dsigCtx->enabledReferenceUris = xmlSecAppGetUriType(
+                    xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam));
+        if(dsigCtx->enabledReferenceUris == xmlSecTransformUriTypeNone) {
+            fprintf(stderr, "Error: failed to parse \"%s\"\n",
+                    xmlSecAppCmdLineParamGetStringList(&enabledRefUrisParam));
+            return(-1);
+        }
     }
 
     return(0);
@@ -1561,20 +1566,20 @@ xmlSecAppPrepareDSigCtx(xmlSecDSigCtxPtr dsigCtx) {
 static void
 xmlSecAppPrintDSigCtx(xmlSecDSigCtxPtr dsigCtx) { 
     if(dsigCtx == NULL) {
-	return;
+        return;
     }
 
     if(xmlSecAppCmdLineParamIsSet(&printDebugParam) || xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) { 
-	print_debug = 0;
+        print_debug = 0;
     }
     
     /* print debug info if requested */
     if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) {
-	xmlSecDSigCtxDebugDump(dsigCtx, stdout);
+        xmlSecDSigCtxDebugDump(dsigCtx, stdout);
     }
     
-    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {	   
-	xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout);
+    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {          
+        xmlSecDSigCtxDebugXmlDump(dsigCtx, stdout);
     }
 }
 
@@ -1591,89 +1596,89 @@ xmlSecAppEncryptFile(const char* filename) {
     int res = -1;
 
     if(filename == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: enc context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: enc context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareEncCtx(&encCtx) < 0) {
-	fprintf(stderr, "Error: enc context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: enc context preparation failed\n");
+        goto done;
     }
 
     /* parse doc and find template node */
     doc = xmlSecParseFile(filename);
     if(doc == NULL) {
-	fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", 
-		filename);
-	goto done;
+        fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", 
+                filename);
+        goto done;
     }
     startTmplNode = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(startTmplNode == NULL) {
-	fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", 
-		xmlSecNodeEncryptedData);
-	goto done;
+        fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", 
+                xmlSecNodeEncryptedData);
+        goto done;
     }
 
     if(xmlSecAppCmdLineParamGetString(&binaryDataParam) != NULL) {
-	/* encrypt */
-	start_time = clock();            
-	if(xmlSecEncCtxUriEncrypt(&encCtx, startTmplNode, BAD_CAST xmlSecAppCmdLineParamGetString(&binaryDataParam)) < 0) {
-	    fprintf(stderr, "Error: failed to encrypt file \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&binaryDataParam));
-	    goto done;
-	}
-	total_time += clock() - start_time;    
+        /* encrypt */
+        start_time = clock();            
+        if(xmlSecEncCtxUriEncrypt(&encCtx, startTmplNode, BAD_CAST xmlSecAppCmdLineParamGetString(&binaryDataParam)) < 0) {
+            fprintf(stderr, "Error: failed to encrypt file \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&binaryDataParam));
+            goto done;
+        }
+        total_time += clock() - start_time;    
     } else if(xmlSecAppCmdLineParamGetString(&xmlDataParam) != NULL) {
-	/* parse file and select node for encryption */
+        /* parse file and select node for encryption */
         data = xmlSecAppXmlDataCreate(xmlSecAppCmdLineParamGetString(&xmlDataParam), NULL, NULL);
-	if(data == NULL) {
-	    fprintf(stderr, "Error: failed to load file \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&xmlDataParam));
-	    goto done;
-	}
-
-	/* encrypt */
-	start_time = clock();            
-	if(xmlSecEncCtxXmlEncrypt(&encCtx, startTmplNode, data->startNode) < 0) {
-	    fprintf(stderr, "Error: failed to encrypt xml file \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&xmlDataParam));
-	    goto done;
-	}
-	total_time += clock() - start_time;    
+        if(data == NULL) {
+            fprintf(stderr, "Error: failed to load file \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&xmlDataParam));
+            goto done;
+        }
+
+        /* encrypt */
+        start_time = clock();            
+        if(xmlSecEncCtxXmlEncrypt(&encCtx, startTmplNode, data->startNode) < 0) {
+            fprintf(stderr, "Error: failed to encrypt xml file \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&xmlDataParam));
+            goto done;
+        }
+        total_time += clock() - start_time;    
     } else {
-	fprintf(stderr, "Error: encryption data not specified (use \"--xml\" or \"--binary\" options)\n");
-	goto done;
+        fprintf(stderr, "Error: encryption data not specified (use \"--xml\" or \"--binary\" options)\n");
+        goto done;
     }
     
     /* print out result only once per execution */
     if(repeats <= 1) {
-	if(encCtx.resultReplaced) {
-	    if(xmlSecAppWriteResult((data != NULL) ? data->doc : doc, NULL) < 0) {
-		goto done;
-	    }
-	} else {
-	    if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
-		goto done;
-	    }
-	}	
+        if(encCtx.resultReplaced) {
+            if(xmlSecAppWriteResult((data != NULL) ? data->doc : doc, NULL) < 0) {
+                goto done;
+            }
+        } else {
+            if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
+                goto done;
+            }
+        }       
     }
     res = 0;    
 
 done:
     /* print debug info if requested */
     if(repeats <= 1) {
-    	xmlSecAppPrintEncCtx(&encCtx);
+        xmlSecAppPrintEncCtx(&encCtx);
     }
     xmlSecEncCtxFinalize(&encCtx);
 
     if(data != NULL) {
-	xmlSecAppXmlDataDestroy(data);
+        xmlSecAppXmlDataDestroy(data);
     }
     if(doc != NULL) {
-	xmlFreeDoc(doc);
+        xmlFreeDoc(doc);
     }
     return(res);
 }
@@ -1686,43 +1691,43 @@ xmlSecAppDecryptFile(const char* filename) {
     int res = -1;
 
     if(filename == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: enc context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: enc context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareEncCtx(&encCtx) < 0) {
-	fprintf(stderr, "Error: enc context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: enc context preparation failed\n");
+        goto done;
     }
 
     /* parse template and select start node */
     data = xmlSecAppXmlDataCreate(filename, xmlSecNodeEncryptedData, xmlSecEncNs);
     if(data == NULL) {
-	fprintf(stderr, "Error: failed to load template \"%s\"\n", filename);
-	goto done;
+        fprintf(stderr, "Error: failed to load template \"%s\"\n", filename);
+        goto done;
     }
 
     start_time = clock();  
     if(xmlSecEncCtxDecrypt(&encCtx, data->startNode) < 0) {
-	fprintf(stderr, "Error: failed to decrypt file\n");
-	goto done;
+        fprintf(stderr, "Error: failed to decrypt file\n");
+        goto done;
     }
     total_time += clock() - start_time;    
     
     /* print out result only once per execution */
     if(repeats <= 1) {
-	if(encCtx.resultReplaced) {
-	    if(xmlSecAppWriteResult(data->doc, NULL) < 0) {
-		goto done;
-	    }
-	} else {
-	    if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
-		goto done;
-	    }
-	}	
+        if(encCtx.resultReplaced) {
+            if(xmlSecAppWriteResult(data->doc, NULL) < 0) {
+                goto done;
+            }
+        } else {
+            if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
+                goto done;
+            }
+        }       
     }
     res = 0;    
 
@@ -1734,7 +1739,7 @@ done:
     xmlSecEncCtxFinalize(&encCtx);
 
     if(data != NULL) {
-	xmlSecAppXmlDataDestroy(data);
+        xmlSecAppXmlDataDestroy(data);
     }
     return(res);
 }
@@ -1750,76 +1755,76 @@ xmlSecAppEncryptTmpl(void) {
     int res = -1;
 
     if(xmlSecEncCtxInitialize(&encCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: enc context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: enc context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareEncCtx(&encCtx) < 0) {
-	fprintf(stderr, "Error: enc context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: enc context preparation failed\n");
+        goto done;
     }
 
     /* prepare template */
     doc = xmlNewDoc(BAD_CAST "1.0");
     if(doc == NULL) {
-	fprintf(stderr, "Error: failed to create doc\n");
-	goto done;
+        fprintf(stderr, "Error: failed to create doc\n");
+        goto done;
     }
 
     cur = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId, 
-				  NULL, NULL, NULL, NULL);
+                                  NULL, NULL, NULL, NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to encryption template\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to encryption template\n");
+        goto done;      
     }
     xmlDocSetRootElement(doc, cur);
 
     if(xmlSecTmplEncDataEnsureCipherValue(xmlDocGetRootElement(doc)) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;      
     }
 
     /* add key information */
     cur = xmlSecTmplEncDataEnsureKeyInfo(xmlDocGetRootElement(doc), NULL);
     if(cur == NULL) {
-	fprintf(stderr, "Error: failed to add KeyInfo node\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to add KeyInfo node\n");
+        goto done;      
     }
     if(xmlSecTmplKeyInfoAddKeyName(cur, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add KeyName node\n");
-	goto done;	
+        fprintf(stderr, "Error: failed to add KeyName node\n");
+        goto done;      
     }
 
     /* encrypt */
     start_time = clock();            
     if(xmlSecEncCtxBinaryEncrypt(&encCtx, xmlDocGetRootElement(doc), 
-				(const xmlSecByte*)data, strlen(data)) < 0) {
-	fprintf(stderr, "Error: failed to encrypt data\n");
-	goto done;	
+                                (const xmlSecByte*)data, strlen(data)) < 0) {
+        fprintf(stderr, "Error: failed to encrypt data\n");
+        goto done;      
     }
     total_time += clock() - start_time;    
     
     /* print out result only once per execution */
     if(repeats <= 1) {
-	if(encCtx.resultReplaced) {
-	    if(xmlSecAppWriteResult(doc, NULL) < 0) {
-		goto done;
-	    }
-	} else {
-	    if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
-		goto done;
-	    }
-	}	
+        if(encCtx.resultReplaced) {
+            if(xmlSecAppWriteResult(doc, NULL) < 0) {
+                goto done;
+            }
+        } else {
+            if(xmlSecAppWriteResult(NULL, encCtx.result) < 0) {
+                goto done;
+            }
+        }       
     }
     res = 0;    
 
 done:
     /* print debug info if requested */
     if(repeats <= 1) {
-    	xmlSecAppPrintEncCtx(&encCtx);
+        xmlSecAppPrintEncCtx(&encCtx);
     }
     xmlSecEncCtxFinalize(&encCtx);
     if(doc != NULL) {
-	xmlFreeDoc(doc);
+        xmlFreeDoc(doc);
     }
     return(res);
 }
@@ -1828,34 +1833,34 @@ done:
 static int
 xmlSecAppPrepareEncCtx(xmlSecEncCtxPtr encCtx) {    
     if(encCtx == NULL) {
-	fprintf(stderr, "Error: enc context is null\n");
-	return(-1);
+        fprintf(stderr, "Error: enc context is null\n");
+        return(-1);
     }
 
     /* set key info params */
     if(xmlSecAppPrepareKeyInfoReadCtx(&(encCtx->keyInfoReadCtx)) < 0) {
-	fprintf(stderr, "Error: failed to prepare key info context\n");
-	return(-1);
+        fprintf(stderr, "Error: failed to prepare key info context\n");
+        return(-1);
     }
 
     if(xmlSecAppCmdLineParamGetString(&sessionKeyParam) != NULL) {
-	encCtx->encKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam),
-				NULL, xmlSecKeyDataTypeSession);
-	if(encCtx->encKey == NULL) {
-	    fprintf(stderr, "Error: failed to generate a session key \"%s\"\n",
-		    xmlSecAppCmdLineParamGetString(&sessionKeyParam));
-	    return(-1);
-	}
+        encCtx->encKey = xmlSecAppCryptoKeyGenerate(xmlSecAppCmdLineParamGetString(&sessionKeyParam),
+                                NULL, xmlSecKeyDataTypeSession);
+        if(encCtx->encKey == NULL) {
+            fprintf(stderr, "Error: failed to generate a session key \"%s\"\n",
+                    xmlSecAppCmdLineParamGetString(&sessionKeyParam));
+            return(-1);
+        }
     }
 
     if(xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam) != NULL) {
-	encCtx->transformCtx.enabledUris = xmlSecAppGetUriType(
-		    xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam));
-	if(encCtx->transformCtx.enabledUris == xmlSecTransformUriTypeNone) {
-	    fprintf(stderr, "Error: failed to parse \"%s\"\n",
-		    xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam));
-	    return(-1);
-	}
+        encCtx->transformCtx.enabledUris = xmlSecAppGetUriType(
+                    xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam));
+        if(encCtx->transformCtx.enabledUris == xmlSecTransformUriTypeNone) {
+            fprintf(stderr, "Error: failed to parse \"%s\"\n",
+                    xmlSecAppCmdLineParamGetStringList(&enabledCipherRefUrisParam));
+            return(-1);
+        }
     }
     return(0);
 }
@@ -1863,16 +1868,16 @@ xmlSecAppPrepareEncCtx(xmlSecEncCtxPtr encCtx) {
 static void 
 xmlSecAppPrintEncCtx(xmlSecEncCtxPtr encCtx) {
     if(encCtx == NULL) {
-	return;
+        return;
     }
     
     /* print debug info if requested */
     if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) {
-	xmlSecEncCtxDebugDump(encCtx, stdout);
+        xmlSecEncCtxDebugDump(encCtx, stdout);
     }
     
-    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {	   
-	xmlSecEncCtxDebugXmlDump(encCtx, stdout);
+    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {          
+        xmlSecEncCtxDebugXmlDump(encCtx, stdout);
     }
 }
 
@@ -1890,48 +1895,48 @@ xmlSecAppXkmsServerProcess(const char* filename) {
     int res = -1;
 
     if(filename == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(xmlSecXkmsServerCtxInitialize(&xkmsServerCtx, gKeysMngr) < 0) {
-	fprintf(stderr, "Error: XKMS server context initialization failed\n");
-	return(-1);
+        fprintf(stderr, "Error: XKMS server context initialization failed\n");
+        return(-1);
     }
     if(xmlSecAppPrepareXkmsServerCtx(&xkmsServerCtx) < 0) {
-	fprintf(stderr, "Error: XKMS server context preparation failed\n");
-	goto done;
+        fprintf(stderr, "Error: XKMS server context preparation failed\n");
+        goto done;
     }
 
     /* get the input format */
     if(xmlSecAppCmdLineParamGetString(&xkmsFormatParam) != NULL) {
-	format = xmlSecXkmsServerFormatFromString(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsFormatParam));
-	if(format == xmlSecXkmsServerFormatUnknown) {
-	    fprintf(stderr, "Error: unknown format \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&xkmsFormatParam));
-	    return(-1);    
-	}
+        format = xmlSecXkmsServerFormatFromString(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsFormatParam));
+        if(format == xmlSecXkmsServerFormatUnknown) {
+            fprintf(stderr, "Error: unknown format \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&xkmsFormatParam));
+            return(-1);    
+        }
     }
 
     /* parse template and select start node, there are multiple options
      * for start node thus we don't provide the default start node name */
     data = xmlSecAppXmlDataCreate(filename, NULL, NULL);
     if(data == NULL) {
-	fprintf(stderr, "Error: failed to load request from file \"%s\"\n", filename);
-	goto done;
+        fprintf(stderr, "Error: failed to load request from file \"%s\"\n", filename);
+        goto done;
     }
 
     /* prepare result document */
     doc = xmlNewDoc(BAD_CAST "1.0");
     if(doc == NULL) {
-	fprintf(stderr, "Error: failed to create doc\n");
-	goto done;
+        fprintf(stderr, "Error: failed to create doc\n");
+        goto done;
     }
 
     start_time = clock();          
     result = xmlSecXkmsServerCtxProcess(&xkmsServerCtx, data->startNode, format, doc);
     if(result == NULL) {
-	fprintf(stderr, "Error: failed to process xkms server request\n");
-	goto done;
+        fprintf(stderr, "Error: failed to process xkms server request\n");
+        goto done;
     }
     total_time += clock() - start_time;    
 
@@ -1939,9 +1944,9 @@ xmlSecAppXkmsServerProcess(const char* filename) {
     /* print out result only once per execution */
     xmlDocSetRootElement(doc, result);
     if(repeats <= 1) {
-	if(xmlSecAppWriteResult(doc, NULL) < 0) {
-	    goto done;
-	}
+        if(xmlSecAppWriteResult(doc, NULL) < 0) {
+            goto done;
+        }
     }
 
     res = 0;    
@@ -1954,10 +1959,10 @@ done:
     xmlSecXkmsServerCtxFinalize(&xkmsServerCtx);
 
     if(doc != NULL) {
-	xmlFreeDoc(doc);
+        xmlFreeDoc(doc);
     }
     if(data != NULL) {
-	xmlSecAppXmlDataDestroy(data);
+        xmlSecAppXmlDataDestroy(data);
     }
     return(res);
 }
@@ -1965,33 +1970,33 @@ done:
 static int
 xmlSecAppPrepareXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) {    
     if(xkmsServerCtx == NULL) {
-	fprintf(stderr, "Error: XKMS context is null\n");
-	return(-1);
+        fprintf(stderr, "Error: XKMS context is null\n");
+        return(-1);
     }
 
     /* set key info params */
     if(xmlSecAppPrepareKeyInfoReadCtx(&(xkmsServerCtx->keyInfoReadCtx)) < 0) {
-	fprintf(stderr, "Error: failed to prepare key info context\n");
-	return(-1);
+        fprintf(stderr, "Error: failed to prepare key info context\n");
+        return(-1);
     }
 
     if(xmlSecAppCmdLineParamGetString(&xkmsServiceParam) != NULL) {
-	xkmsServerCtx->expectedService = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsServiceParam));
-	if(xkmsServerCtx->expectedService == NULL) {
-	    fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&xkmsServiceParam));
-	    return(-1);    
-	}
+        xkmsServerCtx->expectedService = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&xkmsServiceParam));
+        if(xkmsServerCtx->expectedService == NULL) {
+            fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&xkmsServiceParam));
+            return(-1);    
+        }
     }
     
     if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownResponseMechanismParam)) {
-	xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM;
+        xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM;
     }
     if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownRespondWithParam)) {
-	xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH;
+        xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH;
     }
     if(xmlSecAppCmdLineParamIsSet(&xkmsStopUnknownKeyUsageParam)) {
-	xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE;
+        xkmsServerCtx->flags |= XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE;
     }
     return(0);
 }
@@ -1999,16 +2004,16 @@ xmlSecAppPrepareXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) {
 static void 
 xmlSecAppPrintXkmsServerCtx(xmlSecXkmsServerCtxPtr xkmsServerCtx) {
     if(xkmsServerCtx == NULL) {
-	return;
+        return;
     }
     
     /* print debug info if requested */
     if((print_debug != 0) || xmlSecAppCmdLineParamIsSet(&printDebugParam)) {
-	xmlSecXkmsServerCtxDebugDump(xkmsServerCtx, stdout);
+        xmlSecXkmsServerCtxDebugDump(xkmsServerCtx, stdout);
     }
     
-    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {	   
-	xmlSecXkmsServerCtxDebugXmlDump(xkmsServerCtx, stdout);
+    if(xmlSecAppCmdLineParamIsSet(&printXmlDebugParam)) {          
+        xmlSecXkmsServerCtxDebugXmlDump(xkmsServerCtx, stdout);
     }
 }
 
@@ -2048,56 +2053,56 @@ xmlSecAppPrepareKeyInfoReadCtx(xmlSecKeyInfoCtxPtr keyInfoCtx) {
     int ret;
     
     if(keyInfoCtx == NULL) {
-	fprintf(stderr, "Error: key info context is null\n");
-	return(-1);
+        fprintf(stderr, "Error: key info context is null\n");
+        return(-1);
     }
 
 #ifndef XMLSEC_NO_X509
     if(xmlSecAppCmdLineParamIsSet(&verificationTimeParam)) {
-	keyInfoCtx->certsVerificationTime = xmlSecAppCmdLineParamGetTime(&verificationTimeParam, 0);
+        keyInfoCtx->certsVerificationTime = xmlSecAppCmdLineParamGetTime(&verificationTimeParam, 0);
     }
     if(xmlSecAppCmdLineParamIsSet(&depthParam)) {
-	keyInfoCtx->certsVerificationDepth = xmlSecAppCmdLineParamGetInt(&depthParam, 0);
+        keyInfoCtx->certsVerificationDepth = xmlSecAppCmdLineParamGetInt(&depthParam, 0);
     }
     if(xmlSecAppCmdLineParamIsSet(&X509SkipStrictChecksParam)) {
-	keyInfoCtx->flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS;
+        keyInfoCtx->flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS;
     }
 #endif /* XMLSEC_NO_X509 */
 
     /* read enabled key data list */
     for(value = enabledKeyDataParam.value; value != NULL; value = value->next) {
-	if(value->strListValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    enabledKeyDataParam.fullName);
-	    return(-1);
-	} else {
-	    xmlSecKeyDataId dataId;
-	    const char* p;
-	    
-	    for(p = value->strListValue; (p != NULL) && ((*p) != '\0'); p += strlen(p)) {
-		dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST p, xmlSecKeyDataUsageAny);
-		if(dataId == xmlSecKeyDataIdUnknown) {
-		    fprintf(stderr, "Error: key data \"%s\" is unknown.\n", p);
-		    return(-1);
-		}
-		ret = xmlSecPtrListAdd(&(keyInfoCtx->enabledKeyData), (const xmlSecPtr)dataId);
-		if(ret < 0) {
-		    fprintf(stderr, "Error: failed to enable key data \"%s\".\n", p);
-		    return(-1);
-		}
-	    }
-	}
+        if(value->strListValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    enabledKeyDataParam.fullName);
+            return(-1);
+        } else {
+            xmlSecKeyDataId dataId;
+            const char* p;
+            
+            for(p = value->strListValue; (p != NULL) && ((*p) != '\0'); p += strlen(p)) {
+                dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), BAD_CAST p, xmlSecKeyDataUsageAny);
+                if(dataId == xmlSecKeyDataIdUnknown) {
+                    fprintf(stderr, "Error: key data \"%s\" is unknown.\n", p);
+                    return(-1);
+                }
+                ret = xmlSecPtrListAdd(&(keyInfoCtx->enabledKeyData), (const xmlSecPtr)dataId);
+                if(ret < 0) {
+                    fprintf(stderr, "Error: failed to enable key data \"%s\".\n", p);
+                    return(-1);
+                }
+            }
+        }
     }
 
     /* read enabled RetrievalMethod uris */
     if(xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam) != NULL) {
-	keyInfoCtx->retrievalMethodCtx.enabledUris = xmlSecAppGetUriType(
-		    xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam));
-	if(keyInfoCtx->retrievalMethodCtx.enabledUris == xmlSecTransformUriTypeNone) {
-	    fprintf(stderr, "Error: failed to parse \"%s\"\n",
-		    xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam));
-	    return(-1);
-	}
+        keyInfoCtx->retrievalMethodCtx.enabledUris = xmlSecAppGetUriType(
+                    xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam));
+        if(keyInfoCtx->retrievalMethodCtx.enabledUris == xmlSecTransformUriTypeNone) {
+            fprintf(stderr, "Error: failed to parse \"%s\"\n",
+                    xmlSecAppCmdLineParamGetStringList(&enabledRetrievalMethodUrisParam));
+            return(-1);
+        }
     }
 
     return(0);
@@ -2108,290 +2113,290 @@ xmlSecAppLoadKeys(void) {
     xmlSecAppCmdLineValuePtr value;
     
     if(gKeysMngr != NULL) {
-	fprintf(stderr, "Error: keys manager already initialized.\n");
-	return(-1);	
+        fprintf(stderr, "Error: keys manager already initialized.\n");
+        return(-1);     
     }    
 
     /* create and initialize keys manager */
     gKeysMngr = xmlSecKeysMngrCreate();
     if(gKeysMngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(-1);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(-1);
     }
     if(xmlSecAppCryptoSimpleKeysMngrInit(gKeysMngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	return(-1);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        return(-1);
     }    
 
     /* generate new key file */
     for(value = genKeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", genKeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyGenerate(gKeysMngr, value->strValue, value->paramNameValue) < 0) {
-	    fprintf(stderr, "Error: failed to generate key \"%s\".\n", value->strValue);
-	    return(-1);
-	}	
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", genKeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyGenerate(gKeysMngr, value->strValue, value->paramNameValue) < 0) {
+            fprintf(stderr, "Error: failed to generate key \"%s\".\n", value->strValue);
+            return(-1);
+        }       
     }
 
     /* read all xml key files */
     for(value = keysFileParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", keysFileParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrLoad(gKeysMngr, value->strValue) < 0) {
-	    fprintf(stderr, "Error: failed to load xml keys file \"%s\".\n", value->strValue);
-	    return(-1);
-	}	
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", keysFileParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrLoad(gKeysMngr, value->strValue) < 0) {
+            fprintf(stderr, "Error: failed to load xml keys file \"%s\".\n", value->strValue);
+            return(-1);
+        }       
     }
 
     /* read all private keys */
     for(value = privkeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    privkeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue, 
-		    xmlSecKeyDataFormatPem) < 0) {
-	    fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    privkeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue, 
+                    xmlSecKeyDataFormatPem) < 0) {
+            fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     for(value = privkeyDerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    privkeyDerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatDer) < 0) {
-	    fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    privkeyDerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatDer) < 0) {
+            fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     for(value = pkcs8PemParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pkcs8PemParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatPkcs8Pem) < 0) {
-	    fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pkcs8PemParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatPkcs8Pem) < 0) {
+            fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     for(value = pkcs8DerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pkcs8DerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatPkcs8Der) < 0) {
-	    fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pkcs8DerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatPkcs8Der) < 0) {
+            fprintf(stderr, "Error: failed to load private key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     /* read all public keys */
     for(value = pubkeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pubkeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatPem) < 0) {
-	    fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pubkeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatPem) < 0) {
+            fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     for(value = pubkeyDerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pubkeyDerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatDer) < 0) {
-	    fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pubkeyDerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatDer) < 0) {
+            fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
 #ifndef XMLSEC_NO_AES    
     /* read all AES keys */
     for(value = aeskeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    aeskeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
-		    "aes", value->strValue, value->paramNameValue) < 0) {
-	    fprintf(stderr, "Error: failed to load aes key from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    aeskeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
+                    "aes", value->strValue, value->paramNameValue) < 0) {
+            fprintf(stderr, "Error: failed to load aes key from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 #endif /* XMLSEC_NO_AES */ 
 
 #ifndef XMLSEC_NO_DES    
     /* read all des keys */
     for(value = deskeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    deskeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
-		    "des", value->strValue, value->paramNameValue) < 0) {
-	    fprintf(stderr, "Error: failed to load des key from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    deskeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
+                    "des", value->strValue, value->paramNameValue) < 0) {
+            fprintf(stderr, "Error: failed to load des key from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 #endif /* XMLSEC_NO_DES */ 
 
 #ifndef XMLSEC_NO_HMAC    
     /* read all hmac keys */
     for(value = hmackeyParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    hmackeyParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
-		    "hmac", value->strValue, value->paramNameValue) < 0) {
-	    fprintf(stderr, "Error: failed to load hmac key from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    hmackeyParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrBinaryKeyLoad(gKeysMngr, 
+                    "hmac", value->strValue, value->paramNameValue) < 0) {
+            fprintf(stderr, "Error: failed to load hmac key from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 #endif /* XMLSEC_NO_HMAC */ 
 
 #ifndef XMLSEC_NO_X509
     /* read all pkcs12 files */
     for(value = pkcs12Param.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", pkcs12Param.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(gKeysMngr, 
-		    value->strValue,
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue) < 0) {
-	    fprintf(stderr, "Error: failed to load pkcs12 key from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", pkcs12Param.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrPkcs12KeyLoad(gKeysMngr, 
+                    value->strValue,
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue) < 0) {
+            fprintf(stderr, "Error: failed to load pkcs12 key from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 
     /* read all trusted certs */
     for(value = trustedParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
-		    value->strValue, xmlSecKeyDataFormatPem,
-		    xmlSecKeyDataTypeTrusted) < 0) {
-	    fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
+                    value->strValue, xmlSecKeyDataFormatPem,
+                    xmlSecKeyDataTypeTrusted) < 0) {
+            fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
     for(value = trustedDerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedDerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
-		    value->strValue, xmlSecKeyDataFormatDer,
-		    xmlSecKeyDataTypeTrusted) < 0) {
-	    fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", trustedDerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
+                    value->strValue, xmlSecKeyDataFormatDer,
+                    xmlSecKeyDataTypeTrusted) < 0) {
+            fprintf(stderr, "Error: failed to load trusted cert from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 
 
     /* read all public keys in certs */
     for(value = pubkeyCertParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pubkeyCertParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatCertPem) < 0) {
-	    fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pubkeyCertParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatCertPem) < 0) {
+            fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
     for(value = pubkeyCertDerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    pubkeyCertDerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
-		    value->strListValue, 
-		    xmlSecAppCmdLineParamGetString(&pwdParam),
-		    value->paramNameValue,
-		    xmlSecKeyDataFormatCertDer) < 0) {
-	    fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
-		    value->strListValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    pubkeyCertDerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad(gKeysMngr, 
+                    value->strListValue, 
+                    xmlSecAppCmdLineParamGetString(&pwdParam),
+                    value->paramNameValue,
+                    xmlSecKeyDataFormatCertDer) < 0) {
+            fprintf(stderr, "Error: failed to load public key from \"%s\".\n", 
+                    value->strListValue);
+            return(-1);
+        }
     }
 
 
     /* read all untrusted certs */
     for(value = untrustedParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
-		    value->strValue, xmlSecKeyDataFormatPem,
-		    xmlSecKeyDataTypeNone) < 0) {
-	    fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
+                    value->strValue, xmlSecKeyDataFormatPem,
+                    xmlSecKeyDataTypeNone) < 0) {
+            fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
     for(value = untrustedDerParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedDerParam.fullName);
-	    return(-1);
-	} else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
-		    value->strValue, xmlSecKeyDataFormatDer,
-		    xmlSecKeyDataTypeNone) < 0) {
-	    fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
-		    value->strValue);
-	    return(-1);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", untrustedDerParam.fullName);
+            return(-1);
+        } else if(xmlSecAppCryptoSimpleKeysMngrCertLoad(gKeysMngr, 
+                    value->strValue, xmlSecKeyDataFormatDer,
+                    xmlSecKeyDataTypeNone) < 0) {
+            fprintf(stderr, "Error: failed to load untrusted cert from \"%s\".\n",
+                    value->strValue);
+            return(-1);
+        }
     }
 
 #endif /* XMLSEC_NO_X509 */    
@@ -2400,10 +2405,15 @@ xmlSecAppLoadKeys(void) {
 }
 
 static int intialized = 0;
+
+#ifndef XMLSEC_NO_XSLT
+static xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
 static int
 xmlSecAppInit(void) {
     if(intialized != 0) {
-	return(0);
+        return(0);
     }
     intialized = 1;
     
@@ -2414,31 +2424,44 @@ xmlSecAppInit(void) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+                
+    
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+    
     /* Init xmlsec */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec intialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec intialization failed.\n");
+        return(-1);
     }
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
 #if !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST xmlsec_crypto) < 0) {
-	fprintf(stderr, "Error: unable to load xmlsec-%s library. Make sure that you have\n"
-			"this it installed, check shared libraries path (LD_LIBRARY_PATH)\n"
-			"envornment variable or use \"--crypto\" option to specify different\n"
-			"crypto engine.\n", xmlsec_crypto);
-	return(-1);	
+        fprintf(stderr, "Error: unable to load xmlsec-%s library. Make sure that you have\n"
+                        "this it installed, check shared libraries path (LD_LIBRARY_PATH)\n"
+                        "envornment variable or use \"--crypto\" option to specify different\n"
+                        "crypto engine.\n", xmlsec_crypto);
+        return(-1);
     }
 #endif /* !defined(XMLSEC_NO_CRYPTO_DYNAMIC_LOADING) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
 
     /* Init Crypto */
     if(xmlSecAppCryptoInit(xmlSecAppCmdLineParamGetString(&cryptoConfigParam)) < 0) {
-	fprintf(stderr, "Error: xmlsec crypto intialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec crypto intialization failed.\n");
+        return(-1);
     }
     return(0);
 }
@@ -2446,21 +2469,22 @@ xmlSecAppInit(void) {
 static void
 xmlSecAppShutdown(void) {
     if(intialized == 0) {
-	return;
+        return;
     }
 
     /* Shutdown Crypto */
     if(xmlSecAppCryptoShutdown() < 0) {
-	fprintf(stderr, "Error: xmlsec crypto shutdown failed.\n");
+        fprintf(stderr, "Error: xmlsec crypto shutdown failed.\n");
     }
     
     /* Shutdown xmlsec */
     if(xmlSecShutdown() < 0) {
-	fprintf(stderr, "Error: xmlsec shutdown failed.\n");
+        fprintf(stderr, "Error: xmlsec shutdown failed.\n");
     }
     
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -2473,25 +2497,25 @@ xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, co
     xmlNodePtr cur = NULL;
         
     if(filename == NULL) {
-	fprintf(stderr, "Error: xml filename is null\n");
-	return(NULL);
+        fprintf(stderr, "Error: xml filename is null\n");
+        return(NULL);
     }
     
     /* create object */
     data = (xmlSecAppXmlDataPtr) xmlMalloc(sizeof(xmlSecAppXmlData));
     if(data == NULL) {
-	fprintf(stderr, "Error: failed to create xml data\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create xml data\n");
+        return(NULL);
     }
     memset(data, 0, sizeof(xmlSecAppXmlData));
     
     /* parse doc */
     data->doc = xmlSecParseFile(filename);
     if(data->doc == NULL) {
-	fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", 
-		filename);
-	xmlSecAppXmlDataDestroy(data);
-	return(NULL);    
+        fprintf(stderr, "Error: failed to parse xml file \"%s\"\n", 
+                filename);
+        xmlSecAppXmlDataDestroy(data);
+        return(NULL);    
     }
     
     /* load dtd and set default attrs and ids */
@@ -2499,178 +2523,178 @@ xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, co
         xmlValidCtxt ctx;
 
         data->dtd = xmlParseDTD(NULL, BAD_CAST xmlSecAppCmdLineParamGetString(&dtdFileParam));
-	if(data->dtd == NULL) {
-	    fprintf(stderr, "Error: failed to parse dtd file \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&dtdFileParam));
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
+        if(data->dtd == NULL) {
+            fprintf(stderr, "Error: failed to parse dtd file \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&dtdFileParam));
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
 
-	memset(&ctx, 0, sizeof(ctx));    
-	/* we don't care is doc actually valid or not */
-	xmlValidateDtd(&ctx, data->doc, data->dtd);
+        memset(&ctx, 0, sizeof(ctx));    
+        /* we don't care is doc actually valid or not */
+        xmlValidateDtd(&ctx, data->doc, data->dtd);
     }
     
     /* set ID attributes from command line */
     for(value = idAttrParam.value; value != NULL; value = value->next) {
-	if(value->strValue == NULL) {
-	    fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
-		    idAttrParam.fullName);
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);
-	} else {
-	    xmlChar* attrName = (value->paramNameValue != NULL) ? BAD_CAST value->paramNameValue : BAD_CAST "id";
-	    xmlChar* nodeName;
-	    xmlChar* nsHref;
-	    xmlChar* buf;
-	    
-	    buf = xmlStrdup(BAD_CAST value->strValue);
-	    if(buf == NULL) {
-		fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", value->strValue);
-	        xmlSecAppXmlDataDestroy(data);
-		return(NULL);    
-	    }
-    	    nodeName = (xmlChar*)strrchr((char*)buf, ':');
-	    if(nodeName != NULL) {
-		(*(nodeName++)) = '\0';
-		nsHref = buf;
-	    } else {
-		nodeName = buf;
-		nsHref = NULL;
-	    }
-
-    	    /* process children first because it does not matter much but does simplify code */
-	    cur = xmlSecGetNextElementNode(data->doc->children);
-	    while(cur != NULL) {
-		if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) {
-		    fprintf(stderr, "Error: failed to add ID attribute \"%s\" for node \"%s\"\n", attrName, value->strValue);
-		    xmlFree(buf);
-	    	    xmlSecAppXmlDataDestroy(data);
-		    return(NULL);    
-		}
-		cur = xmlSecGetNextElementNode(cur->next);
-	    }
-
-	    xmlFree(buf);
-	}
+        if(value->strValue == NULL) {
+            fprintf(stderr, "Error: invalid value for option \"%s\".\n", 
+                    idAttrParam.fullName);
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);
+        } else {
+            xmlChar* attrName = (value->paramNameValue != NULL) ? BAD_CAST value->paramNameValue : BAD_CAST "id";
+            xmlChar* nodeName;
+            xmlChar* nsHref;
+            xmlChar* buf;
+            
+            buf = xmlStrdup(BAD_CAST value->strValue);
+            if(buf == NULL) {
+                fprintf(stderr, "Error: failed to duplicate string \"%s\"\n", value->strValue);
+                xmlSecAppXmlDataDestroy(data);
+                return(NULL);    
+            }
+            nodeName = (xmlChar*)strrchr((char*)buf, ':');
+            if(nodeName != NULL) {
+                (*(nodeName++)) = '\0';
+                nsHref = buf;
+            } else {
+                nodeName = buf;
+                nsHref = NULL;
+            }
+
+            /* process children first because it does not matter much but does simplify code */
+            cur = xmlSecGetNextElementNode(data->doc->children);
+            while(cur != NULL) {
+                if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) {
+                    fprintf(stderr, "Error: failed to add ID attribute \"%s\" for node \"%s\"\n", attrName, value->strValue);
+                    xmlFree(buf);
+                    xmlSecAppXmlDataDestroy(data);
+                    return(NULL);    
+                }
+                cur = xmlSecGetNextElementNode(cur->next);
+            }
+
+            xmlFree(buf);
+        }
     }
 
 
     /* now find the start node */
     if(xmlSecAppCmdLineParamGetString(&nodeIdParam) != NULL) {
-	xmlAttrPtr attr;
-	    
-	attr = xmlGetID(data->doc, BAD_CAST xmlSecAppCmdLineParamGetString(&nodeIdParam));
-	if(attr == NULL) {
-	    fprintf(stderr, "Error: failed to find node with id=\"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&nodeIdParam));
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-	cur = attr->parent;
+        xmlAttrPtr attr;
+            
+        attr = xmlGetID(data->doc, BAD_CAST xmlSecAppCmdLineParamGetString(&nodeIdParam));
+        if(attr == NULL) {
+            fprintf(stderr, "Error: failed to find node with id=\"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&nodeIdParam));
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+        cur = attr->parent;
     } else if(xmlSecAppCmdLineParamGetString(&nodeNameParam) != NULL) {
-	xmlChar* buf;
-	xmlChar* name;
-	xmlChar* ns;
-	
-	buf = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeNameParam));
-	if(buf == NULL) {
-	    fprintf(stderr, "Error: failed to duplicate node \"%s\"\n", 
-		    xmlSecAppCmdLineParamGetString(&nodeNameParam));
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-	name = (xmlChar*)strrchr((char*)buf, ':');
-	if(name != NULL) {
-	    (*(name++)) = '\0';
-	    ns = buf;
-	} else {
-	    name = buf;
-	    ns = NULL;
-	}
-	
-	cur = xmlSecFindNode(xmlDocGetRootElement(data->doc), name, ns);
-	if(cur == NULL) {
-	    fprintf(stderr, "Error: failed to find node with name=\"%s\"\n", 
-		    name);
-	    xmlFree(buf);
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-	xmlFree(buf);
+        xmlChar* buf;
+        xmlChar* name;
+        xmlChar* ns;
+        
+        buf = xmlStrdup(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeNameParam));
+        if(buf == NULL) {
+            fprintf(stderr, "Error: failed to duplicate node \"%s\"\n", 
+                    xmlSecAppCmdLineParamGetString(&nodeNameParam));
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+        name = (xmlChar*)strrchr((char*)buf, ':');
+        if(name != NULL) {
+            (*(name++)) = '\0';
+            ns = buf;
+        } else {
+            name = buf;
+            ns = NULL;
+        }
+        
+        cur = xmlSecFindNode(xmlDocGetRootElement(data->doc), name, ns);
+        if(cur == NULL) {
+            fprintf(stderr, "Error: failed to find node with name=\"%s\"\n", 
+                    name);
+            xmlFree(buf);
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+        xmlFree(buf);
     } else if(xmlSecAppCmdLineParamGetString(&nodeXPathParam) != NULL) {
-	xmlXPathContextPtr ctx = NULL;
-	xmlXPathObjectPtr obj = NULL;
-	xmlNodePtr rootNode;
-	xmlNsPtr ns;
-	int ret;
-
-	rootNode = xmlDocGetRootElement(data->doc);
-	if(rootNode == NULL) {
-	    fprintf(stderr, "Error: failed to find root node\n"); 
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-	
-	ctx = xmlXPathNewContext(data->doc);
-	if(ctx == NULL) {
-	    fprintf(stderr, "Error: failed to create xpath context\n");
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-	
-	/* register namespaces from the root node */
-	for(ns = rootNode->nsDef; ns != NULL; ns = ns->next) {
-	    if(ns->prefix != NULL){
-	        ret = xmlXPathRegisterNs(ctx, ns->prefix, ns->href);
-		if(ret != 0) {
-		    fprintf(stderr, "Error: failed to register namespace \"%s\"\n", ns->prefix);
-		    xmlXPathFreeContext(ctx);
-		    xmlSecAppXmlDataDestroy(data);
-		    return(NULL);    
-		}
-	    }
-	}
-	
-	obj = xmlXPathEval(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeXPathParam), ctx);
-	if(obj == NULL) {
-	    fprintf(stderr, "Error: failed to evaluate xpath expression\n");
-	    xmlXPathFreeContext(ctx);
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-
-	if((obj->nodesetval == NULL) || (obj->nodesetval->nodeNr != 1)) {
-	    fprintf(stderr, "Error: xpath expression evaluation does not return a single node as expected\n");
-	    xmlXPathFreeObject(obj);
-	    xmlXPathFreeContext(ctx);
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
-		
-	cur = obj->nodesetval->nodeTab[0];
-	xmlXPathFreeContext(ctx);
-	xmlXPathFreeObject(obj);
-	
+        xmlXPathContextPtr ctx = NULL;
+        xmlXPathObjectPtr obj = NULL;
+        xmlNodePtr rootNode;
+        xmlNsPtr ns;
+        int ret;
+
+        rootNode = xmlDocGetRootElement(data->doc);
+        if(rootNode == NULL) {
+            fprintf(stderr, "Error: failed to find root node\n"); 
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+        
+        ctx = xmlXPathNewContext(data->doc);
+        if(ctx == NULL) {
+            fprintf(stderr, "Error: failed to create xpath context\n");
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+        
+        /* register namespaces from the root node */
+        for(ns = rootNode->nsDef; ns != NULL; ns = ns->next) {
+            if(ns->prefix != NULL){
+                ret = xmlXPathRegisterNs(ctx, ns->prefix, ns->href);
+                if(ret != 0) {
+                    fprintf(stderr, "Error: failed to register namespace \"%s\"\n", ns->prefix);
+                    xmlXPathFreeContext(ctx);
+                    xmlSecAppXmlDataDestroy(data);
+                    return(NULL);    
+                }
+            }
+        }
+        
+        obj = xmlXPathEval(BAD_CAST xmlSecAppCmdLineParamGetString(&nodeXPathParam), ctx);
+        if(obj == NULL) {
+            fprintf(stderr, "Error: failed to evaluate xpath expression\n");
+            xmlXPathFreeContext(ctx);
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+
+        if((obj->nodesetval == NULL) || (obj->nodesetval->nodeNr != 1)) {
+            fprintf(stderr, "Error: xpath expression evaluation does not return a single node as expected\n");
+            xmlXPathFreeObject(obj);
+            xmlXPathFreeContext(ctx);
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
+                
+        cur = obj->nodesetval->nodeTab[0];
+        xmlXPathFreeContext(ctx);
+        xmlXPathFreeObject(obj);
+        
     } else {
-	cur = xmlDocGetRootElement(data->doc);
-	if(cur == NULL) {
-	    fprintf(stderr, "Error: failed to get root element\n"); 
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
+        cur = xmlDocGetRootElement(data->doc);
+        if(cur == NULL) {
+            fprintf(stderr, "Error: failed to get root element\n"); 
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
     }
     
     if(defStartNodeName != NULL) {
-	data->startNode = xmlSecFindNode(cur, defStartNodeName, defStartNodeNs);
-	if(data->startNode == NULL) {
-	    fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", 
-		    defStartNodeName);
-	    xmlSecAppXmlDataDestroy(data);
-	    return(NULL);    
-	}
+        data->startNode = xmlSecFindNode(cur, defStartNodeName, defStartNodeNs);
+        if(data->startNode == NULL) {
+            fprintf(stderr, "Error: failed to find default node with name=\"%s\"\n", 
+                    defStartNodeName);
+            xmlSecAppXmlDataDestroy(data);
+            return(NULL);    
+        }
     } else {
-	data->startNode = cur;
+        data->startNode = cur;
     }
     
     return(data);
@@ -2679,14 +2703,14 @@ xmlSecAppXmlDataCreate(const char* filename, const xmlChar* defStartNodeName, co
 static void 
 xmlSecAppXmlDataDestroy(xmlSecAppXmlDataPtr data) {
     if(data == NULL) {
-	fprintf(stderr, "Error: xml data is null\n");
-	return;
+        fprintf(stderr, "Error: xml data is null\n");
+        return;
     }
     if(data->dtd != NULL) {
-	xmlFreeDtd(data->dtd);
+        xmlFreeDtd(data->dtd);
     }
     if(data->doc != NULL) {
-	xmlFreeDoc(data->doc);
+        xmlFreeDoc(data->doc);
     }
     memset(data, 0, sizeof(xmlSecAppXmlData));
     xmlFree(data);    
@@ -2695,91 +2719,99 @@ xmlSecAppXmlDataDestroy(xmlSecAppXmlDataPtr data) {
 static xmlSecAppCommand 
 xmlSecAppParseCommand(const char* cmd, xmlSecAppCmdLineParamTopic* cmdLineTopics, xmlSecAppCommand* subCommand) {
     if(subCommand != NULL) {
-	(*subCommand) = xmlSecAppCommandUnknown;
+        (*subCommand) = xmlSecAppCommandUnknown;
     }
 
     if((cmd == NULL) || (cmdLineTopics == NULL)) {
-	return(xmlSecAppCommandUnknown);
+        return(xmlSecAppCommandUnknown);
     } else 
 
     if((strcmp(cmd, "help") == 0) || (strcmp(cmd, "--help") == 0)) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandHelp);
+        (*cmdLineTopics) = 0;
+        return(xmlSecAppCommandHelp);
     } else 
 
     if((strcmp(cmd, "help-all") == 0) || (strcmp(cmd, "--help-all") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicAll;
-	return(xmlSecAppCommandHelp);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicAll;
+        return(xmlSecAppCommandHelp);
     } else 
     
-    if((strncmp(cmd, "help-", 5) == 0) || (strncmp(cmd, "--help-", 7) == 0)) {	 
-	cmd = (cmd[0] == '-') ? cmd + 7 : cmd + 5;
-	if(subCommand) {
-	    (*subCommand) = xmlSecAppParseCommand(cmd, cmdLineTopics, NULL);
-	} else {
-	    (*cmdLineTopics) = 0;
-	}
-	return(xmlSecAppCommandHelp);
+    if((strncmp(cmd, "help-", 5) == 0) || (strncmp(cmd, "--help-", 7) == 0)) {   
+        cmd = (cmd[0] == '-') ? cmd + 7 : cmd + 5;
+        if(subCommand) {
+            (*subCommand) = xmlSecAppParseCommand(cmd, cmdLineTopics, NULL);
+        } else {
+            (*cmdLineTopics) = 0;
+        }
+        return(xmlSecAppCommandHelp);
     } else 
 
     if((strcmp(cmd, "version") == 0) || (strcmp(cmd, "--version") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicVersion;
-	return(xmlSecAppCommandVersion);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicVersion;
+        return(xmlSecAppCommandVersion);
     } else 
 
     if((strcmp(cmd, "list-key-data") == 0) || (strcmp(cmd, "--list-key-data") == 0)) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandListKeyData);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
+        return(xmlSecAppCommandListKeyData);
     } else 
 
     if((strcmp(cmd, "check-key-data") == 0) || (strcmp(cmd, "--check-key-data") == 0)) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandCheckKeyData);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
+        return(xmlSecAppCommandCheckKeyData);
     } else 
 
     if((strcmp(cmd, "list-transforms") == 0) || (strcmp(cmd, "--list-transforms") == 0)) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandListTransforms);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
+        return(xmlSecAppCommandListTransforms);
     } else 
 
     if((strcmp(cmd, "check-transforms") == 0) || (strcmp(cmd, "--check-transforms") == 0)) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandCheckTransforms);
+        (*cmdLineTopics) = xmlSecAppCmdLineTopicCryptoConfig;
+        return(xmlSecAppCommandCheckTransforms);
     } else 
     
     if((strcmp(cmd, "keys") == 0) || (strcmp(cmd, "--keys") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral | 
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandKeys);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral | 
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandKeys);
     } else 
     
 #ifndef XMLSEC_NO_XMLDSIG
     if((strcmp(cmd, "sign") == 0) || (strcmp(cmd, "--sign") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicDSigCommon |
-			xmlSecAppCmdLineTopicDSigSign |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandSign);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicDSigCommon |
+                        xmlSecAppCmdLineTopicDSigSign |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandSign);
     } else 
     
     if((strcmp(cmd, "verify") == 0) || (strcmp(cmd, "--verify") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicDSigCommon |
-			xmlSecAppCmdLineTopicDSigVerify |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandVerify);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicDSigCommon |
+                        xmlSecAppCmdLineTopicDSigVerify |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandVerify);
     } else 
 #ifndef XMLSEC_NO_TMPL_TEST
     if((strcmp(cmd, "sign-tmpl") == 0) || (strcmp(cmd, "--sign-tmpl") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicDSigCommon |
-			xmlSecAppCmdLineTopicDSigSign |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandSignTmpl);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicDSigCommon |
+                        xmlSecAppCmdLineTopicDSigSign |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandSignTmpl);
     } else 
 #endif /* XMLSEC_NO_TMPL_TEST */
     
@@ -2787,102 +2819,110 @@ xmlSecAppParseCommand(const char* cmd, xmlSecAppCmdLineParamTopic* cmdLineTopics
 
 #ifndef XMLSEC_NO_XMLENC
     if((strcmp(cmd, "encrypt") == 0) || (strcmp(cmd, "--encrypt") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicEncCommon |
-			xmlSecAppCmdLineTopicEncEncrypt |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandEncrypt);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicEncCommon |
+                        xmlSecAppCmdLineTopicEncEncrypt |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandEncrypt);
     } else 
 
     if((strcmp(cmd, "decrypt") == 0) || (strcmp(cmd, "--decrypt") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicEncCommon |
-			xmlSecAppCmdLineTopicEncDecrypt |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandDecrypt);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicEncCommon |
+                        xmlSecAppCmdLineTopicEncDecrypt |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandDecrypt);
     } else 
 
 #ifndef XMLSEC_NO_TMPL_TEST
     if((strcmp(cmd, "encrypt-tmpl") == 0) || (strcmp(cmd, "--encrypt-tmpl") == 0)) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicEncCommon |
-			xmlSecAppCmdLineTopicEncEncrypt |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandEncryptTmpl);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicEncCommon |
+                        xmlSecAppCmdLineTopicEncEncrypt |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandEncryptTmpl);
     } else 
 #endif /* XMLSEC_NO_TMPL_TEST */
 #endif /* XMLSEC_NO_XMLENC */
 
 #ifndef XMLSEC_NO_XKMS
     if(strcmp(cmd, "--xkms-server-request") == 0) {
-	(*cmdLineTopics) = xmlSecAppCmdLineTopicGeneral |
-			xmlSecAppCmdLineTopicXkmsCommon |
-			xmlSecAppCmdLineTopicKeysMngr |
-			xmlSecAppCmdLineTopicX509Certs;
-	return(xmlSecAppCommandXkmsServerRequest);
+        (*cmdLineTopics) = 
+                        xmlSecAppCmdLineTopicGeneral |
+                        xmlSecAppCmdLineTopicCryptoConfig |
+                        xmlSecAppCmdLineTopicXkmsCommon |
+                        xmlSecAppCmdLineTopicKeysMngr |
+                        xmlSecAppCmdLineTopicX509Certs;
+        return(xmlSecAppCommandXkmsServerRequest);
     } else
 #endif /* XMLSEC_NO_XKMS */
 
     if(1) {
-	(*cmdLineTopics) = 0;
-	return(xmlSecAppCommandUnknown);
+        (*cmdLineTopics) = 0;
+        return(xmlSecAppCommandUnknown);
     }
 }
-	
+        
 static void 
 xmlSecAppPrintHelp(xmlSecAppCommand command, xmlSecAppCmdLineParamTopic topics) {
     switch(command) {
     case xmlSecAppCommandUnknown:
     case xmlSecAppCommandHelp:
-	fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2);
+        fprintf(stdout, "%s%s\n", helpCommands1, helpCommands2);
         break;
     case xmlSecAppCommandVersion:
-	fprintf(stdout, "%s\n", helpVersion);
+        fprintf(stdout, "%s\n", helpVersion);
         break;
     case xmlSecAppCommandListKeyData:
-	fprintf(stdout, "%s\n", helpListKeyData);
+        fprintf(stdout, "%s\n", helpListKeyData);
         break;
     case xmlSecAppCommandCheckKeyData:
-	fprintf(stdout, "%s\n", helpCheckKeyData);
+        fprintf(stdout, "%s\n", helpCheckKeyData);
         break;
     case xmlSecAppCommandListTransforms:
-	fprintf(stdout, "%s\n", helpListTransforms);
+        fprintf(stdout, "%s\n", helpListTransforms);
         break;
     case xmlSecAppCommandCheckTransforms:
-	fprintf(stdout, "%s\n", helpCheckTransforms);
+        fprintf(stdout, "%s\n", helpCheckTransforms);
         break;
     case xmlSecAppCommandKeys:
-	fprintf(stdout, "%s\n", helpKeys);
+        fprintf(stdout, "%s\n", helpKeys);
         break;
     case xmlSecAppCommandSign:
-	fprintf(stdout, "%s\n", helpSign);
+        fprintf(stdout, "%s\n", helpSign);
         break;
     case xmlSecAppCommandVerify:
-	fprintf(stdout, "%s\n", helpVerify);
+        fprintf(stdout, "%s\n", helpVerify);
         break;
     case xmlSecAppCommandEncrypt:
-	fprintf(stdout, "%s\n", helpEncrypt);
+        fprintf(stdout, "%s\n", helpEncrypt);
         break;
     case xmlSecAppCommandDecrypt:
-	fprintf(stdout, "%s\n", helpDecrypt);
+        fprintf(stdout, "%s\n", helpDecrypt);
         break;
     case xmlSecAppCommandSignTmpl:
-	fprintf(stdout, "%s\n", helpSignTmpl);
+        fprintf(stdout, "%s\n", helpSignTmpl);
         break;
     case xmlSecAppCommandEncryptTmpl:
-	fprintf(stdout, "%s\n", helpEncryptTmpl);
+        fprintf(stdout, "%s\n", helpEncryptTmpl);
         break;
     case xmlSecAppCommandXkmsServerRequest:
-	fprintf(stdout, "%s\n", helpXkmsServerRequest);
+        fprintf(stdout, "%s\n", helpXkmsServerRequest);
         break;
     }
     if(topics != 0) {
-	fprintf(stdout, "Options:\n");
-	xmlSecAppCmdLineParamsListPrint(parameters, topics, stdout);
-	fprintf(stdout, "\n");
+        fprintf(stdout, "Options:\n");
+        xmlSecAppCmdLineParamsListPrint(parameters, topics, stdout);
+        fprintf(stdout, "\n");
     }
     fprintf(stdout, "\n%s\n", bugs);
     fprintf(stdout, "%s\n", copyright);
@@ -2893,19 +2933,19 @@ xmlSecAppGetUriType(const char* string) {
     xmlSecTransformUriType type = xmlSecTransformUriTypeNone;
     
     while((string != NULL) && (string[0] != '\0')) {
-	if(strcmp(string, "empty") == 0) {
-	    type |= xmlSecTransformUriTypeEmpty;
-	} else if(strcmp(string, "same-doc") == 0) {
-	    type |= xmlSecTransformUriTypeSameDocument;
-	} else if(strcmp(string, "local") == 0) {
-	    type |= xmlSecTransformUriTypeLocal;
-	} else if(strcmp(string, "remote") == 0) {
-	    type |= xmlSecTransformUriTypeRemote;
-	} else {
-	    fprintf(stderr, "Error: invalid uri type: \"%s\"\n", string);
-	    return(xmlSecTransformUriTypeNone);
-	}
-	string += strlen(string) + 1;
+        if(strcmp(string, "empty") == 0) {
+            type |= xmlSecTransformUriTypeEmpty;
+        } else if(strcmp(string, "same-doc") == 0) {
+            type |= xmlSecTransformUriTypeSameDocument;
+        } else if(strcmp(string, "local") == 0) {
+            type |= xmlSecTransformUriTypeLocal;
+        } else if(strcmp(string, "remote") == 0) {
+            type |= xmlSecTransformUriTypeRemote;
+        } else {
+            fprintf(stderr, "Error: invalid uri type: \"%s\"\n", string);
+            return(xmlSecTransformUriTypeNone);
+        }
+        string += strlen(string) + 1;
     }
     return(type);
 }
@@ -2915,12 +2955,12 @@ xmlSecAppOpenFile(const char* filename) {
     FILE* file;
     
     if((filename == NULL) || (strcmp(filename, "-") == 0)) {
-	return(stdout);
+        return(stdout);
     }
     file = fopen(filename, "wb");
     if(file == NULL) {
-	fprintf(stderr, "Error: failed to open file \"%s\"\n", filename);
-	return(NULL);
+        fprintf(stderr, "Error: failed to open file \"%s\"\n", filename);
+        return(NULL);
     }
     
     return(file);
@@ -2929,7 +2969,7 @@ xmlSecAppOpenFile(const char* filename) {
 static void 
 xmlSecAppCloseFile(FILE* file) {
     if((file == NULL) || (file == stdout) || (file == stderr)) {
-	return;
+        return;
     }
     
     fclose(file);
@@ -2941,16 +2981,16 @@ xmlSecAppWriteResult(xmlDocPtr doc, xmlSecBufferPtr buffer) {
 
     f = xmlSecAppOpenFile(xmlSecAppCmdLineParamGetString(&outputParam));
     if(f == NULL) {
-	return(-1);
+        return(-1);
     }
     if(doc != NULL) {
-	xmlDocDump(f, doc);    
+        xmlDocDump(f, doc);    
     } else if((buffer != NULL) && (xmlSecBufferGetData(buffer) != NULL)) {
-    	fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f); 
+        fwrite(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), 1, f); 
     } else {
-	fprintf(stderr, "Error: both result doc and result buffer are null\n");	
-	xmlSecAppCloseFile(f);
-	return(-1);
+        fprintf(stderr, "Error: both result doc and result buffer are null\n"); 
+        xmlSecAppCloseFile(f);
+        return(-1);
     }    
     xmlSecAppCloseFile(f);
     return(0);
@@ -2963,52 +3003,52 @@ xmlSecAppAddIDAttr(xmlNodePtr node, const xmlChar* attrName, const xmlChar* node
     xmlChar* id;
     
     if((node == NULL) || (attrName == NULL) || (nodeName == NULL)) {
-	return(-1);
+        return(-1);
     }
     
     /* process children first because it does not matter much but does simplify code */
     cur = xmlSecGetNextElementNode(node->children);
     while(cur != NULL) {
-	if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) {
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        if(xmlSecAppAddIDAttr(cur, attrName, nodeName, nsHref) < 0) {
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
     
     /* node name must match */
     if(!xmlStrEqual(node->name, nodeName)) {
-	return(0);
+        return(0);
     }
-	
+        
     /* if nsHref is set then it also should match */    
     if((nsHref != NULL) && (node->ns != NULL) && (!xmlStrEqual(nsHref, node->ns->href))) {
-	return(0);
+        return(0);
     }
     
     /* the attribute with name equal to attrName should exist */
     for(attr = node->properties; attr != NULL; attr = attr->next) {
-	if(xmlStrEqual(attr->name, attrName)) {
-	    break;
-	}
+        if(xmlStrEqual(attr->name, attrName)) {
+            break;
+        }
     }
     if(attr == NULL) {
-	return(0);
+        return(0);
     }
     
     /* and this attr should have a value */
     id = xmlNodeListGetString(node->doc, attr->children, 1);
     if(id == NULL) {
-	return(0);
+        return(0);
     }
     
     /* check that we don't have same ID already */
     tmpAttr = xmlGetID(node->doc, id);
     if(tmpAttr == NULL) {
-	xmlAddID(NULL, node->doc, id, attr);
+        xmlAddID(NULL, node->doc, id, attr);
     } else if(tmpAttr != attr) {
-	fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id);	
-	xmlFree(id);
-	return(-1);
+        fprintf(stderr, "Error: duplicate ID attribute \"%s\"\n", id);  
+        xmlFree(id);
+        return(-1);
     }
     xmlFree(id);
     return(0);
diff --git a/config.guess b/config.guess
index da833146..d622a44e 100755
--- a/config.guess
+++ b/config.guess
@@ -1,10 +1,10 @@
 #! /bin/sh
 # Attempt to guess a canonical system name.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
-#   Free Software Foundation, Inc.
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
+#   2011, 2012 Free Software Foundation, Inc.
 
-timestamp='2009-04-27'
+timestamp='2012-02-10'
 
 # This file is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License as published by
@@ -17,9 +17,7 @@ timestamp='2009-04-27'
 # General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
 #
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -27,16 +25,16 @@ timestamp='2009-04-27'
 # the same distribution terms that you use for the rest of that program.
 
 
-# Originally written by Per Bothner <per@bothner.com>.
-# Please send patches to <config-patches@gnu.org>.  Submit a context
-# diff and a properly formatted ChangeLog entry.
+# Originally written by Per Bothner.  Please send patches (context
+# diff format) to <config-patches@gnu.org> and include a ChangeLog
+# entry.
 #
 # This script attempts to guess a canonical system name similar to
 # config.sub.  If it succeeds, it prints the system name on stdout, and
 # exits with 0.  Otherwise, it exits with 1.
 #
-# The plan is that this can be called by configure scripts if you
-# don't specify an explicit build system type.
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
 
 me=`echo "$0" | sed -e 's,.*/,,'`
 
@@ -56,8 +54,9 @@ version="\
 GNU config.guess ($timestamp)
 
 Originally written by Per Bothner.
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
-2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
+Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -144,7 +143,7 @@ UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
 case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
     *:NetBSD:*:*)
 	# NetBSD (nbsd) targets should (where applicable) match one or
-	# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+	# more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
 	# *-*-netbsdecoff* and *-*-netbsd*.  For targets that recently
 	# switched to ELF, *-*-netbsd* would select the old
 	# object file format.  This provides both forward
@@ -170,7 +169,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	    arm*|i386|m68k|ns32k|sh3*|sparc|vax)
 		eval $set_cc_for_build
 		if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
-			| grep __ELF__ >/dev/null
+			| grep -q __ELF__
 		then
 		    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
 		    # Return netbsd for either.  FIX?
@@ -180,7 +179,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 		fi
 		;;
 	    *)
-	        os=netbsd
+		os=netbsd
 		;;
 	esac
 	# The OS release
@@ -223,7 +222,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
 		;;
 	*5.*)
-	        UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
 		;;
 	esac
 	# According to Compaq, /usr/sbin/psrinfo has been available on
@@ -269,7 +268,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	# A Xn.n version is an unreleased experimental baselevel.
 	# 1.2 uses "1.2" for uname -r.
 	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
-	exit ;;
+	# Reset EXIT trap before exiting to avoid spurious non-zero exit code.
+	exitcode=$?
+	trap '' 0
+	exit $exitcode ;;
     Alpha\ *:Windows_NT*:*)
 	# How do we know it's Interix rather than the generic POSIX subsystem?
 	# Should we change UNAME_MACHINE based on the output of uname instead
@@ -295,7 +297,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
 	echo s390-ibm-zvmoe
 	exit ;;
     *:OS400:*:*)
-        echo powerpc-ibm-os400
+	echo powerpc-ibm-os400
 	exit ;;
     arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
 	echo arm-acorn-riscix${UNAME_RELEASE}
@@ -333,6 +335,9 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
     sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
 	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
 	exit ;;
+    i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
+	echo i386-pc-auroraux${UNAME_RELEASE}
+	exit ;;
     i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
 	eval $set_cc_for_build
 	SUN_ARCH="i386"
@@ -391,23 +396,23 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
     # MiNT.  But MiNT is downward compatible to TOS, so this should
     # be no problem.
     atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
-        echo m68k-atari-mint${UNAME_RELEASE}
+	echo m68k-atari-mint${UNAME_RELEASE}
 	exit ;;
     atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
 	echo m68k-atari-mint${UNAME_RELEASE}
-        exit ;;
+	exit ;;
     *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
-        echo m68k-atari-mint${UNAME_RELEASE}
+	echo m68k-atari-mint${UNAME_RELEASE}
 	exit ;;
     milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
-        echo m68k-milan-mint${UNAME_RELEASE}
-        exit ;;
+	echo m68k-milan-mint${UNAME_RELEASE}
+	exit ;;
     hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
-        echo m68k-hades-mint${UNAME_RELEASE}
-        exit ;;
+	echo m68k-hades-mint${UNAME_RELEASE}
+	exit ;;
     *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
-        echo m68k-unknown-mint${UNAME_RELEASE}
-        exit ;;
+	echo m68k-unknown-mint${UNAME_RELEASE}
+	exit ;;
     m68k:machten:*:*)
 	echo m68k-apple-machten${UNAME_RELEASE}
 	exit ;;
@@ -477,8 +482,8 @@ EOF
 	echo m88k-motorola-sysv3
 	exit ;;
     AViiON:dgux:*:*)
-        # DG/UX returns AViiON for all architectures
-        UNAME_PROCESSOR=`/usr/bin/uname -p`
+	# DG/UX returns AViiON for all architectures
+	UNAME_PROCESSOR=`/usr/bin/uname -p`
 	if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
 	then
 	    if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
@@ -491,7 +496,7 @@ EOF
 	else
 	    echo i586-dg-dgux${UNAME_RELEASE}
 	fi
- 	exit ;;
+	exit ;;
     M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
 	echo m88k-dolphin-sysv3
 	exit ;;
@@ -548,7 +553,7 @@ EOF
 		echo rs6000-ibm-aix3.2
 	fi
 	exit ;;
-    *:AIX:*:[456])
+    *:AIX:*:[4567])
 	IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
 	if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
 		IBM_ARCH=rs6000
@@ -591,52 +596,52 @@ EOF
 	    9000/[678][0-9][0-9])
 		if [ -x /usr/bin/getconf ]; then
 		    sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
-                    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
-                    case "${sc_cpu_version}" in
-                      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
-                      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
-                      532)                      # CPU_PA_RISC2_0
-                        case "${sc_kernel_bits}" in
-                          32) HP_ARCH="hppa2.0n" ;;
-                          64) HP_ARCH="hppa2.0w" ;;
+		    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+		    case "${sc_cpu_version}" in
+		      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+		      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+		      532)                      # CPU_PA_RISC2_0
+			case "${sc_kernel_bits}" in
+			  32) HP_ARCH="hppa2.0n" ;;
+			  64) HP_ARCH="hppa2.0w" ;;
 			  '') HP_ARCH="hppa2.0" ;;   # HP-UX 10.20
-                        esac ;;
-                    esac
+			esac ;;
+		    esac
 		fi
 		if [ "${HP_ARCH}" = "" ]; then
 		    eval $set_cc_for_build
-		    sed 's/^              //' << EOF >$dummy.c
+		    sed 's/^		//' << EOF >$dummy.c
 
-              #define _HPUX_SOURCE
-              #include <stdlib.h>
-              #include <unistd.h>
+		#define _HPUX_SOURCE
+		#include <stdlib.h>
+		#include <unistd.h>
 
-              int main ()
-              {
-              #if defined(_SC_KERNEL_BITS)
-                  long bits = sysconf(_SC_KERNEL_BITS);
-              #endif
-                  long cpu  = sysconf (_SC_CPU_VERSION);
+		int main ()
+		{
+		#if defined(_SC_KERNEL_BITS)
+		    long bits = sysconf(_SC_KERNEL_BITS);
+		#endif
+		    long cpu  = sysconf (_SC_CPU_VERSION);
 
-                  switch (cpu)
-              	{
-              	case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
-              	case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
-              	case CPU_PA_RISC2_0:
-              #if defined(_SC_KERNEL_BITS)
-              	    switch (bits)
-              		{
-              		case 64: puts ("hppa2.0w"); break;
-              		case 32: puts ("hppa2.0n"); break;
-              		default: puts ("hppa2.0"); break;
-              		} break;
-              #else  /* !defined(_SC_KERNEL_BITS) */
-              	    puts ("hppa2.0"); break;
-              #endif
-              	default: puts ("hppa1.0"); break;
-              	}
-                  exit (0);
-              }
+		    switch (cpu)
+			{
+			case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+			case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+			case CPU_PA_RISC2_0:
+		#if defined(_SC_KERNEL_BITS)
+			    switch (bits)
+				{
+				case 64: puts ("hppa2.0w"); break;
+				case 32: puts ("hppa2.0n"); break;
+				default: puts ("hppa2.0"); break;
+				} break;
+		#else  /* !defined(_SC_KERNEL_BITS) */
+			    puts ("hppa2.0"); break;
+		#endif
+			default: puts ("hppa1.0"); break;
+			}
+		    exit (0);
+		}
 EOF
 		    (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
 		    test -z "$HP_ARCH" && HP_ARCH=hppa
@@ -656,7 +661,7 @@ EOF
 	    # => hppa64-hp-hpux11.23
 
 	    if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
-		grep __LP64__ >/dev/null
+		grep -q __LP64__
 	    then
 		HP_ARCH="hppa2.0w"
 	    else
@@ -727,22 +732,22 @@ EOF
 	exit ;;
     C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
 	echo c1-convex-bsd
-        exit ;;
+	exit ;;
     C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
 	if getsysinfo -f scalar_acc
 	then echo c32-convex-bsd
 	else echo c2-convex-bsd
 	fi
-        exit ;;
+	exit ;;
     C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
 	echo c34-convex-bsd
-        exit ;;
+	exit ;;
     C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
 	echo c38-convex-bsd
-        exit ;;
+	exit ;;
     C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
 	echo c4-convex-bsd
-        exit ;;
+	exit ;;
     CRAY*Y-MP:*:*:*)
 	echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
 	exit ;;
@@ -766,14 +771,14 @@ EOF
 	exit ;;
     F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
 	FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
-        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
-        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
-        echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
-        exit ;;
+	FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+	FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+	echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+	exit ;;
     5000:UNIX_System_V:4.*:*)
-        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
-        FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
-        echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+	FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+	FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+	echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
 	exit ;;
     i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
 	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
@@ -785,13 +790,12 @@ EOF
 	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
 	exit ;;
     *:FreeBSD:*:*)
-	case ${UNAME_MACHINE} in
-	    pc98)
-		echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	UNAME_PROCESSOR=`/usr/bin/uname -p`
+	case ${UNAME_PROCESSOR} in
 	    amd64)
 		echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
 	    *)
-		echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+		echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
 	esac
 	exit ;;
     i*:CYGWIN*:*)
@@ -800,19 +804,22 @@ EOF
     *:MINGW*:*)
 	echo ${UNAME_MACHINE}-pc-mingw32
 	exit ;;
+    i*:MSYS*:*)
+	echo ${UNAME_MACHINE}-pc-msys
+	exit ;;
     i*:windows32*:*)
-    	# uname -m includes "-pc" on this system.
-    	echo ${UNAME_MACHINE}-mingw32
+	# uname -m includes "-pc" on this system.
+	echo ${UNAME_MACHINE}-mingw32
 	exit ;;
     i*:PW*:*)
 	echo ${UNAME_MACHINE}-pc-pw32
 	exit ;;
-    *:Interix*:[3456]*)
-    	case ${UNAME_MACHINE} in
+    *:Interix*:*)
+	case ${UNAME_MACHINE} in
 	    x86)
 		echo i586-pc-interix${UNAME_RELEASE}
 		exit ;;
-	    EM64T | authenticamd | genuineintel)
+	    authenticamd | genuineintel | EM64T)
 		echo x86_64-unknown-interix${UNAME_RELEASE}
 		exit ;;
 	    IA64)
@@ -822,6 +829,9 @@ EOF
     [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
 	echo i${UNAME_MACHINE}-pc-mks
 	exit ;;
+    8664:Windows_NT:*)
+	echo x86_64-pc-mks
+	exit ;;
     i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
 	# How do we know it's Interix rather than the generic POSIX subsystem?
 	# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
@@ -851,6 +861,27 @@ EOF
     i*86:Minix:*:*)
 	echo ${UNAME_MACHINE}-pc-minix
 	exit ;;
+    aarch64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    aarch64_be:Linux:*:*)
+	UNAME_MACHINE=aarch64_be
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    alpha:Linux:*:*)
+	case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+	  EV5)   UNAME_MACHINE=alphaev5 ;;
+	  EV56)  UNAME_MACHINE=alphaev56 ;;
+	  PCA56) UNAME_MACHINE=alphapca56 ;;
+	  PCA57) UNAME_MACHINE=alphapca56 ;;
+	  EV6)   UNAME_MACHINE=alphaev6 ;;
+	  EV67)  UNAME_MACHINE=alphaev67 ;;
+	  EV68*) UNAME_MACHINE=alphaev68 ;;
+	esac
+	objdump --private-headers /bin/sh | grep -q ld.so.1
+	if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+	echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+	exit ;;
     arm*:Linux:*:*)
 	eval $set_cc_for_build
 	if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
@@ -858,20 +889,40 @@ EOF
 	then
 	    echo ${UNAME_MACHINE}-unknown-linux-gnu
 	else
-	    echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+	    if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \
+		| grep -q __ARM_PCS_VFP
+	    then
+		echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+	    else
+		echo ${UNAME_MACHINE}-unknown-linux-gnueabihf
+	    fi
 	fi
 	exit ;;
     avr32*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
     cris:Linux:*:*)
-	echo cris-axis-linux-gnu
+	echo ${UNAME_MACHINE}-axis-linux-gnu
 	exit ;;
     crisv32:Linux:*:*)
-	echo crisv32-axis-linux-gnu
+	echo ${UNAME_MACHINE}-axis-linux-gnu
 	exit ;;
     frv:Linux:*:*)
-    	echo frv-unknown-linux-gnu
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    hexagon:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    i*86:Linux:*:*)
+	LIBC=gnu
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#ifdef __dietlibc__
+	LIBC=dietlibc
+	#endif
+EOF
+	eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
+	echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
 	exit ;;
     ia64:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
@@ -882,78 +933,34 @@ EOF
     m68*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
-    mips:Linux:*:*)
+    mips:Linux:*:* | mips64:Linux:*:*)
 	eval $set_cc_for_build
 	sed 's/^	//' << EOF >$dummy.c
 	#undef CPU
-	#undef mips
-	#undef mipsel
+	#undef ${UNAME_MACHINE}
+	#undef ${UNAME_MACHINE}el
 	#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
-	CPU=mipsel
+	CPU=${UNAME_MACHINE}el
 	#else
 	#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
-	CPU=mips
+	CPU=${UNAME_MACHINE}
 	#else
 	CPU=
 	#endif
 	#endif
 EOF
-	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-	    /^CPU/{
-		s: ::g
-		p
-	    }'`"
-	test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
-	;;
-    mips64:Linux:*:*)
-	eval $set_cc_for_build
-	sed 's/^	//' << EOF >$dummy.c
-	#undef CPU
-	#undef mips64
-	#undef mips64el
-	#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
-	CPU=mips64el
-	#else
-	#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
-	CPU=mips64
-	#else
-	CPU=
-	#endif
-	#endif
-EOF
-	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-	    /^CPU/{
-		s: ::g
-		p
-	    }'`"
+	eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
 	test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
 	;;
     or32:Linux:*:*)
-	echo or32-unknown-linux-gnu
-	exit ;;
-    ppc:Linux:*:*)
-	echo powerpc-unknown-linux-gnu
-	exit ;;
-    ppc64:Linux:*:*)
-	echo powerpc64-unknown-linux-gnu
-	exit ;;
-    alpha:Linux:*:*)
-	case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
-	  EV5)   UNAME_MACHINE=alphaev5 ;;
-	  EV56)  UNAME_MACHINE=alphaev56 ;;
-	  PCA56) UNAME_MACHINE=alphapca56 ;;
-	  PCA57) UNAME_MACHINE=alphapca56 ;;
-	  EV6)   UNAME_MACHINE=alphaev6 ;;
-	  EV67)  UNAME_MACHINE=alphaev67 ;;
-	  EV68*) UNAME_MACHINE=alphaev68 ;;
-        esac
-	objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
-	if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
-	echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
     padre:Linux:*:*)
 	echo sparc-unknown-linux-gnu
 	exit ;;
+    parisc64:Linux:*:* | hppa64:Linux:*:*)
+	echo hppa64-unknown-linux-gnu
+	exit ;;
     parisc:Linux:*:* | hppa:Linux:*:*)
 	# Look for CPU level
 	case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
@@ -962,14 +969,17 @@ EOF
 	  *)    echo hppa-unknown-linux-gnu ;;
 	esac
 	exit ;;
-    parisc64:Linux:*:* | hppa64:Linux:*:*)
-	echo hppa64-unknown-linux-gnu
+    ppc64:Linux:*:*)
+	echo powerpc64-unknown-linux-gnu
+	exit ;;
+    ppc:Linux:*:*)
+	echo powerpc-unknown-linux-gnu
 	exit ;;
     s390:Linux:*:* | s390x:Linux:*:*)
 	echo ${UNAME_MACHINE}-ibm-linux
 	exit ;;
     sh64*:Linux:*:*)
-    	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
     sh*:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
@@ -977,75 +987,18 @@ EOF
     sparc:Linux:*:* | sparc64:Linux:*:*)
 	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
+    tile*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
     vax:Linux:*:*)
 	echo ${UNAME_MACHINE}-dec-linux-gnu
 	exit ;;
     x86_64:Linux:*:*)
-	echo x86_64-unknown-linux-gnu
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
     xtensa*:Linux:*:*)
-    	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
 	exit ;;
-    i*86:Linux:*:*)
-	# The BFD linker knows what the default object file format is, so
-	# first see if it will tell us. cd to the root directory to prevent
-	# problems with other programs or directories called `ld' in the path.
-	# Set LC_ALL=C to ensure ld outputs messages in English.
-	ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
-			 | sed -ne '/supported targets:/!d
-				    s/[ 	][ 	]*/ /g
-				    s/.*supported targets: *//
-				    s/ .*//
-				    p'`
-        case "$ld_supported_targets" in
-	  elf32-i386)
-		TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
-		;;
-	  a.out-i386-linux)
-		echo "${UNAME_MACHINE}-pc-linux-gnuaout"
-		exit ;;
-	  "")
-		# Either a pre-BFD a.out linker (linux-gnuoldld) or
-		# one that does not give us useful --help.
-		echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
-		exit ;;
-	esac
-	# Determine whether the default compiler is a.out or elf
-	eval $set_cc_for_build
-	sed 's/^	//' << EOF >$dummy.c
-	#include <features.h>
-	#ifdef __ELF__
-	# ifdef __GLIBC__
-	#  if __GLIBC__ >= 2
-	LIBC=gnu
-	#  else
-	LIBC=gnulibc1
-	#  endif
-	# else
-	LIBC=gnulibc1
-	# endif
-	#else
-	#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
-	LIBC=gnu
-	#else
-	LIBC=gnuaout
-	#endif
-	#endif
-	#ifdef __dietlibc__
-	LIBC=dietlibc
-	#endif
-EOF
-	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
-	    /^LIBC/{
-		s: ::g
-		p
-	    }'`"
-	test x"${LIBC}" != x && {
-		echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
-		exit
-	}
-	test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
-	;;
     i*86:DYNIX/ptx:4*:*)
 	# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
 	# earlier versions are messed up and put the nodename in both
@@ -1053,11 +1006,11 @@ EOF
 	echo i386-sequent-sysv4
 	exit ;;
     i*86:UNIX_SV:4.2MP:2.*)
-        # Unixware is an offshoot of SVR4, but it has its own version
-        # number series starting with 2...
-        # I am not positive that other SVR4 systems won't match this,
+	# Unixware is an offshoot of SVR4, but it has its own version
+	# number series starting with 2...
+	# I am not positive that other SVR4 systems won't match this,
 	# I just have to hope.  -- rms.
-        # Use sysv4.2uw... so that sysv4* matches it.
+	# Use sysv4.2uw... so that sysv4* matches it.
 	echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
 	exit ;;
     i*86:OS/2:*:*)
@@ -1074,7 +1027,7 @@ EOF
     i*86:syllable:*:*)
 	echo ${UNAME_MACHINE}-pc-syllable
 	exit ;;
-    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)
 	echo i386-unknown-lynxos${UNAME_RELEASE}
 	exit ;;
     i*86:*DOS:*:*)
@@ -1089,7 +1042,7 @@ EOF
 	fi
 	exit ;;
     i*86:*:5:[678]*)
-    	# UnixWare 7.x, OpenUNIX and OpenServer 6.
+	# UnixWare 7.x, OpenUNIX and OpenServer 6.
 	case `/bin/uname -X | grep "^Machine"` in
 	    *486*)	     UNAME_MACHINE=i486 ;;
 	    *Pentium)	     UNAME_MACHINE=i586 ;;
@@ -1117,13 +1070,13 @@ EOF
 	exit ;;
     pc:*:*:*)
 	# Left here for compatibility:
-        # uname -m prints for DJGPP always 'pc', but it prints nothing about
-        # the processor, so we play safe by assuming i586.
+	# uname -m prints for DJGPP always 'pc', but it prints nothing about
+	# the processor, so we play safe by assuming i586.
 	# Note: whatever this is, it MUST be the same as what config.sub
 	# prints for the "djgpp" host, or else GDB configury will decide that
 	# this is a cross-build.
 	echo i586-pc-msdosdjgpp
-        exit ;;
+	exit ;;
     Intel:Mach:3*:*)
 	echo i386-pc-mach3
 	exit ;;
@@ -1158,8 +1111,8 @@ EOF
 	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
 	  && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
     3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
-        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
-          && { echo i486-ncr-sysv4; exit; } ;;
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	  && { echo i486-ncr-sysv4; exit; } ;;
     NCR*:*:4.2:* | MPRAS*:*:4.2:*)
 	OS_REL='.3'
 	test -r /etc/.relid \
@@ -1182,7 +1135,7 @@ EOF
     rs6000:LynxOS:2.*:*)
 	echo rs6000-unknown-lynxos${UNAME_RELEASE}
 	exit ;;
-    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)
 	echo powerpc-unknown-lynxos${UNAME_RELEASE}
 	exit ;;
     SM[BE]S:UNIX_SV:*:*)
@@ -1202,10 +1155,10 @@ EOF
 		echo ns32k-sni-sysv
 	fi
 	exit ;;
-    PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
-                      # says <Richard.M.Bartel@ccMail.Census.GOV>
-        echo i586-unisys-sysv4
-        exit ;;
+    PENTIUM:*:4.0*:*)	# Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+			# says <Richard.M.Bartel@ccMail.Census.GOV>
+	echo i586-unisys-sysv4
+	exit ;;
     *:UNIX_System_V:4*:FTX*)
 	# From Gerald Hewes <hewes@openmarket.com>.
 	# How about differentiating between stratus architectures? -djm
@@ -1231,11 +1184,11 @@ EOF
 	exit ;;
     R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
 	if [ -d /usr/nec ]; then
-	        echo mips-nec-sysv${UNAME_RELEASE}
+		echo mips-nec-sysv${UNAME_RELEASE}
 	else
-	        echo mips-unknown-sysv${UNAME_RELEASE}
+		echo mips-unknown-sysv${UNAME_RELEASE}
 	fi
-        exit ;;
+	exit ;;
     BeBox:BeOS:*:*)	# BeOS running on hardware made by Be, PPC only.
 	echo powerpc-be-beos
 	exit ;;
@@ -1275,6 +1228,16 @@ EOF
     *:Darwin:*:*)
 	UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
 	case $UNAME_PROCESSOR in
+	    i386)
+		eval $set_cc_for_build
+		if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
+		  if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
+		      (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
+		      grep IS_64BIT_ARCH >/dev/null
+		  then
+		      UNAME_PROCESSOR="x86_64"
+		  fi
+		fi ;;
 	    unknown) UNAME_PROCESSOR=powerpc ;;
 	esac
 	echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
@@ -1290,6 +1253,9 @@ EOF
     *:QNX:*:4*)
 	echo i386-pc-qnx
 	exit ;;
+    NEO-?:NONSTOP_KERNEL:*:*)
+	echo neo-tandem-nsk${UNAME_RELEASE}
+	exit ;;
     NSE-?:NONSTOP_KERNEL:*:*)
 	echo nse-tandem-nsk${UNAME_RELEASE}
 	exit ;;
@@ -1335,13 +1301,13 @@ EOF
 	echo pdp10-unknown-its
 	exit ;;
     SEI:*:*:SEIUX)
-        echo mips-sei-seiux${UNAME_RELEASE}
+	echo mips-sei-seiux${UNAME_RELEASE}
 	exit ;;
     *:DragonFly:*:*)
 	echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
 	exit ;;
     *:*VMS:*:*)
-    	UNAME_MACHINE=`(uname -p) 2>/dev/null`
+	UNAME_MACHINE=`(uname -p) 2>/dev/null`
 	case "${UNAME_MACHINE}" in
 	    A*) echo alpha-dec-vms ; exit ;;
 	    I*) echo ia64-dec-vms ; exit ;;
@@ -1359,6 +1325,9 @@ EOF
     i*86:AROS:*:*)
 	echo ${UNAME_MACHINE}-pc-aros
 	exit ;;
+    x86_64:VMkernel:*:*)
+	echo ${UNAME_MACHINE}-unknown-esx
+	exit ;;
 esac
 
 #echo '(No uname command or uname output not recognized.)' 1>&2
@@ -1381,11 +1350,11 @@ main ()
 #include <sys/param.h>
   printf ("m68k-sony-newsos%s\n",
 #ifdef NEWSOS4
-          "4"
+	"4"
 #else
-	  ""
+	""
 #endif
-         ); exit (0);
+	); exit (0);
 #endif
 #endif
 
diff --git a/config.h.in b/config.h.in
index b67643ff..d8c6a473 100644
--- a/config.h.in
+++ b/config.h.in
@@ -118,9 +118,6 @@
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 
-/* Define to 1 if the C compiler supports function prototypes. */
-#undef PROTOTYPES
-
 /* The size of `size_t', as computed by sizeof. */
 #undef SIZEOF_SIZE_T
 
@@ -129,6 +126,3 @@
 
 /* Version number of package */
 #undef VERSION
-
-/* Define like PROTOTYPES; this can be used by system headers. */
-#undef __PROTOTYPES
diff --git a/config.sub b/config.sub
index a39437d0..c894da45 100755
--- a/config.sub
+++ b/config.sub
@@ -1,10 +1,10 @@
 #! /bin/sh
 # Configuration validation subroutine script.
 #   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
-#   Free Software Foundation, Inc.
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
+#   2011, 2012 Free Software Foundation, Inc.
 
-timestamp='2009-04-17'
+timestamp='2012-02-10'
 
 # This file is (in principle) common to ALL GNU software.
 # The presence of a machine in this file suggests that SOME GNU software
@@ -21,9 +21,7 @@ timestamp='2009-04-17'
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see <http://www.gnu.org/licenses/>.
 #
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -32,13 +30,16 @@ timestamp='2009-04-17'
 
 
 # Please send patches to <config-patches@gnu.org>.  Submit a context
-# diff and a properly formatted ChangeLog entry.
+# diff and a properly formatted GNU ChangeLog entry.
 #
 # Configuration subroutine to validate and canonicalize a configuration type.
 # Supply the specified configuration type as an argument.
 # If it is invalid, we print an error message on stderr and exit with code 1.
 # Otherwise, we print the canonical config type on stdout and succeed.
 
+# You can get the latest version of this script from:
+# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+
 # This file is supposed to be the same for all GNU packages
 # and recognize all the CPU types, system types and aliases
 # that are meaningful with *any* GNU software.
@@ -72,8 +73,9 @@ Report bugs and patches to <config-patches@gnu.org>."
 version="\
 GNU config.sub ($timestamp)
 
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
-2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
+Free Software Foundation, Inc.
 
 This is free software; see the source for copying conditions.  There is NO
 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -120,13 +122,18 @@ esac
 # Here we must recognize all the valid KERNEL-OS combinations.
 maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
 case $maybe_os in
-  nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
-  uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+  nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
+  linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
+  knetbsd*-gnu* | netbsd*-gnu* | \
   kopensolaris*-gnu* | \
   storm-chaos* | os2-emx* | rtmk-nova*)
     os=-$maybe_os
     basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
     ;;
+  android-linux)
+    os=-linux-android
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
+    ;;
   *)
     basic_machine=`echo $1 | sed 's/-[^-]*$//'`
     if [ $basic_machine != $1 ]
@@ -149,10 +156,13 @@ case $os in
 	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
 	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
 	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-	-apple | -axis | -knuth | -cray)
+	-apple | -axis | -knuth | -cray | -microblaze)
 		os=
 		basic_machine=$1
 		;;
+	-bluegene*)
+		os=-cnk
+		;;
 	-sim | -cisco | -oki | -wec | -winbond)
 		os=
 		basic_machine=$1
@@ -167,10 +177,10 @@ case $os in
 		os=-chorusos
 		basic_machine=$1
 		;;
- 	-chorusrdb)
- 		os=-chorusrdb
+	-chorusrdb)
+		os=-chorusrdb
 		basic_machine=$1
- 		;;
+		;;
 	-hiux*)
 		os=-hiuxwe2
 		;;
@@ -239,17 +249,22 @@ case $basic_machine in
 	# Some are omitted here because they have special meanings below.
 	1750a | 580 \
 	| a29k \
+	| aarch64 | aarch64_be \
 	| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
 	| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
 	| am33_2.0 \
 	| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
+        | be32 | be64 \
 	| bfin \
 	| c4x | clipper \
 	| d10v | d30v | dlx | dsp16xx \
+	| epiphany \
 	| fido | fr30 | frv \
 	| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+	| hexagon \
 	| i370 | i860 | i960 | ia64 \
 	| ip2k | iq2000 \
+	| le32 | le64 \
 	| lm32 \
 	| m32c | m32r | m32rle | m68000 | m68k | m88k \
 	| maxq | mb | microblaze | mcore | mep | metag \
@@ -275,27 +290,39 @@ case $basic_machine in
 	| moxie \
 	| mt \
 	| msp430 \
+	| nds32 | nds32le | nds32be \
 	| nios | nios2 \
 	| ns16k | ns32k \
+	| open8 \
 	| or32 \
 	| pdp10 | pdp11 | pj | pjl \
-	| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+	| powerpc | powerpc64 | powerpc64le | powerpcle \
 	| pyramid \
+	| rl78 | rx \
 	| score \
 	| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
 	| sh64 | sh64le \
 	| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
 	| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
-	| spu | strongarm \
-	| tahoe | thumb | tic4x | tic80 | tron \
-	| v850 | v850e \
+	| spu \
+	| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
+	| ubicom32 \
+	| v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
 	| we32k \
-	| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
+	| x86 | xc16x | xstormy16 | xtensa \
 	| z8k | z80)
 		basic_machine=$basic_machine-unknown
 		;;
-	m6811 | m68hc11 | m6812 | m68hc12)
-		# Motorola 68HC11/12.
+	c54x)
+		basic_machine=tic54x-unknown
+		;;
+	c55x)
+		basic_machine=tic55x-unknown
+		;;
+	c6x)
+		basic_machine=tic6x-unknown
+		;;
+	m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip)
 		basic_machine=$basic_machine-unknown
 		os=-none
 		;;
@@ -305,6 +332,21 @@ case $basic_machine in
 		basic_machine=mt-unknown
 		;;
 
+	strongarm | thumb | xscale)
+		basic_machine=arm-unknown
+		;;
+	xgate)
+		basic_machine=$basic_machine-unknown
+		os=-none
+		;;
+	xscaleeb)
+		basic_machine=armeb-unknown
+		;;
+
+	xscaleel)
+		basic_machine=armel-unknown
+		;;
+
 	# We use `pc' rather than `unknown'
 	# because (1) that's what they normally are, and
 	# (2) the word "unknown" tends to confuse beginning users.
@@ -319,25 +361,29 @@ case $basic_machine in
 	# Recognize the basic CPU types with company name.
 	580-* \
 	| a29k-* \
+	| aarch64-* | aarch64_be-* \
 	| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
 	| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
 	| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
 	| arm-*  | armbe-* | armle-* | armeb-* | armv*-* \
 	| avr-* | avr32-* \
+	| be32-* | be64-* \
 	| bfin-* | bs2000-* \
-	| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
+	| c[123]* | c30-* | [cjt]90-* | c4x-* \
 	| clipper-* | craynv-* | cydra-* \
 	| d10v-* | d30v-* | dlx-* \
 	| elxsi-* \
 	| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
 	| h8300-* | h8500-* \
 	| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+	| hexagon-* \
 	| i*86-* | i860-* | i960-* | ia64-* \
 	| ip2k-* | iq2000-* \
+	| le32-* | le64-* \
 	| lm32-* \
 	| m32c-* | m32r-* | m32rle-* \
 	| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
-	| m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
+	| m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
 	| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
 	| mips16-* \
 	| mips64-* | mips64el-* \
@@ -359,24 +405,29 @@ case $basic_machine in
 	| mmix-* \
 	| mt-* \
 	| msp430-* \
+	| nds32-* | nds32le-* | nds32be-* \
 	| nios-* | nios2-* \
 	| none-* | np1-* | ns16k-* | ns32k-* \
+	| open8-* \
 	| orion-* \
 	| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
-	| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+	| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
 	| pyramid-* \
-	| romp-* | rs6000-* \
+	| rl78-* | romp-* | rs6000-* | rx-* \
 	| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
 	| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
 	| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
 	| sparclite-* \
-	| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
-	| tahoe-* | thumb-* \
-	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
+	| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
+	| tahoe-* \
+	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+	| tile*-* \
 	| tron-* \
-	| v850-* | v850e-* | vax-* \
+	| ubicom32-* \
+	| v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
+	| vax-* \
 	| we32k-* \
-	| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
+	| x86-* | x86_64-* | xc16x-* | xps100-* \
 	| xstormy16-* | xtensa*-* \
 	| ymp-* \
 	| z8k-* | z80-*)
@@ -401,7 +452,7 @@ case $basic_machine in
 		basic_machine=a29k-amd
 		os=-udi
 		;;
-    	abacus)
+	abacus)
 		basic_machine=abacus-unknown
 		;;
 	adobe68k)
@@ -467,11 +518,24 @@ case $basic_machine in
 		basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
 		os=-linux
 		;;
+	bluegene*)
+		basic_machine=powerpc-ibm
+		os=-cnk
+		;;
+	c54x-*)
+		basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	c55x-*)
+		basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	c6x-*)
+		basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
 	c90)
 		basic_machine=c90-cray
 		os=-unicos
 		;;
-        cegcc)
+	cegcc)
 		basic_machine=arm-unknown
 		os=-cegcc
 		;;
@@ -503,7 +567,7 @@ case $basic_machine in
 		basic_machine=craynv-cray
 		os=-unicosmp
 		;;
-	cr16)
+	cr16 | cr16-*)
 		basic_machine=cr16-unknown
 		os=-elf
 		;;
@@ -661,7 +725,6 @@ case $basic_machine in
 	i370-ibm* | ibm*)
 		basic_machine=i370-ibm
 		;;
-# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
 	i*86v32)
 		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
 		os=-sysv32
@@ -719,6 +782,9 @@ case $basic_machine in
 		basic_machine=ns32k-utek
 		os=-sysv
 		;;
+	microblaze)
+		basic_machine=microblaze-xilinx
+		;;
 	mingw32)
 		basic_machine=i386-pc
 		os=-mingw32
@@ -755,10 +821,18 @@ case $basic_machine in
 	ms1-*)
 		basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
 		;;
+	msys)
+		basic_machine=i386-pc
+		os=-msys
+		;;
 	mvs)
 		basic_machine=i370-ibm
 		os=-mvs
 		;;
+	nacl)
+		basic_machine=le32-unknown
+		os=-nacl
+		;;
 	ncr3000)
 		basic_machine=i486-ncr
 		os=-sysv4
@@ -823,6 +897,12 @@ case $basic_machine in
 	np1)
 		basic_machine=np1-gould
 		;;
+	neo-tandem)
+		basic_machine=neo-tandem
+		;;
+	nse-tandem)
+		basic_machine=nse-tandem
+		;;
 	nsr-tandem)
 		basic_machine=nsr-tandem
 		;;
@@ -905,9 +985,10 @@ case $basic_machine in
 		;;
 	power)	basic_machine=power-ibm
 		;;
-	ppc)	basic_machine=powerpc-unknown
+	ppc | ppcbe)	basic_machine=powerpc-unknown
 		;;
-	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+	ppc-* | ppcbe-*)
+		basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
 		;;
 	ppcle | powerpclittle | ppc-le | powerpc-little)
 		basic_machine=powerpcle-unknown
@@ -1001,6 +1082,9 @@ case $basic_machine in
 		basic_machine=i860-stratus
 		os=-sysv4
 		;;
+	strongarm-* | thumb-*)
+		basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
 	sun2)
 		basic_machine=m68000-sun
 		;;
@@ -1057,20 +1141,8 @@ case $basic_machine in
 		basic_machine=t90-cray
 		os=-unicos
 		;;
-	tic54x | c54x*)
-		basic_machine=tic54x-unknown
-		os=-coff
-		;;
-	tic55x | c55x*)
-		basic_machine=tic55x-unknown
-		os=-coff
-		;;
-	tic6x | c6x*)
-		basic_machine=tic6x-unknown
-		os=-coff
-		;;
 	tile*)
-		basic_machine=tile-unknown
+		basic_machine=$basic_machine-unknown
 		os=-linux-gnu
 		;;
 	tx39)
@@ -1140,6 +1212,9 @@ case $basic_machine in
 	xps | xps100)
 		basic_machine=xps100-honeywell
 		;;
+	xscale-* | xscalee[bl]-*)
+		basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'`
+		;;
 	ymp)
 		basic_machine=ymp-cray
 		os=-unicos
@@ -1237,9 +1312,12 @@ esac
 if [ x"$os" != x"" ]
 then
 case $os in
-        # First match some system type aliases
-        # that might get confused with valid system types.
+	# First match some system type aliases
+	# that might get confused with valid system types.
 	# -solaris* is a basic system type, with this one exception.
+	-auroraux)
+		os=-auroraux
+		;;
 	-solaris1 | -solaris1.*)
 		os=`echo $os | sed -e 's|solaris1|sunos4|'`
 		;;
@@ -1260,9 +1338,9 @@ case $os in
 	# Each alternative MUST END IN A *, to match a version number.
 	# -sysv* is not here because it comes later, after sysvr4.
 	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
-	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
-	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
-	      | -kopensolaris* \
+	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
+	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
+	      | -sym* | -kopensolaris* \
 	      | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
 	      | -aos* | -aros* \
 	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
@@ -1274,8 +1352,9 @@ case $os in
 	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
 	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
 	      | -chorusos* | -chorusrdb* | -cegcc* \
-	      | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
-	      | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
+	      | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+	      | -mingw32* | -linux-gnu* | -linux-android* \
+	      | -linux-newlib* | -linux-uclibc* \
 	      | -uxpv* | -beos* | -mpeix* | -udk* \
 	      | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
 	      | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
@@ -1283,7 +1362,7 @@ case $os in
 	      | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
 	      | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
 	      | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
-	      | -skyos* | -haiku* | -rdos* | -toppers* | -drops*)
+	      | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
 	# Remember, each alternative MUST END IN *, to match a version number.
 		;;
 	-qnx*)
@@ -1322,7 +1401,7 @@ case $os in
 	-opened*)
 		os=-openedition
 		;;
-        -os400*)
+	-os400*)
 		os=-os400
 		;;
 	-wince*)
@@ -1371,7 +1450,7 @@ case $os in
 	-sinix*)
 		os=-sysv4
 		;;
-        -tpf*)
+	-tpf*)
 		os=-tpf
 		;;
 	-triton*)
@@ -1416,6 +1495,8 @@ case $os in
 	-dicos*)
 		os=-dicos
 		;;
+	-nacl*)
+		;;
 	-none)
 		;;
 	*)
@@ -1438,10 +1519,10 @@ else
 # system, and we'll never get to this point.
 
 case $basic_machine in
-        score-*)
+	score-*)
 		os=-elf
 		;;
-        spu-*)
+	spu-*)
 		os=-elf
 		;;
 	*-acorn)
@@ -1453,8 +1534,17 @@ case $basic_machine in
 	arm*-semi)
 		os=-aout
 		;;
-        c4x-* | tic4x-*)
-        	os=-coff
+	c4x-* | tic4x-*)
+		os=-coff
+		;;
+	tic54x-*)
+		os=-coff
+		;;
+	tic55x-*)
+		os=-coff
+		;;
+	tic6x-*)
+		os=-coff
 		;;
 	# This must come before the *-dec entry.
 	pdp10-*)
@@ -1474,14 +1564,11 @@ case $basic_machine in
 		;;
 	m68000-sun)
 		os=-sunos3
-		# This also exists in the configure program, but was not the
-		# default.
-		# os=-sunos4
 		;;
 	m68*-cisco)
 		os=-aout
 		;;
-        mep-*)
+	mep-*)
 		os=-elf
 		;;
 	mips*-cisco)
@@ -1508,7 +1595,7 @@ case $basic_machine in
 	*-ibm)
 		os=-aix
 		;;
-    	*-knuth)
+	*-knuth)
 		os=-mmixware
 		;;
 	*-wec)
@@ -1613,7 +1700,7 @@ case $basic_machine in
 			-sunos*)
 				vendor=sun
 				;;
-			-aix*)
+			-cnk*|-aix*)
 				vendor=ibm
 				;;
 			-beos*)
diff --git a/configure b/configure
index 26f5f154..b27ea5c0 100755
--- a/configure
+++ b/configure
@@ -1,12 +1,12 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.64 for xmlsec1 1.2.14.
+# Generated by GNU Autoconf 2.69 for xmlsec1 1.2.19.
 #
 # Report bugs to <http://www.aleksey.com/xmlsec>.
 #
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software
-# Foundation, Inc.
+#
+# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
+#
 #
 # This configure script is free software; the Free Software Foundation
 # gives unlimited permission to copy, distribute and modify it.
@@ -89,6 +89,7 @@ fi
 IFS=" ""	$as_nl"
 
 # Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
 case $0 in #((
   *[\\/]* ) as_myself=$0 ;;
   *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@@ -133,6 +134,31 @@ export LANGUAGE
 # CDPATH.
 (unset CDPATH) >/dev/null 2>&1 && unset CDPATH
 
+# Use a proper internal environment variable to ensure we don't fall
+  # into an infinite loop, continuously re-executing ourselves.
+  if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
+    _as_can_reexec=no; export _as_can_reexec;
+    # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+  *v*x* | *x*v* ) as_opts=-vx ;;
+  *v* ) as_opts=-v ;;
+  *x* ) as_opts=-x ;;
+  * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+as_fn_exit 255
+  fi
+  # We don't want this to propagate to other subprocesses.
+          { _as_can_reexec=; unset _as_can_reexec;}
 if test "x$CONFIG_SHELL" = x; then
   as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
   emulate sh
@@ -166,12 +192,21 @@ if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
 else
   exitcode=1; echo positional parameters were not saved.
 fi
-test x\$exitcode = x0 || exit 1"
+test x\$exitcode = x0 || exit 1
+test -x / || exit 1"
   as_suggested="  as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
   as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
   eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
   test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
-test \$(( 1 + 1 )) = 2 || exit 1"
+test \$(( 1 + 1 )) = 2 || exit 1
+
+  test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || (
+    ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+    ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+    ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO
+    PATH=/empty FPATH=/empty; export PATH FPATH
+    test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\
+      || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1"
   if (eval "$as_required") 2>/dev/null; then :
   as_have_required=yes
 else
@@ -211,14 +246,25 @@ IFS=$as_save_IFS
 
 
       if test "x$CONFIG_SHELL" != x; then :
-  # We cannot yet assume a decent shell, so we have to provide a
-	# neutralization value for shells without unset; and this also
-	# works around shells that cannot unset nonexistent variables.
-	BASH_ENV=/dev/null
-	ENV=/dev/null
-	(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
-	export CONFIG_SHELL
-	exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"}
+  export CONFIG_SHELL
+             # We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # ((((
+  *v*x* | *x*v* ) as_opts=-vx ;;
+  *v* ) as_opts=-v ;;
+  *x* ) as_opts=-x ;;
+  * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+exit 255
 fi
 
     if test x$as_have_required = xno; then :
@@ -317,10 +363,18 @@ $as_echo X"$as_dir" |
       test -d "$as_dir" && break
     done
     test -z "$as_dirs" || eval "mkdir $as_dirs"
-  } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
 
 
 } # as_fn_mkdir_p
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+  test -f "$1" && test -x "$1"
+} # as_fn_executable_p
 # as_fn_append VAR VALUE
 # ----------------------
 # Append the text in VALUE to the end of the definition contained in VAR. Take
@@ -357,19 +411,19 @@ else
 fi # as_fn_arith
 
 
-# as_fn_error ERROR [LINENO LOG_FD]
-# ---------------------------------
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
 # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
 # provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with status $?, using 1 if that was 0.
+# script with STATUS, using 1 if that was 0.
 as_fn_error ()
 {
-  as_status=$?; test $as_status -eq 0 && as_status=1
-  if test "$3"; then
-    as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-    $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
   fi
-  $as_echo "$as_me: error: $1" >&2
+  $as_echo "$as_me: error: $2" >&2
   as_fn_exit $as_status
 } # as_fn_error
 
@@ -442,6 +496,10 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits
   chmod +x "$as_me.lineno" ||
     { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
 
+  # If we had to re-execute with $CONFIG_SHELL, we're ensured to have
+  # already done that, so ensure we don't try to do so again and fall
+  # in an infinite loop.  This has already happened in practice.
+  _as_can_reexec=no; export _as_can_reexec
   # Don't try to exec as it changes $[0], causing all sort of problems
   # (the dirname of $[0] is not the place where we might find the
   # original and so on.  Autoconf is especially sensitive to this).
@@ -476,16 +534,16 @@ if (echo >conf$$.file) 2>/dev/null; then
     # ... but there are two gotchas:
     # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
     # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
-    # In both cases, we have to default to `cp -p'.
+    # In both cases, we have to default to `cp -pR'.
     ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
-      as_ln_s='cp -p'
+      as_ln_s='cp -pR'
   elif ln conf$$.file conf$$ 2>/dev/null; then
     as_ln_s=ln
   else
-    as_ln_s='cp -p'
+    as_ln_s='cp -pR'
   fi
 else
-  as_ln_s='cp -p'
+  as_ln_s='cp -pR'
 fi
 rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
 rmdir conf$$.dir 2>/dev/null
@@ -497,28 +555,8 @@ else
   as_mkdir_p=false
 fi
 
-if test -x / >/dev/null 2>&1; then
-  as_test_x='test -x'
-else
-  if ls -dL / >/dev/null 2>&1; then
-    as_ls_L_option=L
-  else
-    as_ls_L_option=
-  fi
-  as_test_x='
-    eval sh -c '\''
-      if test -d "$1"; then
-	test -d "$1/.";
-      else
-	case $1 in #(
-	-*)set "./$1";;
-	esac;
-	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
-	???[sx]*):;;*)false;;esac;fi
-    '\'' sh
-  '
-fi
-as_executable_p=$as_test_x
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
 
 # Sed expression to map a string onto a valid CPP name.
 as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
@@ -526,160 +564,14 @@ as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
 # Sed expression to map a string onto a valid variable name.
 as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
 
-
-
-# Check that we are running under the correct shell.
 SHELL=${CONFIG_SHELL-/bin/sh}
 
-case X$lt_ECHO in
-X*--fallback-echo)
-  # Remove one level of quotation (which was required for Make).
-  ECHO=`echo "$lt_ECHO" | sed 's,\\\\\$\\$0,'$0','`
-  ;;
-esac
 
-ECHO=${lt_ECHO-echo}
-if test "X$1" = X--no-reexec; then
-  # Discard the --no-reexec flag, and continue.
-  shift
-elif test "X$1" = X--fallback-echo; then
-  # Avoid inline document here, it may be left over
-  :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' ; then
-  # Yippee, $ECHO works!
-  :
-else
-  # Restart under the correct shell.
-  exec $SHELL "$0" --no-reexec ${1+"$@"}
-fi
-
-if test "X$1" = X--fallback-echo; then
-  # used as fallback echo
-  shift
-  cat <<_LT_EOF
-$*
-_LT_EOF
-  exit 0
-fi
-
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test -z "$lt_ECHO"; then
-  if test "X${echo_test_string+set}" != Xset; then
-    # find a string as large as possible, as long as the shell can cope with it
-    for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do
-      # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
-      if { echo_test_string=`eval $cmd`; } 2>/dev/null &&
-	 { test "X$echo_test_string" = "X$echo_test_string"; } 2>/dev/null
-      then
-        break
-      fi
-    done
-  fi
-
-  if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-     echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-     test "X$echo_testing_string" = "X$echo_test_string"; then
-    :
-  else
-    # The Solaris, AIX, and Digital Unix default echo programs unquote
-    # backslashes.  This makes it impossible to quote backslashes using
-    #   echo "$something" | sed 's/\\/\\\\/g'
-    #
-    # So, first we look for a working echo in the user's PATH.
-
-    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-    for dir in $PATH /usr/ucb; do
-      IFS="$lt_save_ifs"
-      if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
-         test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        ECHO="$dir/echo"
-        break
-      fi
-    done
-    IFS="$lt_save_ifs"
-
-    if test "X$ECHO" = Xecho; then
-      # We didn't find a better echo, so look for alternatives.
-      if test "X`{ print -r '\t'; } 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`{ print -r "$echo_test_string"; } 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        # This shell has a builtin print -r that does the trick.
-        ECHO='print -r'
-      elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
-	   test "X$CONFIG_SHELL" != X/bin/ksh; then
-        # If we have ksh, try running configure again with it.
-        ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
-        export ORIGINAL_CONFIG_SHELL
-        CONFIG_SHELL=/bin/ksh
-        export CONFIG_SHELL
-        exec $CONFIG_SHELL "$0" --no-reexec ${1+"$@"}
-      else
-        # Try using printf.
-        ECHO='printf %s\n'
-        if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-	   echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-	   test "X$echo_testing_string" = "X$echo_test_string"; then
-	  # Cool, printf works
-	  :
-        elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
-	  export CONFIG_SHELL
-	  SHELL="$CONFIG_SHELL"
-	  export SHELL
-	  ECHO="$CONFIG_SHELL $0 --fallback-echo"
-        elif echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  ECHO="$CONFIG_SHELL $0 --fallback-echo"
-        else
-	  # maybe with a smaller string...
-	  prev=:
-
-	  for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do
-	    if { test "X$echo_test_string" = "X`eval $cmd`"; } 2>/dev/null
-	    then
-	      break
-	    fi
-	    prev="$cmd"
-	  done
-
-	  if test "$prev" != 'sed 50q "$0"'; then
-	    echo_test_string=`eval $prev`
-	    export echo_test_string
-	    exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"}
-	  else
-	    # Oops.  We lost completely, so just stick with echo.
-	    ECHO=echo
-	  fi
-        fi
-      fi
-    fi
-  fi
-fi
-
-# Copy echo and quote the copy suitably for passing to libtool from
-# the Makefile, instead of quoting the original, which is used later.
-lt_ECHO=$ECHO
-if test "X$lt_ECHO" = "X$CONFIG_SHELL $0 --fallback-echo"; then
-   lt_ECHO="$CONFIG_SHELL \\\$\$0 --fallback-echo"
-fi
-
-
-
-
-exec 7<&0 </dev/null 6>&1
+test -n "$DJDIR" || exec 7<&0 </dev/null
+exec 6>&1
 
 # Name of the host.
-# hostname on some systems (SVR3.2, Linux) returns a bogus exit status,
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
 # so uname gets run too.
 ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
 
@@ -698,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='xmlsec1'
 PACKAGE_TARNAME='xmlsec1'
-PACKAGE_VERSION='1.2.14'
-PACKAGE_STRING='xmlsec1 1.2.14'
+PACKAGE_VERSION='1.2.19'
+PACKAGE_STRING='xmlsec1 1.2.19'
 PACKAGE_BUGREPORT='http://www.aleksey.com/xmlsec'
 PACKAGE_URL=''
 
@@ -760,6 +652,8 @@ XMLSEC_NSS_LIBS
 XMLSEC_NSS_CFLAGS
 XMLSEC_GNUTLS_LIBS
 XMLSEC_GNUTLS_CFLAGS
+XMLSEC_GCRYPT_LIBS
+XMLSEC_GCRYPT_CFLAGS
 XMLSEC_OPENSSL_LIBS
 XMLSEC_OPENSSL_CFLAGS
 XMLSEC_LIBDIR
@@ -839,6 +733,13 @@ XMLSEC_NO_GNUTLS_FALSE
 XMLSEC_NO_GNUTLS_TRUE
 GNUTLS_LIBS
 GNUTLS_CFLAGS
+GCRYPT_MIN_VERSION
+GCRYPT_CRYPTO_LIB
+XMLSEC_NO_GCRYPT
+XMLSEC_NO_GCRYPT_FALSE
+XMLSEC_NO_GCRYPT_TRUE
+GCRYPT_LIBS
+GCRYPT_CFLAGS
 MOZILLA_MIN_VERSION
 NSPR_MIN_VERSION
 NSS_MIN_VERSION
@@ -866,12 +767,12 @@ LIBXML_MIN_VERSION
 LIBXML_CONFIG
 LIBXML_LIBS
 LIBXML_CFLAGS
+PKG_CONFIG_LIBDIR
+PKG_CONFIG_PATH
 PKG_CONFIG
-PKG_CONFIG_ENABLED
+PKGCONFIG_PRESENT
 SHAREDLIB_HACK_FALSE
 SHAREDLIB_HACK_TRUE
-ANSI2KNR
-U
 MAN2HTML
 HELP2MAN
 TAR
@@ -883,9 +784,11 @@ OTOOL
 LIPO
 NMEDIT
 DSYMUTIL
-lt_ECHO
+MANIFEST_TOOL
 RANLIB
+ac_ct_AR
 AR
+DLLTOOL
 OBJDUMP
 LN_S
 NM
@@ -901,6 +804,7 @@ CPP
 am__fastdepCC_FALSE
 am__fastdepCC_TRUE
 CCDEPMODE
+am__nodep
 AMDEPBACKSLASH
 AMDEP_FALSE
 AMDEP_TRUE
@@ -914,6 +818,10 @@ CPPFLAGS
 LDFLAGS
 CFLAGS
 CC
+AM_BACKSLASH
+AM_DEFAULT_VERBOSITY
+AM_DEFAULT_V
+AM_V
 MAINT
 MAINTAINER_MODE_FALSE
 MAINTAINER_MODE_TRUE
@@ -997,12 +905,14 @@ ac_subst_files=''
 ac_user_opts='
 enable_option_checking
 enable_maintainer_mode
+enable_silent_rules
 enable_dependency_tracking
 enable_shared
 enable_static
 with_pic
 enable_fast_install
 with_gnu_ld
+with_sysroot
 enable_libtool_lock
 enable_development
 enable_pkgconfig
@@ -1015,8 +925,10 @@ with_nss
 with_nspr
 with_seamonkey_ver
 with_mozilla_ver
+with_gcrypt
 with_gnutls
 enable_mscrypto
+with_default_crypto
 enable_md5
 enable_ripemd160
 enable_sha1
@@ -1039,7 +951,7 @@ enable_apps_crypto_dl
 with_html_dir
 enable_skm
 enable_tmpl_tests
-enable_debuging
+enable_debugging
 enable_profiling
 enable_pedantic
 enable_static_linking
@@ -1054,6 +966,8 @@ LIBS
 CPPFLAGS
 CPP
 PKG_CONFIG
+PKG_CONFIG_PATH
+PKG_CONFIG_LIBDIR
 LIBXML_CFLAGS
 LIBXML_LIBS
 LIBXSLT_CFLAGS
@@ -1062,6 +976,8 @@ OPENSSL_CFLAGS
 OPENSSL_LIBS
 NSS_CFLAGS
 NSS_LIBS
+GCRYPT_CFLAGS
+GCRYPT_LIBS
 GNUTLS_CFLAGS
 GNUTLS_LIBS'
 
@@ -1126,8 +1042,9 @@ do
   fi
 
   case $ac_option in
-  *=*)	ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
-  *)	ac_optarg=yes ;;
+  *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+  *=)   ac_optarg= ;;
+  *)    ac_optarg=yes ;;
   esac
 
   # Accept the important Cygnus configure options, so we can diagnose typos.
@@ -1172,7 +1089,7 @@ do
     ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
     # Reject names that are not valid shell variable names.
     expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error "invalid feature name: $ac_useropt"
+      as_fn_error $? "invalid feature name: $ac_useropt"
     ac_useropt_orig=$ac_useropt
     ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
     case $ac_user_opts in
@@ -1198,7 +1115,7 @@ do
     ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
     # Reject names that are not valid shell variable names.
     expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error "invalid feature name: $ac_useropt"
+      as_fn_error $? "invalid feature name: $ac_useropt"
     ac_useropt_orig=$ac_useropt
     ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
     case $ac_user_opts in
@@ -1402,7 +1319,7 @@ do
     ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
     # Reject names that are not valid shell variable names.
     expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error "invalid package name: $ac_useropt"
+      as_fn_error $? "invalid package name: $ac_useropt"
     ac_useropt_orig=$ac_useropt
     ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
     case $ac_user_opts in
@@ -1418,7 +1335,7 @@ do
     ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
     # Reject names that are not valid shell variable names.
     expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error "invalid package name: $ac_useropt"
+      as_fn_error $? "invalid package name: $ac_useropt"
     ac_useropt_orig=$ac_useropt
     ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
     case $ac_user_opts in
@@ -1448,8 +1365,8 @@ do
   | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
     x_libraries=$ac_optarg ;;
 
-  -*) as_fn_error "unrecognized option: \`$ac_option'
-Try \`$0 --help' for more information."
+  -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
     ;;
 
   *=*)
@@ -1457,7 +1374,7 @@ Try \`$0 --help' for more information."
     # Reject names that are not valid shell variable names.
     case $ac_envvar in #(
       '' | [0-9]* | *[!_$as_cr_alnum]* )
-      as_fn_error "invalid variable name: \`$ac_envvar'" ;;
+      as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
     esac
     eval $ac_envvar=\$ac_optarg
     export $ac_envvar ;;
@@ -1467,7 +1384,7 @@ Try \`$0 --help' for more information."
     $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
     expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
       $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
-    : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}
+    : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
     ;;
 
   esac
@@ -1475,13 +1392,13 @@ done
 
 if test -n "$ac_prev"; then
   ac_option=--`echo $ac_prev | sed 's/_/-/g'`
-  as_fn_error "missing argument to $ac_option"
+  as_fn_error $? "missing argument to $ac_option"
 fi
 
 if test -n "$ac_unrecognized_opts"; then
   case $enable_option_checking in
     no) ;;
-    fatal) as_fn_error "unrecognized options: $ac_unrecognized_opts" ;;
+    fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
     *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
   esac
 fi
@@ -1504,7 +1421,7 @@ do
     [\\/$]* | ?:[\\/]* )  continue;;
     NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
   esac
-  as_fn_error "expected an absolute directory name for --$ac_var: $ac_val"
+  as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
 done
 
 # There might be people who depend on the old broken behavior: `$host'
@@ -1518,8 +1435,6 @@ target=$target_alias
 if test "x$host_alias" != x; then
   if test "x$build_alias" = x; then
     cross_compiling=maybe
-    $as_echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host.
-    If a cross compiler is detected then cross compile mode will be used." >&2
   elif test "x$build_alias" != "x$host_alias"; then
     cross_compiling=yes
   fi
@@ -1534,9 +1449,9 @@ test "$silent" = yes && exec 6>/dev/null
 ac_pwd=`pwd` && test -n "$ac_pwd" &&
 ac_ls_di=`ls -di .` &&
 ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
-  as_fn_error "working directory cannot be determined"
+  as_fn_error $? "working directory cannot be determined"
 test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
-  as_fn_error "pwd does not report name of working directory"
+  as_fn_error $? "pwd does not report name of working directory"
 
 
 # Find the source files, if location was not specified.
@@ -1575,11 +1490,11 @@ else
 fi
 if test ! -r "$srcdir/$ac_unique_file"; then
   test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
-  as_fn_error "cannot find sources ($ac_unique_file) in $srcdir"
+  as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
 fi
 ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
 ac_abs_confdir=`(
-	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error "$ac_msg"
+	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
 	pwd)`
 # When building in place, set srcdir=.
 if test "$ac_abs_confdir" = "$ac_pwd"; then
@@ -1605,7 +1520,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures xmlsec1 1.2.14 to adapt to many kinds of systems.
+\`configure' configures xmlsec1 1.2.19 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1619,7 +1534,7 @@ Configuration:
       --help=short        display options specific to this package
       --help=recursive    display the short help of all the included packages
   -V, --version           display version information and exit
-  -q, --quiet, --silent   do not print \`checking...' messages
+  -q, --quiet, --silent   do not print \`checking ...' messages
       --cache-file=FILE   cache test results in FILE [disabled]
   -C, --config-cache      alias for \`--cache-file=config.cache'
   -n, --no-create         do not create output files
@@ -1675,7 +1590,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of xmlsec1 1.2.14:";;
+     short | recursive ) echo "Configuration of xmlsec1 1.2.19:";;
    esac
   cat <<\_ACEOF
 
@@ -1685,6 +1600,8 @@ Optional Features:
   --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
   --enable-maintainer-mode  enable make rules and dependencies not useful
 			  (and sometimes confusing) to the casual installer
+  --enable-silent-rules          less verbose build output (undo: `make V=1')
+  --disable-silent-rules         verbose build output (undo: `make V=0')
   --disable-dependency-tracking  speeds up one-time build
   --enable-dependency-tracking   do not reject slow dependency extractors
   --enable-shared[=PKGS]  build shared libraries [default=yes]
@@ -1716,7 +1633,7 @@ Optional Features:
   --enable-apps-crypto-dl  enable dynamic loading support for xmlsec-crypto libraries in xmlsec command line tool (yes)
   --enable-skm            enable Simple Keys Manager testing (yes)
   --enable-tmpl-tests     enable templates testing in xmlsec utility (yes)
-  --enable-debuging       enable debuging compilation flags (no)
+  --enable-debugging      enable debugging compilation flags (no)
   --enable-profiling      enable profiling compilation flags (no)
   --enable-pedantic       enable pedantic compilation flags (no)
   --enable-static-linking enable static linking (no)
@@ -1724,9 +1641,11 @@ Optional Features:
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
   --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
-  --with-pic              try to use only PIC/non-PIC objects [default=use
+  --with-pic[=PKGS]       try to use only PIC/non-PIC objects [default=use
                           both]
   --with-gnu-ld           assume the C compiler uses GNU ld [default=no]
+  --with-sysroot=DIR Search for dependent libraries within DIR
+                        (or the compiler's sysroot if not specified).
   --with-libxml=PFX       libxml2 location
 
   --with-libxml-src=PFX   not installed yet libxml2 location
@@ -1740,7 +1659,9 @@ Optional Packages:
   --with-nspr=PFX         nspr location (needed for NSS)
   --with-seamonkey-ver=VER  mozilla version (alt to --with-nss, --with-nspr)
   --with-mozilla-ver=VER  mozilla version (alt to --with-nss, --with-nspr)
+  --with-gcrypt=PFX       gcrypt location
   --with-gnutls=PFX       gnutls location
+  --with-default-crypto=name default crypto name
   --with-html-dir=PATH    path to installed docs
 
 Some influential environment variables:
@@ -1749,10 +1670,14 @@ Some influential environment variables:
   LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
               nonstandard directory <lib dir>
   LIBS        libraries to pass to the linker, e.g. -l<library>
-  CPPFLAGS    C/C++/Objective C preprocessor flags, e.g. -I<include dir> if
+  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
               you have headers in a nonstandard directory <include dir>
   CPP         C preprocessor
   PKG_CONFIG  path to pkg-config utility
+  PKG_CONFIG_PATH
+              directories to add to pkg-config's search path
+  PKG_CONFIG_LIBDIR
+              path overriding pkg-config's built-in search path
   LIBXML_CFLAGS
               C compiler flags for LIBXML, overriding pkg-config
   LIBXML_LIBS linker flags for LIBXML, overriding pkg-config
@@ -1766,6 +1691,9 @@ Some influential environment variables:
               linker flags for OPENSSL, overriding pkg-config
   NSS_CFLAGS  C compiler flags for NSS, overriding pkg-config
   NSS_LIBS    linker flags for NSS, overriding pkg-config
+  GCRYPT_CFLAGS
+              C compiler flags for GCRYPT, overriding pkg-config
+  GCRYPT_LIBS linker flags for GCRYPT, overriding pkg-config
   GNUTLS_CFLAGS
               C compiler flags for GNUTLS, overriding pkg-config
   GNUTLS_LIBS linker flags for GNUTLS, overriding pkg-config
@@ -1836,10 +1764,10 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-xmlsec1 configure 1.2.14
-generated by GNU Autoconf 2.64
+xmlsec1 configure 1.2.19
+generated by GNU Autoconf 2.69
 
-Copyright (C) 2009 Free Software Foundation, Inc.
+Copyright (C) 2012 Free Software Foundation, Inc.
 This configure script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it.
 _ACEOF
@@ -1883,8 +1811,8 @@ sed 's/^/| /' conftest.$ac_ext >&5
 
 	ac_retval=1
 fi
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
-  return $ac_retval
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
 
 } # ac_fn_c_try_compile
 
@@ -1909,7 +1837,7 @@ $as_echo "$ac_try_echo"; } >&5
     mv -f conftest.er1 conftest.err
   fi
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; } >/dev/null && {
+  test $ac_status = 0; } > conftest.i && {
 	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
 	 test ! -s conftest.err
        }; then :
@@ -1920,8 +1848,8 @@ sed 's/^/| /' conftest.$ac_ext >&5
 
     ac_retval=1
 fi
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
-  return $ac_retval
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
 
 } # ac_fn_c_try_cpp
 
@@ -1962,8 +1890,8 @@ sed 's/^/| /' conftest.$ac_ext >&5
        ac_retval=$ac_status
 fi
   rm -rf conftest.dSYM conftest_ipa8_conftest.oo
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
-  return $ac_retval
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
 
 } # ac_fn_c_try_run
 
@@ -1994,7 +1922,7 @@ $as_echo "$ac_try_echo"; } >&5
 	 test ! -s conftest.err
        } && test -s conftest$ac_exeext && {
 	 test "$cross_compiling" = yes ||
-	 $as_test_x conftest$ac_exeext
+	 test -x conftest$ac_exeext
        }; then :
   ac_retval=0
 else
@@ -2008,8 +1936,8 @@ fi
   # interfere with the next link command; also delete a directory that is
   # left behind by Apple's compiler.  We do this before executing the actions.
   rm -rf conftest.dSYM conftest_ipa8_conftest.oo
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
-  return $ac_retval
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
 
 } # ac_fn_c_try_link
 
@@ -2022,7 +1950,7 @@ ac_fn_c_check_header_compile ()
   as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
 $as_echo_n "checking for $2... " >&6; }
-if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${$3+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -2040,7 +1968,7 @@ fi
 eval ac_res=\$$3
 	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
 $as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
 
 } # ac_fn_c_check_header_compile
 
@@ -2052,7 +1980,7 @@ ac_fn_c_check_func ()
   as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
 $as_echo_n "checking for $2... " >&6; }
-if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${$3+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -2107,7 +2035,7 @@ fi
 eval ac_res=\$$3
 	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
 $as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
 
 } # ac_fn_c_check_func
 
@@ -2119,10 +2047,10 @@ $as_echo "$ac_res" >&6; }
 ac_fn_c_check_header_mongrel ()
 {
   as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then :
+  if eval \${$3+:} false; then :
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
 $as_echo_n "checking for $2... " >&6; }
-if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${$3+:} false; then :
   $as_echo_n "(cached) " >&6
 fi
 eval ac_res=\$$3
@@ -2158,7 +2086,7 @@ if ac_fn_c_try_cpp "$LINENO"; then :
 else
   ac_header_preproc=no
 fi
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.err conftest.i conftest.$ac_ext
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
 $as_echo "$ac_header_preproc" >&6; }
 
@@ -2181,17 +2109,15 @@ $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
 $as_echo "$as_me: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&2;}
     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
-( cat <<\_ASBOX
-## -------------------------------------------- ##
+( $as_echo "## -------------------------------------------- ##
 ## Report this to http://www.aleksey.com/xmlsec ##
-## -------------------------------------------- ##
-_ASBOX
+## -------------------------------------------- ##"
      ) | sed "s/^/$as_me: WARNING:     /" >&2
     ;;
 esac
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
 $as_echo_n "checking for $2... " >&6; }
-if { as_var=$3; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${$3+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   eval "$3=\$ac_header_compiler"
@@ -2200,7 +2126,7 @@ eval ac_res=\$$3
 	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
 $as_echo "$ac_res" >&6; }
 fi
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
 
 } # ac_fn_c_check_header_mongrel
 
@@ -2221,7 +2147,8 @@ int
 main ()
 {
 static int test_array [1 - 2 * !(($2) >= 0)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
 
   ;
   return 0;
@@ -2237,7 +2164,8 @@ int
 main ()
 {
 static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
 
   ;
   return 0;
@@ -2263,7 +2191,8 @@ int
 main ()
 {
 static int test_array [1 - 2 * !(($2) < 0)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
 
   ;
   return 0;
@@ -2279,7 +2208,8 @@ int
 main ()
 {
 static int test_array [1 - 2 * !(($2) >= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
 
   ;
   return 0;
@@ -2313,7 +2243,8 @@ int
 main ()
 {
 static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0
+test_array [0] = 0;
+return test_array [0];
 
   ;
   return 0;
@@ -2377,16 +2308,16 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
 rm -f conftest.val
 
   fi
-  eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;}
-  return $ac_retval
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
 
 } # ac_fn_c_compute_int
 cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by xmlsec1 $as_me 1.2.14, which was
-generated by GNU Autoconf 2.64.  Invocation command line was
+It was created by xmlsec1 $as_me 1.2.19, which was
+generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
 
@@ -2496,11 +2427,9 @@ trap 'exit_status=$?
   {
     echo
 
-    cat <<\_ASBOX
-## ---------------- ##
+    $as_echo "## ---------------- ##
 ## Cache variables. ##
-## ---------------- ##
-_ASBOX
+## ---------------- ##"
     echo
     # The following way of writing the cache mishandles newlines in values,
 (
@@ -2534,11 +2463,9 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
 )
     echo
 
-    cat <<\_ASBOX
-## ----------------- ##
+    $as_echo "## ----------------- ##
 ## Output variables. ##
-## ----------------- ##
-_ASBOX
+## ----------------- ##"
     echo
     for ac_var in $ac_subst_vars
     do
@@ -2551,11 +2478,9 @@ _ASBOX
     echo
 
     if test -n "$ac_subst_files"; then
-      cat <<\_ASBOX
-## ------------------- ##
+      $as_echo "## ------------------- ##
 ## File substitutions. ##
-## ------------------- ##
-_ASBOX
+## ------------------- ##"
       echo
       for ac_var in $ac_subst_files
       do
@@ -2569,11 +2494,9 @@ _ASBOX
     fi
 
     if test -s confdefs.h; then
-      cat <<\_ASBOX
-## ----------- ##
+      $as_echo "## ----------- ##
 ## confdefs.h. ##
-## ----------- ##
-_ASBOX
+## ----------- ##"
       echo
       cat confdefs.h
       echo
@@ -2628,7 +2551,12 @@ _ACEOF
 ac_site_file1=NONE
 ac_site_file2=NONE
 if test -n "$CONFIG_SITE"; then
-  ac_site_file1=$CONFIG_SITE
+  # We do not want a PATH search for config.site.
+  case $CONFIG_SITE in #((
+    -*)  ac_site_file1=./$CONFIG_SITE;;
+    */*) ac_site_file1=$CONFIG_SITE;;
+    *)   ac_site_file1=./$CONFIG_SITE;;
+  esac
 elif test "x$prefix" != xNONE; then
   ac_site_file1=$prefix/share/config.site
   ac_site_file2=$prefix/etc/config.site
@@ -2639,18 +2567,22 @@ fi
 for ac_site_file in "$ac_site_file1" "$ac_site_file2"
 do
   test "x$ac_site_file" = xNONE && continue
-  if test -r "$ac_site_file"; then
+  if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
 $as_echo "$as_me: loading site script $ac_site_file" >&6;}
     sed 's/^/| /' "$ac_site_file" >&5
-    . "$ac_site_file"
+    . "$ac_site_file" \
+      || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "$LINENO" 5; }
   fi
 done
 
 if test -r "$cache_file"; then
-  # Some versions of bash will fail to source /dev/null (special
-  # files actually), so we avoid doing that.
-  if test -f "$cache_file"; then
+  # Some versions of bash will fail to source /dev/null (special files
+  # actually), so we avoid doing that.  DJGPP emulates it as a regular file.
+  if test /dev/null != "$cache_file" && test -f "$cache_file"; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
 $as_echo "$as_me: loading cache $cache_file" >&6;}
     case $cache_file in
@@ -2719,7 +2651,7 @@ if $ac_cache_corrupted; then
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
   { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
-  as_fn_error "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
+  as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
 fi
 ## -------------------- ##
 ## Main body of script. ##
@@ -2736,7 +2668,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 XMLSEC_PACKAGE=xmlsec1
 XMLSEC_VERSION_MAJOR=1
 XMLSEC_VERSION_MINOR=2
-XMLSEC_VERSION_SUBMINOR=14
+XMLSEC_VERSION_SUBMINOR=19
 XMLSEC_VERSION="$XMLSEC_VERSION_MAJOR.$XMLSEC_VERSION_MINOR.$XMLSEC_VERSION_SUBMINOR"
 XMLSEC_VERSION_INFO=`echo $XMLSEC_VERSION | awk -F. '{ printf "%d:%d:%d", $1+$2, $3, $2 }'`
 XMLSEC_VERSION_SAFE=`echo $XMLSEC_VERSION | sed 's/\./_/g'`
@@ -2744,16 +2676,22 @@ XMLSEC_VERSION_SAFE=`echo $XMLSEC_VERSION | sed 's/\./_/g'`
 
 ac_aux_dir=
 for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
-  for ac_t in install-sh install.sh shtool; do
-    if test -f "$ac_dir/$ac_t"; then
-      ac_aux_dir=$ac_dir
-      ac_install_sh="$ac_aux_dir/$ac_t -c"
-      break 2
-    fi
-  done
+  if test -f "$ac_dir/install-sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install-sh -c"
+    break
+  elif test -f "$ac_dir/install.sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install.sh -c"
+    break
+  elif test -f "$ac_dir/shtool"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/shtool install -c"
+    break
+  fi
 done
 if test -z "$ac_aux_dir"; then
-  as_fn_error "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
+  as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
 fi
 
 # These three variables are undocumented and unsupported,
@@ -2767,27 +2705,27 @@ ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
 
 # Make sure we can run config.sub.
 $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
-  as_fn_error "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
+  as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
 $as_echo_n "checking build system type... " >&6; }
-if test "${ac_cv_build+set}" = set; then :
+if ${ac_cv_build+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_build_alias=$build_alias
 test "x$ac_build_alias" = x &&
   ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
 test "x$ac_build_alias" = x &&
-  as_fn_error "cannot guess build type; you must specify one" "$LINENO" 5
+  as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
-  as_fn_error "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
+  as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
 
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
 $as_echo "$ac_cv_build" >&6; }
 case $ac_cv_build in
 *-*-*) ;;
-*) as_fn_error "invalid value of canonical build" "$LINENO" 5;;
+*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
 esac
 build=$ac_cv_build
 ac_save_IFS=$IFS; IFS='-'
@@ -2805,14 +2743,14 @@ case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
 $as_echo_n "checking host system type... " >&6; }
-if test "${ac_cv_host+set}" = set; then :
+if ${ac_cv_host+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test "x$host_alias" = x; then
   ac_cv_host=$ac_cv_build
 else
   ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
-    as_fn_error "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
+    as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
 fi
 
 fi
@@ -2820,7 +2758,7 @@ fi
 $as_echo "$ac_cv_host" >&6; }
 case $ac_cv_host in
 *-*-*) ;;
-*) as_fn_error "invalid value of canonical host" "$LINENO" 5;;
+*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
 esac
 host=$ac_cv_host
 ac_save_IFS=$IFS; IFS='-'
@@ -2865,7 +2803,7 @@ am__api_version='1.11'
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
 $as_echo_n "checking for a BSD-compatible install... " >&6; }
 if test -z "$INSTALL"; then
-if test "${ac_cv_path_install+set}" = set; then :
+if ${ac_cv_path_install+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@@ -2885,7 +2823,7 @@ case $as_dir/ in #((
     # by default.
     for ac_prog in ginstall scoinst install; do
       for ac_exec_ext in '' $ac_executable_extensions; do
-	if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
+	if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
 	  if test $ac_prog = install &&
 	    grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
 	    # AIX install.  It has an incompatible calling convention.
@@ -2952,11 +2890,11 @@ am_lf='
 '
 case `pwd` in
   *[\\\"\#\$\&\'\`$am_lf]*)
-    as_fn_error "unsafe absolute working directory name" "$LINENO" 5;;
+    as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;;
 esac
 case $srcdir in
   *[\\\"\#\$\&\'\`$am_lf\ \	]*)
-    as_fn_error "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;;
+    as_fn_error $? "unsafe srcdir value: \`$srcdir'" "$LINENO" 5;;
 esac
 
 # Do `set' in a subshell so we don't clobber the current shell's
@@ -2978,7 +2916,7 @@ if (
       # if, for instance, CONFIG_SHELL is bash and it inherits a
       # broken ls alias from the environment.  This has actually
       # happened.  Such a system could not be considered "sane".
-      as_fn_error "ls -t appears to fail.  Make sure there is not a broken
+      as_fn_error $? "ls -t appears to fail.  Make sure there is not a broken
 alias in your environment" "$LINENO" 5
    fi
 
@@ -2988,7 +2926,7 @@ then
    # Ok.
    :
 else
-   as_fn_error "newly created file is older than distributed files!
+   as_fn_error $? "newly created file is older than distributed files!
 Check your system clock" "$LINENO" 5
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
@@ -3042,7 +2980,7 @@ if test "$cross_compiling" != no; then
 set dummy ${ac_tool_prefix}strip; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_STRIP+set}" = set; then :
+if ${ac_cv_prog_STRIP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$STRIP"; then
@@ -3054,7 +2992,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_STRIP="${ac_tool_prefix}strip"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3082,7 +3020,7 @@ if test -z "$ac_cv_prog_STRIP"; then
 set dummy strip; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then :
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_STRIP"; then
@@ -3094,7 +3032,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_STRIP="strip"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3135,7 +3073,7 @@ INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s"
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5
 $as_echo_n "checking for a thread-safe mkdir -p... " >&6; }
 if test -z "$MKDIR_P"; then
-  if test "${ac_cv_path_mkdir+set}" = set; then :
+  if ${ac_cv_path_mkdir+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@@ -3145,7 +3083,7 @@ do
   test -z "$as_dir" && as_dir=.
     for ac_prog in mkdir gmkdir; do
 	 for ac_exec_ext in '' $ac_executable_extensions; do
-	   { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue
+	   as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue
 	   case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #(
 	     'mkdir (GNU coreutils) '* | \
 	     'mkdir (coreutils) '* | \
@@ -3160,6 +3098,7 @@ IFS=$as_save_IFS
 
 fi
 
+  test -d ./--version && rmdir ./--version
   if test "${ac_cv_path_mkdir+set}" = set; then
     MKDIR_P="$ac_cv_path_mkdir -p"
   else
@@ -3167,7 +3106,6 @@ fi
     # value for MKDIR_P within a source directory, because that will
     # break other packages using the cache if that directory is
     # removed, or if the value is a relative name.
-    test -d ./--version && rmdir ./--version
     MKDIR_P="$ac_install_sh -d"
   fi
 fi
@@ -3186,7 +3124,7 @@ do
 set dummy $ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_AWK+set}" = set; then :
+if ${ac_cv_prog_AWK+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$AWK"; then
@@ -3198,7 +3136,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_AWK="$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3226,7 +3164,7 @@ done
 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
 set x ${MAKE-make}
 ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
-if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat >conftest.make <<\_ACEOF
@@ -3234,7 +3172,7 @@ SHELL = /bin/sh
 all:
 	@echo '@@@%%%=$(MAKE)=@@@%%%'
 _ACEOF
-# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
 case `${MAKE-make} -f conftest.make 2>/dev/null` in
   *@@@%%%=?*=@@@%%%*)
     eval ac_cv_prog_make_${ac_make}_set=yes;;
@@ -3268,7 +3206,7 @@ if test "`cd $srcdir && pwd`" != "`pwd`"; then
   am__isrc=' -I$(srcdir)'
   # test to see if srcdir already configured
   if test -f $srcdir/config.status; then
-    as_fn_error "source directory already configured; run \"make distclean\" there first" "$LINENO" 5
+    as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5
   fi
 fi
 
@@ -3284,7 +3222,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='xmlsec1'
- VERSION='1.2.14'
+ VERSION='1.2.19'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -3314,9 +3252,9 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
 
 # We need awk for the "check" target.  The system "awk" is bad on
 # some platforms.
-# Always define AMTAR for backward compatibility.
-
-AMTAR=${AMTAR-"${am_missing_run}tar"}
+# Always define AMTAR for backward compatibility.  Yes, it's still used
+# in the wild :-(  We should find a proper way to deprecate it ...
+AMTAR='$${TAR-tar}'
 
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to create a ustar tar archive" >&5
@@ -3392,7 +3330,7 @@ do
 done
 rm -rf conftest.dir
 
-if test "${am_cv_prog_tar_ustar+set}" = set; then :
+if ${am_cv_prog_tar_ustar+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   am_cv_prog_tar_ustar=$_am_tool
@@ -3431,6 +3369,49 @@ fi
 
 
 
+# Support silent build rules, requires at least automake-1.11. Disable
+# by either passing --disable-silent-rules to configure or passing V=1
+# to make
+# Check whether --enable-silent-rules was given.
+if test "${enable_silent_rules+set}" = set; then :
+  enableval=$enable_silent_rules;
+fi
+
+case $enable_silent_rules in
+yes) AM_DEFAULT_VERBOSITY=0;;
+no)  AM_DEFAULT_VERBOSITY=1;;
+*)   AM_DEFAULT_VERBOSITY=0;;
+esac
+am_make=${MAKE-make}
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5
+$as_echo_n "checking whether $am_make supports nested variables... " >&6; }
+if ${am_cv_make_support_nested_variables+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if $as_echo 'TRUE=$(BAR$(V))
+BAR0=false
+BAR1=true
+V=1
+am__doit:
+	@$(TRUE)
+.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then
+  am_cv_make_support_nested_variables=yes
+else
+  am_cv_make_support_nested_variables=no
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5
+$as_echo "$am_cv_make_support_nested_variables" >&6; }
+if test $am_cv_make_support_nested_variables = yes; then
+    AM_V='$(V)'
+  AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)'
+else
+  AM_V=$AM_DEFAULT_VERBOSITY
+  AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY
+fi
+AM_BACKSLASH='\'
+
+
 ac_ext=c
 ac_cpp='$CPP $CPPFLAGS'
 ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
@@ -3441,7 +3422,7 @@ if test -n "$ac_tool_prefix"; then
 set dummy ${ac_tool_prefix}gcc; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_CC+set}" = set; then :
+if ${ac_cv_prog_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$CC"; then
@@ -3453,7 +3434,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_CC="${ac_tool_prefix}gcc"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3481,7 +3462,7 @@ if test -z "$ac_cv_prog_CC"; then
 set dummy gcc; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then :
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_CC"; then
@@ -3493,7 +3474,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_CC="gcc"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3534,7 +3515,7 @@ if test -z "$CC"; then
 set dummy ${ac_tool_prefix}cc; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_CC+set}" = set; then :
+if ${ac_cv_prog_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$CC"; then
@@ -3546,7 +3527,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_CC="${ac_tool_prefix}cc"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3574,7 +3555,7 @@ if test -z "$CC"; then
 set dummy cc; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_CC+set}" = set; then :
+if ${ac_cv_prog_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$CC"; then
@@ -3587,7 +3568,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
        ac_prog_rejected=yes
        continue
@@ -3633,7 +3614,7 @@ if test -z "$CC"; then
 set dummy $ac_tool_prefix$ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_CC+set}" = set; then :
+if ${ac_cv_prog_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$CC"; then
@@ -3645,7 +3626,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3677,7 +3658,7 @@ do
 set dummy $ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_CC+set}" = set; then :
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_CC"; then
@@ -3689,7 +3670,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_CC="$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -3731,8 +3712,8 @@ fi
 
 test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error "no acceptable C compiler found in \$PATH
-See \`config.log' for more details." "$LINENO" 5; }
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
 
 # Provide some information about the compiler.
 $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
@@ -3753,32 +3734,30 @@ $as_echo "$ac_try_echo"; } >&5
 ... rest of stderr output deleted ...
          10q' conftest.err >conftest.er1
     cat conftest.er1 >&5
-    rm -f conftest.er1 conftest.err
   fi
+  rm -f conftest.er1 conftest.err
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }
 done
 
 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
-#include <stdio.h>
+
 int
 main ()
 {
-FILE *f = fopen ("conftest.out", "w");
- return ferror (f) || fclose (f) != 0;
 
   ;
   return 0;
 }
 _ACEOF
 ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out conftest.out"
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
 # Try to create an executable without -o first, disregard a.out.
 # It will help us diagnose broken compilers, and finding out an intuition
 # of exeext.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
-$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
+$as_echo_n "checking whether the C compiler works... " >&6; }
 ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
 
 # The possible output files:
@@ -3840,62 +3819,28 @@ test "$ac_cv_exeext" = no && ac_cv_exeext=
 else
   ac_file=''
 fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
-$as_echo "$ac_file" >&6; }
 if test -z "$ac_file"; then :
-  $as_echo "$as_me: failed program was:" >&5
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+$as_echo "$as_me: failed program was:" >&5
 sed 's/^/| /' conftest.$ac_ext >&5
 
 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-{ as_fn_set_status 77
-as_fn_error "C compiler cannot create executables
-See \`config.log' for more details." "$LINENO" 5; }; }
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
 fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
+$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
+$as_echo "$ac_file" >&6; }
 ac_exeext=$ac_cv_exeext
 
-# Check that the compiler produces executables we can run.  If not, either
-# the compiler is broken, or we cross compile.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
-$as_echo_n "checking whether the C compiler works... " >&6; }
-# If not cross compiling, check that we can run a simple program.
-if test "$cross_compiling" != yes; then
-  if { ac_try='./$ac_file'
-  { { case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_try") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; }; then
-    cross_compiling=no
-  else
-    if test "$cross_compiling" = maybe; then
-	cross_compiling=yes
-    else
-	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error "cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details." "$LINENO" 5; }
-    fi
-  fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out conftest.out
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
 ac_clean_files=$ac_clean_files_save
-# Check that the compiler produces executables we can run.  If not, either
-# the compiler is broken, or we cross compile.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
-$as_echo_n "checking whether we are cross compiling... " >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
-$as_echo "$cross_compiling" >&6; }
-
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
 $as_echo_n "checking for suffix of executables... " >&6; }
 if { { ac_try="$ac_link"
@@ -3925,19 +3870,78 @@ done
 else
   { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error "cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details." "$LINENO" 5; }
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "$LINENO" 5; }
 fi
-rm -f conftest$ac_cv_exeext
+rm -f conftest conftest$ac_cv_exeext
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
 $as_echo "$ac_cv_exeext" >&6; }
 
 rm -f conftest.$ac_ext
 EXEEXT=$ac_cv_exeext
 ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdio.h>
+int
+main ()
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run.  If not, either
+# the compiler is broken, or we cross compile.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
+$as_echo_n "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+  { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+  if { ac_try='./conftest$ac_cv_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then
+    cross_compiling=no
+  else
+    if test "$cross_compiling" = maybe; then
+	cross_compiling=yes
+    else
+	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "$LINENO" 5; }
+    fi
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
+$as_echo "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
 $as_echo_n "checking for suffix of object files... " >&6; }
-if test "${ac_cv_objext+set}" = set; then :
+if ${ac_cv_objext+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -3977,8 +3981,8 @@ sed 's/^/| /' conftest.$ac_ext >&5
 
 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error "cannot compute suffix of object files: cannot compile
-See \`config.log' for more details." "$LINENO" 5; }
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "$LINENO" 5; }
 fi
 rm -f conftest.$ac_cv_objext conftest.$ac_ext
 fi
@@ -3988,7 +3992,7 @@ OBJEXT=$ac_cv_objext
 ac_objext=$OBJEXT
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if test "${ac_cv_c_compiler_gnu+set}" = set; then :
+if ${ac_cv_c_compiler_gnu+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -4025,7 +4029,7 @@ ac_test_CFLAGS=${CFLAGS+set}
 ac_save_CFLAGS=$CFLAGS
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
 $as_echo_n "checking whether $CC accepts -g... " >&6; }
-if test "${ac_cv_prog_cc_g+set}" = set; then :
+if ${ac_cv_prog_cc_g+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_save_c_werror_flag=$ac_c_werror_flag
@@ -4103,7 +4107,7 @@ else
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if test "${ac_cv_prog_cc_c89+set}" = set; then :
+if ${ac_cv_prog_cc_c89+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_cv_prog_cc_c89=no
@@ -4112,8 +4116,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 #include <stdarg.h>
 #include <stdio.h>
-#include <sys/types.h>
-#include <sys/stat.h>
+struct stat;
 /* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
 struct buf { int x; };
 FILE * (*rcsopen) (struct buf *, struct stat *, int);
@@ -4249,6 +4252,7 @@ fi
 if test "x$enable_dependency_tracking" != xno; then
   am_depcomp="$ac_aux_dir/depcomp"
   AMDEPBACKSLASH='\'
+  am__nodep='_no'
 fi
  if test "x$enable_dependency_tracking" != xno; then
   AMDEP_TRUE=
@@ -4264,7 +4268,7 @@ depcc="$CC"   am_compiler_list=
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5
 $as_echo_n "checking dependency style of $depcc... " >&6; }
-if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then :
+if ${am_cv_CC_dependencies_compiler_type+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then
@@ -4273,6 +4277,7 @@ else
   # instance it was reported that on HP-UX the gcc test will end up
   # making a dummy file named `D' -- because `-MD' means `put the output
   # in D'.
+  rm -rf conftest.dir
   mkdir conftest.dir
   # Copy depcomp to subdir because otherwise we won't find it if we're
   # using a relative directory.
@@ -4332,7 +4337,7 @@ else
 	break
       fi
       ;;
-    msvisualcpp | msvcmsys)
+    msvc7 | msvc7msys | msvisualcpp | msvcmsys)
       # This compiler won't grok `-c -o', but also, the minuso test has
       # not run yet.  These depmodes are late enough in the game, and
       # so weak that their functioning should not be impacted.
@@ -4401,7 +4406,7 @@ if test -n "$CPP" && test -d "$CPP"; then
   CPP=
 fi
 if test -z "$CPP"; then
-  if test "${ac_cv_prog_CPP+set}" = set; then :
+  if ${ac_cv_prog_CPP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
       # Double quotes because CPP needs to be expanded
@@ -4431,7 +4436,7 @@ else
   # Broken: fails on valid input.
 continue
 fi
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.err conftest.i conftest.$ac_ext
 
   # OK, works on sane cases.  Now check whether nonexistent headers
   # can be detected and how.
@@ -4447,11 +4452,11 @@ else
 ac_preproc_ok=:
 break
 fi
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.err conftest.i conftest.$ac_ext
 
 done
 # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.i conftest.err conftest.$ac_ext
 if $ac_preproc_ok; then :
   break
 fi
@@ -4490,7 +4495,7 @@ else
   # Broken: fails on valid input.
 continue
 fi
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.err conftest.i conftest.$ac_ext
 
   # OK, works on sane cases.  Now check whether nonexistent headers
   # can be detected and how.
@@ -4506,18 +4511,18 @@ else
 ac_preproc_ok=:
 break
 fi
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.err conftest.i conftest.$ac_ext
 
 done
 # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.err conftest.$ac_ext
+rm -f conftest.i conftest.err conftest.$ac_ext
 if $ac_preproc_ok; then :
 
 else
   { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error "C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details." "$LINENO" 5; }
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
 fi
 
 ac_ext=c
@@ -4529,7 +4534,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
 $as_echo_n "checking for grep that handles long lines and -e... " >&6; }
-if test "${ac_cv_path_GREP+set}" = set; then :
+if ${ac_cv_path_GREP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -z "$GREP"; then
@@ -4543,7 +4548,7 @@ do
     for ac_prog in grep ggrep; do
     for ac_exec_ext in '' $ac_executable_extensions; do
       ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
-      { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+      as_fn_executable_p "$ac_path_GREP" || continue
 # Check for GNU ac_path_GREP and select it if it is found.
   # Check for GNU $ac_path_GREP
 case `"$ac_path_GREP" --version 2>&1` in
@@ -4578,7 +4583,7 @@ esac
   done
 IFS=$as_save_IFS
   if test -z "$ac_cv_path_GREP"; then
-    as_fn_error "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+    as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
   fi
 else
   ac_cv_path_GREP=$GREP
@@ -4592,7 +4597,7 @@ $as_echo "$ac_cv_path_GREP" >&6; }
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
 $as_echo_n "checking for egrep... " >&6; }
-if test "${ac_cv_path_EGREP+set}" = set; then :
+if ${ac_cv_path_EGREP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
@@ -4609,7 +4614,7 @@ do
     for ac_prog in egrep; do
     for ac_exec_ext in '' $ac_executable_extensions; do
       ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
-      { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+      as_fn_executable_p "$ac_path_EGREP" || continue
 # Check for GNU ac_path_EGREP and select it if it is found.
   # Check for GNU $ac_path_EGREP
 case `"$ac_path_EGREP" --version 2>&1` in
@@ -4644,7 +4649,7 @@ esac
   done
 IFS=$as_save_IFS
   if test -z "$ac_cv_path_EGREP"; then
-    as_fn_error "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
   fi
 else
   ac_cv_path_EGREP=$EGREP
@@ -4659,7 +4664,7 @@ $as_echo "$ac_cv_path_EGREP" >&6; }
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
 $as_echo_n "checking for ANSI C header files... " >&6; }
-if test "${ac_cv_header_stdc+set}" = set; then :
+if ${ac_cv_header_stdc+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -4769,7 +4774,6 @@ $as_echo "#define STDC_HEADERS 1" >>confdefs.h
 
 fi
 
-
 case `pwd` in
   *\ * | *\	*)
     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5
@@ -4778,8 +4782,8 @@ esac
 
 
 
-macro_version='2.2.6'
-macro_revision='1.3012'
+macro_version='2.4.2'
+macro_revision='1.3337'
 
 
 
@@ -4795,9 +4799,78 @@ macro_revision='1.3012'
 
 ltmain="$ac_aux_dir/ltmain.sh"
 
+# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\(["`\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+
+ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5
+$as_echo_n "checking how to print strings... " >&6; }
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+   test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='printf %s\n'
+else
+  # Use this function as a fallback that always works.
+  func_fallback_echo ()
+  {
+    eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+  }
+  ECHO='func_fallback_echo'
+fi
+
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO ""
+}
+
+case "$ECHO" in
+  printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5
+$as_echo "printf" >&6; } ;;
+  print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5
+$as_echo "print -r" >&6; } ;;
+  *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5
+$as_echo "cat" >&6; } ;;
+esac
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5
 $as_echo_n "checking for a sed that does not truncate output... " >&6; }
-if test "${ac_cv_path_SED+set}" = set; then :
+if ${ac_cv_path_SED+:} false; then :
   $as_echo_n "(cached) " >&6
 else
             ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/
@@ -4817,7 +4890,7 @@ do
     for ac_prog in sed gsed; do
     for ac_exec_ext in '' $ac_executable_extensions; do
       ac_path_SED="$as_dir/$ac_prog$ac_exec_ext"
-      { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue
+      as_fn_executable_p "$ac_path_SED" || continue
 # Check for GNU ac_path_SED and select it if it is found.
   # Check for GNU $ac_path_SED
 case `"$ac_path_SED" --version 2>&1` in
@@ -4852,7 +4925,7 @@ esac
   done
 IFS=$as_save_IFS
   if test -z "$ac_cv_path_SED"; then
-    as_fn_error "no acceptable sed could be found in \$PATH" "$LINENO" 5
+    as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5
   fi
 else
   ac_cv_path_SED=$SED
@@ -4879,7 +4952,7 @@ Xsed="$SED -e 1s/^X//"
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5
 $as_echo_n "checking for fgrep... " >&6; }
-if test "${ac_cv_path_FGREP+set}" = set; then :
+if ${ac_cv_path_FGREP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1
@@ -4896,7 +4969,7 @@ do
     for ac_prog in fgrep; do
     for ac_exec_ext in '' $ac_executable_extensions; do
       ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext"
-      { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue
+      as_fn_executable_p "$ac_path_FGREP" || continue
 # Check for GNU ac_path_FGREP and select it if it is found.
   # Check for GNU $ac_path_FGREP
 case `"$ac_path_FGREP" --version 2>&1` in
@@ -4931,7 +5004,7 @@ esac
   done
 IFS=$as_save_IFS
   if test -z "$ac_cv_path_FGREP"; then
-    as_fn_error "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+    as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
   fi
 else
   ac_cv_path_FGREP=$FGREP
@@ -5010,7 +5083,7 @@ else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5
 $as_echo_n "checking for non-GNU ld... " >&6; }
 fi
-if test "${lt_cv_path_LD+set}" = set; then :
+if ${lt_cv_path_LD+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -z "$LD"; then
@@ -5047,10 +5120,10 @@ else
   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
 fi
-test -z "$LD" && as_fn_error "no acceptable ld found in \$PATH" "$LINENO" 5
+test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5
 $as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; }
-if test "${lt_cv_prog_gnu_ld+set}" = set; then :
+if ${lt_cv_prog_gnu_ld+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   # I'd rather use --version here, but apparently some GNU lds only accept -v.
@@ -5077,7 +5150,7 @@ with_gnu_ld=$lt_cv_prog_gnu_ld
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5
 $as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; }
-if test "${lt_cv_path_NM+set}" = set; then :
+if ${lt_cv_path_NM+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$NM"; then
@@ -5130,14 +5203,17 @@ if test "$lt_cv_path_NM" != "no"; then
   NM="$lt_cv_path_NM"
 else
   # Didn't find any BSD compatible name lister, look for dumpbin.
-  if test -n "$ac_tool_prefix"; then
-  for ac_prog in "dumpbin -symbols" "link -dump -symbols"
+  if test -n "$DUMPBIN"; then :
+    # Let the user override the test.
+  else
+    if test -n "$ac_tool_prefix"; then
+  for ac_prog in dumpbin "link -dump"
   do
     # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
 set dummy $ac_tool_prefix$ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_DUMPBIN+set}" = set; then :
+if ${ac_cv_prog_DUMPBIN+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$DUMPBIN"; then
@@ -5149,7 +5225,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -5175,13 +5251,13 @@ fi
 fi
 if test -z "$DUMPBIN"; then
   ac_ct_DUMPBIN=$DUMPBIN
-  for ac_prog in "dumpbin -symbols" "link -dump -symbols"
+  for ac_prog in dumpbin "link -dump"
 do
   # Extract the first word of "$ac_prog", so it can be a program name with args.
 set dummy $ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_DUMPBIN+set}" = set; then :
+if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_DUMPBIN"; then
@@ -5193,7 +5269,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_DUMPBIN="$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -5230,6 +5306,15 @@ esac
   fi
 fi
 
+    case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+    *COFF*)
+      DUMPBIN="$DUMPBIN -symbols"
+      ;;
+    *)
+      DUMPBIN=:
+      ;;
+    esac
+  fi
 
   if test "$DUMPBIN" != ":"; then
     NM="$DUMPBIN"
@@ -5244,18 +5329,18 @@ test -z "$NM" && NM=nm
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5
 $as_echo_n "checking the name lister ($NM) interface... " >&6; }
-if test "${lt_cv_nm_interface+set}" = set; then :
+if ${lt_cv_nm_interface+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_nm_interface="BSD nm"
   echo "int some_variable = 0;" > conftest.$ac_ext
-  (eval echo "\"\$as_me:5252: $ac_compile\"" >&5)
+  (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5)
   (eval "$ac_compile" 2>conftest.err)
   cat conftest.err >&5
-  (eval echo "\"\$as_me:5255: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+  (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
   (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
   cat conftest.err >&5
-  (eval echo "\"\$as_me:5258: output\"" >&5)
+  (eval echo "\"\$as_me:$LINENO: output\"" >&5)
   cat conftest.out >&5
   if $GREP 'External.*some_variable' conftest.out > /dev/null; then
     lt_cv_nm_interface="MS dumpbin"
@@ -5279,7 +5364,7 @@ fi
 # find the maximum length of command line arguments
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5
 $as_echo_n "checking the maximum length of command line arguments... " >&6; }
-if test "${lt_cv_sys_max_cmd_len+set}" = set; then :
+if ${lt_cv_sys_max_cmd_len+:} false; then :
   $as_echo_n "(cached) " >&6
 else
     i=0
@@ -5312,6 +5397,11 @@ else
     lt_cv_sys_max_cmd_len=8192;
     ;;
 
+  mint*)
+    # On MiNT this can take a long time and run out of memory.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
   amigaos*)
     # On AmigaOS with pdksh, this test takes hours, literally.
     # So we just punt and use a minimum line length of 8192.
@@ -5337,6 +5427,11 @@ else
     lt_cv_sys_max_cmd_len=196608
     ;;
 
+  os2*)
+    # The test takes a long time on OS/2.
+    lt_cv_sys_max_cmd_len=8192
+    ;;
+
   osf*)
     # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
     # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
@@ -5376,8 +5471,8 @@ else
       # If test is not a shell built-in, we'll probably end up computing a
       # maximum length that is only half of the actual maximum length, but
       # we can't tell.
-      while { test "X"`$SHELL $0 --fallback-echo "X$teststring$teststring" 2>/dev/null` \
-	         = "XX$teststring$teststring"; } >/dev/null 2>&1 &&
+      while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \
+	         = "X$teststring$teststring"; } >/dev/null 2>&1 &&
 	      test $i != 17 # 1/2 MB should be enough
       do
         i=`expr $i + 1`
@@ -5419,8 +5514,8 @@ $as_echo_n "checking whether the shell understands some XSI constructs... " >&6;
 # Try some XSI features
 xsi_shell=no
 ( _lt_dummy="a/b/c"
-  test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \
-      = c,a/b,, \
+  test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \
+      = c,a/b,b/c, \
     && eval 'test $(( 1 + 1 )) -eq 2 \
     && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
   && xsi_shell=yes
@@ -5469,9 +5564,83 @@ esac
 
 
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5
+$as_echo_n "checking how to convert $build file names to $host format... " >&6; }
+if ${lt_cv_to_host_file_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+        ;;
+    esac
+    ;;
+  *-*-cygwin* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_noop
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+        ;;
+    esac
+    ;;
+  * ) # unhandled hosts (and "normal" native builds)
+    lt_cv_to_host_file_cmd=func_convert_file_noop
+    ;;
+esac
+
+fi
+
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5
+$as_echo "$lt_cv_to_host_file_cmd" >&6; }
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5
+$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; }
+if ${lt_cv_to_tool_file_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  #assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+        ;;
+    esac
+    ;;
+esac
+
+fi
+
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5
+$as_echo "$lt_cv_to_tool_file_cmd" >&6; }
+
+
+
+
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5
 $as_echo_n "checking for $LD option to reload object files... " >&6; }
-if test "${lt_cv_ld_reload_flag+set}" = set; then :
+if ${lt_cv_ld_reload_flag+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_ld_reload_flag='-r'
@@ -5485,6 +5654,11 @@ case $reload_flag in
 esac
 reload_cmds='$LD$reload_flag -o $output$reload_objs'
 case $host_os in
+  cygwin* | mingw* | pw32* | cegcc*)
+    if test "$GCC" != yes; then
+      reload_cmds=false
+    fi
+    ;;
   darwin*)
     if test "$GCC" = yes; then
       reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
@@ -5507,7 +5681,7 @@ if test -n "$ac_tool_prefix"; then
 set dummy ${ac_tool_prefix}objdump; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_OBJDUMP+set}" = set; then :
+if ${ac_cv_prog_OBJDUMP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$OBJDUMP"; then
@@ -5519,7 +5693,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -5547,7 +5721,7 @@ if test -z "$ac_cv_prog_OBJDUMP"; then
 set dummy objdump; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then :
+if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_OBJDUMP"; then
@@ -5559,7 +5733,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_OBJDUMP="objdump"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -5606,7 +5780,7 @@ test -z "$OBJDUMP" && OBJDUMP=objdump
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5
 $as_echo_n "checking how to recognize dependent libraries... " >&6; }
-if test "${lt_cv_deplibs_check_method+set}" = set; then :
+if ${lt_cv_deplibs_check_method+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_file_magic_cmd='$MAGIC_CMD'
@@ -5648,16 +5822,18 @@ mingw* | pw32*)
   # Base MSYS/MinGW do not provide the 'file' command needed by
   # func_win32_libid shell function, so use a weaker test based on 'objdump',
   # unless we find 'file', for example because we are cross-compiling.
-  if ( file / ) >/dev/null 2>&1; then
+  # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin.
+  if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then
     lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
     lt_cv_file_magic_cmd='func_win32_libid'
   else
-    lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+    # Keep this pattern in sync with the one in func_win32_libid.
+    lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
     lt_cv_file_magic_cmd='$OBJDUMP -f'
   fi
   ;;
 
-cegcc)
+cegcc*)
   # use the weaker test based on 'objdump'. See mingw*.
   lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
   lt_cv_file_magic_cmd='$OBJDUMP -f'
@@ -5687,6 +5863,10 @@ gnu*)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
+haiku*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
 hpux10.20* | hpux11*)
   lt_cv_file_magic_cmd=/usr/bin/file
   case $host_cpu in
@@ -5695,11 +5875,11 @@ hpux10.20* | hpux11*)
     lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
     ;;
   hppa*64*)
-    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]'
+    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]'
     lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
     ;;
   *)
-    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library'
+    lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library'
     lt_cv_file_magic_test_file=/usr/lib/libc.sl
     ;;
   esac
@@ -5720,8 +5900,8 @@ irix5* | irix6* | nonstopux*)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
@@ -5802,6 +5982,21 @@ esac
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5
 $as_echo "$lt_cv_deplibs_check_method" >&6; }
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+  case $host_os in
+  mingw* | pw32*)
+    if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+      want_nocaseglob=yes
+    else
+      file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"`
+    fi
+    ;;
+  esac
+fi
+
 file_magic_cmd=$lt_cv_file_magic_cmd
 deplibs_check_method=$lt_cv_deplibs_check_method
 test -z "$deplibs_check_method" && deplibs_check_method=unknown
@@ -5817,12 +6012,165 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown
 
 
 
+
+
+
+
+
+
+
+
+
+
 if test -n "$ac_tool_prefix"; then
-  # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args.
-set dummy ${ac_tool_prefix}ar; ac_word=$2
+  # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
+set dummy ${ac_tool_prefix}dlltool; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_AR+set}" = set; then :
+if ${ac_cv_prog_DLLTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DLLTOOL"; then
+  ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DLLTOOL=$ac_cv_prog_DLLTOOL
+if test -n "$DLLTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5
+$as_echo "$DLLTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_DLLTOOL"; then
+  ac_ct_DLLTOOL=$DLLTOOL
+  # Extract the first word of "dlltool", so it can be a program name with args.
+set dummy dlltool; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_DLLTOOL"; then
+  ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_DLLTOOL="dlltool"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL
+if test -n "$ac_ct_DLLTOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5
+$as_echo "$ac_ct_DLLTOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_DLLTOOL" = x; then
+    DLLTOOL="false"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    DLLTOOL=$ac_ct_DLLTOOL
+  fi
+else
+  DLLTOOL="$ac_cv_prog_DLLTOOL"
+fi
+
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+
+
+
+
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5
+$as_echo_n "checking how to associate runtime and link libraries... " >&6; }
+if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+  # two different shell functions defined in ltmain.sh
+  # decide which to use based on capabilities of $DLLTOOL
+  case `$DLLTOOL --help 2>&1` in
+  *--identify-strict*)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+    ;;
+  *)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+    ;;
+  esac
+  ;;
+*)
+  # fallback: assume linklib IS sharedlib
+  lt_cv_sharedlib_from_linklib_cmd="$ECHO"
+  ;;
+esac
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5
+$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; }
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+
+
+
+
+
+
+if test -n "$ac_tool_prefix"; then
+  for ac_prog in ar
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AR+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$AR"; then
@@ -5834,8 +6182,8 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
-    ac_cv_prog_AR="${ac_tool_prefix}ar"
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
   fi
@@ -5855,14 +6203,18 @@ $as_echo "no" >&6; }
 fi
 
 
+    test -n "$AR" && break
+  done
 fi
-if test -z "$ac_cv_prog_AR"; then
+if test -z "$AR"; then
   ac_ct_AR=$AR
-  # Extract the first word of "ar", so it can be a program name with args.
-set dummy ar; ac_word=$2
+  for ac_prog in ar
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_AR+set}" = set; then :
+if ${ac_cv_prog_ac_ct_AR+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_AR"; then
@@ -5874,8 +6226,8 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
-    ac_cv_prog_ac_ct_AR="ar"
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_AR="$ac_prog"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
   fi
@@ -5894,6 +6246,10 @@ else
 $as_echo "no" >&6; }
 fi
 
+
+  test -n "$ac_ct_AR" && break
+done
+
   if test "x$ac_ct_AR" = x; then
     AR="false"
   else
@@ -5905,12 +6261,10 @@ ac_tool_warned=yes ;;
 esac
     AR=$ac_ct_AR
   fi
-else
-  AR="$ac_cv_prog_AR"
 fi
 
-test -z "$AR" && AR=ar
-test -z "$AR_FLAGS" && AR_FLAGS=cru
+: ${AR=ar}
+: ${AR_FLAGS=cru}
 
 
 
@@ -5922,12 +6276,70 @@ test -z "$AR_FLAGS" && AR_FLAGS=cru
 
 
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5
+$as_echo_n "checking for archiver @FILE support... " >&6; }
+if ${lt_cv_ar_at_file+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ar_at_file=no
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  echo conftest.$ac_objext > conftest.lst
+      lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5'
+      { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+  (eval $lt_ar_try) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+      if test "$ac_status" -eq 0; then
+	# Ensure the archiver fails upon bogus file names.
+	rm -f conftest.$ac_objext libconftest.a
+	{ { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5
+  (eval $lt_ar_try) 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+	if test "$ac_status" -ne 0; then
+          lt_cv_ar_at_file=@
+        fi
+      fi
+      rm -f conftest.* libconftest.a
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5
+$as_echo "$lt_cv_ar_at_file" >&6; }
+
+if test "x$lt_cv_ar_at_file" = xno; then
+  archiver_list_spec=
+else
+  archiver_list_spec=$lt_cv_ar_at_file
+fi
+
+
+
+
+
+
+
 if test -n "$ac_tool_prefix"; then
   # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
 set dummy ${ac_tool_prefix}strip; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_STRIP+set}" = set; then :
+if ${ac_cv_prog_STRIP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$STRIP"; then
@@ -5939,7 +6351,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_STRIP="${ac_tool_prefix}strip"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -5967,7 +6379,7 @@ if test -z "$ac_cv_prog_STRIP"; then
 set dummy strip; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then :
+if ${ac_cv_prog_ac_ct_STRIP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_STRIP"; then
@@ -5979,7 +6391,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_STRIP="strip"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6026,7 +6438,7 @@ if test -n "$ac_tool_prefix"; then
 set dummy ${ac_tool_prefix}ranlib; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_RANLIB+set}" = set; then :
+if ${ac_cv_prog_RANLIB+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$RANLIB"; then
@@ -6038,7 +6450,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6066,7 +6478,7 @@ if test -z "$ac_cv_prog_RANLIB"; then
 set dummy ranlib; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then :
+if ${ac_cv_prog_ac_ct_RANLIB+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_RANLIB"; then
@@ -6078,7 +6490,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_RANLIB="ranlib"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6128,15 +6540,27 @@ old_postuninstall_cmds=
 if test -n "$RANLIB"; then
   case $host_os in
   openbsd*)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
     ;;
   *)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
     ;;
   esac
-  old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+  old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
 fi
 
+case $host_os in
+  darwin*)
+    lock_old_archive_extraction=yes ;;
+  *)
+    lock_old_archive_extraction=no ;;
+esac
+
+
+
+
+
+
 
 
 
@@ -6183,7 +6607,7 @@ compiler=$CC
 # Check for command to grab the raw symbol name followed by C symbol from nm.
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5
 $as_echo_n "checking command to parse $NM output from $compiler object... " >&6; }
-if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then :
+if ${lt_cv_sys_global_symbol_pipe+:} false; then :
   $as_echo_n "(cached) " >&6
 else
 
@@ -6244,8 +6668,8 @@ esac
 lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
 
 # Transform an extracted symbol line into symbol name and symbol address
-lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"\2\", (void *) \&\2},/p'"
-lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
 
 # Handle CRLF in mingw tool chain
 opt_cr=
@@ -6269,6 +6693,7 @@ for ac_symprfx in "" "_"; do
     # which start with @ or ?.
     lt_cv_sys_global_symbol_pipe="$AWK '"\
 "     {last_section=section; section=\$ 3};"\
+"     /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
 "     /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
 "     \$ 0!~/External *\|/{next};"\
 "     / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
@@ -6281,6 +6706,7 @@ for ac_symprfx in "" "_"; do
   else
     lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[	 ]\($symcode$symcode*\)[	 ][	 ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
   fi
+  lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
 
   # Check to see that the pipe works correctly.
   pipe_works=no
@@ -6306,8 +6732,8 @@ _LT_EOF
   test $ac_status = 0; }; then
     # Now try to grab the symbols.
     nlist=conftest.nm
-    if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\""; } >&5
-  (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5
+    if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5
+  (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; } && test -s "$nlist"; then
@@ -6322,6 +6748,18 @@ _LT_EOF
       if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
 	if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
 	  cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -6333,7 +6771,7 @@ _LT_EOF
 	  cat <<_LT_EOF >> conftest.$ac_ext
 
 /* The mapping between symbol names and symbols.  */
-const struct {
+LT_DLSYM_CONST struct {
   const char *name;
   void       *address;
 }
@@ -6359,8 +6797,8 @@ static const void *lt_preloaded_setup() {
 _LT_EOF
 	  # Now try linking the two files.
 	  mv conftest.$ac_objext conftstm.$ac_objext
-	  lt_save_LIBS="$LIBS"
-	  lt_save_CFLAGS="$CFLAGS"
+	  lt_globsym_save_LIBS=$LIBS
+	  lt_globsym_save_CFLAGS=$CFLAGS
 	  LIBS="conftstm.$ac_objext"
 	  CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag"
 	  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5
@@ -6370,8 +6808,8 @@ _LT_EOF
   test $ac_status = 0; } && test -s conftest${ac_exeext}; then
 	    pipe_works=yes
 	  fi
-	  LIBS="$lt_save_LIBS"
-	  CFLAGS="$lt_save_CFLAGS"
+	  LIBS=$lt_globsym_save_LIBS
+	  CFLAGS=$lt_globsym_save_CFLAGS
 	else
 	  echo "cannot find nm_test_func in $nlist" >&5
 	fi
@@ -6408,6 +6846,15 @@ else
 $as_echo "ok" >&6; }
 fi
 
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+  nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then
+  nm_file_list_spec='@'
+fi
+
+
+
 
 
 
@@ -6429,6 +6876,46 @@ fi
 
 
 
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5
+$as_echo_n "checking for sysroot... " >&6; }
+
+# Check whether --with-sysroot was given.
+if test "${with_sysroot+set}" = set; then :
+  withval=$with_sysroot;
+else
+  with_sysroot=no
+fi
+
+
+lt_sysroot=
+case ${with_sysroot} in #(
+ yes)
+   if test "$GCC" = yes; then
+     lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+   fi
+   ;; #(
+ /*)
+   lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
+   ;; #(
+ no|'')
+   ;; #(
+ *)
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5
+$as_echo "${with_sysroot}" >&6; }
+   as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5
+   ;;
+esac
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5
+$as_echo "${lt_sysroot:-no}" >&6; }
+
+
+
+
+
 # Check whether --enable-libtool-lock was given.
 if test "${enable_libtool_lock+set}" = set; then :
   enableval=$enable_libtool_lock;
@@ -6460,7 +6947,7 @@ ia64-*-hpux*)
   ;;
 *-*-irix6*)
   # Find out which ABI we are using.
-  echo '#line 6463 "configure"' > conftest.$ac_ext
+  echo '#line '$LINENO' "configure"' > conftest.$ac_ext
   if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
   (eval $ac_compile) 2>&5
   ac_status=$?
@@ -6554,7 +7041,7 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
   CFLAGS="$CFLAGS -belf"
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5
 $as_echo_n "checking whether the C compiler needs -belf... " >&6; }
-if test "${lt_cv_cc_needs_belf+set}" = set; then :
+if ${lt_cv_cc_needs_belf+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_ext=c
@@ -6595,7 +7082,7 @@ $as_echo "$lt_cv_cc_needs_belf" >&6; }
     CFLAGS="$SAVE_CFLAGS"
   fi
   ;;
-sparc*-*solaris*)
+*-*solaris*)
   # Find out which ABI we are using.
   echo 'int i;' > conftest.$ac_ext
   if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
@@ -6606,7 +7093,20 @@ sparc*-*solaris*)
     case `/usr/bin/file conftest.o` in
     *64-bit*)
       case $lt_cv_prog_gnu_ld in
-      yes*) LD="${LD-ld} -m elf64_sparc" ;;
+      yes*)
+        case $host in
+        i?86-*-solaris*)
+          LD="${LD-ld} -m elf_x86_64"
+          ;;
+        sparc*-*-solaris*)
+          LD="${LD-ld} -m elf64_sparc"
+          ;;
+        esac
+        # GNU ld 2.21 introduced _sol2 emulations.  Use them if available.
+        if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+          LD="${LD-ld}_sol2"
+        fi
+        ;;
       *)
 	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
 	  LD="${LD-ld} -64"
@@ -6622,6 +7122,123 @@ esac
 
 need_locks="$enable_libtool_lock"
 
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args.
+set dummy ${ac_tool_prefix}mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_MANIFEST_TOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$MANIFEST_TOOL"; then
+  ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL
+if test -n "$MANIFEST_TOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5
+$as_echo "$MANIFEST_TOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_MANIFEST_TOOL"; then
+  ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL
+  # Extract the first word of "mt", so it can be a program name with args.
+set dummy mt; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_MANIFEST_TOOL"; then
+  ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_ac_ct_MANIFEST_TOOL="mt"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL
+if test -n "$ac_ct_MANIFEST_TOOL"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5
+$as_echo "$ac_ct_MANIFEST_TOOL" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_MANIFEST_TOOL" = x; then
+    MANIFEST_TOOL=":"
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL
+  fi
+else
+  MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL"
+fi
+
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5
+$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; }
+if ${lt_cv_path_mainfest_tool+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_path_mainfest_tool=no
+  echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5
+  $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+  cat conftest.err >&5
+  if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+    lt_cv_path_mainfest_tool=yes
+  fi
+  rm -f conftest*
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5
+$as_echo "$lt_cv_path_mainfest_tool" >&6; }
+if test "x$lt_cv_path_mainfest_tool" != xyes; then
+  MANIFEST_TOOL=:
+fi
+
+
+
+
+
 
   case $host_os in
     rhapsody* | darwin*)
@@ -6630,7 +7247,7 @@ need_locks="$enable_libtool_lock"
 set dummy ${ac_tool_prefix}dsymutil; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_DSYMUTIL+set}" = set; then :
+if ${ac_cv_prog_DSYMUTIL+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$DSYMUTIL"; then
@@ -6642,7 +7259,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6670,7 +7287,7 @@ if test -z "$ac_cv_prog_DSYMUTIL"; then
 set dummy dsymutil; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_DSYMUTIL+set}" = set; then :
+if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_DSYMUTIL"; then
@@ -6682,7 +7299,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_DSYMUTIL="dsymutil"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6722,7 +7339,7 @@ fi
 set dummy ${ac_tool_prefix}nmedit; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_NMEDIT+set}" = set; then :
+if ${ac_cv_prog_NMEDIT+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$NMEDIT"; then
@@ -6734,7 +7351,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6762,7 +7379,7 @@ if test -z "$ac_cv_prog_NMEDIT"; then
 set dummy nmedit; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_NMEDIT+set}" = set; then :
+if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_NMEDIT"; then
@@ -6774,7 +7391,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_NMEDIT="nmedit"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6814,7 +7431,7 @@ fi
 set dummy ${ac_tool_prefix}lipo; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_LIPO+set}" = set; then :
+if ${ac_cv_prog_LIPO+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$LIPO"; then
@@ -6826,7 +7443,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_LIPO="${ac_tool_prefix}lipo"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6854,7 +7471,7 @@ if test -z "$ac_cv_prog_LIPO"; then
 set dummy lipo; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_LIPO+set}" = set; then :
+if ${ac_cv_prog_ac_ct_LIPO+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_LIPO"; then
@@ -6866,7 +7483,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_LIPO="lipo"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6906,7 +7523,7 @@ fi
 set dummy ${ac_tool_prefix}otool; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_OTOOL+set}" = set; then :
+if ${ac_cv_prog_OTOOL+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$OTOOL"; then
@@ -6918,7 +7535,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_OTOOL="${ac_tool_prefix}otool"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6946,7 +7563,7 @@ if test -z "$ac_cv_prog_OTOOL"; then
 set dummy otool; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_OTOOL+set}" = set; then :
+if ${ac_cv_prog_ac_ct_OTOOL+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_OTOOL"; then
@@ -6958,7 +7575,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_OTOOL="otool"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -6998,7 +7615,7 @@ fi
 set dummy ${ac_tool_prefix}otool64; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_OTOOL64+set}" = set; then :
+if ${ac_cv_prog_OTOOL64+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$OTOOL64"; then
@@ -7010,7 +7627,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -7038,7 +7655,7 @@ if test -z "$ac_cv_prog_OTOOL64"; then
 set dummy otool64; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_ac_ct_OTOOL64+set}" = set; then :
+if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if test -n "$ac_ct_OTOOL64"; then
@@ -7050,7 +7667,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_prog_ac_ct_OTOOL64="otool64"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -7113,7 +7730,7 @@ fi
 
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5
 $as_echo_n "checking for -single_module linker flag... " >&6; }
-if test "${lt_cv_apple_cc_single_mod+set}" = set; then :
+if ${lt_cv_apple_cc_single_mod+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_apple_cc_single_mod=no
@@ -7129,7 +7746,13 @@ else
 	$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
 	  -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
         _lt_result=$?
-	if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then
+	# If there is a non-empty error log, and "single_module"
+	# appears in it, assume the flag caused a linker warning
+        if test -s conftest.err && $GREP single_module conftest.err; then
+	  cat conftest.err >&5
+	# Otherwise, if the output was created with a 0 exit code from
+	# the compiler, it worked.
+	elif test -f libconftest.dylib && test $_lt_result -eq 0; then
 	  lt_cv_apple_cc_single_mod=yes
 	else
 	  cat conftest.err >&5
@@ -7140,9 +7763,10 @@ else
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5
 $as_echo "$lt_cv_apple_cc_single_mod" >&6; }
+
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5
 $as_echo_n "checking for -exported_symbols_list linker flag... " >&6; }
-if test "${lt_cv_ld_exported_symbols_list+set}" = set; then :
+if ${lt_cv_ld_exported_symbols_list+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_ld_exported_symbols_list=no
@@ -7172,6 +7796,41 @@ rm -f core conftest.err conftest.$ac_objext \
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5
 $as_echo "$lt_cv_ld_exported_symbols_list" >&6; }
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5
+$as_echo_n "checking for -force_load linker flag... " >&6; }
+if ${lt_cv_ld_force_load+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_ld_force_load=no
+      cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5
+      $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5
+      echo "$AR cru libconftest.a conftest.o" >&5
+      $AR cru libconftest.a conftest.o 2>&5
+      echo "$RANLIB libconftest.a" >&5
+      $RANLIB libconftest.a 2>&5
+      cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5
+      $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+      _lt_result=$?
+      if test -s conftest.err && $GREP force_load conftest.err; then
+	cat conftest.err >&5
+      elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then
+	lt_cv_ld_force_load=yes
+      else
+	cat conftest.err >&5
+      fi
+        rm -f conftest.err libconftest.a conftest conftest.c
+        rm -rf conftest.dSYM
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5
+$as_echo "$lt_cv_ld_force_load" >&6; }
     case $host_os in
     rhapsody* | darwin1.[012])
       _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
@@ -7199,7 +7858,7 @@ $as_echo "$lt_cv_ld_exported_symbols_list" >&6; }
     else
       _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
     fi
-    if test "$DSYMUTIL" != ":"; then
+    if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
       _lt_dsymutil='~$DSYMUTIL $lib || :'
     else
       _lt_dsymutil=
@@ -7214,8 +7873,7 @@ do :
   as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
 ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
 "
-eval as_val=\$$as_ac_Header
-   if test "x$as_val" = x""yes; then :
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
   cat >>confdefs.h <<_ACEOF
 #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
 _ACEOF
@@ -7229,7 +7887,7 @@ for ac_header in dlfcn.h
 do :
   ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default
 "
-if test "x$ac_cv_header_dlfcn_h" = x""yes; then :
+if test "x$ac_cv_header_dlfcn_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_DLFCN_H 1
 _ACEOF
@@ -7240,6 +7898,8 @@ done
 
 
 
+
+
 # Set options
 
 
@@ -7315,7 +7975,22 @@ fi
 
 # Check whether --with-pic was given.
 if test "${with_pic+set}" = set; then :
-  withval=$with_pic; pic_mode="$withval"
+  withval=$with_pic; lt_p=${PACKAGE-default}
+    case $withval in
+    yes|no) pic_mode=$withval ;;
+    *)
+      pic_mode=default
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for lt_pkg in $withval; do
+	IFS="$lt_save_ifs"
+	if test "X$lt_pkg" = "X$lt_p"; then
+	  pic_mode=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac
 else
   pic_mode=default
 fi
@@ -7392,6 +8067,11 @@ LIBTOOL='$(SHELL) $(top_builddir)/libtool'
 
 
 
+
+
+
+
+
 test -z "$LN_S" && LN_S="ln -s"
 
 
@@ -7413,7 +8093,7 @@ fi
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5
 $as_echo_n "checking for objdir... " >&6; }
-if test "${lt_cv_objdir+set}" = set; then :
+if ${lt_cv_objdir+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   rm -f .libs 2>/dev/null
@@ -7441,19 +8121,6 @@ _ACEOF
 
 
 
-
-
-
-
-
-
-
-
-
-
-
-
-
 case $host_os in
 aix3*)
   # AIX sometimes has problems with the GCC collect2 program.  For some
@@ -7466,23 +8133,6 @@ aix3*)
   ;;
 esac
 
-# Sed substitution that helps us do robust quoting.  It backslashifies
-# metacharacters that are still active within double-quoted strings.
-sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
-
-# Same as above, but do not quote variable references.
-double_quote_subst='s/\(["`\\]\)/\\\1/g'
-
-# Sed substitution to delay expansion of an escaped shell variable in a
-# double_quote_subst'ed string.
-delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
-
-# Sed substitution to delay expansion of an escaped single quote.
-delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
-
-# Sed substitution to avoid accidental globbing in evaled expressions
-no_glob_subst='s/\*/\\\*/g'
-
 # Global variables:
 ofile=libtool
 can_build_shared=yes
@@ -7511,7 +8161,7 @@ for cc_temp in $compiler""; do
     *) break;;
   esac
 done
-cc_basename=`$ECHO "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
 
 
 # Only perform the check for file, if the check method requires it
@@ -7521,7 +8171,7 @@ file_magic*)
   if test "$file_magic_cmd" = '$MAGIC_CMD'; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5
 $as_echo_n "checking for ${ac_tool_prefix}file... " >&6; }
-if test "${lt_cv_path_MAGIC_CMD+set}" = set; then :
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $MAGIC_CMD in
@@ -7587,7 +8237,7 @@ if test -z "$lt_cv_path_MAGIC_CMD"; then
   if test -n "$ac_tool_prefix"; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5
 $as_echo_n "checking for file... " >&6; }
-if test "${lt_cv_path_MAGIC_CMD+set}" = set; then :
+if ${lt_cv_path_MAGIC_CMD+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $MAGIC_CMD in
@@ -7711,16 +8361,25 @@ _lt_linker_boilerplate=`cat conftest.err`
 $RM -r conftest*
 
 
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
 if test -n "$compiler"; then
 
 lt_prog_compiler_no_builtin_flag=
 
 if test "$GCC" = yes; then
-  lt_prog_compiler_no_builtin_flag=' -fno-builtin'
+  case $cc_basename in
+  nvcc*)
+    lt_prog_compiler_no_builtin_flag=' -Xcompiler -fno-builtin' ;;
+  *)
+    lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;;
+  esac
 
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
 $as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; }
-if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then :
+if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_prog_compiler_rtti_exceptions=no
@@ -7736,15 +8395,15 @@ else
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:7739: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:7743: \$? = $ac_status" >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
      $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
      if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
        lt_cv_prog_compiler_rtti_exceptions=yes
@@ -7773,8 +8432,6 @@ fi
 lt_prog_compiler_pic=
 lt_prog_compiler_static=
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5
-$as_echo_n "checking for $compiler option to produce PIC... " >&6; }
 
   if test "$GCC" = yes; then
     lt_prog_compiler_wl='-Wl,'
@@ -7822,6 +8479,12 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
       lt_prog_compiler_pic='-fno-common'
       ;;
 
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      lt_prog_compiler_static=
+      ;;
+
     hpux*)
       # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
       # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
@@ -7864,6 +8527,15 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
       lt_prog_compiler_pic='-fPIC'
       ;;
     esac
+
+    case $cc_basename in
+    nvcc*) # Cuda Compiler Driver 2.2
+      lt_prog_compiler_wl='-Xlinker '
+      if test -n "$lt_prog_compiler_pic"; then
+        lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic"
+      fi
+      ;;
+    esac
   else
     # PORTME Check for flag to pass linker flags through the system compiler.
     case $host_os in
@@ -7905,7 +8577,7 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
       lt_prog_compiler_static='-non_shared'
       ;;
 
-    linux* | k*bsd*-gnu)
+    linux* | k*bsd*-gnu | kopensolaris*-gnu)
       case $cc_basename in
       # old Intel for x86_64 which still supported -KPIC.
       ecc*)
@@ -7926,7 +8598,13 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
 	lt_prog_compiler_pic='--shared'
 	lt_prog_compiler_static='--static'
 	;;
-      pgcc* | pgf77* | pgf90* | pgf95*)
+      nagfor*)
+	# NAG Fortran compiler
+	lt_prog_compiler_wl='-Wl,-Wl,,'
+	lt_prog_compiler_pic='-PIC'
+	lt_prog_compiler_static='-Bstatic'
+	;;
+      pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
         # Portland Group compilers (*not* the Pentium gcc compiler,
 	# which looks to be a dead project)
 	lt_prog_compiler_wl='-Wl,'
@@ -7938,25 +8616,40 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
         # All Alpha code is PIC.
         lt_prog_compiler_static='-non_shared'
         ;;
-      xl*)
-	# IBM XL C 8.0/Fortran 10.1 on PPC
+      xl* | bgxl* | bgf* | mpixl*)
+	# IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
 	lt_prog_compiler_wl='-Wl,'
 	lt_prog_compiler_pic='-qpic'
 	lt_prog_compiler_static='-qstaticlink'
 	;;
       *)
 	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*)
+	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
+	  lt_prog_compiler_pic='-KPIC'
+	  lt_prog_compiler_static='-Bstatic'
+	  lt_prog_compiler_wl=''
+	  ;;
+	*Sun\ F* | *Sun*Fortran*)
+	  lt_prog_compiler_pic='-KPIC'
+	  lt_prog_compiler_static='-Bstatic'
+	  lt_prog_compiler_wl='-Qoption ld '
+	  ;;
 	*Sun\ C*)
 	  # Sun C 5.9
 	  lt_prog_compiler_pic='-KPIC'
 	  lt_prog_compiler_static='-Bstatic'
 	  lt_prog_compiler_wl='-Wl,'
 	  ;;
-	*Sun\ F*)
-	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
-	  lt_prog_compiler_pic='-KPIC'
+        *Intel*\ [CF]*Compiler*)
+	  lt_prog_compiler_wl='-Wl,'
+	  lt_prog_compiler_pic='-fPIC'
+	  lt_prog_compiler_static='-static'
+	  ;;
+	*Portland\ Group*)
+	  lt_prog_compiler_wl='-Wl,'
+	  lt_prog_compiler_pic='-fpic'
 	  lt_prog_compiler_static='-Bstatic'
-	  lt_prog_compiler_wl=''
 	  ;;
 	esac
 	;;
@@ -7988,7 +8681,7 @@ $as_echo_n "checking for $compiler option to produce PIC... " >&6; }
       lt_prog_compiler_pic='-KPIC'
       lt_prog_compiler_static='-Bstatic'
       case $cc_basename in
-      f77* | f90* | f95*)
+      f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
 	lt_prog_compiler_wl='-Qoption ld ';;
       *)
 	lt_prog_compiler_wl='-Wl,';;
@@ -8045,13 +8738,17 @@ case $host_os in
     lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC"
     ;;
 esac
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_prog_compiler_pic" >&5
-$as_echo "$lt_prog_compiler_pic" >&6; }
-
-
-
-
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5
+$as_echo_n "checking for $compiler option to produce PIC... " >&6; }
+if ${lt_cv_prog_compiler_pic+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler_pic=$lt_prog_compiler_pic
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5
+$as_echo "$lt_cv_prog_compiler_pic" >&6; }
+lt_prog_compiler_pic=$lt_cv_prog_compiler_pic
 
 #
 # Check to make sure the PIC flag actually works.
@@ -8059,7 +8756,7 @@ $as_echo "$lt_prog_compiler_pic" >&6; }
 if test -n "$lt_prog_compiler_pic"; then
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5
 $as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; }
-if test "${lt_cv_prog_compiler_pic_works+set}" = set; then :
+if ${lt_cv_prog_compiler_pic_works+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_prog_compiler_pic_works=no
@@ -8075,15 +8772,15 @@ else
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8078: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&5
-   echo "$as_me:8082: \$? = $ac_status" >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
      $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
      if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
        lt_cv_prog_compiler_pic_works=yes
@@ -8112,13 +8809,18 @@ fi
 
 
 
+
+
+
+
+
 #
 # Check to make sure the static flag actually works.
 #
 wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\"
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5
 $as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; }
-if test "${lt_cv_prog_compiler_static_works+set}" = set; then :
+if ${lt_cv_prog_compiler_static_works+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_prog_compiler_static_works=no
@@ -8131,7 +8833,7 @@ else
      if test -s conftest.err; then
        # Append any errors to the config.log.
        cat conftest.err 1>&5
-       $ECHO "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
        $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
        if diff conftest.exp conftest.er2 >/dev/null; then
          lt_cv_prog_compiler_static_works=yes
@@ -8161,7 +8863,7 @@ fi
 
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
 $as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
-if test "${lt_cv_prog_compiler_c_o+set}" = set; then :
+if ${lt_cv_prog_compiler_c_o+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_prog_compiler_c_o=no
@@ -8180,16 +8882,16 @@ else
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8183: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&5
-   echo "$as_me:8187: \$? = $ac_status" >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
      $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
      if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
        lt_cv_prog_compiler_c_o=yes
@@ -8216,7 +8918,7 @@ $as_echo "$lt_cv_prog_compiler_c_o" >&6; }
 
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5
 $as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; }
-if test "${lt_cv_prog_compiler_c_o+set}" = set; then :
+if ${lt_cv_prog_compiler_c_o+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   lt_cv_prog_compiler_c_o=no
@@ -8235,16 +8937,16 @@ else
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:8238: $lt_compile\"" >&5)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&5)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&5
-   echo "$as_me:8242: \$? = $ac_status" >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
      $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
      if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
        lt_cv_prog_compiler_c_o=yes
@@ -8310,7 +9012,6 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
   hardcode_direct=no
   hardcode_direct_absolute=no
   hardcode_libdir_flag_spec=
-  hardcode_libdir_flag_spec_ld=
   hardcode_libdir_separator=
   hardcode_minus_L=no
   hardcode_shlibpath_var=unsupported
@@ -8354,13 +9055,39 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
   openbsd*)
     with_gnu_ld=no
     ;;
-  linux* | k*bsd*-gnu)
+  linux* | k*bsd*-gnu | gnu*)
     link_all_deplibs=no
     ;;
   esac
 
   ld_shlibs=yes
+
+  # On some targets, GNU ld is compatible enough with the native linker
+  # that we're better off using the native interface for both.
+  lt_use_gnu_ld_interface=no
   if test "$with_gnu_ld" = yes; then
+    case $host_os in
+      aix*)
+	# The AIX port of GNU ld has always aspired to compatibility
+	# with the native linker.  However, as the warning in the GNU ld
+	# block says, versions before 2.19.5* couldn't really create working
+	# shared libraries, regardless of the interface used.
+	case `$LD -v 2>&1` in
+	  *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+	  *\ \(GNU\ Binutils\)\ 2.[2-9]*) ;;
+	  *\ \(GNU\ Binutils\)\ [3-9]*) ;;
+	  *)
+	    lt_use_gnu_ld_interface=yes
+	    ;;
+	esac
+	;;
+      *)
+	lt_use_gnu_ld_interface=yes
+	;;
+    esac
+  fi
+
+  if test "$lt_use_gnu_ld_interface" = yes; then
     # If archive_cmds runs LD, not CC, wlarc should be empty
     wlarc='${wl}'
 
@@ -8378,6 +9105,7 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
     fi
     supports_anon_versioning=no
     case `$LD -v 2>&1` in
+      *GNU\ gold*) supports_anon_versioning=yes ;;
       *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11
       *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
       *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
@@ -8393,11 +9121,12 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie
 	ld_shlibs=no
 	cat <<_LT_EOF 1>&2
 
-*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** Warning: the GNU linker, at least up to release 2.19, is reported
 *** to be unable to reliably create shared libraries on AIX.
 *** Therefore, libtool is disabling shared libraries support.  If you
-*** really care for shared libraries, you may want to modify your PATH
-*** so that a non-GNU linker is found, and then restart.
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
 
 _LT_EOF
       fi
@@ -8433,10 +9162,12 @@ _LT_EOF
       # _LT_TAGVAR(hardcode_libdir_flag_spec, ) is actually meaningless,
       # as there is no search path for DLLs.
       hardcode_libdir_flag_spec='-L$libdir'
+      export_dynamic_flag_spec='${wl}--export-all-symbols'
       allow_undefined_flag=unsupported
       always_export_symbols=no
       enable_shared_with_static_runtimes=yes
-      export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols'
+      export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols'
+      exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'
 
       if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
         archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
@@ -8454,6 +9185,11 @@ _LT_EOF
       fi
       ;;
 
+    haiku*)
+      archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      link_all_deplibs=yes
+      ;;
+
     interix[3-9]*)
       hardcode_direct=no
       hardcode_shlibpath_var=no
@@ -8469,7 +9205,7 @@ _LT_EOF
       archive_expsym_cmds='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
       ;;
 
-    gnu* | linux* | tpf* | k*bsd*-gnu)
+    gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
       tmp_diet=no
       if test "$host_os" = linux-dietlibc; then
 	case $cc_basename in
@@ -8479,15 +9215,16 @@ _LT_EOF
       if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
 	 && test "$tmp_diet" = no
       then
-	tmp_addflag=
+	tmp_addflag=' $pic_flag'
 	tmp_sharedflag='-shared'
 	case $cc_basename,$host_cpu in
         pgcc*)				# Portland Group C compiler
-	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  tmp_addflag=' $pic_flag'
 	  ;;
-	pgf77* | pgf90* | pgf95*)	# Portland Group f77 and f90 compilers
-	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	pgf77* | pgf90* | pgf95* | pgfortran*)
+					# Portland Group f77 and f90 compilers
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  tmp_addflag=' $pic_flag -Mnomain' ;;
 	ecc*,ia64* | icc*,ia64*)	# Intel C compiler on ia64
 	  tmp_addflag=' -i_dynamic' ;;
@@ -8498,13 +9235,17 @@ _LT_EOF
 	lf95*)				# Lahey Fortran 8.1
 	  whole_archive_flag_spec=
 	  tmp_sharedflag='--shared' ;;
-	xl[cC]*)			# IBM XL C 8.0 on PPC (deal with xlf below)
+	xl[cC]* | bgxl[cC]* | mpixl[cC]*) # IBM XL C 8.0 on PPC (deal with xlf below)
 	  tmp_sharedflag='-qmkshrobj'
 	  tmp_addflag= ;;
+	nvcc*)	# Cuda Compiler Driver 2.2
+	  whole_archive_flag_spec='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  compiler_needs_object=yes
+	  ;;
 	esac
 	case `$CC -V 2>&1 | sed 5q` in
 	*Sun\ C*)			# Sun C 5.9
-	  whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	  whole_archive_flag_spec='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  compiler_needs_object=yes
 	  tmp_sharedflag='-G' ;;
 	*Sun\ F*)			# Sun Fortran 8.3
@@ -8520,17 +9261,16 @@ _LT_EOF
         fi
 
 	case $cc_basename in
-	xlf*)
+	xlf* | bgf* | bgxlf* | mpixlf*)
 	  # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
 	  whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive'
-	  hardcode_libdir_flag_spec=
-	  hardcode_libdir_flag_spec_ld='-rpath $libdir'
-	  archive_cmds='$LD -shared $libobjs $deplibs $compiler_flags -soname $soname -o $lib'
+	  hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+	  archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
 	  if test "x$supports_anon_versioning" = xyes; then
 	    archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
 	      cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
 	      echo "local: *; };" >> $output_objdir/$libname.ver~
-	      $LD -shared $libobjs $deplibs $compiler_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+	      $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
 	  fi
 	  ;;
 	esac
@@ -8544,8 +9284,8 @@ _LT_EOF
 	archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
 	wlarc=
       else
-	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       fi
       ;;
 
@@ -8563,8 +9303,8 @@ _LT_EOF
 
 _LT_EOF
       elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       else
 	ld_shlibs=no
       fi
@@ -8610,8 +9350,8 @@ _LT_EOF
 
     *)
       if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       else
 	ld_shlibs=no
       fi
@@ -8651,8 +9391,10 @@ _LT_EOF
       else
 	# If we're using GNU nm, then we don't want the "-C" option.
 	# -C means demangle to AIX nm, but means don't demangle with GNU nm
+	# Also, AIX nm treats weak defined symbols like other global
+	# defined symbols, whereas GNU nm marks them as "W".
 	if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
-	  export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	  export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
 	else
 	  export_symbols_cmds='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && (substr(\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
 	fi
@@ -8740,7 +9482,13 @@ _LT_EOF
 	allow_undefined_flag='-berok'
         # Determine the default libpath from the value encoded in an
         # empty executable.
-        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+        if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath_+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
 int
@@ -8753,25 +9501,32 @@ main ()
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
 
-lt_aix_libpath_sed='
-    /Import File Strings/,/^$/ {
-	/^0/ {
-	    s/^0  *\(.*\)$/\1/
-	    p
-	}
-    }'
-aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-# Check for a 64-bit object if we didn't find anything.
-if test -z "$aix_libpath"; then
-  aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-fi
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
-if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath_
+fi
 
         hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
-        archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+        archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
       else
 	if test "$host_cpu" = ia64; then
 	  hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
@@ -8780,7 +9535,13 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
 	else
 	 # Determine the default libpath from the value encoded in an
 	 # empty executable.
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+	 if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  if ${lt_cv_aix_libpath_+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
 int
@@ -8793,30 +9554,42 @@ main ()
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
 
-lt_aix_libpath_sed='
-    /Import File Strings/,/^$/ {
-	/^0/ {
-	    s/^0  *\(.*\)$/\1/
-	    p
-	}
-    }'
-aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-# Check for a 64-bit object if we didn't find anything.
-if test -z "$aix_libpath"; then
-  aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-fi
+  lt_aix_libpath_sed='
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }'
+  lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
-if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+  if test -z "$lt_cv_aix_libpath_"; then
+    lt_cv_aix_libpath_="/usr/lib:/lib"
+  fi
+
+fi
+
+  aix_libpath=$lt_cv_aix_libpath_
+fi
 
 	 hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
 	  # Warning - without using the other run time loading flags,
 	  # -berok will link without error, but may produce a broken library.
 	  no_undefined_flag=' ${wl}-bernotok'
 	  allow_undefined_flag=' ${wl}-berok'
-	  # Exported symbols can be pulled into shared objects from archives
-	  whole_archive_flag_spec='$convenience'
+	  if test "$with_gnu_ld" = yes; then
+	    # We only use this code for GNU lds that support --whole-archive.
+	    whole_archive_flag_spec='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	  else
+	    # Exported symbols can be pulled into shared objects from archives
+	    whole_archive_flag_spec='$convenience'
+	  fi
 	  archive_cmds_need_lc=yes
 	  # This is similar to how AIX traditionally builds its shared libraries.
 	  archive_expsym_cmds="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
@@ -8848,20 +9621,64 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
       # Microsoft Visual C++.
       # hardcode_libdir_flag_spec is actually meaningless, as there is
       # no search path for DLLs.
-      hardcode_libdir_flag_spec=' '
-      allow_undefined_flag=unsupported
-      # Tell ltmain to make .lib files, not .a files.
-      libext=lib
-      # Tell ltmain to make .dll files, not .so files.
-      shrext_cmds=".dll"
-      # FIXME: Setting linknames here is a bad hack.
-      archive_cmds='$CC -o $lib $libobjs $compiler_flags `$ECHO "X$deplibs" | $Xsed -e '\''s/ -lc$//'\''` -link -dll~linknames='
-      # The linker will automatically build a .lib file if we build a DLL.
-      old_archive_from_new_cmds='true'
-      # FIXME: Should let the user specify the lib program.
-      old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs'
-      fix_srcfile_path='`cygpath -w "$srcfile"`'
-      enable_shared_with_static_runtimes=yes
+      case $cc_basename in
+      cl*)
+	# Native MSVC
+	hardcode_libdir_flag_spec=' '
+	allow_undefined_flag=unsupported
+	always_export_symbols=yes
+	file_list_spec='@'
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	    sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	  else
+	    sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	  fi~
+	  $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	  linknames='
+	# The linker will not automatically build a static lib if we build a DLL.
+	# _LT_TAGVAR(old_archive_from_new_cmds, )='true'
+	enable_shared_with_static_runtimes=yes
+	exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+	export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols'
+	# Don't use ranlib
+	old_postinstall_cmds='chmod 644 $oldlib'
+	postlink_cmds='lt_outputfile="@OUTPUT@"~
+	  lt_tool_outputfile="@TOOL_OUTPUT@"~
+	  case $lt_outputfile in
+	    *.exe|*.EXE) ;;
+	    *)
+	      lt_outputfile="$lt_outputfile.exe"
+	      lt_tool_outputfile="$lt_tool_outputfile.exe"
+	      ;;
+	  esac~
+	  if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	    $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	    $RM "$lt_outputfile.manifest";
+	  fi'
+	;;
+      *)
+	# Assume MSVC wrapper
+	hardcode_libdir_flag_spec=' '
+	allow_undefined_flag=unsupported
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+	# The linker will automatically build a .lib file if we build a DLL.
+	old_archive_from_new_cmds='true'
+	# FIXME: Should let the user specify the lib program.
+	old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs'
+	enable_shared_with_static_runtimes=yes
+	;;
+      esac
       ;;
 
     darwin* | rhapsody*)
@@ -8871,7 +9688,12 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
   hardcode_direct=no
   hardcode_automatic=yes
   hardcode_shlibpath_var=unsupported
-  whole_archive_flag_spec=''
+  if test "$lt_cv_ld_force_load" = "yes"; then
+    whole_archive_flag_spec='`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+
+  else
+    whole_archive_flag_spec=''
+  fi
   link_all_deplibs=yes
   allow_undefined_flag="$_lt_dar_allow_undefined"
   case $cc_basename in
@@ -8879,7 +9701,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
      *) _lt_dar_can_shared=$GCC ;;
   esac
   if test "$_lt_dar_can_shared" = "yes"; then
-    output_verbose_link_cmd=echo
+    output_verbose_link_cmd=func_echo_all
     archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
     module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
     archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
@@ -8897,10 +9719,6 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
       hardcode_shlibpath_var=no
       ;;
 
-    freebsd1*)
-      ld_shlibs=no
-      ;;
-
     # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
     # support.  Future versions do this automatically, but an explicit c++rt0.o
     # does not break anything, and helps significantly (at the cost of a little
@@ -8913,7 +9731,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
       ;;
 
     # Unfortunately, older versions of FreeBSD 2 do not have this feature.
-    freebsd2*)
+    freebsd2.*)
       archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
       hardcode_direct=yes
       hardcode_minus_L=yes
@@ -8922,7 +9740,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
 
     # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
     freebsd* | dragonfly*)
-      archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+      archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
       hardcode_libdir_flag_spec='-R$libdir'
       hardcode_direct=yes
       hardcode_shlibpath_var=no
@@ -8930,7 +9748,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
 
     hpux9*)
       if test "$GCC" = yes; then
-	archive_cmds='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+	archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
       else
 	archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
       fi
@@ -8945,14 +9763,13 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
       ;;
 
     hpux10*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
-	archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
       else
 	archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
       fi
       if test "$with_gnu_ld" = no; then
 	hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
-	hardcode_libdir_flag_spec_ld='+b $libdir'
 	hardcode_libdir_separator=:
 	hardcode_direct=yes
 	hardcode_direct_absolute=yes
@@ -8964,16 +9781,16 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
       ;;
 
     hpux11*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
 	case $host_cpu in
 	hppa*64*)
 	  archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	ia64*)
-	  archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	*)
-	  archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+	  archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	esac
       else
@@ -8985,7 +9802,46 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
 	  archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	*)
-	  archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+
+	  # Older versions of the 11.00 compiler do not understand -b yet
+	  # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5
+$as_echo_n "checking if $CC understands -b... " >&6; }
+if ${lt_cv_prog_compiler__b+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_prog_compiler__b=no
+   save_LDFLAGS="$LDFLAGS"
+   LDFLAGS="$LDFLAGS -b"
+   echo "$lt_simple_link_test_code" > conftest.$ac_ext
+   if (eval $ac_link 2>conftest.err) && test -s conftest$ac_exeext; then
+     # The linker can only warn and ignore the option if not recognized
+     # So say no if there are warnings
+     if test -s conftest.err; then
+       # Append any errors to the config.log.
+       cat conftest.err 1>&5
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
+       $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
+       if diff conftest.exp conftest.er2 >/dev/null; then
+         lt_cv_prog_compiler__b=yes
+       fi
+     else
+       lt_cv_prog_compiler__b=yes
+     fi
+   fi
+   $RM -r conftest*
+   LDFLAGS="$save_LDFLAGS"
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5
+$as_echo "$lt_cv_prog_compiler__b" >&6; }
+
+if test x"$lt_cv_prog_compiler__b" = xyes; then
+    archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+else
+    archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
+fi
+
 	  ;;
 	esac
       fi
@@ -9013,26 +9869,39 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
 
     irix5* | irix6* | nonstopux*)
       if test "$GCC" = yes; then
-	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 	# Try to use the -exported_symbol ld option, if it does not
 	# work, assume that -exports_file does not work either and
 	# implicitly export all symbols.
-        save_LDFLAGS="$LDFLAGS"
-        LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
-        cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+	# This should be the same for all languages, so no per-tag cache variable.
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5
+$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; }
+if ${lt_cv_irix_exported_symbol+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  save_LDFLAGS="$LDFLAGS"
+	   LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+	   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
-int foo(void) {}
+int foo (void) { return 0; }
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
-  archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
-
+  lt_cv_irix_exported_symbol=yes
+else
+  lt_cv_irix_exported_symbol=no
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
-        LDFLAGS="$save_LDFLAGS"
+           LDFLAGS="$save_LDFLAGS"
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5
+$as_echo "$lt_cv_irix_exported_symbol" >&6; }
+	if test "$lt_cv_irix_exported_symbol" = yes; then
+          archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+	fi
       else
-	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+	archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
       fi
       archive_cmds_need_lc='no'
       hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
@@ -9094,17 +9963,17 @@ rm -f core conftest.err conftest.$ac_objext \
       hardcode_libdir_flag_spec='-L$libdir'
       hardcode_minus_L=yes
       allow_undefined_flag=unsupported
-      archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$ECHO DATA >> $output_objdir/$libname.def~$ECHO " SINGLE NONSHARED" >> $output_objdir/$libname.def~$ECHO EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+      archive_cmds='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
       old_archive_from_new_cmds='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
       ;;
 
     osf3*)
       if test "$GCC" = yes; then
 	allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
-	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
       else
 	allow_undefined_flag=' -expect_unresolved \*'
-	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
       fi
       archive_cmds_need_lc='no'
       hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
@@ -9114,13 +9983,13 @@ rm -f core conftest.err conftest.$ac_objext \
     osf4* | osf5*)	# as osf3* with the addition of -msym flag
       if test "$GCC" = yes; then
 	allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
-	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 	hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
       else
 	allow_undefined_flag=' -expect_unresolved \*'
-	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
 	archive_expsym_cmds='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
-	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
 
 	# Both c and cxx compiler support -rpath directly
 	hardcode_libdir_flag_spec='-rpath $libdir'
@@ -9133,9 +10002,9 @@ rm -f core conftest.err conftest.$ac_objext \
       no_undefined_flag=' -z defs'
       if test "$GCC" = yes; then
 	wlarc='${wl}'
-	archive_cmds='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
 	archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	  $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+	  $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
       else
 	case `$CC -V 2>&1` in
 	*"Compilers 5.0"*)
@@ -9323,44 +10192,50 @@ x|xyes)
       # to ld, don't add -lc before -lgcc.
       { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5
 $as_echo_n "checking whether -lc should be explicitly linked in... " >&6; }
-      $RM conftest*
-      echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+if ${lt_cv_archive_cmds_need_lc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  $RM conftest*
+	echo "$lt_simple_compile_test_code" > conftest.$ac_ext
 
-      if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
+	if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
   (eval $ac_compile) 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; } 2>conftest.err; then
-        soname=conftest
-        lib=conftest
-        libobjs=conftest.$ac_objext
-        deplibs=
-        wl=$lt_prog_compiler_wl
-	pic_flag=$lt_prog_compiler_pic
-        compiler_flags=-v
-        linker_flags=-v
-        verstring=
-        output_objdir=.
-        libname=conftest
-        lt_save_allow_undefined_flag=$allow_undefined_flag
-        allow_undefined_flag=
-        if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
+	  soname=conftest
+	  lib=conftest
+	  libobjs=conftest.$ac_objext
+	  deplibs=
+	  wl=$lt_prog_compiler_wl
+	  pic_flag=$lt_prog_compiler_pic
+	  compiler_flags=-v
+	  linker_flags=-v
+	  verstring=
+	  output_objdir=.
+	  libname=conftest
+	  lt_save_allow_undefined_flag=$allow_undefined_flag
+	  allow_undefined_flag=
+	  if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5
   (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }
-        then
-	  archive_cmds_need_lc=no
-        else
-	  archive_cmds_need_lc=yes
-        fi
-        allow_undefined_flag=$lt_save_allow_undefined_flag
-      else
-        cat conftest.err 1>&5
-      fi
-      $RM conftest*
-      { $as_echo "$as_me:${as_lineno-$LINENO}: result: $archive_cmds_need_lc" >&5
-$as_echo "$archive_cmds_need_lc" >&6; }
+	  then
+	    lt_cv_archive_cmds_need_lc=no
+	  else
+	    lt_cv_archive_cmds_need_lc=yes
+	  fi
+	  allow_undefined_flag=$lt_save_allow_undefined_flag
+	else
+	  cat conftest.err 1>&5
+	fi
+	$RM conftest*
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5
+$as_echo "$lt_cv_archive_cmds_need_lc" >&6; }
+      archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc
       ;;
     esac
   fi
@@ -9518,11 +10393,6 @@ esac
 
 
 
-
-
-
-
-
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5
 $as_echo_n "checking dynamic linker characteristics... " >&6; }
 
@@ -9531,16 +10401,23 @@ if test "$GCC" = yes; then
     darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
     *) lt_awk_arg="/^libraries:/" ;;
   esac
-  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-  if $ECHO "$lt_search_path_spec" | $GREP ';' >/dev/null ; then
+  case $host_os in
+    mingw* | cegcc*) lt_sed_strip_eq="s,=\([A-Za-z]:\),\1,g" ;;
+    *) lt_sed_strip_eq="s,=/,/,g" ;;
+  esac
+  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+  case $lt_search_path_spec in
+  *\;*)
     # if the path contains ";" then we assume it to be the separator
     # otherwise default to the standard path separator (i.e. ":") - it is
     # assumed that no part of a normal pathname contains ";" but that should
     # okay in the real world where ";" in dirpaths is itself problematic.
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e 's/;/ /g'`
-  else
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-  fi
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+    ;;
+  *)
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+    ;;
+  esac
   # Ok, now we have the path, separated by spaces, we can step through it
   # and add multilib dir if necessary.
   lt_tmp_lt_search_path_spec=
@@ -9553,7 +10430,7 @@ if test "$GCC" = yes; then
 	lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
     fi
   done
-  lt_search_path_spec=`$ECHO $lt_tmp_lt_search_path_spec | awk '
+  lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
 BEGIN {RS=" "; FS="/|\n";} {
   lt_foo="";
   lt_count=0;
@@ -9573,7 +10450,13 @@ BEGIN {RS=" "; FS="/|\n";} {
   if (lt_foo != "") { lt_freq[lt_foo]++; }
   if (lt_freq[lt_foo] == 1) { print lt_foo; }
 }'`
-  sys_lib_search_path_spec=`$ECHO $lt_search_path_spec`
+  # AWK program above erroneously prepends '/' to C:/dos/paths
+  # for these hosts.
+  case $host_os in
+    mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+      $SED 's,/\([A-Za-z]:\),\1,g'` ;;
+  esac
+  sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
 else
   sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
 fi
@@ -9599,7 +10482,7 @@ need_version=unknown
 
 case $host_os in
 aix3*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
   shlibpath_var=LIBPATH
 
@@ -9608,7 +10491,7 @@ aix3*)
   ;;
 
 aix[4-9]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   hardcode_into_libs=yes
@@ -9661,7 +10544,7 @@ amigaos*)
   m68k)
     library_names_spec='$libname.ixlibrary $libname.a'
     # Create ${libname}_ixlibrary.a entries in /sys/libs.
-    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$ECHO "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
     ;;
   esac
   ;;
@@ -9673,7 +10556,7 @@ beos*)
   ;;
 
 bsdi[45]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
@@ -9692,8 +10575,9 @@ cygwin* | mingw* | pw32* | cegcc*)
   need_version=no
   need_lib_prefix=no
 
-  case $GCC,$host_os in
-  yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*)
+  case $GCC,$cc_basename in
+  yes,*)
+    # gcc
     library_names_spec='$libname.dll.a'
     # DLL is installed to $(libdir)/../bin by postinstall_cmds
     postinstall_cmds='base_file=`basename \${file}`~
@@ -9714,36 +10598,83 @@ cygwin* | mingw* | pw32* | cegcc*)
     cygwin*)
       # Cygwin DLLs use 'cyg' prefix rather than 'lib'
       soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+
+      sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"
       ;;
     mingw* | cegcc*)
       # MinGW DLLs use traditional 'lib' prefix
       soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec=`$CC -print-search-dirs | $GREP "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-      if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
-        # It is most probably a Windows format PATH printed by
-        # mingw gcc, but we are running on Cygwin. Gcc prints its search
-        # path with ; separators, and with drive letters. We can handle the
-        # drive letters (cygwin fileutils understands them), so leave them,
-        # especially as we might pass files found there to a mingw objdump,
-        # which wouldn't understand a cygwinified path. Ahh.
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
-      else
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-      fi
       ;;
     pw32*)
       # pw32 DLLs use 'pw' prefix rather than 'lib'
       library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
       ;;
     esac
+    dynamic_linker='Win32 ld.exe'
+    ;;
+
+  *,cl*)
+    # Native MSVC
+    libname_spec='$name'
+    soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}'
+    library_names_spec='${libname}.dll.lib'
+
+    case $build_os in
+    mingw*)
+      sys_lib_search_path_spec=
+      lt_save_ifs=$IFS
+      IFS=';'
+      for lt_path in $LIB
+      do
+        IFS=$lt_save_ifs
+        # Let DOS variable expansion print the short 8.3 style file name.
+        lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+        sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+      done
+      IFS=$lt_save_ifs
+      # Convert to MSYS style.
+      sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'`
+      ;;
+    cygwin*)
+      # Convert to unix form, then to dos form, then back to unix form
+      # but this time dos style (no spaces!) so that the unix form looks
+      # like /cygdrive/c/PROGRA~1:/cygdr...
+      sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+      sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+      sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      ;;
+    *)
+      sys_lib_search_path_spec="$LIB"
+      if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then
+        # It is most probably a Windows format PATH.
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+      else
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      fi
+      # FIXME: find the short name or the path components, as spaces are
+      # common. (e.g. "Program Files" -> "PROGRA~1")
+      ;;
+    esac
+
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+    dynamic_linker='Win32 link.exe'
     ;;
 
   *)
+    # Assume MSVC wrapper
     library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib'
+    dynamic_linker='Win32 ld.exe'
     ;;
   esac
-  dynamic_linker='Win32 ld.exe'
   # FIXME: first we should search . and the directory the executable is in
   shlibpath_var=PATH
   ;;
@@ -9764,7 +10695,7 @@ darwin* | rhapsody*)
   ;;
 
 dgux*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
@@ -9772,10 +10703,6 @@ dgux*)
   shlibpath_var=LD_LIBRARY_PATH
   ;;
 
-freebsd1*)
-  dynamic_linker=no
-  ;;
-
 freebsd* | dragonfly*)
   # DragonFly does not have aout.  When/if they implement a new
   # versioning mechanism, adjust this.
@@ -9783,7 +10710,7 @@ freebsd* | dragonfly*)
     objformat=`/usr/bin/objformat`
   else
     case $host_os in
-    freebsd[123]*) objformat=aout ;;
+    freebsd[23].*) objformat=aout ;;
     *) objformat=elf ;;
     esac
   fi
@@ -9801,7 +10728,7 @@ freebsd* | dragonfly*)
   esac
   shlibpath_var=LD_LIBRARY_PATH
   case $host_os in
-  freebsd2*)
+  freebsd2.*)
     shlibpath_overrides_runpath=yes
     ;;
   freebsd3.[01]* | freebsdelf3.[01]*)
@@ -9821,12 +10748,26 @@ freebsd* | dragonfly*)
   ;;
 
 gnu*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+haiku*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  dynamic_linker="$host_os runtime_loader"
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
   hardcode_into_libs=yes
   ;;
 
@@ -9872,12 +10813,14 @@ hpux9* | hpux10* | hpux11*)
     soname_spec='${libname}${release}${shared_ext}$major'
     ;;
   esac
-  # HP-UX runs *really* slowly unless shared libraries are mode 555.
+  # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
   postinstall_cmds='chmod 555 $lib'
+  # or fails outright, so override atomically:
+  install_override_mode=555
   ;;
 
 interix[3-9]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
@@ -9893,7 +10836,7 @@ irix5* | irix6* | nonstopux*)
     nonstopux*) version_type=nonstopux ;;
     *)
 	if test "$lt_cv_prog_gnu_ld" = yes; then
-		version_type=linux
+		version_type=linux # correct to gnu/linux during the next big refactor
 	else
 		version_type=irix
 	fi ;;
@@ -9930,9 +10873,9 @@ linux*oldld* | linux*aout* | linux*coff*)
   dynamic_linker=no
   ;;
 
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
-  version_type=linux
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -9940,12 +10883,17 @@ linux* | k*bsd*-gnu)
   finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
   shlibpath_var=LD_LIBRARY_PATH
   shlibpath_overrides_runpath=no
+
   # Some binutils ld are patched to set DT_RUNPATH
-  save_LDFLAGS=$LDFLAGS
-  save_libdir=$libdir
-  eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \
-       LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\""
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+  if ${lt_cv_shlibpath_overrides_runpath+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  lt_cv_shlibpath_overrides_runpath=no
+    save_LDFLAGS=$LDFLAGS
+    save_libdir=$libdir
+    eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \
+	 LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\""
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
 int
@@ -9958,13 +10906,17 @@ main ()
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
   if  ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then :
-  shlibpath_overrides_runpath=yes
+  lt_cv_shlibpath_overrides_runpath=yes
 fi
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext conftest.$ac_ext
-  LDFLAGS=$save_LDFLAGS
-  libdir=$save_libdir
+    LDFLAGS=$save_LDFLAGS
+    libdir=$save_libdir
+
+fi
+
+  shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
 
   # This implies no fast_install, which is unacceptable.
   # Some rework will be needed to allow for fast_install
@@ -9973,7 +10925,7 @@ rm -f core conftest.err conftest.$ac_objext \
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
   fi
 
@@ -10017,7 +10969,7 @@ netbsd*)
   ;;
 
 newsos6)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   shlibpath_var=LD_LIBRARY_PATH
   shlibpath_overrides_runpath=yes
@@ -10086,7 +11038,7 @@ rdos*)
   ;;
 
 solaris*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -10111,7 +11063,7 @@ sunos4*)
   ;;
 
 sysv4 | sysv4.3*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
@@ -10135,7 +11087,7 @@ sysv4 | sysv4.3*)
 
 sysv4*MP*)
   if test -d /usr/nec ;then
-    version_type=linux
+    version_type=linux # correct to gnu/linux during the next big refactor
     library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
     soname_spec='$libname${shared_ext}.$major'
     shlibpath_var=LD_LIBRARY_PATH
@@ -10166,7 +11118,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
 
 tpf*)
   # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -10176,7 +11128,7 @@ tpf*)
   ;;
 
 uts4*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
@@ -10288,6 +11240,11 @@ fi
 
 
 
+
+
+
+
+
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5
 $as_echo_n "checking how to hardcode library paths into programs... " >&6; }
 hardcode_action=
@@ -10360,7 +11317,7 @@ else
   # if libdl is installed we need to link against it
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
 $as_echo_n "checking for dlopen in -ldl... " >&6; }
-if test "${ac_cv_lib_dl_dlopen+set}" = set; then :
+if ${ac_cv_lib_dl_dlopen+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -10394,7 +11351,7 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
 $as_echo "$ac_cv_lib_dl_dlopen" >&6; }
-if test "x$ac_cv_lib_dl_dlopen" = x""yes; then :
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
   lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
 else
 
@@ -10408,12 +11365,12 @@ fi
 
   *)
     ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load"
-if test "x$ac_cv_func_shl_load" = x""yes; then :
+if test "x$ac_cv_func_shl_load" = xyes; then :
   lt_cv_dlopen="shl_load"
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5
 $as_echo_n "checking for shl_load in -ldld... " >&6; }
-if test "${ac_cv_lib_dld_shl_load+set}" = set; then :
+if ${ac_cv_lib_dld_shl_load+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -10447,16 +11404,16 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5
 $as_echo "$ac_cv_lib_dld_shl_load" >&6; }
-if test "x$ac_cv_lib_dld_shl_load" = x""yes; then :
+if test "x$ac_cv_lib_dld_shl_load" = xyes; then :
   lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"
 else
   ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen"
-if test "x$ac_cv_func_dlopen" = x""yes; then :
+if test "x$ac_cv_func_dlopen" = xyes; then :
   lt_cv_dlopen="dlopen"
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
 $as_echo_n "checking for dlopen in -ldl... " >&6; }
-if test "${ac_cv_lib_dl_dlopen+set}" = set; then :
+if ${ac_cv_lib_dl_dlopen+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -10490,12 +11447,12 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
 $as_echo "$ac_cv_lib_dl_dlopen" >&6; }
-if test "x$ac_cv_lib_dl_dlopen" = x""yes; then :
+if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
   lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5
 $as_echo_n "checking for dlopen in -lsvld... " >&6; }
-if test "${ac_cv_lib_svld_dlopen+set}" = set; then :
+if ${ac_cv_lib_svld_dlopen+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -10529,12 +11486,12 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5
 $as_echo "$ac_cv_lib_svld_dlopen" >&6; }
-if test "x$ac_cv_lib_svld_dlopen" = x""yes; then :
+if test "x$ac_cv_lib_svld_dlopen" = xyes; then :
   lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5
 $as_echo_n "checking for dld_link in -ldld... " >&6; }
-if test "${ac_cv_lib_dld_dld_link+set}" = set; then :
+if ${ac_cv_lib_dld_dld_link+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -10568,7 +11525,7 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5
 $as_echo "$ac_cv_lib_dld_dld_link" >&6; }
-if test "x$ac_cv_lib_dld_dld_link" = x""yes; then :
+if test "x$ac_cv_lib_dld_dld_link" = xyes; then :
   lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"
 fi
 
@@ -10609,7 +11566,7 @@ fi
 
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5
 $as_echo_n "checking whether a program can dlopen itself... " >&6; }
-if test "${lt_cv_dlopen_self+set}" = set; then :
+if ${lt_cv_dlopen_self+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   	  if test "$cross_compiling" = yes; then :
@@ -10618,7 +11575,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10621 "configure"
+#line $LINENO "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -10659,7 +11616,13 @@ else
 #  endif
 #endif
 
-void fnord() { int i=42;}
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
 int main ()
 {
   void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
@@ -10668,7 +11631,11 @@ int main ()
   if (self)
     {
       if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
-      else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
       /* dlclose (self); */
     }
   else
@@ -10705,7 +11672,7 @@ $as_echo "$lt_cv_dlopen_self" >&6; }
       wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\"
       { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5
 $as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; }
-if test "${lt_cv_dlopen_self_static+set}" = set; then :
+if ${lt_cv_dlopen_self_static+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   	  if test "$cross_compiling" = yes; then :
@@ -10714,7 +11681,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-#line 10717 "configure"
+#line $LINENO "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -10755,7 +11722,13 @@ else
 #  endif
 #endif
 
-void fnord() { int i=42;}
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
 int main ()
 {
   void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
@@ -10764,7 +11737,11 @@ int main ()
   if (self)
     {
       if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
-      else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
       /* dlclose (self); */
     }
   else
@@ -10933,6 +11910,8 @@ CC="$lt_save_CC"
 
 
 
+
+
         ac_config_commands="$ac_config_commands libtool"
 
 
@@ -10942,12 +11921,14 @@ CC="$lt_save_CC"
 
 
 
+
+
 if test "z$RM" == "z" ; then
     # Extract the first word of "rm", so it can be a program name with args.
 set dummy rm; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_RM+set}" = set; then :
+if ${ac_cv_path_RM+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $RM in
@@ -10961,7 +11942,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_RM="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -10989,7 +11970,7 @@ fi
 set dummy cp; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_CP+set}" = set; then :
+if ${ac_cv_path_CP+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $CP in
@@ -11003,7 +11984,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_CP="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11030,7 +12011,7 @@ fi
 set dummy mv; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_MV+set}" = set; then :
+if ${ac_cv_path_MV+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $MV in
@@ -11044,7 +12025,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_MV="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11071,7 +12052,7 @@ fi
 set dummy tar; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_TAR+set}" = set; then :
+if ${ac_cv_path_TAR+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $TAR in
@@ -11085,7 +12066,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_TAR="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11112,7 +12093,7 @@ fi
 set dummy help2man; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_HELP2MAN+set}" = set; then :
+if ${ac_cv_path_HELP2MAN+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $HELP2MAN in
@@ -11126,7 +12107,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_HELP2MAN="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11152,7 +12133,7 @@ fi
 set dummy man2html; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_MAN2HTML+set}" = set; then :
+if ${ac_cv_path_MAN2HTML+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $MAN2HTML in
@@ -11166,7 +12147,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_MAN2HTML="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11189,51 +12170,12 @@ fi
 
 
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for function prototypes" >&5
-$as_echo_n "checking for function prototypes... " >&6; }
-if test "$ac_cv_prog_cc_c89" != no; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define PROTOTYPES 1" >>confdefs.h
-
-
-$as_echo "#define __PROTOTYPES 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-if test "$ac_cv_prog_cc_stdc" != no; then
-  U= ANSI2KNR=
-else
-  U=_ ANSI2KNR=./ansi2knr
-fi
-# Ensure some checks needed by ansi2knr itself.
-
-for ac_header in string.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "string.h" "ac_cv_header_string_h" "$ac_includes_default"
-if test "x$ac_cv_header_string_h" = x""yes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_STRING_H 1
-_ACEOF
-
-fi
-
-done
-
-
-test "z$U" != "z" && as_fn_error "Compiler not ANSI compliant" "$LINENO" 5
-
 ac_header_dirent=no
 for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
   as_ac_Header=`$as_echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5
 $as_echo_n "checking for $ac_hdr that defines DIR... " >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then :
+if eval \${$as_ac_Header+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -11260,8 +12202,7 @@ fi
 eval ac_res=\$$as_ac_Header
 	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
 $as_echo "$ac_res" >&6; }
-eval as_val=\$$as_ac_Header
-   if test "x$as_val" = x""yes; then :
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
   cat >>confdefs.h <<_ACEOF
 #define `$as_echo "HAVE_$ac_hdr" | $as_tr_cpp` 1
 _ACEOF
@@ -11274,7 +12215,7 @@ done
 if test $ac_header_dirent = dirent.h; then
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
 $as_echo_n "checking for library containing opendir... " >&6; }
-if test "${ac_cv_search_opendir+set}" = set; then :
+if ${ac_cv_search_opendir+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_func_search_save_LIBS=$LIBS
@@ -11308,11 +12249,11 @@ for ac_lib in '' dir; do
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext
-  if test "${ac_cv_search_opendir+set}" = set; then :
+  if ${ac_cv_search_opendir+:} false; then :
   break
 fi
 done
-if test "${ac_cv_search_opendir+set}" = set; then :
+if ${ac_cv_search_opendir+:} false; then :
 
 else
   ac_cv_search_opendir=no
@@ -11331,7 +12272,7 @@ fi
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
 $as_echo_n "checking for library containing opendir... " >&6; }
-if test "${ac_cv_search_opendir+set}" = set; then :
+if ${ac_cv_search_opendir+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_func_search_save_LIBS=$LIBS
@@ -11365,11 +12306,11 @@ for ac_lib in '' x; do
 fi
 rm -f core conftest.err conftest.$ac_objext \
     conftest$ac_exeext
-  if test "${ac_cv_search_opendir+set}" = set; then :
+  if ${ac_cv_search_opendir+:} false; then :
   break
 fi
 done
-if test "${ac_cv_search_opendir+set}" = set; then :
+if ${ac_cv_search_opendir+:} false; then :
 
 else
   ac_cv_search_opendir=no
@@ -11389,7 +12330,7 @@ fi
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
 $as_echo_n "checking for ANSI C header files... " >&6; }
-if test "${ac_cv_header_stdc+set}" = set; then :
+if ${ac_cv_header_stdc+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
@@ -11502,7 +12443,7 @@ fi
 for ac_header in stdio.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "stdio.h" "ac_cv_header_stdio_h" "$ac_includes_default"
-if test "x$ac_cv_header_stdio_h" = x""yes; then :
+if test "x$ac_cv_header_stdio_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_STDIO_H 1
 _ACEOF
@@ -11514,7 +12455,7 @@ done
 for ac_header in stdlib.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default"
-if test "x$ac_cv_header_stdlib_h" = x""yes; then :
+if test "x$ac_cv_header_stdlib_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_STDLIB_H 1
 _ACEOF
@@ -11526,7 +12467,7 @@ done
 for ac_header in string.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "string.h" "ac_cv_header_string_h" "$ac_includes_default"
-if test "x$ac_cv_header_string_h" = x""yes; then :
+if test "x$ac_cv_header_string_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_STRING_H 1
 _ACEOF
@@ -11538,7 +12479,7 @@ done
 for ac_header in ctype.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "ctype.h" "ac_cv_header_ctype_h" "$ac_includes_default"
-if test "x$ac_cv_header_ctype_h" = x""yes; then :
+if test "x$ac_cv_header_ctype_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_CTYPE_H 1
 _ACEOF
@@ -11550,7 +12491,7 @@ done
 for ac_header in errno.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "errno.h" "ac_cv_header_errno_h" "$ac_includes_default"
-if test "x$ac_cv_header_errno_h" = x""yes; then :
+if test "x$ac_cv_header_errno_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_ERRNO_H 1
 _ACEOF
@@ -11562,7 +12503,7 @@ done
 for ac_header in ansidecl.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "ansidecl.h" "ac_cv_header_ansidecl_h" "$ac_includes_default"
-if test "x$ac_cv_header_ansidecl_h" = x""yes; then :
+if test "x$ac_cv_header_ansidecl_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_ANSIDECL_H 1
 _ACEOF
@@ -11574,7 +12515,7 @@ done
 for ac_header in time.h
 do :
   ac_fn_c_check_header_mongrel "$LINENO" "time.h" "ac_cv_header_time_h" "$ac_includes_default"
-if test "x$ac_cv_header_time_h" = x""yes; then :
+if test "x$ac_cv_header_time_h" = xyes; then :
   cat >>confdefs.h <<_ACEOF
 #define HAVE_TIME_H 1
 _ACEOF
@@ -11587,8 +12528,7 @@ for ac_func in strchr strrchr printf sprintf fprintf snprintf vfprintf vsprintf
 do :
   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
 ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-eval as_val=\$$as_ac_var
-   if test "x$as_val" = x""yes; then :
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
   cat >>confdefs.h <<_ACEOF
 #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
 _ACEOF
@@ -11607,7 +12547,7 @@ if test "${enable_development+set}" = set; then :
 fi
 
 if test "z$enable_development" = "zyes" ; then
-    enable_debuging="yes"
+    enable_debugging="yes"
     enable_pedantic="yes"
     enable_static_linking="yes"
     enable_crypto_dl="no"
@@ -11716,7 +12656,7 @@ fi
 # This bug is HP SR number 8606223364.
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking size of size_t" >&5
 $as_echo_n "checking size of size_t... " >&6; }
-if test "${ac_cv_sizeof_size_t+set}" = set; then :
+if ${ac_cv_sizeof_size_t+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (size_t))" "ac_cv_sizeof_size_t"        "$ac_includes_default"; then :
@@ -11725,9 +12665,8 @@ else
   if test "$ac_cv_type_size_t" = yes; then
      { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-{ as_fn_set_status 77
-as_fn_error "cannot compute sizeof (size_t)
-See \`config.log' for more details." "$LINENO" 5; }; }
+as_fn_error 77 "cannot compute sizeof (size_t)
+See \`config.log' for more details" "$LINENO" 5; }
    else
      ac_cv_sizeof_size_t=0
    fi
@@ -11748,26 +12687,23 @@ if test "$ac_cv_sizeof_size_t" -ne "4" ; then
     XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SIZE_T"
 fi
 
-
-
-
+PKG_CONFIG="pkg-config"
+PKGCONFIG_FOUND="no"
 # Check whether --enable-pkgconfig was given.
 if test "${enable_pkgconfig+set}" = set; then :
   enableval=$enable_pkgconfig;
 fi
 
-if test "z$enable_pkgconfig" = "zno" ; then
-    PKG_CONFIG_ENABLED=no
-else
-    # Extract the first word of "pkg-config", so it can be a program name with args.
-set dummy pkg-config; ac_word=$2
+if test "z$enable_pkgconfig" != "zno" ; then
+    # Extract the first word of "$PKG_CONFIG", so it can be a program name with args.
+set dummy $PKG_CONFIG; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_prog_PKG_CONFIG_ENABLED+set}" = set; then :
+if ${ac_cv_prog_PKGCONFIG_PRESENT+:} false; then :
   $as_echo_n "(cached) " >&6
 else
-  if test -n "$PKG_CONFIG_ENABLED"; then
-  ac_cv_prog_PKG_CONFIG_ENABLED="$PKG_CONFIG_ENABLED" # Let the user override the test.
+  if test -n "$PKGCONFIG_PRESENT"; then
+  ac_cv_prog_PKGCONFIG_PRESENT="$PKGCONFIG_PRESENT" # Let the user override the test.
 else
 as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
 for as_dir in $PATH
@@ -11775,8 +12711,8 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
-    ac_cv_prog_PKG_CONFIG_ENABLED="yes"
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_prog_PKGCONFIG_PRESENT="yes"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
   fi
@@ -11784,23 +12720,23 @@ done
   done
 IFS=$as_save_IFS
 
-  test -z "$ac_cv_prog_PKG_CONFIG_ENABLED" && ac_cv_prog_PKG_CONFIG_ENABLED="no"
+  test -z "$ac_cv_prog_PKGCONFIG_PRESENT" && ac_cv_prog_PKGCONFIG_PRESENT="no"
 fi
 fi
-PKG_CONFIG_ENABLED=$ac_cv_prog_PKG_CONFIG_ENABLED
-if test -n "$PKG_CONFIG_ENABLED"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG_ENABLED" >&5
-$as_echo "$PKG_CONFIG_ENABLED" >&6; }
+PKGCONFIG_PRESENT=$ac_cv_prog_PKGCONFIG_PRESENT
+if test -n "$PKGCONFIG_PRESENT"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG_PRESENT" >&5
+$as_echo "$PKGCONFIG_PRESENT" >&6; }
 else
   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
 fi
 
 
-    if test "z$PKG_CONFIG_ENABLED" = "zyes" ; then
-	if ! pkg-config --atleast-pkgconfig-version 0.9 ; then
-	    PKG_CONFIG_ENABLED=no
-	fi
+    if test "z$PKGCONFIG_PRESENT" = "zyes" ; then
+        if $PKG_CONFIG --atleast-pkgconfig-version 0.9 ; then
+            PKGCONFIG_FOUND="yes"
+        fi
     fi
 fi
 
@@ -11825,7 +12761,7 @@ fi
 if test "z$with_libxml" = "zno" -o "z$with_libxml_src" = "zno"; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml2 libraries >= $LIBXML_MIN_VERSION" >&5
 $as_echo_n "checking for libxml2 libraries >= $LIBXML_MIN_VERSION... " >&6; }
-    as_fn_error "libxml2 >= $LIBXML_MIN_VERSION is required for $XMLSEC_PACKAGE" "$LINENO" 5
+    as_fn_error $? "libxml2 >= $LIBXML_MIN_VERSION is required for $XMLSEC_PACKAGE" "$LINENO" 5
 elif test "z$with_libxml_src" != "z" ; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml2 libraries >= $LIBXML_MIN_VERSION" >&5
 $as_echo_n "checking for libxml2 libraries >= $LIBXML_MIN_VERSION... " >&6; }
@@ -11840,9 +12776,14 @@ $as_echo_n "checking for libxml2 libraries >= $LIBXML_MIN_VERSION... " >&6; }
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes (source)" >&5
 $as_echo "yes (source)" >&6; }
     else
-	as_fn_error "libxml source dir not found (${with_libxml_src}), typo?" "$LINENO" 5
+	as_fn_error $? "libxml source dir not found (${with_libxml_src}), typo?" "$LINENO" 5
     fi
-elif test "z$with_libxml" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$with_libxml" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+
+
+
+
+
 
 
 if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
@@ -11851,7 +12792,7 @@ if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
 set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_PKG_CONFIG+set}" = set; then :
+if ${ac_cv_path_PKG_CONFIG+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $PKG_CONFIG in
@@ -11865,7 +12806,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11894,7 +12835,7 @@ if test -z "$ac_cv_path_PKG_CONFIG"; then
 set dummy pkg-config; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then :
+if ${ac_cv_path_ac_pt_PKG_CONFIG+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $ac_pt_PKG_CONFIG in
@@ -11908,7 +12849,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -11957,53 +12898,52 @@ $as_echo "yes" >&6; }
 $as_echo "no" >&6; }
 		PKG_CONFIG=""
 	fi
-
 fi
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBXML" >&5
 $as_echo_n "checking for LIBXML... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$LIBXML_CFLAGS"; then
-        pkg_cv_LIBXML_CFLAGS="$LIBXML_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$LIBXML_CFLAGS"; then
+    pkg_cv_LIBXML_CFLAGS="$LIBXML_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxml-2.0 >= \$LIBXML_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_LIBXML_CFLAGS=`$PKG_CONFIG --cflags "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$LIBXML_LIBS"; then
-        pkg_cv_LIBXML_LIBS="$LIBXML_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$LIBXML_LIBS"; then
+    pkg_cv_LIBXML_LIBS="$LIBXML_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxml-2.0 >= \$LIBXML_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_LIBXML_LIBS=`$PKG_CONFIG --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12011,17 +12951,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        LIBXML_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION"`
+	        LIBXML_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>&1`
         else
-	        LIBXML_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "libxml-2.0 >= $LIBXML_MIN_VERSION"`
+	        LIBXML_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libxml-2.0 >= $LIBXML_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$LIBXML_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                LIBXML_FOUND=no
+	LIBXML_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	LIBXML_FOUND=no
 else
 	LIBXML_CFLAGS=$pkg_cv_LIBXML_CFLAGS
@@ -12033,11 +12973,12 @@ fi
 fi
 if test "z$LIBXML_FOUND" = "zno" ; then
     if test "z$with_libxml" != "zyes" ; then
-	# Extract the first word of "$LIBXML_CONFIG", so it can be a program name with args.
+        if test "z$with_libxml" != "z" ; then
+	    # Extract the first word of "$LIBXML_CONFIG", so it can be a program name with args.
 set dummy $LIBXML_CONFIG; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_LIBXML_CONFIG+set}" = set; then :
+if ${ac_cv_path_LIBXML_CONFIG+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $LIBXML_CONFIG in
@@ -12052,7 +12993,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_LIBXML_CONFIG="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -12074,11 +13015,53 @@ $as_echo "no" >&6; }
 fi
 
 
+	else
+	    # Extract the first word of "$LIBXML_CONFIG", so it can be a program name with args.
+set dummy $LIBXML_CONFIG; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_LIBXML_CONFIG+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $LIBXML_CONFIG in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_LIBXML_CONFIG="$LIBXML_CONFIG" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_path_LIBXML_CONFIG="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  ;;
+esac
+fi
+LIBXML_CONFIG=$ac_cv_path_LIBXML_CONFIG
+if test -n "$LIBXML_CONFIG"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBXML_CONFIG" >&5
+$as_echo "$LIBXML_CONFIG" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+	fi
     fi
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking libxml2 $LIBXML_CONFIG " >&5
 $as_echo_n "checking libxml2 $LIBXML_CONFIG ... " >&6; }
     if ! LIBXML_VERSION=`$LIBXML_CONFIG --version 2>/dev/null`; then
-	as_fn_error "Could not find libxml2 anywhere." "$LINENO" 5
+	as_fn_error $? "Could not find libxml2 anywhere." "$LINENO" 5
     fi
     vers=`echo $LIBXML_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
     minvers=`echo $LIBXML_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
@@ -12089,7 +13072,7 @@ $as_echo_n "checking libxml2 $LIBXML_CONFIG ... " >&6; }
         { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes ('$LIBXML_VERSION')" >&5
 $as_echo "yes ('$LIBXML_VERSION')" >&6; }
     else
-        as_fn_error "You need at least libxml2 $LIBXML_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
+        as_fn_error $? "You need at least libxml2 $LIBXML_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
     fi
 fi
 
@@ -12136,54 +13119,54 @@ $as_echo_n "checking for libxslt libraries >= $LIBXSLT_MIN_VERSION... " >&6; }
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes (source)" >&5
 $as_echo "yes (source)" >&6; }
     else
-	as_fn_error "libxslt source dir not found (${with_libxslt_src}), typo?" "$LINENO" 5
+	as_fn_error $? "libxslt source dir not found (${with_libxslt_src}), typo?" "$LINENO" 5
     fi
-elif test "z$with_libxslt" = "z" -a  "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$with_libxslt" = "z" -a  "z$PKGCONFIG_FOUND" = "zyes" ; then
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBXSLT" >&5
 $as_echo_n "checking for LIBXSLT... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$LIBXSLT_CFLAGS"; then
-        pkg_cv_LIBXSLT_CFLAGS="$LIBXSLT_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$LIBXSLT_CFLAGS"; then
+    pkg_cv_LIBXSLT_CFLAGS="$LIBXSLT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxslt >= \$LIBXSLT_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libxslt >= $LIBXSLT_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_LIBXSLT_CFLAGS=`$PKG_CONFIG --cflags "libxslt >= $LIBXSLT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$LIBXSLT_LIBS"; then
-        pkg_cv_LIBXSLT_LIBS="$LIBXSLT_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$LIBXSLT_LIBS"; then
+    pkg_cv_LIBXSLT_LIBS="$LIBXSLT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libxslt >= \$LIBXSLT_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libxslt >= $LIBXSLT_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_LIBXSLT_LIBS=`$PKG_CONFIG --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12191,17 +13174,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "libxslt >= $LIBXSLT_MIN_VERSION"`
+	        LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>&1`
         else
-	        LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "libxslt >= $LIBXSLT_MIN_VERSION"`
+	        LIBXSLT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libxslt >= $LIBXSLT_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$LIBXSLT_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                LIBXSLT_FOUND=no
+	LIBXSLT_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	LIBXSLT_FOUND=no
 else
 	LIBXSLT_CFLAGS=$pkg_cv_LIBXSLT_CFLAGS
@@ -12214,11 +13197,12 @@ fi
 
 if test "z$LIBXSLT_FOUND" = "zno" ; then
     if test "z$with_libxslt" != "zyes" ; then
-	# Extract the first word of "$LIBXSLT_CONFIG", so it can be a program name with args.
+        if test "z$with_libxslt" != "z" ; then
+	    # Extract the first word of "$LIBXSLT_CONFIG", so it can be a program name with args.
 set dummy $LIBXSLT_CONFIG; ac_word=$2
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
 $as_echo_n "checking for $ac_word... " >&6; }
-if test "${ac_cv_path_LIBXSLT_CONFIG+set}" = set; then :
+if ${ac_cv_path_LIBXSLT_CONFIG+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   case $LIBXSLT_CONFIG in
@@ -12233,7 +13217,7 @@ do
   IFS=$as_save_IFS
   test -z "$as_dir" && as_dir=.
     for ac_exec_ext in '' $ac_executable_extensions; do
-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
     ac_cv_path_LIBXSLT_CONFIG="$as_dir/$ac_word$ac_exec_ext"
     $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
     break 2
@@ -12255,12 +13239,54 @@ $as_echo "no" >&6; }
 fi
 
 
+        else
+	    # Extract the first word of "$LIBXSLT_CONFIG", so it can be a program name with args.
+set dummy $LIBXSLT_CONFIG; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_LIBXSLT_CONFIG+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $LIBXSLT_CONFIG in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_LIBXSLT_CONFIG="$LIBXSLT_CONFIG" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+    ac_cv_path_LIBXSLT_CONFIG="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  ;;
+esac
+fi
+LIBXSLT_CONFIG=$ac_cv_path_LIBXSLT_CONFIG
+if test -n "$LIBXSLT_CONFIG"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBXSLT_CONFIG" >&5
+$as_echo "$LIBXSLT_CONFIG" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+        fi
     fi
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxslt libraries >= $LIBXSLT_MIN_VERSION" >&5
 $as_echo_n "checking for libxslt libraries >= $LIBXSLT_MIN_VERSION... " >&6; }
     if ! LIBXSLT_VERSION=`$LIBXSLT_CONFIG --version 2>/dev/null`; then
 	if test "z$with_libxslt" != "zyes" ; then
-	    as_fn_error "Unable to find libxslt at '$with_libxslt'" "$LINENO" 5
+	    as_fn_error $? "Unable to find libxslt at '$with_libxslt'" "$LINENO" 5
 	else
 	    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -12275,7 +13301,7 @@ $as_echo "no" >&6; }
     	    { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes ('$LIBXSLT_VERSION')" >&5
 $as_echo "yes ('$LIBXSLT_VERSION')" >&6; }
 	else
-    	    as_fn_error "You need at least libxslt $LIBXSLT_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
+    	    as_fn_error $? "You need at least libxslt $LIBXSLT_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
 	fi
     fi
 fi
@@ -12292,13 +13318,8 @@ fi
 
 
 
-XMLSEC_CRYPTO=""
 XMLSEC_CRYPTO_LIST=""
 XMLSEC_CRYPTO_DISABLED_LIST=""
-XMLSEC_CRYPTO_LIB=""
-XMLSEC_CRYPTO_CFLAGS=""
-XMLSEC_CRYPTO_CFLAGS_APP=""
-XMLSEC_CRYPTO_LIBS=""
 
 ac_openssl_lib_dir="/usr/local/lib /usr/lib /usr/lib64 /usr/local /usr/local/ssl /usr/local/ssl/lib /usr/pkg"
 ac_openssl_inc_dir="/usr/local/include /usr/include /usr/local /usr/local/ssl /usr/pkg /usr/local/ssl/include"
@@ -12338,53 +13359,127 @@ elif test "z$with_openssl" != "z" ; then
 	OPENSSL_LIBS="$with_openssl/lib/libcrypto.a $openssl_exlibs"
     fi
     OPENSSL_FOUND="yes"
-elif test "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$PKGCONFIG_FOUND" = "zyes" ; then
     if test "z$OPENSSL_VERSION" = "z" ; then
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL" >&5
 $as_echo_n "checking for OPENSSL... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_CFLAGS"; then
-        pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_CFLAGS"; then
+    pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.0\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.0") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 1.0.0" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$OPENSSL_LIBS"; then
+    pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 1.0.0\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "openssl >= 1.0.0") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 1.0.0" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+        _pkg_short_errors_supported=yes
+else
+        _pkg_short_errors_supported=no
+fi
+        if test $_pkg_short_errors_supported = yes; then
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 1.0.0" 2>&1`
+        else
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 1.0.0" 2>&1`
+        fi
+	# Put the nasty error message in config.log where it belongs
+	echo "$OPENSSL_PKG_ERRORS" >&5
+
+	OPENSSL_VERSION=""
+elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	OPENSSL_VERSION=""
+else
+	OPENSSL_CFLAGS=$pkg_cv_OPENSSL_CFLAGS
+	OPENSSL_LIBS=$pkg_cv_OPENSSL_LIBS
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+	OPENSSL_VERSION="1.0.0"
+fi
+    fi
+
+    if test "z$OPENSSL_VERSION" = "z" ; then
+
+pkg_failed=no
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL" >&5
+$as_echo_n "checking for OPENSSL... " >&6; }
+
+if test -n "$OPENSSL_CFLAGS"; then
+    pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 0.9.8\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= 0.9.8") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 0.9.8" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_LIBS"; then
-        pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_LIBS"; then
+    pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 0.9.8\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= 0.9.8") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 0.9.8" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12392,17 +13487,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "openssl >= 0.9.8"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 0.9.8" 2>&1`
         else
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "openssl >= 0.9.8"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 0.9.8" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$OPENSSL_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                OPENSSL_VERSION=""
+	OPENSSL_VERSION=""
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	OPENSSL_VERSION=""
 else
 	OPENSSL_CFLAGS=$pkg_cv_OPENSSL_CFLAGS
@@ -12419,46 +13514,46 @@ pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL" >&5
 $as_echo_n "checking for OPENSSL... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_CFLAGS"; then
-        pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_CFLAGS"; then
+    pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 0.9.7\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= 0.9.7") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= 0.9.7" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_LIBS"; then
-        pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_LIBS"; then
+    pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= 0.9.7\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= 0.9.7") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= 0.9.7" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12466,17 +13561,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "openssl >= 0.9.7"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= 0.9.7" 2>&1`
         else
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "openssl >= 0.9.7"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= 0.9.7" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$OPENSSL_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                OPENSSL_VERSION=""
+	OPENSSL_VERSION=""
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	OPENSSL_VERSION=""
 else
 	OPENSSL_CFLAGS=$pkg_cv_OPENSSL_CFLAGS
@@ -12493,46 +13588,46 @@ pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL" >&5
 $as_echo_n "checking for OPENSSL... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_CFLAGS"; then
-        pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_CFLAGS"; then
+    pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= \$OPENSSL_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= $OPENSSL_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_CFLAGS=`$PKG_CONFIG --cflags "openssl >= $OPENSSL_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$OPENSSL_LIBS"; then
-        pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$OPENSSL_LIBS"; then
+    pkg_cv_OPENSSL_LIBS="$OPENSSL_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"openssl >= \$OPENSSL_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "openssl >= $OPENSSL_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_OPENSSL_LIBS=`$PKG_CONFIG --libs "openssl >= $OPENSSL_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12540,17 +13635,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "openssl >= $OPENSSL_MIN_VERSION"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "openssl >= $OPENSSL_MIN_VERSION" 2>&1`
         else
-	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "openssl >= $OPENSSL_MIN_VERSION"`
+	        OPENSSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "openssl >= $OPENSSL_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$OPENSSL_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                OPENSSL_VERSION=""
+	OPENSSL_VERSION=""
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	OPENSSL_VERSION=""
 else
 	OPENSSL_CFLAGS=$pkg_cv_OPENSSL_CFLAGS
@@ -12716,25 +13811,18 @@ fi
 if test "z$OPENSSL_FOUND" = "zyes" ; then
     XMLSEC_NO_OPENSSL="0"
     if test "z$OPENSSL_VERSION" = "z0.9.6" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_096=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_096=1 -DXMLSEC_NO_ECDSA=1"
     fi
     if test "z$OPENSSL_VERSION" = "z0.9.7" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_097=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_097=1 -DXMLSEC_NO_ECDSA=1"
     fi
     if test "z$OPENSSL_VERSION" = "z0.9.8" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_098=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_098=1 -DXMLSEC_NO_ECDSA=1"
     fi
     if test "z$OPENSSL_VERSION" = "z1.0.0" ; then
 	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_100=1"
     fi
     OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_CRYPTO_OPENSSL=1"
-
-        if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="openssl"
-    	XMLSEC_CRYPTO_LIB="$OPENSSL_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$OPENSSL_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$OPENSSL_LIBS"
-    fi
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST openssl"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST openssl"
@@ -12754,11 +13842,11 @@ fi
 
 
 
-
 XMLSEC_NO_NSS="1"
+SEAMONKEY_MIN_VERSION="1.0"
 MOZILLA_MIN_VERSION="1.4"
-NSS_MIN_VERSION="3.2"
-NSPR_MIN_VERSION="4.0"
+NSS_MIN_VERSION="3.9"
+NSPR_MIN_VERSION="4.4.1"
 NSS_CFLAGS=""
 NSS_LIBS=""
 NSS_LIBS_LIST="-lnss3 -lsmime3"
@@ -12799,53 +13887,126 @@ $as_echo_n "checking for NSS libraries... " >&6; }
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
     NSS_FOUND="without"
-elif test "z$with_nss" = "z" -a "z$with_nspr" = "z" -a "z$with_mozilla_ver" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
-                                    if test "z$NSS_FOUND" = "zno" ; then
+elif test "z$with_nss" = "z" -a "z$with_nspr" = "z" -a "z$with_mozilla_ver" = "z" -a "z$with_seamonkey_ver" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+                                        if test "z$NSS_FOUND" = "zno" ; then
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NSS" >&5
 $as_echo_n "checking for NSS... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_CFLAGS"; then
-        pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$NSS_CFLAGS"; then
+    pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nspr >= \$NSPR_MIN_VERSION seamonkey-nss >= \$SEAMONKEY_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$NSS_LIBS"; then
+    pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"seamonkey-nspr >= \$NSPR_MIN_VERSION seamonkey-nss >= \$SEAMONKEY_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+        _pkg_short_errors_supported=yes
+else
+        _pkg_short_errors_supported=no
+fi
+        if test $_pkg_short_errors_supported = yes; then
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>&1`
+        else
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION" 2>&1`
+        fi
+	# Put the nasty error message in config.log where it belongs
+	echo "$NSS_PKG_ERRORS" >&5
+
+	NSS_FOUND=no
+elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	NSS_FOUND=no
+else
+	NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
+	NSS_LIBS=$pkg_cv_NSS_LIBS
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+	NSS_FOUND=yes NSPR_PACKAGE=seamonkey-nspr NSS_PACKAGE=seamonkey-nss
+fi
+    fi
+    if test "z$NSS_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for NSS" >&5
+$as_echo_n "checking for NSS... " >&6; }
+
+if test -n "$NSS_CFLAGS"; then
+    pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nspr >= \$MOZILLA_MIN_VERSION mozilla-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_LIBS"; then
-        pkg_cv_NSS_LIBS="$NSS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$NSS_LIBS"; then
+    pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"mozilla-nspr >= \$MOZILLA_MIN_VERSION mozilla-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12853,17 +14014,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION" 2>&1`
         else
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$NSS_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                NSS_FOUND=no
+	NSS_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	NSS_FOUND=no
 else
 	NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
@@ -12879,46 +14040,46 @@ pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NSS" >&5
 $as_echo_n "checking for NSS... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_CFLAGS"; then
-        pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$MOZILLA_MIN_VERSION xulrunner-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION") 2>&5
+if test -n "$NSS_CFLAGS"; then
+    pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$NSPR_MIN_VERSION xulrunner-nss >= \$NSS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+  pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_LIBS"; then
-        pkg_cv_NSS_LIBS="$NSS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$MOZILLA_MIN_VERSION xulrunner-nss >= \$MOZILLA_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION") 2>&5
+if test -n "$NSS_LIBS"; then
+    pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"xulrunner-nspr >= \$NSPR_MIN_VERSION xulrunner-nss >= \$NSS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+  pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12926,17 +14087,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION" 2>&1`
         else
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$NSS_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                NSS_FOUND=no
+	NSS_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	NSS_FOUND=no
 else
 	NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
@@ -12952,46 +14113,46 @@ pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NSS" >&5
 $as_echo_n "checking for NSS... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_CFLAGS"; then
-        pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$MOZILLA_MIN_VERSION nss >= \$MOZILLA_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION") 2>&5
+if test -n "$NSS_CFLAGS"; then
+    pkg_cv_NSS_CFLAGS="$NSS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$NSPR_MIN_VERSION nss >= \$NSS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+  pkg_cv_NSS_CFLAGS=`$PKG_CONFIG --cflags "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$NSS_LIBS"; then
-        pkg_cv_NSS_LIBS="$NSS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$MOZILLA_MIN_VERSION nss >= \$MOZILLA_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION") 2>&5
+if test -n "$NSS_LIBS"; then
+    pkg_cv_NSS_LIBS="$NSS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"nspr >= \$NSPR_MIN_VERSION nss >= \$NSS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION" 2>/dev/null`
+  pkg_cv_NSS_LIBS=`$PKG_CONFIG --libs "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -12999,17 +14160,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION" 2>&1`
         else
-	        NSS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION"`
+	        NSS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$NSS_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                NSS_FOUND=no
+	NSS_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	NSS_FOUND=no
 else
 	NSS_CFLAGS=$pkg_cv_NSS_CFLAGS
@@ -13212,13 +14373,6 @@ fi
 if test "z$NSS_FOUND" = "zyes" ; then
     XMLSEC_NO_NSS="0"
     NSS_CFLAGS="$NSS_CFLAGS -DXMLSEC_CRYPTO_NSS=1"
-
-        if test "z$XMLSEC_CRYPTO" = "z" ;  then
-	XMLSEC_CRYPTO="nss"
-	XMLSEC_CRYPTO_LIB="$NSS_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$NSS_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$NSS_LIBS"
-    fi
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST nss"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST nss"
@@ -13242,73 +14396,146 @@ fi
 
 
 
-GNUTLS_CONFIG="libgnutls-config"
-XMLSEC_NO_GNUTLS="1"
-GNUTLS_MIN_VERSION="0.8.1"
-GNUTLS_NEW_MIN_VERSION="1.0.0"
-GNUTLS_VERSION=""
-GNUTLS_CFLAGS=""
-GNUTLS_LIBS=""
-GNUTLS_CRYPTO_LIB="$XMLSEC_PACKAGE-gnutls"
-GNUTLS_FOUND="no"
 
-# Check whether --with-gnutls was given.
-if test "${with_gnutls+set}" = set; then :
-  withval=$with_gnutls;
+GCRYPT_CONFIG="libgcrypt-config"
+XMLSEC_NO_GCRYPT="1"
+GCRYPT_MIN_VERSION="1.4.0"
+GCRYPT_VERSION=""
+GCRYPT_CFLAGS=""
+GCRYPT_LIBS=""
+GCRYPT_CRYPTO_LIB="$XMLSEC_PACKAGE-gcrypt"
+GCRYPT_FOUND="no"
+
+# Check whether --with-gcrypt was given.
+if test "${with_gcrypt+set}" = set; then :
+  withval=$with_gcrypt;
 fi
 
-if test "z$with_gnutls" = "zno" ; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gnutls libraries >= $GNUTLS_MIN_VERSION" >&5
-$as_echo_n "checking for gnutls libraries >= $GNUTLS_MIN_VERSION... " >&6; }
+if test "z$with_gcrypt" = "zno" ; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcrypt libraries >= $GCRYPT_MIN_VERSION" >&5
+$as_echo_n "checking for gcrypt libraries >= $GCRYPT_MIN_VERSION... " >&6; }
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
-    GNUTLS_FOUND="without"
-elif test "z$with_gnutls" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+    GCRYPT_FOUND="without"
+elif test "z$with_gcrypt" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
 
 pkg_failed=no
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNUTLS" >&5
-$as_echo_n "checking for GNUTLS... " >&6; }
-
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_CFLAGS"; then
-        pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_NEW_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_NEW_MIN_VERSION") 2>&5
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GCRYPT" >&5
+$as_echo_n "checking for GCRYPT... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+    pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "gcrypt >= $GCRYPT_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= $GNUTLS_NEW_MIN_VERSION" 2>/dev/null`
+  pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "gcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+    pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "gcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
-	pkg_failed=untried
+  pkg_failed=yes
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_LIBS"; then
-        pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_NEW_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_NEW_MIN_VERSION") 2>&5
+ else
+    pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+        _pkg_short_errors_supported=yes
+else
+        _pkg_short_errors_supported=no
+fi
+        if test $_pkg_short_errors_supported = yes; then
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+        else
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "gcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
+        fi
+	# Put the nasty error message in config.log where it belongs
+	echo "$GCRYPT_PKG_ERRORS" >&5
+
+	GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	GCRYPT_FOUND=no
+else
+	GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+	GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+	GCRYPT_FOUND=yes
+fi
+
+    if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GCRYPT" >&5
+$as_echo_n "checking for GCRYPT... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+    pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "libgcrypt >= $GCRYPT_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= $GNUTLS_NEW_MIN_VERSION" 2>/dev/null`
+  pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "libgcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+    pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "libgcrypt >= $GCRYPT_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
-	pkg_failed=untried
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -13316,71 +14543,217 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "gnutls >= $GNUTLS_NEW_MIN_VERSION"`
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
         else
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gnutls >= $GNUTLS_NEW_MIN_VERSION"`
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgcrypt >= $GCRYPT_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
-	echo "$GNUTLS_PKG_ERRORS" >&5
+	echo "$GCRYPT_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+	GCRYPT_FOUND=no
+elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	GCRYPT_FOUND=no
+else
+	GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+	GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+	GCRYPT_FOUND=yes
+fi
+    fi
+
+    if test "z$GCRYPT_FOUND" = "zno" ; then
+
+pkg_failed=no
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GCRYPT" >&5
+$as_echo_n "checking for GCRYPT... " >&6; }
+
+if test -n "$GCRYPT_CFLAGS"; then
+    pkg_cv_GCRYPT_CFLAGS="$GCRYPT_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt11 >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "libgcrypt11 >= $GCRYPT_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_GCRYPT_CFLAGS=`$PKG_CONFIG --cflags "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$GCRYPT_LIBS"; then
+    pkg_cv_GCRYPT_LIBS="$GCRYPT_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgcrypt11 >= \$GCRYPT_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "libgcrypt11 >= $GCRYPT_MIN_VERSION") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_GCRYPT_LIBS=`$PKG_CONFIG --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
-                GNUTLS_FOUND=no
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+        _pkg_short_errors_supported=yes
+else
+        _pkg_short_errors_supported=no
+fi
+        if test $_pkg_short_errors_supported = yes; then
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>&1`
+        else
+	        GCRYPT_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgcrypt11 >= $GCRYPT_MIN_VERSION" 2>&1`
+        fi
+	# Put the nasty error message in config.log where it belongs
+	echo "$GCRYPT_PKG_ERRORS" >&5
+
+	GCRYPT_FOUND=no
 elif test $pkg_failed = untried; then
-	GNUTLS_FOUND=no
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	GCRYPT_FOUND=no
 else
-	GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
-	GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS
+	GCRYPT_CFLAGS=$pkg_cv_GCRYPT_CFLAGS
+	GCRYPT_LIBS=$pkg_cv_GCRYPT_LIBS
         { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
-	GNUTLS_FOUND=yes
+	GCRYPT_FOUND=yes
+fi
+    fi
 fi
-    if test "z$GNUTLS_FOUND" = "zno" ; then
+
+if test "z$GCRYPT_FOUND" = "zno" ; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcrypt libraries >= $GCRYPT_MIN_VERSION" >&5
+$as_echo_n "checking for gcrypt libraries >= $GCRYPT_MIN_VERSION... " >&6; }
+    if test "z$with_gcrypt" != "z" ; then
+        GCRYPT_CONFIG=$with_gcrypt/bin/$GCRYPT_CONFIG
+    fi
+    if ! $GCRYPT_CONFIG --version > /dev/null 2>&1 ; then
+	if test "z$with_gcrypt" != "z" ; then
+	    as_fn_error $? "Unable to find gcrypt at '$with_gcrypt'" "$LINENO" 5
+	else
+	    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	fi
+    else
+        vers=`$GCRYPT_CONFIG --version | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
+	minvers=`echo $GCRYPT_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
+	if test "$vers" -ge "$minvers" ; then
+	    GCRYPT_CFLAGS="$GCRYPT_CFLAGS `$GCRYPT_CONFIG --cflags`"
+	    GCRYPT_LIBS="$GCRYPT_LIBS `$GCRYPT_CONFIG --libs`"
+	    GCRYPT_FOUND=yes
+	else
+	    as_fn_error $? "You need at least gcrypt $GCRYPT_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
+	fi
+    fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zyes" ; then
+    XMLSEC_NO_GCRYPT="0"
+    GCRYPT_CFLAGS="$GCRYPT_CFLAGS -DXMLSEC_CRYPTO_GCRYPT=1"
+    XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gcrypt"
+else
+    XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gcrypt"
+fi
+
+ if test "z$XMLSEC_NO_GCRYPT" = "z1"; then
+  XMLSEC_NO_GCRYPT_TRUE=
+  XMLSEC_NO_GCRYPT_FALSE='#'
+else
+  XMLSEC_NO_GCRYPT_TRUE='#'
+  XMLSEC_NO_GCRYPT_FALSE=
+fi
+
+
+
+
+
+
+
+
+GNUTLS_CONFIG="libgnutls-config"
+XMLSEC_NO_GNUTLS="1"
+GNUTLS_MIN_VERSION="2.8.0"
+GNUTLS_VERSION=""
+GNUTLS_CFLAGS=""
+GNUTLS_LIBS=""
+GNUTLS_CRYPTO_LIB="$XMLSEC_PACKAGE-gnutls"
+GNUTLS_FOUND="no"
+
+# Check whether --with-gnutls was given.
+if test "${with_gnutls+set}" = set; then :
+  withval=$with_gnutls;
+fi
+
+if test "z$with_gnutls" = "zno" ; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gnutls libraries >= $GNUTLS_MIN_VERSION" >&5
+$as_echo_n "checking for gnutls libraries >= $GNUTLS_MIN_VERSION... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+    GNUTLS_FOUND="without"
+elif test "z$with_gnutls" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNUTLS" >&5
 $as_echo_n "checking for GNUTLS... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_CFLAGS"; then
-        pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_NEW_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_NEW_MIN_VERSION") 2>&5
+if test -n "$GNUTLS_CFLAGS"; then
+    pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "libgnutls >= $GNUTLS_NEW_MIN_VERSION" 2>/dev/null`
+  pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_LIBS"; then
-        pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_NEW_MIN_VERSION\""; } >&5
-  ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_NEW_MIN_VERSION") 2>&5
+if test -n "$GNUTLS_LIBS"; then
+    pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "gnutls >= $GNUTLS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
-  pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "libgnutls >= $GNUTLS_NEW_MIN_VERSION" 2>/dev/null`
+  pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -13388,17 +14761,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "libgnutls >= $GNUTLS_NEW_MIN_VERSION"`
+	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>&1`
         else
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "libgnutls >= $GNUTLS_NEW_MIN_VERSION"`
+	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "gnutls >= $GNUTLS_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$GNUTLS_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                GNUTLS_FOUND=no
+	GNUTLS_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	GNUTLS_FOUND=no
 else
 	GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
@@ -13407,54 +14780,52 @@ else
 $as_echo "yes" >&6; }
 	GNUTLS_FOUND=yes
 fi
-    fi
-
     if test "z$GNUTLS_FOUND" = "zno" ; then
 
 pkg_failed=no
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNUTLS" >&5
 $as_echo_n "checking for GNUTLS... " >&6; }
 
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_CFLAGS"; then
-        pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$GNUTLS_CFLAGS"; then
+    pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "libgnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
-if test -n "$PKG_CONFIG"; then
-    if test -n "$GNUTLS_LIBS"; then
-        pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
-    else
-        if test -n "$PKG_CONFIG" && \
+if test -n "$GNUTLS_LIBS"; then
+    pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libgnutls >= \$GNUTLS_MIN_VERSION\""; } >&5
   ($PKG_CONFIG --exists --print-errors "libgnutls >= $GNUTLS_MIN_VERSION") 2>&5
   ac_status=$?
   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
   test $ac_status = 0; }; then
   pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
 else
   pkg_failed=yes
 fi
-    fi
-else
-	pkg_failed=untried
+ else
+    pkg_failed=untried
 fi
 
 
 
 if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
         _pkg_short_errors_supported=yes
@@ -13462,17 +14833,17 @@ else
         _pkg_short_errors_supported=no
 fi
         if test $_pkg_short_errors_supported = yes; then
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "libgnutls >= $GNUTLS_MIN_VERSION"`
+	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>&1`
         else
-	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "libgnutls >= $GNUTLS_MIN_VERSION"`
+	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libgnutls >= $GNUTLS_MIN_VERSION" 2>&1`
         fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$GNUTLS_PKG_ERRORS" >&5
 
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-                GNUTLS_FOUND=no
+	GNUTLS_FOUND=no
 elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
 	GNUTLS_FOUND=no
 else
 	GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
@@ -13481,9 +14852,6 @@ else
 $as_echo "yes" >&6; }
 	GNUTLS_FOUND=yes
 fi
-	if test "z$GNUTLS_FOUND" = "zyes" ; then
-	    GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_GNUTLS_OLD=1"
-	fi
     fi
 fi
 
@@ -13495,7 +14863,7 @@ $as_echo_n "checking for gnutls libraries >= $GNUTLS_MIN_VERSION... " >&6; }
     fi
     if ! $GNUTLS_CONFIG --version > /dev/null 2>&1 ; then
 	if test "z$with_gnutls" != "z" ; then
-	    as_fn_error "Unable to find gnutls at '$with_gnutls'" "$LINENO" 5
+	    as_fn_error $? "Unable to find gnutls at '$with_gnutls'" "$LINENO" 5
 	else
 	    { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
@@ -13505,17 +14873,10 @@ $as_echo "no" >&6; }
 	minvers=`echo $GNUTLS_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
 	if test "$vers" -ge "$minvers" ; then
 	    GNUTLS_CFLAGS="$GNUTLS_CFLAGS `$GNUTLS_CONFIG --cflags`"
-    	    GNUTLS_LIBS="$GNUTLS_LIBS `$GNUTLS_CONFIG --libs`"
+	    GNUTLS_LIBS="$GNUTLS_LIBS `$GNUTLS_CONFIG --libs`"
 	    GNUTLS_FOUND=yes
-
-	    new_minvers=`echo $GNUTLS_NEW_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
-	    if test "$vers" -lt "$new_minvers" ; then
-		GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_GNUTLS_OLD=1"
-	    fi
-	    { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
 	else
-    	    as_fn_error "You need at least gnutls $GNUTLS_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
+	    as_fn_error $? "You need at least gnutls $GNUTLS_MIN_VERSION for this version of $XMLSEC_PACKAGE" "$LINENO" 5
 	fi
     fi
 fi
@@ -13523,14 +14884,12 @@ fi
 if test "z$GNUTLS_FOUND" = "zyes" ; then
     XMLSEC_NO_GNUTLS="0"
     GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_CRYPTO_GNUTLS=1"
+    XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gnutls"
 
-        if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="gnutls"
-    	XMLSEC_CRYPTO_LIB="$GNUTLS_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$GNUTLS_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$GNUTLS_LIBS"
+        if test "z$GCRYPT_FOUND" != "zyes" ; then
+        as_fn_error $? "xmlsec-gnutls library requires xmlsec-gcrypt library which is disabled or missing" "$LINENO" 5
     fi
-    XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gnutls"
+
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gnutls"
 fi
@@ -13549,6 +14908,7 @@ fi
 
 
 
+
 XMLSEC_NO_MSCRYPTO="1"
 MSCRYPTO_CFLAGS=""
 MSCRYPTO_LIBS=""
@@ -13574,8 +14934,15 @@ $as_echo_n "checking for mscrypto libraries... " >&6; }
 
 	#include <windows.h>
 	#include <wincrypt.h>
+int
+main ()
+{
+
 	int main () { CertOpenStore(0,0,0,0,0);; return(0); }
 
+  ;
+  return 0;
+}
 _ACEOF
 if ac_fn_c_try_link "$LINENO"; then :
 
@@ -13600,12 +14967,6 @@ if test "z$MSCRYPTO_ENABLE" = "zyes" ; then
 		MSCRYPTO_LIBS="-lcrypt32";;
     esac
 
-        if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="mscrypto"
-    	XMLSEC_CRYPTO_LIB="$MSCRYPTO_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$MSCRYPTO_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$MSCRYPTO_LIBS"
-    fi
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST mscrypto"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST mscrypto"
@@ -13624,15 +14985,110 @@ fi
 
 
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypto library" >&5
-$as_echo_n "checking for crypto library... " >&6; }
-if test "z$XMLSEC_CRYPTO" = "z" ;  then
-    as_fn_error "At least one crypto library should exist for $XMLSEC_PACKAGE" "$LINENO" 5
-else
-    { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes ('$XMLSEC_CRYPTO')" >&5
-$as_echo "yes ('$XMLSEC_CRYPTO')" >&6; }
+
+XMLSEC_CRYPTO=""
+XMLSEC_CRYPTO_LIB=""
+XMLSEC_CRYPTO_CFLAGS=""
+XMLSEC_CRYPTO_LIBS=""
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for default crypto library" >&5
+$as_echo_n "checking for default crypto library... " >&6; }
+
+# Check whether --with-default_crypto was given.
+if test "${with_default_crypto+set}" = set; then :
+  withval=$with_default_crypto;
 fi
 
+
+# check the argument
+case "z$with_default_crypto" in
+    'zmscrypto')
+        if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+            XMLSEC_CRYPTO="mscrypto"
+        else
+            as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+        fi
+        ;;
+    'zopenssl')
+        if test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+            XMLSEC_CRYPTO="openssl"
+        else
+            as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+        fi
+        ;;
+    'znss')
+        if test "z$XMLSEC_NO_NSS" != "z1" ; then
+            XMLSEC_CRYPTO="nss"
+        else
+            as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+        fi
+        ;;
+    'zgnutls')
+        if test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+            XMLSEC_CRYPTO="gnutls"
+        else
+            as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+        fi
+        ;;
+    'zgcrypt')
+        if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+            XMLSEC_CRYPTO="gcrypt"
+        else
+            as_fn_error $? "'$with_default_crypto' is specified as default crypto library but it is not configured or found" "$LINENO" 5
+        fi
+        ;;
+    'z')
+                if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+            XMLSEC_CRYPTO="mscrypto"
+        elif test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+            XMLSEC_CRYPTO="openssl"
+        elif test "z$XMLSEC_NO_NSS" != "z1" ; then
+            XMLSEC_CRYPTO="nss"
+        elif test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+            XMLSEC_CRYPTO="gnutls"
+        elif test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+            XMLSEC_CRYPTO="gcrypt"
+        else
+            as_fn_error $? "At least one crypto library should exist for $XMLSEC_PACKAGE" "$LINENO" 5
+        fi
+        ;;
+    *)
+        as_fn_error $? "The value '$with_default_crypto' is not a recongnized crypto library name" "$LINENO" 5
+        ;;
+esac
+
+case "$XMLSEC_CRYPTO" in
+    'mscrypto')
+        XMLSEC_CRYPTO_LIB="$MSCRYPTO_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$MSCRYPTO_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$MSCRYPTO_LIBS"
+        ;;
+    'openssl')
+        XMLSEC_CRYPTO_LIB="$OPENSSL_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$OPENSSL_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$OPENSSL_LIBS"
+        ;;
+    'nss')
+        XMLSEC_CRYPTO_LIB="$NSS_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$NSS_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$NSS_LIBS"
+        ;;
+    'gnutls')
+        XMLSEC_CRYPTO_LIB="$GNUTLS_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$GNUTLS_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$GNUTLS_LIBS"
+        ;;
+    'gcrypt')
+        XMLSEC_CRYPTO_LIB="$GCRYPT_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$GCRYPT_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$GCRYPT_LIBS"
+        ;;
+    *)
+        as_fn_error $? "The value \"$XMLSEC_CRYPTO\" is not a recongnized crypto library name" "$LINENO" 5
+        ;;
+esac
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes ('$XMLSEC_CRYPTO')" >&5
+$as_echo "yes ('$XMLSEC_CRYPTO')" >&6; }
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MD5 support" >&5
 $as_echo_n "checking for MD5 support... " >&6; }
 # Check whether --enable-md5 was given.
@@ -14109,12 +15565,12 @@ if test "z$enable_crypto_dl" = "zno" ; then
 $as_echo "no" >&6; }
 else
     ac_fn_c_check_header_mongrel "$LINENO" "ltdl.h" "ac_cv_header_ltdl_h" "$ac_includes_default"
-if test "x$ac_cv_header_ltdl_h" = x""yes; then :
+if test "x$ac_cv_header_ltdl_h" = xyes; then :
 
-	XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_DL_LIBLTDL=1",
+	XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_DL_LIBLTDL=1"
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for lt_dlopenext in -lltdl" >&5
 $as_echo_n "checking for lt_dlopenext in -lltdl... " >&6; }
-if test "${ac_cv_lib_ltdl_lt_dlopenext+set}" = set; then :
+if ${ac_cv_lib_ltdl_lt_dlopenext+:} false; then :
   $as_echo_n "(cached) " >&6
 else
   ac_check_lib_save_LIBS=$LIBS
@@ -14148,7 +15604,7 @@ LIBS=$ac_check_lib_save_LIBS
 fi
 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ltdl_lt_dlopenext" >&5
 $as_echo "$ac_cv_lib_ltdl_lt_dlopenext" >&6; }
-if test "x$ac_cv_lib_ltdl_lt_dlopenext" = x""yes; then :
+if test "x$ac_cv_lib_ltdl_lt_dlopenext" = xyes; then :
   LIBLTDL=-lltdl
 else
   LIBLTDL=
@@ -14169,7 +15625,7 @@ fi
 	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
     else
-	as_fn_error "libltdl is required for xmlsec-crypto dynamic loading" "$LINENO" 5
+	as_fn_error $? "libltdl is required for xmlsec-crypto dynamic loading" "$LINENO" 5
     fi
 fi
  if test "z$XMLSEC_NO_CRYPTO_DYNAMIC_LOADING" = "z1"; then
@@ -14201,7 +15657,7 @@ $as_echo "no" >&6; }
 elif test "z$enable_crypto_dl" = "zno" ; then
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
 $as_echo "no" >&6; }
-    as_fn_error "xmlsec-crypto libraries dynamic loading support in xmlsec command line tool is requested but no dynamic loading in xmlsec itself is disabled" "$LINENO" 5
+    as_fn_error $? "xmlsec-crypto libraries dynamic loading support in xmlsec command line tool is requested but no dynamic loading in xmlsec itself is disabled" "$LINENO" 5
 else
     XMLSEC_APP_DEFINES="$XMLSEC_APP_DEFINES -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1"
     XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING="0"
@@ -14268,14 +15724,14 @@ else
 $as_echo "yes" >&6; }
 fi
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for debuging" >&5
-$as_echo_n "checking for debuging... " >&6; }
-# Check whether --enable-debuging was given.
-if test "${enable_debuging+set}" = set; then :
-  enableval=$enable_debuging;
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for debugging" >&5
+$as_echo_n "checking for debugging... " >&6; }
+# Check whether --enable-debugging was given.
+if test "${enable_debugging+set}" = set; then :
+  enableval=$enable_debugging;
 fi
 
-if test "z$enable_debuging" = "zyes" ; then
+if test "z$enable_debugging" = "zyes" ; then
     CFLAGS="$CFLAGS -g"
     { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
 $as_echo "yes" >&6; }
@@ -14347,8 +15803,14 @@ XMLSEC_OPENSSL_LIBS="-L${libdir} -l$OPENSSL_CRYPTO_LIB $XMLSEC_CORE_LIBS $OPENSS
 
 
 
+XMLSEC_GCRYPT_CFLAGS="$XMLSEC_CORE_CFLAGS $GCRYPT_CFLAGS"
+XMLSEC_GCRYPT_LIBS="-L${libdir} -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GCRYPT_LIBS"
+
+
+
+# xmlsec-gnutls is using xmlsec-gcrypt
 XMLSEC_GNUTLS_CFLAGS="$XMLSEC_CORE_CFLAGS $GNUTLS_CFLAGS"
-XMLSEC_GNUTLS_LIBS="-L${libdir} -l$GNUTLS_CRYPTO_LIB $XMLSEC_CORE_LIBS $GNUTLS_LIBS"
+XMLSEC_GNUTLS_LIBS="-L${libdir} -l$GNUTLS_CRYPTO_LIB -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GNUTLS_LIBS"
 
 
 
@@ -14395,6 +15857,11 @@ ac_config_files="$ac_config_files include/xmlsec/gnutls/Makefile src/gnutls/Make
 
 fi
 
+if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+ac_config_files="$ac_config_files include/xmlsec/gcrypt/Makefile src/gcrypt/Makefile"
+
+fi
+
 if test "z$XMLSEC_NO_NSS" != "z1" ; then
 ac_config_files="$ac_config_files include/xmlsec/nss/Makefile src/nss/Makefile"
 
@@ -14412,7 +15879,7 @@ ac_config_files="$ac_config_files xmlsec1.pc:xmlsec.pc.in"
 
 fi
 
-ac_config_files="$ac_config_files include/xmlsec/version.h Makefile include/Makefile include/xmlsec/Makefile include/xmlsec/private/Makefile src/Makefile apps/Makefile docs/Makefile docs/api/Makefile man/Makefile xmlsec1Conf.sh:xmlsecConf.sh.in xmlsec1-config:xmlsec-config.in xmlsec1-openssl.pc:xmlsec-openssl.pc.in xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in xmlsec1-nss.pc:xmlsec-nss.pc.in xmlsec1.spec:xmlsec.spec.in"
+ac_config_files="$ac_config_files include/xmlsec/version.h Makefile include/Makefile include/xmlsec/Makefile include/xmlsec/private/Makefile src/Makefile apps/Makefile docs/Makefile docs/api/Makefile man/Makefile xmlsec1Conf.sh:xmlsecConf.sh.in xmlsec1-config:xmlsec-config.in xmlsec1-openssl.pc:xmlsec-openssl.pc.in xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in xmlsec1-nss.pc:xmlsec-nss.pc.in xmlsec1.spec:xmlsec.spec.in"
 
 cat >confcache <<\_ACEOF
 # This file is a shell script that caches the results of configure
@@ -14478,10 +15945,21 @@ $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
      :end' >>confcache
 if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
   if test -w "$cache_file"; then
-    test "x$cache_file" != "x/dev/null" &&
+    if test "x$cache_file" != "x/dev/null"; then
       { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
 $as_echo "$as_me: updating cache $cache_file" >&6;}
-    cat confcache >$cache_file
+      if test ! -f "$cache_file" || test -h "$cache_file"; then
+	cat confcache >"$cache_file"
+      else
+        case $cache_file in #(
+        */* | ?:*)
+	  mv -f confcache "$cache_file"$$ &&
+	  mv -f "$cache_file"$$ "$cache_file" ;; #(
+        *)
+	  mv -f confcache "$cache_file" ;;
+	esac
+      fi
+    fi
   else
     { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
@@ -14497,6 +15975,7 @@ DEFS=-DHAVE_CONFIG_H
 
 ac_libobjs=
 ac_ltlibobjs=
+U=
 for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
   # 1. Remove the extension, and $U if already installed.
   ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
@@ -14520,115 +15999,119 @@ else
 fi
 
 if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then
-  as_fn_error "conditional \"MAINTAINER_MODE\" was never defined.
+  as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then
-  as_fn_error "conditional \"AMDEP\" was never defined.
+  as_fn_error $? "conditional \"AMDEP\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
-  as_fn_error "conditional \"am__fastdepCC\" was never defined.
+  as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${SHAREDLIB_HACK_TRUE}" && test -z "${SHAREDLIB_HACK_FALSE}"; then
-  as_fn_error "conditional \"SHAREDLIB_HACK\" was never defined.
+  as_fn_error $? "conditional \"SHAREDLIB_HACK\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_OPENSSL_TRUE}" && test -z "${XMLSEC_NO_OPENSSL_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_OPENSSL\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_OPENSSL\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_NSS_TRUE}" && test -z "${XMLSEC_NO_NSS_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_NSS\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_NSS\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+if test -z "${XMLSEC_NO_GCRYPT_TRUE}" && test -z "${XMLSEC_NO_GCRYPT_FALSE}"; then
+  as_fn_error $? "conditional \"XMLSEC_NO_GCRYPT\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_GNUTLS_TRUE}" && test -z "${XMLSEC_NO_GNUTLS_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_GNUTLS\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_GNUTLS\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_MSCRYPTO_TRUE}" && test -z "${XMLSEC_NO_MSCRYPTO_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_MSCRYPTO\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_MSCRYPTO\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_MD5_TRUE}" && test -z "${XMLSEC_NO_MD5_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_MD5\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_MD5\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_RIPEMD160_TRUE}" && test -z "${XMLSEC_NO_RIPEMD160_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_RIPEMD160\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_RIPEMD160\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_SHA1_TRUE}" && test -z "${XMLSEC_NO_SHA1_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_SHA1\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_SHA1\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_SHA224_TRUE}" && test -z "${XMLSEC_NO_SHA224_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_SHA224\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_SHA224\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_SHA256_TRUE}" && test -z "${XMLSEC_NO_SHA256_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_SHA256\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_SHA256\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_SHA384_TRUE}" && test -z "${XMLSEC_NO_SHA384_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_SHA384\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_SHA384\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_SHA512_TRUE}" && test -z "${XMLSEC_NO_SHA512_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_SHA512\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_SHA512\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_HMAC_TRUE}" && test -z "${XMLSEC_NO_HMAC_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_HMAC\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_HMAC\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_DSA_TRUE}" && test -z "${XMLSEC_NO_DSA_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_DSA\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_DSA\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_RSA_TRUE}" && test -z "${XMLSEC_NO_RSA_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_RSA\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_RSA\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_X509_TRUE}" && test -z "${XMLSEC_NO_X509_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_X509\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_X509\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_DES_TRUE}" && test -z "${XMLSEC_NO_DES_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_DES\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_DES\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_AES_TRUE}" && test -z "${XMLSEC_NO_AES_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_AES\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_AES\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_GOST_TRUE}" && test -z "${XMLSEC_NO_GOST_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_GOST\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_GOST\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_XMLDSIG_TRUE}" && test -z "${XMLSEC_NO_XMLDSIG_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_XMLDSIG\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_XMLDSIG\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_XMLENC_TRUE}" && test -z "${XMLSEC_NO_XMLENC_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_XMLENC\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_XMLENC\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_XKMS_TRUE}" && test -z "${XMLSEC_NO_XKMS_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_XKMS\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_XKMS\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_TRUE}" && test -z "${XMLSEC_NO_CRYPTO_DYNAMIC_LOADING_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_CRYPTO_DYNAMIC_LOADING\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_CRYPTO_DYNAMIC_LOADING\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 if test -z "${XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_TRUE}" && test -z "${XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING_FALSE}"; then
-  as_fn_error "conditional \"XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING\" was never defined.
+  as_fn_error $? "conditional \"XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
 
-: ${CONFIG_STATUS=./config.status}
+: "${CONFIG_STATUS=./config.status}"
 ac_write_fail=0
 ac_clean_files_save=$ac_clean_files
 ac_clean_files="$ac_clean_files $CONFIG_STATUS"
@@ -14729,6 +16212,7 @@ fi
 IFS=" ""	$as_nl"
 
 # Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
 case $0 in #((
   *[\\/]* ) as_myself=$0 ;;
   *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
@@ -14774,19 +16258,19 @@ export LANGUAGE
 (unset CDPATH) >/dev/null 2>&1 && unset CDPATH
 
 
-# as_fn_error ERROR [LINENO LOG_FD]
-# ---------------------------------
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
 # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
 # provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with status $?, using 1 if that was 0.
+# script with STATUS, using 1 if that was 0.
 as_fn_error ()
 {
-  as_status=$?; test $as_status -eq 0 && as_status=1
-  if test "$3"; then
-    as_lineno=${as_lineno-"$2"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-    $as_echo "$as_me:${as_lineno-$LINENO}: error: $1" >&$3
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
   fi
-  $as_echo "$as_me: error: $1" >&2
+  $as_echo "$as_me: error: $2" >&2
   as_fn_exit $as_status
 } # as_fn_error
 
@@ -14924,16 +16408,16 @@ if (echo >conf$$.file) 2>/dev/null; then
     # ... but there are two gotchas:
     # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
     # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
-    # In both cases, we have to default to `cp -p'.
+    # In both cases, we have to default to `cp -pR'.
     ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
-      as_ln_s='cp -p'
+      as_ln_s='cp -pR'
   elif ln conf$$.file conf$$ 2>/dev/null; then
     as_ln_s=ln
   else
-    as_ln_s='cp -p'
+    as_ln_s='cp -pR'
   fi
 else
-  as_ln_s='cp -p'
+  as_ln_s='cp -pR'
 fi
 rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
 rmdir conf$$.dir 2>/dev/null
@@ -14982,7 +16466,7 @@ $as_echo X"$as_dir" |
       test -d "$as_dir" && break
     done
     test -z "$as_dirs" || eval "mkdir $as_dirs"
-  } || test -d "$as_dir" || as_fn_error "cannot create directory $as_dir"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
 
 
 } # as_fn_mkdir_p
@@ -14993,28 +16477,16 @@ else
   as_mkdir_p=false
 fi
 
-if test -x / >/dev/null 2>&1; then
-  as_test_x='test -x'
-else
-  if ls -dL / >/dev/null 2>&1; then
-    as_ls_L_option=L
-  else
-    as_ls_L_option=
-  fi
-  as_test_x='
-    eval sh -c '\''
-      if test -d "$1"; then
-	test -d "$1/.";
-      else
-	case $1 in #(
-	-*)set "./$1";;
-	esac;
-	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
-	???[sx]*):;;*)false;;esac;fi
-    '\'' sh
-  '
-fi
-as_executable_p=$as_test_x
+
+# as_fn_executable_p FILE
+# -----------------------
+# Test if FILE is an executable regular file.
+as_fn_executable_p ()
+{
+  test -f "$1" && test -x "$1"
+} # as_fn_executable_p
+as_test_x='test -x'
+as_executable_p=as_fn_executable_p
 
 # Sed expression to map a string onto a valid CPP name.
 as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
@@ -15035,8 +16507,8 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by xmlsec1 $as_me 1.2.14, which was
-generated by GNU Autoconf 2.64.  Invocation command line was
+This file was extended by xmlsec1 $as_me 1.2.19, which was
+generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
   CONFIG_HEADERS  = $CONFIG_HEADERS
@@ -15076,6 +16548,7 @@ Usage: $0 [OPTION]... [TAG]...
 
   -h, --help       print this help, then exit
   -V, --version    print version number and configuration settings, then exit
+      --config     print configuration, then exit
   -q, --quiet, --silent
                    do not print progress messages
   -d, --debug      don't remove temporary files
@@ -15098,12 +16571,13 @@ Report bugs to <http://www.aleksey.com/xmlsec>."
 
 _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-xmlsec1 config.status 1.2.14
-configured by $0, generated by GNU Autoconf 2.64,
-  with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
+xmlsec1 config.status 1.2.19
+configured by $0, generated by GNU Autoconf 2.69,
+  with options \\"\$ac_cs_config\\"
 
-Copyright (C) 2009 Free Software Foundation, Inc.
+Copyright (C) 2012 Free Software Foundation, Inc.
 This config.status script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it."
 
@@ -15121,11 +16595,16 @@ ac_need_defaults=:
 while test $# != 0
 do
   case $1 in
-  --*=*)
+  --*=?*)
     ac_option=`expr "X$1" : 'X\([^=]*\)='`
     ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
     ac_shift=:
     ;;
+  --*=)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=
+    ac_shift=:
+    ;;
   *)
     ac_option=$1
     ac_optarg=$2
@@ -15139,12 +16618,15 @@ do
     ac_cs_recheck=: ;;
   --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
     $as_echo "$ac_cs_version"; exit ;;
+  --config | --confi | --conf | --con | --co | --c )
+    $as_echo "$ac_cs_config"; exit ;;
   --debug | --debu | --deb | --de | --d | -d )
     debug=: ;;
   --file | --fil | --fi | --f )
     $ac_shift
     case $ac_optarg in
     *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    '') as_fn_error $? "missing file argument" ;;
     esac
     as_fn_append CONFIG_FILES " '$ac_optarg'"
     ac_need_defaults=false;;
@@ -15157,7 +16639,7 @@ do
     ac_need_defaults=false;;
   --he | --h)
     # Conflict between --help and --header
-    as_fn_error "ambiguous option: \`$1'
+    as_fn_error $? "ambiguous option: \`$1'
 Try \`$0 --help' for more information.";;
   --help | --hel | -h )
     $as_echo "$ac_cs_usage"; exit ;;
@@ -15166,7 +16648,7 @@ Try \`$0 --help' for more information.";;
     ac_cs_silent=: ;;
 
   # This is an error.
-  -*) as_fn_error "unrecognized option: \`$1'
+  -*) as_fn_error $? "unrecognized option: \`$1'
 Try \`$0 --help' for more information." ;;
 
   *) as_fn_append ac_config_targets " $1"
@@ -15186,7 +16668,7 @@ fi
 _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 if \$ac_cs_recheck; then
-  set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+  set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
   shift
   \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
   CONFIG_SHELL='$SHELL'
@@ -15220,131 +16702,154 @@ AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"
 sed_quote_subst='$sed_quote_subst'
 double_quote_subst='$double_quote_subst'
 delay_variable_subst='$delay_variable_subst'
-macro_version='`$ECHO "X$macro_version" | $Xsed -e "$delay_single_quote_subst"`'
-macro_revision='`$ECHO "X$macro_revision" | $Xsed -e "$delay_single_quote_subst"`'
-enable_shared='`$ECHO "X$enable_shared" | $Xsed -e "$delay_single_quote_subst"`'
-enable_static='`$ECHO "X$enable_static" | $Xsed -e "$delay_single_quote_subst"`'
-pic_mode='`$ECHO "X$pic_mode" | $Xsed -e "$delay_single_quote_subst"`'
-enable_fast_install='`$ECHO "X$enable_fast_install" | $Xsed -e "$delay_single_quote_subst"`'
-host_alias='`$ECHO "X$host_alias" | $Xsed -e "$delay_single_quote_subst"`'
-host='`$ECHO "X$host" | $Xsed -e "$delay_single_quote_subst"`'
-host_os='`$ECHO "X$host_os" | $Xsed -e "$delay_single_quote_subst"`'
-build_alias='`$ECHO "X$build_alias" | $Xsed -e "$delay_single_quote_subst"`'
-build='`$ECHO "X$build" | $Xsed -e "$delay_single_quote_subst"`'
-build_os='`$ECHO "X$build_os" | $Xsed -e "$delay_single_quote_subst"`'
-SED='`$ECHO "X$SED" | $Xsed -e "$delay_single_quote_subst"`'
-Xsed='`$ECHO "X$Xsed" | $Xsed -e "$delay_single_quote_subst"`'
-GREP='`$ECHO "X$GREP" | $Xsed -e "$delay_single_quote_subst"`'
-EGREP='`$ECHO "X$EGREP" | $Xsed -e "$delay_single_quote_subst"`'
-FGREP='`$ECHO "X$FGREP" | $Xsed -e "$delay_single_quote_subst"`'
-LD='`$ECHO "X$LD" | $Xsed -e "$delay_single_quote_subst"`'
-NM='`$ECHO "X$NM" | $Xsed -e "$delay_single_quote_subst"`'
-LN_S='`$ECHO "X$LN_S" | $Xsed -e "$delay_single_quote_subst"`'
-max_cmd_len='`$ECHO "X$max_cmd_len" | $Xsed -e "$delay_single_quote_subst"`'
-ac_objext='`$ECHO "X$ac_objext" | $Xsed -e "$delay_single_quote_subst"`'
-exeext='`$ECHO "X$exeext" | $Xsed -e "$delay_single_quote_subst"`'
-lt_unset='`$ECHO "X$lt_unset" | $Xsed -e "$delay_single_quote_subst"`'
-lt_SP2NL='`$ECHO "X$lt_SP2NL" | $Xsed -e "$delay_single_quote_subst"`'
-lt_NL2SP='`$ECHO "X$lt_NL2SP" | $Xsed -e "$delay_single_quote_subst"`'
-reload_flag='`$ECHO "X$reload_flag" | $Xsed -e "$delay_single_quote_subst"`'
-reload_cmds='`$ECHO "X$reload_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-OBJDUMP='`$ECHO "X$OBJDUMP" | $Xsed -e "$delay_single_quote_subst"`'
-deplibs_check_method='`$ECHO "X$deplibs_check_method" | $Xsed -e "$delay_single_quote_subst"`'
-file_magic_cmd='`$ECHO "X$file_magic_cmd" | $Xsed -e "$delay_single_quote_subst"`'
-AR='`$ECHO "X$AR" | $Xsed -e "$delay_single_quote_subst"`'
-AR_FLAGS='`$ECHO "X$AR_FLAGS" | $Xsed -e "$delay_single_quote_subst"`'
-STRIP='`$ECHO "X$STRIP" | $Xsed -e "$delay_single_quote_subst"`'
-RANLIB='`$ECHO "X$RANLIB" | $Xsed -e "$delay_single_quote_subst"`'
-old_postinstall_cmds='`$ECHO "X$old_postinstall_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-old_postuninstall_cmds='`$ECHO "X$old_postuninstall_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-old_archive_cmds='`$ECHO "X$old_archive_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-CC='`$ECHO "X$CC" | $Xsed -e "$delay_single_quote_subst"`'
-CFLAGS='`$ECHO "X$CFLAGS" | $Xsed -e "$delay_single_quote_subst"`'
-compiler='`$ECHO "X$compiler" | $Xsed -e "$delay_single_quote_subst"`'
-GCC='`$ECHO "X$GCC" | $Xsed -e "$delay_single_quote_subst"`'
-lt_cv_sys_global_symbol_pipe='`$ECHO "X$lt_cv_sys_global_symbol_pipe" | $Xsed -e "$delay_single_quote_subst"`'
-lt_cv_sys_global_symbol_to_cdecl='`$ECHO "X$lt_cv_sys_global_symbol_to_cdecl" | $Xsed -e "$delay_single_quote_subst"`'
-lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "X$lt_cv_sys_global_symbol_to_c_name_address" | $Xsed -e "$delay_single_quote_subst"`'
-lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "X$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $Xsed -e "$delay_single_quote_subst"`'
-objdir='`$ECHO "X$objdir" | $Xsed -e "$delay_single_quote_subst"`'
-SHELL='`$ECHO "X$SHELL" | $Xsed -e "$delay_single_quote_subst"`'
-ECHO='`$ECHO "X$ECHO" | $Xsed -e "$delay_single_quote_subst"`'
-MAGIC_CMD='`$ECHO "X$MAGIC_CMD" | $Xsed -e "$delay_single_quote_subst"`'
-lt_prog_compiler_no_builtin_flag='`$ECHO "X$lt_prog_compiler_no_builtin_flag" | $Xsed -e "$delay_single_quote_subst"`'
-lt_prog_compiler_wl='`$ECHO "X$lt_prog_compiler_wl" | $Xsed -e "$delay_single_quote_subst"`'
-lt_prog_compiler_pic='`$ECHO "X$lt_prog_compiler_pic" | $Xsed -e "$delay_single_quote_subst"`'
-lt_prog_compiler_static='`$ECHO "X$lt_prog_compiler_static" | $Xsed -e "$delay_single_quote_subst"`'
-lt_cv_prog_compiler_c_o='`$ECHO "X$lt_cv_prog_compiler_c_o" | $Xsed -e "$delay_single_quote_subst"`'
-need_locks='`$ECHO "X$need_locks" | $Xsed -e "$delay_single_quote_subst"`'
-DSYMUTIL='`$ECHO "X$DSYMUTIL" | $Xsed -e "$delay_single_quote_subst"`'
-NMEDIT='`$ECHO "X$NMEDIT" | $Xsed -e "$delay_single_quote_subst"`'
-LIPO='`$ECHO "X$LIPO" | $Xsed -e "$delay_single_quote_subst"`'
-OTOOL='`$ECHO "X$OTOOL" | $Xsed -e "$delay_single_quote_subst"`'
-OTOOL64='`$ECHO "X$OTOOL64" | $Xsed -e "$delay_single_quote_subst"`'
-libext='`$ECHO "X$libext" | $Xsed -e "$delay_single_quote_subst"`'
-shrext_cmds='`$ECHO "X$shrext_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-extract_expsyms_cmds='`$ECHO "X$extract_expsyms_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-archive_cmds_need_lc='`$ECHO "X$archive_cmds_need_lc" | $Xsed -e "$delay_single_quote_subst"`'
-enable_shared_with_static_runtimes='`$ECHO "X$enable_shared_with_static_runtimes" | $Xsed -e "$delay_single_quote_subst"`'
-export_dynamic_flag_spec='`$ECHO "X$export_dynamic_flag_spec" | $Xsed -e "$delay_single_quote_subst"`'
-whole_archive_flag_spec='`$ECHO "X$whole_archive_flag_spec" | $Xsed -e "$delay_single_quote_subst"`'
-compiler_needs_object='`$ECHO "X$compiler_needs_object" | $Xsed -e "$delay_single_quote_subst"`'
-old_archive_from_new_cmds='`$ECHO "X$old_archive_from_new_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-old_archive_from_expsyms_cmds='`$ECHO "X$old_archive_from_expsyms_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-archive_cmds='`$ECHO "X$archive_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-archive_expsym_cmds='`$ECHO "X$archive_expsym_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-module_cmds='`$ECHO "X$module_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-module_expsym_cmds='`$ECHO "X$module_expsym_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-with_gnu_ld='`$ECHO "X$with_gnu_ld" | $Xsed -e "$delay_single_quote_subst"`'
-allow_undefined_flag='`$ECHO "X$allow_undefined_flag" | $Xsed -e "$delay_single_quote_subst"`'
-no_undefined_flag='`$ECHO "X$no_undefined_flag" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_libdir_flag_spec='`$ECHO "X$hardcode_libdir_flag_spec" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_libdir_flag_spec_ld='`$ECHO "X$hardcode_libdir_flag_spec_ld" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_libdir_separator='`$ECHO "X$hardcode_libdir_separator" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_direct='`$ECHO "X$hardcode_direct" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_direct_absolute='`$ECHO "X$hardcode_direct_absolute" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_minus_L='`$ECHO "X$hardcode_minus_L" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_shlibpath_var='`$ECHO "X$hardcode_shlibpath_var" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_automatic='`$ECHO "X$hardcode_automatic" | $Xsed -e "$delay_single_quote_subst"`'
-inherit_rpath='`$ECHO "X$inherit_rpath" | $Xsed -e "$delay_single_quote_subst"`'
-link_all_deplibs='`$ECHO "X$link_all_deplibs" | $Xsed -e "$delay_single_quote_subst"`'
-fix_srcfile_path='`$ECHO "X$fix_srcfile_path" | $Xsed -e "$delay_single_quote_subst"`'
-always_export_symbols='`$ECHO "X$always_export_symbols" | $Xsed -e "$delay_single_quote_subst"`'
-export_symbols_cmds='`$ECHO "X$export_symbols_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-exclude_expsyms='`$ECHO "X$exclude_expsyms" | $Xsed -e "$delay_single_quote_subst"`'
-include_expsyms='`$ECHO "X$include_expsyms" | $Xsed -e "$delay_single_quote_subst"`'
-prelink_cmds='`$ECHO "X$prelink_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-file_list_spec='`$ECHO "X$file_list_spec" | $Xsed -e "$delay_single_quote_subst"`'
-variables_saved_for_relink='`$ECHO "X$variables_saved_for_relink" | $Xsed -e "$delay_single_quote_subst"`'
-need_lib_prefix='`$ECHO "X$need_lib_prefix" | $Xsed -e "$delay_single_quote_subst"`'
-need_version='`$ECHO "X$need_version" | $Xsed -e "$delay_single_quote_subst"`'
-version_type='`$ECHO "X$version_type" | $Xsed -e "$delay_single_quote_subst"`'
-runpath_var='`$ECHO "X$runpath_var" | $Xsed -e "$delay_single_quote_subst"`'
-shlibpath_var='`$ECHO "X$shlibpath_var" | $Xsed -e "$delay_single_quote_subst"`'
-shlibpath_overrides_runpath='`$ECHO "X$shlibpath_overrides_runpath" | $Xsed -e "$delay_single_quote_subst"`'
-libname_spec='`$ECHO "X$libname_spec" | $Xsed -e "$delay_single_quote_subst"`'
-library_names_spec='`$ECHO "X$library_names_spec" | $Xsed -e "$delay_single_quote_subst"`'
-soname_spec='`$ECHO "X$soname_spec" | $Xsed -e "$delay_single_quote_subst"`'
-postinstall_cmds='`$ECHO "X$postinstall_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-postuninstall_cmds='`$ECHO "X$postuninstall_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-finish_cmds='`$ECHO "X$finish_cmds" | $Xsed -e "$delay_single_quote_subst"`'
-finish_eval='`$ECHO "X$finish_eval" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_into_libs='`$ECHO "X$hardcode_into_libs" | $Xsed -e "$delay_single_quote_subst"`'
-sys_lib_search_path_spec='`$ECHO "X$sys_lib_search_path_spec" | $Xsed -e "$delay_single_quote_subst"`'
-sys_lib_dlsearch_path_spec='`$ECHO "X$sys_lib_dlsearch_path_spec" | $Xsed -e "$delay_single_quote_subst"`'
-hardcode_action='`$ECHO "X$hardcode_action" | $Xsed -e "$delay_single_quote_subst"`'
-enable_dlopen='`$ECHO "X$enable_dlopen" | $Xsed -e "$delay_single_quote_subst"`'
-enable_dlopen_self='`$ECHO "X$enable_dlopen_self" | $Xsed -e "$delay_single_quote_subst"`'
-enable_dlopen_self_static='`$ECHO "X$enable_dlopen_self_static" | $Xsed -e "$delay_single_quote_subst"`'
-old_striplib='`$ECHO "X$old_striplib" | $Xsed -e "$delay_single_quote_subst"`'
-striplib='`$ECHO "X$striplib" | $Xsed -e "$delay_single_quote_subst"`'
+macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`'
+macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`'
+enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`'
+enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`'
+pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`'
+enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`'
+SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`'
+ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`'
+PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`'
+host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`'
+host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`'
+host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`'
+build_alias='`$ECHO "$build_alias" | $SED "$delay_single_quote_subst"`'
+build='`$ECHO "$build" | $SED "$delay_single_quote_subst"`'
+build_os='`$ECHO "$build_os" | $SED "$delay_single_quote_subst"`'
+SED='`$ECHO "$SED" | $SED "$delay_single_quote_subst"`'
+Xsed='`$ECHO "$Xsed" | $SED "$delay_single_quote_subst"`'
+GREP='`$ECHO "$GREP" | $SED "$delay_single_quote_subst"`'
+EGREP='`$ECHO "$EGREP" | $SED "$delay_single_quote_subst"`'
+FGREP='`$ECHO "$FGREP" | $SED "$delay_single_quote_subst"`'
+LD='`$ECHO "$LD" | $SED "$delay_single_quote_subst"`'
+NM='`$ECHO "$NM" | $SED "$delay_single_quote_subst"`'
+LN_S='`$ECHO "$LN_S" | $SED "$delay_single_quote_subst"`'
+max_cmd_len='`$ECHO "$max_cmd_len" | $SED "$delay_single_quote_subst"`'
+ac_objext='`$ECHO "$ac_objext" | $SED "$delay_single_quote_subst"`'
+exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`'
+lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`'
+lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`'
+lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`'
+lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`'
+reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`'
+reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`'
+OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`'
+deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`'
+file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`'
+file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`'
+want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`'
+DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`'
+sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`'
+AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`'
+AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`'
+archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`'
+STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`'
+RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`'
+old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_postuninstall_cmds='`$ECHO "$old_postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_cmds='`$ECHO "$old_archive_cmds" | $SED "$delay_single_quote_subst"`'
+lock_old_archive_extraction='`$ECHO "$lock_old_archive_extraction" | $SED "$delay_single_quote_subst"`'
+CC='`$ECHO "$CC" | $SED "$delay_single_quote_subst"`'
+CFLAGS='`$ECHO "$CFLAGS" | $SED "$delay_single_quote_subst"`'
+compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`'
+GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`'
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`'
+nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`'
+lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`'
+objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`'
+MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`'
+lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`'
+lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`'
+need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`'
+MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`'
+DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`'
+NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`'
+LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`'
+OTOOL='`$ECHO "$OTOOL" | $SED "$delay_single_quote_subst"`'
+OTOOL64='`$ECHO "$OTOOL64" | $SED "$delay_single_quote_subst"`'
+libext='`$ECHO "$libext" | $SED "$delay_single_quote_subst"`'
+shrext_cmds='`$ECHO "$shrext_cmds" | $SED "$delay_single_quote_subst"`'
+extract_expsyms_cmds='`$ECHO "$extract_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds_need_lc='`$ECHO "$archive_cmds_need_lc" | $SED "$delay_single_quote_subst"`'
+enable_shared_with_static_runtimes='`$ECHO "$enable_shared_with_static_runtimes" | $SED "$delay_single_quote_subst"`'
+export_dynamic_flag_spec='`$ECHO "$export_dynamic_flag_spec" | $SED "$delay_single_quote_subst"`'
+whole_archive_flag_spec='`$ECHO "$whole_archive_flag_spec" | $SED "$delay_single_quote_subst"`'
+compiler_needs_object='`$ECHO "$compiler_needs_object" | $SED "$delay_single_quote_subst"`'
+old_archive_from_new_cmds='`$ECHO "$old_archive_from_new_cmds" | $SED "$delay_single_quote_subst"`'
+old_archive_from_expsyms_cmds='`$ECHO "$old_archive_from_expsyms_cmds" | $SED "$delay_single_quote_subst"`'
+archive_cmds='`$ECHO "$archive_cmds" | $SED "$delay_single_quote_subst"`'
+archive_expsym_cmds='`$ECHO "$archive_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+module_cmds='`$ECHO "$module_cmds" | $SED "$delay_single_quote_subst"`'
+module_expsym_cmds='`$ECHO "$module_expsym_cmds" | $SED "$delay_single_quote_subst"`'
+with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`'
+allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`'
+no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`'
+hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`'
+hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`'
+hardcode_minus_L='`$ECHO "$hardcode_minus_L" | $SED "$delay_single_quote_subst"`'
+hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_quote_subst"`'
+hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`'
+inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`'
+link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`'
+always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`'
+export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`'
+exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`'
+include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`'
+prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`'
+postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`'
+file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`'
+variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`'
+need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`'
+need_version='`$ECHO "$need_version" | $SED "$delay_single_quote_subst"`'
+version_type='`$ECHO "$version_type" | $SED "$delay_single_quote_subst"`'
+runpath_var='`$ECHO "$runpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_var='`$ECHO "$shlibpath_var" | $SED "$delay_single_quote_subst"`'
+shlibpath_overrides_runpath='`$ECHO "$shlibpath_overrides_runpath" | $SED "$delay_single_quote_subst"`'
+libname_spec='`$ECHO "$libname_spec" | $SED "$delay_single_quote_subst"`'
+library_names_spec='`$ECHO "$library_names_spec" | $SED "$delay_single_quote_subst"`'
+soname_spec='`$ECHO "$soname_spec" | $SED "$delay_single_quote_subst"`'
+install_override_mode='`$ECHO "$install_override_mode" | $SED "$delay_single_quote_subst"`'
+postinstall_cmds='`$ECHO "$postinstall_cmds" | $SED "$delay_single_quote_subst"`'
+postuninstall_cmds='`$ECHO "$postuninstall_cmds" | $SED "$delay_single_quote_subst"`'
+finish_cmds='`$ECHO "$finish_cmds" | $SED "$delay_single_quote_subst"`'
+finish_eval='`$ECHO "$finish_eval" | $SED "$delay_single_quote_subst"`'
+hardcode_into_libs='`$ECHO "$hardcode_into_libs" | $SED "$delay_single_quote_subst"`'
+sys_lib_search_path_spec='`$ECHO "$sys_lib_search_path_spec" | $SED "$delay_single_quote_subst"`'
+sys_lib_dlsearch_path_spec='`$ECHO "$sys_lib_dlsearch_path_spec" | $SED "$delay_single_quote_subst"`'
+hardcode_action='`$ECHO "$hardcode_action" | $SED "$delay_single_quote_subst"`'
+enable_dlopen='`$ECHO "$enable_dlopen" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self='`$ECHO "$enable_dlopen_self" | $SED "$delay_single_quote_subst"`'
+enable_dlopen_self_static='`$ECHO "$enable_dlopen_self_static" | $SED "$delay_single_quote_subst"`'
+old_striplib='`$ECHO "$old_striplib" | $SED "$delay_single_quote_subst"`'
+striplib='`$ECHO "$striplib" | $SED "$delay_single_quote_subst"`'
 
 LTCC='$LTCC'
 LTCFLAGS='$LTCFLAGS'
 compiler='$compiler_DEFAULT'
 
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+
 # Quote evaled strings.
-for var in SED \
+for var in SHELL \
+ECHO \
+PATH_SEPARATOR \
+SED \
 GREP \
 EGREP \
 FGREP \
@@ -15357,8 +16862,13 @@ reload_flag \
 OBJDUMP \
 deplibs_check_method \
 file_magic_cmd \
+file_magic_glob \
+want_nocaseglob \
+DLLTOOL \
+sharedlib_from_linklib_cmd \
 AR \
 AR_FLAGS \
+archiver_list_spec \
 STRIP \
 RANLIB \
 CC \
@@ -15368,14 +16878,14 @@ lt_cv_sys_global_symbol_pipe \
 lt_cv_sys_global_symbol_to_cdecl \
 lt_cv_sys_global_symbol_to_c_name_address \
 lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \
-SHELL \
-ECHO \
+nm_file_list_spec \
 lt_prog_compiler_no_builtin_flag \
-lt_prog_compiler_wl \
 lt_prog_compiler_pic \
+lt_prog_compiler_wl \
 lt_prog_compiler_static \
 lt_cv_prog_compiler_c_o \
 need_locks \
+MANIFEST_TOOL \
 DSYMUTIL \
 NMEDIT \
 LIPO \
@@ -15389,9 +16899,7 @@ with_gnu_ld \
 allow_undefined_flag \
 no_undefined_flag \
 hardcode_libdir_flag_spec \
-hardcode_libdir_flag_spec_ld \
 hardcode_libdir_separator \
-fix_srcfile_path \
 exclude_expsyms \
 include_expsyms \
 file_list_spec \
@@ -15399,12 +16907,13 @@ variables_saved_for_relink \
 libname_spec \
 library_names_spec \
 soname_spec \
+install_override_mode \
 finish_eval \
 old_striplib \
 striplib; do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
     *[\\\\\\\`\\"\\\$]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
       ;;
     *)
       eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
@@ -15426,14 +16935,15 @@ module_cmds \
 module_expsym_cmds \
 export_symbols_cmds \
 prelink_cmds \
+postlink_cmds \
 postinstall_cmds \
 postuninstall_cmds \
 finish_cmds \
 sys_lib_search_path_spec \
 sys_lib_dlsearch_path_spec; do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
     *[\\\\\\\`\\"\\\$]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
       ;;
     *)
       eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
@@ -15441,12 +16951,6 @@ sys_lib_dlsearch_path_spec; do
     esac
 done
 
-# Fix-up fallback echo if it was mangled by the above quoting rules.
-case \$lt_ECHO in
-*'\\\$0 --fallback-echo"')  lt_ECHO=\`\$ECHO "X\$lt_ECHO" | \$Xsed -e 's/\\\\\\\\\\\\\\\$0 --fallback-echo"\$/\$0 --fallback-echo"/'\`
-  ;;
-esac
-
 ac_aux_dir='$ac_aux_dir'
 xsi_shell='$xsi_shell'
 lt_shell_append='$lt_shell_append'
@@ -15482,6 +16986,8 @@ do
     "src/openssl/Makefile") CONFIG_FILES="$CONFIG_FILES src/openssl/Makefile" ;;
     "include/xmlsec/gnutls/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/gnutls/Makefile" ;;
     "src/gnutls/Makefile") CONFIG_FILES="$CONFIG_FILES src/gnutls/Makefile" ;;
+    "include/xmlsec/gcrypt/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/gcrypt/Makefile" ;;
+    "src/gcrypt/Makefile") CONFIG_FILES="$CONFIG_FILES src/gcrypt/Makefile" ;;
     "include/xmlsec/nss/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/nss/Makefile" ;;
     "src/nss/Makefile") CONFIG_FILES="$CONFIG_FILES src/nss/Makefile" ;;
     "include/xmlsec/mscrypto/Makefile") CONFIG_FILES="$CONFIG_FILES include/xmlsec/mscrypto/Makefile" ;;
@@ -15501,10 +17007,11 @@ do
     "xmlsec1-config") CONFIG_FILES="$CONFIG_FILES xmlsec1-config:xmlsec-config.in" ;;
     "xmlsec1-openssl.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-openssl.pc:xmlsec-openssl.pc.in" ;;
     "xmlsec1-gnutls.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in" ;;
+    "xmlsec1-gcrypt.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in" ;;
     "xmlsec1-nss.pc") CONFIG_FILES="$CONFIG_FILES xmlsec1-nss.pc:xmlsec-nss.pc.in" ;;
     "xmlsec1.spec") CONFIG_FILES="$CONFIG_FILES xmlsec1.spec:xmlsec.spec.in" ;;
 
-  *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
   esac
 done
 
@@ -15527,9 +17034,10 @@ fi
 # after its creation but before its name has been assigned to `$tmp'.
 $debug ||
 {
-  tmp=
+  tmp= ac_tmp=
   trap 'exit_status=$?
-  { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status
+  : "${ac_tmp:=$tmp}"
+  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
 ' 0
   trap 'as_fn_exit 1' 1 2 13 15
 }
@@ -15537,12 +17045,13 @@ $debug ||
 
 {
   tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
-  test -n "$tmp" && test -d "$tmp"
+  test -d "$tmp"
 }  ||
 {
   tmp=./conf$$-$RANDOM
   (umask 077 && mkdir "$tmp")
-} || as_fn_error "cannot create a temporary directory in ." "$LINENO" 5
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
 
 # Set up the scripts for CONFIG_FILES section.
 # No need to generate them if there are no CONFIG_FILES.
@@ -15559,12 +17068,12 @@ if test "x$ac_cr" = x; then
 fi
 ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
 if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
-  ac_cs_awk_cr='\r'
+  ac_cs_awk_cr='\\r'
 else
   ac_cs_awk_cr=$ac_cr
 fi
 
-echo 'BEGIN {' >"$tmp/subs1.awk" &&
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
 _ACEOF
 
 
@@ -15573,18 +17082,18 @@ _ACEOF
   echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
   echo "_ACEOF"
 } >conf$$subs.sh ||
-  as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5
-ac_delim_num=`echo "$ac_subst_vars" | grep -c '$'`
+  as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
 ac_delim='%!_!# '
 for ac_last_try in false false false false false :; do
   . ./conf$$subs.sh ||
-    as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
 
   ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
   if test $ac_delim_n = $ac_delim_num; then
     break
   elif $ac_last_try; then
-    as_fn_error "could not make $CONFIG_STATUS" "$LINENO" 5
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
   else
     ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
   fi
@@ -15592,7 +17101,7 @@ done
 rm -f conf$$subs.sh
 
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-cat >>"\$tmp/subs1.awk" <<\\_ACAWK &&
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
 _ACEOF
 sed -n '
 h
@@ -15606,7 +17115,7 @@ s/'"$ac_delim"'$//
 t delim
 :nl
 h
-s/\(.\{148\}\).*/\1/
+s/\(.\{148\}\)..*/\1/
 t more1
 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
 p
@@ -15620,7 +17129,7 @@ s/.\{148\}//
 t nl
 :delim
 h
-s/\(.\{148\}\).*/\1/
+s/\(.\{148\}\)..*/\1/
 t more2
 s/["\\]/\\&/g; s/^/"/; s/$/"/
 p
@@ -15640,7 +17149,7 @@ t delim
 rm -f conf$$subs.awk
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 _ACAWK
-cat >>"\$tmp/subs1.awk" <<_ACAWK &&
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
   for (key in S) S_is_set[key] = 1
   FS = ""
 
@@ -15672,21 +17181,29 @@ if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
   sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
 else
   cat
-fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \
-  || as_fn_error "could not setup config files machinery" "$LINENO" 5
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
 _ACEOF
 
-# VPATH may cause trouble with some makes, so we remove $(srcdir),
-# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
 # trailing colons and then remove the whole line if VPATH becomes empty
 # (actually we leave an empty line to preserve line numbers).
 if test "x$srcdir" = x.; then
-  ac_vpsub='/^[	 ]*VPATH[	 ]*=/{
-s/:*\$(srcdir):*/:/
-s/:*\${srcdir}:*/:/
-s/:*@srcdir@:*/:/
-s/^\([^=]*=[	 ]*\):*/\1/
+  ac_vpsub='/^[	 ]*VPATH[	 ]*=[	 ]*/{
+h
+s///
+s/^/:/
+s/[	 ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
 s/:*$//
+x
+s/\(=[	 ]*\).*/\1/
+G
+s/\n//
 s/^[^=]*=[	 ]*$//
 }'
 fi
@@ -15698,7 +17215,7 @@ fi # test -n "$CONFIG_FILES"
 # No need to generate them if there are no CONFIG_HEADERS.
 # This happens for instance with `./config.status Makefile'.
 if test -n "$CONFIG_HEADERS"; then
-cat >"$tmp/defines.awk" <<\_ACAWK ||
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
 BEGIN {
 _ACEOF
 
@@ -15710,11 +17227,11 @@ _ACEOF
 # handling of long lines.
 ac_delim='%!_!# '
 for ac_last_try in false false :; do
-  ac_t=`sed -n "/$ac_delim/p" confdefs.h`
-  if test -z "$ac_t"; then
+  ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+  if test -z "$ac_tt"; then
     break
   elif $ac_last_try; then
-    as_fn_error "could not make $CONFIG_HEADERS" "$LINENO" 5
+    as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
   else
     ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
   fi
@@ -15799,7 +17316,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 _ACAWK
 _ACEOF
 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-  as_fn_error "could not setup config headers machinery" "$LINENO" 5
+  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
 fi # test -n "$CONFIG_HEADERS"
 
 
@@ -15812,7 +17329,7 @@ do
   esac
   case $ac_mode$ac_tag in
   :[FHL]*:*);;
-  :L* | :C*:*) as_fn_error "invalid tag \`$ac_tag'" "$LINENO" 5;;
+  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
   :[FH]-) ac_tag=-:-;;
   :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
   esac
@@ -15831,7 +17348,7 @@ do
     for ac_f
     do
       case $ac_f in
-      -) ac_f="$tmp/stdin";;
+      -) ac_f="$ac_tmp/stdin";;
       *) # Look for the file first in the build tree, then in the source tree
 	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
 	 # because $ac_f cannot contain `:'.
@@ -15840,7 +17357,7 @@ do
 	   [\\/$]*) false;;
 	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
 	   esac ||
-	   as_fn_error "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
       esac
       case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
       as_fn_append ac_file_inputs " '$ac_f'"
@@ -15866,8 +17383,8 @@ $as_echo "$as_me: creating $ac_file" >&6;}
     esac
 
     case $ac_tag in
-    *:-:* | *:-) cat >"$tmp/stdin" \
-      || as_fn_error "could not create $ac_file" "$LINENO" 5 ;;
+    *:-:* | *:-) cat >"$ac_tmp/stdin" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
     esac
     ;;
   esac
@@ -16003,23 +17520,24 @@ s&@INSTALL@&$ac_INSTALL&;t t
 s&@MKDIR_P@&$ac_MKDIR_P&;t t
 $ac_datarootdir_hack
 "
-eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \
-  || as_fn_error "could not create $ac_file" "$LINENO" 5
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
 
 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
-  { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } &&
-  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } &&
+  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
+      "$ac_tmp/out"`; test -z "$ac_out"; } &&
   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined.  Please make sure it is defined." >&5
+which seems to be undefined.  Please make sure it is defined" >&5
 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined.  Please make sure it is defined." >&2;}
+which seems to be undefined.  Please make sure it is defined" >&2;}
 
-  rm -f "$tmp/stdin"
+  rm -f "$ac_tmp/stdin"
   case $ac_file in
-  -) cat "$tmp/out" && rm -f "$tmp/out";;
-  *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";;
+  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
   esac \
-  || as_fn_error "could not create $ac_file" "$LINENO" 5
+  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
  ;;
   :H)
   #
@@ -16028,21 +17546,21 @@ which seems to be undefined.  Please make sure it is defined." >&2;}
   if test x"$ac_file" != x-; then
     {
       $as_echo "/* $configure_input  */" \
-      && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs"
-    } >"$tmp/config.h" \
-      || as_fn_error "could not create $ac_file" "$LINENO" 5
-    if diff "$ac_file" "$tmp/config.h" >/dev/null 2>&1; then
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+    } >"$ac_tmp/config.h" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
       { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
 $as_echo "$as_me: $ac_file is unchanged" >&6;}
     else
       rm -f "$ac_file"
-      mv "$tmp/config.h" "$ac_file" \
-	|| as_fn_error "could not create $ac_file" "$LINENO" 5
+      mv "$ac_tmp/config.h" "$ac_file" \
+	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
     fi
   else
     $as_echo "/* $configure_input  */" \
-      && eval '$AWK -f "$tmp/defines.awk"' "$ac_file_inputs" \
-      || as_fn_error "could not create -" "$LINENO" 5
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+      || as_fn_error $? "could not create -" "$LINENO" 5
   fi
 # Compute "$ac_file"'s index in $config_headers.
 _am_arg="$ac_file"
@@ -16203,7 +17721,8 @@ $as_echo X"$file" |
 # NOTE: Changes made to this file will be lost: look at ltmain.sh.
 #
 #   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-#                 2006, 2007, 2008 Free Software Foundation, Inc.
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
 #   Written by Gordon Matzigkeit, 1996
 #
 #   This file is part of GNU Libtool.
@@ -16251,6 +17770,15 @@ pic_mode=$pic_mode
 # Whether or not to optimize for fast installation.
 fast_install=$enable_fast_install
 
+# Shell to use when invoking shell scripts.
+SHELL=$lt_SHELL
+
+# An echo program that protects backslashes.
+ECHO=$lt_ECHO
+
+# The PATH separator for the build system.
+PATH_SEPARATOR=$lt_PATH_SEPARATOR
+
 # The host system.
 host_alias=$host_alias
 host=$host
@@ -16300,9 +17828,11 @@ SP2NL=$lt_lt_SP2NL
 # turn newlines into spaces.
 NL2SP=$lt_lt_NL2SP
 
-# How to create reloadable object files.
-reload_flag=$lt_reload_flag
-reload_cmds=$lt_reload_cmds
+# convert \$build file names to \$host format.
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+
+# convert \$build files to toolchain format.
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
 
 # An object symbol dumper.
 OBJDUMP=$lt_OBJDUMP
@@ -16310,13 +17840,30 @@ OBJDUMP=$lt_OBJDUMP
 # Method to check whether dependent libraries are shared objects.
 deplibs_check_method=$lt_deplibs_check_method
 
-# Command to use when deplibs_check_method == "file_magic".
+# Command to use when deplibs_check_method = "file_magic".
 file_magic_cmd=$lt_file_magic_cmd
 
+# How to find potential files when deplibs_check_method = "file_magic".
+file_magic_glob=$lt_file_magic_glob
+
+# Find potential files using nocaseglob when deplibs_check_method = "file_magic".
+want_nocaseglob=$lt_want_nocaseglob
+
+# DLL creation program.
+DLLTOOL=$lt_DLLTOOL
+
+# Command to associate shared and link libraries.
+sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd
+
 # The archiver.
 AR=$lt_AR
+
+# Flags to create an archive.
 AR_FLAGS=$lt_AR_FLAGS
 
+# How to feed a file listing to the archiver.
+archiver_list_spec=$lt_archiver_list_spec
+
 # A symbol stripping program.
 STRIP=$lt_STRIP
 
@@ -16325,6 +17872,9 @@ RANLIB=$lt_RANLIB
 old_postinstall_cmds=$lt_old_postinstall_cmds
 old_postuninstall_cmds=$lt_old_postuninstall_cmds
 
+# Whether to use a lock for old archive extraction.
+lock_old_archive_extraction=$lock_old_archive_extraction
+
 # A C compiler.
 LTCC=$lt_CC
 
@@ -16343,14 +17893,14 @@ global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address
 # Transform the output of nm in a C name address pair when lib prefix is needed.
 global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix
 
-# The name of the directory that contains temporary libtool files.
-objdir=$objdir
+# Specify filename containing input files for \$NM.
+nm_file_list_spec=$lt_nm_file_list_spec
 
-# Shell to use when invoking shell scripts.
-SHELL=$lt_SHELL
+# The root where to search for dependent libraries,and in which our libraries should be installed.
+lt_sysroot=$lt_sysroot
 
-# An echo program that does not interpret backslashes.
-ECHO=$lt_ECHO
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
 
 # Used to examine libraries when file_magic_cmd begins with "file".
 MAGIC_CMD=$MAGIC_CMD
@@ -16358,6 +17908,9 @@ MAGIC_CMD=$MAGIC_CMD
 # Must we lock files when doing compilation?
 need_locks=$lt_need_locks
 
+# Manifest tool.
+MANIFEST_TOOL=$lt_MANIFEST_TOOL
+
 # Tool to manipulate archived DWARF debug symbol files on Mac OS X.
 DSYMUTIL=$lt_DSYMUTIL
 
@@ -16414,6 +17967,9 @@ library_names_spec=$lt_library_names_spec
 # The coded name of the library, if different from the real name.
 soname_spec=$lt_soname_spec
 
+# Permission mode override for installation of shared libraries.
+install_override_mode=$lt_install_override_mode
+
 # Command to use after installation of a shared archive.
 postinstall_cmds=$lt_postinstall_cmds
 
@@ -16453,6 +18009,10 @@ striplib=$lt_striplib
 # The linker used to build libraries.
 LD=$lt_LD
 
+# How to create reloadable object files.
+reload_flag=$lt_reload_flag
+reload_cmds=$lt_reload_cmds
+
 # Commands used to build an old-style archive.
 old_archive_cmds=$lt_old_archive_cmds
 
@@ -16465,12 +18025,12 @@ with_gcc=$GCC
 # Compiler flag to turn off builtin functions.
 no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag
 
-# How to pass a linker flag through the compiler.
-wl=$lt_lt_prog_compiler_wl
-
 # Additional compiler flags for building library objects.
 pic_flag=$lt_lt_prog_compiler_pic
 
+# How to pass a linker flag through the compiler.
+wl=$lt_lt_prog_compiler_wl
+
 # Compiler flag to prevent dynamic linking.
 link_static_flag=$lt_lt_prog_compiler_static
 
@@ -16520,10 +18080,6 @@ no_undefined_flag=$lt_no_undefined_flag
 # This must work even if \$libdir does not exist
 hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec
 
-# If ld is used when linking, flag to hardcode \$libdir into a binary
-# during linking.  This must work even if \$libdir does not exist.
-hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld
-
 # Whether we need a single "-rpath" flag with a separated argument.
 hardcode_libdir_separator=$lt_hardcode_libdir_separator
 
@@ -16557,9 +18113,6 @@ inherit_rpath=$inherit_rpath
 # Whether libtool must link a program against all its dependency libraries.
 link_all_deplibs=$link_all_deplibs
 
-# Fix the shell variable \$srcfile for the compiler.
-fix_srcfile_path=$lt_fix_srcfile_path
-
 # Set to "yes" if exported symbols are required.
 always_export_symbols=$always_export_symbols
 
@@ -16575,6 +18128,9 @@ include_expsyms=$lt_include_expsyms
 # Commands necessary for linking programs (against libraries) with templates.
 prelink_cmds=$lt_prelink_cmds
 
+# Commands necessary for finishing linking programs.
+postlink_cmds=$lt_postlink_cmds
+
 # Specify filename containing input files.
 file_list_spec=$lt_file_list_spec
 
@@ -16607,212 +18163,169 @@ ltmain="$ac_aux_dir/ltmain.sh"
   # if finds mixed CR/LF and LF-only lines.  Since sed operates in
   # text mode, it properly converts lines to CR/LF.  This bash problem
   # is reportedly fixed, but why not run on old versions too?
-  sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
-
-  case $xsi_shell in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-}
-
-# func_basename file
-func_basename ()
-{
-  func_basename_result="${1##*/}"
-}
-
-# func_dirname_and_basename file append nondir_replacement
-# perform func_basename and func_dirname in a single function
-# call:
-#   dirname:  Compute the dirname of FILE.  If nonempty,
-#             add APPEND to the result, otherwise set result
-#             to NONDIR_REPLACEMENT.
-#             value returned in "$func_dirname_result"
-#   basename: Compute filename of FILE.
-#             value retuned in "$func_basename_result"
-# Implementation must be kept synchronized with func_dirname
-# and func_basename. For efficiency, we do not delegate to
-# those functions but instead duplicate the functionality here.
-func_dirname_and_basename ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-  func_basename_result="${1##*/}"
-}
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-func_stripname ()
-{
-  # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
-  # positional parameters, so assign one to ordinary parameter first.
-  func_stripname_result=${3}
-  func_stripname_result=${func_stripname_result#"${1}"}
-  func_stripname_result=${func_stripname_result%"${2}"}
-}
-
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=${1%%=*}
-  func_opt_split_arg=${1#*=}
-}
-
-# func_lo2o object
-func_lo2o ()
-{
-  case ${1} in
-    *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
-    *)    func_lo2o_result=${1} ;;
-  esac
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=${1%.*}.lo
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=$(( $* ))
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=${#1}
-}
-
-_LT_EOF
-    ;;
-  *) # Bourne compatible functions.
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  # Extract subdirectory from the argument.
-  func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
-  if test "X$func_dirname_result" = "X${1}"; then
-    func_dirname_result="${3}"
-  else
-    func_dirname_result="$func_dirname_result${2}"
-  fi
-}
-
-# func_basename file
-func_basename ()
-{
-  func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
-}
-
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-# func_strip_suffix prefix name
-func_stripname ()
-{
-  case ${2} in
-    .*) func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%\\\\${2}\$%%"`;;
-    *)  func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%${2}\$%%"`;;
-  esac
-}
-
-# sed scripts:
-my_sed_long_opt='1s/^\(-[^=]*\)=.*/\1/;q'
-my_sed_long_arg='1s/^-[^=]*=//'
-
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_opt"`
-  func_opt_split_arg=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_arg"`
-}
-
-# func_lo2o object
-func_lo2o ()
-{
-  func_lo2o_result=`$ECHO "X${1}" | $Xsed -e "$lo2o"`
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=`$ECHO "X${1}" | $Xsed -e 's/\.[^.]*$/.lo/'`
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=`expr "$@"`
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len`
-}
-
-_LT_EOF
-esac
-
-case $lt_shell_append in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$1+=\$2"
-}
-_LT_EOF
-    ;;
-  *)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$1=\$$1\$2"
-}
-
-_LT_EOF
-    ;;
-  esac
-
-
-  sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
-
-  mv -f "$cfgfile" "$ofile" ||
+  sed '$q' "$ltmain" >> "$cfgfile" \
+     || (rm -f "$cfgfile"; exit 1)
+
+  if test x"$xsi_shell" = xyes; then
+  sed -e '/^func_dirname ()$/,/^} # func_dirname /c\
+func_dirname ()\
+{\
+\    case ${1} in\
+\      */*) func_dirname_result="${1%/*}${2}" ;;\
+\      *  ) func_dirname_result="${3}" ;;\
+\    esac\
+} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_basename ()$/,/^} # func_basename /c\
+func_basename ()\
+{\
+\    func_basename_result="${1##*/}"\
+} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\
+func_dirname_and_basename ()\
+{\
+\    case ${1} in\
+\      */*) func_dirname_result="${1%/*}${2}" ;;\
+\      *  ) func_dirname_result="${3}" ;;\
+\    esac\
+\    func_basename_result="${1##*/}"\
+} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_stripname ()$/,/^} # func_stripname /c\
+func_stripname ()\
+{\
+\    # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\
+\    # positional parameters, so assign one to ordinary parameter first.\
+\    func_stripname_result=${3}\
+\    func_stripname_result=${func_stripname_result#"${1}"}\
+\    func_stripname_result=${func_stripname_result%"${2}"}\
+} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\
+func_split_long_opt ()\
+{\
+\    func_split_long_opt_name=${1%%=*}\
+\    func_split_long_opt_arg=${1#*=}\
+} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\
+func_split_short_opt ()\
+{\
+\    func_split_short_opt_arg=${1#??}\
+\    func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\
+} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\
+func_lo2o ()\
+{\
+\    case ${1} in\
+\      *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\
+\      *)    func_lo2o_result=${1} ;;\
+\    esac\
+} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_xform ()$/,/^} # func_xform /c\
+func_xform ()\
+{\
+    func_xform_result=${1%.*}.lo\
+} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_arith ()$/,/^} # func_arith /c\
+func_arith ()\
+{\
+    func_arith_result=$(( $* ))\
+} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_len ()$/,/^} # func_len /c\
+func_len ()\
+{\
+    func_len_result=${#1}\
+} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+fi
+
+if test x"$lt_shell_append" = xyes; then
+  sed -e '/^func_append ()$/,/^} # func_append /c\
+func_append ()\
+{\
+    eval "${1}+=\\${2}"\
+} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\
+func_append_quoted ()\
+{\
+\    func_quote_for_eval "${2}"\
+\    eval "${1}+=\\\\ \\$func_quote_for_eval_result"\
+} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+
+
+  # Save a `func_append' function call where possible by direct use of '+='
+  sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+else
+  # Save a `func_append' function call even when '+=' is not available
+  sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+fi
+
+if test x"$_lt_function_replace_fail" = x":"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5
+$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;}
+fi
+
+
+   mv -f "$cfgfile" "$ofile" ||
     (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
   chmod +x "$ofile"
 
@@ -16827,7 +18340,7 @@ _ACEOF
 ac_clean_files=$ac_clean_files_save
 
 test $ac_write_fail = 0 ||
-  as_fn_error "write failure creating $CONFIG_STATUS" "$LINENO" 5
+  as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
 
 
 # configure is writing to config.log, and then calls config.status.
@@ -16848,7 +18361,7 @@ if test "$no_create" != yes; then
   exec 5>>config.log
   # Use ||, not &&, to avoid exiting from the if with $? = 1, which
   # would make configure fail if this is the last instruction.
-  $ac_cs_success || as_fn_exit $?
+  $ac_cs_success || as_fn_exit 1
 fi
 if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
diff --git a/configure.in b/configure.in
index 038e8ccf..1b46a926 100644
--- a/configure.in
+++ b/configure.in
@@ -1,10 +1,10 @@
 dnl Process this file with autoconf to produce a configure script.
-AC_INIT([xmlsec1],[1.2.14],[http://www.aleksey.com/xmlsec])
+AC_INIT([xmlsec1],[1.2.19],[http://www.aleksey.com/xmlsec])
 
 XMLSEC_PACKAGE=xmlsec1
 XMLSEC_VERSION_MAJOR=1
 XMLSEC_VERSION_MINOR=2
-XMLSEC_VERSION_SUBMINOR=14
+XMLSEC_VERSION_SUBMINOR=19
 XMLSEC_VERSION="$XMLSEC_VERSION_MAJOR.$XMLSEC_VERSION_MINOR.$XMLSEC_VERSION_SUBMINOR"
 XMLSEC_VERSION_INFO=`echo $XMLSEC_VERSION | awk -F. '{ printf "%d:%d:%d", $1+$2, $3, $2 }'`
 XMLSEC_VERSION_SAFE=`echo $XMLSEC_VERSION | sed 's/\./_/g'`
@@ -25,12 +25,18 @@ AM_INIT_AUTOMAKE([1.7 tar-ustar])
 AC_CONFIG_HEADERS([config.h])
 AM_MAINTAINER_MODE
 
+# Support silent build rules, requires at least automake-1.11. Disable
+# by either passing --disable-silent-rules to configure or passing V=1
+# to make
+m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
+
 dnl
 dnl Check the environment
 dnl
 AC_PROG_CC
 AC_PROG_INSTALL
 AC_HEADER_STDC
+AC_PROG_LIBTOOL
 
 LT_INIT
 
@@ -46,10 +52,6 @@ AC_PATH_PROG(TAR, tar, /bin/tar)
 AC_PATH_PROG(HELP2MAN, help2man)
 AC_PATH_PROG(MAN2HTML, man2html)
 
-dnl Make sure we have an ANSI compiler
-AM_C_PROTOTYPES
-test "z$U" != "z" && AC_MSG_ERROR(Compiler not ANSI compliant)
-
 dnl Checks for header files.
 AC_HEADER_DIRENT
 AC_HEADER_STDC
@@ -74,7 +76,7 @@ dnl ==========================================================================
 AC_MSG_CHECKING(for development environment) 
 AC_ARG_ENABLE(development,   [  --enable-development    enable development environment (no)])
 if test "z$enable_development" = "zyes" ; then
-    enable_debuging="yes"
+    enable_debugging="yes"
     enable_pedantic="yes"
     enable_static_linking="yes"
     enable_crypto_dl="no"
@@ -163,27 +165,18 @@ if test "$ac_cv_sizeof_size_t" -ne "4" ; then
     XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_SIZE_T"
 fi
 
-
-dnl autoconf 2.59 fail
-dnl configure.in:137: error: possibly undefined macro: PKG_CONFIG_ENABLED
-dnl       If this token and others are legitimate, please use m4_pattern_allow.
-dnl       See the Autoconf documentation.
-dnl Also note that pkg.m4 (pkgconfig>=0.16 ?)
-dnl allow [^PKG_CONFIG(_PATH)?$] !
-m4_pattern_allow([PKG_CONFIG_ENABLED])
-
 dnl ==========================================================================
 dnl Check if pkg-config enabled and installed
 dnl ==========================================================================
+PKG_CONFIG="pkg-config"
+PKGCONFIG_FOUND="no"
 AC_ARG_ENABLE(pkgconfig,   [  --enable-pkgconfig      enable pkgconfig for configuration (yes)])
-if test "z$enable_pkgconfig" = "zno" ; then
-    PKG_CONFIG_ENABLED=no
-else
-    AC_CHECK_PROG(PKG_CONFIG_ENABLED, pkg-config, yes, no)
-    if test "z$PKG_CONFIG_ENABLED" = "zyes" ; then
-	if ! pkg-config --atleast-pkgconfig-version 0.9 ; then
-	    PKG_CONFIG_ENABLED=no
-	fi
+if test "z$enable_pkgconfig" != "zno" ; then
+    AC_CHECK_PROG(PKGCONFIG_PRESENT, $PKG_CONFIG, yes, no)
+    if test "z$PKGCONFIG_PRESENT" = "zyes" ; then
+        if $PKG_CONFIG --atleast-pkgconfig-version 0.9 ; then
+            PKGCONFIG_FOUND="yes"
+        fi
     fi
 fi
 
@@ -219,15 +212,20 @@ elif test "z$with_libxml_src" != "z" ; then
     else 
 	AC_MSG_ERROR([libxml source dir not found (${with_libxml_src}), typo?])
     fi 	
-elif test "z$with_libxml" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$with_libxml" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
     PKG_CHECK_MODULES(LIBXML, libxml-2.0 >= $LIBXML_MIN_VERSION,
 	[LIBXML_FOUND=yes],
 	[LIBXML_FOUND=no])
 fi
 if test "z$LIBXML_FOUND" = "zno" ; then
     if test "z$with_libxml" != "zyes" ; then
-	AC_PATH_PROG([LIBXML_CONFIG], [$LIBXML_CONFIG], [],
+        if test "z$with_libxml" != "z" ; then
+	    AC_PATH_PROG([LIBXML_CONFIG], [$LIBXML_CONFIG], [],
 		     [$with_libxml/bin:$PATH])
+	else
+	    AC_PATH_PROG([LIBXML_CONFIG], [$LIBXML_CONFIG], [],
+		     [$PATH])
+	fi
     fi
     AC_MSG_CHECKING([libxml2 $LIBXML_CONFIG ])
     if ! LIBXML_VERSION=`$LIBXML_CONFIG --version 2>/dev/null`; then
@@ -283,7 +281,7 @@ elif test "z$with_libxslt_src" != "z" ; then
     else 
 	AC_MSG_ERROR([libxslt source dir not found (${with_libxslt_src}), typo?])
     fi 	
-elif test "z$with_libxslt" = "z" -a  "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$with_libxslt" = "z" -a  "z$PKGCONFIG_FOUND" = "zyes" ; then
     PKG_CHECK_MODULES(LIBXSLT, libxslt >= $LIBXSLT_MIN_VERSION,
 	[LIBXSLT_FOUND=yes],
 	[LIBXSLT_FOUND=no])
@@ -291,8 +289,13 @@ fi
 
 if test "z$LIBXSLT_FOUND" = "zno" ; then
     if test "z$with_libxslt" != "zyes" ; then
-	AC_PATH_PROG([LIBXSLT_CONFIG], [$LIBXSLT_CONFIG], [],
+        if test "z$with_libxslt" != "z" ; then
+	    AC_PATH_PROG([LIBXSLT_CONFIG], [$LIBXSLT_CONFIG], [],
 		     [$with_libxslt/bin:$PATH])
+        else
+	    AC_PATH_PROG([LIBXSLT_CONFIG], [$LIBXSLT_CONFIG], [],
+		     [$PATH])
+        fi
     fi
     AC_MSG_CHECKING(for libxslt libraries >= $LIBXSLT_MIN_VERSION) 
     if ! LIBXSLT_VERSION=`$LIBXSLT_CONFIG --version 2>/dev/null`; then
@@ -330,13 +333,8 @@ AC_SUBST(LIBXSLT_MIN_VERSION)
 dnl ==========================================================================
 dnl See if we can find a crypto library
 dnl ==========================================================================
-XMLSEC_CRYPTO=""
 XMLSEC_CRYPTO_LIST=""
 XMLSEC_CRYPTO_DISABLED_LIST=""
-XMLSEC_CRYPTO_LIB=""
-XMLSEC_CRYPTO_CFLAGS=""
-XMLSEC_CRYPTO_CFLAGS_APP=""
-XMLSEC_CRYPTO_LIBS=""
 
 dnl ==========================================================================
 dnl OpenSSL
@@ -372,7 +370,13 @@ elif test "z$with_openssl" != "z" ; then
 	OPENSSL_LIBS="$with_openssl/lib/libcrypto.a $openssl_exlibs"
     fi
     OPENSSL_FOUND="yes"
-elif test "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$PKGCONFIG_FOUND" = "zyes" ; then
+    if test "z$OPENSSL_VERSION" = "z" ; then
+        PKG_CHECK_MODULES(OPENSSL, openssl >= 1.0.0,
+            [OPENSSL_VERSION="1.0.0"],
+            [OPENSSL_VERSION=""])
+    fi
+
     if test "z$OPENSSL_VERSION" = "z" ; then
         PKG_CHECK_MODULES(OPENSSL, openssl >= 0.9.8,
     	    [OPENSSL_VERSION="0.9.8"],
@@ -502,26 +506,18 @@ fi
 if test "z$OPENSSL_FOUND" = "zyes" ; then
     XMLSEC_NO_OPENSSL="0"
     if test "z$OPENSSL_VERSION" = "z0.9.6" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_096=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_096=1 -DXMLSEC_NO_ECDSA=1"
     fi    
     if test "z$OPENSSL_VERSION" = "z0.9.7" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_097=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_097=1 -DXMLSEC_NO_ECDSA=1"
     fi    
     if test "z$OPENSSL_VERSION" = "z0.9.8" ; then
-	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_098=1"
+	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_098=1 -DXMLSEC_NO_ECDSA=1"
     fi    
     if test "z$OPENSSL_VERSION" = "z1.0.0" ; then
 	OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_OPENSSL_100=1"
     fi    
     OPENSSL_CFLAGS="$OPENSSL_CFLAGS -DXMLSEC_CRYPTO_OPENSSL=1"
-    	
-    dnl first crypto library is default one
-    if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="openssl"
-    	XMLSEC_CRYPTO_LIB="$OPENSSL_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$OPENSSL_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$OPENSSL_LIBS"
-    fi	
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST openssl"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST openssl"
@@ -552,11 +548,11 @@ dnl
 dnl   2 overrides 1
 dnl
 dnl ==========================================================================
-    
 XMLSEC_NO_NSS="1"
+SEAMONKEY_MIN_VERSION="1.0"
 MOZILLA_MIN_VERSION="1.4"
-NSS_MIN_VERSION="3.2"
-NSPR_MIN_VERSION="4.0"
+NSS_MIN_VERSION="3.9"
+NSPR_MIN_VERSION="4.4.1"
 NSS_CFLAGS=""
 NSS_LIBS=""
 NSS_LIBS_LIST="-lnss3 -lsmime3"
@@ -576,27 +572,33 @@ if test "z$with_nss" = "zno" -o "z$with_nspr" = "zno" ; then
     AC_MSG_CHECKING(for NSS libraries) 
     AC_MSG_RESULT(no)
     NSS_FOUND="without"
-elif test "z$with_nss" = "z" -a "z$with_nspr" = "z" -a "z$with_mozilla_ver" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
+elif test "z$with_nss" = "z" -a "z$with_nspr" = "z" -a "z$with_mozilla_ver" = "z" -a "z$with_seamonkey_ver" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
     dnl
     dnl Mozilla's NSS/NSPR are distributed under different names
     dnl in different distribution:
+    dnl         seamonkey-nspr and seamonkey-nss
     dnl 	mozilla-nspr and mozilla-nss
     dnl		xulrunner-nspr and xulrunner-nss
     dnl		nspr and nss
     dnl We are going to try all options
     dnl
     if test "z$NSS_FOUND" = "zno" ; then
+        PKG_CHECK_MODULES(NSS, seamonkey-nspr >= $NSPR_MIN_VERSION seamonkey-nss >= $SEAMONKEY_MIN_VERSION,
+    	    [NSS_FOUND=yes NSPR_PACKAGE=seamonkey-nspr NSS_PACKAGE=seamonkey-nss],
+	    [NSS_FOUND=no])
+    fi
+    if test "z$NSS_FOUND" = "zno" ; then
         PKG_CHECK_MODULES(NSS, mozilla-nspr >= $MOZILLA_MIN_VERSION mozilla-nss >= $MOZILLA_MIN_VERSION,
     	    [NSS_FOUND=yes NSPR_PACKAGE=mozilla-nspr NSS_PACKAGE=mozilla-nss],
 	    [NSS_FOUND=no])
     fi
     if test "z$NSS_FOUND" = "zno" ; then
-        PKG_CHECK_MODULES(NSS, xulrunner-nspr >= $MOZILLA_MIN_VERSION xulrunner-nss >= $MOZILLA_MIN_VERSION,
+        PKG_CHECK_MODULES(NSS, xulrunner-nspr >= $NSPR_MIN_VERSION xulrunner-nss >= $NSS_MIN_VERSION,
     	    [NSS_FOUND=yes NSPR_PACKAGE=xulrunner-nspr NSS_PACKAGE=xulrunner-nss],
 	    [NSS_FOUND=no])
     fi
     if test "z$NSS_FOUND" = "zno" ; then
-        PKG_CHECK_MODULES(NSS, nspr >= $MOZILLA_MIN_VERSION nss >= $MOZILLA_MIN_VERSION,
+        PKG_CHECK_MODULES(NSS, nspr >= $NSPR_MIN_VERSION nss >= $NSS_MIN_VERSION,
     	    [NSS_FOUND=yes NSPR_PACKAGE=nspr NSS_PACKAGE=nss],
 	    [NSS_FOUND=no])
     fi
@@ -759,7 +761,7 @@ if test "z$NSS_FOUND" = "zno" ; then
     fi
 
     dnl check that we have found both NSS and NSPR
-    if test "z$NSPR_FOUND" = "zyes" -a "z$NSS_FOUND" = "zyes" ; then    
+    if test "z$NSPR_FOUND" = "zyes" -a "z$NSS_FOUND" = "zyes" ; then
 	NSS_CFLAGS="$NSS_CFLAGS $NSPR_CFLAGS"
 	NSS_LIBS="$NSS_LIBS $NSPR_LIBS"
     elif test "z$NSPR_FOUND" != "zyes" -a "z$NSS_FOUND" = "zyes" ; then    
@@ -771,14 +773,6 @@ fi
 if test "z$NSS_FOUND" = "zyes" ; then
     XMLSEC_NO_NSS="0"
     NSS_CFLAGS="$NSS_CFLAGS -DXMLSEC_CRYPTO_NSS=1"
-       
-    dnl first crypto library is default one
-    if test "z$XMLSEC_CRYPTO" = "z" ;  then
-	XMLSEC_CRYPTO="nss"
-	XMLSEC_CRYPTO_LIB="$NSS_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$NSS_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$NSS_LIBS"
-    fi
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST nss"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST nss"
@@ -795,13 +789,87 @@ AC_SUBST(NSS_MIN_VERSION)
 AC_SUBST(NSPR_MIN_VERSION)
 AC_SUBST(MOZILLA_MIN_VERSION)
 
+
+dnl ==========================================================================
+dnl See if we can find GCrypt
+dnl ==========================================================================
+GCRYPT_CONFIG="libgcrypt-config"
+XMLSEC_NO_GCRYPT="1"
+GCRYPT_MIN_VERSION="1.4.0"
+GCRYPT_VERSION=""
+GCRYPT_CFLAGS=""
+GCRYPT_LIBS=""
+GCRYPT_CRYPTO_LIB="$XMLSEC_PACKAGE-gcrypt"
+GCRYPT_FOUND="no"
+AC_ARG_WITH(gcrypt, [  --with-gcrypt=[PFX]       gcrypt location])
+if test "z$with_gcrypt" = "zno" ; then
+    AC_MSG_CHECKING(for gcrypt libraries >= $GCRYPT_MIN_VERSION) 
+    AC_MSG_RESULT(no)
+    GCRYPT_FOUND="without"
+elif test "z$with_gcrypt" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+    PKG_CHECK_MODULES(GCRYPT, gcrypt >= $GCRYPT_MIN_VERSION,
+	[GCRYPT_FOUND=yes],
+	[GCRYPT_FOUND=no])
+
+    if test "z$GCRYPT_FOUND" = "zno" ; then
+        PKG_CHECK_MODULES(GCRYPT, libgcrypt >= $GCRYPT_MIN_VERSION,
+	    [GCRYPT_FOUND=yes],
+	    [GCRYPT_FOUND=no])
+    fi
+
+    if test "z$GCRYPT_FOUND" = "zno" ; then
+        PKG_CHECK_MODULES(GCRYPT, libgcrypt11 >= $GCRYPT_MIN_VERSION,
+	    [GCRYPT_FOUND=yes],
+	    [GCRYPT_FOUND=no])
+    fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zno" ; then
+    AC_MSG_CHECKING(for gcrypt libraries >= $GCRYPT_MIN_VERSION) 
+    if test "z$with_gcrypt" != "z" ; then
+        GCRYPT_CONFIG=$with_gcrypt/bin/$GCRYPT_CONFIG
+    fi
+    if ! $GCRYPT_CONFIG --version > /dev/null 2>&1 ; then
+	if test "z$with_gcrypt" != "z" ; then
+	    AC_MSG_ERROR(Unable to find gcrypt at '$with_gcrypt')
+	else
+	    AC_MSG_RESULT(no)
+	fi
+    else
+        vers=`$GCRYPT_CONFIG --version | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
+	minvers=`echo $GCRYPT_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
+	if test "$vers" -ge "$minvers" ; then
+	    GCRYPT_CFLAGS="$GCRYPT_CFLAGS `$GCRYPT_CONFIG --cflags`"
+	    GCRYPT_LIBS="$GCRYPT_LIBS `$GCRYPT_CONFIG --libs`"
+	    GCRYPT_FOUND=yes
+	else
+	    AC_MSG_ERROR(You need at least gcrypt $GCRYPT_MIN_VERSION for this version of $XMLSEC_PACKAGE)
+	fi	
+    fi
+fi
+
+if test "z$GCRYPT_FOUND" = "zyes" ; then 
+    XMLSEC_NO_GCRYPT="0"
+    GCRYPT_CFLAGS="$GCRYPT_CFLAGS -DXMLSEC_CRYPTO_GCRYPT=1"
+    XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gcrypt"
+else
+    XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gcrypt"
+fi
+
+AM_CONDITIONAL(XMLSEC_NO_GCRYPT, test "z$XMLSEC_NO_GCRYPT" = "z1")
+AC_SUBST(XMLSEC_NO_GCRYPT)
+AC_SUBST(GCRYPT_CFLAGS)
+AC_SUBST(GCRYPT_LIBS)
+AC_SUBST(GCRYPT_CRYPTO_LIB)
+AC_SUBST(GCRYPT_MIN_VERSION)
+
+
 dnl ==========================================================================
 dnl See if we can find GnuTLS
 dnl ==========================================================================
 GNUTLS_CONFIG="libgnutls-config"
 XMLSEC_NO_GNUTLS="1"
-GNUTLS_MIN_VERSION="0.8.1"
-GNUTLS_NEW_MIN_VERSION="1.0.0"
+GNUTLS_MIN_VERSION="2.8.0"
 GNUTLS_VERSION=""
 GNUTLS_CFLAGS=""
 GNUTLS_LIBS=""
@@ -812,27 +880,18 @@ if test "z$with_gnutls" = "zno" ; then
     AC_MSG_CHECKING(for gnutls libraries >= $GNUTLS_MIN_VERSION) 
     AC_MSG_RESULT(no)
     GNUTLS_FOUND="without"
-elif test "z$with_gnutls" = "z" -a "z$PKG_CONFIG_ENABLED" = "zyes" ; then
-    PKG_CHECK_MODULES(GNUTLS, gnutls >= $GNUTLS_NEW_MIN_VERSION,
+elif test "z$with_gnutls" = "z" -a "z$PKGCONFIG_FOUND" = "zyes" ; then
+    PKG_CHECK_MODULES(GNUTLS, gnutls >= $GNUTLS_MIN_VERSION,
 	[GNUTLS_FOUND=yes],
 	[GNUTLS_FOUND=no])
     if test "z$GNUTLS_FOUND" = "zno" ; then 
-        PKG_CHECK_MODULES(GNUTLS, libgnutls >= $GNUTLS_NEW_MIN_VERSION,
-	    [GNUTLS_FOUND=yes],
-	    [GNUTLS_FOUND=no])
-    fi
-
-    if test "z$GNUTLS_FOUND" = "zno" ; then 
-	PKG_CHECK_MODULES(GNUTLS, libgnutls >= $GNUTLS_MIN_VERSION,
+        PKG_CHECK_MODULES(GNUTLS, libgnutls >= $GNUTLS_MIN_VERSION,
 	    [GNUTLS_FOUND=yes],
 	    [GNUTLS_FOUND=no])
-	if test "z$GNUTLS_FOUND" = "zyes" ; then 
-	    GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_GNUTLS_OLD=1"
-	fi
     fi
 fi
 
-if test "z$GNUTLS_FOUND" = "zno" ; then 
+if test "z$GNUTLS_FOUND" = "zno" ; then
     AC_MSG_CHECKING(for gnutls libraries >= $GNUTLS_MIN_VERSION) 
     if test "z$with_gnutls" != "z" ; then
 	GNUTLS_CONFIG=$with_gnutls/bin/$GNUTLS_CONFIG
@@ -840,7 +899,7 @@ if test "z$GNUTLS_FOUND" = "zno" ; then
     if ! $GNUTLS_CONFIG --version > /dev/null 2>&1 ; then
 	if test "z$with_gnutls" != "z" ; then
 	    AC_MSG_ERROR(Unable to find gnutls at '$with_gnutls')
-	else 
+	else
 	    AC_MSG_RESULT(no)
 	fi
     else
@@ -848,16 +907,10 @@ if test "z$GNUTLS_FOUND" = "zno" ; then
 	minvers=`echo $GNUTLS_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
 	if test "$vers" -ge "$minvers" ; then
 	    GNUTLS_CFLAGS="$GNUTLS_CFLAGS `$GNUTLS_CONFIG --cflags`"
-    	    GNUTLS_LIBS="$GNUTLS_LIBS `$GNUTLS_CONFIG --libs`"
+	    GNUTLS_LIBS="$GNUTLS_LIBS `$GNUTLS_CONFIG --libs`"
 	    GNUTLS_FOUND=yes
-	
-	    new_minvers=`echo $GNUTLS_NEW_MIN_VERSION | awk -F. '{ printf "%d", ($1 * 1000 + $2) * 1000 + $3;}'`
-	    if test "$vers" -lt "$new_minvers" ; then
-		GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_GNUTLS_OLD=1"
-	    fi    
-	    AC_MSG_RESULT(yes)
 	else
-    	    AC_MSG_ERROR(You need at least gnutls $GNUTLS_MIN_VERSION for this version of $XMLSEC_PACKAGE)
+	    AC_MSG_ERROR(You need at least gnutls $GNUTLS_MIN_VERSION for this version of $XMLSEC_PACKAGE)
 	fi	
     fi
 fi
@@ -865,15 +918,13 @@ fi
 if test "z$GNUTLS_FOUND" = "zyes" ; then 
     XMLSEC_NO_GNUTLS="0"
     GNUTLS_CFLAGS="$GNUTLS_CFLAGS -DXMLSEC_CRYPTO_GNUTLS=1"
-
-    dnl first crypto library is default one
-    if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="gnutls"
-    	XMLSEC_CRYPTO_LIB="$GNUTLS_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$GNUTLS_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$GNUTLS_LIBS"
-    fi	
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST gnutls"
+
+    dnl xmlsec-gnutls is using xmlsec-gcrypt
+    if test "z$GCRYPT_FOUND" != "zyes" ; then
+        AC_MSG_ERROR(xmlsec-gnutls library requires xmlsec-gcrypt library which is disabled or missing)
+    fi
+
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST gnutls"
 fi
@@ -885,6 +936,7 @@ AC_SUBST(GNUTLS_LIBS)
 AC_SUBST(GNUTLS_CRYPTO_LIB)
 AC_SUBST(GNUTLS_MIN_VERSION)
 
+
 dnl ==========================================================================
 dnl See if we can find MSCrypto
 dnl ==========================================================================
@@ -905,11 +957,11 @@ dnl    AC_CHECK_LIB(crypt32, CertOpenStore, ....
     LIBS_SAVE="$LIBS"
     LIBS="$LIBS -lcrypt32"
     AC_MSG_CHECKING(for mscrypto libraries)
-    AC_LINK_IFELSE([
+    AC_LINK_IFELSE([AC_LANG_PROGRAM([
 	#include <windows.h>
-	#include <wincrypt.h>
+	#include <wincrypt.h>],[
 	int main () { CertOpenStore(0,0,0,0,0);; return(0); }
-	],
+	])],
 	[],
 	[MSCRYPTO_ENABLE="no"])
     AC_MSG_RESULT([$MSCRYPTO_ENABLE])
@@ -929,13 +981,6 @@ if test "z$MSCRYPTO_ENABLE" = "zyes" ; then
 		MSCRYPTO_LIBS="-lcrypt32";;
     esac
 
-    dnl first crypto library is default one
-    if test "z$XMLSEC_CRYPTO" = "z" ; then
-	XMLSEC_CRYPTO="mscrypto"
-    	XMLSEC_CRYPTO_LIB="$MSCRYPTO_CRYPTO_LIB"
-	XMLSEC_CRYPTO_CFLAGS="$MSCRYPTO_CFLAGS"
-	XMLSEC_CRYPTO_LIBS="$MSCRYPTO_LIBS"
-    fi	
     XMLSEC_CRYPTO_LIST="$XMLSEC_CRYPTO_LIST mscrypto"
 else
     XMLSEC_CRYPTO_DISABLED_LIST="$XMLSEC_CRYPTO_DISABLED_LIST mscrypto"
@@ -947,18 +992,110 @@ AC_SUBST(MSCRYPTO_CFLAGS)
 AC_SUBST(MSCRYPTO_LIBS)
 AC_SUBST(MSCRYPTO_CRYPTO_LIB)
 
+
 dnl ==========================================================================
-dnl Do we have a crypto library?
+dnl Figure out the default crypt - the first crypto library wins
 dnl ==========================================================================
-AC_MSG_CHECKING(for crypto library) 
-if test "z$XMLSEC_CRYPTO" = "z" ;  then
-    AC_MSG_ERROR(At least one crypto library should exist for $XMLSEC_PACKAGE)
-else
-    AC_MSG_RESULT(yes ('$XMLSEC_CRYPTO'))
-fi
+XMLSEC_CRYPTO=""
+XMLSEC_CRYPTO_LIB=""
+XMLSEC_CRYPTO_CFLAGS=""
+XMLSEC_CRYPTO_LIBS=""
+AC_MSG_CHECKING(for default crypto library)
+AC_ARG_WITH(default_crypto, [  --with-default-crypto=name default crypto name])
+
+# check the argument
+case "z$with_default_crypto" in
+    'zmscrypto')
+        if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+            XMLSEC_CRYPTO="mscrypto"
+        else
+            AC_MSG_ERROR('$with_default_crypto' is specified as default crypto library but it is not configured or found)
+        fi
+        ;;
+    'zopenssl')
+        if test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+            XMLSEC_CRYPTO="openssl"
+        else
+            AC_MSG_ERROR('$with_default_crypto' is specified as default crypto library but it is not configured or found)
+        fi
+        ;;
+    'znss')
+        if test "z$XMLSEC_NO_NSS" != "z1" ; then
+            XMLSEC_CRYPTO="nss"
+        else
+            AC_MSG_ERROR('$with_default_crypto' is specified as default crypto library but it is not configured or found)
+        fi
+        ;;
+    'zgnutls')
+        if test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+            XMLSEC_CRYPTO="gnutls"
+        else
+            AC_MSG_ERROR('$with_default_crypto' is specified as default crypto library but it is not configured or found)
+        fi
+        ;;
+    'zgcrypt')
+        if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+            XMLSEC_CRYPTO="gcrypt"
+        else
+            AC_MSG_ERROR('$with_default_crypto' is specified as default crypto library but it is not configured or found)
+        fi
+        ;;
+    'z')
+        dnl The first crypto library wins
+        if test "z$XMLSEC_NO_MSCRYPTO" != "z1" ; then
+            XMLSEC_CRYPTO="mscrypto"
+        elif test "z$XMLSEC_NO_OPENSSL" != "z1" ; then
+            XMLSEC_CRYPTO="openssl"
+        elif test "z$XMLSEC_NO_NSS" != "z1" ; then
+            XMLSEC_CRYPTO="nss"
+        elif test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
+            XMLSEC_CRYPTO="gnutls"
+        elif test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+            XMLSEC_CRYPTO="gcrypt"
+        else
+            AC_MSG_ERROR(At least one crypto library should exist for $XMLSEC_PACKAGE)
+        fi
+        ;;
+    *)
+        AC_MSG_ERROR(The value '$with_default_crypto' is not a recongnized crypto library name)
+        ;;
+esac
+
+dnl Set the flags for default crypto lib
+case "$XMLSEC_CRYPTO" in
+    'mscrypto')
+        XMLSEC_CRYPTO_LIB="$MSCRYPTO_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$MSCRYPTO_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$MSCRYPTO_LIBS"
+        ;;
+    'openssl')
+        XMLSEC_CRYPTO_LIB="$OPENSSL_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$OPENSSL_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$OPENSSL_LIBS"
+        ;;
+    'nss')
+        XMLSEC_CRYPTO_LIB="$NSS_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$NSS_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$NSS_LIBS"
+        ;;
+    'gnutls')
+        XMLSEC_CRYPTO_LIB="$GNUTLS_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$GNUTLS_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$GNUTLS_LIBS"
+        ;;
+    'gcrypt')
+        XMLSEC_CRYPTO_LIB="$GCRYPT_CRYPTO_LIB"
+        XMLSEC_CRYPTO_CFLAGS="$GCRYPT_CFLAGS"
+        XMLSEC_CRYPTO_LIBS="$GCRYPT_LIBS"
+        ;;
+    *)
+        AC_MSG_ERROR(The value \"$XMLSEC_CRYPTO\" is not a recongnized crypto library name)
+        ;;
+esac
+AC_MSG_RESULT(yes ('$XMLSEC_CRYPTO'))
 
 dnl ==========================================================================
-dnl See do we need MD5 suport
+dnl See do we need MD5 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for MD5 support) 
 AC_ARG_ENABLE(md5,   [  --enable-md5            enable MD5 support (yes)])
@@ -974,7 +1111,7 @@ AM_CONDITIONAL(XMLSEC_NO_MD5, test "z$XMLSEC_NO_MD5" = "z1")
 AC_SUBST(XMLSEC_NO_MD5)
 
 dnl ==========================================================================
-dnl See do we need RIPEMD-160 suport
+dnl See do we need RIPEMD-160 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for RIPEMD-160 support) 
 AC_ARG_ENABLE(ripemd160,   [  --enable-ripemd160      enable RIPEMD-160 support (yes)])
@@ -990,7 +1127,7 @@ AM_CONDITIONAL(XMLSEC_NO_RIPEMD160, test "z$XMLSEC_NO_RIPEMD160" = "z1")
 AC_SUBST(XMLSEC_NO_RIPEMD160)
 
 dnl ==========================================================================
-dnl See do we need SHA1 suport
+dnl See do we need SHA1 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for SHA1 support) 
 AC_ARG_ENABLE(sha1,   [  --enable-sha1           enable SHA1 support (yes)])
@@ -1006,7 +1143,7 @@ AM_CONDITIONAL(XMLSEC_NO_SHA1, test "z$XMLSEC_NO_SHA1" = "z1")
 AC_SUBST(XMLSEC_NO_SHA1)
 
 dnl ==========================================================================
-dnl See do we need SHA224 suport
+dnl See do we need SHA224 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for SHA224 support) 
 AC_ARG_ENABLE(sha224,   [  --enable-sha224         enable SHA224 support (yes)])
@@ -1022,7 +1159,7 @@ AM_CONDITIONAL(XMLSEC_NO_SHA224, test "z$XMLSEC_NO_SHA224" = "z1")
 AC_SUBST(XMLSEC_NO_SHA224)
 
 dnl ==========================================================================
-dnl See do we need SHA256 suport
+dnl See do we need SHA256 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for SHA256 support) 
 AC_ARG_ENABLE(sha256,   [  --enable-sha256         enable SHA256 support (yes)])
@@ -1038,7 +1175,7 @@ AM_CONDITIONAL(XMLSEC_NO_SHA256, test "z$XMLSEC_NO_SHA256" = "z1")
 AC_SUBST(XMLSEC_NO_SHA256)
 
 dnl ==========================================================================
-dnl See do we need SHA384 suport
+dnl See do we need SHA384 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for SHA384 support) 
 AC_ARG_ENABLE(sha384,   [  --enable-sha384         enable SHA384 support (yes)])
@@ -1054,7 +1191,7 @@ AM_CONDITIONAL(XMLSEC_NO_SHA384, test "z$XMLSEC_NO_SHA384" = "z1")
 AC_SUBST(XMLSEC_NO_SHA384)
 
 dnl ==========================================================================
-dnl See do we need SHA512 suport
+dnl See do we need SHA512 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for SHA512 support) 
 AC_ARG_ENABLE(sha512,   [  --enable-sha512         enable SHA512 support (yes)])
@@ -1071,7 +1208,7 @@ AC_SUBST(XMLSEC_NO_SHA512)
 
 
 dnl ==========================================================================
-dnl See do we need HMAC suport
+dnl See do we need HMAC support
 dnl ==========================================================================
 AC_MSG_CHECKING(for HMAC support) 
 AC_ARG_ENABLE(hmac,   [  --enable-hmac           enable HMAC support (yes)])
@@ -1087,7 +1224,7 @@ AM_CONDITIONAL(XMLSEC_NO_HMAC, test "z$XMLSEC_NO_HMAC" = "z1")
 AC_SUBST(XMLSEC_NO_HMAC)
 
 dnl ==========================================================================
-dnl See do we need DSA suport
+dnl See do we need DSA support
 dnl ==========================================================================
 AC_MSG_CHECKING(for DSA support) 
 AC_ARG_ENABLE(dsa,   [  --enable-dsa            enable DSA support (yes)])
@@ -1103,7 +1240,7 @@ AM_CONDITIONAL(XMLSEC_NO_DSA, test "z$XMLSEC_NO_DSA" = "z1")
 AC_SUBST(XMLSEC_NO_DSA)
 
 dnl ==========================================================================
-dnl See do we need RSA suport
+dnl See do we need RSA support
 dnl ==========================================================================
 AC_MSG_CHECKING(for RSA support) 
 AC_ARG_ENABLE(rsa,   [  --enable-rsa            enable RSA support (yes)])
@@ -1119,7 +1256,7 @@ AM_CONDITIONAL(XMLSEC_NO_RSA, test "z$XMLSEC_NO_RSA" = "z1")
 AC_SUBST(XMLSEC_NO_RSA)
 
 dnl ==========================================================================
-dnl See do we need x509 suport
+dnl See do we need x509 support
 dnl ==========================================================================
 AC_MSG_CHECKING(for x509 support) 
 AC_ARG_ENABLE(x509,   [  --enable-x509           enable x509 support (yes)])
@@ -1135,7 +1272,7 @@ AM_CONDITIONAL(XMLSEC_NO_X509, test "z$XMLSEC_NO_X509" = "z1")
 AC_SUBST(XMLSEC_NO_X509)
 
 dnl ==========================================================================
-dnl See do we need DES suport
+dnl See do we need DES support
 dnl ==========================================================================
 AC_MSG_CHECKING(for DES support) 
 AC_ARG_ENABLE(des,   [  --enable-des            enable DES support (yes)])
@@ -1151,7 +1288,7 @@ AM_CONDITIONAL(XMLSEC_NO_DES, test "z$XMLSEC_NO_DES" = "z1")
 AC_SUBST(XMLSEC_NO_DES)
 
 dnl ==========================================================================
-dnl See do we need AES suport
+dnl See do we need AES support
 dnl ==========================================================================
 AC_MSG_CHECKING(for AES support) 
 AC_ARG_ENABLE(aes,   [  --enable-aes            enable AES support (OpenSSL >= 0.9.7 is required)])
@@ -1167,7 +1304,7 @@ AM_CONDITIONAL(XMLSEC_NO_AES, test "z$XMLSEC_NO_AES" = "z1")
 AC_SUBST(XMLSEC_NO_AES)
 
 dnl ==========================================================================
-dnl See do we need GOST suport
+dnl See do we need GOST support
 dnl ==========================================================================
 AC_MSG_CHECKING(for GOST support) 
 AC_ARG_ENABLE(gost,   [  --enable-gost           enable GOST support (no)])
@@ -1183,7 +1320,7 @@ AM_CONDITIONAL(XMLSEC_NO_GOST, test "z$XMLSEC_NO_GOST" = "z1")
 AC_SUBST(XMLSEC_NO_GOST)
 
 dnl ==========================================================================
-dnl See do we need XMLDSig suport
+dnl See do we need XMLDSig support
 dnl ==========================================================================
 AC_MSG_CHECKING(for XMLDSig support) 
 AC_ARG_ENABLE(xmldsig,   [  --enable-xmldsig        enable XMLDSig support (yes)])
@@ -1199,7 +1336,7 @@ AM_CONDITIONAL(XMLSEC_NO_XMLDSIG, test "z$XMLSEC_NO_XMLDSIG" = "z1")
 AC_SUBST(XMLSEC_NO_XMLDSIG)
 
 dnl ==========================================================================
-dnl See do we need XMLEnc suport
+dnl See do we need XMLEnc support
 dnl ==========================================================================
 AC_MSG_CHECKING(for XMLEnc support) 
 AC_ARG_ENABLE(xmlenc,   [  --enable-xmlenc         enable XMLEnc support (yes)])
@@ -1215,7 +1352,7 @@ AM_CONDITIONAL(XMLSEC_NO_XMLENC, test "z$XMLSEC_NO_XMLENC" = "z1")
 AC_SUBST(XMLSEC_NO_XMLENC)
 
 dnl ==========================================================================
-dnl See do we need XKMS suport
+dnl See do we need XKMS support
 dnl ==========================================================================
 AC_MSG_CHECKING(for XMKMS support - under development, not stable yet) 
 AC_ARG_ENABLE(xkms,   [  --enable-xkms           enable XKMS support - under development (no)])
@@ -1244,7 +1381,7 @@ if test "z$enable_crypto_dl" = "zno" ; then
 else
     AC_CHECK_HEADER([ltdl.h], 
 	[
-	XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_DL_LIBLTDL=1",
+	XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_DL_LIBLTDL=1"
 	AC_CHECK_LIB(
 	    [ltdl],
 	    [lt_dlopenext],
@@ -1315,7 +1452,7 @@ if test "z$enable_skm" = "zno" ; then
     AC_MSG_RESULT(no)
 else
     AC_MSG_RESULT(yes)
-fi    
+fi
 
 dnl ==========================================================================
 dnl See do we need templates tests
@@ -1332,9 +1469,9 @@ fi
 dnl ==========================================================================
 dnl Debug 
 dnl ==========================================================================
-AC_MSG_CHECKING(for debuging) 
-AC_ARG_ENABLE(debuging,   [  --enable-debuging       enable debuging compilation flags (no)])
-if test "z$enable_debuging" = "zyes" ; then
+AC_MSG_CHECKING(for debugging)
+AC_ARG_ENABLE(debugging,   [  --enable-debugging      enable debugging compilation flags (no)])
+if test "z$enable_debugging" = "zyes" ; then
     CFLAGS="$CFLAGS -g"
     AC_MSG_RESULT(yes)
 else
@@ -1397,8 +1534,14 @@ XMLSEC_OPENSSL_LIBS="-L${libdir} -l$OPENSSL_CRYPTO_LIB $XMLSEC_CORE_LIBS $OPENSS
 AC_SUBST(XMLSEC_OPENSSL_CFLAGS)
 AC_SUBST(XMLSEC_OPENSSL_LIBS)
 
+XMLSEC_GCRYPT_CFLAGS="$XMLSEC_CORE_CFLAGS $GCRYPT_CFLAGS"
+XMLSEC_GCRYPT_LIBS="-L${libdir} -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GCRYPT_LIBS"
+AC_SUBST(XMLSEC_GCRYPT_CFLAGS)
+AC_SUBST(XMLSEC_GCRYPT_LIBS)
+
+# xmlsec-gnutls is using xmlsec-gcrypt
 XMLSEC_GNUTLS_CFLAGS="$XMLSEC_CORE_CFLAGS $GNUTLS_CFLAGS"
-XMLSEC_GNUTLS_LIBS="-L${libdir} -l$GNUTLS_CRYPTO_LIB $XMLSEC_CORE_LIBS $GNUTLS_LIBS"
+XMLSEC_GNUTLS_LIBS="-L${libdir} -l$GNUTLS_CRYPTO_LIB -l$GCRYPT_CRYPTO_LIB $XMLSEC_CORE_LIBS $GNUTLS_LIBS"
 AC_SUBST(XMLSEC_GNUTLS_CFLAGS)
 AC_SUBST(XMLSEC_GNUTLS_LIBS)
 
@@ -1452,6 +1595,10 @@ if test "z$XMLSEC_NO_GNUTLS" != "z1" ; then
 AC_CONFIG_FILES([include/xmlsec/gnutls/Makefile src/gnutls/Makefile])
 fi
 
+if test "z$XMLSEC_NO_GCRYPT" != "z1" ; then
+AC_CONFIG_FILES([include/xmlsec/gcrypt/Makefile src/gcrypt/Makefile])
+fi
+
 if test "z$XMLSEC_NO_NSS" != "z1" ; then
 AC_CONFIG_FILES([include/xmlsec/nss/Makefile src/nss/Makefile])
 fi
@@ -1482,6 +1629,7 @@ xmlsec1Conf.sh:xmlsecConf.sh.in
 xmlsec1-config:xmlsec-config.in
 xmlsec1-openssl.pc:xmlsec-openssl.pc.in
 xmlsec1-gnutls.pc:xmlsec-gnutls.pc.in
+xmlsec1-gcrypt.pc:xmlsec-gcrypt.pc.in
 xmlsec1-nss.pc:xmlsec-nss.pc.in
 xmlsec1.spec:xmlsec.spec.in
 ])
diff --git a/depcomp b/depcomp
index 807b991f..bd0ac089 100755
--- a/depcomp
+++ b/depcomp
@@ -1,7 +1,10 @@
 #! /bin/sh
-
 # depcomp - compile a program generating dependencies as side-effects
-# Copyright 1999, 2000 Free Software Foundation, Inc.
+
+scriptversion=2011-12-04.11; # UTC
+
+# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009, 2010,
+# 2011 Free Software Foundation, Inc.
 
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -14,9 +17,7 @@
 # GNU General Public License for more details.
 
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
-# 02111-1307, USA.
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -25,22 +26,45 @@
 
 # Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
 
+case $1 in
+  '')
+     echo "$0: No command.  Try \`$0 --help' for more information." 1>&2
+     exit 1;
+     ;;
+  -h | --h*)
+    cat <<\EOF
+Usage: depcomp [--help] [--version] PROGRAM [ARGS]
+
+Run PROGRAMS ARGS to compile a file, generating dependencies
+as side-effects.
+
+Environment variables:
+  depmode     Dependency tracking mode.
+  source      Source file read by `PROGRAMS ARGS'.
+  object      Object file output by `PROGRAMS ARGS'.
+  DEPDIR      directory where to store dependencies.
+  depfile     Dependency file to output.
+  tmpdepfile  Temporary file to use when outputting dependencies.
+  libtool     Whether libtool is used (yes/no).
+
+Report bugs to <bug-automake@gnu.org>.
+EOF
+    exit $?
+    ;;
+  -v | --v*)
+    echo "depcomp $scriptversion"
+    exit $?
+    ;;
+esac
+
 if test -z "$depmode" || test -z "$source" || test -z "$object"; then
   echo "depcomp: Variables source, object and depmode must be set" 1>&2
   exit 1
 fi
-# `libtool' can also be set to `yes' or `no'.
-
-if test -z "$depfile"; then
-   base=`echo "$object" | sed -e 's,^.*/,,' -e 's,\.\([^.]*\)$,.P\1,'`
-   dir=`echo "$object" | sed 's,/.*$,/,'`
-   if test "$dir" = "$object"; then
-      dir=
-   fi
-   # FIXME: should be _deps on DOS.
-   depfile="$dir.deps/$base"
-fi
 
+# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
+depfile=${depfile-`echo "$object" |
+  sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
 tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
 
 rm -f "$tmpdepfile"
@@ -61,12 +85,42 @@ if test "$depmode" = dashXmstdout; then
    depmode=dashmstdout
 fi
 
+cygpath_u="cygpath -u -f -"
+if test "$depmode" = msvcmsys; then
+   # This is just like msvisualcpp but w/o cygpath translation.
+   # Just convert the backslash-escaped backslashes to single forward
+   # slashes to satisfy depend.m4
+   cygpath_u='sed s,\\\\,/,g'
+   depmode=msvisualcpp
+fi
+
+if test "$depmode" = msvc7msys; then
+   # This is just like msvc7 but w/o cygpath translation.
+   # Just convert the backslash-escaped backslashes to single forward
+   # slashes to satisfy depend.m4
+   cygpath_u='sed s,\\\\,/,g'
+   depmode=msvc7
+fi
+
 case "$depmode" in
 gcc3)
 ## gcc 3 implements dependency tracking that does exactly what
 ## we want.  Yay!  Note: for some reason libtool 1.4 doesn't like
 ## it if -MD -MP comes after the -MF stuff.  Hmm.
-  "$@" -MT "$object" -MD -MP -MF "$tmpdepfile"
+## Unfortunately, FreeBSD c89 acceptance of flags depends upon
+## the command line argument order; so add the flags where they
+## appear in depend2.am.  Note that the slowdown incurred here
+## affects only configure: in makefiles, %FASTDEP% shortcuts this.
+  for arg
+  do
+    case $arg in
+    -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
+    *)  set fnord "$@" "$arg" ;;
+    esac
+    shift # fnord
+    shift # $arg
+  done
+  "$@"
   stat=$?
   if test $stat -eq 0; then :
   else
@@ -112,10 +166,12 @@ gcc)
 ' < "$tmpdepfile" |
 ## Some versions of gcc put a space before the `:'.  On the theory
 ## that the space means something, we add a space to the output as
-## well.
+## well.  hp depmode also adds that space, but also prefixes the VPATH
+## to the object.  Take care to not repeat it in the output.
 ## Some versions of the HPUX 10.20 sed can't process this invocation
 ## correctly.  Breaking it into two sed invocations is a workaround.
-    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
+    sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \
+      | sed -e 's/$/ :/' >> "$depfile"
   rm -f "$tmpdepfile"
   ;;
 
@@ -153,14 +209,14 @@ sgi)
 ' < "$tmpdepfile" \
     | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
     tr '
-' ' ' >> $depfile
-    echo >> $depfile
+' ' ' >> "$depfile"
+    echo >> "$depfile"
 
     # The second pass generates a dummy entry for each header file.
     tr ' ' '
 ' < "$tmpdepfile" \
    | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
-   >> $depfile
+   >> "$depfile"
   else
     # The sourcefile does not contain any dependencies, so just
     # store a dummy comment line, to avoid errors with the Makefile
@@ -172,31 +228,43 @@ sgi)
 
 aix)
   # The C for AIX Compiler uses -M and outputs the dependencies
-  # in a .u file.  This file always lives in the current directory.
-  # Also, the AIX compiler puts `$object:' at the start of each line;
-  # $object doesn't have directory information.
-  stripped=`echo "$object" | sed -e 's,^.*/,,' -e 's/\(.*\)\..*$/\1/'`
-  tmpdepfile="$stripped.u"
-  outname="$stripped.o"
+  # in a .u file.  In older versions, this file always lives in the
+  # current directory.  Also, the AIX compiler puts `$object:' at the
+  # start of each line; $object doesn't have directory information.
+  # Version 6 uses the directory in both cases.
+  dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
+  test "x$dir" = "x$object" && dir=
+  base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
   if test "$libtool" = yes; then
+    tmpdepfile1=$dir$base.u
+    tmpdepfile2=$base.u
+    tmpdepfile3=$dir.libs/$base.u
     "$@" -Wc,-M
   else
+    tmpdepfile1=$dir$base.u
+    tmpdepfile2=$dir$base.u
+    tmpdepfile3=$dir$base.u
     "$@" -M
   fi
-
   stat=$?
+
   if test $stat -eq 0; then :
   else
-    rm -f "$tmpdepfile"
+    rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
     exit $stat
   fi
 
+  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
+  do
+    test -f "$tmpdepfile" && break
+  done
   if test -f "$tmpdepfile"; then
     # Each line is of the form `foo.o: dependent.h'.
     # Do two passes, one to just change these to
     # `$object: dependent.h' and one to simply `dependent.h:'.
-    sed -e "s,^$outname:,$object :," < "$tmpdepfile" > "$depfile"
-    sed -e "s,^$outname: \(.*\)$,\1:," < "$tmpdepfile" >> "$depfile"
+    sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
+    # That's a tab and a space in the [].
+    sed -e 's,^.*\.[a-z]*:[	 ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
   else
     # The sourcefile does not contain any dependencies, so just
     # store a dummy comment line, to avoid errors with the Makefile
@@ -206,6 +274,89 @@ aix)
   rm -f "$tmpdepfile"
   ;;
 
+icc)
+  # Intel's C compiler understands `-MD -MF file'.  However on
+  #    icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c
+  # ICC 7.0 will fill foo.d with something like
+  #    foo.o: sub/foo.c
+  #    foo.o: sub/foo.h
+  # which is wrong.  We want:
+  #    sub/foo.o: sub/foo.c
+  #    sub/foo.o: sub/foo.h
+  #    sub/foo.c:
+  #    sub/foo.h:
+  # ICC 7.1 will output
+  #    foo.o: sub/foo.c sub/foo.h
+  # and will wrap long lines using \ :
+  #    foo.o: sub/foo.c ... \
+  #     sub/foo.h ... \
+  #     ...
+
+  "$@" -MD -MF "$tmpdepfile"
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  # Each line is of the form `foo.o: dependent.h',
+  # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
+  # Do two passes, one to just change these to
+  # `$object: dependent.h' and one to simply `dependent.h:'.
+  sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
+  # Some versions of the HPUX 10.20 sed can't process this invocation
+  # correctly.  Breaking it into two sed invocations is a workaround.
+  sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" |
+    sed -e 's/$/ :/' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+hp2)
+  # The "hp" stanza above does not work with aCC (C++) and HP's ia64
+  # compilers, which have integrated preprocessors.  The correct option
+  # to use with these is +Maked; it writes dependencies to a file named
+  # 'foo.d', which lands next to the object file, wherever that
+  # happens to be.
+  # Much of this is similar to the tru64 case; see comments there.
+  dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
+  test "x$dir" = "x$object" && dir=
+  base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
+  if test "$libtool" = yes; then
+    tmpdepfile1=$dir$base.d
+    tmpdepfile2=$dir.libs/$base.d
+    "$@" -Wc,+Maked
+  else
+    tmpdepfile1=$dir$base.d
+    tmpdepfile2=$dir$base.d
+    "$@" +Maked
+  fi
+  stat=$?
+  if test $stat -eq 0; then :
+  else
+     rm -f "$tmpdepfile1" "$tmpdepfile2"
+     exit $stat
+  fi
+
+  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
+  do
+    test -f "$tmpdepfile" && break
+  done
+  if test -f "$tmpdepfile"; then
+    sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile"
+    # Add `dependent.h:' lines.
+    sed -ne '2,${
+	       s/^ *//
+	       s/ \\*$//
+	       s/$/:/
+	       p
+	     }' "$tmpdepfile" >> "$depfile"
+  else
+    echo "#dummy" > "$depfile"
+  fi
+  rm -f "$tmpdepfile" "$tmpdepfile2"
+  ;;
+
 tru64)
    # The Tru64 compiler uses -MD to generate dependencies as a side
    # effect.  `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'.
@@ -217,57 +368,117 @@ tru64)
    base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
 
    if test "$libtool" = yes; then
-      tmpdepfile1="$dir.libs/$base.lo.d"
-      tmpdepfile2="$dir.libs/$base.d"
+      # With Tru64 cc, shared objects can also be used to make a
+      # static library.  This mechanism is used in libtool 1.4 series to
+      # handle both shared and static libraries in a single compilation.
+      # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d.
+      #
+      # With libtool 1.5 this exception was removed, and libtool now
+      # generates 2 separate objects for the 2 libraries.  These two
+      # compilations output dependencies in $dir.libs/$base.o.d and
+      # in $dir$base.o.d.  We have to check for both files, because
+      # one of the two compilations can be disabled.  We should prefer
+      # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
+      # automatically cleaned when .libs/ is deleted, while ignoring
+      # the former would cause a distcleancheck panic.
+      tmpdepfile1=$dir.libs/$base.lo.d   # libtool 1.4
+      tmpdepfile2=$dir$base.o.d          # libtool 1.5
+      tmpdepfile3=$dir.libs/$base.o.d    # libtool 1.5
+      tmpdepfile4=$dir.libs/$base.d      # Compaq CCC V6.2-504
       "$@" -Wc,-MD
    else
-      tmpdepfile1="$dir$base.o.d"
-      tmpdepfile2="$dir$base.d"
+      tmpdepfile1=$dir$base.o.d
+      tmpdepfile2=$dir$base.d
+      tmpdepfile3=$dir$base.d
+      tmpdepfile4=$dir$base.d
       "$@" -MD
    fi
 
    stat=$?
    if test $stat -eq 0; then :
    else
-      rm -f "$tmpdepfile1" "$tmpdepfile2"
+      rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
       exit $stat
    fi
 
-   if test -f "$tmpdepfile1"; then
-      tmpdepfile="$tmpdepfile1"
-   else
-      tmpdepfile="$tmpdepfile2"
-   fi
+   for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
+   do
+     test -f "$tmpdepfile" && break
+   done
    if test -f "$tmpdepfile"; then
       sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
-      # That's a space and a tab in the [].
-      sed -e 's,^.*\.[a-z]*:[ 	]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
+      # That's a tab and a space in the [].
+      sed -e 's,^.*\.[a-z]*:[	 ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
    else
       echo "#dummy" > "$depfile"
    fi
    rm -f "$tmpdepfile"
    ;;
 
+msvc7)
+  if test "$libtool" = yes; then
+    showIncludes=-Wc,-showIncludes
+  else
+    showIncludes=-showIncludes
+  fi
+  "$@" $showIncludes > "$tmpdepfile"
+  stat=$?
+  grep -v '^Note: including file: ' "$tmpdepfile"
+  if test "$stat" = 0; then :
+  else
+    rm -f "$tmpdepfile"
+    exit $stat
+  fi
+  rm -f "$depfile"
+  echo "$object : \\" > "$depfile"
+  # The first sed program below extracts the file names and escapes
+  # backslashes for cygpath.  The second sed program outputs the file
+  # name when reading, but also accumulates all include files in the
+  # hold buffer in order to output them again at the end.  This only
+  # works with sed implementations that can handle large buffers.
+  sed < "$tmpdepfile" -n '
+/^Note: including file:  *\(.*\)/ {
+  s//\1/
+  s/\\/\\\\/g
+  p
+}' | $cygpath_u | sort -u | sed -n '
+s/ /\\ /g
+s/\(.*\)/	\1 \\/p
+s/.\(.*\) \\/\1:/
+H
+$ {
+  s/.*/	/
+  G
+  p
+}' >> "$depfile"
+  rm -f "$tmpdepfile"
+  ;;
+
+msvc7msys)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
 #nosideeffect)
   # This comment above is used by automake to tell side-effect
   # dependency tracking mechanisms from slower ones.
 
 dashmstdout)
   # Important note: in order to support this mode, a compiler *must*
-  # always write the proprocessed file to stdout, regardless of -o.
+  # always write the preprocessed file to stdout, regardless of -o.
   "$@" || exit $?
 
   # Remove the call to Libtool.
   if test "$libtool" = yes; then
-    while test $1 != '--mode=compile'; do
+    while test "X$1" != 'X--mode=compile'; do
       shift
     done
     shift
   fi
 
-  # Remove `-o $object'.  We will use -o /dev/null later,
-  # however we can't do the remplacement now because
-  # `-o $object' might simply not be used
+  # Remove `-o $object'.
   IFS=" "
   for arg
   do
@@ -287,7 +498,11 @@ dashmstdout)
   done
 
   test -z "$dashmflag" && dashmflag=-M
-  "$@" -o /dev/null $dashmflag | sed 's:^[^:]*\:[ 	]*:'"$object"'\: :' > "$tmpdepfile"
+  # Require at least two characters before searching for `:'
+  # in the target name.  This is to cope with DOS-style filenames:
+  # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise.
+  "$@" $dashmflag |
+    sed 's:^[  ]*[^: ][^:][^:]*\:[    ]*:'"$object"'\: :' > "$tmpdepfile"
   rm -f "$depfile"
   cat < "$tmpdepfile" > "$depfile"
   tr ' ' '
@@ -306,29 +521,47 @@ dashXmstdout)
 
 makedepend)
   "$@" || exit $?
+  # Remove any Libtool call
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
   # X makedepend
   shift
-  cleared=no
-  for arg in "$@"; do
+  cleared=no eat=no
+  for arg
+  do
     case $cleared in
     no)
       set ""; shift
       cleared=yes ;;
     esac
+    if test $eat = yes; then
+      eat=no
+      continue
+    fi
     case "$arg" in
     -D*|-I*)
       set fnord "$@" "$arg"; shift ;;
-    -*)
+    # Strip any option that makedepend may not understand.  Remove
+    # the object too, otherwise makedepend will parse it as a source file.
+    -arch)
+      eat=yes ;;
+    -*|$object)
       ;;
     *)
       set fnord "$@" "$arg"; shift ;;
     esac
   done
-  obj_suffix="`echo $object | sed 's/^.*\././'`"
+  obj_suffix=`echo "$object" | sed 's/^.*\././'`
   touch "$tmpdepfile"
   ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
   rm -f "$depfile"
-  cat < "$tmpdepfile" > "$depfile"
+  # makedepend may prepend the VPATH from the source file name to the object.
+  # No need to regex-escape $object, excess matching of '.' is harmless.
+  sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile"
   sed '1,2d' "$tmpdepfile" | tr ' ' '
 ' | \
 ## Some versions of the HPUX 10.20 sed can't process this invocation
@@ -339,12 +572,12 @@ makedepend)
 
 cpp)
   # Important note: in order to support this mode, a compiler *must*
-  # always write the proprocessed file to stdout.
+  # always write the preprocessed file to stdout.
   "$@" || exit $?
 
   # Remove the call to Libtool.
   if test "$libtool" = yes; then
-    while test $1 != '--mode=compile'; do
+    while test "X$1" != 'X--mode=compile'; do
       shift
     done
     shift
@@ -370,7 +603,8 @@ cpp)
   done
 
   "$@" -E |
-    sed -n '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
+    sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
+       -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
     sed '$ s: \\$::' > "$tmpdepfile"
   rm -f "$depfile"
   echo "$object : \\" > "$depfile"
@@ -381,13 +615,27 @@ cpp)
 
 msvisualcpp)
   # Important note: in order to support this mode, a compiler *must*
-  # always write the proprocessed file to stdout, regardless of -o,
-  # because we must use -o when running libtool.
+  # always write the preprocessed file to stdout.
   "$@" || exit $?
+
+  # Remove the call to Libtool.
+  if test "$libtool" = yes; then
+    while test "X$1" != 'X--mode=compile'; do
+      shift
+    done
+    shift
+  fi
+
   IFS=" "
   for arg
   do
     case "$arg" in
+    -o)
+      shift
+      ;;
+    $object)
+      shift
+      ;;
     "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
 	set fnord "$@"
 	shift
@@ -400,16 +648,23 @@ msvisualcpp)
 	;;
     esac
   done
-  "$@" -E |
-  sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile"
+  "$@" -E 2>/dev/null |
+  sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
   rm -f "$depfile"
   echo "$object : \\" > "$depfile"
-  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::	\1 \\:p' >> "$depfile"
+  sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::	\1 \\:p' >> "$depfile"
   echo "	" >> "$depfile"
-  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile"
+  sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
   rm -f "$tmpdepfile"
   ;;
 
+msvcmsys)
+  # This case exists only to let depend.m4 do its work.  It works by
+  # looking at the text of this script.  This case will never be run,
+  # since it is checked for above.
+  exit 1
+  ;;
+
 none)
   exec "$@"
   ;;
@@ -421,3 +676,13 @@ none)
 esac
 
 exit 0
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 2
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 65a0f8a6..e1957bb8 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -40,6 +40,13 @@ docs-format:
 	    fi; \
 	    mv $$i.tmp $$i; \
 	done)
+	@(echo "Cleaning html documents"; \
+	for i in `find . -name "*.html" -print`; \
+	do \
+	    echo Cleaning $$i ; \
+	    sed 's/\xA0/ /g' $$i > $$i.tmp ; \
+	    mv $$i.tmp $$i ; \
+	done)
 
 dist-hook:
 	@$(CP) -p $(srcdir)/*.html $(distdir)
diff --git a/docs/Makefile.in b/docs/Makefile.in
index eb6bd97d..1636be5e 100644
--- a/docs/Makefile.in
+++ b/docs/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -36,13 +36,22 @@ host_triplet = @host@
 subdir = docs
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@@ -88,6 +97,7 @@ am__relativize = \
   reldir="$$dir2"
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -102,6 +112,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -110,6 +121,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -140,6 +155,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -171,8 +187,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -180,7 +198,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -199,6 +216,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -208,6 +227,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -243,6 +263,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -275,7 +296,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -346,7 +366,7 @@ clean-libtool:
 #     (which will cause the Makefiles to be regenerated when you run `make');
 # (2) otherwise, pass the desired values on the `make' command line.
 $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -371,7 +391,7 @@ $(RECURSIVE_TARGETS):
 	fi; test -z "$$fail"
 
 $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -550,10 +570,15 @@ install-am: all-am
 
 installcheck: installcheck-recursive
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
@@ -680,6 +705,13 @@ docs-format:
 	    fi; \
 	    mv $$i.tmp $$i; \
 	done)
+	@(echo "Cleaning html documents"; \
+	for i in `find . -name "*.html" -print`; \
+	do \
+	    echo Cleaning $$i ; \
+	    sed 's/\xA0/ /g' $$i > $$i.tmp ; \
+	    mv $$i.tmp $$i ; \
+	done)
 
 dist-hook:
 	@$(CP) -p $(srcdir)/*.html $(distdir)
diff --git a/docs/api/Makefile.am b/docs/api/Makefile.am
index e6741388..63c3e009 100644
--- a/docs/api/Makefile.am
+++ b/docs/api/Makefile.am
@@ -1,11 +1,5 @@
 #
-# To remove "bad" chars, run the following command
 #
-# for i in `grep -l $'\xA0' *` ; do \
-#	echo $i ;  \
-#	sed 's/\xA0/ /g' $i > $i.tmp ; \
-#	mv $i.tmp $i ; \
-# done
 #
 NULL=
 TOP=../..
@@ -38,9 +32,9 @@ all:
 
 docs: sgml html clean-sources
 
+# need to cleanup "bad" chars
 html: sgml xmlsec.sgml xmlsec-index
 	gtkdoc-mkhtml xmlsec xmlsec.sgml
-	
 
 #
 # Prepeare sgml files from sources for each library. We are also
@@ -65,6 +59,12 @@ sgml: templates
 		    --output-dir=sgml/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gnutls
+	-@gtkdoc-mkdb --module=xmlsec-gcrypt \
+		    --main-sgml-file=xmlsec-gcrypt.sgml \
+		    --tmpl-dir=tmpl/gcrypt \
+		    --output-dir=sgml/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/src/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gcrypt
 	-@gtkdoc-mkdb --module=xmlsec-nss \
 		    --main-sgml-file=xmlsec-nss.sgml \
 		    --tmpl-dir=tmpl/nss \
@@ -92,6 +92,8 @@ templates: scan
 		    --output-dir=tmpl/openssl
 	-@gtkdoc-mktmpl --module=xmlsec-gnutls \
 		    --output-dir=tmpl/gnutls
+	-@gtkdoc-mktmpl --module=xmlsec-gcrypt \
+		    --output-dir=tmpl/gcrypt
 	-@gtkdoc-mktmpl --module=xmlsec-nss \
 		    --output-dir=tmpl/nss
 	-@gtkdoc-mktmpl --module=xmlsec-mscrypto \
@@ -99,18 +101,27 @@ templates: scan
 
 scan: doc_sources example_sources
 	-@gtkdoc-scan --module=xmlsec \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/base \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/base
 	-@gtkdoc-scan --module=xmlsec-openssl \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/openssl \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/openssl
 	-@gtkdoc-scan --module=xmlsec-gnutls \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gnutls
+	-@gtkdoc-scan --module=xmlsec-gcrypt \
+		    --rebuild-sections \
+		    --source-dir=$(DOC_SOURCE_DIR)/src/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gcrypt
 	-@gtkdoc-scan --module=xmlsec-nss \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/nss \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/nss
 	-@gtkdoc-scan --module=xmlsec-mscrypto \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/mscrypto \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/mscrypto
 
@@ -142,7 +153,7 @@ doc_sources: $(DOC_SOURCE_FILES)
 #
 # Create index for all functions. For macros and defines need to add -CAPS suffix
 #
-xmlsec-index: scan 
+xmlsec-index: scan
 	@grep -h '<NAME>.*</NAME>' xmlsec-*decl.txt | \
 		grep -v '<NAME>extern</NAME>' | \
 		sort -u | \
diff --git a/docs/api/Makefile.in b/docs/api/Makefile.in
index 993e5486..d4770193 100644
--- a/docs/api/Makefile.in
+++ b/docs/api/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -36,18 +36,28 @@ host_triplet = @host@
 subdir = docs/api
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -62,6 +72,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -70,6 +81,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -100,6 +115,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -131,8 +147,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -140,7 +158,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -159,6 +176,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -168,6 +187,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -203,6 +223,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -235,7 +256,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -253,13 +273,7 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 
 #
-# To remove "bad" chars, run the following command
 #
-# for i in `grep -l $'\xA0' *` ; do \
-#	echo $i ;  \
-#	sed 's/\xA0/ /g' $i > $i.tmp ; \
-#	mv $i.tmp $i ; \
-# done
 #
 NULL = 
 TOP = ../..
@@ -380,10 +394,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
@@ -478,6 +497,7 @@ all:
 
 docs: sgml html clean-sources
 
+# need to cleanup "bad" chars
 html: sgml xmlsec.sgml xmlsec-index
 	gtkdoc-mkhtml xmlsec xmlsec.sgml
 
@@ -504,6 +524,12 @@ sgml: templates
 		    --output-dir=sgml/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gnutls
+	-@gtkdoc-mkdb --module=xmlsec-gcrypt \
+		    --main-sgml-file=xmlsec-gcrypt.sgml \
+		    --tmpl-dir=tmpl/gcrypt \
+		    --output-dir=sgml/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/src/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gcrypt
 	-@gtkdoc-mkdb --module=xmlsec-nss \
 		    --main-sgml-file=xmlsec-nss.sgml \
 		    --tmpl-dir=tmpl/nss \
@@ -531,6 +557,8 @@ templates: scan
 		    --output-dir=tmpl/openssl
 	-@gtkdoc-mktmpl --module=xmlsec-gnutls \
 		    --output-dir=tmpl/gnutls
+	-@gtkdoc-mktmpl --module=xmlsec-gcrypt \
+		    --output-dir=tmpl/gcrypt
 	-@gtkdoc-mktmpl --module=xmlsec-nss \
 		    --output-dir=tmpl/nss
 	-@gtkdoc-mktmpl --module=xmlsec-mscrypto \
@@ -538,18 +566,27 @@ templates: scan
 
 scan: doc_sources example_sources
 	-@gtkdoc-scan --module=xmlsec \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/base \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/base
 	-@gtkdoc-scan --module=xmlsec-openssl \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/openssl \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/openssl
 	-@gtkdoc-scan --module=xmlsec-gnutls \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/gnutls \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gnutls
+	-@gtkdoc-scan --module=xmlsec-gcrypt \
+		    --rebuild-sections \
+		    --source-dir=$(DOC_SOURCE_DIR)/src/gcrypt \
+		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/gcrypt
 	-@gtkdoc-scan --module=xmlsec-nss \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/nss \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/nss
 	-@gtkdoc-scan --module=xmlsec-mscrypto \
+		    --rebuild-sections \
 		    --source-dir=$(DOC_SOURCE_DIR)/src/mscrypto \
 		    --source-dir=$(DOC_SOURCE_DIR)/include/xmlsec/mscrypto
 
@@ -581,7 +618,7 @@ doc_sources: $(DOC_SOURCE_FILES)
 #
 # Create index for all functions. For macros and defines need to add -CAPS suffix
 #
-xmlsec-index: scan 
+xmlsec-index: scan
 	@grep -h '<NAME>.*</NAME>' xmlsec-*decl.txt | \
 		grep -v '<NAME>extern</NAME>' | \
 		sort -u | \
diff --git a/docs/api/chapters/compiling-and-linking.sgml b/docs/api/chapters/compiling-and-linking.sgml
index 2cc6e44d..f184c6a4 100644
--- a/docs/api/chapters/compiling-and-linking.sgml
+++ b/docs/api/chapters/compiling-and-linking.sgml
@@ -161,7 +161,7 @@ clean:
 	    <listitem><para>xmlsec1-config script
 		<example>
 		    <title>Using xmlsec1-config script in a Makefile
-		    to select crypto engine (gnutls) at linking time.</title>
+		    to select crypto engine (e.g. gnutls) at linking time.</title>
 		    <programlisting><![CDATA[
 PROGRAM = test
 PROGRAM_FILES = test.c
diff --git a/docs/api/chapters/init-and-shutdown.sgml b/docs/api/chapters/init-and-shutdown.sgml
index 4cf869f7..688a6372 100644
--- a/docs/api/chapters/init-and-shutdown.sgml
+++ b/docs/api/chapters/init-and-shutdown.sgml
@@ -6,7 +6,7 @@
 	<itemizedlist>
 	    <listitem><para>libxml library;</para></listitem>
 	    <listitem><para>libxslt library;</para></listitem>
-	    <listitem><para>crypto library (OpenSSL, GnuTLS, NSS, ...);</para></listitem>
+	    <listitem><para>crypto library (OpenSSL, GnuTLS, GCrypt, NSS, ...);</para></listitem>
 	    <listitem><para>xmlsec library 
 		(<link linkend="xmlSecInit">xmlSecInit</link> 
 		and <link linkend="xmlSecShutdown">xmlSecShutdown</link> 
diff --git a/docs/api/chapters/new-crypto.sgml b/docs/api/chapters/new-crypto.sgml
index 08a936e5..52191417 100644
--- a/docs/api/chapters/new-crypto.sgml
+++ b/docs/api/chapters/new-crypto.sgml
@@ -4,7 +4,7 @@
     <title>Overview.</title>
     <para>XML Security Library can support practicaly any cryptographic
     library. Currently, it has "out-of-the-box" support for OpenSSL,
-    NSS and GnuTLS. If your favorite library is not supported yet then
+    MSCrypto, NSS, GnuTLS and GCrypt. If your favorite library is not supported yet then
     you can write necessary code yourself. If you and your company
     (university, ...) are willing to share the results of your work I would 
     be happy to add support for new libraries to the main XML Security 
@@ -14,7 +14,7 @@
     <link linkend="xmlsec-notes-structure">separates</link> 
     the cryptographic library (engine) 
     specific code in an "xmlsec-&lt;crypto&gt;" library (where "&lt;crypto&gt;" is 
-    "openssl", "gnutls", "nss", etc.) which includes following items:
+    "openssl", "mscrypt", "gnutls", "gcrypt", "nss", etc.) which includes following items:
     <itemizedlist>
     <listitem><para>
     xmlSecCryptoApp* functions.
@@ -186,7 +186,7 @@ src/mycrypto/Makefile
 	<example>
 	    <title>Compiling the results.</title>
 	    <programlisting><![CDATA[
-./autogen.sh --without-openssl --without-nss --without-gnutls \
+./autogen.sh --without-openssl --without-nss --without-gnutls --without-gcrypt \
     	     --with-mycrypto=$HOME --disable-tmpl-tests
 make	
 	    ]]></programlisting>
diff --git a/docs/api/chapters/sign-and-encrypt.sgml b/docs/api/chapters/sign-and-encrypt.sgml
index 58ff04ac..72b969b6 100644
--- a/docs/api/chapters/sign-and-encrypt.sgml
+++ b/docs/api/chapters/sign-and-encrypt.sgml
@@ -20,7 +20,7 @@
     
     <sect1 id="xmlsec-notes-sign" >
 	<title>Signing a document.</title>
-	<para>The typical siganture process includes following steps:
+	<para>The typical signature process includes following steps:
 	  <itemizedlist>
 	    <listitem><para>
 		Prepare data for signature.
diff --git a/docs/api/chapters/using-contexts.sgml b/docs/api/chapters/using-contexts.sgml
index 0dc1c263..48a336d9 100644
--- a/docs/api/chapters/using-contexts.sgml
+++ b/docs/api/chapters/using-contexts.sgml
@@ -71,13 +71,13 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* limit the Reference URI attributes to empty or NULL */
     dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeEmpty;
     
-    /* limit allowed transforms for siganture and reference processing */
+    /* limit allowed transforms for signature and reference processing */
     if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformSha1Id) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformRsaSha1Id) < 0)) {
 
-        fprintf(stderr,"Error: failed to limit allowed siganture transforms\n");
+        fprintf(stderr,"Error: failed to limit allowed signature transforms\n");
 	goto done;
     }
     if((xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
diff --git a/docs/api/chapters/verify-and-decrypt.sgml b/docs/api/chapters/verify-and-decrypt.sgml
index 699d19b6..382c97c1 100644
--- a/docs/api/chapters/verify-and-decrypt.sgml
+++ b/docs/api/chapters/verify-and-decrypt.sgml
@@ -20,7 +20,7 @@
     
     <sect1 id="xmlsec-notes-verify" >
 	<title>Verifying a signed document</title>
-	<para>The typical siganture verification process includes following steps:
+	<para>The typical signature verification process includes following steps:
 	  <itemizedlist>
 	    <listitem><para>
 		Load keys, X509 certificates, etc. in the <link linkend="xmlSecKeysMngr">keys manager</link> .
diff --git a/docs/api/home.png b/docs/api/home.png
index 4cb87290..fb60b552 100644
--- a/docs/api/home.png
+++ b/docs/api/home.png
diff --git a/docs/api/images/diagrams.sxd b/docs/api/images/diagrams.sxd
index aab2bddc..53bbeb5e 100644
--- a/docs/api/images/diagrams.sxd
+++ b/docs/api/images/diagrams.sxd
diff --git a/docs/api/images/encryption-structure.png b/docs/api/images/encryption-structure.png
index fd70c0e3..16c78afa 100644
--- a/docs/api/images/encryption-structure.png
+++ b/docs/api/images/encryption-structure.png
diff --git a/docs/api/images/signature-structure.png b/docs/api/images/signature-structure.png
index 5783e218..dd705ba8 100644
--- a/docs/api/images/signature-structure.png
+++ b/docs/api/images/signature-structure.png
diff --git a/docs/api/images/transforms-chain.png b/docs/api/images/transforms-chain.png
index ba8e51af..e8eb219c 100644
--- a/docs/api/images/transforms-chain.png
+++ b/docs/api/images/transforms-chain.png
diff --git a/docs/api/index.html b/docs/api/index.html
index d0e95a0d..cc534d90 100644
--- a/docs/api/index.html
+++ b/docs/api/index.html
@@ -259,6 +259,13 @@
 <dt>
 <a href="xmlsec-gnutls-crypto.html">crypto</a> -- Crypto transforms implementation for GnuTLS.</dt>
 </dl></dd>
+<dt><a href="xmlsec-gcrypt-ref.html">XML Security Library for GCrypt API Reference.</a></dt>
+<dd><dl>
+<dt>
+<a href="xmlsec-gcrypt-app.html">app</a> -- Application functions implementation for GnuTLS.</dt>
+<dt>
+<a href="xmlsec-gcrypt-crypto.html">crypto</a> -- Crypto transforms implementation for GCrypt.</dt>
+</dl></dd>
 <dt><a href="xmlsec-nss-ref.html">XML Security Library for NSS API Reference.</a></dt>
 <dd><dl>
 <dt>
diff --git a/docs/api/index.sgml b/docs/api/index.sgml
index cccfd3f4..eb112aa4 100644
--- a/docs/api/index.sgml
+++ b/docs/api/index.sgml
@@ -28,6 +28,8 @@
 <ANCHOR id ="XMLSEC-OPENSSL-X509" href="xmlsec-openssl-x509.html">
 <ANCHOR id ="XMLSEC-GNUTLS-APP" href="xmlsec-gnutls-app.html">
 <ANCHOR id ="XMLSEC-GNUTLS-CRYPTO" href="xmlsec-gnutls-crypto.html">
+<ANCHOR id ="XMLSEC-GCRYPT-APP" href="xmlsec-gcrypt-app.html">
+<ANCHOR id ="XMLSEC-GCRYPT-CRYPTO" href="xmlsec-gcrypt-crypto.html">
 <ANCHOR id ="XMLSEC-NSS-APP" href="xmlsec-nss-app.html">
 <ANCHOR id ="XMLSEC-NSS-BIGNUM" href="xmlsec-nss-bignum.html">
 <ANCHOR id ="XMLSEC-NSS-CRYPTO" href="xmlsec-nss-crypto.html">
diff --git a/docs/api/left.png b/docs/api/left.png
index b3b7b565..48cab276 100644
--- a/docs/api/left.png
+++ b/docs/api/left.png
diff --git a/docs/api/right.png b/docs/api/right.png
index 52df4446..ed55207f 100644
--- a/docs/api/right.png
+++ b/docs/api/right.png
diff --git a/docs/api/up.png b/docs/api/up.png
index b974dceb..8eb591f3 100644
--- a/docs/api/up.png
+++ b/docs/api/up.png
diff --git a/docs/api/xmlsec-app.html b/docs/api/xmlsec-app.html
index 07e50d12..7c254d4d 100644
--- a/docs/api/xmlsec-app.html
+++ b/docs/api/xmlsec-app.html
@@ -90,147 +90,161 @@
 <a name="AEN836"></a><h2>Name</h2>app -- Crypto-engine independent application support function.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-APP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOINIT">xmlSecCryptoInit</a>                    (void);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOSHUTDOWN">xmlSecCryptoShutdown</a>                (void);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOKEYSMNGRINIT">xmlSecCryptoKeysMngrInit</a>            (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecCryptoAppDefaultKeysMngrAdoptKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT">xmlSecCryptoAppDefaultKeysMngrInit</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRLOAD">xmlSecCryptoAppDefaultKeysMngrLoad</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRSAVE">xmlSecCryptoAppDefaultKeysMngrSave</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-app.html#XMLSECCRYPTOAPPGETDEFAULTPWDCALLBACK">xmlSecCryptoAppGetDefaultPwdCallback</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPINIT">xmlSecCryptoAppInit</a>                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYCERTLOAD">xmlSecCryptoAppKeyCertLoad</a>          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYCERTLOADMEMORY">xmlSecCryptoAppKeyCertLoadMemory</a>    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYLOAD">xmlSecCryptoAppKeyLoad</a>              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYLOADMEMORY">xmlSecCryptoAppKeyLoadMemory</a>        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYSMNGRCERTLOAD">xmlSecCryptoAppKeysMngrCertLoad</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYSMNGRCERTLOADMEMORY">xmlSecCryptoAppKeysMngrCertLoadMemory</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPPKCS12LOAD">xmlSecCryptoAppPkcs12Load</a>           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPPKCS12LOADMEMORY">xmlSecCryptoAppPkcs12LoadMemory</a>     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOAPPSHUTDOWN">xmlSecCryptoAppShutdown</a>             (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOINIT">xmlSecCryptoInit</a>                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOKEYSMNGRINIT">xmlSecCryptoKeysMngrInit</a>            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-app.html#XMLSECCRYPTOSHUTDOWN">xmlSecCryptoShutdown</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATAAESGETKLASS">xmlSecKeyDataAesGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATAAESID">xmlSecKeyDataAesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATAAESGETKLASS">xmlSecKeyDataAesGetKlass</a>            (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATADESGETKLASS">xmlSecKeyDataDesGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATADESID">xmlSecKeyDataDesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATADESGETKLASS">xmlSecKeyDataDesGetKlass</a>            (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATADSAGETKLASS">xmlSecKeyDataDsaGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATADSAID">xmlSecKeyDataDsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATADSAGETKLASS">xmlSecKeyDataDsaGetKlass</a>            (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATAECDSAGETKLASS">xmlSecKeyDataEcdsaGetKlass</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECKEYDATAECDSAID">xmlSecKeyDataEcdsaId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATAGOST2001GETKLASS">xmlSecKeyDataGost2001GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATAGOST2001ID">xmlSecKeyDataGost2001Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATAGOST2001GETKLASS">xmlSecKeyDataGost2001GetKlass</a>       (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATAHMACGETKLASS">xmlSecKeyDataHmacGetKlass</a>           (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATAHMACID">xmlSecKeyDataHmacId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATAHMACGETKLASS">xmlSecKeyDataHmacGetKlass</a>           (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATARAWX509CERTGETKLASS">xmlSecKeyDataRawX509CertGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECKEYDATARAWX509CERTID">xmlSecKeyDataRawX509CertId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATARSAGETKLASS">xmlSecKeyDataRsaGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATARSAID">xmlSecKeyDataRsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATARSAGETKLASS">xmlSecKeyDataRsaGetKlass</a>            (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECKEYDATAX509GETKLASS">xmlSecKeyDataX509GetKlass</a>           (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECKEYDATAX509ID">xmlSecKeyDataX509Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATAX509GETKLASS">xmlSecKeyDataX509GetKlass</a>           (void);
-#define             <a href="xmlsec-app.html#XMLSECKEYDATARAWX509CERTID">xmlSecKeyDataRawX509CertId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-app.html#XMLSECKEYDATARAWX509CERTGETKLASS">xmlSecKeyDataRawX509CertGetKlass</a>    (void);
-#define             <a href="xmlsec-app.html#XMLSECX509STOREID">xmlSecX509StoreId</a>
-<font>xmlSecKeyDataStoreId</font>  <a href="xmlsec-app.html#XMLSECX509STOREGETKLASS">xmlSecX509StoreGetKlass</a>           (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMAES128CBCGETKLASS">xmlSecTransformAes128CbcGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMAES128CBCID">xmlSecTransformAes128CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMAES128CBCGETKLASS">xmlSecTransformAes128CbcGetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMAES192CBCGETKLASS">xmlSecTransformAes192CbcGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMAES192CBCID">xmlSecTransformAes192CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMAES192CBCGETKLASS">xmlSecTransformAes192CbcGetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMAES256CBCGETKLASS">xmlSecTransformAes256CbcGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMAES256CBCID">xmlSecTransformAes256CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMAES256CBCGETKLASS">xmlSecTransformAes256CbcGetKlass</a>    (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES128ID">xmlSecTransformKWAes128Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES128GETKLASS">xmlSecTransformKWAes128GetKlass</a>     (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES192ID">xmlSecTransformKWAes192Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES192GETKLASS">xmlSecTransformKWAes192GetKlass</a>     (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES256ID">xmlSecTransformKWAes256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES256GETKLASS">xmlSecTransformKWAes256GetKlass</a>     (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMDES3CBCGETKLASS">xmlSecTransformDes3CbcGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMDES3CBCID">xmlSecTransformDes3CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMDES3CBCGETKLASS">xmlSecTransformDes3CbcGetKlass</a>      (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWDES3ID">xmlSecTransformKWDes3Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMKWDES3GETKLASS">xmlSecTransformKWDes3GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA1GETKLASS">xmlSecTransformDsaSha1GetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA1ID">xmlSecTransformDsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA1GETKLASS">xmlSecTransformDsaSha1GetKlass</a>      (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA256GETKLASS">xmlSecTransformDsaSha256GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA256ID">xmlSecTransformDsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA1GETKLASS">xmlSecTransformEcdsaSha1GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA1ID">xmlSecTransformEcdsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA224GETKLASS">xmlSecTransformEcdsaSha224GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA224ID">xmlSecTransformEcdsaSha224Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA256GETKLASS">xmlSecTransformEcdsaSha256GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA256ID">xmlSecTransformEcdsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA384GETKLASS">xmlSecTransformEcdsaSha384GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA384ID">xmlSecTransformEcdsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA512GETKLASS">xmlSecTransformEcdsaSha512GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA512ID">xmlSecTransformEcdsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMGOST2001GOSTR3411-94GETKLASS">xmlSecTransformGost2001GostR3411_94GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMGOST2001GOSTR3411-94ID">xmlSecTransformGost2001GostR3411_94Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMGOST2001GOSTR3411-94GETKLASS">xmlSecTransformGost2001GostR3411_94GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMGOSTR3411-94GETKLASS">xmlSecTransformGostR3411_94GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMGOSTR3411-94ID">xmlSecTransformGostR3411_94Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACMD5GETKLASS">xmlSecTransformHmacMd5GetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACMD5ID">xmlSecTransformHmacMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACMD5GETKLASS">xmlSecTransformHmacMd5GetKlass</a>      (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACRIPEMD160GETKLASS">xmlSecTransformHmacRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACRIPEMD160ID">xmlSecTransformHmacRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACRIPEMD160GETKLASS">xmlSecTransformHmacRipemd160GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA1GETKLASS">xmlSecTransformHmacSha1GetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA1ID">xmlSecTransformHmacSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA1GETKLASS">xmlSecTransformHmacSha1GetKlass</a>     (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA224GETKLASS">xmlSecTransformHmacSha224GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA224ID">xmlSecTransformHmacSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA224GETKLASS">xmlSecTransformHmacSha224GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA256GETKLASS">xmlSecTransformHmacSha256GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA256ID">xmlSecTransformHmacSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA256GETKLASS">xmlSecTransformHmacSha256GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA384GETKLASS">xmlSecTransformHmacSha384GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA384ID">xmlSecTransformHmacSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA384GETKLASS">xmlSecTransformHmacSha384GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA512GETKLASS">xmlSecTransformHmacSha512GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA512ID">xmlSecTransformHmacSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMHMACSHA512GETKLASS">xmlSecTransformHmacSha512GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMKWAES128GETKLASS">xmlSecTransformKWAes128GetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES128ID">xmlSecTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMKWAES192GETKLASS">xmlSecTransformKWAes192GetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES192ID">xmlSecTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMKWAES256GETKLASS">xmlSecTransformKWAes256GetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWAES256ID">xmlSecTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMKWDES3GETKLASS">xmlSecTransformKWDes3GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMKWDES3ID">xmlSecTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMMD5GETKLASS">xmlSecTransformMd5GetKlass</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMMD5ID">xmlSecTransformMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMMD5GETKLASS">xmlSecTransformMd5GetKlass</a>          (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRIPEMD160GETKLASS">xmlSecTransformRipemd160GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRIPEMD160ID">xmlSecTransformRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRIPEMD160GETKLASS">xmlSecTransformRipemd160GetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSAMD5GETKLASS">xmlSecTransformRsaMd5GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSAMD5ID">xmlSecTransformRsaMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSAMD5GETKLASS">xmlSecTransformRsaMd5GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSAOAEPGETKLASS">xmlSecTransformRsaOaepGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSAOAEPID">xmlSecTransformRsaOaepId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSAPKCS1GETKLASS">xmlSecTransformRsaPkcs1GetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSAPKCS1ID">xmlSecTransformRsaPkcs1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSARIPEMD160GETKLASS">xmlSecTransformRsaRipemd160GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSARIPEMD160ID">xmlSecTransformRsaRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSARIPEMD160GETKLASS">xmlSecTransformRsaRipemd160GetKlass</a> (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA1GETKLASS">xmlSecTransformRsaSha1GetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA1ID">xmlSecTransformRsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA1GETKLASS">xmlSecTransformRsaSha1GetKlass</a>      (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA224GETKLASS">xmlSecTransformRsaSha224GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA224ID">xmlSecTransformRsaSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA224GETKLASS">xmlSecTransformRsaSha224GetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA256GETKLASS">xmlSecTransformRsaSha256GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA256ID">xmlSecTransformRsaSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA256GETKLASS">xmlSecTransformRsaSha256GetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA384GETKLASS">xmlSecTransformRsaSha384GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA384ID">xmlSecTransformRsaSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA384GETKLASS">xmlSecTransformRsaSha384GetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA512GETKLASS">xmlSecTransformRsaSha512GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA512ID">xmlSecTransformRsaSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSASHA512GETKLASS">xmlSecTransformRsaSha512GetKlass</a>    (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSAPKCS1ID">xmlSecTransformRsaPkcs1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSAPKCS1GETKLASS">xmlSecTransformRsaPkcs1GetKlass</a>     (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMRSAOAEPID">xmlSecTransformRsaOaepId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMRSAOAEPGETKLASS">xmlSecTransformRsaOaepGetKlass</a>      (void);
-#define             <a href="xmlsec-app.html#XMLSECTRANSFORMGOSTR3411-94ID">xmlSecTransformGostR3411_94Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMGOSTR3411-94GETKLASS">xmlSecTransformGostR3411_94GetKlass</a> (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMSHA1GETKLASS">xmlSecTransformSha1GetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMSHA1ID">xmlSecTransformSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMSHA1GETKLASS">xmlSecTransformSha1GetKlass</a>         (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMSHA224GETKLASS">xmlSecTransformSha224GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMSHA224ID">xmlSecTransformSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMSHA224GETKLASS">xmlSecTransformSha224GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMSHA256GETKLASS">xmlSecTransformSha256GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMSHA256ID">xmlSecTransformSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMSHA256GETKLASS">xmlSecTransformSha256GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMSHA384GETKLASS">xmlSecTransformSha384GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMSHA384ID">xmlSecTransformSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMSHA384GETKLASS">xmlSecTransformSha384GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECTRANSFORMSHA512GETKLASS">xmlSecTransformSha512GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-app.html#XMLSECTRANSFORMSHA512ID">xmlSecTransformSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-app.html#XMLSECTRANSFORMSHA512GETKLASS">xmlSecTransformSha512GetKlass</a>       (void);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPINIT">xmlSecCryptoAppInit</a>                 (const <font>char</font> *config);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPSHUTDOWN">xmlSecCryptoAppShutdown</a>             (void);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT">xmlSecCryptoAppDefaultKeysMngrInit</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecCryptoAppDefaultKeysMngrAdoptKey</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRLOAD">xmlSecCryptoAppDefaultKeysMngrLoad</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRSAVE">xmlSecCryptoAppDefaultKeysMngrSave</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYSMNGRCERTLOAD">xmlSecCryptoAppKeysMngrCertLoad</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYSMNGRCERTLOADMEMORY">xmlSecCryptoAppKeysMngrCertLoadMemory</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYLOAD">xmlSecCryptoAppKeyLoad</a>              (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYLOADMEMORY">xmlSecCryptoAppKeyLoadMemory</a>        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPPKCS12LOAD">xmlSecCryptoAppPkcs12Load</a>           (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-app.html#XMLSECCRYPTOAPPPKCS12LOADMEMORY">xmlSecCryptoAppPkcs12LoadMemory</a>     (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYCERTLOAD">xmlSecCryptoAppKeyCertLoad</a>          (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYCERTLOADMEMORY">xmlSecCryptoAppKeyCertLoadMemory</a>    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>void</font>*               <a href="xmlsec-app.html#XMLSECCRYPTOAPPGETDEFAULTPWDCALLBACK">xmlSecCryptoAppGetDefaultPwdCallback</a>
-                                                        (void);</pre>
+<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink><a href="xmlsec-app.html#XMLSECX509STOREGETKLASS">xmlSecX509StoreGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-app.html#XMLSECX509STOREID">xmlSecX509StoreId</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-APP.DESCRIPTION"></a><h2>Description</h2>
@@ -239,252 +253,662 @@
 <div class="REFSECT1">
 <a name="XMLSEC-APP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOINIT"></a><h3>xmlSecCryptoInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoInit                    (void);</pre>
-<p>XMLSec library specific crypto engine initialization.</p>
+<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecCryptoAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppDefaultKeysMngrAdoptKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecCryptoAppDefaultKeysMngrInit</span></a>
+function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1366"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1371"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1376"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecCryptoAppDefaultKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppDefaultKeysMngrInit  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
+and a default crypto key data stores.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1396"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1401"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecCryptoAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppDefaultKeysMngrLoad  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecCryptoAppDefaultKeysMngrInit</span></a> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1425"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1430"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1435"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecCryptoAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppDefaultKeysMngrSave  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1459"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1464"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1469"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1474"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecCryptoAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecCryptoAppGetDefaultPwdCallback
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1067"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN1490"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOSHUTDOWN"></a><h3>xmlSecCryptoShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoShutdown                (void);</pre>
-<p>XMLSec library specific crypto engine shutdown.</p>
+<a name="XMLSECCRYPTOAPPINIT"></a><h3>xmlSecCryptoAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppInit                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1508"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to crypto library configuration.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1513"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYCERTLOAD"></a><h3>xmlSecCryptoAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppKeyCertLoad          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1537"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1542"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1547"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1552"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYCERTLOADMEMORY"></a><h3>xmlSecCryptoAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppKeyCertLoadMemory    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from memory buffer and adds it to key.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1578"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1583"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1588"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1593"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1598"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYLOAD"></a><h3>xmlSecCryptoAppKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecCryptoAppKeyLoad              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the a file.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1627"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1632"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1637"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1642"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1647"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1652"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYLOADMEMORY"></a><h3>xmlSecCryptoAppKeyLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecCryptoAppKeyLoadMemory        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the memory buffer.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1684"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1689"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of binary key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1694"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1699"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1704"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1709"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1714"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecCryptoAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppKeysMngrCertLoad     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1742"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1747"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1752"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1757"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1763"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecCryptoAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppKeysMngrCertLoadMemory
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1794"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1799"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1804"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1809"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1814"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate trusted or not.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1819"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPPKCS12LOAD"></a><h3>xmlSecCryptoAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecCryptoAppPkcs12Load           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file.
+For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1845"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1850"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1855"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1860"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1865"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPPKCS12LOADMEMORY"></a><h3>xmlSecCryptoAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecCryptoAppPkcs12LoadMemory     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
+For uniformity, call xmlSecCryptoAppKeyLoadMemory instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1894"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1899"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1904"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1909"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1914"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN1919"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOAPPSHUTDOWN"></a><h3>xmlSecCryptoAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoAppShutdown             (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1081"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN1936"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOINIT"></a><h3>xmlSecCryptoInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoInit                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine initialization.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN1952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTOKEYSMNGRINIT"></a><h3>xmlSecCryptoKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoKeysMngrInit            (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoKeysMngrInit            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
 <p>Adds crypto specific key data stores in keys manager.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN1096"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN1969"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN1101"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN1974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAAESID"></a><h3>xmlSecKeyDataAesId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataAesId			xmlSecKeyDataAesGetKlass()</pre>
-<p>The AES key klass.</p>
+<a name="XMLSECCRYPTOSHUTDOWN"></a><h3>xmlSecCryptoShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoShutdown                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN1990"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAAESGETKLASS"></a><h3>xmlSecKeyDataAesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataAesGetKlass            (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataAesGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The AES key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1122"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES key data klass or NULL if an error occurs
+<td align="LEFT" valign="TOP"><a name="AEN2006"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass or NULL if an error occurs
 (xmlsec-crypto library is not loaded or the AES key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADESID"></a><h3>xmlSecKeyDataDesId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataDesId			xmlSecKeyDataDesGetKlass()</pre>
-<p>The DES key klass.</p>
-<p></p>
+<a name="XMLSECKEYDATAAESID"></a><h3>xmlSecKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataAesId                      xmlSecKeyDataAesGetKlass()</pre>
+<p>The AES key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATADESGETKLASS"></a><h3>xmlSecKeyDataDesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataDesGetKlass            (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataDesGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The DES key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1143"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DES key data klass or NULL if an error occurs
+<td align="LEFT" valign="TOP"><a name="AEN2028"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass or NULL if an error occurs
 (xmlsec-crypto library is not loaded or the DES key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADSAID"></a><h3>xmlSecKeyDataDsaId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataDsaId			xmlSecKeyDataDsaGetKlass()</pre>
-<p>The DSA key klass.</p>
-<p></p>
+<a name="XMLSECKEYDATADESID"></a><h3>xmlSecKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataDesId                      xmlSecKeyDataDesGetKlass()</pre>
+<p>The DES key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATADSAGETKLASS"></a><h3>xmlSecKeyDataDsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataDsaGetKlass            (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataDsaGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The DSA key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1164"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DSA key data klass or NULL if an error occurs
+<td align="LEFT" valign="TOP"><a name="AEN2050"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA key data klass or NULL if an error occurs
 (xmlsec-crypto library is not loaded or the DSA key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGOST2001ID"></a><h3>xmlSecKeyDataGost2001Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataGost2001Id			xmlSecKeyDataGost2001GetKlass()</pre>
-<p>The GOST2001 key klass.</p>
+<a name="XMLSECKEYDATADSAID"></a><h3>xmlSecKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataDsaId                      xmlSecKeyDataDsaGetKlass()</pre>
+<p>The DSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAECDSAGETKLASS"></a><h3>xmlSecKeyDataEcdsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataEcdsaGetKlass          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN2072"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA key data klass or NULL if an error occurs
+(xmlsec-crypto library is not loaded or the ECDSA key data
+klass is not implemented).</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAECDSAID"></a><h3>xmlSecKeyDataEcdsaId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataEcdsaId                    xmlSecKeyDataEcdsaGetKlass()</pre>
+<p>The ECDSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAGOST2001GETKLASS"></a><h3>xmlSecKeyDataGost2001GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataGost2001GetKlass       (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataGost2001GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The GOST2001 key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1185"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> GOST2001 key data klass or NULL if an error occurs
+<td align="LEFT" valign="TOP"><a name="AEN2094"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>GOST2001 key data klass or NULL if an error occurs
 (xmlsec-crypto library is not loaded or the GOST2001 key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAHMACID"></a><h3>xmlSecKeyDataHmacId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataHmacId			xmlSecKeyDataHmacGetKlass()</pre>
-<p>The DHMAC key klass.</p>
-<p></p>
+<a name="XMLSECKEYDATAGOST2001ID"></a><h3>xmlSecKeyDataGost2001Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataGost2001Id                 xmlSecKeyDataGost2001GetKlass()</pre>
+<p>The GOST2001 key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAHMACGETKLASS"></a><h3>xmlSecKeyDataHmacGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataHmacGetKlass           (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataHmacGetKlass           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1206"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HMAC key data klass or NULL if an error occurs
+<td align="LEFT" valign="TOP"><a name="AEN2116"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass or NULL if an error occurs
 (xmlsec-crypto library is not loaded or the HMAC key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATARSAID"></a><h3>xmlSecKeyDataRsaId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataRsaId			xmlSecKeyDataRsaGetKlass()</pre>
-<p>The RSA key klass.</p>
-<p></p>
+<a name="XMLSECKEYDATAHMACID"></a><h3>xmlSecKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataHmacId                     xmlSecKeyDataHmacGetKlass()</pre>
+<p>The DHMAC key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATARSAGETKLASS"></a><h3>xmlSecKeyDataRsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataRsaGetKlass            (void);</pre>
-<p>The RSA key data klass.</p>
-<p></p>
+<a name="XMLSECKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecKeyDataRawX509CertGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataRawX509CertGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The raw X509 cert key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1227"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA key data klass or NULL if an error occurs
-(xmlsec-crypto library is not loaded or the RSA key data
+<td align="LEFT" valign="TOP"><a name="AEN2138"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>raw x509 cert key data klass or NULL if an error occurs
+(xmlsec-crypto library is not loaded or the raw X509 cert key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAX509ID"></a><h3>xmlSecKeyDataX509Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataX509Id			xmlSecKeyDataX509GetKlass()</pre>
-<p>The X509 data klass.</p>
-<p></p>
+<a name="XMLSECKEYDATARAWX509CERTID"></a><h3>xmlSecKeyDataRawX509CertId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataRawX509CertId              xmlSecKeyDataRawX509CertGetKlass()</pre>
+<p>The  raw X509 certificate klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAX509GETKLASS"></a><h3>xmlSecKeyDataX509GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataX509GetKlass           (void);</pre>
-<p>The X509 key data klass.</p>
-<p></p>
+<a name="XMLSECKEYDATARSAGETKLASS"></a><h3>xmlSecKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataRsaGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1248"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> X509 key data klass or NULL if an error occurs
-(xmlsec-crypto library is not loaded or the X509 key data
+<td align="LEFT" valign="TOP"><a name="AEN2160"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA key data klass or NULL if an error occurs
+(xmlsec-crypto library is not loaded or the RSA key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATARAWX509CERTID"></a><h3>xmlSecKeyDataRawX509CertId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataRawX509CertId		xmlSecKeyDataRawX509CertGetKlass()</pre>
-<p>The  raw X509 certificate klass.</p>
-<p></p>
+<a name="XMLSECKEYDATARSAID"></a><h3>xmlSecKeyDataRsaId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataRsaId                      xmlSecKeyDataRsaGetKlass()</pre>
+<p>The RSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecKeyDataRawX509CertGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataRawX509CertGetKlass    (void);</pre>
-<p>The raw X509 cert key data klass.</p>
-<p></p>
+<a name="XMLSECKEYDATAX509GETKLASS"></a><h3>xmlSecKeyDataX509GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataX509GetKlass           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The X509 key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1269"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> raw x509 cert key data klass or NULL if an error occurs
-(xmlsec-crypto library is not loaded or the raw X509 cert key data
+<td align="LEFT" valign="TOP"><a name="AEN2182"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>X509 key data klass or NULL if an error occurs
+(xmlsec-crypto library is not loaded or the X509 key data
 klass is not implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECX509STOREID"></a><h3>xmlSecX509StoreId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecX509StoreId			xmlSecX509StoreGetKlass()</pre>
-<p>The  X509 store klass.</p>
-<p></p>
+<a name="XMLSECKEYDATAX509ID"></a><h3>xmlSecKeyDataX509Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataX509Id                     xmlSecKeyDataX509GetKlass()</pre>
+<p>The X509 data klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECX509STOREGETKLASS"></a><h3>xmlSecX509StoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataStoreId</font>  xmlSecX509StoreGetKlass           (void);</pre>
-<p>The X509 certificates key data store klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecTransformAes128CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformAes128CbcGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 128 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1290"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to X509 certificates key data store klass or NULL if 
-an error occurs (xmlsec-crypto library is not loaded or the raw X509 
-cert key data klass is not implemented).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN2204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMAES128CBCID"></a><h3>xmlSecTransformAes128CbcId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformAes128CbcId		xmlSecTransformAes128CbcGetKlass()</pre>
+<pre class="PROGRAMLISTING">#define xmlSecTransformAes128CbcId              xmlSecTransformAes128CbcGetKlass()</pre>
 <p>The AES128 CBC cipher transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecTransformAes128CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformAes128CbcGetKlass    (void);</pre>
-<p>AES 128 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecTransformAes192CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformAes192CbcGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 192 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1311"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 128 CBC encryption transform or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2226"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
@@ -492,20 +916,18 @@ implemented).</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMAES192CBCID"></a><h3>xmlSecTransformAes192CbcId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformAes192CbcId		xmlSecTransformAes192CbcGetKlass()</pre>
+<pre class="PROGRAMLISTING">#define xmlSecTransformAes192CbcId              xmlSecTransformAes192CbcGetKlass()</pre>
 <p>The AES192 CBC cipher transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecTransformAes192CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformAes192CbcGetKlass    (void);</pre>
-<p>AES 192 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecTransformAes256CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformAes256CbcGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 256 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1332"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 192 CBC encryption transform or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2248"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
@@ -513,505 +935,495 @@ implemented).</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMAES256CBCID"></a><h3>xmlSecTransformAes256CbcId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformAes256CbcId		xmlSecTransformAes256CbcGetKlass()</pre>
+<pre class="PROGRAMLISTING">#define xmlSecTransformAes256CbcId              xmlSecTransformAes256CbcGetKlass()</pre>
 <p>The AES256 CBC cipher transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecTransformAes256CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformAes256CbcGetKlass    (void);</pre>
-<p>AES 256 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformDes3CbcGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1353"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 256 CBC encryption transform or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2270"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES128ID"></a><h3>xmlSecTransformKWAes128Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes128Id		xmlSecTransformKWAes128GetKlass()</pre>
-<p>The AES 128 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDES3CBCID"></a><h3>xmlSecTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDes3CbcId                xmlSecTransformDes3CbcGetKlass()</pre>
+<p>The Triple DES encryption transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecTransformKWAes128GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformKWAes128GetKlass     (void);</pre>
-<p>The AES-128 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformDsaSha1GetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1374"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-128 kew wrapper transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2292"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES192ID"></a><h3>xmlSecTransformKWAes192Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes192Id		xmlSecTransformKWAes192GetKlass()</pre>
-<p>The AES 192 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDSASHA1ID"></a><h3>xmlSecTransformDsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDsaSha1Id                xmlSecTransformDsaSha1GetKlass()</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecTransformKWAes192GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformKWAes192GetKlass     (void);</pre>
-<p>The AES-192 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDSASHA256GETKLASS"></a><h3>xmlSecTransformDsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformDsaSha256GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1395"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-192 kew wrapper transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2314"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA256 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES256ID"></a><h3>xmlSecTransformKWAes256Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes256Id		xmlSecTransformKWAes256GetKlass()</pre>
-<p>The AES 256 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDSASHA256ID"></a><h3>xmlSecTransformDsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDsaSha256Id              xmlSecTransformDsaSha256GetKlass()</pre>
+<p>The DSA-SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecTransformKWAes256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformKWAes256GetKlass     (void);</pre>
-<p>The AES-256 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA1GETKLASS"></a><h3>xmlSecTransformEcdsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEcdsaSha1GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1416"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-256 kew wrapper transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2336"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA1 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDES3CBCID"></a><h3>xmlSecTransformDes3CbcId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformDes3CbcId		xmlSecTransformDes3CbcGetKlass()</pre>
-<p>The Triple DES encryption transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA1ID"></a><h3>xmlSecTransformEcdsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformEcdsaSha1Id              xmlSecTransformEcdsaSha1GetKlass()</pre>
+<p>The ECDSA-SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecTransformDes3CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformDes3CbcGetKlass      (void);</pre>
-<p>Triple DES CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA224GETKLASS"></a><h3>xmlSecTransformEcdsaSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEcdsaSha224GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA224 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1437"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to Triple DES encryption transform or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2358"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA224 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWDES3ID"></a><h3>xmlSecTransformKWDes3Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformKWDes3Id			xmlSecTransformKWDes3GetKlass()</pre>
-<p>The DES3 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA224ID"></a><h3>xmlSecTransformEcdsaSha224Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformEcdsaSha224Id            xmlSecTransformEcdsaSha224GetKlass()</pre>
+<p>The ECDSA-SHA224 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecTransformKWDes3GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformKWDes3GetKlass       (void);</pre>
-<p>The Triple DES key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA256GETKLASS"></a><h3>xmlSecTransformEcdsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEcdsaSha256GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1458"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Triple DES key wrapper transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2380"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA256 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDSASHA1ID"></a><h3>xmlSecTransformDsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformDsaSha1Id		xmlSecTransformDsaSha1GetKlass()</pre>
-<p>The DSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA256ID"></a><h3>xmlSecTransformEcdsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformEcdsaSha256Id            xmlSecTransformEcdsaSha256GetKlass()</pre>
+<p>The ECDSA-SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecTransformDsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformDsaSha1GetKlass      (void);</pre>
-<p>The DSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMECDSASHA384GETKLASS"></a><h3>xmlSecTransformEcdsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEcdsaSha384GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA384 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1479"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DSA-SHA1 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2402"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA384 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMGOST2001GOSTR3411-94ID"></a><h3>xmlSecTransformGost2001GostR3411_94Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformGost2001GostR3411_94Id		xmlSecTransformGost2001GostR3411_94GetKlass()</pre>
-<p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
+<a name="XMLSECTRANSFORMECDSASHA384ID"></a><h3>xmlSecTransformEcdsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformEcdsaSha384Id            xmlSecTransformEcdsaSha384GetKlass()</pre>
+<p>The ECDS-SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMECDSASHA512GETKLASS"></a><h3>xmlSecTransformEcdsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEcdsaSha512GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA512 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN2424"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA512 signature transform klass or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMECDSASHA512ID"></a><h3>xmlSecTransformEcdsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformEcdsaSha512Id            xmlSecTransformEcdsaSha512GetKlass()</pre>
+<p>The ECDSA-SHA512 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMGOST2001GOSTR3411-94GETKLASS"></a><h3>xmlSecTransformGost2001GostR3411_94GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformGost2001GostR3411_94GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformGost2001GostR3411_94GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1500"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> GOST2001-GOSTR3411_94 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2446"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>GOST2001-GOSTR3411_94 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACMD5ID"></a><h3>xmlSecTransformHmacMd5Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacMd5Id		xmlSecTransformHmacMd5GetKlass()</pre>
-<p>The HMAC with MD5 signature transform klass.</p>
+<a name="XMLSECTRANSFORMGOST2001GOSTR3411-94ID"></a><h3>xmlSecTransformGost2001GostR3411_94Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformGost2001GostR3411_94Id           xmlSecTransformGost2001GostR3411_94GetKlass()</pre>
+<p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMGOSTR3411-94GETKLASS"></a><h3>xmlSecTransformGostR3411_94GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformGostR3411_94GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>GOSTR3411_94 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN2468"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GOSTR3411_94 digest transform klass or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMGOSTR3411-94ID"></a><h3>xmlSecTransformGostR3411_94Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformGostR3411_94Id                   xmlSecTransformGostR3411_94GetKlass()</pre>
+<p>The GOSTR3411_94 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecTransformHmacMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacMd5GetKlass      (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacMd5GetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-MD5 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1521"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-MD5 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2490"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecTransformHmacRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacRipemd160Id		xmlSecTransformHmacRipemd160GetKlass()</pre>
-<p>The HMAC with RipeMD160 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACMD5ID"></a><h3>xmlSecTransformHmacMd5Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacMd5Id                xmlSecTransformHmacMd5GetKlass()</pre>
+<p>The HMAC with MD5 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecTransformHmacRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacRipemd160GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-RIPEMD160 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1542"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-RIPEMD160 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2512"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-RIPEMD160 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACSHA1ID"></a><h3>xmlSecTransformHmacSha1Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha1Id		xmlSecTransformHmacSha1GetKlass()</pre>
-<p>The HMAC with SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecTransformHmacRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacRipemd160Id          xmlSecTransformHmacRipemd160GetKlass()</pre>
+<p>The HMAC with RipeMD160 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecTransformHmacSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacSha1GetKlass     (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacSha1GetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-SHA1 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1563"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA1 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2534"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACSHA224ID"></a><h3>xmlSecTransformHmacSha224Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha224Id		xmlSecTransformHmacSha224GetKlass()</pre>
-<p>The HMAC with SHA224 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACSHA1ID"></a><h3>xmlSecTransformHmacSha1Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha1Id               xmlSecTransformHmacSha1GetKlass()</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACSHA224GETKLASS"></a><h3>xmlSecTransformHmacSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacSha224GetKlass   (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacSha224GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-SHA224 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1584"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA224 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2556"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA224 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACSHA256ID"></a><h3>xmlSecTransformHmacSha256Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha256Id		xmlSecTransformHmacSha256GetKlass()</pre>
-<p>The HMAC with SHA256 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACSHA224ID"></a><h3>xmlSecTransformHmacSha224Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha224Id             xmlSecTransformHmacSha224GetKlass()</pre>
+<p>The HMAC with SHA224 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecTransformHmacSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacSha256GetKlass   (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacSha256GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-SHA256 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1605"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA256 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2578"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACSHA384ID"></a><h3>xmlSecTransformHmacSha384Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha384Id		xmlSecTransformHmacSha384GetKlass()</pre>
-<p>The HMAC with SHA384 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACSHA256ID"></a><h3>xmlSecTransformHmacSha256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha256Id             xmlSecTransformHmacSha256GetKlass()</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecTransformHmacSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacSha384GetKlass   (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacSha384GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-SHA384 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1626"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA384 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2600"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMHMACSHA512ID"></a><h3>xmlSecTransformHmacSha512Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha512Id		xmlSecTransformHmacSha512GetKlass()</pre>
-<p>The HMAC with SHA512 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACSHA384ID"></a><h3>xmlSecTransformHmacSha384Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha384Id             xmlSecTransformHmacSha384GetKlass()</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecTransformHmacSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformHmacSha512GetKlass   (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformHmacSha512GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The HMAC-SHA512 transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1647"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA512 transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2622"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMMD5ID"></a><h3>xmlSecTransformMd5Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformMd5Id			xmlSecTransformMd5GetKlass()</pre>
-<p>The MD5 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMHMACSHA512ID"></a><h3>xmlSecTransformHmacSha512Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformHmacSha512Id             xmlSecTransformHmacSha512GetKlass()</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMMD5GETKLASS"></a><h3>xmlSecTransformMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformMd5GetKlass          (void);</pre>
-<p>MD5 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformKWAes128GetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1668"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to MD5 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2644"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 kew wrapper transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRIPEMD160ID"></a><h3>xmlSecTransformRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRipemd160Id		xmlSecTransformRipemd160GetKlass()</pre>
-<p>The RIPEMD160 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES128ID"></a><h3>xmlSecTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes128Id               xmlSecTransformKWAes128GetKlass()</pre>
+<p>The AES 128 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecTransformRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRipemd160GetKlass    (void);</pre>
-<p>RIPEMD-160 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformKWAes192GetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1689"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to RIPEMD-160 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2666"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 kew wrapper transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSAMD5ID"></a><h3>xmlSecTransformRsaMd5Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaMd5Id			xmlSecTransformRsaMd5GetKlass()</pre>
-<p>The RSA-MD5 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES192ID"></a><h3>xmlSecTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes192Id               xmlSecTransformKWAes192GetKlass()</pre>
+<p>The AES 192 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecTransformRsaMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaMd5GetKlass       (void);</pre>
-<p>The RSA-MD5 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformKWAes256GetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1710"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-MD5 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2688"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 kew wrapper transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecTransformRsaRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaRipemd160Id		xmlSecTransformRsaRipemd160GetKlass()</pre>
-<p>The RSA-RIPEMD160 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWAES256ID"></a><h3>xmlSecTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformKWAes256Id               xmlSecTransformKWAes256GetKlass()</pre>
+<p>The AES 256 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSARIPEMD160GETKLASS"></a><h3>xmlSecTransformRsaRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaRipemd160GetKlass (void);</pre>
-<p>The RSA-RIPEMD160 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformKWDes3GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1731"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-RIPEMD160 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2710"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA1ID"></a><h3>xmlSecTransformRsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha1Id		xmlSecTransformRsaSha1GetKlass()</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKWDES3ID"></a><h3>xmlSecTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformKWDes3Id                 xmlSecTransformKWDes3GetKlass()</pre>
+<p>The DES3 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecTransformRsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaSha1GetKlass      (void);</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMMD5GETKLASS"></a><h3>xmlSecTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformMd5GetKlass          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>MD5 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1752"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA1 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2732"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MD5 digest transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA224ID"></a><h3>xmlSecTransformRsaSha224Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha224Id		xmlSecTransformRsaSha224GetKlass()</pre>
-<p>The RSA-SHA224 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMMD5ID"></a><h3>xmlSecTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformMd5Id                    xmlSecTransformMd5GetKlass()</pre>
+<p>The MD5 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA224GETKLASS"></a><h3>xmlSecTransformRsaSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaSha224GetKlass    (void);</pre>
-<p>The RSA-SHA224 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecTransformRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRipemd160GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>RIPEMD-160 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1773"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA224 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2754"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to RIPEMD-160 digest transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA256ID"></a><h3>xmlSecTransformRsaSha256Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha256Id		xmlSecTransformRsaSha256GetKlass()</pre>
-<p>The RSA-SHA256 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRIPEMD160ID"></a><h3>xmlSecTransformRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRipemd160Id              xmlSecTransformRipemd160GetKlass()</pre>
+<p>The RIPEMD160 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecTransformRsaSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaSha256GetKlass    (void);</pre>
-<p>The RSA-SHA256 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaMd5GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1794"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA256 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2776"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA384ID"></a><h3>xmlSecTransformRsaSha384Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha384Id		xmlSecTransformRsaSha384GetKlass()</pre>
-<p>The RSA-SHA384 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSAMD5ID"></a><h3>xmlSecTransformRsaMd5Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaMd5Id                 xmlSecTransformRsaMd5GetKlass()</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecTransformRsaSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaSha384GetKlass    (void);</pre>
-<p>The RSA-SHA384 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecTransformRsaOaepGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaOaepGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-OAEP key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1815"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA384 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2798"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-OAEP key transport transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA512ID"></a><h3>xmlSecTransformRsaSha512Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha512Id		xmlSecTransformRsaSha512GetKlass()</pre>
-<p>The RSA-SHA512 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSAOAEPID"></a><h3>xmlSecTransformRsaOaepId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaOaepId                xmlSecTransformRsaOaepGetKlass()</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecTransformRsaSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaSha512GetKlass    (void);</pre>
-<p>The RSA-SHA512 signature transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecTransformRsaPkcs1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaPkcs1GetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-PKCS1 key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1836"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA512 signature transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2820"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-PKCS1 key transport transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
@@ -1019,605 +1431,236 @@ implemented).</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMRSAPKCS1ID"></a><h3>xmlSecTransformRsaPkcs1Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaPkcs1Id		xmlSecTransformRsaPkcs1GetKlass()</pre>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaPkcs1Id               xmlSecTransformRsaPkcs1GetKlass()</pre>
 <p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecTransformRsaPkcs1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaPkcs1GetKlass     (void);</pre>
-<p>The RSA-PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSARIPEMD160GETKLASS"></a><h3>xmlSecTransformRsaRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaRipemd160GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1857"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-PKCS1 key transport transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2842"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-RIPEMD160 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSAOAEPID"></a><h3>xmlSecTransformRsaOaepId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformRsaOaepId		xmlSecTransformRsaOaepGetKlass()</pre>
-<p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecTransformRsaRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaRipemd160Id           xmlSecTransformRsaRipemd160GetKlass()</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecTransformRsaOaepGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRsaOaepGetKlass      (void);</pre>
-<p>The RSA-OAEP key transport transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecTransformRsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaSha1GetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1878"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-OAEP key transport transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2864"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMGOSTR3411-94ID"></a><h3>xmlSecTransformGostR3411_94Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformGostR3411_94Id			xmlSecTransformGostR3411_94GetKlass()</pre>
-<p>The GOSTR3411_94 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA1ID"></a><h3>xmlSecTransformRsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha1Id                xmlSecTransformRsaSha1GetKlass()</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMGOSTR3411-94GETKLASS"></a><h3>xmlSecTransformGostR3411_94GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformGostR3411_94GetKlass (void);</pre>
-<p>GOSTR3411_94 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA224GETKLASS"></a><h3>xmlSecTransformRsaSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaSha224GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA224 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1899"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to GOSTR3411_94 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2886"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA224 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA1ID"></a><h3>xmlSecTransformSha1Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformSha1Id			xmlSecTransformSha1GetKlass()</pre>
-<p>The SHA1 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA224ID"></a><h3>xmlSecTransformRsaSha224Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha224Id              xmlSecTransformRsaSha224GetKlass()</pre>
+<p>The RSA-SHA224 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA1GETKLASS"></a><h3>xmlSecTransformSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformSha1GetKlass         (void);</pre>
-<p>SHA-1 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecTransformRsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaSha256GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1920"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-1 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2908"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA224ID"></a><h3>xmlSecTransformSha224Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformSha224Id			xmlSecTransformSha224GetKlass()</pre>
-<p>The SHA224 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA256ID"></a><h3>xmlSecTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha256Id              xmlSecTransformRsaSha256GetKlass()</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA224GETKLASS"></a><h3>xmlSecTransformSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformSha224GetKlass       (void);</pre>
-<p>SHA224 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecTransformRsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaSha384GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1941"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA224 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2930"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA256ID"></a><h3>xmlSecTransformSha256Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformSha256Id			xmlSecTransformSha256GetKlass()</pre>
-<p>The SHA256 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA384ID"></a><h3>xmlSecTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha384Id              xmlSecTransformRsaSha384GetKlass()</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA256GETKLASS"></a><h3>xmlSecTransformSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformSha256GetKlass       (void);</pre>
-<p>SHA256 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecTransformRsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRsaSha512GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1962"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA256 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA384ID"></a><h3>xmlSecTransformSha384Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformSha384Id			xmlSecTransformSha384GetKlass()</pre>
-<p>The SHA384 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMRSASHA512ID"></a><h3>xmlSecTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformRsaSha512Id              xmlSecTransformRsaSha512GetKlass()</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA384GETKLASS"></a><h3>xmlSecTransformSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformSha384GetKlass       (void);</pre>
-<p>SHA384 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA1GETKLASS"></a><h3>xmlSecTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformSha1GetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN1983"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA384 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA512ID"></a><h3>xmlSecTransformSha512Id</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformSha512Id			xmlSecTransformSha512GetKlass()</pre>
-<p>The SHA512 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA1ID"></a><h3>xmlSecTransformSha1Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformSha1Id                   xmlSecTransformSha1GetKlass()</pre>
+<p>The SHA1 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSHA512GETKLASS"></a><h3>xmlSecTransformSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformSha512GetKlass       (void);</pre>
-<p>SHA512 digest transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA224GETKLASS"></a><h3>xmlSecTransformSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformSha224GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA224 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2004"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA512 digest transform klass or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN2996"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA224 digest transform klass or NULL if an error
 occurs (the xmlsec-crypto library is not loaded or this transform is not
 implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPINIT"></a><h3>xmlSecCryptoAppInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppInit                 (const <font>char</font> *config);</pre>
-<p>General crypto engine initialization. This function is used
-by XMLSec command line utility and called before 
-<code class="PARAMETER">xmlSecInit</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2020"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the path to crypto library configuration.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2025"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECTRANSFORMSHA224ID"></a><h3>xmlSecTransformSha224Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformSha224Id                 xmlSecTransformSha224GetKlass()</pre>
+<p>The SHA224 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPSHUTDOWN"></a><h3>xmlSecCryptoAppShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppShutdown             (void);</pre>
-<p>General crypto engine shutdown. This function is used
-by XMLSec command line utility and called after 
-<code class="PARAMETER">xmlSecShutdown</code> function.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA256GETKLASS"></a><h3>xmlSecTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformSha256GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA256 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2040"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3018"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA256 digest transform klass or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecCryptoAppDefaultKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppDefaultKeysMngrInit  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
-and a default crypto key data stores.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2058"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2063"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecCryptoAppDefaultKeysMngrAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppDefaultKeysMngrAdoptKey
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecCryptoAppDefaultKeysMngrInit</span></a>
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2083"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2088"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2093"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecCryptoAppDefaultKeysMngrLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppDefaultKeysMngrLoad  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);</pre>
-<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created 
-with <a href="xmlsec-app.html#XMLSECCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecCryptoAppDefaultKeysMngrInit</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2113"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2118"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2123"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecCryptoAppDefaultKeysMngrSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppDefaultKeysMngrSave  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2141"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2146"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2151"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the type of keys to save (public/private/symmetric).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2156"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecCryptoAppKeysMngrCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppKeysMngrCertLoad     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2176"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2181"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate file.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2186"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2191"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
-   			trusted or not.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2197"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecCryptoAppKeysMngrCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppKeysMngrCertLoadMemory
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2218"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2223"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2228"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2233"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2238"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate trusted or not.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2243"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYLOAD"></a><h3>xmlSecCryptoAppKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecCryptoAppKeyLoad              (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the a file.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2262"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2267"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2272"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2277"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2282"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2287"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECTRANSFORMSHA256ID"></a><h3>xmlSecTransformSha256Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformSha256Id                 xmlSecTransformSha256GetKlass()</pre>
+<p>The SHA256 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYLOADMEMORY"></a><h3>xmlSecCryptoAppKeyLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecCryptoAppKeyLoadMemory        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the memory buffer.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA384GETKLASS"></a><h3>xmlSecTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformSha384GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA384 digest transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2307"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2312"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the size of binary key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2317"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2322"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2327"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2332"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2337"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN3040"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA384 digest transform klass or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPPKCS12LOAD"></a><h3>xmlSecCryptoAppPkcs12Load ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecCryptoAppPkcs12Load           (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 file.
-For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2355"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2360"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2365"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2370"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2375"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECTRANSFORMSHA384ID"></a><h3>xmlSecTransformSha384Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformSha384Id                 xmlSecTransformSha384GetKlass()</pre>
+<p>The SHA384 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPPKCS12LOADMEMORY"></a><h3>xmlSecCryptoAppPkcs12LoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecCryptoAppPkcs12LoadMemory     (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
-For uniformity, call xmlSecCryptoAppKeyLoadMemory instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSHA512GETKLASS"></a><h3>xmlSecTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformSha512GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA512 digest transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2394"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2399"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2404"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2409"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2414"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2419"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN3062"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA512 digest transform klass or NULL if an error
+occurs (the xmlsec-crypto library is not loaded or this transform is not
+implemented).</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYCERTLOAD"></a><h3>xmlSecCryptoAppKeyCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppKeyCertLoad          (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2437"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2442"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2447"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2452"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECTRANSFORMSHA512ID"></a><h3>xmlSecTransformSha512Id</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformSha512Id                 xmlSecTransformSha512GetKlass()</pre>
+<p>The SHA512 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPKEYCERTLOADMEMORY"></a><h3>xmlSecCryptoAppKeyCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoAppKeyCertLoadMemory    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from memory buffer and adds it to key.</p>
-<p></p>
+<a name="XMLSECX509STOREGETKLASS"></a><h3>xmlSecX509StoreGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink> xmlSecX509StoreGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The X509 certificates key data store klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2470"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2475"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2480"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2485"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2490"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN3084"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to X509 certificates key data store klass or NULL if
+an error occurs (xmlsec-crypto library is not loaded or the raw X509
+cert key data klass is not implemented).</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecCryptoAppGetDefaultPwdCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>*               xmlSecCryptoAppGetDefaultPwdCallback
-                                                        (void);</pre>
-<p>Gets default password callback.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2504"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> default password callback.</p></td>
-</tr></tbody></table>
+<a name="XMLSECX509STOREID"></a><h3>xmlSecX509StoreId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecX509StoreId                       xmlSecX509StoreGetKlass()</pre>
+<p>The  X509 store klass.</p>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-base64.html b/docs/api/xmlsec-base64.html
index d63cac1f..0eb713e1 100644
--- a/docs/api/xmlsec-base64.html
+++ b/docs/api/xmlsec-base64.html
@@ -87,33 +87,33 @@
 <h1>
 <a name="XMLSEC-BASE64"></a>base64</h1>
 <div class="REFNAMEDIV">
-<a name="AEN2514"></a><h2>Name</h2>base64 -- Base64 encoding/decoding functions.</div>
+<a name="AEN3100"></a><h2>Name</h2>base64 -- Base64 encoding/decoding functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-BASE64.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-base64.html#XMLSEC-BASE64-LINESIZE--CAPS">XMLSEC_BASE64_LINESIZE</a>
-<font>int</font>                 <a href="xmlsec-base64.html#XMLSECBASE64GETDEFAULTLINESIZE">xmlSecBase64GetDefaultLineSize</a>      (void);
-<font>void</font>                <a href="xmlsec-base64.html#XMLSECBASE64SETDEFAULTLINESIZE">xmlSecBase64SetDefaultLineSize</a>      (<font>int</font> columns);
-<font>xmlSecBase64CtxPtr</font>  <a href="xmlsec-base64.html#XMLSECBASE64CTXCREATE">xmlSecBase64CtxCreate</a>               (<font>int</font> encode,
-                                                         <font>int</font> columns);
-<font>void</font>                <a href="xmlsec-base64.html#XMLSECBASE64CTXDESTROY">xmlSecBase64CtxDestroy</a>              (<font>xmlSecBase64CtxPtr</font> ctx);
-<font>int</font>                 <a href="xmlsec-base64.html#XMLSECBASE64CTXINITIALIZE">xmlSecBase64CtxInitialize</a>           (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         <font>int</font> encode,
-                                                         <font>int</font> columns);
-<font>void</font>                <a href="xmlsec-base64.html#XMLSECBASE64CTXFINALIZE">xmlSecBase64CtxFinalize</a>             (<font>xmlSecBase64CtxPtr</font> ctx);
-<font>int</font>                 <a href="xmlsec-base64.html#XMLSECBASE64CTXUPDATE">xmlSecBase64CtxUpdate</a>               (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *in,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> inSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *out,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> outSize);
-<font>int</font>                 <a href="xmlsec-base64.html#XMLSECBASE64CTXFINAL">xmlSecBase64CtxFinal</a>                (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *out,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> outSize);
-<font>xmlChar</font>*            <a href="xmlsec-base64.html#XMLSECBASE64ENCODE">xmlSecBase64Encode</a>                  (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len,
-                                                         <font>int</font> columns);
-<font>int</font>                 <a href="xmlsec-base64.html#XMLSECBASE64DECODE">xmlSecBase64Decode</a>                  (const <font>xmlChar</font> *str,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);</pre>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-base64.html#XMLSEC-BASE64-LINESIZE:CAPS">XMLSEC_BASE64_LINESIZE</a>
+<gtkdoclink href="XMLSECBASE64CTX"><span class="RETURNVALUE">xmlSecBase64CtxPtr</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXCREATE">xmlSecBase64CtxCreate</a>               (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> encode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXDESTROY">xmlSecBase64CtxDestroy</a>              (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXFINAL">xmlSecBase64CtxFinal</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *out</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> outSize</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXFINALIZE">xmlSecBase64CtxFinalize</a>             (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXINITIALIZE">xmlSecBase64CtxInitialize</a>           (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> encode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64CTXUPDATE">xmlSecBase64CtxUpdate</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *in</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> inSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *out</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> outSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64DECODE">xmlSecBase64Decode</a>                  (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-base64.html#XMLSECBASE64ENCODE">xmlSecBase64Encode</a>                  (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64GETDEFAULTLINESIZE">xmlSecBase64GetDefaultLineSize</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-base64.html#XMLSECBASE64SETDEFAULTLINESIZE">xmlSecBase64SetDefaultLineSize</a>      (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-BASE64.DESCRIPTION"></a><h2>Description</h2>
@@ -122,55 +122,29 @@
 <div class="REFSECT1">
 <a name="XMLSEC-BASE64.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-BASE64-LINESIZE--CAPS"></a><h3>XMLSEC_BASE64_LINESIZE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_BASE64_LINESIZE				64</pre>
+<a name="XMLSEC-BASE64-LINESIZE:CAPS"></a><h3>XMLSEC_BASE64_LINESIZE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_BASE64_LINESIZE                          64</pre>
 <p>The default maximum base64 encoded line size.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBASE64GETDEFAULTLINESIZE"></a><h3>xmlSecBase64GetDefaultLineSize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBase64GetDefaultLineSize      (void);</pre>
-<p>Gets the current default line size.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2584"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the current default line size.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBASE64SETDEFAULTLINESIZE"></a><h3>xmlSecBase64SetDefaultLineSize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBase64SetDefaultLineSize      (<font>int</font> columns);</pre>
-<p>Sets the current default line size.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2599"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> number of columns</p></td>
-</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBASE64CTXCREATE"></a><h3>xmlSecBase64CtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBase64CtxPtr</font>  xmlSecBase64CtxCreate               (<font>int</font> encode,
-                                                         <font>int</font> columns);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBASE64CTX"><span class="RETURNVALUE">xmlSecBase64CtxPtr</span></gtkdoclink>  xmlSecBase64CtxCreate               (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> encode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
 <p>Allocates and initializes new base64 context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2615"><span style="white-space: nowrap"><code class="PARAMETER">encode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the encode/decode flag (1 - encode, 0 - decode) </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3231"><span style="white-space: nowrap"><code class="PARAMETER">encode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the encode/decode flag (1 - encode, 0 - decode)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2620"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the max line length.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3236"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max line length.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2625"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a pointer to newly created <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure
+<td align="LEFT" valign="TOP"><a name="AEN3241"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly created <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure
 or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -178,185 +152,200 @@ or NULL if an error occurs.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBASE64CTXDESTROY"></a><h3>xmlSecBase64CtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBase64CtxDestroy              (<font>xmlSecBase64CtxPtr</font> ctx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBase64CtxDestroy              (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>);</pre>
 <p>Destroys base64 context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2642"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3260"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBASE64CTXINITIALIZE"></a><h3>xmlSecBase64CtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBase64CtxInitialize           (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         <font>int</font> encode,
-                                                         <font>int</font> columns);</pre>
-<p>Initializes new base64 context.</p>
-<p></p>
+<a name="XMLSECBASE64CTXFINAL"></a><h3>xmlSecBase64CtxFinal ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBase64CtxFinal                (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *out</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> outSize</code>);</pre>
+<p>Encodes or decodes the last piece of data stored in the context
+and finalizes the result.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2661"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3285"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2668"><span style="white-space: nowrap"><code class="PARAMETER">encode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the encode/decode flag (1 - encode, 0 - decode) </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3292"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2673"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the max line length.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3297"><span style="white-space: nowrap"><code class="PARAMETER">outSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer size</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2678"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3302"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of bytes written to output buffer or
+-1 if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBASE64CTXFINALIZE"></a><h3>xmlSecBase64CtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBase64CtxFinalize             (<font>xmlSecBase64CtxPtr</font> ctx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBase64CtxFinalize             (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>);</pre>
 <p>Frees all the resources allocated by <code class="PARAMETER">ctx</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN2694"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3320"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure,</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECBASE64CTXINITIALIZE"></a><h3>xmlSecBase64CtxInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBase64CtxInitialize           (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> encode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
+<p>Initializes new base64 context.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3345"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure,</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3352"><span style="white-space: nowrap"><code class="PARAMETER">encode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the encode/decode flag (1 - encode, 0 - decode)</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3357"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max line length.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3362"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECBASE64CTXUPDATE"></a><h3>xmlSecBase64CtxUpdate ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBase64CtxUpdate               (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *in,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> inSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *out,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> outSize);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBase64CtxUpdate               (<code class="PARAMETER"><gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64CtxPtr</span></gtkdoclink> ctx</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *in</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> inSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *out</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> outSize</code>);</pre>
 <p>Encodes or decodes the next piece of data from input buffer.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2715"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3391"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2722"><span style="white-space: nowrap"><code class="PARAMETER">in</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the input buffer</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3398"><span style="white-space: nowrap"><code class="PARAMETER">in</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2727"><span style="white-space: nowrap"><code class="PARAMETER">inSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer size</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3403"><span style="white-space: nowrap"><code class="PARAMETER">inSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer size</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2732"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3408"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2737"><span style="white-space: nowrap"><code class="PARAMETER">outSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer size</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3413"><span style="white-space: nowrap"><code class="PARAMETER">outSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer size</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2742"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the number of bytes written to output buffer or 
+<td align="LEFT" valign="TOP"><a name="AEN3418"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of bytes written to output buffer or
 -1 if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBASE64CTXFINAL"></a><h3>xmlSecBase64CtxFinal ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBase64CtxFinal                (<font>xmlSecBase64CtxPtr</font> ctx,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *out,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> outSize);</pre>
-<p>Encodes or decodes the last piece of data stored in the context
-and finalizes the result.</p>
-<p></p>
+<a name="XMLSECBASE64DECODE"></a><h3>xmlSecBase64Decode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBase64Decode                  (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);</pre>
+<p>Decodes input base64 encoded string and puts result into
+the output buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2759"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <gtkdoclink href="XMLSECBASE64CTX"><span class="TYPE">xmlSecBase64Ctx</span></gtkdoclink> structure</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3441"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer with base64 encoded string</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2766"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3446"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2771"><span style="white-space: nowrap"><code class="PARAMETER">outSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer size</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3451"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer size</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2776"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the number of bytes written to output buffer or 
--1 if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3456"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of bytes written to the output buffer or
+a negative value if an error occurs</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBASE64ENCODE"></a><h3>xmlSecBase64Encode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecBase64Encode                  (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len,
-                                                         <font>int</font> columns);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecBase64Encode                  (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
 <p>Encodes the data from input buffer and allocates the string for the result.
 The caller is responsible for freeing returned buffer using
 <gtkdoclink href="XMLFREE"><code class="FUNCTION">xmlFree()</code></gtkdoclink> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2795"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3481"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2800"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3486"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2805"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output max line length (if 0 then no line breaks
-         		would be inserted)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3491"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output max line length (if 0 then no line breaks
+would be inserted)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2810"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> newly allocated string with base64 encoded data 
+<td align="LEFT" valign="TOP"><a name="AEN3496"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>newly allocated string with base64 encoded data
 or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBASE64DECODE"></a><h3>xmlSecBase64Decode ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBase64Decode                  (const <font>xmlChar</font> *str,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);</pre>
-<p>Decodes input base64 encoded string and puts result into
-the output buffer.</p>
+<a name="XMLSECBASE64GETDEFAULTLINESIZE"></a><h3>xmlSecBase64GetDefaultLineSize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBase64GetDefaultLineSize      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the current default line size.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN3512"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current default line size.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBASE64SETDEFAULTLINESIZE"></a><h3>xmlSecBase64SetDefaultLineSize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBase64SetDefaultLineSize      (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
+<p>Sets the current default line size.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2827"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer with base64 encoded string</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2832"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2837"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer size</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN2842"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the number of bytes written to the output buffer or 
-a negative value if an error occurs </p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN3529"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>number of columns</p></td>
+</tr></tbody></table>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-bn.html b/docs/api/xmlsec-bn.html
index 8eed4053..1b68b19b 100644
--- a/docs/api/xmlsec-bn.html
+++ b/docs/api/xmlsec-bn.html
@@ -87,61 +87,61 @@
 <h1>
 <a name="XMLSEC-BN"></a>bn</h1>
 <div class="REFNAMEDIV">
-<a name="AEN2852"></a><h2>Name</h2>bn -- Big numbers support functions.</div>
+<a name="AEN3539"></a><h2>Name</h2>bn -- Big numbers support functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-BN.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">enum                <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a>;
-<font>xmlSecBnPtr</font>         <a href="xmlsec-bn.html#XMLSECBNCREATE">xmlSecBnCreate</a>                      (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-bn.html#XMLSECBNDESTROY">xmlSecBnDestroy</a>                     (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNINITIALIZE">xmlSecBnInitialize</a>                  (<font>xmlSecBnPtr</font> bn,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-bn.html#XMLSECBNFINALIZE">xmlSecBnFinalize</a>                    (<font>xmlSecBnPtr</font> bn);
-<a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a>*         <a href="xmlsec-bn.html#XMLSECBNGETDATA">xmlSecBnGetData</a>                     (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNSETDATA">xmlSecBnSetData</a>                     (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-bn.html#XMLSECBNGETSIZE">xmlSecBnGetSize</a>                     (<font>xmlSecBnPtr</font> bn);
-<font>void</font>                <a href="xmlsec-bn.html#XMLSECBNZERO">xmlSecBnZero</a>                        (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNFROMSTRING">xmlSecBnFromString</a>                  (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> base);
-<font>xmlChar</font>*            <a href="xmlsec-bn.html#XMLSECBNTOSTRING">xmlSecBnToString</a>                    (<font>xmlSecBnPtr</font> bn,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> base);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNFROMHEXSTRING">xmlSecBnFromHexString</a>               (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str);
-<font>xmlChar</font>*            <a href="xmlsec-bn.html#XMLSECBNTOHEXSTRING">xmlSecBnToHexString</a>                 (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNFROMDECSTRING">xmlSecBnFromDecString</a>               (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str);
-<font>xmlChar</font>*            <a href="xmlsec-bn.html#XMLSECBNTODECSTRING">xmlSecBnToDecString</a>                 (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNMUL">xmlSecBnMul</a>                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> multiplier);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNDIV">xmlSecBnDiv</a>                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> divider,
-                                                         <font>int</font> *mod);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNADD">xmlSecBnAdd</a>                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> delta);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNREVERSE">xmlSecBnReverse</a>                     (<font>xmlSecBnPtr</font> bn);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNCOMPARE">xmlSecBnCompare</a>                     (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNCOMPAREREVERSE">xmlSecBnCompareReverse</a>              (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNGETNODEVALUE">xmlSecBnGetNodeValue</a>                (<font>xmlSecBnPtr</font> bn,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNSETNODEVALUE">xmlSecBnSetNodeValue</a>                (<font>xmlSecBnPtr</font> bn,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse,
-                                                         <font>int</font> addLineBreaks);
-<font>int</font>                 <a href="xmlsec-bn.html#XMLSECBNBLOBSETNODEVALUE">xmlSecBnBlobSetNodeValue</a>            (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNADD">xmlSecBnAdd</a>                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> delta</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNBLOBSETNODEVALUE">xmlSecBnBlobSetNodeValue</a>            (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNCOMPARE">xmlSecBnCompare</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNCOMPAREREVERSE">xmlSecBnCompareReverse</a>              (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);
+<gtkdoclink href="XMLSECBN"><span class="RETURNVALUE">xmlSecBnPtr</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNCREATE">xmlSecBnCreate</a>                      (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNDESTROY">xmlSecBnDestroy</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNDIV">xmlSecBnDiv</a>                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> divider</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *mod</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNFINALIZE">xmlSecBnFinalize</a>                    (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+enum                <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNFROMDECSTRING">xmlSecBnFromDecString</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNFROMHEXSTRING">xmlSecBnFromHexString</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNFROMSTRING">xmlSecBnFromString</a>                  (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> base</code>);
+<a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="RETURNVALUE">xmlSecByte</span></a> *        <a href="xmlsec-bn.html#XMLSECBNGETDATA">xmlSecBnGetData</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNGETNODEVALUE">xmlSecBnGetNodeValue</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-bn.html#XMLSECBNGETSIZE">xmlSecBnGetSize</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNINITIALIZE">xmlSecBnInitialize</a>                  (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNMUL">xmlSecBnMul</a>                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> multiplier</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNREVERSE">xmlSecBnReverse</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNSETDATA">xmlSecBnSetData</a>                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNSETNODEVALUE">xmlSecBnSetNodeValue</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-bn.html#XMLSECBNTODECSTRING">xmlSecBnToDecString</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-bn.html#XMLSECBNTOHEXSTRING">xmlSecBnToHexString</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-bn.html#XMLSECBNTOSTRING">xmlSecBnToString</a>                    (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> base</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-bn.html#XMLSECBNZERO">xmlSecBnZero</a>                        (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-BN.DESCRIPTION"></a><h2>Description</h2>
@@ -150,575 +150,551 @@
 <div class="REFSECT1">
 <a name="XMLSEC-BN.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECBNFORMAT"></a><h3>enum xmlSecBnFormat</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecBnBase64,
-    xmlSecBnHex,
-    xmlSecBnDec
-} xmlSecBnFormat;</pre>
-<p>The big numbers formats.</p>
-<p></p>
+<a name="XMLSECBNADD"></a><h3>xmlSecBnAdd ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnAdd                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> delta</code>);</pre>
+<p>Adds <code class="PARAMETER">delta</code> to <code class="PARAMETER">bn</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECBNBASE64"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnBase64</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the base64 decoded binary blob.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3790"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECBNHEX"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnHex</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the hex number.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3795"><span style="white-space: nowrap"><code class="PARAMETER">delta</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the delta.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECBNDEC"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnDec</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the decimal number.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3800"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNCREATE"></a><h3>xmlSecBnCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBnPtr</font>         xmlSecBnCreate                      (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Creates a new BN object. Caller is responsible for destroying it
-by calling <code class="PARAMETER">xmlSecBnDestroy</code> function.</p>
-<p></p>
+<a name="XMLSECBNBLOBSETNODEVALUE"></a><h3>xmlSecBnBlobSetNodeValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnBlobSetNodeValue            (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
+<p>Converts the <code class="PARAMETER">blob</code> and sets it to node content.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN2995"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the initial allocated BN size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3833"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN blob.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3000"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the newly BN or a NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3838"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of BN blob.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBNDESTROY"></a><h3>xmlSecBnDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBnDestroy                     (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Destroys <code class="PARAMETER">bn</code> object created with <code class="PARAMETER">xmlSecBnCreate</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN3017"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBNINITIALIZE"></a><h3>xmlSecBnInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnInitialize                  (<font>xmlSecBnPtr</font> bn,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Initializes a BN object. Caller is responsible for destroying it
-by calling <code class="PARAMETER">xmlSecBnFinalize</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3034"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3843"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poitner to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3039"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the initial allocated BN size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3848"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BN format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3044"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3853"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates whether to reverse the buffer before writing.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3858"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>if the flag is equal to 1 then
+linebreaks will be added before and after
+new buffer content.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3863"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative values if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNFINALIZE"></a><h3>xmlSecBnFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBnFinalize                    (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Destroys <code class="PARAMETER">bn</code> object created with <code class="PARAMETER">xmlSecBnInitialize</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN3061"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBNGETDATA"></a><h3>xmlSecBnGetData ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a>*         xmlSecBnGetData                     (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Gets pointer to the binary <code class="PARAMETER">bn</code> representation.</p>
-<p></p>
+<a name="XMLSECBNCOMPARE"></a><h3>xmlSecBnCompare ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnCompare                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);</pre>
+<p>Compares the <code class="PARAMETER">bn</code> with <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3077"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3888"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3893"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data to compare BN to.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3082"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to binary BN data or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3898"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <code class="PARAMETER">data</code> size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN3904"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 if data is equal, negative value if <code class="PARAMETER">bn</code> is less or positive value if <code class="PARAMETER">bn</code>
+is greater than <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNSETDATA"></a><h3>xmlSecBnSetData ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnSetData                     (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Sets the value of <code class="PARAMETER">bn</code> to <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECBNCOMPAREREVERSE"></a><h3>xmlSecBnCompareReverse ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnCompareReverse              (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);</pre>
+<p>Compares the <code class="PARAMETER">bn</code> with reverse <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3101"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3932"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3106"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to new BN binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3937"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data to compare BN to.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3111"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the size of new BN data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3942"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <code class="PARAMETER">data</code> size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3116"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3948"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 if data is equal, negative value if <code class="PARAMETER">bn</code> is less or positive value if <code class="PARAMETER">bn</code>
+is greater than <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNGETSIZE"></a><h3>xmlSecBnGetSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecBnGetSize                     (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Gets the size of binary data in <code class="PARAMETER">bn</code>.</p>
-<p></p>
+<a name="XMLSECBNCREATE"></a><h3>xmlSecBnCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBN"><span class="RETURNVALUE">xmlSecBnPtr</span></gtkdoclink>         xmlSecBnCreate                      (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Creates a new BN object. Caller is responsible for destroying it
+by calling <code class="PARAMETER">xmlSecBnDestroy</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3132"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3969"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the initial allocated BN size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3137"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the size of binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the newly BN or a NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNZERO"></a><h3>xmlSecBnZero ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBnZero                        (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Sets the value of <code class="PARAMETER">bn</code> to zero.</p>
-<p></p>
+<a name="XMLSECBNDESTROY"></a><h3>xmlSecBnDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBnDestroy                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Destroys <code class="PARAMETER">bn</code> object created with <code class="PARAMETER">xmlSecBnCreate</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN3153"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN3993"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNFROMSTRING"></a><h3>xmlSecBnFromString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnFromString                  (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> base);</pre>
-<p>Reads <code class="PARAMETER">bn</code> from string <code class="PARAMETER">str</code> assuming it has base <code class="PARAMETER">base</code>.</p>
-<p></p>
+<a name="XMLSECBNDIV"></a><h3>xmlSecBnDiv ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnDiv                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> divider</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *mod</code>);</pre>
+<p>Divides <code class="PARAMETER">bn</code> by <code class="PARAMETER">divider</code> and places modulus into <code class="PARAMETER">mod</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3173"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4019"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3178"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the string with BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4024"><span style="white-space: nowrap"><code class="PARAMETER">divider</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the divider</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3183"><span style="white-space: nowrap"><code class="PARAMETER">base</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the base for <code class="PARAMETER">str</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4029"><span style="white-space: nowrap"><code class="PARAMETER">mod</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer for modulus result.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3189"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4034"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNTOSTRING"></a><h3>xmlSecBnToString ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecBnToString                    (<font>xmlSecBnPtr</font> bn,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> base);</pre>
-<p>Writes <code class="PARAMETER">bn</code> to string with base <code class="PARAMETER">base</code>. Caller is responsible for 
-freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
+<a name="XMLSECBNFINALIZE"></a><h3>xmlSecBnFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBnFinalize                    (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Destroys <code class="PARAMETER">bn</code> object created with <code class="PARAMETER">xmlSecBnInitialize</code> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN4053"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBNFORMAT"></a><h3>enum xmlSecBnFormat</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecBnBase64,
+    xmlSecBnHex,
+    xmlSecBnDec
+} xmlSecBnFormat;</pre>
+<p>The big numbers formats.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3208"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECBNBASE64"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnBase64</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the base64 decoded binary blob.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3213"><span style="white-space: nowrap"><code class="PARAMETER">base</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the base for returned string.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECBNHEX"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnHex</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the hex number.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3218"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the string represenataion if BN or a NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECBNDEC"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecBnDec</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the decimal number.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNFROMHEXSTRING"></a><h3>xmlSecBnFromHexString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnFromHexString               (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str);</pre>
-<p>Reads <code class="PARAMETER">bn</code> from hex string <code class="PARAMETER">str</code>.</p>
-<p></p>
+<a name="XMLSECBNFROMDECSTRING"></a><h3>xmlSecBnFromDecString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnFromDecString               (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Reads <code class="PARAMETER">bn</code> from decimal string <code class="PARAMETER">str</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3236"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4097"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3241"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the string with BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4102"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string with BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3246"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4107"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNTOHEXSTRING"></a><h3>xmlSecBnToHexString ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecBnToHexString                 (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Writes <code class="PARAMETER">bn</code> to hex string. Caller is responsible for 
-freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
-<p></p>
+<a name="XMLSECBNFROMHEXSTRING"></a><h3>xmlSecBnFromHexString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnFromHexString               (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Reads <code class="PARAMETER">bn</code> from hex string <code class="PARAMETER">str</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3263"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4129"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4134"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string with BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3268"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the string represenataion if BN or a NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4139"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNFROMDECSTRING"></a><h3>xmlSecBnFromDecString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnFromDecString               (<font>xmlSecBnPtr</font> bn,
-                                                         const <font>xmlChar</font> *str);</pre>
-<p>Reads <code class="PARAMETER">bn</code> from decimal string <code class="PARAMETER">str</code>.</p>
-<p></p>
+<a name="XMLSECBNFROMSTRING"></a><h3>xmlSecBnFromString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnFromString                  (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> base</code>);</pre>
+<p>Reads <code class="PARAMETER">bn</code> from string <code class="PARAMETER">str</code> assuming it has base <code class="PARAMETER">base</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3286"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4165"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3291"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the string with BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4170"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string with BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3296"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4175"><span style="white-space: nowrap"><code class="PARAMETER">base</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the base for <code class="PARAMETER">str</code>.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBNTODECSTRING"></a><h3>xmlSecBnToDecString ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecBnToDecString                 (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Writes <code class="PARAMETER">bn</code> to decimal string. Caller is responsible for 
-freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3313"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3318"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the string represenataion if BN or a NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4181"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNMUL"></a><h3>xmlSecBnMul ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnMul                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> multiplier);</pre>
-<p>Multiplies <code class="PARAMETER">bn</code> with <code class="PARAMETER">multiplier</code>.</p>
-<p></p>
+<a name="XMLSECBNGETDATA"></a><h3>xmlSecBnGetData ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="RETURNVALUE">xmlSecByte</span></a> *        xmlSecBnGetData                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Gets pointer to the binary <code class="PARAMETER">bn</code> representation.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3336"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to BN.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3341"><span style="white-space: nowrap"><code class="PARAMETER">multiplier</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the multiplier.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4199"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3346"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to binary BN data or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNDIV"></a><h3>xmlSecBnDiv ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnDiv                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> divider,
-                                                         <font>int</font> *mod);</pre>
-<p>Divides <code class="PARAMETER">bn</code> by <code class="PARAMETER">divider</code> and places modulus into <code class="PARAMETER">mod</code>.</p>
-<p></p>
+<a name="XMLSECBNGETNODEVALUE"></a><h3>xmlSecBnGetNodeValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnGetNodeValue                (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>);</pre>
+<p>Converts the node content from <code class="PARAMETER">format</code> to <code class="PARAMETER">bn</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3366"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4232"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4237"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poitner to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3371"><span style="white-space: nowrap"><code class="PARAMETER">divider</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the divider</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4242"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BN format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3376"><span style="white-space: nowrap"><code class="PARAMETER">mod</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer for modulus result.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4247"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>if set then reverse read buffer after reading.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3381"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4252"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative values if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNADD"></a><h3>xmlSecBnAdd ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnAdd                         (<font>xmlSecBnPtr</font> bn,
-                                                         <font>int</font> delta);</pre>
-<p>Adds <code class="PARAMETER">delta</code> to <code class="PARAMETER">bn</code>.</p>
-<p></p>
+<a name="XMLSECBNGETSIZE"></a><h3>xmlSecBnGetSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecBnGetSize                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Gets the size of binary data in <code class="PARAMETER">bn</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3399"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3404"><span style="white-space: nowrap"><code class="PARAMETER">delta</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the delta.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4270"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3409"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4275"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of binary data.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNREVERSE"></a><h3>xmlSecBnReverse ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnReverse                     (<font>xmlSecBnPtr</font> bn);</pre>
-<p>Reverses bytes order in <code class="PARAMETER">bn</code>.</p>
-<p></p>
+<a name="XMLSECBNINITIALIZE"></a><h3>xmlSecBnInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnInitialize                  (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Initializes a BN object. Caller is responsible for destroying it
+by calling <code class="PARAMETER">xmlSecBnFinalize</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3425"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4296"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4301"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the initial allocated BN size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3430"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4306"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNCOMPARE"></a><h3>xmlSecBnCompare ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnCompare                     (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);</pre>
-<p>Compares the <code class="PARAMETER">bn</code> with <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECBNMUL"></a><h3>xmlSecBnMul ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnMul                         (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> multiplier</code>);</pre>
+<p>Multiplies <code class="PARAMETER">bn</code> with <code class="PARAMETER">multiplier</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3449"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4328"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3454"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the data to compare BN to.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4333"><span style="white-space: nowrap"><code class="PARAMETER">multiplier</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the multiplier.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3459"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the <code class="PARAMETER">data</code> size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3465"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 if data is equal, negative value if <code class="PARAMETER">bn</code> is less or positive value if <code class="PARAMETER">bn</code>
-is greater than <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4338"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNCOMPAREREVERSE"></a><h3>xmlSecBnCompareReverse ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnCompareReverse              (<font>xmlSecBnPtr</font> bn,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);</pre>
-<p>Compares the <code class="PARAMETER">bn</code> with reverse <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECBNREVERSE"></a><h3>xmlSecBnReverse ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnReverse                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Reverses bytes order in <code class="PARAMETER">bn</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3487"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4356"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3492"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the data to compare BN to.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3497"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the <code class="PARAMETER">data</code> size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3503"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 if data is equal, negative value if <code class="PARAMETER">bn</code> is less or positive value if <code class="PARAMETER">bn</code>
-is greater than <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4361"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNGETNODEVALUE"></a><h3>xmlSecBnGetNodeValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnGetNodeValue                (<font>xmlSecBnPtr</font> bn,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse);</pre>
-<p>Converts the node content from <code class="PARAMETER">format</code> to <code class="PARAMETER">bn</code>.</p>
-<p></p>
+<a name="XMLSECBNSETDATA"></a><h3>xmlSecBnSetData ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnSetData                     (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Sets the value of <code class="PARAMETER">bn</code> to <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3526"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4386"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3531"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the poitner to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4391"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to new BN binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3536"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the BN format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4396"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of new BN data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3541"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	if set then reverse read buffer after reading.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3546"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative values if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4401"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBNSETNODEVALUE"></a><h3>xmlSecBnSetNodeValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnSetNodeValue                (<font>xmlSecBnPtr</font> bn,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBnSetNodeValue                (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-bn.html#XMLSECBNFORMAT"><span class="TYPE">xmlSecBnFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reverse</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
 <p>Converts the <code class="PARAMETER">bn</code> and sets it to node content.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3566"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to BN.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4431"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3571"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the poitner to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4436"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poitner to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3576"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the BN format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4441"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BN format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3581"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag that indicates whether to reverse the buffer before writing.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4446"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates whether to reverse the buffer before writing.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3586"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  	the flag; it is equal to 1 then linebreaks will be added before and after new buffer content.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4451"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag; it is equal to 1 then linebreaks will be added before and after new buffer content.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3591"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative values if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4456"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative values if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBNBLOBSETNODEVALUE"></a><h3>xmlSecBnBlobSetNodeValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBnBlobSetNodeValue            (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <a href="xmlsec-bn.html#XMLSECBNFORMAT">xmlSecBnFormat</a> format,
-                                                         <font>int</font> reverse,
-                                                         <font>int</font> addLineBreaks);</pre>
-<p>Converts the <code class="PARAMETER">blob</code> and sets it to node content.</p>
-<p></p>
+<a name="XMLSECBNTODECSTRING"></a><h3>xmlSecBnToDecString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecBnToDecString                 (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Writes <code class="PARAMETER">bn</code> to decimal string. Caller is responsible for
+freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3612"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to BN blob.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4475"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3617"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the size of BN blob.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4480"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string represenataion if BN or a NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBNTOHEXSTRING"></a><h3>xmlSecBnToHexString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecBnToHexString                 (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Writes <code class="PARAMETER">bn</code> to hex string. Caller is responsible for
+freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3622"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the poitner to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4499"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3627"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the BN format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4504"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string represenataion if BN or a NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBNTOSTRING"></a><h3>xmlSecBnToString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecBnToString                    (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> base</code>);</pre>
+<p>Writes <code class="PARAMETER">bn</code> to string with base <code class="PARAMETER">base</code>. Caller is responsible for
+freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3632"><span style="white-space: nowrap"><code class="PARAMETER">reverse</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the flag that indicates whether to reverse the buffer before writing.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4527"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3637"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  if the flag is equal to 1 then 
-	linebreaks will be added before and after
-	new buffer content.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4532"><span style="white-space: nowrap"><code class="PARAMETER">base</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the base for returned string.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3642"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative values if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4537"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string represenataion if BN or a NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBNZERO"></a><h3>xmlSecBnZero ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBnZero                        (<code class="PARAMETER"><gtkdoclink href="XMLSECBN"><span class="TYPE">xmlSecBnPtr</span></gtkdoclink> bn</code>);</pre>
+<p>Sets the value of <code class="PARAMETER">bn</code> to zero.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN4555"><span style="white-space: nowrap"><code class="PARAMETER">bn</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BN.</p></td>
+</tr></tbody></table>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-base64.html"><b>&lt;&lt;&lt; base64</b></a></td>
diff --git a/docs/api/xmlsec-buffer.html b/docs/api/xmlsec-buffer.html
index 69dab38d..986305e2 100644
--- a/docs/api/xmlsec-buffer.html
+++ b/docs/api/xmlsec-buffer.html
@@ -87,47 +87,47 @@
 <h1>
 <a name="XMLSEC-BUFFER"></a>buffer</h1>
 <div class="REFNAMEDIV">
-<a name="AEN3652"></a><h2>Name</h2>buffer -- Binary buffer implementation.</div>
+<a name="AEN4565"></a><h2>Name</h2>buffer -- Binary buffer implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-BUFFER.SYNOPSIS"></a><h2>Synopsis</h2>
 <pre class="SYNOPSIS">enum                <a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a>;
 struct              <a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a>;
-<font>void</font>                <a href="xmlsec-buffer.html#XMLSECBUFFERSETDEFAULTALLOCMODE">xmlSecBufferSetDefaultAllocMode</a>     (<a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> defAllocMode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> defInitialSize);
-<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a>     <a href="xmlsec-buffer.html#XMLSECBUFFERCREATE">xmlSecBufferCreate</a>                  (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-buffer.html#XMLSECBUFFERDESTROY">xmlSecBufferDestroy</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERINITIALIZE">xmlSecBufferInitialize</a>              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-buffer.html#XMLSECBUFFERFINALIZE">xmlSecBufferFinalize</a>                (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a>*         <a href="xmlsec-buffer.html#XMLSECBUFFERGETDATA">xmlSecBufferGetData</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERSETDATA">xmlSecBufferSetData</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-buffer.html#XMLSECBUFFERGETSIZE">xmlSecBufferGetSize</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERSETSIZE">xmlSecBufferSetSize</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-buffer.html#XMLSECBUFFERGETMAXSIZE">xmlSecBufferGetMaxSize</a>              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERSETMAXSIZE">xmlSecBufferSetMaxSize</a>              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-buffer.html#XMLSECBUFFEREMPTY">xmlSecBufferEmpty</a>                   (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERAPPEND">xmlSecBufferAppend</a>                  (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERPREPEND">xmlSecBufferPrepend</a>                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERREMOVEHEAD">xmlSecBufferRemoveHead</a>              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERREMOVETAIL">xmlSecBufferRemoveTail</a>              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERREADFILE">xmlSecBufferReadFile</a>                (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <font>char</font> *filename);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERBASE64NODECONTENTREAD">xmlSecBufferBase64NodeContentRead</a>   (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <font>xmlNodePtr</font> node);
-<font>int</font>                 <a href="xmlsec-buffer.html#XMLSECBUFFERBASE64NODECONTENTWRITE">xmlSecBufferBase64NodeContentWrite</a>  (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> columns);
-<font>xmlOutputBufferPtr</font>  <a href="xmlsec-buffer.html#XMLSECBUFFERCREATEOUTPUTBUFFER">xmlSecBufferCreateOutputBuffer</a>      (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERAPPEND">xmlSecBufferAppend</a>                  (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERBASE64NODECONTENTREAD">xmlSecBufferBase64NodeContentRead</a>   (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERBASE64NODECONTENTWRITE">xmlSecBufferBase64NodeContentWrite</a>  (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);
+<a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="RETURNVALUE">xmlSecBufferPtr</span></a>     <a href="xmlsec-buffer.html#XMLSECBUFFERCREATE">xmlSecBufferCreate</a>                  (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="XMLOUTPUTBUFFERPTR"><span class="RETURNVALUE">xmlOutputBufferPtr</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERCREATEOUTPUTBUFFER">xmlSecBufferCreateOutputBuffer</a>      (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERDESTROY">xmlSecBufferDestroy</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFEREMPTY">xmlSecBufferEmpty</a>                   (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERFINALIZE">xmlSecBufferFinalize</a>                (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="RETURNVALUE">xmlSecByte</span></a> *        <a href="xmlsec-buffer.html#XMLSECBUFFERGETDATA">xmlSecBufferGetData</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-buffer.html#XMLSECBUFFERGETMAXSIZE">xmlSecBufferGetMaxSize</a>              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-buffer.html#XMLSECBUFFERGETSIZE">xmlSecBufferGetSize</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERINITIALIZE">xmlSecBufferInitialize</a>              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERPREPEND">xmlSecBufferPrepend</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERREADFILE">xmlSecBufferReadFile</a>                (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERREMOVEHEAD">xmlSecBufferRemoveHead</a>              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERREMOVETAIL">xmlSecBufferRemoveTail</a>              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERSETDATA">xmlSecBufferSetData</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERSETDEFAULTALLOCMODE">xmlSecBufferSetDefaultAllocMode</a>     (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> defAllocMode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> defInitialSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERSETMAXSIZE">xmlSecBufferSetMaxSize</a>              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-buffer.html#XMLSECBUFFERSETSIZE">xmlSecBufferSetSize</a>                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-BUFFER.DESCRIPTION"></a><h2>Description</h2>
@@ -143,17 +143,16 @@ struct              <a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a>;
 } xmlSecAllocMode;</pre>
 <p>The memory allocation mode (used by <code class="PARAMETER">xmlSecBuffer</code> and <code class="PARAMETER">xmlSecList</code>).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLSECALLOCMODEEXACT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecAllocModeExact</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the memory allocation mode that minimizes total 
-			allocated memory size.</p></td>
+<td align="LEFT" valign="TOP"><p>the memory allocation mode that minimizes total
+                             allocated memory size.</p></td>
 </tr>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLSECALLOCMODEDOUBLE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecAllocModeDouble</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the memory allocation mode that tries to minimize
-			the number of malloc calls.</p></td>
+<td align="LEFT" valign="TOP"><p>the memory allocation mode that tries to minimize
+                             the number of malloc calls.</p></td>
 </tr>
 </tbody></table>
 </div>
@@ -161,457 +160,436 @@ struct              <a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a>;
 <div class="REFSECT2">
 <a name="XMLSECBUFFER"></a><h3>struct xmlSecBuffer</h3>
 <pre class="PROGRAMLISTING">struct xmlSecBuffer {
-    xmlSecByte* 	data;
-    xmlSecSize 		size;
-    xmlSecSize		maxSize;
-    xmlSecAllocMode 	allocMode;
+    xmlSecByte*         data;
+    xmlSecSize          size;
+    xmlSecSize          maxSize;
+    xmlSecAllocMode     allocMode;
 };</pre>
 <p>Binary data buffer.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3769"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *<code class="STRUCTFIELD">data</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to buffer data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4772"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *<code class="STRUCTFIELD">data</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3775"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">size</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the current data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4779"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">size</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3781"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">maxSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the max data size (allocated buffer size).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4786"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">maxSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max data size (allocated buffer size).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3787"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> <code class="STRUCTFIELD">allocMode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the buffer memory allocation mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4793"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> <code class="STRUCTFIELD">allocMode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer memory allocation mode.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERSETDEFAULTALLOCMODE"></a><h3>xmlSecBufferSetDefaultAllocMode ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBufferSetDefaultAllocMode     (<a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> defAllocMode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> defInitialSize);</pre>
-<p>Sets new global default allocation mode and minimal intial size.</p>
-<p></p>
+<a name="XMLSECBUFFERAPPEND"></a><h3>xmlSecBufferAppend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferAppend                  (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Appends the <code class="PARAMETER">data</code> after the current data stored in the buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3804"><span style="white-space: nowrap"><code class="PARAMETER">defAllocMode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the new default buffer allocation mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4819"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4824"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4829"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3809"><span style="white-space: nowrap"><code class="PARAMETER">defInitialSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the new default buffer minimal intial size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4834"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERCREATE"></a><h3>xmlSecBufferCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a>     xmlSecBufferCreate                  (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Allocates and initalizes new memory buffer with given size.
-Caller is responsible for calling <a href="xmlsec-buffer.html#XMLSECBUFFERDESTROY"><span class="TYPE">xmlSecBufferDestroy</span></a> function
-to free the buffer.</p>
-<p></p>
+<a name="XMLSECBUFFERBASE64NODECONTENTREAD"></a><h3>xmlSecBufferBase64NodeContentRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferBase64NodeContentRead   (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Reads the content of the <code class="PARAMETER">node</code>, base64 decodes it and stores the
+result in the buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3826"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the intial size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4855"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4860"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3831"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated buffer or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4865"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERDESTROY"></a><h3>xmlSecBufferDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBufferDestroy                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Desrtoys buffer object created with <a href="xmlsec-buffer.html#XMLSECBUFFERCREATE"><span class="TYPE">xmlSecBufferCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN3848"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBUFFERINITIALIZE"></a><h3>xmlSecBufferInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferInitialize              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Initializes buffer object <code class="PARAMETER">buf</code>. Caller is responsible for calling
-<a href="xmlsec-buffer.html#XMLSECBUFFERFINALIZE"><span class="TYPE">xmlSecBufferFinalize</span></a> function to free allocated resources.</p>
-<p></p>
+<a name="XMLSECBUFFERBASE64NODECONTENTWRITE"></a><h3>xmlSecBufferBase64NodeContentWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferBase64NodeContentWrite  (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> columns</code>);</pre>
+<p>Sets the content of the <code class="PARAMETER">node</code> to the base64 encoded buffer data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3867"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4889"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3872"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the initial buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4894"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to a node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3877"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4899"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max line size fro base64 encoded data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN4904"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERFINALIZE"></a><h3>xmlSecBufferFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBufferFinalize                (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Frees allocated resource for a buffer intialized with <a href="xmlsec-buffer.html#XMLSECBUFFERINITIALIZE"><span class="TYPE">xmlSecBufferInitialize</span></a>
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN3894"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBUFFERGETDATA"></a><h3>xmlSecBufferGetData ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a>*         xmlSecBufferGetData                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Gets pointer to buffer's data.</p>
-<p></p>
+<a name="XMLSECBUFFERCREATE"></a><h3>xmlSecBufferCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="RETURNVALUE">xmlSecBufferPtr</span></a>     xmlSecBufferCreate                  (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Allocates and initalizes new memory buffer with given size.
+Caller is responsible for calling <a href="xmlsec-buffer.html#XMLSECBUFFERDESTROY"><span class="TYPE">xmlSecBufferDestroy</span></a> function
+to free the buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3909"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4923"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the intial size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3914"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to buffer's data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4928"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated buffer or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERSETDATA"></a><h3>xmlSecBufferSetData ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferSetData                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Sets the value of the buffer to <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECBUFFERCREATEOUTPUTBUFFER"></a><h3>xmlSecBufferCreateOutputBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLOUTPUTBUFFERPTR"><span class="RETURNVALUE">xmlOutputBufferPtr</span></gtkdoclink>  xmlSecBufferCreateOutputBuffer      (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Creates new LibXML output buffer to store data in the <code class="PARAMETER">buf</code>. Caller is
+responsible for destroying <code class="PARAMETER">buf</code> when processing is done.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3932"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3937"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4947"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3942"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3947"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN4952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated output buffer or NULL if an error
+occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERGETSIZE"></a><h3>xmlSecBufferGetSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecBufferGetSize                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Gets the current buffer data size.</p>
+<a name="XMLSECBUFFERDESTROY"></a><h3>xmlSecBufferDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBufferDestroy                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Desrtoys buffer object created with <a href="xmlsec-buffer.html#XMLSECBUFFERCREATE"><span class="TYPE">xmlSecBufferCreate</span></a> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN4971"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBUFFEREMPTY"></a><h3>xmlSecBufferEmpty ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBufferEmpty                   (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Empties the buffer.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN4988"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBUFFERFINALIZE"></a><h3>xmlSecBufferFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBufferFinalize                (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Frees allocated resource for a buffer intialized with <a href="xmlsec-buffer.html#XMLSECBUFFERINITIALIZE"><span class="TYPE">xmlSecBufferInitialize</span></a>
+function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN5007"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECBUFFERGETDATA"></a><h3>xmlSecBufferGetData ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="RETURNVALUE">xmlSecByte</span></a> *        xmlSecBufferGetData                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Gets pointer to buffer's data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3962"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5024"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3967"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the current data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5029"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to buffer's data.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERSETSIZE"></a><h3>xmlSecBufferSetSize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferSetSize                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Sets new buffer data size. If necessary, buffer grows to 
-have at least <code class="PARAMETER">size</code> bytes.</p>
-<p></p>
+<a name="XMLSECBUFFERGETMAXSIZE"></a><h3>xmlSecBufferGetMaxSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecBufferGetMaxSize              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Gets the maximum (allocated) buffer size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3984"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5046"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN3989"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN3994"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5051"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the maximum (allocated) buffer size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERGETMAXSIZE"></a><h3>xmlSecBufferGetMaxSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecBufferGetMaxSize              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Gets the maximum (allocated) buffer size.</p>
-<p></p>
+<a name="XMLSECBUFFERGETSIZE"></a><h3>xmlSecBufferGetSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecBufferGetSize                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>);</pre>
+<p>Gets the current buffer data size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4009"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5068"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4014"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the maximum (allocated) buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5073"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current data size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERSETMAXSIZE"></a><h3>xmlSecBufferSetMaxSize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferSetMaxSize              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Sets new buffer maximum size. If necessary, buffer grows to 
-have at least <code class="PARAMETER">size</code> bytes.</p>
-<p></p>
+<a name="XMLSECBUFFERINITIALIZE"></a><h3>xmlSecBufferInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferInitialize              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Initializes buffer object <code class="PARAMETER">buf</code>. Caller is responsible for calling
+<a href="xmlsec-buffer.html#XMLSECBUFFERFINALIZE"><span class="TYPE">xmlSecBufferFinalize</span></a> function to free allocated resources.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4031"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5096"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4036"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new maximum size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5101"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the initial buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4041"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5106"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFEREMPTY"></a><h3>xmlSecBufferEmpty ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecBufferEmpty                   (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Empties the buffer.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN4056"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECBUFFERAPPEND"></a><h3>xmlSecBufferAppend ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferAppend                  (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Appends the <code class="PARAMETER">data</code> after the current data stored in the buffer.</p>
-<p></p>
+<a name="XMLSECBUFFERPREPEND"></a><h3>xmlSecBufferPrepend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferPrepend                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Prepends the <code class="PARAMETER">data</code> before the current data stored in the buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4074"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5130"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4079"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5135"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4084"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5140"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4089"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5145"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERPREPEND"></a><h3>xmlSecBufferPrepend ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferPrepend                 (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Prepends the <code class="PARAMETER">data</code> before the current data stored in the buffer.</p>
-<p></p>
+<a name="XMLSECBUFFERREADFILE"></a><h3>xmlSecBufferReadFile ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferReadFile                (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);</pre>
+<p>Reads the content of the file <code class="PARAMETER">filename</code> in the buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4107"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN4112"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5166"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4117"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5171"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4122"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5176"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBUFFERREMOVEHEAD"></a><h3>xmlSecBufferRemoveHead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferRemoveHead              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferRemoveHead              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
 <p>Removes <code class="PARAMETER">size</code> bytes from the beginning of the current buffer.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4139"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5197"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4144"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the number of bytes to be removed.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5202"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of bytes to be removed.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4149"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5207"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECBUFFERREMOVETAIL"></a><h3>xmlSecBufferRemoveTail ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferRemoveTail              (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferRemoveTail              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
 <p>Removes <code class="PARAMETER">size</code> bytes from the end of current buffer.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4166"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5228"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4171"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the number of bytes to be removed.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5233"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of bytes to be removed.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4176"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5238"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERREADFILE"></a><h3>xmlSecBufferReadFile ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferReadFile                (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         const <font>char</font> *filename);</pre>
-<p>Reads the content of the file <code class="PARAMETER">filename</code> in the buffer.</p>
-<p></p>
+<a name="XMLSECBUFFERSETDATA"></a><h3>xmlSecBufferSetData ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferSetData                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Sets the value of the buffer to <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4193"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5262"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4198"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5267"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4203"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5272"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN5277"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERBASE64NODECONTENTREAD"></a><h3>xmlSecBufferBase64NodeContentRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferBase64NodeContentRead   (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <font>xmlNodePtr</font> node);</pre>
-<p>Reads the content of the <code class="PARAMETER">node</code>, base64 decodes it and stores the
-result in the buffer.</p>
-<p></p>
+<a name="XMLSECBUFFERSETDEFAULTALLOCMODE"></a><h3>xmlSecBufferSetDefaultAllocMode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecBufferSetDefaultAllocMode     (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> defAllocMode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> defInitialSize</code>);</pre>
+<p>Sets new global default allocation mode and minimal intial size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4220"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN4225"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5297"><span style="white-space: nowrap"><code class="PARAMETER">defAllocMode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new default buffer allocation mode.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4230"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5302"><span style="white-space: nowrap"><code class="PARAMETER">defInitialSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new default buffer minimal intial size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERBASE64NODECONTENTWRITE"></a><h3>xmlSecBufferBase64NodeContentWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecBufferBase64NodeContentWrite  (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> columns);</pre>
-<p>Sets the content of the <code class="PARAMETER">node</code> to the base64 encoded buffer data.</p>
-<p></p>
+<a name="XMLSECBUFFERSETMAXSIZE"></a><h3>xmlSecBufferSetMaxSize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferSetMaxSize              (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Sets new buffer maximum size. If necessary, buffer grows to
+have at least <code class="PARAMETER">size</code> bytes.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4248"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5323"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4253"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to a node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5328"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new maximum size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4258"><span style="white-space: nowrap"><code class="PARAMETER">columns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the max line size fro base64 encoded data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN4263"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5333"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBUFFERCREATEOUTPUTBUFFER"></a><h3>xmlSecBufferCreateOutputBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlOutputBufferPtr</font>  xmlSecBufferCreateOutputBuffer      (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buf);</pre>
-<p>Creates new LibXML output buffer to store data in the <code class="PARAMETER">buf</code>. Caller is 
-responsible for destroying <code class="PARAMETER">buf</code> when processing is done.</p>
-<p></p>
+<a name="XMLSECBUFFERSETSIZE"></a><h3>xmlSecBufferSetSize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecBufferSetSize                 (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Sets new buffer data size. If necessary, buffer grows to
+have at least <code class="PARAMETER">size</code> bytes.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4280"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5354"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to buffer object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4285"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated output buffer or NULL if an error
-occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5359"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN5364"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-custom-keys-manager.html b/docs/api/xmlsec-custom-keys-manager.html
index 3332262b..f58125b9 100644
--- a/docs/api/xmlsec-custom-keys-manager.html
+++ b/docs/api/xmlsec-custom-keys-manager.html
@@ -99,11 +99,11 @@
  * key's file name in the current folder.
  * 
  * Usage: 
- *	./decrypt3 &lt;xml-enc&gt; 
+ *      ./decrypt3 &lt;xml-enc&gt; 
  *
  * Example:
- *	./decrypt3 encrypt1-res.xml
- *	./decrypt3 encrypt2-res.xml
+ *      ./decrypt3 encrypt1-res.xml
+ *      ./decrypt3 encrypt2-res.xml
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -121,6 +121,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -135,13 +136,16 @@ int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */    
 
     assert(argv);
 
     if(argc != 2) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;enc-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;enc-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -152,17 +156,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -172,34 +188,34 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = create_files_keys_mngr();
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(decrypt_file(mngr, argv[1]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -216,6 +232,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -225,8 +242,8 @@ main(int argc, char **argv) {
 
 /**
  * decrypt_file:
- * @mngr:		the pointer to keys manager.
- * @enc_file:		the encrypted XML  file name.
+ * @mngr:               the pointer to keys manager.
+ * @enc_file:           the encrypted XML  file name.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -246,42 +263,42 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) &lt; 0) || (encCtx-&gt;result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx-&gt;resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
-	if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx-&gt;result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
+        if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx-&gt;result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -291,11 +308,11 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
@@ -316,31 +333,31 @@ create_files_keys_mngr(void) {
     /* create files based keys store */
     keysStore = xmlSecKeyStoreCreate(files_keys_store_get_klass());
     if(keysStore == NULL) {
-	fprintf(stderr, "Error: failed to create keys store.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys store.\n");
+        return(NULL);
     }
     
     /* create keys manager */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	xmlSecKeyStoreDestroy(keysStore);
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        xmlSecKeyStoreDestroy(keysStore);
+        return(NULL);
     }
 
     /* add store to keys manager, from now on keys manager destroys the store if needed */
     if(xmlSecKeysMngrAdoptKeysStore(mngr, keysStore) &lt; 0) {
-	fprintf(stderr, "Error: failed to add keys store to keys manager.\n");
-	xmlSecKeyStoreDestroy(keysStore);
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to add keys store to keys manager.\n");
+        xmlSecKeyStoreDestroy(keysStore);
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
     
     /* initialize crypto library specific data in keys manager */
     if(xmlSecCryptoKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
 
     /* set the get key callback */
@@ -356,20 +373,20 @@ create_files_keys_mngr(void) {
  * Attention: this probably not a good solution for high traffic systems.
  * 
  ***************************************************************************/
-static xmlSecKeyPtr		files_keys_store_find_key	(xmlSecKeyStorePtr store,
-								 const xmlChar* name,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyPtr             files_keys_store_find_key       (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 static xmlSecKeyStoreKlass files_keys_store_klass = {
     sizeof(xmlSecKeyStoreKlass),
     sizeof(xmlSecKeyStore),
-    BAD_CAST "files-based-keys-store",	/* const xmlChar* name; */         
-    NULL,				/* xmlSecKeyStoreInitializeMethod initialize; */
-    NULL,				/* xmlSecKeyStoreFinalizeMethod finalize; */
-    files_keys_store_find_key,		/* xmlSecKeyStoreFindKeyMethod findKey; */
+    BAD_CAST "files-based-keys-store",  /* const xmlChar* name; */         
+    NULL,                               /* xmlSecKeyStoreInitializeMethod initialize; */
+    NULL,                               /* xmlSecKeyStoreFinalizeMethod finalize; */
+    files_keys_store_find_key,          /* xmlSecKeyStoreFindKeyMethod findKey; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
 /**
@@ -387,9 +404,9 @@ files_keys_store_get_klass(void) {
 
 /**
  * files_keys_store_find_key:
- * @store:		the pointer to simple keys store.
- * @name:		the desired key name.
- * @keyInfoCtx:		the pointer to &lt;dsig:KeyInfo/&gt; node processing context.
+ * @store:              the pointer to simple keys store.
+ * @name:               the desired key name.
+ * @keyInfoCtx:         the pointer to &lt;dsig:KeyInfo/&gt; node processing context.
  *  
  * Lookups key in the @store. The caller is responsible for destroying
  * returned key with #xmlSecKeyDestroy function.
@@ -407,7 +424,7 @@ files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKe
     /* it's possible to do not have the key name or desired key type 
      * but we could do nothing in this case */
     if((name == NULL) || (keyInfoCtx-&gt;keyReq.keyId == xmlSecKeyDataIdUnknown)){
-	return(NULL);
+        return(NULL);
     }
     
     /* we don't want to open files in a folder other than "current";
@@ -415,32 +432,32 @@ files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKe
      * '.', '-' or '_'.
      */
     for(p = name; (*p) != '\0'; ++p) {
-	if(!isalnum((*p)) &amp;&amp; ((*p) != '.') &amp;&amp; ((*p) != '-') &amp;&amp; ((*p) != '_')) {
-	    return(NULL);
-	}
+        if(!isalnum((*p)) &amp;&amp; ((*p) != '.') &amp;&amp; ((*p) != '-') &amp;&amp; ((*p) != '_')) {
+            return(NULL);
+        }
     }
     
     if((keyInfoCtx-&gt;keyReq.keyId == xmlSecKeyDataDsaId) || (keyInfoCtx-&gt;keyReq.keyId == xmlSecKeyDataRsaId)) {
-	/* load key from a pem file, if key is not found then it's an error (is it?) */
-	key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
-	    return(NULL);
-	}
+        /* load key from a pem file, if key is not found then it's an error (is it?) */
+        key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
+            return(NULL);
+        }
     } else {
-	/* otherwise it's a binary key, if key is not found then it's an error (is it?) */
-	key = xmlSecKeyReadBinaryFile(keyInfoCtx-&gt;keyReq.keyId, name);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
-	    return(NULL);
-	}
+        /* otherwise it's a binary key, if key is not found then it's an error (is it?) */
+        key = xmlSecKeyReadBinaryFile(keyInfoCtx-&gt;keyReq.keyId, name);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
+            return(NULL);
+        }
     }
 
     /* set key name */
     if(xmlSecKeySetName(key, name) &lt; 0) {
         fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", name);
         xmlSecKeyDestroy(key);
-        return(NULL);	
+        return(NULL);   
     }
 
     return(key);
diff --git a/docs/api/xmlsec-decrypt-with-keys-mngr.html b/docs/api/xmlsec-decrypt-with-keys-mngr.html
index c638354c..d980ff51 100644
--- a/docs/api/xmlsec-decrypt-with-keys-mngr.html
+++ b/docs/api/xmlsec-decrypt-with-keys-mngr.html
@@ -98,11 +98,11 @@
  * DES key from a binary file
  * 
  * Usage: 
- *	./decrypt2 &lt;xml-enc&gt; &lt;des-key-file1&gt; [&lt;des-key-file2&gt; [...]] 
+ *      ./decrypt2 &lt;xml-enc&gt; &lt;des-key-file1&gt; [&lt;des-key-file2&gt; [...]] 
  *
  * Example:
- *	./decrypt2 encrypt1-res.xml deskey.bin
- *	./decrypt2 encrypt2-res.xml deskey.bin
+ *      ./decrypt2 encrypt1-res.xml deskey.bin
+ *      ./decrypt2 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -119,6 +119,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -132,13 +133,16 @@ int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
 
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;enc-file&gt; &lt;key-file1&gt; [&lt;key-file2&gt; [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;enc-file&gt; &lt;key-file1&gt; [&lt;key-file2&gt; [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -149,17 +153,30 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -169,34 +186,34 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_des_keys(&amp;(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(decrypt_file(mngr, argv[1]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -213,6 +230,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -222,8 +240,8 @@ main(int argc, char **argv) {
 
 /**
  * load_des_keys:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load DES keys from #files in it.
  * The caller is responsible for destroing returned keys manager using
@@ -247,43 +265,43 @@ load_des_keys(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i &lt; files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load DES key */
-	key = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, files[i]);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load DES key */
+        key = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, files[i]);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
 
-	/* set key name to the file name, this is just an example! */
-	if(xmlSecKeySetName(key, BAD_CAST files[i]) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
-	
-	/* add key to keys manager, from now on keys manager is responsible 
-	 * for destroying key 
-	 */
-	if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* set key name to the file name, this is just an example! */
+        if(xmlSecKeySetName(key, BAD_CAST files[i]) &lt; 0) {
+            fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
+        
+        /* add key to keys manager, from now on keys manager is responsible 
+         * for destroying key 
+         */
+        if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) &lt; 0) {
+            fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -291,8 +309,8 @@ load_des_keys(char** files, int files_size) {
 
 /**
  * decrypt_file:
- * @mngr:		the pointer to keys manager.
- * @enc_file:		the encrypted XML  file name.
+ * @mngr:               the pointer to keys manager.
+ * @enc_file:           the encrypted XML  file name.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -312,42 +330,42 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) &lt; 0) || (encCtx-&gt;result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx-&gt;resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
-	if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx-&gt;result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
+        if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx-&gt;result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -357,11 +375,11 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-decrypt-with-signle-key.html b/docs/api/xmlsec-decrypt-with-signle-key.html
index 8ab5476c..1a5e348f 100644
--- a/docs/api/xmlsec-decrypt-with-signle-key.html
+++ b/docs/api/xmlsec-decrypt-with-signle-key.html
@@ -97,11 +97,11 @@
  * Decrypts encrypted XML file using a single DES key from a binary file
  * 
  * Usage: 
- *	./decrypt1 &lt;xml-enc&gt; &lt;des-key-file&gt; 
+ *      ./decrypt1 &lt;xml-enc&gt; &lt;des-key-file&gt; 
  *
  * Example:
- *	./decrypt1 encrypt1-res.xml deskey.bin
- *	./decrypt1 encrypt2-res.xml deskey.bin
+ *      ./decrypt1 encrypt1-res.xml deskey.bin
+ *      ./decrypt1 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -118,6 +118,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -129,12 +130,16 @@ int decrypt_file(const char* enc_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;enc-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;enc-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -145,17 +150,30 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -165,27 +183,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(decrypt_file(argv[1], argv[2]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -208,8 +226,8 @@ main(int argc, char **argv) {
 
 /**
  * decrypt_file:
- * @enc_file:		the encrypted XML  file name.
- * @key_file:		the Triple DES key file.
+ * @enc_file:           the encrypted XML  file name.
+ * @key_file:           the Triple DES key file.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -229,55 +247,55 @@ decrypt_file(const char* enc_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key */
     encCtx-&gt;encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx-&gt;encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
     
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx-&gt;encKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) &lt; 0) || (encCtx-&gt;result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx-&gt;resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
-	if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx-&gt;result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx-&gt;result));
+        if(xmlSecBufferGetData(encCtx-&gt;result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx-&gt;result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx-&gt;result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -287,11 +305,11 @@ decrypt_file(const char* enc_file, const char* key_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-dl.html b/docs/api/xmlsec-dl.html
index 1c0702a8..c82ee0d7 100644
--- a/docs/api/xmlsec-dl.html
+++ b/docs/api/xmlsec-dl.html
@@ -87,19 +87,19 @@
 <h1>
 <a name="XMLSEC-DL"></a>dl</h1>
 <div class="REFNAMEDIV">
-<a name="AEN4295"></a><h2>Name</h2>dl -- Dynamic crypto-engine library loading support.</div>
+<a name="AEN5374"></a><h2>Name</h2>dl -- Dynamic crypto-engine library loading support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-DL.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLFUNCTIONSREGISTERKEYDATAANDTRANSFORMS">xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms</a>
-                                                        (<font>xmlSecCryptoDLFunctionsPtr</font> functions);
-<font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLINIT">xmlSecCryptoDLInit</a>                  (void);
-<font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLSHUTDOWN">xmlSecCryptoDLShutdown</a>              (void);
-<font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY">xmlSecCryptoDLLoadLibrary</a>           (const <font>xmlChar</font> *crypto);
-<font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS">xmlSecCryptoDLGetLibraryFunctions</a>
-                                                        (const <font>xmlChar</font> *crypto);
-<font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY">xmlSecCryptoDLUnloadLibrary</a>         (const <font>xmlChar</font> *crypto);
-<font>int</font>                 <a href="xmlsec-dl.html#XMLSECCRYPTODLSETFUNCTIONS">xmlSecCryptoDLSetFunctions</a>          (<font>xmlSecCryptoDLFunctionsPtr</font> functions);
-<font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-dl.html#XMLSECCRYPTODLGETFUNCTIONS">xmlSecCryptoDLGetFunctions</a>  (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLFUNCTIONSREGISTERKEYDATAANDTRANSFORMS">xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="TYPE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> functions</code>);
+<gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLGETFUNCTIONS">xmlSecCryptoDLGetFunctions</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS">xmlSecCryptoDLGetLibraryFunctions</a>
+                                                        (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLINIT">xmlSecCryptoDLInit</a>                  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY">xmlSecCryptoDLLoadLibrary</a>           (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLSETFUNCTIONS">xmlSecCryptoDLSetFunctions</a>          (<code class="PARAMETER"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="TYPE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> functions</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLSHUTDOWN">xmlSecCryptoDLShutdown</a>              (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY">xmlSecCryptoDLUnloadLibrary</a>         (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-DL.DESCRIPTION"></a><h2>Description</h2>
@@ -109,140 +109,132 @@
 <a name="XMLSEC-DL.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTODLFUNCTIONSREGISTERKEYDATAANDTRANSFORMS"></a><h3>xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms
-                                                        (<font>xmlSecCryptoDLFunctionsPtr</font> functions);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="TYPE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> functions</code>);</pre>
 <p>Registers the key data and transforms klasses from <code class="PARAMETER">functions</code> table in xmlsec.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4338"><span style="white-space: nowrap"><code class="PARAMETER">functions</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the functions table.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5443"><span style="white-space: nowrap"><code class="PARAMETER">functions</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the functions table.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4343"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5448"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTODLINIT"></a><h3>xmlSecCryptoDLInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLInit                  (void);</pre>
-<p>Initializes dynamic loading engine. This is an internal function
-and should not be called by application directly.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN4357"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCRYPTODLSHUTDOWN"></a><h3>xmlSecCryptoDLShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLShutdown              (void);</pre>
-<p>Shutdowns dynamic loading engine. This is an internal function
-and should not be called by application directly.</p>
-<p></p>
+<a name="XMLSECCRYPTODLGETFUNCTIONS"></a><h3>xmlSecCryptoDLGetFunctions ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoDLGetFunctions   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets global crypto functions/transforms/keys data/keys store table.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN4371"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5464"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the table.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTODLLOADLIBRARY"></a><h3>xmlSecCryptoDLLoadLibrary ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLLoadLibrary           (const <font>xmlChar</font> *crypto);</pre>
-<p>Loads the xmlsec-&lt;crypto&gt; library. This function is NOT thread safe, 
-application MUST NOT call <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLLoadLibrary</span></a>, <a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS"><span class="TYPE">xmlSecCryptoDLGetLibraryFunctions</span></a>,
-and <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLUnloadLibrary</span></a> functions from multiple threads.</p>
-<p></p>
+<a name="XMLSECCRYPTODLGETLIBRARYFUNCTIONS"></a><h3>xmlSecCryptoDLGetLibraryFunctions ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoDLGetLibraryFunctions
+                                                        (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);</pre>
+<p>Loads the xmlsec-&lt;crypto&gt; library and gets global crypto functions/transforms/keys data/keys store
+table. This function is NOT thread safe, application MUST NOT call <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLLoadLibrary</span></a>,
+<a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS"><span class="TYPE">xmlSecCryptoDLGetLibraryFunctions</span></a>, and <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLUnloadLibrary</span></a> functions from multiple threads.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4392"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired crypto library name ("openssl", "nss", ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5487"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired crypto library name ("openssl", "nss", ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4397"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5492"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the table or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTODLGETLIBRARYFUNCTIONS"></a><h3>xmlSecCryptoDLGetLibraryFunctions ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoDLGetLibraryFunctions
-                                                        (const <font>xmlChar</font> *crypto);</pre>
-<p>Loads the xmlsec-&lt;crypto&gt; library and gets global crypto functions/transforms/keys data/keys store 
-table. This function is NOT thread safe, application MUST NOT call <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLLoadLibrary</span></a>, 
-<a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS"><span class="TYPE">xmlSecCryptoDLGetLibraryFunctions</span></a>, and <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLUnloadLibrary</span></a> functions from multiple threads.</p>
-<p></p>
+<a name="XMLSECCRYPTODLINIT"></a><h3>xmlSecCryptoDLInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLInit                  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Initializes dynamic loading engine. This is an internal function
+and should not be called by application directly.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN4418"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired crypto library name ("openssl", "nss", ...).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN4423"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the table or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN5508"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTODLUNLOADLIBRARY"></a><h3>xmlSecCryptoDLUnloadLibrary ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLUnloadLibrary         (const <font>xmlChar</font> *crypto);</pre>
-<p>Unloads the xmlsec-&lt;crypto&gt; library. All pointers to this library
-functions tables became invalid. This function is NOT thread safe, 
+<a name="XMLSECCRYPTODLLOADLIBRARY"></a><h3>xmlSecCryptoDLLoadLibrary ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLLoadLibrary           (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);</pre>
+<p>Loads the xmlsec-&lt;crypto&gt; library. This function is NOT thread safe,
 application MUST NOT call <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLLoadLibrary</span></a>, <a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS"><span class="TYPE">xmlSecCryptoDLGetLibraryFunctions</span></a>,
 and <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLUnloadLibrary</span></a> functions from multiple threads.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4444"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired crypto library name ("openssl", "nss", ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5531"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired crypto library name ("openssl", "nss", ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4449"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5536"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTODLSETFUNCTIONS"></a><h3>xmlSecCryptoDLSetFunctions ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCryptoDLSetFunctions          (<font>xmlSecCryptoDLFunctionsPtr</font> functions);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLSetFunctions          (<code class="PARAMETER"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="TYPE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> functions</code>);</pre>
 <p>Sets global crypto functions/transforms/keys data/keys store table.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4464"><span style="white-space: nowrap"><code class="PARAMETER">functions</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new table</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5553"><span style="white-space: nowrap"><code class="PARAMETER">functions</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new table</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4469"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5558"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTODLGETFUNCTIONS"></a><h3>xmlSecCryptoDLGetFunctions ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoDLGetFunctions  (void);</pre>
-<p>Gets global crypto functions/transforms/keys data/keys store table.</p>
-<p></p>
+<a name="XMLSECCRYPTODLSHUTDOWN"></a><h3>xmlSecCryptoDLShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLShutdown              (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Shutdowns dynamic loading engine. This is an internal function
+and should not be called by application directly.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN4483"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the table.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN5574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTODLUNLOADLIBRARY"></a><h3>xmlSecCryptoDLUnloadLibrary ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCryptoDLUnloadLibrary         (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *crypto</code>);</pre>
+<p>Unloads the xmlsec-&lt;crypto&gt; library. All pointers to this library
+functions tables became invalid. This function is NOT thread safe,
+application MUST NOT call <a href="xmlsec-dl.html#XMLSECCRYPTODLLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLLoadLibrary</span></a>, <a href="xmlsec-dl.html#XMLSECCRYPTODLGETLIBRARYFUNCTIONS"><span class="TYPE">xmlSecCryptoDLGetLibraryFunctions</span></a>,
+and <a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY"><span class="TYPE">xmlSecCryptoDLUnloadLibrary</span></a> functions from multiple threads.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN5597"><span style="white-space: nowrap"><code class="PARAMETER">crypto</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired crypto library name ("openssl", "nss", ...).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN5602"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-buffer.html"><b>&lt;&lt;&lt; buffer</b></a></td>
diff --git a/docs/api/xmlsec-encrypt-dynamic-template.html b/docs/api/xmlsec-encrypt-dynamic-template.html
index 729ebd12..b9e26797 100644
--- a/docs/api/xmlsec-encrypt-dynamic-template.html
+++ b/docs/api/xmlsec-encrypt-dynamic-template.html
@@ -98,13 +98,13 @@
  * from a binary file
  * 
  * Usage: 
- *	./encrypt2 &lt;xml-doc&gt; &lt;des-key-file&gt; 
+ *      ./encrypt2 &lt;xml-doc&gt; &lt;des-key-file&gt; 
  *
  * Example:
- *	./encrypt2 encrypt2-doc.xml deskey.bin &gt; encrypt2-res.xml
+ *      ./encrypt2 encrypt2-doc.xml deskey.bin &gt; encrypt2-res.xml
  *
  * The result could be decrypted with decrypt1 example:
- *	./decrypt1 encrypt2-res.xml deskey.bin
+ *      ./decrypt1 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -121,6 +121,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -133,12 +134,16 @@ int encrypt_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -149,17 +154,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -169,27 +186,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(encrypt_file(argv[1], argv[2]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -203,6 +220,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -212,8 +230,8 @@ main(int argc, char **argv) {
 
 /**
  * encrypt_file:
- * @xml_file:		the encryption template file name.
- * @key_file:		the Triple DES key file.
+ * @xml_file:           the encryption template file name.
+ * @key_file:           the Triple DES key file.
  *
  * Encrypts #xml_file using a dynamicaly created template and DES key from
  * #key_file.
@@ -234,61 +252,61 @@ encrypt_file(const char* xml_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create encryption template to encrypt XML file and replace 
      * its content with encryption result */
     encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
-				NULL, xmlSecTypeEncElement, NULL, NULL);
+                                NULL, xmlSecTypeEncElement, NULL, NULL);
     if(encDataNode == NULL) {
-	fprintf(stderr, "Error: failed to create encryption template\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to create encryption template\n");
+        goto done;   
     }
 
     /* we want to put encrypted data in the &lt;enc:CipherValue/&gt; node */
     if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add &lt;dsig:KeyInfo/&gt; and &lt;dsig:KeyName/&gt; nodes to put key name in the signed document */
     keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key, assuming that there is not password */
     encCtx-&gt;encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx-&gt;encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx-&gt;encKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, xmlDocGetRootElement(doc)) &lt; 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
     
     /* we template is inserted in the doc */
@@ -304,15 +322,15 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
 
     if(encDataNode != NULL) {
-	xmlFreeNode(encDataNode);
+        xmlFreeNode(encDataNode);
     }
         
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-encrypt-template-file.html b/docs/api/xmlsec-encrypt-template-file.html
index 810e8fb8..1bb8ab40 100644
--- a/docs/api/xmlsec-encrypt-template-file.html
+++ b/docs/api/xmlsec-encrypt-template-file.html
@@ -97,13 +97,13 @@
  * Encrypts binary data using a template file and a DES key from a binary file
  * 
  * Usage: 
- *	./encrypt1 &lt;xml-tmpl&gt; &lt;des-key-file&gt; 
+ *      ./encrypt1 &lt;xml-tmpl&gt; &lt;des-key-file&gt; 
  *
  * Example:
- *	./encrypt1 encrypt1-tmpl.xml deskey.bin &gt; encrypt1-res.xml
+ *      ./encrypt1 encrypt1-tmpl.xml deskey.bin &gt; encrypt1-res.xml
  *
  * The result could be decrypted with decrypt1 example:
- *	./decrypt1 encrypt1-res.xml deskey.bin
+ *      ./decrypt1 encrypt1-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -120,6 +120,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -128,17 +129,20 @@
 #include &lt;xmlsec/crypto.h&gt;
 
 int encrypt_file(const char* tmpl_file, const char* key_file, 
-		 const unsigned char* data, size_t dataSize);
+                 const unsigned char* data, size_t dataSize);
 int 
 main(int argc, char **argv) {
     static const char secret_data[] = "Big secret";
-    
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;tmpl-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;tmpl-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -149,17 +153,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -169,27 +185,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(encrypt_file(argv[1], argv[2], secret_data, strlen(secret_data)) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -203,6 +219,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -212,10 +229,10 @@ main(int argc, char **argv) {
 
 /**
  * encrypt_file:
- * @tmpl_file:		the encryption template file name.
- * @key_file:		the Triple DES key file.
- * @data:		the binary data to encrypt.
- * @dataSize:		the binary data size.
+ * @tmpl_file:          the encryption template file name.
+ * @key_file:           the Triple DES key file.
+ * @data:               the binary data to encrypt.
+ * @dataSize:           the binary data size.
  *
  * Encrypts binary #data using template from #tmpl_file and DES key from
  * #key_file.
@@ -224,7 +241,7 @@ main(int argc, char **argv) {
  */
 int 
 encrypt_file(const char* tmpl_file, const char* key_file, 
-	     const unsigned char* data, size_t dataSize) {
+             const unsigned char* data, size_t dataSize) {
     xmlDocPtr doc = NULL;
     xmlNodePtr node = NULL;
     xmlSecEncCtxPtr encCtx = NULL;
@@ -237,41 +254,41 @@ encrypt_file(const char* tmpl_file, const char* key_file,
     /* load template */
     doc = xmlParseFile(tmpl_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
+        goto done;      
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key, assuming that there is not password */
     encCtx-&gt;encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx-&gt;encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx-&gt;encKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxBinaryEncrypt(encCtx, node, data, dataSize) &lt; 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print encrypted data with document to stdout */
@@ -284,11 +301,11 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-encrypt-with-session-key.html b/docs/api/xmlsec-encrypt-with-session-key.html
index d0081d6b..7b9ed51b 100644
--- a/docs/api/xmlsec-encrypt-with-session-key.html
+++ b/docs/api/xmlsec-encrypt-with-session-key.html
@@ -98,13 +98,13 @@
  * DES key (encrypted with an RSA key).
  * 
  * Usage: 
- *	./encrypt3 &lt;xml-doc&gt; &lt;rsa-pem-key-file&gt; 
+ *      ./encrypt3 &lt;xml-doc&gt; &lt;rsa-pem-key-file&gt; 
  *
  * Example:
- *	./encrypt3 encrypt3-doc.xml rsakey.pem &gt; encrypt3-res.xml
+ *      ./encrypt3 encrypt3-doc.xml rsakey.pem &gt; encrypt3-res.xml
  *
  * The result could be decrypted with decrypt3 example:
- *	./decrypt3 encrypt3-res.xml
+ *      ./decrypt3 encrypt3-res.xml
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -121,6 +121,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -135,13 +136,16 @@ int encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_n
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -152,17 +156,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -172,35 +188,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_rsa_keys(argv[2]);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     /* we use key filename as key name here */
     if(encrypt_file(mngr, argv[1], argv[2]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -217,6 +233,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -226,7 +243,7 @@ main(int argc, char **argv) {
 
 /**
  * load_rsa_keys:
- * @key_file:		the key filename.
+ * @key_file:           the key filename.
  *
  * Creates simple keys manager and load RSA key from #key_file in it.
  * The caller is responsible for destroing returned keys manager using
@@ -248,13 +265,13 @@ load_rsa_keys(char* key_file) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     /* load private RSA key */
@@ -268,11 +285,11 @@ load_rsa_keys(char* key_file) {
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(key, BAD_CAST key_file) &lt; 0) {
         fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-        xmlSecKeyDestroy(key);	
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        xmlSecKeyDestroy(key);  
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
-	
+        
     /* add key to keys manager, from now on keys manager is responsible 
      * for destroying key 
      */
@@ -288,9 +305,9 @@ load_rsa_keys(char* key_file) {
 
 /**
  * encrypt_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the encryption template file name.
- * @key_name:		the RSA key name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the encryption template file name.
+ * @key_name:           the RSA key name.
  *
  * Encrypts #xml_file using a dynamicaly created template, a session DES key 
  * and an RSA key from keys manager.
@@ -314,78 +331,78 @@ encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name)
     /* load template */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create encryption template to encrypt XML file and replace 
      * its content with encryption result */
     encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
-				NULL, xmlSecTypeEncElement, NULL, NULL);
+                                NULL, xmlSecTypeEncElement, NULL, NULL);
     if(encDataNode == NULL) {
-	fprintf(stderr, "Error: failed to create encryption template\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to create encryption template\n");
+        goto done;   
     }
 
     /* we want to put encrypted data in the &lt;enc:CipherValue/&gt; node */
     if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add &lt;dsig:KeyInfo/&gt; */
     keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     /* add &lt;enc:EncryptedKey/&gt; to store the encrypted session key */
     encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode, 
-				    xmlSecTransformRsaPkcs1Id, 
-				    NULL, NULL, NULL);
+                                    xmlSecTransformRsaPkcs1Id, 
+                                    NULL, NULL, NULL);
     if(encKeyNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     /* we want to put encrypted key in the &lt;enc:CipherValue/&gt; node */
     if(xmlSecTmplEncDataEnsureCipherValue(encKeyNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add &lt;dsig:KeyInfo/&gt; and &lt;dsig:KeyName/&gt; nodes to &lt;enc:EncryptedKey/&gt; */
     keyInfoNode2 = xmlSecTmplEncDataEnsureKeyInfo(encKeyNode, NULL);
     if(keyInfoNode2 == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
     
     /* set key name so we can lookup key when needed */
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, key_name) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* generate a Triple DES key */
     encCtx-&gt;encKey = xmlSecKeyGenerate(xmlSecKeyDataDesId, 192, xmlSecKeyDataTypeSession);
     if(encCtx-&gt;encKey == NULL) {
         fprintf(stderr,"Error: failed to generate session des key\n");
-	goto done;
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, xmlDocGetRootElement(doc)) &lt; 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
     
     /* we template is inserted in the doc */
@@ -401,15 +418,15 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
 
     if(encDataNode != NULL) {
-	xmlFreeNode(encDataNode);
+        xmlFreeNode(encDataNode);
     }
         
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-errors.html b/docs/api/xmlsec-errors.html
index 80788e68..9ff1480c 100644
--- a/docs/api/xmlsec-errors.html
+++ b/docs/api/xmlsec-errors.html
@@ -87,91 +87,92 @@
 <h1>
 <a name="XMLSEC-ERRORS"></a>errors</h1>
 <div class="REFNAMEDIV">
-<a name="AEN4493"></a><h2>Name</h2>errors -- Error/log messages support.</div>
+<a name="AEN5612"></a><h2>Name</h2>errors -- Error/log messages support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-ERRORS.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XMLSEC-FAILED--CAPS">XMLSEC_ERRORS_R_XMLSEC_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MALLOC-FAILED--CAPS">XMLSEC_ERRORS_R_MALLOC_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-STRDUP-FAILED--CAPS">XMLSEC_ERRORS_R_STRDUP_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CRYPTO-FAILED--CAPS">XMLSEC_ERRORS_R_CRYPTO_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XML-FAILED--CAPS">XMLSEC_ERRORS_R_XML_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XSLT-FAILED--CAPS">XMLSEC_ERRORS_R_XSLT_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-IO-FAILED--CAPS">XMLSEC_ERRORS_R_IO_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DISABLED--CAPS">XMLSEC_ERRORS_R_DISABLED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NOT-IMPLEMENTED--CAPS">XMLSEC_ERRORS_R_NOT_IMPLEMENTED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-SIZE--CAPS">XMLSEC_ERRORS_R_INVALID_SIZE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-DATA--CAPS">XMLSEC_ERRORS_R_INVALID_DATA</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-RESULT--CAPS">XMLSEC_ERRORS_R_INVALID_RESULT</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TYPE--CAPS">XMLSEC_ERRORS_R_INVALID_TYPE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-OPERATION--CAPS">XMLSEC_ERRORS_R_INVALID_OPERATION</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-STATUS--CAPS">XMLSEC_ERRORS_R_INVALID_STATUS</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-FORMAT--CAPS">XMLSEC_ERRORS_R_INVALID_FORMAT</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DATA-NOT-MATCH--CAPS">XMLSEC_ERRORS_R_DATA_NOT_MATCH</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE--CAPS">XMLSEC_ERRORS_R_INVALID_NODE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-CONTENT--CAPS">XMLSEC_ERRORS_R_INVALID_NODE_CONTENT</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-ATTRIBUTE--CAPS">XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MISSING-NODE-ATTRIBUTE--CAPS">XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-ALREADY-PRESENT--CAPS">XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-UNEXPECTED-NODE--CAPS">XMLSEC_ERRORS_R_UNEXPECTED_NODE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-NOT-FOUND--CAPS">XMLSEC_ERRORS_R_NODE_NOT_FOUND</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM--CAPS">XMLSEC_ERRORS_R_INVALID_TRANSFORM</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM-KEY--CAPS">XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-URI-TYPE--CAPS">XMLSEC_ERRORS_R_INVALID_URI_TYPE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-SAME-DOCUMENT-REQUIRED--CAPS">XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-DISABLED--CAPS">XMLSEC_ERRORS_R_TRANSFORM_DISABLED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA--CAPS">XMLSEC_ERRORS_R_INVALID_KEY_DATA</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-NOT-FOUND--CAPS">XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-ALREADY-EXIST--CAPS">XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA-SIZE--CAPS">XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-NOT-FOUND--CAPS">XMLSEC_ERRORS_R_KEY_NOT_FOUND</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEYDATA-DISABLED--CAPS">XMLSEC_ERRORS_R_KEYDATA_DISABLED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVALS-LEVEL--CAPS">XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVAL-TYPE-MISMATCH--CAPS">XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-ENCKEY-LEVEL--CAPS">XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-VERIFY-FAILED--CAPS">XMLSEC_ERRORS_R_CERT_VERIFY_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-FOUND--CAPS">XMLSEC_ERRORS_R_CERT_NOT_FOUND</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-REVOKED--CAPS">XMLSEC_ERRORS_R_CERT_REVOKED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-ISSUER-FAILED--CAPS">XMLSEC_ERRORS_R_CERT_ISSUER_FAILED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-YET-VALID--CAPS">XMLSEC_ERRORS_R_CERT_NOT_YET_VALID</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-HAS-EXPIRED--CAPS">XMLSEC_ERRORS_R_CERT_HAS_EXPIRED</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-NO-REFERENCES--CAPS">XMLSEC_ERRORS_R_DSIG_NO_REFERENCES</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-INVALID-REFERENCE--CAPS">XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-ASSERTION--CAPS">XMLSEC_ERRORS_R_ASSERTION</a>
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-MAX-NUMBER--CAPS">XMLSEC_ERRORS_MAX_NUMBER</a>
-<font>void</font>                (<a href="xmlsec-errors.html#XMLSECERRORSCALLBACK">*xmlSecErrorsCallback</a>)             (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERRORSINIT">xmlSecErrorsInit</a>                    (void);
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERRORSSHUTDOWN">xmlSecErrorsShutdown</a>                (void);
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERRORSSETCALLBACK">xmlSecErrorsSetCallback</a>             (<a href="xmlsec-errors.html#XMLSECERRORSCALLBACK">xmlSecErrorsCallback</a> callback);
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACK">xmlSecErrorsDefaultCallback</a>         (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACKENABLEOUTPUT">xmlSecErrorsDefaultCallbackEnableOutput</a>
-                                                        (<font>int</font> enabled);
-<font>int</font>                 <a href="xmlsec-errors.html#XMLSECERRORSGETCODE">xmlSecErrorsGetCode</a>                 (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-const <font>char</font>*         <a href="xmlsec-errors.html#XMLSECERRORSGETMSG">xmlSecErrorsGetMsg</a>                  (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-HERE--CAPS">XMLSEC_ERRORS_HERE</a>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-HERE:CAPS">XMLSEC_ERRORS_HERE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-MAX-NUMBER:CAPS">XMLSEC_ERRORS_MAX_NUMBER</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-NO-MESSAGE:CAPS">XMLSEC_ERRORS_NO_MESSAGE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-ASSERTION:CAPS">XMLSEC_ERRORS_R_ASSERTION</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-HAS-EXPIRED:CAPS">XMLSEC_ERRORS_R_CERT_HAS_EXPIRED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-ISSUER-FAILED:CAPS">XMLSEC_ERRORS_R_CERT_ISSUER_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-FOUND:CAPS">XMLSEC_ERRORS_R_CERT_NOT_FOUND</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-NOT-YET-VALID:CAPS">XMLSEC_ERRORS_R_CERT_NOT_YET_VALID</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-REVOKED:CAPS">XMLSEC_ERRORS_R_CERT_REVOKED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CERT-VERIFY-FAILED:CAPS">XMLSEC_ERRORS_R_CERT_VERIFY_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-CRYPTO-FAILED:CAPS">XMLSEC_ERRORS_R_CRYPTO_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DATA-NOT-MATCH:CAPS">XMLSEC_ERRORS_R_DATA_NOT_MATCH</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DISABLED:CAPS">XMLSEC_ERRORS_R_DISABLED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-INVALID-REFERENCE:CAPS">XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-DSIG-NO-REFERENCES:CAPS">XMLSEC_ERRORS_R_DSIG_NO_REFERENCES</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-DATA:CAPS">XMLSEC_ERRORS_R_INVALID_DATA</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-FORMAT:CAPS">XMLSEC_ERRORS_R_INVALID_FORMAT</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA:CAPS">XMLSEC_ERRORS_R_INVALID_KEY_DATA</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-KEY-DATA-SIZE:CAPS">XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE:CAPS">XMLSEC_ERRORS_R_INVALID_NODE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-ATTRIBUTE:CAPS">XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-NODE-CONTENT:CAPS">XMLSEC_ERRORS_R_INVALID_NODE_CONTENT</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-OPERATION:CAPS">XMLSEC_ERRORS_R_INVALID_OPERATION</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-RESULT:CAPS">XMLSEC_ERRORS_R_INVALID_RESULT</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-SIZE:CAPS">XMLSEC_ERRORS_R_INVALID_SIZE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-STATUS:CAPS">XMLSEC_ERRORS_R_INVALID_STATUS</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM:CAPS">XMLSEC_ERRORS_R_INVALID_TRANSFORM</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TRANSFORM-KEY:CAPS">XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-TYPE:CAPS">XMLSEC_ERRORS_R_INVALID_TYPE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-INVALID-URI-TYPE:CAPS">XMLSEC_ERRORS_R_INVALID_URI_TYPE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-IO-FAILED:CAPS">XMLSEC_ERRORS_R_IO_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEYDATA-DISABLED:CAPS">XMLSEC_ERRORS_R_KEYDATA_DISABLED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-ALREADY-EXIST:CAPS">XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-DATA-NOT-FOUND:CAPS">XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-KEY-NOT-FOUND:CAPS">XMLSEC_ERRORS_R_KEY_NOT_FOUND</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MALLOC-FAILED:CAPS">XMLSEC_ERRORS_R_MALLOC_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-ENCKEY-LEVEL:CAPS">XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVALS-LEVEL:CAPS">XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MAX-RETRIEVAL-TYPE-MISMATCH:CAPS">XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-MISSING-NODE-ATTRIBUTE:CAPS">XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-ALREADY-PRESENT:CAPS">XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NODE-NOT-FOUND:CAPS">XMLSEC_ERRORS_R_NODE_NOT_FOUND</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-NOT-IMPLEMENTED:CAPS">XMLSEC_ERRORS_R_NOT_IMPLEMENTED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-STRDUP-FAILED:CAPS">XMLSEC_ERRORS_R_STRDUP_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-DISABLED:CAPS">XMLSEC_ERRORS_R_TRANSFORM_DISABLED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-TRANSFORM-SAME-DOCUMENT-REQUIRED:CAPS">XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-UNEXPECTED-NODE:CAPS">XMLSEC_ERRORS_R_UNEXPECTED_NODE</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XMLSEC-FAILED:CAPS">XMLSEC_ERRORS_R_XMLSEC_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XML-FAILED:CAPS">XMLSEC_ERRORS_R_XML_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-R-XSLT-FAILED:CAPS">XMLSEC_ERRORS_R_XSLT_FAILED</a>
+#define             <a href="xmlsec-errors.html#XMLSECASSERT">xmlSecAssert</a>                        (p)
+#define             <a href="xmlsec-errors.html#XMLSECASSERT2">xmlSecAssert2</a>                       (p,
+                                                         ret)
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERROR">xmlSecError</a>                         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>,
+                                                         <code class="PARAMETER">...</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-errors.html#XMLSECERRORSCALLBACK">*xmlSecErrorsCallback</a>)             (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACK">xmlSecErrorsDefaultCallback</a>         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACKENABLEOUTPUT">xmlSecErrorsDefaultCallbackEnableOutput</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> enabled</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSGETCODE">xmlSecErrorsGetCode</a>                 (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+const <gtkdoclink href="CHAR"><span class="RETURNVALUE">char</span></gtkdoclink> *        <a href="xmlsec-errors.html#XMLSECERRORSGETMSG">xmlSecErrorsGetMsg</a>                  (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSINIT">xmlSecErrorsInit</a>                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-errors.html#XMLSECERRORSSAFESTRING">xmlSecErrorsSafeString</a>              (str)
-#define             <a href="xmlsec-errors.html#XMLSEC-ERRORS-NO-MESSAGE--CAPS">XMLSEC_ERRORS_NO_MESSAGE</a>
-<font>void</font>                <a href="xmlsec-errors.html#XMLSECERROR">xmlSecError</a>                         (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg,
-                                                         ...);
-#define             <a href="xmlsec-errors.html#XMLSECASSERT">xmlSecAssert</a>                        ( p )
-#define             <a href="xmlsec-errors.html#XMLSECASSERT2">xmlSecAssert2</a>                       ( p, ret )</pre>
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSSETCALLBACK">xmlSecErrorsSetCallback</a>             (<code class="PARAMETER"><a href="xmlsec-errors.html#XMLSECERRORSCALLBACK"><span class="TYPE">xmlSecErrorsCallback</span></a> callback</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-errors.html#XMLSECERRORSSHUTDOWN">xmlSecErrorsShutdown</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-ERRORS.DESCRIPTION"></a><h2>Description</h2>
@@ -180,490 +181,500 @@ const <font>char</font>*         <a href="xmlsec-errors.html#XMLSECERRORSGETMSG"
 <div class="REFSECT1">
 <a name="XMLSEC-ERRORS.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-XMLSEC-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_XMLSEC_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XMLSEC_FAILED		 	1</pre>
-<p>An XMLSec function failed (error subject is the failed function).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-HERE:CAPS"></a><h3>XMLSEC_ERRORS_HERE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_HERE                      __FILE__,__LINE__,__XMLSEC_FUNCTION__</pre>
+<p>The macro that specifies the location (file, line and function)
+for the <a href="xmlsec-errors.html#XMLSECERROR"><code class="FUNCTION">xmlSecError()</code></a> function.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-MALLOC-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_MALLOC_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MALLOC_FAILED		 	2</pre>
-<p>Failed to allocate memory error.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-MAX-NUMBER:CAPS"></a><h3>XMLSEC_ERRORS_MAX_NUMBER</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_MAX_NUMBER                        256</pre>
+<p>The maximum xmlsec errors number.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-STRDUP-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_STRDUP_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_STRDUP_FAILED		 	3</pre>
-<p>Failed to duplicate string error.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-NO-MESSAGE:CAPS"></a><h3>XMLSEC_ERRORS_NO_MESSAGE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_NO_MESSAGE                " "</pre>
+<p>Empty error message " ".</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CRYPTO-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_CRYPTO_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CRYPTO_FAILED		 	4</pre>
-<p>Crypto (OpenSSL) function failed (error subject is the failed function).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-ASSERTION:CAPS"></a><h3>XMLSEC_ERRORS_R_ASSERTION</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_ASSERTION                       100</pre>
+<p>Invalid assertion.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-XML-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_XML_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XML_FAILED		 	5</pre>
-<p>LibXML function failed (error subject is the failed function).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-HAS-EXPIRED:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_HAS_EXPIRED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_HAS_EXPIRED                76</pre>
+<p>"Not valid after" verification failed.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-XSLT-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_XSLT_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XSLT_FAILED		 	6</pre>
-<p>LibXSLT function failed (error subject is the failed function).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-ISSUER-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_ISSUER_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_ISSUER_FAILED              74</pre>
+<p>Failed to get certificate issuer.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-IO-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_IO_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_IO_FAILED		 	7</pre>
-<p>IO operation failed.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-NOT-FOUND:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_NOT_FOUND</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_NOT_FOUND                  72</pre>
+<p>Requested certificate is not found.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-DISABLED--CAPS"></a><h3>XMLSEC_ERRORS_R_DISABLED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DISABLED		 	8</pre>
-<p>The feature is disabled during compilation.
-Check './configure --help' for details on how to
-enable it.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-NOT-YET-VALID:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_NOT_YET_VALID</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_NOT_YET_VALID              75</pre>
+<p>"Not valid before" verification failed.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-NOT-IMPLEMENTED--CAPS"></a><h3>XMLSEC_ERRORS_R_NOT_IMPLEMENTED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NOT_IMPLEMENTED		 	9</pre>
-<p>Feature is not implemented.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-REVOKED:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_REVOKED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_REVOKED                    73</pre>
+<p>The certificate is revoked.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-SIZE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_SIZE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_SIZE		 	11</pre>
-<p>Invalid size.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CERT-VERIFY-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_VERIFY_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_VERIFY_FAILED              71</pre>
+<p>Certificate verification failed.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-DATA--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_DATA</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_DATA		 	12</pre>
-<p>Invalid data.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-CRYPTO-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_CRYPTO_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CRYPTO_FAILED                   4</pre>
+<p>Crypto (OpenSSL) function failed (error subject is the failed function).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-RESULT--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_RESULT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_RESULT		 	13</pre>
-<p>Invalid result.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-DATA-NOT-MATCH:CAPS"></a><h3>XMLSEC_ERRORS_R_DATA_NOT_MATCH</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DATA_NOT_MATCH                  18</pre>
+<p>The data do not match our expectation.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-TYPE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TYPE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TYPE		 	14</pre>
-<p>Invalid type.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-DISABLED:CAPS"></a><h3>XMLSEC_ERRORS_R_DISABLED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DISABLED                        8</pre>
+<p>The feature is disabled during compilation.
+Check './configure --help' for details on how to
+enable it.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-OPERATION--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_OPERATION</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_OPERATION	 	15</pre>
-<p>Invalid operation.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-DSIG-INVALID-REFERENCE:CAPS"></a><h3>XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE          82</pre>
+<p>The &lt;dsig:Reference&gt; validation failed.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-STATUS--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_STATUS</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_STATUS 			16</pre>
-<p>Invalid status.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-DSIG-NO-REFERENCES:CAPS"></a><h3>XMLSEC_ERRORS_R_DSIG_NO_REFERENCES</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DSIG_NO_REFERENCES              81</pre>
+<p>The &lt;dsig:Reference&gt; nodes not found.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-FORMAT--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_FORMAT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_FORMAT 			17</pre>
+<a name="XMLSEC-ERRORS-R-INVALID-DATA:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_DATA</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_DATA                    12</pre>
+<p>Invalid data.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-ERRORS-R-INVALID-FORMAT:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_FORMAT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_FORMAT                  17</pre>
 <p>Invalid format.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-DATA-NOT-MATCH--CAPS"></a><h3>XMLSEC_ERRORS_R_DATA_NOT_MATCH</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DATA_NOT_MATCH		 	18</pre>
-<p>The data do not match our expectation.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-KEY-DATA:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_KEY_DATA</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_KEY_DATA                41</pre>
+<p>Key data is invalid.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-NODE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE	 	 	21</pre>
-<p>Invalid node (error subject is the node name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-KEY-DATA-SIZE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE           44</pre>
+<p>Invalid key size.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-NODE-CONTENT--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE_CONTENT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE_CONTENT	 	22</pre>
-<p>Invalid node content (error subject is the node name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-NODE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE                    21</pre>
+<p>Invalid node (error subject is the node name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-NODE-ATTRIBUTE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE	 	23</pre>
+<a name="XMLSEC-ERRORS-R-INVALID-NODE-ATTRIBUTE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE          23</pre>
 <p>Invalid node attribute (error subject is the node name).</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-MISSING-NODE-ATTRIBUTE--CAPS"></a><h3>XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE	 	25</pre>
-<p>Missing node attribute (error subject is the node name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-NODE-CONTENT:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_NODE_CONTENT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_NODE_CONTENT            22</pre>
+<p>Invalid node content (error subject is the node name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-NODE-ALREADY-PRESENT--CAPS"></a><h3>XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT	 	26</pre>
-<p>Node already present,</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-OPERATION:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_OPERATION</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_OPERATION               15</pre>
+<p>Invalid operation.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-UNEXPECTED-NODE--CAPS"></a><h3>XMLSEC_ERRORS_R_UNEXPECTED_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_UNEXPECTED_NODE	 	 	27</pre>
-<p>Unexpected node (error subject is the node name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-RESULT:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_RESULT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_RESULT                  13</pre>
+<p>Invalid result.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-NODE-NOT-FOUND--CAPS"></a><h3>XMLSEC_ERRORS_R_NODE_NOT_FOUND</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NODE_NOT_FOUND 	 	 	28</pre>
-<p>Node not found (error subject is the required node name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-SIZE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_SIZE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_SIZE                    11</pre>
+<p>Invalid size.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-TRANSFORM--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TRANSFORM</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TRANSFORM	 	31</pre>
-<p>This transform is invlaid here.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-STATUS:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_STATUS</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_STATUS                  16</pre>
+<p>Invalid status.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-TRANSFORM-KEY--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY		32</pre>
-<p>Key is invalid for this transform.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-TRANSFORM:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TRANSFORM</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TRANSFORM               31</pre>
+<p>This transform is invlaid here.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-URI-TYPE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_URI_TYPE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_URI_TYPE 	 	33</pre>
-<p>Invalid URI type.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-TRANSFORM-KEY:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY           32</pre>
+<p>Key is invalid for this transform.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-TRANSFORM-SAME-DOCUMENT-REQUIRED--CAPS"></a><h3>XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED 	34</pre>
-<p>The transform requires the input document to be the same as context.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-TYPE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_TYPE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_TYPE                    14</pre>
+<p>Invalid type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-TRANSFORM-DISABLED--CAPS"></a><h3>XMLSEC_ERRORS_R_TRANSFORM_DISABLED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_TRANSFORM_DISABLED		35</pre>
-<p>The transform is disabled.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-INVALID-URI-TYPE:CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_URI_TYPE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_URI_TYPE                33</pre>
+<p>Invalid URI type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-KEY-DATA--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_KEY_DATA</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_KEY_DATA	 	41</pre>
-<p>Key data is invalid.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-IO-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_IO_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_IO_FAILED                       7</pre>
+<p>IO operation failed.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-KEY-DATA-NOT-FOUND--CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND		42</pre>
-<p>Data is not found (error subject is the data name).</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-KEYDATA-DISABLED:CAPS"></a><h3>XMLSEC_ERRORS_R_KEYDATA_DISABLED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEYDATA_DISABLED                46</pre>
+<p>The key data type disabled.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-KEY-DATA-ALREADY-EXIST--CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST	 	43</pre>
+<a name="XMLSEC-ERRORS-R-KEY-DATA-ALREADY-EXIST:CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST          43</pre>
 <p>The key data is already exist.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-INVALID-KEY-DATA-SIZE--CAPS"></a><h3>XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE	 	44</pre>
-<p>Invalid key size.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-KEY-DATA-NOT-FOUND:CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND              42</pre>
+<p>Data is not found (error subject is the data name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-KEY-NOT-FOUND--CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_NOT_FOUND</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_NOT_FOUND		 	45</pre>
+<a name="XMLSEC-ERRORS-R-KEY-NOT-FOUND:CAPS"></a><h3>XMLSEC_ERRORS_R_KEY_NOT_FOUND</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEY_NOT_FOUND                   45</pre>
 <p>Key not found.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-KEYDATA-DISABLED--CAPS"></a><h3>XMLSEC_ERRORS_R_KEYDATA_DISABLED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_KEYDATA_DISABLED		46</pre>
-<p>The key data type disabled.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-MALLOC-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_MALLOC_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MALLOC_FAILED                   2</pre>
+<p>Failed to allocate memory error.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-ERRORS-R-MAX-ENCKEY-LEVEL:CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL                61</pre>
+<p>Max EncryptedKey level reached.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-MAX-RETRIEVALS-LEVEL--CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL	 	51</pre>
+<a name="XMLSEC-ERRORS-R-MAX-RETRIEVALS-LEVEL:CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL            51</pre>
 <p>Max allowed retrievals level reached.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-MAX-RETRIEVAL-TYPE-MISMATCH--CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH	52</pre>
-<p>The retrieved key data type does not match the one specified 
+<a name="XMLSEC-ERRORS-R-MAX-RETRIEVAL-TYPE-MISMATCH:CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH     52</pre>
+<p>The retrieved key data type does not match the one specified
 in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-MAX-ENCKEY-LEVEL--CAPS"></a><h3>XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL	 	61</pre>
-<p>Max EncryptedKey level reached.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-MISSING-NODE-ATTRIBUTE:CAPS"></a><h3>XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE          25</pre>
+<p>Missing node attribute (error subject is the node name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-VERIFY-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_VERIFY_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_VERIFY_FAILED	 	71</pre>
-<p>Certificate verification failed.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-NODE-ALREADY-PRESENT:CAPS"></a><h3>XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT            26</pre>
+<p>Node already present,</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-NOT-FOUND--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_NOT_FOUND</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_NOT_FOUND		 	72</pre>
-<p>Requested certificate is not found.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-NODE-NOT-FOUND:CAPS"></a><h3>XMLSEC_ERRORS_R_NODE_NOT_FOUND</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NODE_NOT_FOUND                  28</pre>
+<p>Node not found (error subject is the required node name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-REVOKED--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_REVOKED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_REVOKED		 	73</pre>
-<p>The certificate is revoked.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-NOT-IMPLEMENTED:CAPS"></a><h3>XMLSEC_ERRORS_R_NOT_IMPLEMENTED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_NOT_IMPLEMENTED                 9</pre>
+<p>Feature is not implemented.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-ISSUER-FAILED--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_ISSUER_FAILED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_ISSUER_FAILED	 	74</pre>
-<p>Failed to get certificate issuer.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-STRDUP-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_STRDUP_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_STRDUP_FAILED                   3</pre>
+<p>Failed to duplicate string error.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-NOT-YET-VALID--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_NOT_YET_VALID</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_NOT_YET_VALID	 	75</pre>
-<p>"Not valid before" verification failed.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-TRANSFORM-DISABLED:CAPS"></a><h3>XMLSEC_ERRORS_R_TRANSFORM_DISABLED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_TRANSFORM_DISABLED              35</pre>
+<p>The transform is disabled.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-CERT-HAS-EXPIRED--CAPS"></a><h3>XMLSEC_ERRORS_R_CERT_HAS_EXPIRED</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_CERT_HAS_EXPIRED	 	76</pre>
-<p>"Not valid after" verification failed.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-TRANSFORM-SAME-DOCUMENT-REQUIRED:CAPS"></a><h3>XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED        34</pre>
+<p>The transform requires the input document to be the same as context.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-DSIG-NO-REFERENCES--CAPS"></a><h3>XMLSEC_ERRORS_R_DSIG_NO_REFERENCES</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DSIG_NO_REFERENCES 	 	81</pre>
-<p>The &lt;dsig:Reference&gt; nodes not found.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-UNEXPECTED-NODE:CAPS"></a><h3>XMLSEC_ERRORS_R_UNEXPECTED_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_UNEXPECTED_NODE                 27</pre>
+<p>Unexpected node (error subject is the node name).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-DSIG-INVALID-REFERENCE--CAPS"></a><h3>XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE 	 	82</pre>
-<p>The &lt;dsig:Reference&gt; validation failed.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-XMLSEC-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_XMLSEC_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XMLSEC_FAILED                   1</pre>
+<p>An XMLSec function failed (error subject is the failed function).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-R-ASSERTION--CAPS"></a><h3>XMLSEC_ERRORS_R_ASSERTION</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_ASSERTION		 	100</pre>
-<p>Invalid assertion.</p>
-<p></p>
+<a name="XMLSEC-ERRORS-R-XML-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_XML_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XML_FAILED                      5</pre>
+<p>LibXML function failed (error subject is the failed function).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-MAX-NUMBER--CAPS"></a><h3>XMLSEC_ERRORS_MAX_NUMBER</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_MAX_NUMBER			256</pre>
-<p>The maximum xmlsec errors number.</p>
+<a name="XMLSEC-ERRORS-R-XSLT-FAILED:CAPS"></a><h3>XMLSEC_ERRORS_R_XSLT_FAILED</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_R_XSLT_FAILED                     6</pre>
+<p>LibXSLT function failed (error subject is the failed function).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECASSERT"></a><h3>xmlSecAssert()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecAssert( p )</pre>
+<p>Macro. Verifies that <code class="PARAMETER">p</code> is true and calls <gtkdoclink href="RETURN"><code class="FUNCTION">return()</code></gtkdoclink> otherwise.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN6096"><span style="white-space: nowrap"><code class="PARAMETER">p</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expression.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECERRORSCALLBACK"></a><h3>xmlSecErrorsCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecErrorsCallback)             (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
-<p>The errors reporting callback function.</p>
+<a name="XMLSECASSERT2"></a><h3>xmlSecAssert2()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecAssert2( p, ret )</pre>
+<p>Macro. Verifies that <code class="PARAMETER">p</code> is true and calls return(<code class="PARAMETER">ret</code>) otherwise.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6110"><span style="white-space: nowrap"><code class="PARAMETER">p</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expression.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6115"><span style="white-space: nowrap"><code class="PARAMETER">ret</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the return value.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECERROR"></a><h3>xmlSecError ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecError                         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>,
+                                                         <code class="PARAMETER">...</code>);</pre>
+<p>Reports an error to the default (<a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACK"><span class="TYPE">xmlSecErrorsDefaultCallback</span></a>) or
+application specific callback installed using <a href="xmlsec-errors.html#XMLSECERRORSSETCALLBACK"><span class="TYPE">xmlSecErrorsSetCallback</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4953"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location file name (__FILE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6155"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location filename (__FILE__).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4958"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location line number (__LINE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6160"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4963"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location function name (__FUNCTION__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6165"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function (__FUNCTIION__).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4968"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6170"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4973"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6175"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4978"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error code.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6180"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN4983"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the additional error message.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6185"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error message in printf format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6190"><span style="white-space: nowrap"><code class="PARAMETER">...</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the parameters for the <code class="PARAMETER">msg</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECERRORSINIT"></a><h3>xmlSecErrorsInit ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecErrorsInit                    (void);</pre>
-<p>Initializes the errors reporting. It is called from <a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function.
-and applications must not call this function directly.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECERRORSSHUTDOWN"></a><h3>xmlSecErrorsShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecErrorsShutdown                (void);</pre>
-<p>Cleanups the errors reporting. It is called from <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function.
-and applications must not call this function directly.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECERRORSSETCALLBACK"></a><h3>xmlSecErrorsSetCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecErrorsSetCallback             (<a href="xmlsec-errors.html#XMLSECERRORSCALLBACK">xmlSecErrorsCallback</a> callback);</pre>
-<p>Sets the errors callback function to <code class="PARAMETER">callback</code> that will be called 
-every time an error occurs.</p>
-<p></p>
+<a name="XMLSECERRORSCALLBACK"></a><h3>xmlSecErrorsCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecErrorsCallback)             (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);</pre>
+<p>The errors reporting callback function.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5019"><span style="white-space: nowrap"><code class="PARAMETER">callback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new errors callback function.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6226"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location file name (__FILE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6231"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6236"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function name (__FUNCTION__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6241"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6246"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6251"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN6256"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the additional error message.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECERRORSDEFAULTCALLBACK"></a><h3>xmlSecErrorsDefaultCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecErrorsDefaultCallback         (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecErrorsDefaultCallback         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);</pre>
 <p>The default error reporting callback that utilizes LibXML
 error reporting <gtkdoclink href="XMLGENERICERROR"><span class="TYPE">xmlGenericError</span></gtkdoclink> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5042"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location file name (__FILE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6293"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location file name (__FILE__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5047"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location line number (__LINE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6298"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5052"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location function name (__FUNCTION__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6303"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function name (__FUNCTION__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5057"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6308"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5062"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6313"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5067"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error code.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6318"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5072"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the additional error message.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6323"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the additional error message.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECERRORSDEFAULTCALLBACKENABLEOUTPUT"></a><h3>xmlSecErrorsDefaultCallbackEnableOutput ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecErrorsDefaultCallbackEnableOutput
-                                                        (<font>int</font> enabled);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecErrorsDefaultCallbackEnableOutput
+                                                        (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> enabled</code>);</pre>
 <p>Enables or disables calling LibXML2 callback from the default
 errors callback.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5087"><span style="white-space: nowrap"><code class="PARAMETER">enabled</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6340"><span style="white-space: nowrap"><code class="PARAMETER">enabled</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECERRORSGETCODE"></a><h3>xmlSecErrorsGetCode ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecErrorsGetCode                 (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecErrorsGetCode                 (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets the known error code at position <code class="PARAMETER">pos</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5103"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6358"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5108"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the known error code or 0 if <code class="PARAMETER">pos</code> is greater than 
+<td align="LEFT" valign="TOP"><a name="AEN6363"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the known error code or 0 if <code class="PARAMETER">pos</code> is greater than
 total number of known error codes.</p></td>
 </tr>
 </tbody></table>
@@ -671,29 +682,27 @@ total number of known error codes.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECERRORSGETMSG"></a><h3>xmlSecErrorsGetMsg ()</h3>
-<pre class="PROGRAMLISTING">const <font>char</font>*         xmlSecErrorsGetMsg                  (<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="CHAR"><span class="RETURNVALUE">char</span></gtkdoclink> *        xmlSecErrorsGetMsg                  (<code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets the known error message at position <code class="PARAMETER">pos</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5125"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6382"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5130"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the known error message or NULL if <code class="PARAMETER">pos</code> is greater than 
+<td align="LEFT" valign="TOP"><a name="AEN6387"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the known error message or NULL if <code class="PARAMETER">pos</code> is greater than
 total number of known error codes.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-HERE--CAPS"></a><h3>XMLSEC_ERRORS_HERE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_HERE			__FILE__,__LINE__,__XMLSEC_FUNCTION__</pre>
-<p>The macro that specifies the location (file, line and function)
-for the <a href="xmlsec-errors.html#XMLSECERROR"><code class="FUNCTION">xmlSecError()</code></a> function.</p>
-<p></p>
+<a name="XMLSECERRORSINIT"></a><h3>xmlSecErrorsInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecErrorsInit                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Initializes the errors reporting. It is called from <a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function.
+and applications must not call this function directly.</p>
 </div>
 <hr>
 <div class="REFSECT2">
@@ -701,99 +710,29 @@ for the <a href="xmlsec-errors.html#XMLSECERROR"><code class="FUNCTION">xmlSecEr
 <pre class="PROGRAMLISTING">#define             xmlSecErrorsSafeString(str)</pre>
 <p>Macro. Returns <code class="PARAMETER">str</code> if it is not NULL or pointer to "NULL" otherwise.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5154"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the string.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6413"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ERRORS-NO-MESSAGE--CAPS"></a><h3>XMLSEC_ERRORS_NO_MESSAGE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ERRORS_NO_MESSAGE 		" "</pre>
-<p>Empty error message " ".</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECERROR"></a><h3>xmlSecError ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecError                         (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg,
-                                                         ...);</pre>
-<p>Reports an error to the default (<a href="xmlsec-errors.html#XMLSECERRORSDEFAULTCALLBACK"><span class="TYPE">xmlSecErrorsDefaultCallback</span></a>) or 
-application specific callback installed using <a href="xmlsec-errors.html#XMLSECERRORSSETCALLBACK"><span class="TYPE">xmlSecErrorsSetCallback</span></a> 
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5186"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the error location filename (__FILE__).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5191"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the error location line number (__LINE__).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5196"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the error location function (__FUNCTIION__).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5201"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5206"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject. </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5211"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the error code.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5216"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the error message in printf format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5221"><span style="white-space: nowrap"><code class="PARAMETER">...</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the parameters for the <code class="PARAMETER">msg</code>.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECASSERT"></a><h3>xmlSecAssert()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecAssert( p )</pre>
-<p>Macro. Verifies that <code class="PARAMETER">p</code> is true and calls <gtkdoclink href="RETURN"><code class="FUNCTION">return()</code></gtkdoclink> otherwise.</p>
-<p></p>
+<a name="XMLSECERRORSSETCALLBACK"></a><h3>xmlSecErrorsSetCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecErrorsSetCallback             (<code class="PARAMETER"><a href="xmlsec-errors.html#XMLSECERRORSCALLBACK"><span class="TYPE">xmlSecErrorsCallback</span></a> callback</code>);</pre>
+<p>Sets the errors callback function to <code class="PARAMETER">callback</code> that will be called
+every time an error occurs.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5238"><span style="white-space: nowrap"><code class="PARAMETER">p</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6431"><span style="white-space: nowrap"><code class="PARAMETER">callback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new errors callback function.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECASSERT2"></a><h3>xmlSecAssert2()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecAssert2( p, ret )</pre>
-<p>Macro. Verifies that <code class="PARAMETER">p</code> is true and calls return(<code class="PARAMETER">ret</code>) otherwise.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5253"><span style="white-space: nowrap"><code class="PARAMETER">p</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the expression.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5258"><span style="white-space: nowrap"><code class="PARAMETER">ret</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the return value.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECERRORSSHUTDOWN"></a><h3>xmlSecErrorsShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecErrorsShutdown                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Cleanups the errors reporting. It is called from <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function.
+and applications must not call this function directly.</p>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-examples-sign-dynamimc-template.html b/docs/api/xmlsec-examples-sign-dynamimc-template.html
index 51064dd5..2d47acdb 100644
--- a/docs/api/xmlsec-examples-sign-dynamimc-template.html
+++ b/docs/api/xmlsec-examples-sign-dynamimc-template.html
@@ -99,13 +99,13 @@
  * the whole document except the &lt;dsig:Signature/&gt; node itself.
  * 
  * Usage: 
- *	sign2 &lt;xml-doc&gt; &lt;pem-key&gt; 
+ *      sign2 &lt;xml-doc&gt; &lt;pem-key&gt; 
  *
  * Example:
- *	./sign2 sign2-doc.xml rsakey.pem &gt; sign2-res.xml
+ *      ./sign2 sign2-doc.xml rsakey.pem &gt; sign2-res.xml
  *
  * The result signature could be validated using verify1 example:
- *	./verify1 sign2-res.xml rsapub.pem
+ *      ./verify1 sign2-res.xml rsapub.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -122,6 +122,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -134,12 +135,16 @@ int sign_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -150,17 +155,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -170,27 +187,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -204,6 +221,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -213,8 +231,8 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @xml_file:		the XML file name.
- * @key_file:		the PEM private key file name.
+ * @xml_file:           the XML file name.
+ * @key_file:           the PEM private key file name.
  *
  * Signs the #xml_file using private key from #key_file and dynamicaly
  * created enveloped signature template.
@@ -236,16 +254,16 @@ sign_file(const char* xml_file, const char* key_file) {
     /* load doc file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create signature template for RSA-SHA1 enveloped signature */
     signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
-				         xmlSecTransformRsaSha1Id, NULL);
+                                         xmlSecTransformRsaSha1Id, NULL);
     if(signNode == NULL) {
-	fprintf(stderr, "Error: failed to create signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to create signature template\n");
+        goto done;              
     }
 
     /* add &lt;dsig:Signature/&gt; node to the doc */
@@ -253,54 +271,54 @@ sign_file(const char* xml_file, const char* key_file) {
     
     /* add reference */
     refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
-					NULL, NULL, NULL);
+                                        NULL, NULL, NULL);
     if(refNode == NULL) {
-	fprintf(stderr, "Error: failed to add reference to signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add reference to signature template\n");
+        goto done;              
     }
 
     /* add enveloped transform */
     if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
-	fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
+        goto done;              
     }
     
     /* add &lt;dsig:KeyInfo/&gt; and &lt;dsig:KeyName/&gt; nodes to put key name in the signed document */
     keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx-&gt;signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx-&gt;signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx-&gt;signKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, signNode) &lt; 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -312,11 +330,11 @@ sign_file(const char* xml_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-examples-sign-template-file.html b/docs/api/xmlsec-examples-sign-template-file.html
index 48b06e80..a6cf34e6 100644
--- a/docs/api/xmlsec-examples-sign-template-file.html
+++ b/docs/api/xmlsec-examples-sign-template-file.html
@@ -97,13 +97,13 @@
  * Signs a template file using a key from PEM file
  * 
  * Usage: 
- *	./sign1 &lt;xml-tmpl&gt; &lt;pem-key&gt; 
+ *      ./sign1 &lt;xml-tmpl&gt; &lt;pem-key&gt; 
  *
  * Example:
- *	./sign1 sign1-tmpl.xml rsakey.pem &gt; sign1-res.xml
+ *      ./sign1 sign1-tmpl.xml rsakey.pem &gt; sign1-res.xml
  *
  * The result signature could be validated using verify1 example:
- *	./verify1 sign1-res.xml rsapub.pem
+ *      ./verify1 sign1-res.xml rsapub.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -120,6 +120,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -131,12 +132,16 @@ int sign_file(const char* tmpl_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;tmpl-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;tmpl-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -147,17 +152,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -167,27 +184,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -201,7 +218,8 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
-    xsltCleanupGlobals();            
+    xsltFreeSecurityPrefs(xsltSecPrefs);
+    xsltCleanupGlobals();
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
     
@@ -210,8 +228,8 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @tmpl_file:		the signature template file name.
- * @key_file:		the PEM private key file name.
+ * @tmpl_file:          the signature template file name.
+ * @key_file:           the PEM private key file name.
  *
  * Signs the #tmpl_file using private key from #key_file.
  *
@@ -230,41 +248,41 @@ sign_file(const char* tmpl_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(tmpl_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
+        goto done;      
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx-&gt;signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx-&gt;signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx-&gt;signKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, node) &lt; 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -276,11 +294,11 @@ sign_file(const char* tmpl_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-examples-sign-x509.html b/docs/api/xmlsec-examples-sign-x509.html
index c40a1829..796c5f67 100644
--- a/docs/api/xmlsec-examples-sign-x509.html
+++ b/docs/api/xmlsec-examples-sign-x509.html
@@ -103,13 +103,13 @@
  * certificates management policies for another crypto library may break it.
  * 
  * Usage: 
- *	sign3 &lt;xml-doc&gt; &lt;pem-key&gt; 
+ *      sign3 &lt;xml-doc&gt; &lt;pem-key&gt; 
  *
  * Example:
- *	./sign3 sign3-doc.xml rsakey.pem rsacert.pem &gt; sign3-res.xml
+ *      ./sign3 sign3-doc.xml rsakey.pem rsacert.pem &gt; sign3-res.xml
  *
  * The result signature could be validated using verify3 example:
- *	./verify3 sign3-res.xml rootcert.pem
+ *      ./verify3 sign3-res.xml rootcert.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -126,6 +126,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -138,12 +139,16 @@ int sign_file(const char* xml_file, const char* key_file, const char* cert_file)
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 4) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt; &lt;cert-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt; &lt;cert-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -154,17 +159,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -174,27 +191,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2], argv[3]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -208,6 +225,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -217,9 +235,9 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @xml_file:		the XML file name.
- * @key_file:		the PEM private key file name.
- * @cert_file:		the x509 certificate PEM file.
+ * @xml_file:           the XML file name.
+ * @key_file:           the PEM private key file name.
+ * @cert_file:          the x509 certificate PEM file.
  *
  * Signs the @xml_file using private key from @key_file and dynamicaly
  * created enveloped signature template. The certificate from @cert_file
@@ -243,16 +261,16 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
     /* load doc file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create signature template for RSA-SHA1 enveloped signature */
     signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
-				         xmlSecTransformRsaSha1Id, NULL);
+                                         xmlSecTransformRsaSha1Id, NULL);
     if(signNode == NULL) {
-	fprintf(stderr, "Error: failed to create signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to create signature template\n");
+        goto done;              
     }
 
     /* add &lt;dsig:Signature/&gt; node to the doc */
@@ -260,60 +278,60 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
     
     /* add reference */
     refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
-					NULL, NULL, NULL);
+                                        NULL, NULL, NULL);
     if(refNode == NULL) {
-	fprintf(stderr, "Error: failed to add reference to signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add reference to signature template\n");
+        goto done;              
     }
 
     /* add enveloped transform */
     if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
-	fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
+        goto done;              
     }
     
     /* add &lt;dsig:KeyInfo/&gt; and &lt;dsig:X509Data/&gt; */
     keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
     
     if(xmlSecTmplKeyInfoAddX509Data(keyInfoNode) == NULL) {
-	fprintf(stderr, "Error: failed to add X509Data node\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add X509Data node\n");
+        goto done;              
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx-&gt;signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx-&gt;signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
     
     /* load certificate and add to the key */
     if(xmlSecCryptoAppKeyCertLoad(dsigCtx-&gt;signKey, cert_file, xmlSecKeyDataFormatPem) &lt; 0) {
         fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", cert_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx-&gt;signKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, signNode) &lt; 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -325,11 +343,11 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
</pre>
diff --git a/docs/api/xmlsec-gcrypt-app.html b/docs/api/xmlsec-gcrypt-app.html
new file mode 100644
index 00000000..49f5e9c1
--- /dev/null
+++ b/docs/api/xmlsec-gcrypt-app.html
@@ -0,0 +1,578 @@
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>app</title>
+<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
+<link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
+<link rel="UP" title="XML Security Library for GCrypt API Reference." href="xmlsec-gcrypt-ref.html">
+<link rel="PREVIOUS" title="XML Security Library for GCrypt API Reference." href="xmlsec-gcrypt-ref.html">
+<link rel="NEXT" title="crypto" href="xmlsec-gcrypt-crypto.html">
+<style type="text/css">.synopsis, .classsynopsis {
+    background: #eeeeee;
+    border: solid 1px #aaaaaa;
+    padding: 0.5em;
+}
+.programlisting {
+    background: #eeeeff;
+    border: solid 1px #aaaaff;
+    padding: 0.5em;
+}
+.variablelist {
+    padding: 4px;
+    margin-left: 3em;
+}
+.navigation {
+    background: #ffeeee;
+    border: solid 1px #ffaaaa;
+    margin-top: 0.5em;
+    margin-bottom: 0.5em;
+}
+.navigation a {
+    color: #770000;
+}
+.navigation a:visited {
+    color: #550000;
+}
+.navigation .title {
+    font-size: 200%;
+}</style>
+</head>
+<body><table witdh="100%" valign="top"><tr valign="top">
+<td valign="top" align="left" width="210">
+<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
+<ul>
+<li><a href="../index.html">Home</a></li>
+<li><a href="../download.html">Download</a></li>
+<li><a href="../news.html">News</a></li>
+<li><a href="../documentation.html">Documentation</a></li>
+<ul>
+<li><a href="../faq.html">FAQ</a></li>
+<li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
+<li><a href="../api/xmlsec-reference.html">API reference</a></li>
+<li><a href="../api/xmlsec-examples.html">Examples</a></li>
+</ul>
+<li><a href="../xmldsig.html">XML Digital Signature</a></li>
+<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
+<li><a href="../xmlenc.html">XML Encryption</a></li>
+<li><a href="../c14n.html">XML Canonicalization</a></li>
+<li><a href="../bugs.html">Reporting Bugs</a></li>
+<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="../related.html">Related</a></li>
+<li><a href="../authors.html">Authors</a></li>
+</ul>
+<table width="100%">
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
+</tr>
+<!--Links - start--><!--Links - end-->
+</table>
+</td>
+<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
+<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td><a accesskey="p" href="xmlsec-gcrypt-ref.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
+<td><a accesskey="u" href="xmlsec-gcrypt-ref.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
+<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
+<th width="100%" align="center">XML Security Library Reference Manual</th>
+<td><a accesskey="n" href="xmlsec-gcrypt-crypto.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
+</tr></table>
+<h1>
+<a name="XMLSEC-GCRYPT-APP"></a>app</h1>
+<div class="REFNAMEDIV">
+<a name="AEN32738"></a><h2>Name</h2>app -- Application functions implementation for GnuTLS.</div>
+<div class="REFSYNOPSISDIV">
+<a name="XMLSEC-GCRYPT-APP.SYNOPSIS"></a><h2>Synopsis</h2>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecGCryptAppDefaultKeysMngrAdoptKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRINIT">xmlSecGCryptAppDefaultKeysMngrInit</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRLOAD">xmlSecGCryptAppDefaultKeysMngrLoad</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRSAVE">xmlSecGCryptAppDefaultKeysMngrSave</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPGETDEFAULTPWDCALLBACK">xmlSecGCryptAppGetDefaultPwdCallback</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPINIT">xmlSecGCryptAppInit</a>                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYCERTLOAD">xmlSecGCryptAppKeyCertLoad</a>          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYCERTLOADMEMORY">xmlSecGCryptAppKeyCertLoadMemory</a>    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYLOAD">xmlSecGCryptAppKeyLoad</a>              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYLOADMEMORY">xmlSecGCryptAppKeyLoadMemory</a>        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYSMNGRCERTLOAD">xmlSecGCryptAppKeysMngrCertLoad</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYSMNGRCERTLOADMEMORY">xmlSecGCryptAppKeysMngrCertLoadMemory</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPPKCS12LOAD">xmlSecGCryptAppPkcs12Load</a>           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPPKCS12LOADMEMORY">xmlSecGCryptAppPkcs12LoadMemory</a>     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPSHUTDOWN">xmlSecGCryptAppShutdown</a>             (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+</div>
+<div class="REFSECT1">
+<a name="XMLSEC-GCRYPT-APP.DESCRIPTION"></a><h2>Description</h2>
+<p>Application functions implementation for GCrypt.</p>
+</div>
+<div class="REFSECT1">
+<a name="XMLSEC-GCRYPT-APP.DETAILS"></a><h2>Details</h2>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecGCryptAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppDefaultKeysMngrAdoptKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGCryptAppDefaultKeysMngrInit</span></a>
+function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32952"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32957"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32962"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecGCryptAppDefaultKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppDefaultKeysMngrInit  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
+and a default GCrypt crypto key data stores.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32982"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32987"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecGCryptAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppDefaultKeysMngrLoad  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGCryptAppDefaultKeysMngrInit</span></a> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33011"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33016"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33021"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecGCryptAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppDefaultKeysMngrSave  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33045"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33050"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33055"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33060"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecGCryptAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecGCryptAppGetDefaultPwdCallback
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33076"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPINIT"></a><h3>xmlSecGCryptAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppInit                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33094"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to GCrypt configuration (unused).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33099"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYCERTLOAD"></a><h3>xmlSecGCryptAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppKeyCertLoad          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key
+(not implemented yet).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33123"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33128"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33133"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33138"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYCERTLOADMEMORY"></a><h3>xmlSecGCryptAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppKeyCertLoadMemory    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from memory buffer and adds it to key (not implemented yet).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33164"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33169"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33174"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33179"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33184"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYLOAD"></a><h3>xmlSecGCryptAppKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGCryptAppKeyLoad              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the a file.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33213"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33218"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33223"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33228"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33233"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33238"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYLOADMEMORY"></a><h3>xmlSecGCryptAppKeyLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGCryptAppKeyLoadMemory        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the memory buffer.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33270"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33275"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of binary key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33280"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33285"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33290"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33295"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33300"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecGCryptAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppKeysMngrCertLoad     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33328"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33333"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33338"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33343"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33349"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecGCryptAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppKeysMngrCertLoadMemory
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33380"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33385"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33390"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33395"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33400"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate trusted or not.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33405"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPPKCS12LOAD"></a><h3>xmlSecGCryptAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGCryptAppPkcs12Load           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file
+(not implemented yet).
+For uniformity, call xmlSecGCryptAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33431"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33436"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33441"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33446"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33451"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPPKCS12LOADMEMORY"></a><h3>xmlSecGCryptAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGCryptAppPkcs12LoadMemory     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
+For uniformity, call xmlSecGCryptAppKeyLoadMemory instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12 (not implemented yet).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33480"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33485"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33490"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33495"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33500"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33505"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTAPPSHUTDOWN"></a><h3>xmlSecGCryptAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptAppShutdown             (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33522"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+</div>
+<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td align="left"><a accesskey="p" href="xmlsec-gcrypt-ref.html"><b>&lt;&lt;&lt; XML Security Library for GCrypt API Reference.</b></a></td>
+<td align="right"><a accesskey="n" href="xmlsec-gcrypt-crypto.html"><b>crypto &gt;&gt;&gt;</b></a></td>
+</tr></table>
+</td></tr></table></td>
+</tr></table></body>
+</html>
diff --git a/docs/api/xmlsec-gcrypt-crypto.html b/docs/api/xmlsec-gcrypt-crypto.html
new file mode 100644
index 00000000..b64dccc9
--- /dev/null
+++ b/docs/api/xmlsec-gcrypt-crypto.html
@@ -0,0 +1,1128 @@
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>crypto</title>
+<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
+<link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
+<link rel="UP" title="XML Security Library for GCrypt API Reference." href="xmlsec-gcrypt-ref.html">
+<link rel="PREVIOUS" title="app" href="xmlsec-gcrypt-app.html">
+<link rel="NEXT" title="XML Security Library for NSS API Reference." href="xmlsec-nss-ref.html">
+<style type="text/css">.synopsis, .classsynopsis {
+    background: #eeeeee;
+    border: solid 1px #aaaaaa;
+    padding: 0.5em;
+}
+.programlisting {
+    background: #eeeeff;
+    border: solid 1px #aaaaff;
+    padding: 0.5em;
+}
+.variablelist {
+    padding: 4px;
+    margin-left: 3em;
+}
+.navigation {
+    background: #ffeeee;
+    border: solid 1px #ffaaaa;
+    margin-top: 0.5em;
+    margin-bottom: 0.5em;
+}
+.navigation a {
+    color: #770000;
+}
+.navigation a:visited {
+    color: #550000;
+}
+.navigation .title {
+    font-size: 200%;
+}</style>
+</head>
+<body><table witdh="100%" valign="top"><tr valign="top">
+<td valign="top" align="left" width="210">
+<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
+<ul>
+<li><a href="../index.html">Home</a></li>
+<li><a href="../download.html">Download</a></li>
+<li><a href="../news.html">News</a></li>
+<li><a href="../documentation.html">Documentation</a></li>
+<ul>
+<li><a href="../faq.html">FAQ</a></li>
+<li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
+<li><a href="../api/xmlsec-reference.html">API reference</a></li>
+<li><a href="../api/xmlsec-examples.html">Examples</a></li>
+</ul>
+<li><a href="../xmldsig.html">XML Digital Signature</a></li>
+<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
+<li><a href="../xmlenc.html">XML Encryption</a></li>
+<li><a href="../c14n.html">XML Canonicalization</a></li>
+<li><a href="../bugs.html">Reporting Bugs</a></li>
+<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="../related.html">Related</a></li>
+<li><a href="../authors.html">Authors</a></li>
+</ul>
+<table width="100%">
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
+</tr>
+<!--Links - start--><!--Links - end-->
+</table>
+</td>
+<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
+<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td><a accesskey="p" href="xmlsec-gcrypt-app.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
+<td><a accesskey="u" href="xmlsec-gcrypt-ref.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
+<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
+<th width="100%" align="center">XML Security Library Reference Manual</th>
+<td><a accesskey="n" href="xmlsec-nss-ref.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
+</tr></table>
+<h1>
+<a name="XMLSEC-GCRYPT-CRYPTO"></a>crypto</h1>
+<div class="REFNAMEDIV">
+<a name="AEN33532"></a><h2>Name</h2>crypto -- Crypto transforms implementation for GCrypt.</div>
+<div class="REFSYNOPSISDIV">
+<a name="XMLSEC-GCRYPT-CRYPTO.SYNOPSIS"></a><h2>Synopsis</h2>
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECCRYPTOGETFUNCTIONS-GCRYPT">xmlSecCryptoGetFunctions_gcrypt</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTGENERATERANDOM">xmlSecGCryptGenerateRandom</a>          (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTHMACGETMINOUTPUTLENGTH">xmlSecGCryptHmacGetMinOutputLength</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTHMACSETMINOUTPUTLENGTH">xmlSecGCryptHmacSetMinOutputLength</a>  (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTINIT">xmlSecGCryptInit</a>                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESGETKLASS">xmlSecGCryptKeyDataAesGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESID">xmlSecGCryptKeyDataAesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESSET">xmlSecGCryptKeyDataAesSet</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESGETKLASS">xmlSecGCryptKeyDataDesGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESID">xmlSecGCryptKeyDataDesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESSET">xmlSecGCryptKeyDataDesSet</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAADOPTKEY">xmlSecGCryptKeyDataDsaAdoptKey</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> dsa_key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAADOPTKEYPAIR">xmlSecGCryptKeyDataDsaAdoptKeyPair</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> pub_key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> priv_key</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETKLASS">xmlSecGCryptKeyDataDsaGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETPRIVATEKEY">xmlSecGCryptKeyDataDsaGetPrivateKey</a> (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETPUBLICKEY">xmlSecGCryptKeyDataDsaGetPublicKey</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAID">xmlSecGCryptKeyDataDsaId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACGETKLASS">xmlSecGCryptKeyDataHmacGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACID">xmlSecGCryptKeyDataHmacId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACSET">xmlSecGCryptKeyDataHmacSet</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAADOPTKEY">xmlSecGCryptKeyDataRsaAdoptKey</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> rsa_key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAADOPTKEYPAIR">xmlSecGCryptKeyDataRsaAdoptKeyPair</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> pub_key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> priv_key</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETKLASS">xmlSecGCryptKeyDataRsaGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETPRIVATEKEY">xmlSecGCryptKeyDataRsaGetPrivateKey</a> (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETPUBLICKEY">xmlSecGCryptKeyDataRsaGetPublicKey</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAID">xmlSecGCryptKeyDataRsaId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYSMNGRINIT">xmlSecGCryptKeysMngrInit</a>            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTSHUTDOWN">xmlSecGCryptShutdown</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES128CBCGETKLASS">xmlSecGCryptTransformAes128CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES128CBCID">xmlSecGCryptTransformAes128CbcId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES192CBCGETKLASS">xmlSecGCryptTransformAes192CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES192CBCID">xmlSecGCryptTransformAes192CbcId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES256CBCGETKLASS">xmlSecGCryptTransformAes256CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES256CBCID">xmlSecGCryptTransformAes256CbcId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDES3CBCGETKLASS">xmlSecGCryptTransformDes3CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDES3CBCID">xmlSecGCryptTransformDes3CbcId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDSASHA1GETKLASS">xmlSecGCryptTransformDsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDSASHA1ID">xmlSecGCryptTransformDsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACMD5GETKLASS">xmlSecGCryptTransformHmacMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACMD5ID">xmlSecGCryptTransformHmacMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACRIPEMD160GETKLASS">xmlSecGCryptTransformHmacRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACRIPEMD160ID">xmlSecGCryptTransformHmacRipemd160Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA1GETKLASS">xmlSecGCryptTransformHmacSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA1ID">xmlSecGCryptTransformHmacSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA256GETKLASS">xmlSecGCryptTransformHmacSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA256ID">xmlSecGCryptTransformHmacSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA384GETKLASS">xmlSecGCryptTransformHmacSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA384ID">xmlSecGCryptTransformHmacSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA512GETKLASS">xmlSecGCryptTransformHmacSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA512ID">xmlSecGCryptTransformHmacSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES128GETKLASS">xmlSecGCryptTransformKWAes128GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES128ID">xmlSecGCryptTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES192GETKLASS">xmlSecGCryptTransformKWAes192GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES192ID">xmlSecGCryptTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES256GETKLASS">xmlSecGCryptTransformKWAes256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES256ID">xmlSecGCryptTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWDES3GETKLASS">xmlSecGCryptTransformKWDes3GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWDES3ID">xmlSecGCryptTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMMD5GETKLASS">xmlSecGCryptTransformMd5GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMMD5ID">xmlSecGCryptTransformMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRIPEMD160GETKLASS">xmlSecGCryptTransformRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRIPEMD160ID">xmlSecGCryptTransformRipemd160Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSAMD5GETKLASS">xmlSecGCryptTransformRsaMd5GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSAMD5ID">xmlSecGCryptTransformRsaMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSARIPEMD160GETKLASS">xmlSecGCryptTransformRsaRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSARIPEMD160ID">xmlSecGCryptTransformRsaRipemd160Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA1GETKLASS">xmlSecGCryptTransformRsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA1ID">xmlSecGCryptTransformRsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA256GETKLASS">xmlSecGCryptTransformRsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA256ID">xmlSecGCryptTransformRsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA384GETKLASS">xmlSecGCryptTransformRsaSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA384ID">xmlSecGCryptTransformRsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA512GETKLASS">xmlSecGCryptTransformRsaSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA512ID">xmlSecGCryptTransformRsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA1GETKLASS">xmlSecGCryptTransformSha1GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA1ID">xmlSecGCryptTransformSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA256GETKLASS">xmlSecGCryptTransformSha256GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA256ID">xmlSecGCryptTransformSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA384GETKLASS">xmlSecGCryptTransformSha384GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA384ID">xmlSecGCryptTransformSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA512GETKLASS">xmlSecGCryptTransformSha512GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA512ID">xmlSecGCryptTransformSha512Id</a></pre>
+</div>
+<div class="REFSECT1">
+<a name="XMLSEC-GCRYPT-CRYPTO.DESCRIPTION"></a><h2>Description</h2>
+<p>Crypto transforms implementation for GCrypt.</p>
+</div>
+<div class="REFSECT1">
+<a name="XMLSEC-GCRYPT-CRYPTO.DETAILS"></a><h2>Details</h2>
+<div class="REFSECT2">
+<a name="XMLSECCRYPTOGETFUNCTIONS-GCRYPT"></a><h3>xmlSecCryptoGetFunctions_gcrypt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoGetFunctions_gcrypt
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the pointer to xmlsec-gcrypt functions table.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33889"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the xmlsec-gcrypt functions table or NULL if an error occurs.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTGENERATERANDOM"></a><h3>xmlSecGCryptGenerateRandom ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptGenerateRandom          (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33911"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33916"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the numer of bytes to generate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN33921"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecGCryptHmacGetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptHmacGetMinOutputLength  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the value of min HMAC length.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33937"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the min HMAC output length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecGCryptHmacSetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecGCryptHmacSetMinOutputLength  (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);</pre>
+<p>Sets the min HMAC output length</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33954"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new min length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTINIT"></a><h3>xmlSecGCryptInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptInit                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine initialization.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33970"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAAESGETKLASS"></a><h3>xmlSecGCryptKeyDataAesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGCryptKeyDataAesGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN33986"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAAESID"></a><h3>xmlSecGCryptKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptKeyDataAesId</pre>
+<p>The AES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAAESSET"></a><h3>xmlSecGCryptKeyDataAesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataAesSet           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of AES key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34015"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to AES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34020"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34025"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34030"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADESGETKLASS"></a><h3>xmlSecGCryptKeyDataDesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGCryptKeyDataDesGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DES key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34046"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADESID"></a><h3>xmlSecGCryptKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptKeyDataDesId</pre>
+<p>The DES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADESSET"></a><h3>xmlSecGCryptKeyDataDesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataDesSet           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of DES key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34075"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34080"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34085"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34090"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAADOPTKEY"></a><h3>xmlSecGCryptKeyDataDsaAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataDsaAdoptKey      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> dsa_key</code>);</pre>
+<p>Sets the value of DSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34110"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34115"><span style="white-space: nowrap"><code class="PARAMETER">dsa_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt DSA key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34120"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAADOPTKEYPAIR"></a><h3>xmlSecGCryptKeyDataDsaAdoptKeyPair ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataDsaAdoptKeyPair  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> pub_key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> priv_key</code>);</pre>
+<p>Sets the value of DSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34143"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34148"><span style="white-space: nowrap"><code class="PARAMETER">pub_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt DSA pub key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34153"><span style="white-space: nowrap"><code class="PARAMETER">priv_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt DSA priv key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAGETKLASS"></a><h3>xmlSecGCryptKeyDataDsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGCryptKeyDataDsaGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34174"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to DSA key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAGETPRIVATEKEY"></a><h3>xmlSecGCryptKeyDataDsaGetPrivateKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink>         xmlSecGCryptKeyDataDsaGetPrivateKey (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the GCrypt DSA private key from DSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34191"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34196"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GCrypt private DSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAGETPUBLICKEY"></a><h3>xmlSecGCryptKeyDataDsaGetPublicKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink>         xmlSecGCryptKeyDataDsaGetPublicKey  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the GCrypt DSA public key from DSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34213"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34218"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GCrypt public DSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATADSAID"></a><h3>xmlSecGCryptKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptKeyDataDsaId</pre>
+<p>The DSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAHMACGETKLASS"></a><h3>xmlSecGCryptKeyDataHmacGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGCryptKeyDataHmacGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34240"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAHMACID"></a><h3>xmlSecGCryptKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptKeyDataHmacId</pre>
+<p>The HMAC key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATAHMACSET"></a><h3>xmlSecGCryptKeyDataHmacSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataHmacSet          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of HMAC key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34269"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to HMAC key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34274"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34279"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34284"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAADOPTKEY"></a><h3>xmlSecGCryptKeyDataRsaAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataRsaAdoptKey      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> rsa_key</code>);</pre>
+<p>Sets the value of RSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34304"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34309"><span style="white-space: nowrap"><code class="PARAMETER">rsa_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt RSA key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34314"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAADOPTKEYPAIR"></a><h3>xmlSecGCryptKeyDataRsaAdoptKeyPair ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeyDataRsaAdoptKeyPair  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> pub_key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GCRY-SEXP-T"><span class="TYPE">gcry_sexp_t</span></gtkdoclink> priv_key</code>);</pre>
+<p>Sets the value of RSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34337"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34342"><span style="white-space: nowrap"><code class="PARAMETER">pub_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt RSA pub key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34347"><span style="white-space: nowrap"><code class="PARAMETER">priv_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GCrypt RSA priv key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34352"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAGETKLASS"></a><h3>xmlSecGCryptKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGCryptKeyDataRsaGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GCrypt RSA key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34368"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GCrypt RSA key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAGETPRIVATEKEY"></a><h3>xmlSecGCryptKeyDataRsaGetPrivateKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink>         xmlSecGCryptKeyDataRsaGetPrivateKey (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the GCrypt RSA private key from RSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34385"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34390"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GCrypt private RSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAGETPUBLICKEY"></a><h3>xmlSecGCryptKeyDataRsaGetPublicKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="GCRY-SEXP-T"><span class="RETURNVALUE">gcry_sexp_t</span></gtkdoclink>         xmlSecGCryptKeyDataRsaGetPublicKey  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the GCrypt RSA public key from RSA key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34407"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34412"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GCrypt public RSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYDATARSAID"></a><h3>xmlSecGCryptKeyDataRsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptKeyDataRsaId</pre>
+<p>The RSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTKEYSMNGRINIT"></a><h3>xmlSecGCryptKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptKeysMngrInit            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Adds GCrypt specific key data stores in keys manager.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34435"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN34440"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTSHUTDOWN"></a><h3>xmlSecGCryptShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGCryptShutdown                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34456"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecGCryptTransformAes128CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformAes128CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 128 CBC encryption transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34472"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES128CBCID"></a><h3>xmlSecGCryptTransformAes128CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformAes128CbcId</pre>
+<p>The AES128 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecGCryptTransformAes192CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformAes192CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 192 CBC encryption transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34494"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES192CBCID"></a><h3>xmlSecGCryptTransformAes192CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformAes192CbcId</pre>
+<p>The AES192 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecGCryptTransformAes256CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformAes256CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 256 CBC encryption transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34516"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMAES256CBCID"></a><h3>xmlSecGCryptTransformAes256CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformAes256CbcId</pre>
+<p>The AES256 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecGCryptTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformDes3CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34538"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMDES3CBCID"></a><h3>xmlSecGCryptTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformDes3CbcId</pre>
+<p>The DES3 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecGCryptTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformDsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34560"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMDSASHA1ID"></a><h3>xmlSecGCryptTransformDsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformDsaSha1Id</pre>
+<p>The DSA SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecGCryptTransformHmacMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-MD5 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34582"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACMD5ID"></a><h3>xmlSecGCryptTransformHmacMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacMd5Id</pre>
+<p>The HMAC with MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecGCryptTransformHmacRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-RIPEMD160 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34604"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-RIPEMD160 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecGCryptTransformHmacRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacRipemd160Id</pre>
+<p>The HMAC with RipeMD160 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecGCryptTransformHmacSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA1 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34626"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA1ID"></a><h3>xmlSecGCryptTransformHmacSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacSha1Id</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecGCryptTransformHmacSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA256 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34648"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA256ID"></a><h3>xmlSecGCryptTransformHmacSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecGCryptTransformHmacSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA384 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34670"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA384ID"></a><h3>xmlSecGCryptTransformHmacSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecGCryptTransformHmacSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformHmacSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA512 transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34692"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMHMACSHA512ID"></a><h3>xmlSecGCryptTransformHmacSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformHmacSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecGCryptTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformKWAes128GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 kew wrapper transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34714"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES128ID"></a><h3>xmlSecGCryptTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformKWAes128Id</pre>
+<p>The AES 128 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecGCryptTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformKWAes192GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 kew wrapper transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34736"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES192ID"></a><h3>xmlSecGCryptTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformKWAes192Id</pre>
+<p>The AES 192 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecGCryptTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformKWAes256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 kew wrapper transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34758"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWAES256ID"></a><h3>xmlSecGCryptTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformKWAes256Id</pre>
+<p>The AES 256 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecGCryptTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformKWDes3GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34780"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMKWDES3ID"></a><h3>xmlSecGCryptTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformKWDes3Id</pre>
+<p>The DES3 KW transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMMD5GETKLASS"></a><h3>xmlSecGCryptTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformMd5GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>MD5 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34802"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MD5 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMMD5ID"></a><h3>xmlSecGCryptTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformMd5Id</pre>
+<p>The MD5 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecGCryptTransformRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>RIPEMD160 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34824"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to RIPEMD160 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRIPEMD160ID"></a><h3>xmlSecGCryptTransformRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRipemd160Id</pre>
+<p>The RIPEMD160 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecGCryptTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaMd5GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34846"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSAMD5ID"></a><h3>xmlSecGCryptTransformRsaMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaMd5Id</pre>
+<p>The RSA-MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSARIPEMD160GETKLASS"></a><h3>xmlSecGCryptTransformRsaRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34868"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-RIPEMD160 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecGCryptTransformRsaRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaRipemd160Id</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecGCryptTransformRsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34890"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA1ID"></a><h3>xmlSecGCryptTransformRsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaSha1Id</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecGCryptTransformRsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34912"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA256ID"></a><h3>xmlSecGCryptTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaSha256Id</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecGCryptTransformRsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34934"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA384ID"></a><h3>xmlSecGCryptTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaSha384Id</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecGCryptTransformRsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformRsaSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34956"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMRSASHA512ID"></a><h3>xmlSecGCryptTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformRsaSha512Id</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA1GETKLASS"></a><h3>xmlSecGCryptTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformSha1GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN34978"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA1ID"></a><h3>xmlSecGCryptTransformSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformSha1Id</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA256GETKLASS"></a><h3>xmlSecGCryptTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformSha256GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA256 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN35000"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA256 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA256ID"></a><h3>xmlSecGCryptTransformSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA384GETKLASS"></a><h3>xmlSecGCryptTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformSha384GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA384 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN35022"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA384 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA384ID"></a><h3>xmlSecGCryptTransformSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA512GETKLASS"></a><h3>xmlSecGCryptTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGCryptTransformSha512GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA512 digest transform klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN35044"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA512 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGCRYPTTRANSFORMSHA512ID"></a><h3>xmlSecGCryptTransformSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGCryptTransformSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
+</div>
+</div>
+<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td align="left"><a accesskey="p" href="xmlsec-gcrypt-app.html"><b>&lt;&lt;&lt; app</b></a></td>
+<td align="right"><a accesskey="n" href="xmlsec-nss-ref.html"><b>XML Security Library for NSS API Reference. &gt;&gt;&gt;</b></a></td>
+</tr></table>
+</td></tr></table></td>
+</tr></table></body>
+</html>
diff --git a/docs/api/xmlsec-gcrypt-ref.html b/docs/api/xmlsec-gcrypt-ref.html
new file mode 100644
index 00000000..592f12aa
--- /dev/null
+++ b/docs/api/xmlsec-gcrypt-ref.html
@@ -0,0 +1,107 @@
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>XML Security Library for GCrypt API Reference.</title>
+<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
+<link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
+<link rel="UP" title="XML Security Library API Reference." href="xmlsec-reference.html">
+<link rel="PREVIOUS" title="crypto" href="xmlsec-gnutls-crypto.html">
+<link rel="NEXT" title="app" href="xmlsec-gcrypt-app.html">
+<style type="text/css">.synopsis, .classsynopsis {
+    background: #eeeeee;
+    border: solid 1px #aaaaaa;
+    padding: 0.5em;
+}
+.programlisting {
+    background: #eeeeff;
+    border: solid 1px #aaaaff;
+    padding: 0.5em;
+}
+.variablelist {
+    padding: 4px;
+    margin-left: 3em;
+}
+.navigation {
+    background: #ffeeee;
+    border: solid 1px #ffaaaa;
+    margin-top: 0.5em;
+    margin-bottom: 0.5em;
+}
+.navigation a {
+    color: #770000;
+}
+.navigation a:visited {
+    color: #550000;
+}
+.navigation .title {
+    font-size: 200%;
+}</style>
+</head>
+<body><table witdh="100%" valign="top"><tr valign="top">
+<td valign="top" align="left" width="210">
+<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
+<ul>
+<li><a href="../index.html">Home</a></li>
+<li><a href="../download.html">Download</a></li>
+<li><a href="../news.html">News</a></li>
+<li><a href="../documentation.html">Documentation</a></li>
+<ul>
+<li><a href="../faq.html">FAQ</a></li>
+<li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
+<li><a href="../api/xmlsec-reference.html">API reference</a></li>
+<li><a href="../api/xmlsec-examples.html">Examples</a></li>
+</ul>
+<li><a href="../xmldsig.html">XML Digital Signature</a></li>
+<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
+<li><a href="../xmlenc.html">XML Encryption</a></li>
+<li><a href="../c14n.html">XML Canonicalization</a></li>
+<li><a href="../bugs.html">Reporting Bugs</a></li>
+<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
+<li><a href="../related.html">Related</a></li>
+<li><a href="../authors.html">Authors</a></li>
+</ul>
+<table width="100%">
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
+</tr>
+<tr>
+<td width="15"></td>
+<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
+</tr>
+<!--Links - start--><!--Links - end-->
+</table>
+</td>
+<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
+<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td><a accesskey="p" href="xmlsec-gnutls-crypto.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
+<td><a accesskey="u" href="xmlsec-reference.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
+<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
+<th width="100%" align="center">XML Security Library Reference Manual</th>
+<td><a accesskey="n" href="xmlsec-gcrypt-app.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
+</tr></table>
+<div class="CHAPTER">
+<h1>
+<a name="XMLSEC-GCRYPT-REF"></a>XML Security Library for GCrypt API Reference.</h1>
+<div class="TOC"><dl>
+<dt><b>Table of Contents</b></dt>
+<dt>
+<a href="xmlsec-gcrypt-app.html">app</a> -- Application functions implementation for GnuTLS.</dt>
+<dt>
+<a href="xmlsec-gcrypt-crypto.html">crypto</a> -- Crypto transforms implementation for GCrypt.</dt>
+</dl></div>
+<p>This section contains the API reference for xmlsec-gcrypt. All
+    the public interfaces are documented here. This reference guide is
+    build by extracting comments from the code sources. </p>
+</div>
+<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
+<td align="left"><a accesskey="p" href="xmlsec-gnutls-crypto.html"><b>&lt;&lt;&lt; crypto</b></a></td>
+<td align="right"><a accesskey="n" href="xmlsec-gcrypt-app.html"><b>app &gt;&gt;&gt;</b></a></td>
+</tr></table>
+</td></tr></table></td>
+</tr></table></body>
+</html>
diff --git a/docs/api/xmlsec-gcrypt.sgml b/docs/api/xmlsec-gcrypt.sgml
new file mode 100644
index 00000000..5c33c60d
--- /dev/null
+++ b/docs/api/xmlsec-gcrypt.sgml
@@ -0,0 +1,15 @@
+<!doctype book PUBLIC "-//DavenPort//DTD DocBook V3.0//EN" [
+<!ENTITY xmlsec-gcrypt-app SYSTEM "sgml/app.sgml">
+<!ENTITY xmlsec-gcrypt-crypto SYSTEM "sgml/crypto.sgml">
+]>
+<book id="index">
+  <bookinfo>
+    <title>[Insert name here] Reference Manual</title>
+  </bookinfo>
+
+  <chapter>
+    <title>[Insert title here]</title>
+    &xmlsec-gcrypt-app;
+    &xmlsec-gcrypt-crypto;
+  </chapter>
+</book>
diff --git a/docs/api/xmlsec-gnutls-app.html b/docs/api/xmlsec-gnutls-app.html
index fe1a348c..4213f378 100644
--- a/docs/api/xmlsec-gnutls-app.html
+++ b/docs/api/xmlsec-gnutls-app.html
@@ -87,59 +87,59 @@
 <h1>
 <a name="XMLSEC-GNUTLS-APP"></a>app</h1>
 <div class="REFNAMEDIV">
-<a name="AEN24300"></a><h2>Name</h2>app -- Application functions implementation for GnuTLS.</div>
+<a name="AEN30503"></a><h2>Name</h2>app -- Application functions implementation for GnuTLS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-GNUTLS-APP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPINIT">xmlSecGnuTLSAppInit</a>                 (const <font>char</font> *config);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPSHUTDOWN">xmlSecGnuTLSAppShutdown</a>             (void);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT">xmlSecGnuTLSAppDefaultKeysMngrInit</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecGnuTLSAppDefaultKeysMngrAdoptKey</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRLOAD">xmlSecGnuTLSAppDefaultKeysMngrLoad</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRSAVE">xmlSecGnuTLSAppDefaultKeysMngrSave</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYSMNGRCERTLOAD">xmlSecGnuTLSAppKeysMngrCertLoad</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYSMNGRCERTLOADMEMORY">xmlSecGnuTLSAppKeysMngrCertLoadMemory</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYLOAD">xmlSecGnuTLSAppKeyLoad</a>              (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYLOADMEMORY">xmlSecGnuTLSAppKeyLoadMemory</a>        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPPKCS12LOAD">xmlSecGnuTLSAppPkcs12Load</a>           (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPPKCS12LOADMEMORY">xmlSecGnuTLSAppPkcs12LoadMemory</a>     (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYCERTLOAD">xmlSecGnuTLSAppKeyCertLoad</a>          (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYCERTLOADMEMORY">xmlSecGnuTLSAppKeyCertLoadMemory</a>    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>void</font>*               <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPGETDEFAULTPWDCALLBACK">xmlSecGnuTLSAppGetDefaultPwdCallback</a>
-                                                        (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecGnuTLSAppDefaultKeysMngrAdoptKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT">xmlSecGnuTLSAppDefaultKeysMngrInit</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRLOAD">xmlSecGnuTLSAppDefaultKeysMngrLoad</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRSAVE">xmlSecGnuTLSAppDefaultKeysMngrSave</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPGETDEFAULTPWDCALLBACK">xmlSecGnuTLSAppGetDefaultPwdCallback</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPINIT">xmlSecGnuTLSAppInit</a>                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYCERTLOAD">xmlSecGnuTLSAppKeyCertLoad</a>          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYCERTLOADMEMORY">xmlSecGnuTLSAppKeyCertLoadMemory</a>    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYLOAD">xmlSecGnuTLSAppKeyLoad</a>              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYLOADMEMORY">xmlSecGnuTLSAppKeyLoadMemory</a>        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYSMNGRCERTLOAD">xmlSecGnuTLSAppKeysMngrCertLoad</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPKEYSMNGRCERTLOADMEMORY">xmlSecGnuTLSAppKeysMngrCertLoadMemory</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPPKCS12LOAD">xmlSecGnuTLSAppPkcs12Load</a>           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPPKCS12LOADMEMORY">xmlSecGnuTLSAppPkcs12LoadMemory</a>     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPSHUTDOWN">xmlSecGnuTLSAppShutdown</a>             (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-GNUTLS-APP.DESCRIPTION"></a><h2>Description</h2>
@@ -148,439 +148,422 @@
 <div class="REFSECT1">
 <a name="XMLSEC-GNUTLS-APP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPINIT"></a><h3>xmlSecGnuTLSAppInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppInit                 (const <font>char</font> *config);</pre>
-<p>General crypto engine initialization. This function is used
-by XMLSec command line utility and called before 
-<code class="PARAMETER">xmlSecInit</code> function.</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppDefaultKeysMngrAdoptKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGnuTLSAppDefaultKeysMngrInit</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24397"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the path to GnuTLS configuration (unused).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30717"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30722"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24402"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30727"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPSHUTDOWN"></a><h3>xmlSecGnuTLSAppShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppShutdown             (void);</pre>
-<p>General crypto engine shutdown. This function is used
-by XMLSec command line utility and called after 
-<code class="PARAMETER">xmlSecShutdown</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24417"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppDefaultKeysMngrInit  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppDefaultKeysMngrInit  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
 <p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
 and a default GnuTLS crypto key data stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24435"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30747"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24440"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30752"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppDefaultKeysMngrAdoptKey
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGnuTLSAppDefaultKeysMngrInit</span></a>
-function.</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppDefaultKeysMngrLoad  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGnuTLSAppDefaultKeysMngrInit</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24460"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30776"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24465"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30781"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24470"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30786"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppDefaultKeysMngrLoad  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);</pre>
-<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created 
-with <a href="xmlsec-gnutls-app.html#XMLSECGNUTLSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecGnuTLSAppDefaultKeysMngrInit</span></a> function.</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppDefaultKeysMngrSave  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24490"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30810"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30815"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24495"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30820"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24500"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30825"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecGnuTLSAppDefaultKeysMngrSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppDefaultKeysMngrSave  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
+<a name="XMLSECGNUTLSAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecGnuTLSAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecGnuTLSAppGetDefaultPwdCallback
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN30841"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSAPPINIT"></a><h3>xmlSecGnuTLSAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppInit                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24518"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24523"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24528"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the type of keys to save (public/private/symmetric).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30859"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to GnuTLS configuration (unused).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24533"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30864"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecGnuTLSAppKeysMngrCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppKeysMngrCertLoad     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPKEYCERTLOAD"></a><h3>xmlSecGnuTLSAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppKeyCertLoad          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24553"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24558"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate file.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30888"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24563"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30893"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24568"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
-   			trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30898"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecGnuTLSAppKeysMngrCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppKeysMngrCertLoadMemory
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPKEYCERTLOADMEMORY"></a><h3>xmlSecGnuTLSAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppKeyCertLoadMemory    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from memory buffer and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24595"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24600"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30929"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24605"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30934"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24610"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30939"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24615"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30944"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24620"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30949"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECGNUTLSAPPKEYLOAD"></a><h3>xmlSecGnuTLSAppKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecGnuTLSAppKeyLoad              (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the a file (not implemented yet).</p>
-<p></p>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGnuTLSAppKeyLoad              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the a file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24639"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30978"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24644"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30983"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24649"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30988"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24654"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30993"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24659"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30998"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24664"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31003"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECGNUTLSAPPKEYLOADMEMORY"></a><h3>xmlSecGnuTLSAppKeyLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecGnuTLSAppKeyLoadMemory        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the memory buffer (not implemented yet).</p>
-<p></p>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGnuTLSAppKeyLoadMemory        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the memory buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24684"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31035"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24689"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the size of binary key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31040"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of binary key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24694"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31045"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24699"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31050"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24704"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31055"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24709"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31060"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24714"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31065"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPPKCS12LOAD"></a><h3>xmlSecGnuTLSAppPkcs12Load ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecGnuTLSAppPkcs12Load           (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 file
-(not implemented yet).
-For uniformity, call xmlSecGnuTLSAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecGnuTLSAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppKeysMngrCertLoad     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24732"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31093"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24737"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31098"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24742"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31103"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24747"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31108"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24752"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPPKCS12LOADMEMORY"></a><h3>xmlSecGnuTLSAppPkcs12LoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecGnuTLSAppPkcs12LoadMemory     (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
-For uniformity, call xmlSecGnuTLSAppKeyLoadMemory instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12 (not implemented yet).</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecGnuTLSAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppKeysMngrCertLoadMemory
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24771"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31145"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24776"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31150"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24781"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31155"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24786"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31160"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24791"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31165"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24796"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31170"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPKEYCERTLOAD"></a><h3>xmlSecGnuTLSAppKeyCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppKeyCertLoad          (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key
-(not implemented yet).</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPPKCS12LOAD"></a><h3>xmlSecGnuTLSAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGnuTLSAppPkcs12Load           (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file.
+For uniformity, call xmlSecGnuTLSAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24814"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31196"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31201"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24819"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31206"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24824"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31211"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24829"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31216"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPKEYCERTLOADMEMORY"></a><h3>xmlSecGnuTLSAppKeyCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSAppKeyCertLoadMemory    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from memory buffer and adds it to key (not implemented yet).</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPPKCS12LOADMEMORY"></a><h3>xmlSecGnuTLSAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecGnuTLSAppPkcs12LoadMemory     (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
+For uniformity, call xmlSecGnuTLSAppKeyLoadMemory instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24847"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31245"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31250"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24852"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31255"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24857"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31260"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24862"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31265"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24867"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31270"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecGnuTLSAppGetDefaultPwdCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>*               xmlSecGnuTLSAppGetDefaultPwdCallback
-                                                        (void);</pre>
-<p>Gets default password callback.</p>
-<p></p>
+<a name="XMLSECGNUTLSAPPSHUTDOWN"></a><h3>xmlSecGnuTLSAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSAppShutdown             (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24881"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> default password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31287"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 </div>
diff --git a/docs/api/xmlsec-gnutls-crypto.html b/docs/api/xmlsec-gnutls-crypto.html
index 39966dc7..12f83fa5 100644
--- a/docs/api/xmlsec-gnutls-crypto.html
+++ b/docs/api/xmlsec-gnutls-crypto.html
@@ -6,7 +6,7 @@
 <link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
 <link rel="UP" title="XML Security Library for GnuTLS API Reference." href="xmlsec-gnutls-ref.html">
 <link rel="PREVIOUS" title="app" href="xmlsec-gnutls-app.html">
-<link rel="NEXT" title="XML Security Library for NSS API Reference." href="xmlsec-nss-ref.html">
+<link rel="NEXT" title="XML Security Library for GCrypt API Reference." href="xmlsec-gcrypt-ref.html">
 <style type="text/css">.synopsis, .classsynopsis {
     background: #eeeeee;
     border: solid 1px #aaaaaa;
@@ -82,61 +82,132 @@
 <td><a accesskey="u" href="xmlsec-gnutls-ref.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
 <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
 <th width="100%" align="center">XML Security Library Reference Manual</th>
-<td><a accesskey="n" href="xmlsec-nss-ref.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
+<td><a accesskey="n" href="xmlsec-gcrypt-ref.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
 </tr></table>
 <h1>
 <a name="XMLSEC-GNUTLS-CRYPTO"></a>crypto</h1>
 <div class="REFNAMEDIV">
-<a name="AEN24891"></a><h2>Name</h2>crypto -- Crypto transforms implementation for GnuTLS.</div>
+<a name="AEN31297"></a><h2>Name</h2>crypto -- Crypto transforms implementation for GnuTLS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-GNUTLS-CRYPTO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-gnutls-crypto.html#XMLSECCRYPTOGETFUNCTIONS-GNUTLS">xmlSecCryptoGetFunctions_gnutls</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSINIT">xmlSecGnuTLSInit</a>                    (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSSHUTDOWN">xmlSecGnuTLSShutdown</a>                (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYSMNGRINIT">xmlSecGnuTLSKeysMngrInit</a>            (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSGENERATERANDOM">xmlSecGnuTLSGenerateRandom</a>          (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECCRYPTOGETFUNCTIONS-GNUTLS">xmlSecCryptoGetFunctions_gnutls</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSGENERATERANDOM">xmlSecGnuTLSGenerateRandom</a>          (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSHMACGETMINOUTPUTLENGTH">xmlSecGnuTLSHmacGetMinOutputLength</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSHMACSETMINOUTPUTLENGTH">xmlSecGnuTLSHmacSetMinOutputLength</a>  (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSINIT">xmlSecGnuTLSInit</a>                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAAESGETKLASS">xmlSecGnuTLSKeyDataAesGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAAESID">xmlSecGnuTLSKeyDataAesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAAESGETKLASS">xmlSecGnuTLSKeyDataAesGetKlass</a>      (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAAESSET">xmlSecGnuTLSKeyDataAesSet</a>           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAAESSET">xmlSecGnuTLSKeyDataAesSet</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESGETKLASS">xmlSecGnuTLSKeyDataDesGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESID">xmlSecGnuTLSKeyDataDesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESSET">xmlSecGnuTLSKeyDataDesSet</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAADOPTPRIVATEKEY">xmlSecGnuTLSKeyDataDsaAdoptPrivateKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-X509-PRIVKEY-T"><span class="TYPE">gnutls_x509_privkey_t</span></gtkdoclink> dsa_key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAADOPTPUBLICKEY">xmlSecGnuTLSKeyDataDsaAdoptPublicKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *p</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *q</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *g</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *y</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAGETKLASS">xmlSecGnuTLSKeyDataDsaGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAID">xmlSecGnuTLSKeyDataDsaId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACGETKLASS">xmlSecGnuTLSKeyDataHmacGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACID">xmlSecGnuTLSKeyDataHmacId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACSET">xmlSecGnuTLSKeyDataHmacSet</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAADOPTPRIVATEKEY">xmlSecGnuTLSKeyDataRsaAdoptPrivateKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-X509-PRIVKEY-T"><span class="TYPE">gnutls_x509_privkey_t</span></gtkdoclink> rsa_key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAADOPTPUBLICKEY">xmlSecGnuTLSKeyDataRsaAdoptPublicKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *m</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *e</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAGETKLASS">xmlSecGnuTLSKeyDataRsaGetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAID">xmlSecGnuTLSKeyDataRsaId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYSMNGRINIT">xmlSecGnuTLSKeysMngrInit</a>            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSSHUTDOWN">xmlSecGnuTLSShutdown</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES128CBCGETKLASS">xmlSecGnuTLSTransformAes128CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES128CBCID">xmlSecGnuTLSTransformAes128CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES128CBCGETKLASS">xmlSecGnuTLSTransformAes128CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES192CBCGETKLASS">xmlSecGnuTLSTransformAes192CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES192CBCID">xmlSecGnuTLSTransformAes192CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES192CBCGETKLASS">xmlSecGnuTLSTransformAes192CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES256CBCGETKLASS">xmlSecGnuTLSTransformAes256CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES256CBCID">xmlSecGnuTLSTransformAes256CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES256CBCGETKLASS">xmlSecGnuTLSTransformAes256CbcGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESID">xmlSecGnuTLSKeyDataDesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESGETKLASS">xmlSecGnuTLSKeyDataDesGetKlass</a>      (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESSET">xmlSecGnuTLSKeyDataDesSet</a>           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDES3CBCGETKLASS">xmlSecGnuTLSTransformDes3CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDES3CBCID">xmlSecGnuTLSTransformDes3CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDES3CBCGETKLASS">xmlSecGnuTLSTransformDes3CbcGetKlass</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSHMACGETMINOUTPUTLENGTH">xmlSecGnuTLSHmacGetMinOutputLength</a>  (void);
-<font>void</font>                <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSHMACSETMINOUTPUTLENGTH">xmlSecGnuTLSHmacSetMinOutputLength</a>  (<font>int</font> min_length);
-#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACID">xmlSecGnuTLSKeyDataHmacId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACGETKLASS">xmlSecGnuTLSKeyDataHmacGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACSET">xmlSecGnuTLSKeyDataHmacSet</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDSASHA1GETKLASS">xmlSecGnuTLSTransformDsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDSASHA1ID">xmlSecGnuTLSTransformDsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACMD5GETKLASS">xmlSecGnuTLSTransformHmacMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACMD5ID">xmlSecGnuTLSTransformHmacMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACMD5GETKLASS">xmlSecGnuTLSTransformHmacMd5GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACRIPEMD160GETKLASS">xmlSecGnuTLSTransformHmacRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACRIPEMD160ID">xmlSecGnuTLSTransformHmacRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACRIPEMD160GETKLASS">xmlSecGnuTLSTransformHmacRipemd160GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA1GETKLASS">xmlSecGnuTLSTransformHmacSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA1ID">xmlSecGnuTLSTransformHmacSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA1GETKLASS">xmlSecGnuTLSTransformHmacSha1GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA256GETKLASS">xmlSecGnuTLSTransformHmacSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA256ID">xmlSecGnuTLSTransformHmacSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA384GETKLASS">xmlSecGnuTLSTransformHmacSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA384ID">xmlSecGnuTLSTransformHmacSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA512GETKLASS">xmlSecGnuTLSTransformHmacSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA512ID">xmlSecGnuTLSTransformHmacSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES128GETKLASS">xmlSecGnuTLSTransformKWAes128GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES128ID">xmlSecGnuTLSTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES192GETKLASS">xmlSecGnuTLSTransformKWAes192GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES192ID">xmlSecGnuTLSTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES256GETKLASS">xmlSecGnuTLSTransformKWAes256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES256ID">xmlSecGnuTLSTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWDES3GETKLASS">xmlSecGnuTLSTransformKWDes3GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWDES3ID">xmlSecGnuTLSTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMMD5GETKLASS">xmlSecGnuTLSTransformMd5GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMMD5ID">xmlSecGnuTLSTransformMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRIPEMD160GETKLASS">xmlSecGnuTLSTransformRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRIPEMD160ID">xmlSecGnuTLSTransformRipemd160Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSAMD5GETKLASS">xmlSecGnuTLSTransformRsaMd5GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSAMD5ID">xmlSecGnuTLSTransformRsaMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSARIPEMD160GETKLASS">xmlSecGnuTLSTransformRsaRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSARIPEMD160ID">xmlSecGnuTLSTransformRsaRipemd160Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA1GETKLASS">xmlSecGnuTLSTransformRsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA1ID">xmlSecGnuTLSTransformRsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA256GETKLASS">xmlSecGnuTLSTransformRsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA256ID">xmlSecGnuTLSTransformRsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA384GETKLASS">xmlSecGnuTLSTransformRsaSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA384ID">xmlSecGnuTLSTransformRsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA512GETKLASS">xmlSecGnuTLSTransformRsaSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA512ID">xmlSecGnuTLSTransformRsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA1GETKLASS">xmlSecGnuTLSTransformSha1GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA1ID">xmlSecGnuTLSTransformSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA1GETKLASS">xmlSecGnuTLSTransformSha1GetKlass</a>   (void);</pre>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA256GETKLASS">xmlSecGnuTLSTransformSha256GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA256ID">xmlSecGnuTLSTransformSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA384GETKLASS">xmlSecGnuTLSTransformSha384GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA384ID">xmlSecGnuTLSTransformSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA512GETKLASS">xmlSecGnuTLSTransformSha512GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA512ID">xmlSecGnuTLSTransformSha512Id</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-GNUTLS-CRYPTO.DESCRIPTION"></a><h2>Description</h2>
@@ -146,146 +217,404 @@
 <a name="XMLSEC-GNUTLS-CRYPTO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTOGETFUNCTIONS-GNUTLS"></a><h3>xmlSecCryptoGetFunctions_gnutls ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoGetFunctions_gnutls
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoGetFunctions_gnutls
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>Gets the pointer to xmlsec-gnutls functions table.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN31636"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the xmlsec-gnutls functions table or NULL if an error occurs.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSGENERATERANDOM"></a><h3>xmlSecGnuTLSGenerateRandom ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSGenerateRandom          (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31658"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31663"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the numer of bytes to generate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31668"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecGnuTLSHmacGetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSHmacGetMinOutputLength  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the value of min HMAC length.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24977"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the xmlsec-gnutls functions table or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31684"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the min HMAC output length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecGnuTLSHmacSetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecGnuTLSHmacSetMinOutputLength  (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);</pre>
+<p>Sets the min HMAC output length</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN31701"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new min length</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECGNUTLSINIT"></a><h3>xmlSecGnuTLSInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSInit                    (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSInit                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>XMLSec library specific crypto engine initialization.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN31717"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATAAESGETKLASS"></a><h3>xmlSecGnuTLSKeyDataAesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGnuTLSKeyDataAesGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24991"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31733"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSSHUTDOWN"></a><h3>xmlSecGnuTLSShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSShutdown                (void);</pre>
-<p>XMLSec library specific crypto engine shutdown.</p>
+<a name="XMLSECGNUTLSKEYDATAAESID"></a><h3>xmlSecGnuTLSKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataAesId</pre>
+<p>The AES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATAAESSET"></a><h3>xmlSecGnuTLSKeyDataAesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataAesSet           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of AES key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31762"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to AES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31767"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31772"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31777"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATADESGETKLASS"></a><h3>xmlSecGnuTLSKeyDataDesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGnuTLSKeyDataDesGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DES key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25005"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31793"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYSMNGRINIT"></a><h3>xmlSecGnuTLSKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSKeysMngrInit            (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Adds GnuTLS specific key data stores in keys manager.</p>
-<p></p>
+<a name="XMLSECGNUTLSKEYDATADESID"></a><h3>xmlSecGnuTLSKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataDesId</pre>
+<p>The DES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATADESSET"></a><h3>xmlSecGnuTLSKeyDataDesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataDesSet           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of DES key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25020"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31822"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DES key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25025"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31827"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31832"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31837"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSGENERATERANDOM"></a><h3>xmlSecGnuTLSGenerateRandom ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSGenerateRandom          (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
-<p></p>
+<a name="XMLSECGNUTLSKEYDATADSAADOPTPRIVATEKEY"></a><h3>xmlSecGnuTLSKeyDataDsaAdoptPrivateKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataDsaAdoptPrivateKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-X509-PRIVKEY-T"><span class="TYPE">gnutls_x509_privkey_t</span></gtkdoclink> dsa_key</code>);</pre>
+<p>Sets the value of DSA key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25043"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31857"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25048"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the numer of bytes to generate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31862"><span style="white-space: nowrap"><code class="PARAMETER">dsa_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GnuTLS DSA private key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25053"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31867"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAAESID"></a><h3>xmlSecGnuTLSKeyDataAesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataAesId</pre>
-<p>The AES key data klass.</p>
+<a name="XMLSECGNUTLSKEYDATADSAADOPTPUBLICKEY"></a><h3>xmlSecGnuTLSKeyDataDsaAdoptPublicKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataDsaAdoptPublicKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *p</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *q</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *g</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *y</code>);</pre>
+<p>Sets the value of DSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31896"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31901"><span style="white-space: nowrap"><code class="PARAMETER">p</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to p component of the DSA public key</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31906"><span style="white-space: nowrap"><code class="PARAMETER">q</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to q component of the DSA public key</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31911"><span style="white-space: nowrap"><code class="PARAMETER">g</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to g component of the DSA public key</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31916"><span style="white-space: nowrap"><code class="PARAMETER">y</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to y component of the DSA public key</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31921"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAAESGETKLASS"></a><h3>xmlSecGnuTLSKeyDataAesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecGnuTLSKeyDataAesGetKlass      (void);</pre>
-<p>The AES key data klass.</p>
+<a name="XMLSECGNUTLSKEYDATADSAGETKLASS"></a><h3>xmlSecGnuTLSKeyDataDsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGnuTLSKeyDataDsaGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN31937"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to DSA key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATADSAID"></a><h3>xmlSecGnuTLSKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataDsaId</pre>
+<p>The DSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATAHMACGETKLASS"></a><h3>xmlSecGnuTLSKeyDataHmacGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGnuTLSKeyDataHmacGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25074"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN31959"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAAESSET"></a><h3>xmlSecGnuTLSKeyDataAesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSKeyDataAesSet           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of AES key data.</p>
+<a name="XMLSECGNUTLSKEYDATAHMACID"></a><h3>xmlSecGnuTLSKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataHmacId</pre>
+<p>The HMAC key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATAHMACSET"></a><h3>xmlSecGnuTLSKeyDataHmacSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataHmacSet          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of HMAC key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31988"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to HMAC key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31993"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN31998"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32003"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATARSAADOPTPRIVATEKEY"></a><h3>xmlSecGnuTLSKeyDataRsaAdoptPrivateKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataRsaAdoptPrivateKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-X509-PRIVKEY-T"><span class="TYPE">gnutls_x509_privkey_t</span></gtkdoclink> rsa_key</code>);</pre>
+<p>Sets the value of RSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32023"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32028"><span style="white-space: nowrap"><code class="PARAMETER">rsa_key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to GnuTLS RSA private key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32033"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATARSAADOPTPUBLICKEY"></a><h3>xmlSecGnuTLSKeyDataRsaAdoptPublicKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeyDataRsaAdoptPublicKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *m</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="GNUTLS-DATUM-T"><span class="TYPE">gnutls_datum_t</span></gtkdoclink> *e</code>);</pre>
+<p>Sets the value of RSA key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25091"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to AES key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32056"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25096"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32061"><span style="white-space: nowrap"><code class="PARAMETER">m</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to m component of the RSA public key</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25101"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32066"><span style="white-space: nowrap"><code class="PARAMETER">e</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to e component of the RSA public key</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25106"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32071"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMAES128CBCID"></a><h3>xmlSecGnuTLSTransformAes128CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformAes128CbcId</pre>
-<p>The AES128 CBC cipher transform klass.</p>
+<a name="XMLSECGNUTLSKEYDATARSAGETKLASS"></a><h3>xmlSecGnuTLSKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecGnuTLSKeyDataRsaGetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GnuTLS RSA key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32087"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GnuTLS RSA key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYDATARSAID"></a><h3>xmlSecGnuTLSKeyDataRsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataRsaId</pre>
+<p>The RSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSKEYSMNGRINIT"></a><h3>xmlSecGnuTLSKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSKeysMngrInit            (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Adds GnuTLS specific key data stores in keys manager.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32110"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN32115"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSSHUTDOWN"></a><h3>xmlSecGnuTLSShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGnuTLSShutdown                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32131"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECGNUTLSTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformAes128CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformAes128CbcGetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformAes128CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>AES 128 CBC encryption transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32147"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMAES128CBCID"></a><h3>xmlSecGnuTLSTransformAes128CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformAes128CbcId</pre>
+<p>The AES128 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformAes192CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformAes192CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 192 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25127"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 128 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32169"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -293,19 +622,17 @@
 <a name="XMLSECGNUTLSTRANSFORMAES192CBCID"></a><h3>xmlSecGnuTLSTransformAes192CbcId</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformAes192CbcId</pre>
 <p>The AES192 CBC cipher transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformAes192CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformAes192CbcGetKlass
-                                                        (void);</pre>
-<p>AES 192 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformAes256CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformAes256CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 256 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25148"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 192 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32191"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -313,242 +640,436 @@
 <a name="XMLSECGNUTLSTRANSFORMAES256CBCID"></a><h3>xmlSecGnuTLSTransformAes256CbcId</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformAes256CbcId</pre>
 <p>The AES256 CBC cipher transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformAes256CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformAes256CbcGetKlass
-                                                        (void);</pre>
-<p>AES 256 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformDes3CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25169"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 256 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32213"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATADESID"></a><h3>xmlSecGnuTLSKeyDataDesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataDesId</pre>
-<p>The DES key data klass.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMDES3CBCID"></a><h3>xmlSecGnuTLSTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformDes3CbcId</pre>
+<p>The DES3 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATADESGETKLASS"></a><h3>xmlSecGnuTLSKeyDataDesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecGnuTLSKeyDataDesGetKlass      (void);</pre>
-<p>The DES key data klass.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformDsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25190"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32235"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATADESSET"></a><h3>xmlSecGnuTLSKeyDataDesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSKeyDataDesSet           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of DES key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25207"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DES key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25212"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25217"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25222"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECGNUTLSTRANSFORMDSASHA1ID"></a><h3>xmlSecGnuTLSTransformDsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformDsaSha1Id</pre>
+<p>The DSA SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMDES3CBCID"></a><h3>xmlSecGnuTLSTransformDes3CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformDes3CbcId</pre>
-<p>The DES3 CBC cipher transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-MD5 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32257"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecGnuTLSTransformDes3CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformDes3CbcGetKlass
-                                                        (void);</pre>
-<p>Triple DES CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMHMACMD5ID"></a><h3>xmlSecGnuTLSTransformHmacMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacMd5Id</pre>
+<p>The HMAC with MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-RIPEMD160 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25243"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to Triple DES encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32279"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-RIPEMD160 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecGnuTLSHmacGetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSHmacGetMinOutputLength  (void);</pre>
-<p>Gets the value of min HMAC length.</p>
-<p></p>
+<a name="XMLSECGNUTLSTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecGnuTLSTransformHmacRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacRipemd160Id</pre>
+<p>The HMAC with RipeMD160 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA1 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25257"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the min HMAC output length</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32301"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecGnuTLSHmacSetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecGnuTLSHmacSetMinOutputLength  (<font>int</font> min_length);</pre>
-<p>Sets the min HMAC output length</p>
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA1ID"></a><h3>xmlSecGnuTLSTransformHmacSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacSha1Id</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA256 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32323"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA256ID"></a><h3>xmlSecGnuTLSTransformHmacSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA384 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25272"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the new min length </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32345"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAHMACID"></a><h3>xmlSecGnuTLSKeyDataHmacId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSKeyDataHmacId</pre>
-<p>The HMAC key klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA384ID"></a><h3>xmlSecGnuTLSTransformHmacSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformHmacSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA512 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32367"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAHMACGETKLASS"></a><h3>xmlSecGnuTLSKeyDataHmacGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecGnuTLSKeyDataHmacGetKlass     (void);</pre>
-<p>The HMAC key data klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMHMACSHA512ID"></a><h3>xmlSecGnuTLSTransformHmacSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecGnuTLSTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformKWAes128GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 kew wrapper transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32389"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWAES128ID"></a><h3>xmlSecGnuTLSTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformKWAes128Id</pre>
+<p>The AES 128 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecGnuTLSTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformKWAes192GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25293"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HMAC key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32411"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 kew wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSKEYDATAHMACSET"></a><h3>xmlSecGnuTLSKeyDataHmacSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGnuTLSKeyDataHmacSet          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of HMAC key data.</p>
+<a name="XMLSECGNUTLSTRANSFORMKWAES192ID"></a><h3>xmlSecGnuTLSTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformKWAes192Id</pre>
+<p>The AES 192 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecGnuTLSTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformKWAes256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 kew wrapper transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32433"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWAES256ID"></a><h3>xmlSecGnuTLSTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformKWAes256Id</pre>
+<p>The AES 256 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecGnuTLSTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformKWDes3GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25310"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to HMAC key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25315"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25320"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25325"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32455"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACMD5ID"></a><h3>xmlSecGnuTLSTransformHmacMd5Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacMd5Id</pre>
-<p>The HMAC with MD5 signature transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMKWDES3ID"></a><h3>xmlSecGnuTLSTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformKWDes3Id</pre>
+<p>The DES3 KW transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMMD5GETKLASS"></a><h3>xmlSecGnuTLSTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformMd5GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>MD5 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32477"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MD5 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformHmacMd5GetKlass
-                                                        (void);</pre>
-<p>The HMAC-MD5 transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMMD5ID"></a><h3>xmlSecGnuTLSTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformMd5Id</pre>
+<p>The MD5 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecGnuTLSTransformRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>RIPEMD160 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32499"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to RIPEMD160 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRIPEMD160ID"></a><h3>xmlSecGnuTLSTransformRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRipemd160Id</pre>
+<p>The RIPEMD160 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaMd5GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25346"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-MD5 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32521"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecGnuTLSTransformHmacRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacRipemd160Id</pre>
-<p>The HMAC with RipeMD160 signature transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMRSAMD5ID"></a><h3>xmlSecGnuTLSTransformRsaMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaMd5Id</pre>
+<p>The RSA-MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSARIPEMD160GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32543"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-RIPEMD160 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformHmacRipemd160GetKlass
-                                                        (void);</pre>
-<p>The HMAC-RIPEMD160 transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecGnuTLSTransformRsaRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaRipemd160Id</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32565"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA1ID"></a><h3>xmlSecGnuTLSTransformRsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaSha1Id</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25367"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-RIPEMD160 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32587"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACSHA1ID"></a><h3>xmlSecGnuTLSTransformHmacSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformHmacSha1Id</pre>
-<p>The HMAC with SHA1 signature transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMRSASHA256ID"></a><h3>xmlSecGnuTLSTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaSha256Id</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32609"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformHmacSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformHmacSha1GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA1 transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMRSASHA384ID"></a><h3>xmlSecGnuTLSTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaSha384Id</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecGnuTLSTransformRsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformRsaSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32631"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMRSASHA512ID"></a><h3>xmlSecGnuTLSTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformRsaSha512Id</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformSha1GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25388"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA1 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32653"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECGNUTLSTRANSFORMSHA1ID"></a><h3>xmlSecGnuTLSTransformSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformSha1Id</pre>
-<p>The SHA1 digest transform klass.</p>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA256GETKLASS"></a><h3>xmlSecGnuTLSTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformSha256GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA256 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32675"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA256 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGNUTLSTRANSFORMSHA1GETKLASS"></a><h3>xmlSecGnuTLSTransformSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecGnuTLSTransformSha1GetKlass   (void);</pre>
-<p>SHA-1 digest transform klass.</p>
+<a name="XMLSECGNUTLSTRANSFORMSHA256ID"></a><h3>xmlSecGnuTLSTransformSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA384GETKLASS"></a><h3>xmlSecGnuTLSTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformSha384GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA384 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN32697"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA384 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA384ID"></a><h3>xmlSecGnuTLSTransformSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA512GETKLASS"></a><h3>xmlSecGnuTLSTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecGnuTLSTransformSha512GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA512 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25409"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-1 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN32719"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA512 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGNUTLSTRANSFORMSHA512ID"></a><h3>xmlSecGnuTLSTransformSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGnuTLSTransformSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-gnutls-app.html"><b>&lt;&lt;&lt; app</b></a></td>
-<td align="right"><a accesskey="n" href="xmlsec-nss-ref.html"><b>XML Security Library for NSS API Reference. &gt;&gt;&gt;</b></a></td>
+<td align="right"><a accesskey="n" href="xmlsec-gcrypt-ref.html"><b>XML Security Library for GCrypt API Reference. &gt;&gt;&gt;</b></a></td>
 </tr></table>
 </td></tr></table></td>
 </tr></table></body>
diff --git a/docs/api/xmlsec-index.html b/docs/api/xmlsec-index.html
index 1c712267..e0491f1e 100644
--- a/docs/api/xmlsec-index.html
+++ b/docs/api/xmlsec-index.html
@@ -196,6 +196,7 @@
 <li><p><a href="xmlsec-dl.html#XMLSECCRYPTODLSETFUNCTIONS">xmlSecCryptoDLSetFunctions</a></p></li>
 <li><p><a href="xmlsec-dl.html#XMLSECCRYPTODLSHUTDOWN">xmlSecCryptoDLShutdown</a></p></li>
 <li><p><a href="xmlsec-dl.html#XMLSECCRYPTODLUNLOADLIBRARY">xmlSecCryptoDLUnloadLibrary</a></p></li>
+<li><p><font>xmlSecCryptoGetFunctions-gcrypt</font></p></li>
 <li><p><font>xmlSecCryptoGetFunctions-gnutls</font></p></li>
 <li><p><font>xmlSecCryptoGetFunctions-mscrypto</font></p></li>
 <li><p><font>xmlSecCryptoGetFunctions-nss</font></p></li>
@@ -317,6 +318,103 @@
 <li><p><a href="xmlsec-xmltree.html#XMLSECFINDCHILD">xmlSecFindChild</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECFINDNODE">xmlSecFindNode</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECFINDPARENT">xmlSecFindParent</a></p></li>
+<li><p><font>XMLSEC-FUNC-TO-PTR</font></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecGCryptAppDefaultKeysMngrAdoptKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRINIT">xmlSecGCryptAppDefaultKeysMngrInit</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRLOAD">xmlSecGCryptAppDefaultKeysMngrLoad</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPDEFAULTKEYSMNGRSAVE">xmlSecGCryptAppDefaultKeysMngrSave</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPGETDEFAULTPWDCALLBACK">xmlSecGCryptAppGetDefaultPwdCallback</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPINIT">xmlSecGCryptAppInit</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYCERTLOADMEMORY">xmlSecGCryptAppKeyCertLoadMemory</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYCERTLOAD">xmlSecGCryptAppKeyCertLoad</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYLOADMEMORY">xmlSecGCryptAppKeyLoadMemory</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYLOAD">xmlSecGCryptAppKeyLoad</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYSMNGRCERTLOADMEMORY">xmlSecGCryptAppKeysMngrCertLoadMemory</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPKEYSMNGRCERTLOAD">xmlSecGCryptAppKeysMngrCertLoad</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPPKCS12LOADMEMORY">xmlSecGCryptAppPkcs12LoadMemory</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPPKCS12LOAD">xmlSecGCryptAppPkcs12Load</a></p></li>
+<li><p><a href="xmlsec-gcrypt-app.html#XMLSECGCRYPTAPPSHUTDOWN">xmlSecGCryptAppShutdown</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTGENERATERANDOM">xmlSecGCryptGenerateRandom</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTHMACGETMINOUTPUTLENGTH">xmlSecGCryptHmacGetMinOutputLength</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTHMACSETMINOUTPUTLENGTH">xmlSecGCryptHmacSetMinOutputLength</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTINIT">xmlSecGCryptInit</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESGETKLASS">xmlSecGCryptKeyDataAesGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESID">xmlSecGCryptKeyDataAesId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAAESSET">xmlSecGCryptKeyDataAesSet</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESGETKLASS">xmlSecGCryptKeyDataDesGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESID">xmlSecGCryptKeyDataDesId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADESSET">xmlSecGCryptKeyDataDesSet</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAADOPTKEY">xmlSecGCryptKeyDataDsaAdoptKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAADOPTKEYPAIR">xmlSecGCryptKeyDataDsaAdoptKeyPair</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETKLASS">xmlSecGCryptKeyDataDsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETPRIVATEKEY">xmlSecGCryptKeyDataDsaGetPrivateKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAGETPUBLICKEY">xmlSecGCryptKeyDataDsaGetPublicKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATADSAID">xmlSecGCryptKeyDataDsaId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACGETKLASS">xmlSecGCryptKeyDataHmacGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACID">xmlSecGCryptKeyDataHmacId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATAHMACSET">xmlSecGCryptKeyDataHmacSet</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAADOPTKEY">xmlSecGCryptKeyDataRsaAdoptKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAADOPTKEYPAIR">xmlSecGCryptKeyDataRsaAdoptKeyPair</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETKLASS">xmlSecGCryptKeyDataRsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETPRIVATEKEY">xmlSecGCryptKeyDataRsaGetPrivateKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAGETPUBLICKEY">xmlSecGCryptKeyDataRsaGetPublicKey</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYDATARSAID">xmlSecGCryptKeyDataRsaId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTKEYSMNGRINIT">xmlSecGCryptKeysMngrInit</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTSHUTDOWN">xmlSecGCryptShutdown</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES128CBCGETKLASS">xmlSecGCryptTransformAes128CbcGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES128CBCID">xmlSecGCryptTransformAes128CbcId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES192CBCGETKLASS">xmlSecGCryptTransformAes192CbcGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES192CBCID">xmlSecGCryptTransformAes192CbcId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES256CBCGETKLASS">xmlSecGCryptTransformAes256CbcGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMAES256CBCID">xmlSecGCryptTransformAes256CbcId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDES3CBCGETKLASS">xmlSecGCryptTransformDes3CbcGetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDES3CBCID">xmlSecGCryptTransformDes3CbcId</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDSASHA1GETKLASS">xmlSecGCryptTransformDsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMDSASHA1ID">xmlSecGCryptTransformDsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACMD5GETKLASS">xmlSecGCryptTransformHmacMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACMD5ID">xmlSecGCryptTransformHmacMd5Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACRIPEMD160GETKLASS">xmlSecGCryptTransformHmacRipemd160GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACRIPEMD160ID">xmlSecGCryptTransformHmacRipemd160Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA1GETKLASS">xmlSecGCryptTransformHmacSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA1ID">xmlSecGCryptTransformHmacSha1Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA256GETKLASS">xmlSecGCryptTransformHmacSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA256ID">xmlSecGCryptTransformHmacSha256Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA384GETKLASS">xmlSecGCryptTransformHmacSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA384ID">xmlSecGCryptTransformHmacSha384Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA512GETKLASS">xmlSecGCryptTransformHmacSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMHMACSHA512ID">xmlSecGCryptTransformHmacSha512Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES128GETKLASS">xmlSecGCryptTransformKWAes128GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES128ID">xmlSecGCryptTransformKWAes128Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES192GETKLASS">xmlSecGCryptTransformKWAes192GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES192ID">xmlSecGCryptTransformKWAes192Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES256GETKLASS">xmlSecGCryptTransformKWAes256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWAES256ID">xmlSecGCryptTransformKWAes256Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWDES3GETKLASS">xmlSecGCryptTransformKWDes3GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMKWDES3ID">xmlSecGCryptTransformKWDes3Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMMD5GETKLASS">xmlSecGCryptTransformMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMMD5ID">xmlSecGCryptTransformMd5Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRIPEMD160GETKLASS">xmlSecGCryptTransformRipemd160GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRIPEMD160ID">xmlSecGCryptTransformRipemd160Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSAMD5GETKLASS">xmlSecGCryptTransformRsaMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSAMD5ID">xmlSecGCryptTransformRsaMd5Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSARIPEMD160GETKLASS">xmlSecGCryptTransformRsaRipemd160GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSARIPEMD160ID">xmlSecGCryptTransformRsaRipemd160Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA1GETKLASS">xmlSecGCryptTransformRsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA1ID">xmlSecGCryptTransformRsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA256GETKLASS">xmlSecGCryptTransformRsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA256ID">xmlSecGCryptTransformRsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA384GETKLASS">xmlSecGCryptTransformRsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA384ID">xmlSecGCryptTransformRsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA512GETKLASS">xmlSecGCryptTransformRsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMRSASHA512ID">xmlSecGCryptTransformRsaSha512Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA1GETKLASS">xmlSecGCryptTransformSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA1ID">xmlSecGCryptTransformSha1Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA256GETKLASS">xmlSecGCryptTransformSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA256ID">xmlSecGCryptTransformSha256Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA384GETKLASS">xmlSecGCryptTransformSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA384ID">xmlSecGCryptTransformSha384Id</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA512GETKLASS">xmlSecGCryptTransformSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gcrypt-crypto.html#XMLSECGCRYPTTRANSFORMSHA512ID">xmlSecGCryptTransformSha512Id</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECGENERATEANDADDID">xmlSecGenerateAndAddID</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECGENERATEID">xmlSecGenerateID</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECGETHEX">xmlSecGetHex</a></p></li>
@@ -349,9 +447,29 @@
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESGETKLASS">xmlSecGnuTLSKeyDataDesGetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESID">xmlSecGnuTLSKeyDataDesId</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADESSET">xmlSecGnuTLSKeyDataDesSet</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAADOPTPRIVATEKEY">xmlSecGnuTLSKeyDataDsaAdoptPrivateKey</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAADOPTPUBLICKEY">xmlSecGnuTLSKeyDataDsaAdoptPublicKey</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAGETKLASS">xmlSecGnuTLSKeyDataDsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATADSAID">xmlSecGnuTLSKeyDataDsaId</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACGETKLASS">xmlSecGnuTLSKeyDataHmacGetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACID">xmlSecGnuTLSKeyDataHmacId</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATAHMACSET">xmlSecGnuTLSKeyDataHmacSet</a></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataRawX509CertGetKlass</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataRawX509CertId</font></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAADOPTPRIVATEKEY">xmlSecGnuTLSKeyDataRsaAdoptPrivateKey</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAADOPTPUBLICKEY">xmlSecGnuTLSKeyDataRsaAdoptPublicKey</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAGETKLASS">xmlSecGnuTLSKeyDataRsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYDATARSAID">xmlSecGnuTLSKeyDataRsaId</a></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509AdoptCert</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509AdoptCrl</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509AdoptKeyCert</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetCert</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetCertsSize</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetCrl</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetCrlsSize</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetKeyCert</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509GetKlass</font></p></li>
+<li><p><font>xmlSecGnuTLSKeyDataX509Id</font></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSKEYSMNGRINIT">xmlSecGnuTLSKeysMngrInit</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSSHUTDOWN">xmlSecGnuTLSShutdown</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES128CBCGETKLASS">xmlSecGnuTLSTransformAes128CbcGetKlass</a></p></li>
@@ -362,14 +480,58 @@
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMAES256CBCID">xmlSecGnuTLSTransformAes256CbcId</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDES3CBCGETKLASS">xmlSecGnuTLSTransformDes3CbcGetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDES3CBCID">xmlSecGnuTLSTransformDes3CbcId</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDSASHA1GETKLASS">xmlSecGnuTLSTransformDsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMDSASHA1ID">xmlSecGnuTLSTransformDsaSha1Id</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACMD5GETKLASS">xmlSecGnuTLSTransformHmacMd5GetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACMD5ID">xmlSecGnuTLSTransformHmacMd5Id</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACRIPEMD160GETKLASS">xmlSecGnuTLSTransformHmacRipemd160GetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACRIPEMD160ID">xmlSecGnuTLSTransformHmacRipemd160Id</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA1GETKLASS">xmlSecGnuTLSTransformHmacSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA1ID">xmlSecGnuTLSTransformHmacSha1Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA256GETKLASS">xmlSecGnuTLSTransformHmacSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA256ID">xmlSecGnuTLSTransformHmacSha256Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA384GETKLASS">xmlSecGnuTLSTransformHmacSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA384ID">xmlSecGnuTLSTransformHmacSha384Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA512GETKLASS">xmlSecGnuTLSTransformHmacSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMHMACSHA512ID">xmlSecGnuTLSTransformHmacSha512Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES128GETKLASS">xmlSecGnuTLSTransformKWAes128GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES128ID">xmlSecGnuTLSTransformKWAes128Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES192GETKLASS">xmlSecGnuTLSTransformKWAes192GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES192ID">xmlSecGnuTLSTransformKWAes192Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES256GETKLASS">xmlSecGnuTLSTransformKWAes256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWAES256ID">xmlSecGnuTLSTransformKWAes256Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWDES3GETKLASS">xmlSecGnuTLSTransformKWDes3GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMKWDES3ID">xmlSecGnuTLSTransformKWDes3Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMMD5GETKLASS">xmlSecGnuTLSTransformMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMMD5ID">xmlSecGnuTLSTransformMd5Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRIPEMD160GETKLASS">xmlSecGnuTLSTransformRipemd160GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRIPEMD160ID">xmlSecGnuTLSTransformRipemd160Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSAMD5GETKLASS">xmlSecGnuTLSTransformRsaMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSAMD5ID">xmlSecGnuTLSTransformRsaMd5Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSARIPEMD160GETKLASS">xmlSecGnuTLSTransformRsaRipemd160GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSARIPEMD160ID">xmlSecGnuTLSTransformRsaRipemd160Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA1GETKLASS">xmlSecGnuTLSTransformRsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA1ID">xmlSecGnuTLSTransformRsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA256GETKLASS">xmlSecGnuTLSTransformRsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA256ID">xmlSecGnuTLSTransformRsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA384GETKLASS">xmlSecGnuTLSTransformRsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA384ID">xmlSecGnuTLSTransformRsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA512GETKLASS">xmlSecGnuTLSTransformRsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMRSASHA512ID">xmlSecGnuTLSTransformRsaSha512Id</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA1GETKLASS">xmlSecGnuTLSTransformSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA1ID">xmlSecGnuTLSTransformSha1Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA256GETKLASS">xmlSecGnuTLSTransformSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA256ID">xmlSecGnuTLSTransformSha256Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA384GETKLASS">xmlSecGnuTLSTransformSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA384ID">xmlSecGnuTLSTransformSha384Id</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA512GETKLASS">xmlSecGnuTLSTransformSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-gnutls-crypto.html#XMLSECGNUTLSTRANSFORMSHA512ID">xmlSecGnuTLSTransformSha512Id</a></p></li>
+<li><p><font>xmlSecGnuTLSX509CertGetKey</font></p></li>
+<li><p><font>xmlSecGnuTLSX509StoreAdoptCert</font></p></li>
+<li><p><font>xmlSecGnuTLSX509StoreFindCert</font></p></li>
+<li><p><font>xmlSecGnuTLSX509StoreGetKlass</font></p></li>
+<li><p><font>xmlSecGnuTLSX509StoreId</font></p></li>
+<li><p><font>xmlSecGnuTLSX509StoreVerify</font></p></li>
 <li><p><a href="xmlsec-xmlsec.html#XMLSECINIT">xmlSecInit</a></p></li>
 <li><p><a href="xmlsec-io.html#XMLSECIOCLEANUPCALLBACKS">xmlSecIOCleanupCallbacks</a></p></li>
 <li><p><a href="xmlsec-io.html#XMLSECIOINIT">xmlSecIOInit</a></p></li>
@@ -416,6 +578,8 @@
 <li><p><a href="xmlsec-app.html#XMLSECKEYDATADSAID">xmlSecKeyDataDsaId</a></p></li>
 <li><p><a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATEMETHOD">xmlSecKeyDataDuplicateMethod</a></p></li>
 <li><p><a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATE">xmlSecKeyDataDuplicate</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECKEYDATAECDSAGETKLASS">xmlSecKeyDataEcdsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECKEYDATAECDSAID">xmlSecKeyDataEcdsaId</a></p></li>
 <li><p><a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYGETKLASS">xmlSecKeyDataEncryptedKeyGetKlass</a></p></li>
 <li><p><a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYID">xmlSecKeyDataEncryptedKeyId</a></p></li>
 <li><p><a href="xmlsec-keysdata.html#XMLSECKEYDATAFINALIZEMETHOD">xmlSecKeyDataFinalizeMethod</a></p></li>
@@ -630,9 +794,17 @@
 <li><p><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPSHUTDOWN">xmlSecMSCryptoAppShutdown</a></p></li>
 <li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTADOPT">xmlSecMSCryptoCertAdopt</a></p></li>
 <li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTDUP">xmlSecMSCryptoCertDup</a></p></li>
-<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCERTSTRTONAME">xmlSecMSCryptoCertStrToName</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTLOCALETOUNICODE">xmlSecMSCryptoConvertLocaleToUnicode</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTLOCALETOUTF8">xmlSecMSCryptoConvertLocaleToUtf8</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTTSTRTOUTF8">xmlSecMSCryptoConvertTstrToUtf8</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUNICODETOUTF8">xmlSecMSCryptoConvertUnicodeToUtf8</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOLOCALE">xmlSecMSCryptoConvertUtf8ToLocale</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOTSTR">xmlSecMSCryptoConvertUtf8ToTstr</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOUNICODE">xmlSecMSCryptoConvertUtf8ToUnicode</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOERRORSDEFAULTCALLBACK">xmlSecMSCryptoErrorsDefaultCallback</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOGENERATERANDOM">xmlSecMSCryptoGenerateRandom</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOHMACGETMINOUTPUTLENGTH">xmlSecMSCryptoHmacGetMinOutputLength</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOHMACSETMINOUTPUTLENGTH">xmlSecMSCryptoHmacSetMinOutputLength</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOINIT">xmlSecMSCryptoInit</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESGETKLASS">xmlSecMSCryptoKeyDataAesGetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESID">xmlSecMSCryptoKeyDataAesId</a></p></li>
@@ -644,8 +816,13 @@
 <li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETCERT">xmlSecMSCryptoKeyDataGetCert</a></p></li>
 <li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETDECRYPTKEY">xmlSecMSCryptoKeyDataGetDecryptKey</a></p></li>
 <li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETKEY">xmlSecMSCryptoKeyDataGetKey</a></p></li>
+<li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETMSCRYPTOKEYSPEC">xmlSecMSCryptoKeyDataGetMSCryptoKeySpec</a></p></li>
+<li><p><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETMSCRYPTOPROVIDER">xmlSecMSCryptoKeyDataGetMSCryptoProvider</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAGOST2001GETKLASS">xmlSecMSCryptoKeyDataGost2001GetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAGOST2001ID">xmlSecMSCryptoKeyDataGost2001Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACGETKLASS">xmlSecMSCryptoKeyDataHmacGetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACID">xmlSecMSCryptoKeyDataHmacId</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACSET">xmlSecMSCryptoKeyDataHmacSet</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATARAWX509CERTGETKLASS">xmlSecMSCryptoKeyDataRawX509CertGetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATARAWX509CERTID">xmlSecMSCryptoKeyDataRawX509CertId</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATARSAGETKLASS">xmlSecMSCryptoKeyDataRsaGetKlass</a></p></li>
@@ -681,22 +858,55 @@
 <li><p><font>xmlSecMSCryptoTransformGost2001GostR3411-94Id</font></p></li>
 <li><p><font>xmlSecMSCryptoTransformGostR3411-94GetKlass</font></p></li>
 <li><p><font>xmlSecMSCryptoTransformGostR3411-94Id</font></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACMD5GETKLASS">xmlSecMSCryptoTransformHmacMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACMD5ID">xmlSecMSCryptoTransformHmacMd5Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA1GETKLASS">xmlSecMSCryptoTransformHmacSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA1ID">xmlSecMSCryptoTransformHmacSha1Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA256GETKLASS">xmlSecMSCryptoTransformHmacSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA256ID">xmlSecMSCryptoTransformHmacSha256Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA384GETKLASS">xmlSecMSCryptoTransformHmacSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA384ID">xmlSecMSCryptoTransformHmacSha384Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA512GETKLASS">xmlSecMSCryptoTransformHmacSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA512ID">xmlSecMSCryptoTransformHmacSha512Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES128GETKLASS">xmlSecMSCryptoTransformKWAes128GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES128ID">xmlSecMSCryptoTransformKWAes128Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES192GETKLASS">xmlSecMSCryptoTransformKWAes192GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES192ID">xmlSecMSCryptoTransformKWAes192Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES256GETKLASS">xmlSecMSCryptoTransformKWAes256GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES256ID">xmlSecMSCryptoTransformKWAes256Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWDES3GETKLASS">xmlSecMSCryptoTransformKWDes3GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWDES3ID">xmlSecMSCryptoTransformKWDes3Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMMD5GETKLASS">xmlSecMSCryptoTransformMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMMD5ID">xmlSecMSCryptoTransformMd5Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAMD5GETKLASS">xmlSecMSCryptoTransformRsaMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAMD5ID">xmlSecMSCryptoTransformRsaMd5Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAOAEPGETKLASS">xmlSecMSCryptoTransformRsaOaepGetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAOAEPID">xmlSecMSCryptoTransformRsaOaepId</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1GETKLASS">xmlSecMSCryptoTransformRsaPkcs1GetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1ID">xmlSecMSCryptoTransformRsaPkcs1Id</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1GETKLASS">xmlSecMSCryptoTransformRsaSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1ID">xmlSecMSCryptoTransformRsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA256GETKLASS">xmlSecMSCryptoTransformRsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA256ID">xmlSecMSCryptoTransformRsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA384GETKLASS">xmlSecMSCryptoTransformRsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA384ID">xmlSecMSCryptoTransformRsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA512GETKLASS">xmlSecMSCryptoTransformRsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA512ID">xmlSecMSCryptoTransformRsaSha512Id</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1GETKLASS">xmlSecMSCryptoTransformSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1ID">xmlSecMSCryptoTransformSha1Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA256GETKLASS">xmlSecMSCryptoTransformSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA256ID">xmlSecMSCryptoTransformSha256Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA384GETKLASS">xmlSecMSCryptoTransformSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA384ID">xmlSecMSCryptoTransformSha384Id</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA512GETKLASS">xmlSecMSCryptoTransformSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA512ID">xmlSecMSCryptoTransformSha512Id</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTCERT">xmlSecMSCryptoX509StoreAdoptCert</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTKEYSTORE">xmlSecMSCryptoX509StoreAdoptKeyStore</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptTrustedStore</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTUNTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptUntrustedStore</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREENABLESYSTEMTRUSTEDCERTS">xmlSecMSCryptoX509StoreEnableSystemTrustedCerts</a></p></li>
-<li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREFINDCERT">xmlSecMSCryptoX509StoreFindCert</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREGETKLASS">xmlSecMSCryptoX509StoreGetKlass</a></p></li>
 <li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREID">xmlSecMSCryptoX509StoreId</a></p></li>
-<li><p><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREVERIFY">xmlSecMSCryptoX509StoreVerify</a></p></li>
-<li><p><font>XMLSEC-NO-AES</font></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECNODEENCODEANDSETCONTENT">xmlSecNodeEncodeAndSetContent</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECNODEGETNAME">xmlSecNodeGetName</a></p></li>
 <li><p><a href="xmlsec-nodeset.html#XMLSECNODESETADDLIST">xmlSecNodeSetAddList</a></p></li>
@@ -713,10 +923,6 @@
 <li><p><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a></p></li>
 <li><p><a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK">xmlSecNodeSetWalkCallback</a></p></li>
 <li><p><a href="xmlsec-nodeset.html#XMLSECNODESETWALK">xmlSecNodeSetWalk</a></p></li>
-<li><p><font>XMLSEC-NO-SHA224</font></p></li>
-<li><p><font>XMLSEC-NO-SHA256</font></p></li>
-<li><p><font>XMLSEC-NO-SHA384</font></p></li>
-<li><p><font>XMLSEC-NO-SHA512</font></p></li>
 <li><p><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecNssAppDefaultKeysMngrAdoptKey</a></p></li>
 <li><p><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT">xmlSecNssAppDefaultKeysMngrInit</a></p></li>
 <li><p><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRLOAD">xmlSecNssAppDefaultKeysMngrLoad</a></p></li>
@@ -798,6 +1004,12 @@
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACRIPEMD160ID">xmlSecNssTransformHmacRipemd160Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA1GETKLASS">xmlSecNssTransformHmacSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA1ID">xmlSecNssTransformHmacSha1Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA256GETKLASS">xmlSecNssTransformHmacSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA256ID">xmlSecNssTransformHmacSha256Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA384GETKLASS">xmlSecNssTransformHmacSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA384ID">xmlSecNssTransformHmacSha384Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA512GETKLASS">xmlSecNssTransformHmacSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA512ID">xmlSecNssTransformHmacSha512Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128GETKLASS">xmlSecNssTransformKWAes128GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128ID">xmlSecNssTransformKWAes128Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES192GETKLASS">xmlSecNssTransformKWAes192GetKlass</a></p></li>
@@ -806,14 +1018,30 @@
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES256ID">xmlSecNssTransformKWAes256Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3GETKLASS">xmlSecNssTransformKWDes3GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3ID">xmlSecNssTransformKWDes3Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMMD5GETKLASS">xmlSecNssTransformMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMMD5ID">xmlSecNssTransformMd5Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAMD5GETKLASS">xmlSecNssTransformRsaMd5GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAMD5ID">xmlSecNssTransformRsaMd5Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAOAEPGETKLASS">xmlSecNssTransformRsaOaepGetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAOAEPID">xmlSecNssTransformRsaOaepId</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1GETKLASS">xmlSecNssTransformRsaPkcs1GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1ID">xmlSecNssTransformRsaPkcs1Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1GETKLASS">xmlSecNssTransformRsaSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1ID">xmlSecNssTransformRsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA256GETKLASS">xmlSecNssTransformRsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA256ID">xmlSecNssTransformRsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA384GETKLASS">xmlSecNssTransformRsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA384ID">xmlSecNssTransformRsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA512GETKLASS">xmlSecNssTransformRsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA512ID">xmlSecNssTransformRsaSha512Id</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA1GETKLASS">xmlSecNssTransformSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA1ID">xmlSecNssTransformSha1Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA256GETKLASS">xmlSecNssTransformSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA256ID">xmlSecNssTransformSha256Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA384GETKLASS">xmlSecNssTransformSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA384ID">xmlSecNssTransformSha384Id</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA512GETKLASS">xmlSecNssTransformSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA512ID">xmlSecNssTransformSha512Id</a></p></li>
 <li><p><a href="xmlsec-nss-x509.html#XMLSECNSSX509CERTGETKEY">xmlSecNssX509CertGetKey</a></p></li>
 <li><p><a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREADOPTCERT">xmlSecNssX509StoreAdoptCert</a></p></li>
 <li><p><a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREFINDCERT">xmlSecNssX509StoreFindCert</a></p></li>
@@ -866,6 +1094,14 @@
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETEVP">xmlSecOpenSSLKeyDataDsaGetEvp</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETKLASS">xmlSecOpenSSLKeyDataDsaGetKlass</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAID">xmlSecOpenSSLKeyDataDsaId</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAADOPTECDSA">xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAADOPTEVP">xmlSecOpenSSLKeyDataEcdsaAdoptEvp</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETECDSA">xmlSecOpenSSLKeyDataEcdsaGetEcdsa</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETEVP">xmlSecOpenSSLKeyDataEcdsaGetEvp</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETKLASS">xmlSecOpenSSLKeyDataEcdsaGetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAID">xmlSecOpenSSLKeyDataEcdsaId</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAGOST2001GETKLASS">xmlSecOpenSSLKeyDataGost2001GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAGOST2001ID">xmlSecOpenSSLKeyDataGost2001Id</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACGETKLASS">xmlSecOpenSSLKeyDataHmacGetKlass</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACID">xmlSecOpenSSLKeyDataHmacId</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACSET">xmlSecOpenSSLKeyDataHmacSet</a></p></li>
@@ -902,6 +1138,22 @@
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDES3CBCID">xmlSecOpenSSLTransformDes3CbcId</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA1GETKLASS">xmlSecOpenSSLTransformDsaSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA1ID">xmlSecOpenSSLTransformDsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA256GETKLASS">xmlSecOpenSSLTransformDsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA256ID">xmlSecOpenSSLTransformDsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA1GETKLASS">xmlSecOpenSSLTransformEcdsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA1ID">xmlSecOpenSSLTransformEcdsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA224GETKLASS">xmlSecOpenSSLTransformEcdsaSha224GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA224ID">xmlSecOpenSSLTransformEcdsaSha224Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA256GETKLASS">xmlSecOpenSSLTransformEcdsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA256ID">xmlSecOpenSSLTransformEcdsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA384GETKLASS">xmlSecOpenSSLTransformEcdsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA384ID">xmlSecOpenSSLTransformEcdsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA512GETKLASS">xmlSecOpenSSLTransformEcdsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA512ID">xmlSecOpenSSLTransformEcdsaSha512Id</a></p></li>
+<li><p><font>xmlSecOpenSSLTransformGost2001GostR3411-94GetKlass</font></p></li>
+<li><p><font>xmlSecOpenSSLTransformGost2001GostR3411-94Id</font></p></li>
+<li><p><font>xmlSecOpenSSLTransformGostR3411-94GetKlass</font></p></li>
+<li><p><font>xmlSecOpenSSLTransformGostR3411-94Id</font></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACMD5GETKLASS">xmlSecOpenSSLTransformHmacMd5GetKlass</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACMD5ID">xmlSecOpenSSLTransformHmacMd5Id</a></p></li>
 <li><p><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACRIPEMD160GETKLASS">xmlSecOpenSSLTransformHmacRipemd160GetKlass</a></p></li>
@@ -991,10 +1243,13 @@
 <li><p><a href="xmlsec-list.html#XMLSECPTRLISTKLASSGETNAME">xmlSecPtrListKlassGetName</a></p></li>
 <li><p><a href="xmlsec-list.html#XMLSECPTRLISTKLASS">xmlSecPtrListKlass</a></p></li>
 <li><p><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a></p></li>
+<li><p><a href="xmlsec-list.html#XMLSECPTRLISTREMOVEANDRETURN">xmlSecPtrListRemoveAndReturn</a></p></li>
 <li><p><a href="xmlsec-list.html#XMLSECPTRLISTREMOVE">xmlSecPtrListRemove</a></p></li>
 <li><p><a href="xmlsec-list.html#XMLSECPTRLISTSETDEFAULTALLOCMODE">xmlSecPtrListSetDefaultAllocMode</a></p></li>
 <li><p><a href="xmlsec-list.html#XMLSECPTRLISTSET">xmlSecPtrListSet</a></p></li>
 <li><p><a href="xmlsec-xmlsec.html#XMLSECPTR">xmlSecPtr</a></p></li>
+<li><p><font>XMLSEC-PTR-TO-FUNC-IMPL</font></p></li>
+<li><p><font>XMLSEC-PTR-TO-FUNC</font></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGDUMP">xmlSecQName2BitMaskDebugDump</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGXMLDUMP">xmlSecQName2BitMaskDebugXmlDump</a></p></li>
 <li><p><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETBITMASKFROMSTRING">xmlSecQName2BitMaskGetBitMaskFromString</a></p></li>
@@ -1030,6 +1285,7 @@
 <li><p><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID">xmlSecSimpleKeysStoreId</a></p></li>
 <li><p><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORELOAD">xmlSecSimpleKeysStoreLoad</a></p></li>
 <li><p><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORESAVE">xmlSecSimpleKeysStoreSave</a></p></li>
+<li><p><font>XMLSEC-SIZE-BAD-CAST</font></p></li>
 <li><p><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a></p></li>
 <li><p><font>xmlSecSoap11AddBodyEntry</font></p></li>
 <li><p><font>xmlSecSoap11AddFaultEntry</font></p></li>
@@ -1114,7 +1370,6 @@
 <li><p><font>XMLSEC-TRANSFORM-BINARY-CHUNK</font></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKID">xmlSecTransformCheckId</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKSIZE">xmlSecTransformCheckSize</a></p></li>
-<li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKTYPE">xmlSecTransformCheckType</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT">xmlSecTransformConnect</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATEINPUTBUFFER">xmlSecTransformCreateInputBuffer</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATE">xmlSecTransformCreate</a></p></li>
@@ -1158,6 +1413,18 @@
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMDESTROY">xmlSecTransformDestroy</a></p></li>
 <li><p><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA1GETKLASS">xmlSecTransformDsaSha1GetKlass</a></p></li>
 <li><p><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA1ID">xmlSecTransformDsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA256GETKLASS">xmlSecTransformDsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMDSASHA256ID">xmlSecTransformDsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA1GETKLASS">xmlSecTransformEcdsaSha1GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA1ID">xmlSecTransformEcdsaSha1Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA224GETKLASS">xmlSecTransformEcdsaSha224GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA224ID">xmlSecTransformEcdsaSha224Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA256GETKLASS">xmlSecTransformEcdsaSha256GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA256ID">xmlSecTransformEcdsaSha256Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA384GETKLASS">xmlSecTransformEcdsaSha384GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA384ID">xmlSecTransformEcdsaSha384Id</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA512GETKLASS">xmlSecTransformEcdsaSha512GetKlass</a></p></li>
+<li><p><a href="xmlsec-app.html#XMLSECTRANSFORMECDSASHA512ID">xmlSecTransformEcdsaSha512Id</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDGETKLASS">xmlSecTransformEnvelopedGetKlass</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDID">xmlSecTransformEnvelopedId</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NGETKLASS">xmlSecTransformExclC14NGetKlass</a></p></li>
@@ -1315,6 +1582,7 @@
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERSETEXPR">xmlSecTransformXPointerSetExpr</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTGETKLASS">xmlSecTransformXsltGetKlass</a></p></li>
 <li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTID">xmlSecTransformXsltId</a></p></li>
+<li><p><a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTSETDEFAULTSECURITYPREFS">xmlSecTransformXsltSetDefaultSecurityPrefs</a></p></li>
 <li><p><font>XMLSEC-VERSION-INFO</font></p></li>
 <li><p><font>XMLSEC-VERSION-MAJOR</font></p></li>
 <li><p><font>XMLSEC-VERSION-MINOR</font></p></li>
diff --git a/docs/api/xmlsec-index.sgml b/docs/api/xmlsec-index.sgml
index 9a23c38b..83f764b7 100644
--- a/docs/api/xmlsec-index.sgml
+++ b/docs/api/xmlsec-index.sgml
@@ -106,6 +106,7 @@
 <listitem><para><link linkend="xmlSecCryptoDLSetFunctions">xmlSecCryptoDLSetFunctions</link></para></listitem>
 <listitem><para><link linkend="xmlSecCryptoDLShutdown">xmlSecCryptoDLShutdown</link></para></listitem>
 <listitem><para><link linkend="xmlSecCryptoDLUnloadLibrary">xmlSecCryptoDLUnloadLibrary</link></para></listitem>
+<listitem><para><link linkend="xmlSecCryptoGetFunctions-gcrypt-CAPS">xmlSecCryptoGetFunctions-gcrypt</link></para></listitem>
 <listitem><para><link linkend="xmlSecCryptoGetFunctions-gnutls-CAPS">xmlSecCryptoGetFunctions-gnutls</link></para></listitem>
 <listitem><para><link linkend="xmlSecCryptoGetFunctions-mscrypto-CAPS">xmlSecCryptoGetFunctions-mscrypto</link></para></listitem>
 <listitem><para><link linkend="xmlSecCryptoGetFunctions-nss-CAPS">xmlSecCryptoGetFunctions-nss</link></para></listitem>
@@ -227,6 +228,103 @@
 <listitem><para><link linkend="xmlSecFindChild">xmlSecFindChild</link></para></listitem>
 <listitem><para><link linkend="xmlSecFindNode">xmlSecFindNode</link></para></listitem>
 <listitem><para><link linkend="xmlSecFindParent">xmlSecFindParent</link></para></listitem>
+<listitem><para><link linkend="XMLSEC-FUNC-TO-PTR-CAPS">XMLSEC-FUNC-TO-PTR</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppDefaultKeysMngrAdoptKey">xmlSecGCryptAppDefaultKeysMngrAdoptKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppDefaultKeysMngrInit">xmlSecGCryptAppDefaultKeysMngrInit</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppDefaultKeysMngrLoad">xmlSecGCryptAppDefaultKeysMngrLoad</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppDefaultKeysMngrSave">xmlSecGCryptAppDefaultKeysMngrSave</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppGetDefaultPwdCallback">xmlSecGCryptAppGetDefaultPwdCallback</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppInit">xmlSecGCryptAppInit</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeyCertLoadMemory">xmlSecGCryptAppKeyCertLoadMemory</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeyCertLoad">xmlSecGCryptAppKeyCertLoad</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeyLoadMemory">xmlSecGCryptAppKeyLoadMemory</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeyLoad">xmlSecGCryptAppKeyLoad</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeysMngrCertLoadMemory">xmlSecGCryptAppKeysMngrCertLoadMemory</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppKeysMngrCertLoad">xmlSecGCryptAppKeysMngrCertLoad</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppPkcs12LoadMemory">xmlSecGCryptAppPkcs12LoadMemory</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppPkcs12Load">xmlSecGCryptAppPkcs12Load</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptAppShutdown">xmlSecGCryptAppShutdown</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptGenerateRandom">xmlSecGCryptGenerateRandom</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptHmacGetMinOutputLength">xmlSecGCryptHmacGetMinOutputLength</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptHmacSetMinOutputLength">xmlSecGCryptHmacSetMinOutputLength</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptInit">xmlSecGCryptInit</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataAesGetKlass">xmlSecGCryptKeyDataAesGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataAesId">xmlSecGCryptKeyDataAesId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataAesSet">xmlSecGCryptKeyDataAesSet</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDesGetKlass">xmlSecGCryptKeyDataDesGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDesId">xmlSecGCryptKeyDataDesId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDesSet">xmlSecGCryptKeyDataDesSet</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaAdoptKey">xmlSecGCryptKeyDataDsaAdoptKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaAdoptKeyPair">xmlSecGCryptKeyDataDsaAdoptKeyPair</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaGetKlass">xmlSecGCryptKeyDataDsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaGetPrivateKey">xmlSecGCryptKeyDataDsaGetPrivateKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaGetPublicKey">xmlSecGCryptKeyDataDsaGetPublicKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataDsaId">xmlSecGCryptKeyDataDsaId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataHmacGetKlass">xmlSecGCryptKeyDataHmacGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataHmacId">xmlSecGCryptKeyDataHmacId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataHmacSet">xmlSecGCryptKeyDataHmacSet</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaAdoptKey">xmlSecGCryptKeyDataRsaAdoptKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaAdoptKeyPair">xmlSecGCryptKeyDataRsaAdoptKeyPair</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaGetKlass">xmlSecGCryptKeyDataRsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaGetPrivateKey">xmlSecGCryptKeyDataRsaGetPrivateKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaGetPublicKey">xmlSecGCryptKeyDataRsaGetPublicKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeyDataRsaId">xmlSecGCryptKeyDataRsaId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptKeysMngrInit">xmlSecGCryptKeysMngrInit</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptShutdown">xmlSecGCryptShutdown</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes128CbcGetKlass">xmlSecGCryptTransformAes128CbcGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes128CbcId">xmlSecGCryptTransformAes128CbcId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes192CbcGetKlass">xmlSecGCryptTransformAes192CbcGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes192CbcId">xmlSecGCryptTransformAes192CbcId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes256CbcGetKlass">xmlSecGCryptTransformAes256CbcGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformAes256CbcId">xmlSecGCryptTransformAes256CbcId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformDes3CbcGetKlass">xmlSecGCryptTransformDes3CbcGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformDes3CbcId">xmlSecGCryptTransformDes3CbcId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformDsaSha1GetKlass">xmlSecGCryptTransformDsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformDsaSha1Id">xmlSecGCryptTransformDsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacMd5GetKlass">xmlSecGCryptTransformHmacMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacMd5Id">xmlSecGCryptTransformHmacMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacRipemd160GetKlass">xmlSecGCryptTransformHmacRipemd160GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacRipemd160Id">xmlSecGCryptTransformHmacRipemd160Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha1GetKlass">xmlSecGCryptTransformHmacSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha1Id">xmlSecGCryptTransformHmacSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha256GetKlass">xmlSecGCryptTransformHmacSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha256Id">xmlSecGCryptTransformHmacSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha384GetKlass">xmlSecGCryptTransformHmacSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha384Id">xmlSecGCryptTransformHmacSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha512GetKlass">xmlSecGCryptTransformHmacSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformHmacSha512Id">xmlSecGCryptTransformHmacSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes128GetKlass">xmlSecGCryptTransformKWAes128GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes128Id">xmlSecGCryptTransformKWAes128Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes192GetKlass">xmlSecGCryptTransformKWAes192GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes192Id">xmlSecGCryptTransformKWAes192Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes256GetKlass">xmlSecGCryptTransformKWAes256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWAes256Id">xmlSecGCryptTransformKWAes256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWDes3GetKlass">xmlSecGCryptTransformKWDes3GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformKWDes3Id">xmlSecGCryptTransformKWDes3Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformMd5GetKlass">xmlSecGCryptTransformMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformMd5Id">xmlSecGCryptTransformMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRipemd160GetKlass">xmlSecGCryptTransformRipemd160GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRipemd160Id">xmlSecGCryptTransformRipemd160Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaMd5GetKlass">xmlSecGCryptTransformRsaMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaMd5Id">xmlSecGCryptTransformRsaMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaRipemd160GetKlass">xmlSecGCryptTransformRsaRipemd160GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaRipemd160Id">xmlSecGCryptTransformRsaRipemd160Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha1GetKlass">xmlSecGCryptTransformRsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha1Id">xmlSecGCryptTransformRsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha256GetKlass">xmlSecGCryptTransformRsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha256Id">xmlSecGCryptTransformRsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha384GetKlass">xmlSecGCryptTransformRsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha384Id">xmlSecGCryptTransformRsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha512GetKlass">xmlSecGCryptTransformRsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformRsaSha512Id">xmlSecGCryptTransformRsaSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha1GetKlass">xmlSecGCryptTransformSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha1Id">xmlSecGCryptTransformSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha256GetKlass">xmlSecGCryptTransformSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha256Id">xmlSecGCryptTransformSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha384GetKlass">xmlSecGCryptTransformSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha384Id">xmlSecGCryptTransformSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha512GetKlass">xmlSecGCryptTransformSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGCryptTransformSha512Id">xmlSecGCryptTransformSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGenerateAndAddID">xmlSecGenerateAndAddID</link></para></listitem>
 <listitem><para><link linkend="xmlSecGenerateID">xmlSecGenerateID</link></para></listitem>
 <listitem><para><link linkend="xmlSecGetHex">xmlSecGetHex</link></para></listitem>
@@ -259,9 +357,29 @@
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataDesGetKlass">xmlSecGnuTLSKeyDataDesGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataDesId">xmlSecGnuTLSKeyDataDesId</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataDesSet">xmlSecGnuTLSKeyDataDesSet</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataDsaAdoptPrivateKey">xmlSecGnuTLSKeyDataDsaAdoptPrivateKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataDsaAdoptPublicKey">xmlSecGnuTLSKeyDataDsaAdoptPublicKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataDsaGetKlass">xmlSecGnuTLSKeyDataDsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataDsaId">xmlSecGnuTLSKeyDataDsaId</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataHmacGetKlass">xmlSecGnuTLSKeyDataHmacGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataHmacId">xmlSecGnuTLSKeyDataHmacId</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeyDataHmacSet">xmlSecGnuTLSKeyDataHmacSet</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRawX509CertGetKlass">xmlSecGnuTLSKeyDataRawX509CertGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRawX509CertId">xmlSecGnuTLSKeyDataRawX509CertId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRsaAdoptPrivateKey">xmlSecGnuTLSKeyDataRsaAdoptPrivateKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRsaAdoptPublicKey">xmlSecGnuTLSKeyDataRsaAdoptPublicKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRsaGetKlass">xmlSecGnuTLSKeyDataRsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataRsaId">xmlSecGnuTLSKeyDataRsaId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509AdoptCert">xmlSecGnuTLSKeyDataX509AdoptCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509AdoptCrl">xmlSecGnuTLSKeyDataX509AdoptCrl</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509AdoptKeyCert">xmlSecGnuTLSKeyDataX509AdoptKeyCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetCert">xmlSecGnuTLSKeyDataX509GetCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetCertsSize">xmlSecGnuTLSKeyDataX509GetCertsSize</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetCrl">xmlSecGnuTLSKeyDataX509GetCrl</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetCrlsSize">xmlSecGnuTLSKeyDataX509GetCrlsSize</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetKeyCert">xmlSecGnuTLSKeyDataX509GetKeyCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509GetKlass">xmlSecGnuTLSKeyDataX509GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSKeyDataX509Id">xmlSecGnuTLSKeyDataX509Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSKeysMngrInit">xmlSecGnuTLSKeysMngrInit</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSShutdown">xmlSecGnuTLSShutdown</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformAes128CbcGetKlass">xmlSecGnuTLSTransformAes128CbcGetKlass</link></para></listitem>
@@ -272,14 +390,58 @@
 <listitem><para><link linkend="xmlSecGnuTLSTransformAes256CbcId">xmlSecGnuTLSTransformAes256CbcId</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformDes3CbcGetKlass">xmlSecGnuTLSTransformDes3CbcGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformDes3CbcId">xmlSecGnuTLSTransformDes3CbcId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformDsaSha1GetKlass">xmlSecGnuTLSTransformDsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformDsaSha1Id">xmlSecGnuTLSTransformDsaSha1Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacMd5GetKlass">xmlSecGnuTLSTransformHmacMd5GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacMd5Id">xmlSecGnuTLSTransformHmacMd5Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacRipemd160GetKlass">xmlSecGnuTLSTransformHmacRipemd160GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacRipemd160Id">xmlSecGnuTLSTransformHmacRipemd160Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha1GetKlass">xmlSecGnuTLSTransformHmacSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha1Id">xmlSecGnuTLSTransformHmacSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha256GetKlass">xmlSecGnuTLSTransformHmacSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha256Id">xmlSecGnuTLSTransformHmacSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha384GetKlass">xmlSecGnuTLSTransformHmacSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha384Id">xmlSecGnuTLSTransformHmacSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha512GetKlass">xmlSecGnuTLSTransformHmacSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformHmacSha512Id">xmlSecGnuTLSTransformHmacSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes128GetKlass">xmlSecGnuTLSTransformKWAes128GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes128Id">xmlSecGnuTLSTransformKWAes128Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes192GetKlass">xmlSecGnuTLSTransformKWAes192GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes192Id">xmlSecGnuTLSTransformKWAes192Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes256GetKlass">xmlSecGnuTLSTransformKWAes256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWAes256Id">xmlSecGnuTLSTransformKWAes256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWDes3GetKlass">xmlSecGnuTLSTransformKWDes3GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformKWDes3Id">xmlSecGnuTLSTransformKWDes3Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformMd5GetKlass">xmlSecGnuTLSTransformMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformMd5Id">xmlSecGnuTLSTransformMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRipemd160GetKlass">xmlSecGnuTLSTransformRipemd160GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRipemd160Id">xmlSecGnuTLSTransformRipemd160Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaMd5GetKlass">xmlSecGnuTLSTransformRsaMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaMd5Id">xmlSecGnuTLSTransformRsaMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaRipemd160GetKlass">xmlSecGnuTLSTransformRsaRipemd160GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaRipemd160Id">xmlSecGnuTLSTransformRsaRipemd160Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha1GetKlass">xmlSecGnuTLSTransformRsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha1Id">xmlSecGnuTLSTransformRsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha256GetKlass">xmlSecGnuTLSTransformRsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha256Id">xmlSecGnuTLSTransformRsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha384GetKlass">xmlSecGnuTLSTransformRsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha384Id">xmlSecGnuTLSTransformRsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha512GetKlass">xmlSecGnuTLSTransformRsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformRsaSha512Id">xmlSecGnuTLSTransformRsaSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformSha1GetKlass">xmlSecGnuTLSTransformSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecGnuTLSTransformSha1Id">xmlSecGnuTLSTransformSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha256GetKlass">xmlSecGnuTLSTransformSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha256Id">xmlSecGnuTLSTransformSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha384GetKlass">xmlSecGnuTLSTransformSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha384Id">xmlSecGnuTLSTransformSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha512GetKlass">xmlSecGnuTLSTransformSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSTransformSha512Id">xmlSecGnuTLSTransformSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509CertGetKey">xmlSecGnuTLSX509CertGetKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509StoreAdoptCert">xmlSecGnuTLSX509StoreAdoptCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509StoreFindCert">xmlSecGnuTLSX509StoreFindCert</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509StoreGetKlass">xmlSecGnuTLSX509StoreGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509StoreId">xmlSecGnuTLSX509StoreId</link></para></listitem>
+<listitem><para><link linkend="xmlSecGnuTLSX509StoreVerify">xmlSecGnuTLSX509StoreVerify</link></para></listitem>
 <listitem><para><link linkend="xmlSecInit">xmlSecInit</link></para></listitem>
 <listitem><para><link linkend="xmlSecIOCleanupCallbacks">xmlSecIOCleanupCallbacks</link></para></listitem>
 <listitem><para><link linkend="xmlSecIOInit">xmlSecIOInit</link></para></listitem>
@@ -326,6 +488,8 @@
 <listitem><para><link linkend="xmlSecKeyDataDsaId">xmlSecKeyDataDsaId</link></para></listitem>
 <listitem><para><link linkend="xmlSecKeyDataDuplicateMethod">xmlSecKeyDataDuplicateMethod</link></para></listitem>
 <listitem><para><link linkend="xmlSecKeyDataDuplicate">xmlSecKeyDataDuplicate</link></para></listitem>
+<listitem><para><link linkend="xmlSecKeyDataEcdsaGetKlass">xmlSecKeyDataEcdsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecKeyDataEcdsaId">xmlSecKeyDataEcdsaId</link></para></listitem>
 <listitem><para><link linkend="xmlSecKeyDataEncryptedKeyGetKlass">xmlSecKeyDataEncryptedKeyGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecKeyDataEncryptedKeyId">xmlSecKeyDataEncryptedKeyId</link></para></listitem>
 <listitem><para><link linkend="xmlSecKeyDataFinalizeMethod">xmlSecKeyDataFinalizeMethod</link></para></listitem>
@@ -540,9 +704,17 @@
 <listitem><para><link linkend="xmlSecMSCryptoAppShutdown">xmlSecMSCryptoAppShutdown</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoCertAdopt">xmlSecMSCryptoCertAdopt</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoCertDup">xmlSecMSCryptoCertDup</link></para></listitem>
-<listitem><para><link linkend="xmlSecMSCryptoCertStrToName">xmlSecMSCryptoCertStrToName</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertLocaleToUnicode">xmlSecMSCryptoConvertLocaleToUnicode</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertLocaleToUtf8">xmlSecMSCryptoConvertLocaleToUtf8</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertTstrToUtf8">xmlSecMSCryptoConvertTstrToUtf8</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertUnicodeToUtf8">xmlSecMSCryptoConvertUnicodeToUtf8</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertUtf8ToLocale">xmlSecMSCryptoConvertUtf8ToLocale</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertUtf8ToTstr">xmlSecMSCryptoConvertUtf8ToTstr</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoConvertUtf8ToUnicode">xmlSecMSCryptoConvertUtf8ToUnicode</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoErrorsDefaultCallback">xmlSecMSCryptoErrorsDefaultCallback</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoGenerateRandom">xmlSecMSCryptoGenerateRandom</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoHmacGetMinOutputLength">xmlSecMSCryptoHmacGetMinOutputLength</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoHmacSetMinOutputLength">xmlSecMSCryptoHmacSetMinOutputLength</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoInit">xmlSecMSCryptoInit</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataAesGetKlass">xmlSecMSCryptoKeyDataAesGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataAesId">xmlSecMSCryptoKeyDataAesId</link></para></listitem>
@@ -554,8 +726,13 @@
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataGetCert">xmlSecMSCryptoKeyDataGetCert</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataGetDecryptKey">xmlSecMSCryptoKeyDataGetDecryptKey</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataGetKey">xmlSecMSCryptoKeyDataGetKey</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoKeyDataGetMSCryptoKeySpec">xmlSecMSCryptoKeyDataGetMSCryptoKeySpec</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoKeyDataGetMSCryptoProvider">xmlSecMSCryptoKeyDataGetMSCryptoProvider</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataGost2001GetKlass">xmlSecMSCryptoKeyDataGost2001GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataGost2001Id">xmlSecMSCryptoKeyDataGost2001Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoKeyDataHmacGetKlass">xmlSecMSCryptoKeyDataHmacGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoKeyDataHmacId">xmlSecMSCryptoKeyDataHmacId</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoKeyDataHmacSet">xmlSecMSCryptoKeyDataHmacSet</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataRawX509CertGetKlass">xmlSecMSCryptoKeyDataRawX509CertGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataRawX509CertId">xmlSecMSCryptoKeyDataRawX509CertId</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoKeyDataRsaGetKlass">xmlSecMSCryptoKeyDataRsaGetKlass</link></para></listitem>
@@ -591,22 +768,55 @@
 <listitem><para><link linkend="xmlSecMSCryptoTransformGost2001GostR3411-94Id-CAPS">xmlSecMSCryptoTransformGost2001GostR3411-94Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformGostR3411-94GetKlass-CAPS">xmlSecMSCryptoTransformGostR3411-94GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformGostR3411-94Id-CAPS">xmlSecMSCryptoTransformGostR3411-94Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacMd5GetKlass">xmlSecMSCryptoTransformHmacMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacMd5Id">xmlSecMSCryptoTransformHmacMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha1GetKlass">xmlSecMSCryptoTransformHmacSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha1Id">xmlSecMSCryptoTransformHmacSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha256GetKlass">xmlSecMSCryptoTransformHmacSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha256Id">xmlSecMSCryptoTransformHmacSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha384GetKlass">xmlSecMSCryptoTransformHmacSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha384Id">xmlSecMSCryptoTransformHmacSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha512GetKlass">xmlSecMSCryptoTransformHmacSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformHmacSha512Id">xmlSecMSCryptoTransformHmacSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes128GetKlass">xmlSecMSCryptoTransformKWAes128GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes128Id">xmlSecMSCryptoTransformKWAes128Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes192GetKlass">xmlSecMSCryptoTransformKWAes192GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes192Id">xmlSecMSCryptoTransformKWAes192Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes256GetKlass">xmlSecMSCryptoTransformKWAes256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWAes256Id">xmlSecMSCryptoTransformKWAes256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWDes3GetKlass">xmlSecMSCryptoTransformKWDes3GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformKWDes3Id">xmlSecMSCryptoTransformKWDes3Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformMd5GetKlass">xmlSecMSCryptoTransformMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformMd5Id">xmlSecMSCryptoTransformMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaMd5GetKlass">xmlSecMSCryptoTransformRsaMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaMd5Id">xmlSecMSCryptoTransformRsaMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaOaepGetKlass">xmlSecMSCryptoTransformRsaOaepGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaOaepId">xmlSecMSCryptoTransformRsaOaepId</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformRsaPkcs1GetKlass">xmlSecMSCryptoTransformRsaPkcs1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformRsaPkcs1Id">xmlSecMSCryptoTransformRsaPkcs1Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha1GetKlass">xmlSecMSCryptoTransformRsaSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha1Id">xmlSecMSCryptoTransformRsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha256GetKlass">xmlSecMSCryptoTransformRsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha256Id">xmlSecMSCryptoTransformRsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha384GetKlass">xmlSecMSCryptoTransformRsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha384Id">xmlSecMSCryptoTransformRsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha512GetKlass">xmlSecMSCryptoTransformRsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformRsaSha512Id">xmlSecMSCryptoTransformRsaSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformSha1GetKlass">xmlSecMSCryptoTransformSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoTransformSha1Id">xmlSecMSCryptoTransformSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha256GetKlass">xmlSecMSCryptoTransformSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha256Id">xmlSecMSCryptoTransformSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha384GetKlass">xmlSecMSCryptoTransformSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha384Id">xmlSecMSCryptoTransformSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha512GetKlass">xmlSecMSCryptoTransformSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecMSCryptoTransformSha512Id">xmlSecMSCryptoTransformSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreAdoptCert">xmlSecMSCryptoX509StoreAdoptCert</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreAdoptKeyStore">xmlSecMSCryptoX509StoreAdoptKeyStore</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreAdoptTrustedStore">xmlSecMSCryptoX509StoreAdoptTrustedStore</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreAdoptUntrustedStore">xmlSecMSCryptoX509StoreAdoptUntrustedStore</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreEnableSystemTrustedCerts">xmlSecMSCryptoX509StoreEnableSystemTrustedCerts</link></para></listitem>
-<listitem><para><link linkend="xmlSecMSCryptoX509StoreFindCert">xmlSecMSCryptoX509StoreFindCert</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreGetKlass">xmlSecMSCryptoX509StoreGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecMSCryptoX509StoreId">xmlSecMSCryptoX509StoreId</link></para></listitem>
-<listitem><para><link linkend="xmlSecMSCryptoX509StoreVerify">xmlSecMSCryptoX509StoreVerify</link></para></listitem>
-<listitem><para><link linkend="XMLSEC-NO-AES-CAPS">XMLSEC-NO-AES</link></para></listitem>
 <listitem><para><link linkend="xmlSecNodeEncodeAndSetContent">xmlSecNodeEncodeAndSetContent</link></para></listitem>
 <listitem><para><link linkend="xmlSecNodeGetName">xmlSecNodeGetName</link></para></listitem>
 <listitem><para><link linkend="xmlSecNodeSetAddList">xmlSecNodeSetAddList</link></para></listitem>
@@ -623,10 +833,6 @@
 <listitem><para><link linkend="xmlSecNodeSetType">xmlSecNodeSetType</link></para></listitem>
 <listitem><para><link linkend="xmlSecNodeSetWalkCallback">xmlSecNodeSetWalkCallback</link></para></listitem>
 <listitem><para><link linkend="xmlSecNodeSetWalk">xmlSecNodeSetWalk</link></para></listitem>
-<listitem><para><link linkend="XMLSEC-NO-SHA224-CAPS">XMLSEC-NO-SHA224</link></para></listitem>
-<listitem><para><link linkend="XMLSEC-NO-SHA256-CAPS">XMLSEC-NO-SHA256</link></para></listitem>
-<listitem><para><link linkend="XMLSEC-NO-SHA384-CAPS">XMLSEC-NO-SHA384</link></para></listitem>
-<listitem><para><link linkend="XMLSEC-NO-SHA512-CAPS">XMLSEC-NO-SHA512</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssAppDefaultKeysMngrAdoptKey">xmlSecNssAppDefaultKeysMngrAdoptKey</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssAppDefaultKeysMngrInit">xmlSecNssAppDefaultKeysMngrInit</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssAppDefaultKeysMngrLoad">xmlSecNssAppDefaultKeysMngrLoad</link></para></listitem>
@@ -708,6 +914,12 @@
 <listitem><para><link linkend="xmlSecNssTransformHmacRipemd160Id">xmlSecNssTransformHmacRipemd160Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformHmacSha1GetKlass">xmlSecNssTransformHmacSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformHmacSha1Id">xmlSecNssTransformHmacSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha256GetKlass">xmlSecNssTransformHmacSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha256Id">xmlSecNssTransformHmacSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha384GetKlass">xmlSecNssTransformHmacSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha384Id">xmlSecNssTransformHmacSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha512GetKlass">xmlSecNssTransformHmacSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformHmacSha512Id">xmlSecNssTransformHmacSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformKWAes128GetKlass">xmlSecNssTransformKWAes128GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformKWAes128Id">xmlSecNssTransformKWAes128Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformKWAes192GetKlass">xmlSecNssTransformKWAes192GetKlass</link></para></listitem>
@@ -716,14 +928,30 @@
 <listitem><para><link linkend="xmlSecNssTransformKWAes256Id">xmlSecNssTransformKWAes256Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformKWDes3GetKlass">xmlSecNssTransformKWDes3GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformKWDes3Id">xmlSecNssTransformKWDes3Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformMd5GetKlass">xmlSecNssTransformMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformMd5Id">xmlSecNssTransformMd5Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaMd5GetKlass">xmlSecNssTransformRsaMd5GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaMd5Id">xmlSecNssTransformRsaMd5Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaOaepGetKlass">xmlSecNssTransformRsaOaepGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaOaepId">xmlSecNssTransformRsaOaepId</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaPkcs1GetKlass">xmlSecNssTransformRsaPkcs1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaPkcs1Id">xmlSecNssTransformRsaPkcs1Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaSha1GetKlass">xmlSecNssTransformRsaSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformRsaSha1Id">xmlSecNssTransformRsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha256GetKlass">xmlSecNssTransformRsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha256Id">xmlSecNssTransformRsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha384GetKlass">xmlSecNssTransformRsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha384Id">xmlSecNssTransformRsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha512GetKlass">xmlSecNssTransformRsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformRsaSha512Id">xmlSecNssTransformRsaSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformSha1GetKlass">xmlSecNssTransformSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssTransformSha1Id">xmlSecNssTransformSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha256GetKlass">xmlSecNssTransformSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha256Id">xmlSecNssTransformSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha384GetKlass">xmlSecNssTransformSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha384Id">xmlSecNssTransformSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha512GetKlass">xmlSecNssTransformSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecNssTransformSha512Id">xmlSecNssTransformSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssX509CertGetKey">xmlSecNssX509CertGetKey</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssX509StoreAdoptCert">xmlSecNssX509StoreAdoptCert</link></para></listitem>
 <listitem><para><link linkend="xmlSecNssX509StoreFindCert">xmlSecNssX509StoreFindCert</link></para></listitem>
@@ -776,6 +1004,14 @@
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataDsaGetEvp">xmlSecOpenSSLKeyDataDsaGetEvp</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataDsaGetKlass">xmlSecOpenSSLKeyDataDsaGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataDsaId">xmlSecOpenSSLKeyDataDsaId</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa">xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaAdoptEvp">xmlSecOpenSSLKeyDataEcdsaAdoptEvp</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaGetEcdsa">xmlSecOpenSSLKeyDataEcdsaGetEcdsa</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaGetEvp">xmlSecOpenSSLKeyDataEcdsaGetEvp</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaGetKlass">xmlSecOpenSSLKeyDataEcdsaGetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataEcdsaId">xmlSecOpenSSLKeyDataEcdsaId</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataGost2001GetKlass">xmlSecOpenSSLKeyDataGost2001GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLKeyDataGost2001Id">xmlSecOpenSSLKeyDataGost2001Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataHmacGetKlass">xmlSecOpenSSLKeyDataHmacGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataHmacId">xmlSecOpenSSLKeyDataHmacId</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLKeyDataHmacSet">xmlSecOpenSSLKeyDataHmacSet</link></para></listitem>
@@ -812,6 +1048,22 @@
 <listitem><para><link linkend="xmlSecOpenSSLTransformDes3CbcId">xmlSecOpenSSLTransformDes3CbcId</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLTransformDsaSha1GetKlass">xmlSecOpenSSLTransformDsaSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLTransformDsaSha1Id">xmlSecOpenSSLTransformDsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformDsaSha256GetKlass">xmlSecOpenSSLTransformDsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformDsaSha256Id">xmlSecOpenSSLTransformDsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha1GetKlass">xmlSecOpenSSLTransformEcdsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha1Id">xmlSecOpenSSLTransformEcdsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha224GetKlass">xmlSecOpenSSLTransformEcdsaSha224GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha224Id">xmlSecOpenSSLTransformEcdsaSha224Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha256GetKlass">xmlSecOpenSSLTransformEcdsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha256Id">xmlSecOpenSSLTransformEcdsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha384GetKlass">xmlSecOpenSSLTransformEcdsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha384Id">xmlSecOpenSSLTransformEcdsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha512GetKlass">xmlSecOpenSSLTransformEcdsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformEcdsaSha512Id">xmlSecOpenSSLTransformEcdsaSha512Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformGost2001GostR3411-94GetKlass-CAPS">xmlSecOpenSSLTransformGost2001GostR3411-94GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformGost2001GostR3411-94Id-CAPS">xmlSecOpenSSLTransformGost2001GostR3411-94Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformGostR3411-94GetKlass-CAPS">xmlSecOpenSSLTransformGostR3411-94GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecOpenSSLTransformGostR3411-94Id-CAPS">xmlSecOpenSSLTransformGostR3411-94Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLTransformHmacMd5GetKlass">xmlSecOpenSSLTransformHmacMd5GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLTransformHmacMd5Id">xmlSecOpenSSLTransformHmacMd5Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecOpenSSLTransformHmacRipemd160GetKlass">xmlSecOpenSSLTransformHmacRipemd160GetKlass</link></para></listitem>
@@ -901,10 +1153,13 @@
 <listitem><para><link linkend="xmlSecPtrListKlassGetName">xmlSecPtrListKlassGetName</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtrListKlass">xmlSecPtrListKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtrList">xmlSecPtrList</link></para></listitem>
+<listitem><para><link linkend="xmlSecPtrListRemoveAndReturn">xmlSecPtrListRemoveAndReturn</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtrListRemove">xmlSecPtrListRemove</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtrListSetDefaultAllocMode">xmlSecPtrListSetDefaultAllocMode</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtrListSet">xmlSecPtrListSet</link></para></listitem>
 <listitem><para><link linkend="xmlSecPtr">xmlSecPtr</link></para></listitem>
+<listitem><para><link linkend="XMLSEC-PTR-TO-FUNC-IMPL-CAPS">XMLSEC-PTR-TO-FUNC-IMPL</link></para></listitem>
+<listitem><para><link linkend="XMLSEC-PTR-TO-FUNC-CAPS">XMLSEC-PTR-TO-FUNC</link></para></listitem>
 <listitem><para><link linkend="xmlSecQName2BitMaskDebugDump">xmlSecQName2BitMaskDebugDump</link></para></listitem>
 <listitem><para><link linkend="xmlSecQName2BitMaskDebugXmlDump">xmlSecQName2BitMaskDebugXmlDump</link></para></listitem>
 <listitem><para><link linkend="xmlSecQName2BitMaskGetBitMaskFromString">xmlSecQName2BitMaskGetBitMaskFromString</link></para></listitem>
@@ -940,6 +1195,7 @@
 <listitem><para><link linkend="xmlSecSimpleKeysStoreId">xmlSecSimpleKeysStoreId</link></para></listitem>
 <listitem><para><link linkend="xmlSecSimpleKeysStoreLoad">xmlSecSimpleKeysStoreLoad</link></para></listitem>
 <listitem><para><link linkend="xmlSecSimpleKeysStoreSave">xmlSecSimpleKeysStoreSave</link></para></listitem>
+<listitem><para><link linkend="XMLSEC-SIZE-BAD-CAST-CAPS">XMLSEC-SIZE-BAD-CAST</link></para></listitem>
 <listitem><para><link linkend="xmlSecSize">xmlSecSize</link></para></listitem>
 <listitem><para><link linkend="xmlSecSoap11AddBodyEntry">xmlSecSoap11AddBodyEntry</link></para></listitem>
 <listitem><para><link linkend="xmlSecSoap11AddFaultEntry">xmlSecSoap11AddFaultEntry</link></para></listitem>
@@ -1024,7 +1280,6 @@
 <listitem><para><link linkend="XMLSEC-TRANSFORM-BINARY-CHUNK-CAPS">XMLSEC-TRANSFORM-BINARY-CHUNK</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformCheckId">xmlSecTransformCheckId</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformCheckSize">xmlSecTransformCheckSize</link></para></listitem>
-<listitem><para><link linkend="xmlSecTransformCheckType">xmlSecTransformCheckType</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformConnect">xmlSecTransformConnect</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformCreateInputBuffer">xmlSecTransformCreateInputBuffer</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformCreate">xmlSecTransformCreate</link></para></listitem>
@@ -1068,6 +1323,18 @@
 <listitem><para><link linkend="xmlSecTransformDestroy">xmlSecTransformDestroy</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformDsaSha1GetKlass">xmlSecTransformDsaSha1GetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformDsaSha1Id">xmlSecTransformDsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformDsaSha256GetKlass">xmlSecTransformDsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformDsaSha256Id">xmlSecTransformDsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha1GetKlass">xmlSecTransformEcdsaSha1GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha1Id">xmlSecTransformEcdsaSha1Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha224GetKlass">xmlSecTransformEcdsaSha224GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha224Id">xmlSecTransformEcdsaSha224Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha256GetKlass">xmlSecTransformEcdsaSha256GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha256Id">xmlSecTransformEcdsaSha256Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha384GetKlass">xmlSecTransformEcdsaSha384GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha384Id">xmlSecTransformEcdsaSha384Id</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha512GetKlass">xmlSecTransformEcdsaSha512GetKlass</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformEcdsaSha512Id">xmlSecTransformEcdsaSha512Id</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformEnvelopedGetKlass">xmlSecTransformEnvelopedGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformEnvelopedId">xmlSecTransformEnvelopedId</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformExclC14NGetKlass">xmlSecTransformExclC14NGetKlass</link></para></listitem>
@@ -1225,6 +1492,7 @@
 <listitem><para><link linkend="xmlSecTransformXPointerSetExpr">xmlSecTransformXPointerSetExpr</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformXsltGetKlass">xmlSecTransformXsltGetKlass</link></para></listitem>
 <listitem><para><link linkend="xmlSecTransformXsltId">xmlSecTransformXsltId</link></para></listitem>
+<listitem><para><link linkend="xmlSecTransformXsltSetDefaultSecurityPrefs">xmlSecTransformXsltSetDefaultSecurityPrefs</link></para></listitem>
 <listitem><para><link linkend="XMLSEC-VERSION-INFO-CAPS">XMLSEC-VERSION-INFO</link></para></listitem>
 <listitem><para><link linkend="XMLSEC-VERSION-MAJOR-CAPS">XMLSEC-VERSION-MAJOR</link></para></listitem>
 <listitem><para><link linkend="XMLSEC-VERSION-MINOR-CAPS">XMLSEC-VERSION-MINOR</link></para></listitem>
diff --git a/docs/api/xmlsec-io.html b/docs/api/xmlsec-io.html
index 39d6a515..7b5ca626 100644
--- a/docs/api/xmlsec-io.html
+++ b/docs/api/xmlsec-io.html
@@ -87,21 +87,21 @@
 <h1>
 <a name="XMLSEC-IO"></a>io</h1>
 <div class="REFNAMEDIV">
-<a name="AEN5268"></a><h2>Name</h2>io -- Input/output support.</div>
+<a name="AEN6453"></a><h2>Name</h2>io -- Input/output support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-IO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-io.html#XMLSECIOINIT">xmlSecIOInit</a>                        (void);
-<font>void</font>                <a href="xmlsec-io.html#XMLSECIOSHUTDOWN">xmlSecIOShutdown</a>                    (void);
-<font>void</font>                <a href="xmlsec-io.html#XMLSECIOCLEANUPCALLBACKS">xmlSecIOCleanupCallbacks</a>            (void);
-<font>int</font>                 <a href="xmlsec-io.html#XMLSECIOREGISTERDEFAULTCALLBACKS">xmlSecIORegisterDefaultCallbacks</a>    (void);
-<font>int</font>                 <a href="xmlsec-io.html#XMLSECIOREGISTERCALLBACKS">xmlSecIORegisterCallbacks</a>           (<font>xmlInputMatchCallback</font> matchFunc,
-                                                         <font>xmlInputOpenCallback</font> openFunc,
-                                                         <font>xmlInputReadCallback</font> readFunc,
-                                                         <font>xmlInputCloseCallback</font> closeFunc);
+<pre class="SYNOPSIS"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-io.html#XMLSECIOCLEANUPCALLBACKS">xmlSecIOCleanupCallbacks</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-io.html#XMLSECIOINIT">xmlSecIOInit</a>                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-io.html#XMLSECIOREGISTERCALLBACKS">xmlSecIORegisterCallbacks</a>           (<code class="PARAMETER"><gtkdoclink href="XMLINPUTMATCHCALLBACK"><span class="TYPE">xmlInputMatchCallback</span></gtkdoclink> matchFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTOPENCALLBACK"><span class="TYPE">xmlInputOpenCallback</span></gtkdoclink> openFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTREADCALLBACK"><span class="TYPE">xmlInputReadCallback</span></gtkdoclink> readFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTCLOSECALLBACK"><span class="TYPE">xmlInputCloseCallback</span></gtkdoclink> closeFunc</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-io.html#XMLSECIOREGISTERDEFAULTCALLBACKS">xmlSecIORegisterDefaultCallbacks</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-io.html#XMLSECIOSHUTDOWN">xmlSecIOShutdown</a>                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-io.html#XMLSECTRANSFORMINPUTURIGETKLASS">xmlSecTransformInputURIGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-io.html#XMLSECTRANSFORMINPUTURIID">xmlSecTransformInputURIId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-io.html#XMLSECTRANSFORMINPUTURIGETKLASS">xmlSecTransformInputURIGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-io.html#XMLSECTRANSFORMINPUTURIOPEN">xmlSecTransformInputURIOpen</a>         (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *uri);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-io.html#XMLSECTRANSFORMINPUTURIOPEN">xmlSecTransformInputURIOpen</a>         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-IO.DESCRIPTION"></a><h2>Description</h2>
@@ -110,117 +110,109 @@
 <div class="REFSECT1">
 <a name="XMLSEC-IO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECIOINIT"></a><h3>xmlSecIOInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecIOInit                        (void);</pre>
-<p>The IO initialization (called from <a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function).
-Applications should not call this function directly.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5311"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECIOSHUTDOWN"></a><h3>xmlSecIOShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecIOShutdown                    (void);</pre>
-<p>The IO clenaup (called from <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function).
-Applications should not call this function directly.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECIOCLEANUPCALLBACKS"></a><h3>xmlSecIOCleanupCallbacks ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecIOCleanupCallbacks            (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecIOCleanupCallbacks            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>Clears the entire input callback table. this includes the
 compiled-in I/O.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECIOREGISTERDEFAULTCALLBACKS"></a><h3>xmlSecIORegisterDefaultCallbacks ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecIORegisterDefaultCallbacks    (void);</pre>
-<p>Registers the default compiled-in I/O handlers.</p>
-<p></p>
+<a name="XMLSECIOINIT"></a><h3>xmlSecIOInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecIOInit                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The IO initialization (called from <a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function).
+Applications should not call this function directly.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5343"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6537"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECIOREGISTERCALLBACKS"></a><h3>xmlSecIORegisterCallbacks ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecIORegisterCallbacks           (<font>xmlInputMatchCallback</font> matchFunc,
-                                                         <font>xmlInputOpenCallback</font> openFunc,
-                                                         <font>xmlInputReadCallback</font> readFunc,
-                                                         <font>xmlInputCloseCallback</font> closeFunc);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecIORegisterCallbacks           (<code class="PARAMETER"><gtkdoclink href="XMLINPUTMATCHCALLBACK"><span class="TYPE">xmlInputMatchCallback</span></gtkdoclink> matchFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTOPENCALLBACK"><span class="TYPE">xmlInputOpenCallback</span></gtkdoclink> openFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTREADCALLBACK"><span class="TYPE">xmlInputReadCallback</span></gtkdoclink> readFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLINPUTCLOSECALLBACK"><span class="TYPE">xmlInputCloseCallback</span></gtkdoclink> closeFunc</code>);</pre>
 <p>Register a new set of I/O callback for handling parser input.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5361"><span style="white-space: nowrap"><code class="PARAMETER">matchFunc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  	the protocol match callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6563"><span style="white-space: nowrap"><code class="PARAMETER">matchFunc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the protocol match callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5366"><span style="white-space: nowrap"><code class="PARAMETER">openFunc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  		the open stream callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6568"><span style="white-space: nowrap"><code class="PARAMETER">openFunc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the open stream callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5371"><span style="white-space: nowrap"><code class="PARAMETER">readFunc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  		the read from stream callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6573"><span style="white-space: nowrap"><code class="PARAMETER">readFunc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the read from stream callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5376"><span style="white-space: nowrap"><code class="PARAMETER">closeFunc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>  	the close stream callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6578"><span style="white-space: nowrap"><code class="PARAMETER">closeFunc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the close stream callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5381"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6583"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the 0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINPUTURIID"></a><h3>xmlSecTransformInputURIId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformInputURIId</pre>
-<p>The Input URI transform id.</p>
+<a name="XMLSECIOREGISTERDEFAULTCALLBACKS"></a><h3>xmlSecIORegisterDefaultCallbacks ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecIORegisterDefaultCallbacks    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Registers the default compiled-in I/O handlers.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN6599"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECIOSHUTDOWN"></a><h3>xmlSecIOShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecIOShutdown                    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The IO clenaup (called from <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function).
+Applications should not call this function directly.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMINPUTURIGETKLASS"></a><h3>xmlSecTransformInputURIGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformInputURIGetKlass     (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformInputURIGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The input uri transform klass. Reads binary data from an uri.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5402"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> input URI transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6627"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>input URI transform id.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECTRANSFORMINPUTURIID"></a><h3>xmlSecTransformInputURIId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformInputURIId</pre>
+<p>The Input URI transform id.</p>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECTRANSFORMINPUTURIOPEN"></a><h3>xmlSecTransformInputURIOpen ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformInputURIOpen         (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *uri);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformInputURIOpen         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
 <p>Opens the given <code class="PARAMETER">uri</code> for reading.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5419"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to IO transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6654"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to IO transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5424"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the URL to open.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6659"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URL to open.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5429"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN6664"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-keyinfo.html b/docs/api/xmlsec-keyinfo.html
index bfb27ec2..a32ab42e 100644
--- a/docs/api/xmlsec-keyinfo.html
+++ b/docs/api/xmlsec-keyinfo.html
@@ -87,52 +87,52 @@
 <h1>
 <a name="XMLSEC-KEYINFO"></a>keyinfo</h1>
 <div class="REFNAMEDIV">
-<a name="AEN5439"></a><h2>Name</h2>keyinfo -- <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node parser.</div>
+<a name="AEN6674"></a><h2>Name</h2>keyinfo -- <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node parser.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-KEYINFO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-keyinfo.html#XMLSECKEYINFONODEREAD">xmlSecKeyInfoNodeRead</a>               (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keyinfo.html#XMLSECKEYINFONODEWRITE">xmlSecKeyInfoNodeWrite</a>              (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-enum                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOMODE">xmlSecKeyInfoMode</a>;
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-DONT-STOP-ON-KEY-FOUND--CAPS">XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-UNKNOWN-CHILD--CAPS">XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYNAME-STOP-ON-UNKNOWN--CAPS">XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYVALUE-STOP-ON-UNKNOWN-CHILD--CAPS">XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-UNKNOWN-HREF--CAPS">XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-MISMATCH-HREF--CAPS">XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CHILD--CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-DONT-VERIFY-CERTS--CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CERT--CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-INVALID-CERT--CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-ENCKEY-DONT-STOP-ON-FAILED-DECRYPTION--CAPS">XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-EMPTY-NODE--CAPS">XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE</a>
-#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-SKIP-STRICT-CHECKS--CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS</a>
-struct              <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a>;
-<font>xmlSecKeyInfoCtxPtr</font>  <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATE">xmlSecKeyInfoCtxCreate</a>             (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDESTROY">xmlSecKeyInfoCtxDestroy</a>             (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXINITIALIZE">xmlSecKeyInfoCtxInitialize</a>          (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXFINALIZE">xmlSecKeyInfoCtxFinalize</a>            (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>void</font>                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXRESET">xmlSecKeyInfoCtxReset</a>               (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCOPYUSERPREF">xmlSecKeyInfoCtxCopyUserPref</a>        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> dst,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> src);
-<font>int</font>                 <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATEENCCTX">xmlSecKeyInfoCtxCreateEncCtx</a>        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>void</font>                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDEBUGDUMP">xmlSecKeyInfoCtxDebugDump</a>           (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDEBUGXMLDUMP">xmlSecKeyInfoCtxDebugXmlDump</a>        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <font>FILE</font> *output);
+<pre class="SYNOPSIS">#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-DONT-STOP-ON-KEY-FOUND:CAPS">XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-ENCKEY-DONT-STOP-ON-FAILED-DECRYPTION:CAPS">XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYNAME-STOP-ON-UNKNOWN:CAPS">XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-KEYVALUE-STOP-ON-UNKNOWN-CHILD:CAPS">XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-MISMATCH-HREF:CAPS">XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-UNKNOWN-HREF:CAPS">XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-EMPTY-NODE:CAPS">XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-STOP-ON-UNKNOWN-CHILD:CAPS">XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-DONT-VERIFY-CERTS:CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-SKIP-STRICT-CHECKS:CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-INVALID-CERT:CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CERT:CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT</a>
+#define             <a href="xmlsec-keyinfo.html#XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CHILD:CAPS">XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYGETKLASS">xmlSecKeyDataEncryptedKeyGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYID">xmlSecKeyDataEncryptedKeyId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYDATANAMEGETKLASS">xmlSecKeyDataNameGetKlass</a>           (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATANAMEID">xmlSecKeyDataNameId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keyinfo.html#XMLSECKEYDATANAMEGETKLASS">xmlSecKeyDataNameGetKlass</a>           (void);
-#define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATAVALUEID">xmlSecKeyDataValueId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keyinfo.html#XMLSECKEYDATAVALUEGETKLASS">xmlSecKeyDataValueGetKlass</a>          (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYDATARETRIEVALMETHODGETKLASS">xmlSecKeyDataRetrievalMethodGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATARETRIEVALMETHODID">xmlSecKeyDataRetrievalMethodId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keyinfo.html#XMLSECKEYDATARETRIEVALMETHODGETKLASS">xmlSecKeyDataRetrievalMethodGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYID">xmlSecKeyDataEncryptedKeyId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keyinfo.html#XMLSECKEYDATAENCRYPTEDKEYGETKLASS">xmlSecKeyDataEncryptedKeyGetKlass</a>   (void);</pre>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYDATAVALUEGETKLASS">xmlSecKeyDataValueGetKlass</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-keyinfo.html#XMLSECKEYDATAVALUEID">xmlSecKeyDataValueId</a>
+struct              <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCOPYUSERPREF">xmlSecKeyInfoCtxCopyUserPref</a>        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> src</code>);
+<gtkdoclink href="XMLSECKEYINFOCTXPTR"><span class="RETURNVALUE">xmlSecKeyInfoCtxPtr</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATE">xmlSecKeyInfoCtxCreate</a>              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATEENCCTX">xmlSecKeyInfoCtxCreateEncCtx</a>        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDEBUGDUMP">xmlSecKeyInfoCtxDebugDump</a>           (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDEBUGXMLDUMP">xmlSecKeyInfoCtxDebugXmlDump</a>        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDESTROY">xmlSecKeyInfoCtxDestroy</a>             (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXFINALIZE">xmlSecKeyInfoCtxFinalize</a>            (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXINITIALIZE">xmlSecKeyInfoCtxInitialize</a>          (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXRESET">xmlSecKeyInfoCtxReset</a>               (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+enum                <a href="xmlsec-keyinfo.html#XMLSECKEYINFOMODE">xmlSecKeyInfoMode</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFONODEREAD">xmlSecKeyInfoNodeRead</a>               (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keyinfo.html#XMLSECKEYINFONODEWRITE">xmlSecKeyInfoNodeWrite</a>              (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-KEYINFO.DESCRIPTION"></a><h2>Description</h2>
@@ -141,588 +141,554 @@ struct              <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfo
 <div class="REFSECT1">
 <a name="XMLSEC-KEYINFO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECKEYINFONODEREAD"></a><h3>xmlSecKeyInfoNodeRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyInfoNodeRead               (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Parses the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element <code class="PARAMETER">keyInfoNode</code>, extracts the key data
-and stores into <code class="PARAMETER">key</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5535"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5541"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to result key object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5546"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5552"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or -1 if an error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYINFONODEWRITE"></a><h3>xmlSecKeyInfoNodeWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyInfoNodeWrite              (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Writes the <code class="PARAMETER">key</code> into the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element template <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5572"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5578"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5583"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5589"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or -1 if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSEC-KEYINFO-FLAGS-DONT-STOP-ON-KEY-FOUND:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND             0x00000001</pre>
+<p>If flag is set then we will continue reading <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a>
+element even when key is already found.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYINFOMODE"></a><h3>enum xmlSecKeyInfoMode</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecKeyInfoModeRead = 0,
-    xmlSecKeyInfoModeWrite
-} xmlSecKeyInfoMode;</pre>
-<p>The <code class="PARAMETER">xmlSecKeyInfoCtx</code> operation mode (read or write).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYINFOMODEREAD"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyInfoModeRead</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> read <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYINFOMODEWRITE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyInfoModeWrite</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> write <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSEC-KEYINFO-FLAGS-ENCKEY-DONT-STOP-ON-FAILED-DECRYPTION:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION 0x00001000</pre>
+<p>If the flag is set then we'll stop when <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element
+processing fails.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-DONT-STOP-ON-KEY-FOUND--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND		0x00000001</pre>
-<p>If flag is set then we will continue reading <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> 
-element even when key is already found.</p>
-<p></p>
+<a name="XMLSEC-KEYINFO-FLAGS-KEYNAME-STOP-ON-UNKNOWN:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN            0x00000004</pre>
+<p>If flags is set then we abort if an unknown key name
+(content of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName%20" target="_top">&lt;dsig:KeyName /&gt;</a> element) is found.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-STOP-ON-UNKNOWN-CHILD--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD		0x00000002</pre>
-<p>If flag is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> 
+<a name="XMLSEC-KEYINFO-FLAGS-KEYVALUE-STOP-ON-UNKNOWN-CHILD:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD     0x00000008</pre>
+<p>If flags is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a>
 child is found.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-KEYNAME-STOP-ON-UNKNOWN--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN		0x00000004</pre>
-<p>If flags is set then we abort if an unknown key name 
-(content of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName%20" target="_top">&lt;dsig:KeyName /&gt;</a> element) is found.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-KEYVALUE-STOP-ON-UNKNOWN-CHILD--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD	0x00000008</pre>
-<p>If flags is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> 
-child is found.</p>
-<p></p>
+<a name="XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-MISMATCH-HREF:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF   0x00000020</pre>
+<p>If flag is set then we abort if an href attribute <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a>
+element does not match the real key data type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-UNKNOWN-HREF--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF	0x00000010</pre>
+<a name="XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-UNKNOWN-HREF:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF    0x00000010</pre>
 <p>If flag is set then we abort if an unknown href attribute
 of <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> element is found.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-RETRMETHOD-STOP-ON-MISMATCH-HREF--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF	0x00000020</pre>
-<p>If flag is set then we abort if an href attribute <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> 
-element does not match the real key data type.</p>
-<p></p>
+<a name="XMLSEC-KEYINFO-FLAGS-STOP-ON-EMPTY-NODE:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE                 0x00002000</pre>
+<p>If the flag is set then we'll stop when we found an empty node.
+Otherwise we just ignore it.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CHILD--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD	0x00000100</pre>
-<p>If flags is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data%20" target="_top">&lt;dsig:X509Data /&gt;</a> 
+<a name="XMLSEC-KEYINFO-FLAGS-STOP-ON-UNKNOWN-CHILD:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD              0x00000002</pre>
+<p>If flag is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a>
 child is found.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-DONT-VERIFY-CERTS--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS		0x00000200</pre>
+<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-DONT-VERIFY-CERTS:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS         0x00000200</pre>
 <p>If flag is set then we'll load certificates from <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data%20" target="_top">&lt;dsig:X509Data /&gt;</a>
 element without verification.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CERT--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT	0x00000400</pre>
-<p>If flag is set then we'll stop when we could not resolve reference
-to certificate from <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial%20" target="_top">&lt;dsig:X509IssuerSerial /&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI%20" target="_top">&lt;dsig:X509SKI /&gt;</a> or 
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName%20" target="_top">&lt;dsig:X509SubjectName /&gt;</a> elements.</p>
-<p></p>
+<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-SKIP-STRICT-CHECKS:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS        0x00004000</pre>
+<p>If the flag is set then we'll skip strict checking of certs and CRLs</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-INVALID-CERT--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT	0x00000800</pre>
+<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-INVALID-CERT:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT      0x00000800</pre>
 <p>If the flag is set then we'll stop when <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data%20" target="_top">&lt;dsig:X509Data /&gt;</a> element
 processing does not return a verified certificate.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CERT:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT      0x00000400</pre>
+<p>If flag is set then we'll stop when we could not resolve reference
+to certificate from <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial%20" target="_top">&lt;dsig:X509IssuerSerial /&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI%20" target="_top">&lt;dsig:X509SKI /&gt;</a> or
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName%20" target="_top">&lt;dsig:X509SubjectName /&gt;</a> elements.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-STOP-ON-UNKNOWN-CHILD:CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD     0x00000100</pre>
+<p>If flags is set then we abort if an unknown <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data%20" target="_top">&lt;dsig:X509Data /&gt;</a>
+child is found.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAENCRYPTEDKEYGETKLASS"></a><h3>xmlSecKeyDataEncryptedKeyGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataEncryptedKeyGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element key data klass
+(http://www.w3.org/TR/xmlenc-core/<gtkdoclink href="SEC-ENCRYPTEDKEY"><span class="TYPE">sec-EncryptedKey</span></gtkdoclink>):</p>
+<p>The EncryptedKey element is used to transport encryption keys from
+the originator to a known recipient(s). It may be used as a stand-alone
+XML document, be placed within an application document, or appear inside
+an EncryptedData element as a child of a ds:KeyInfo element. The key value
+is always encrypted to the recipient(s). When EncryptedKey is decrypted the
+resulting octets are made available to the EncryptionMethod algorithm
+without any additional processing.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN6922"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element processing key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-ENCKEY-DONT-STOP-ON-FAILED-DECRYPTION--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION 0x00001000</pre>
-<p>If the flag is set then we'll stop when <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element
-processing fails.</p>
+<a name="XMLSECKEYDATAENCRYPTEDKEYID"></a><h3>xmlSecKeyDataEncryptedKeyId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataEncryptedKeyId     xmlSecKeyDataEncryptedKeyGetKlass()</pre>
+<p>The &lt;enc:EncryptedKey&gt; processing class.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATANAMEGETKLASS"></a><h3>xmlSecKeyDataNameGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataNameGetKlass           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element key data klass
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-KEYNAME"><span class="TYPE">sec-KeyName</span></gtkdoclink>):</p>
+<p>The KeyName element contains a string value (in which white space is
+significant) which may be used by the signer to communicate a key
+identifier to the recipient. Typically, KeyName contains an identifier
+related to the key pair used to sign the message, but it may contain
+other protocol-related information that indirectly identifies a key pair.
+(Common uses of KeyName include simple string names for keys, a key index,
+a distinguished name (DN), an email address, etc.)</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN6949"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element processing key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-STOP-ON-EMPTY-NODE--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE			0x00002000</pre>
-<p>If the flag is set then we'll stop when we found an empty node.
-Otherwise we just ignore it.</p>
+<a name="XMLSECKEYDATANAMEID"></a><h3>xmlSecKeyDataNameId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataNameId             xmlSecKeyDataNameGetKlass()</pre>
+<p>The &lt;dsig:KeyName&gt; processing class.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATARETRIEVALMETHODGETKLASS"></a><h3>xmlSecKeyDataRetrievalMethodGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataRetrievalMethodGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> element key data klass
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-RETRIEVALMETHOD"><span class="TYPE">sec-RetrievalMethod</span></gtkdoclink>):
+A RetrievalMethod element within KeyInfo is used to convey a reference to
+KeyInfo information that is stored at another location. For example,
+several signatures in a document might use a key verified by an X.509v3
+certificate chain appearing once in the document or remotely outside the
+document; each signature's KeyInfo can reference this chain using a single
+RetrievalMethod element instead of including the entire chain with a
+sequence of X509Certificate elements.</p>
+<p>RetrievalMethod uses the same syntax and dereferencing behavior as
+Reference's URI and The Reference Processing Model.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN6976"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> element processing key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-KEYINFO-FLAGS-X509DATA-SKIP-STRICT-CHECKS--CAPS"></a><h3>XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS	0x00004000</pre>
-<p>If the flag is set then we'll skip strict checking of certs and CRLs</p>
+<a name="XMLSECKEYDATARETRIEVALMETHODID"></a><h3>xmlSecKeyDataRetrievalMethodId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataRetrievalMethodId  xmlSecKeyDataRetrievalMethodGetKlass()</pre>
+<p>The &lt;dsig:RetrievalMethod&gt; processing class.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAVALUEGETKLASS"></a><h3>xmlSecKeyDataValueGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataValueGetKlass          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element key data klass
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-KEYVALUE"><span class="TYPE">sec-KeyValue</span></gtkdoclink>):</p>
+<p>The KeyValue element contains a single public key that may be useful in
+validating the signature.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN7003"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element processing key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAVALUEID"></a><h3>xmlSecKeyDataValueId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataValueId            xmlSecKeyDataValueGetKlass()</pre>
+<p>The &lt;dsig:KeyValue&gt; processing class.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYINFOCTX"></a><h3>struct xmlSecKeyInfoCtx</h3>
 <pre class="PROGRAMLISTING">struct xmlSecKeyInfoCtx {
-    void*				userData;
-    unsigned int			flags;
-    unsigned int			flags2;
-    xmlSecKeysMngrPtr			keysMngr;
-    xmlSecKeyInfoMode			mode;
-    xmlSecPtrList			enabledKeyData;
-    int					base64LineSize;
-        
+    void*                               userData;
+    unsigned int                        flags;
+    unsigned int                        flags2;
+    xmlSecKeysMngrPtr                   keysMngr;
+    xmlSecKeyInfoMode                   mode;
+    xmlSecPtrList                       enabledKeyData;
+    int                                 base64LineSize;
+
     /* RetrievalMethod */
-    xmlSecTransformCtx			retrievalMethodCtx;
-    int 				maxRetrievalMethodLevel;
+    xmlSecTransformCtx                  retrievalMethodCtx;
+    int                                 maxRetrievalMethodLevel;
 
 
     /* EncryptedKey */
-    xmlSecEncCtxPtr			encCtx;
-    int					maxEncryptedKeyLevel; 
+    xmlSecEncCtxPtr                     encCtx;
+    int                                 maxEncryptedKeyLevel;
+
 
-	    
 
     /* x509 certificates */
-    time_t				certsVerificationTime;
-    int					certsVerificationDepth;
+    time_t                              certsVerificationTime;
+    int                                 certsVerificationDepth;
 
 
     /* PGP */
-    void*				pgpReserved;	/* TODO */
-        
+    void*                               pgpReserved;    /* TODO */
+
     /* internal data */
-    int 				curRetrievalMethodLevel;
-    int					curEncryptedKeyLevel;                
-    xmlSecKeyReq			keyReq;
+    int                                 curRetrievalMethodLevel;
+    int                                 curEncryptedKeyLevel;
+    xmlSecKeyReq                        keyReq;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };</pre>
 <p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> reading or writing context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5728"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to user data (xmlsec and xmlsec-crypto 
-		never touch this).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7023"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to user data (xmlsec and xmlsec-crypto
+never touch this).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5734"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the bit mask for flags that control processin.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7030"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask for flags that control processin.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5740"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		reserved for future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7037"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5746"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> <code class="STRUCTFIELD">keysMngr</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to current keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7044"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> <code class="STRUCTFIELD">keysMngr</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to current keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5752"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOMODE">xmlSecKeyInfoMode</a> <code class="STRUCTFIELD">mode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		do we read or write <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7051"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOMODE"><span class="TYPE">xmlSecKeyInfoMode</span></a> <code class="STRUCTFIELD">mode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>do we read or write <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5759"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">enabledKeyData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the list of enabled <code class="PARAMETER">xmlSecKeyDataId</code> (if list is 
-		empty then all data ids are enabled).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7059"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">enabledKeyData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of enabled <code class="PARAMETER">xmlSecKeyDataId</code> (if list is
+empty then all data ids are enabled).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5766"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">base64LineSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the max columns size for base64 encoding.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7067"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">base64LineSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max columns size for base64 encoding.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5772"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a> <code class="STRUCTFIELD">retrievalMethodCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the transforms context for <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a>
-			element processing.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7074"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtx</span></a> <code class="STRUCTFIELD">retrievalMethodCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transforms context for <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a>
+element processing.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5779"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">maxRetrievalMethodLevel</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the max recursion level when processing
-		<a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> element; default level is 1 
-		(see also <code class="PARAMETER">curRetrievalMethodLevel</code>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7082"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">maxRetrievalMethodLevel</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max recursion level when processing
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> element; default level is 1
+(see also <code class="PARAMETER">curRetrievalMethodLevel</code>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5787"><span style="white-space: nowrap"><a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> <code class="STRUCTFIELD">encCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the encryption context for <a href="http://www.w3.org/TR/xmldsig-core/#sec-EncryptedKey%20" target="_top">&lt;dsig:EncryptedKey /&gt;</a> element
-		processing.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7091"><span style="white-space: nowrap"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> <code class="STRUCTFIELD">encCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the encryption context for <a href="http://www.w3.org/TR/xmldsig-core/#sec-EncryptedKey%20" target="_top">&lt;dsig:EncryptedKey /&gt;</a> element
+processing.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5794"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">maxEncryptedKeyLevel</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the max recursion level when processing 
-		<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element; default level is 1 
-		(see <code class="PARAMETER">curEncryptedKeyLevel</code>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7099"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">maxEncryptedKeyLevel</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max recursion level when processing
+<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element; default level is 1
+(see <code class="PARAMETER">curEncryptedKeyLevel</code>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5802"><span style="white-space: nowrap"><font>time_t</font> <code class="STRUCTFIELD">certsVerificationTime</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the time to use for X509 certificates verification
-		("not valid before" and "not valid after" checks);
-		if <code class="PARAMETER">certsVerificationTime</code> is equal to 0 (default) 
-		then we verify certificates against the system's 
-		clock "now".</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7108"><span style="white-space: nowrap"><gtkdoclink href="TIME-T"><span class="TYPE">time_t</span></gtkdoclink> <code class="STRUCTFIELD">certsVerificationTime</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the time to use for X509 certificates verification
+("not valid before" and "not valid after" checks);
+if <code class="PARAMETER">certsVerificationTime</code> is equal to 0 (default)
+then we verify certificates against the system's
+clock "now".</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5809"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">certsVerificationDepth</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the max certifications chain length (default is 9).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7116"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">certsVerificationDepth</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max certifications chain length (default is 9).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5815"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">pgpReserved</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	reserved for PGP.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7123"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">pgpReserved</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for PGP.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5821"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">curRetrievalMethodLevel</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the current <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> element 
-		processing level (see <code class="PARAMETER">maxRetrievalMethodLevel</code>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7130"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">curRetrievalMethodLevel</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> element
+processing level (see <code class="PARAMETER">maxRetrievalMethodLevel</code>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5829"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">curEncryptedKeyLevel</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the current <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element
-		processing level (see <code class="PARAMETER">maxEncryptedKeyLevel</code>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7139"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">curEncryptedKeyLevel</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey%20" target="_top">&lt;enc:EncryptedKey /&gt;</a> element
+processing level (see <code class="PARAMETER">maxEncryptedKeyLevel</code>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5837"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReq</a> <code class="STRUCTFIELD">keyReq</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the current key requirements.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7148"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReq</span></a> <code class="STRUCTFIELD">keyReq</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current key requirements.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5843"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7155"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5849"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7162"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXCREATE"></a><h3>xmlSecKeyInfoCtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyInfoCtxPtr</font>  xmlSecKeyInfoCtxCreate             (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
-<p>Allocates and initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.
-Caller is responsible for freeing it by calling <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDESTROY"><span class="TYPE">xmlSecKeyInfoCtxDestroy</span></a> 
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5868"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5873"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated object or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXDESTROY"></a><h3>xmlSecKeyInfoCtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyInfoCtxDestroy             (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Destroys <code class="PARAMETER">keyInfoCtx</code> object created with <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATE"><span class="TYPE">xmlSecKeyInfoCtxCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5891"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXINITIALIZE"></a><h3>xmlSecKeyInfoCtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyInfoCtxInitialize          (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
-<p>Initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context. Caller is 
-responsible for cleaning it up by <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXFINALIZE"><span class="TYPE">xmlSecKeyInfoCtxFinalize</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYINFOCTXCOPYUSERPREF"></a><h3>xmlSecKeyInfoCtxCopyUserPref ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyInfoCtxCopyUserPref        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> src</code>);</pre>
+<p>Copies user preferences from <code class="PARAMETER">src</code> context to <code class="PARAMETER">dst</code> context.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5911"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7186"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5917"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7191"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5922"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7196"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXFINALIZE"></a><h3>xmlSecKeyInfoCtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyInfoCtxFinalize            (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Cleans up the <code class="PARAMETER">keyInfoCtx</code> initialized with <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXINITIALIZE"><span class="TYPE">xmlSecKeyInfoCtxInitialize</span></a>
+<a name="XMLSECKEYINFOCTXCREATE"></a><h3>xmlSecKeyInfoCtxCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYINFOCTXPTR"><span class="RETURNVALUE">xmlSecKeyInfoCtxPtr</span></gtkdoclink> xmlSecKeyInfoCtxCreate              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
+<p>Allocates and initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.
+Caller is responsible for freeing it by calling <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXDESTROY"><span class="TYPE">xmlSecKeyInfoCtxDestroy</span></a>
 function.</p>
 <p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5940"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXRESET"></a><h3>xmlSecKeyInfoCtxReset ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyInfoCtxReset               (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Resets the <code class="PARAMETER">keyInfoCtx</code> state. User settings are not changed.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN5957"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYINFOCTXCOPYUSERPREF"></a><h3>xmlSecKeyInfoCtxCopyUserPref ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyInfoCtxCopyUserPref        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> dst,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> src);</pre>
-<p>Copies user preferences from <code class="PARAMETER">src</code> context to <code class="PARAMETER">dst</code> context.</p>
-<p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5976"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7216"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN5981"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source context object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN5986"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7221"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated object or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYINFOCTXCREATEENCCTX"></a><h3>xmlSecKeyInfoCtxCreateEncCtx ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyInfoCtxCreateEncCtx        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyInfoCtxCreateEncCtx        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
 <p>Creates encryption context form processing <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> child
 of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6003"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7240"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6009"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7246"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYINFOCTXDEBUGDUMP"></a><h3>xmlSecKeyInfoCtxDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyInfoCtxDebugDump           (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <font>FILE</font> *output);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyInfoCtxDebugDump           (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
 <p>Prints user settings and current context state to <code class="PARAMETER">output</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6026"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7267"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6032"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the output file pointer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7273"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output file pointer.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYINFOCTXDEBUGXMLDUMP"></a><h3>xmlSecKeyInfoCtxDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyInfoCtxDebugXmlDump        (<a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx,
-                                                         <font>FILE</font> *output);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyInfoCtxDebugXmlDump        (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
 <p>Prints user settings and current context state in XML format to <code class="PARAMETER">output</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6049"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7294"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6055"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the output file pointer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7300"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output file pointer.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATANAMEID"></a><h3>xmlSecKeyDataNameId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataNameId 		xmlSecKeyDataNameGetKlass()</pre>
-<p>The &lt;dsig:KeyName&gt; processing class.</p>
+<a name="XMLSECKEYINFOCTXDESTROY"></a><h3>xmlSecKeyInfoCtxDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyInfoCtxDestroy             (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Destroys <code class="PARAMETER">keyInfoCtx</code> object created with <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXCREATE"><span class="TYPE">xmlSecKeyInfoCtxCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN7320"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATANAMEGETKLASS"></a><h3>xmlSecKeyDataNameGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataNameGetKlass           (void);</pre>
-<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element key data klass 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-KEYNAME"><span class="TYPE">sec-KeyName</span></gtkdoclink>):</p>
-<p>The KeyName element contains a string value (in which white space is 
-significant) which may be used by the signer to communicate a key 
-identifier to the recipient. Typically, KeyName contains an identifier 
-related to the key pair used to sign the message, but it may contain 
-other protocol-related information that indirectly identifies a key pair. 
-(Common uses of KeyName include simple string names for keys, a key index, 
-a distinguished name (DN), an email address, etc.)</p>
-<p></p>
+<a name="XMLSECKEYINFOCTXFINALIZE"></a><h3>xmlSecKeyInfoCtxFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyInfoCtxFinalize            (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Cleans up the <code class="PARAMETER">keyInfoCtx</code> initialized with <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXINITIALIZE"><span class="TYPE">xmlSecKeyInfoCtxInitialize</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6080"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element processing key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7341"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAVALUEID"></a><h3>xmlSecKeyDataValueId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataValueId		xmlSecKeyDataValueGetKlass()</pre>
-<p>The &lt;dsig:KeyValue&gt; processing class.</p>
+<a name="XMLSECKEYINFOCTXINITIALIZE"></a><h3>xmlSecKeyInfoCtxInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyInfoCtxInitialize          (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
+<p>Initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context. Caller is
+responsible for cleaning it up by <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTXFINALIZE"><span class="TYPE">xmlSecKeyInfoCtxFinalize</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7365"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7371"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7376"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAVALUEGETKLASS"></a><h3>xmlSecKeyDataValueGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataValueGetKlass          (void);</pre>
-<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element key data klass 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-KEYVALUE"><span class="TYPE">sec-KeyValue</span></gtkdoclink>):</p>
-<p>The KeyValue element contains a single public key that may be useful in 
-validating the signature.</p>
-<p></p>
+<a name="XMLSECKEYINFOCTXRESET"></a><h3>xmlSecKeyInfoCtxReset ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyInfoCtxReset               (<code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Resets the <code class="PARAMETER">keyInfoCtx</code> state. User settings are not changed.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6106"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element processing key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN7394"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATARETRIEVALMETHODID"></a><h3>xmlSecKeyDataRetrievalMethodId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataRetrievalMethodId	xmlSecKeyDataRetrievalMethodGetKlass()</pre>
-<p>The &lt;dsig:RetrievalMethod&gt; processing class.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATARETRIEVALMETHODGETKLASS"></a><h3>xmlSecKeyDataRetrievalMethodGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataRetrievalMethodGetKlass
-                                                        (void);</pre>
-<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> element key data klass 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-RETRIEVALMETHOD"><span class="TYPE">sec-RetrievalMethod</span></gtkdoclink>):
-A RetrievalMethod element within KeyInfo is used to convey a reference to 
-KeyInfo information that is stored at another location. For example, 
-several signatures in a document might use a key verified by an X.509v3 
-certificate chain appearing once in the document or remotely outside the 
-document; each signature's KeyInfo can reference this chain using a single 
-RetrievalMethod element instead of including the entire chain with a 
-sequence of X509Certificate elements.</p>
-<p>RetrievalMethod uses the same syntax and dereferencing behavior as 
-Reference's URI and The Reference Processing Model.</p>
-<p></p>
+<a name="XMLSECKEYINFOMODE"></a><h3>enum xmlSecKeyInfoMode</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecKeyInfoModeRead = 0,
+    xmlSecKeyInfoModeWrite
+} xmlSecKeyInfoMode;</pre>
+<p>The <code class="PARAMETER">xmlSecKeyInfoCtx</code> operation mode (read or write).</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6132"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> element processing key data klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYINFOMODEREAD"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyInfoModeRead</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>read <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYINFOMODEWRITE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyInfoModeWrite</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>write <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> element.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAENCRYPTEDKEYID"></a><h3>xmlSecKeyDataEncryptedKeyId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataEncryptedKeyId	xmlSecKeyDataEncryptedKeyGetKlass()</pre>
-<p>The &lt;enc:EncryptedKey&gt; processing class.</p>
+<a name="XMLSECKEYINFONODEREAD"></a><h3>xmlSecKeyInfoNodeRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyInfoNodeRead               (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Parses the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element <code class="PARAMETER">keyInfoNode</code>, extracts the key data
+and stores into <code class="PARAMETER">key</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7441"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7447"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result key object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7452"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7458"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or -1 if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAENCRYPTEDKEYGETKLASS"></a><h3>xmlSecKeyDataEncryptedKeyGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataEncryptedKeyGetKlass   (void);</pre>
-<p>The <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element key data klass 
-(http://www.w3.org/TR/xmlenc-core/<gtkdoclink href="SEC-ENCRYPTEDKEY"><span class="TYPE">sec-EncryptedKey</span></gtkdoclink>):</p>
-<p>The EncryptedKey element is used to transport encryption keys from 
-the originator to a known recipient(s). It may be used as a stand-alone 
-XML document, be placed within an application document, or appear inside 
-an EncryptedData element as a child of a ds:KeyInfo element. The key value 
-is always encrypted to the recipient(s). When EncryptedKey is decrypted the 
-resulting octets are made available to the EncryptionMethod algorithm 
-without any additional processing.</p>
-<p></p>
+<a name="XMLSECKEYINFONODEWRITE"></a><h3>xmlSecKeyInfoNodeWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyInfoNodeWrite              (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Writes the <code class="PARAMETER">key</code> into the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element template <code class="PARAMETER">keyInfoNode</code>.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element processing key data klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7484"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7490"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7495"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN7501"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or -1 if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-keys.html b/docs/api/xmlsec-keys.html
index 18335673..52a03b06 100644
--- a/docs/api/xmlsec-keys.html
+++ b/docs/api/xmlsec-keys.html
@@ -87,93 +87,94 @@
 <h1>
 <a name="XMLSEC-KEYS"></a>keys</h1>
 <div class="REFNAMEDIV">
-<a name="AEN8602"></a><h2>Name</h2>keys -- Crypto key object definition.</div>
+<a name="AEN10470"></a><h2>Name</h2>keys -- Crypto key object definition.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-KEYS.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">typedef             <a href="xmlsec-keys.html#XMLSECKEYUSAGE">xmlSecKeyUsage</a>;
-#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGESIGN">xmlSecKeyUsageSign</a>
-#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEVERIFY">xmlSecKeyUsageVerify</a>
-#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEENCRYPT">xmlSecKeyUsageEncrypt</a>
+<pre class="SYNOPSIS">struct              <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKey</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYADOPTDATA">xmlSecKeyAdoptData</a>                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+#define             <a href="xmlsec-keys.html#XMLSECKEYCHECKID">xmlSecKeyCheckId</a>                    (key,
+                                                         keyId)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYCOPY">xmlSecKeyCopy</a>                       (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> keyDst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> keySrc</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYCREATE">xmlSecKeyCreate</a>                     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYDEBUGDUMP">xmlSecKeyDebugDump</a>                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYDEBUGXMLDUMP">xmlSecKeyDebugXmlDump</a>               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYDESTROY">xmlSecKeyDestroy</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYDUPLICATE">xmlSecKeyDuplicate</a>                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYEMPTY">xmlSecKeyEmpty</a>                      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYENSUREDATA">xmlSecKeyEnsureData</a>                 (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYGENERATE">xmlSecKeyGenerate</a>                   (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYGENERATEBYNAME">xmlSecKeyGenerateByName</a>             (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYGETDATA">xmlSecKeyGetData</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);
+const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     <a href="xmlsec-keys.html#XMLSECKEYGETNAME">xmlSecKeyGetName</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   <a href="xmlsec-keys.html#XMLSECKEYGETTYPE">xmlSecKeyGetType</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYGETVALUE">xmlSecKeyGetValue</a>                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+#define             <a href="xmlsec-keys.html#XMLSECKEYISVALID">xmlSecKeyIsValid</a>                    (key)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYMATCH">xmlSecKeyMatch</a>                      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYPTRLISTGETKLASS">xmlSecKeyPtrListGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-keys.html#XMLSECKEYPTRLISTID">xmlSecKeyPtrListId</a>
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYREADBINARYFILE">xmlSecKeyReadBinaryFile</a>             (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYREADBUFFER">xmlSecKeyReadBuffer</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a> *buffer</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-keys.html#XMLSECKEYREADMEMORY">xmlSecKeyReadMemory</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);
+struct              <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReq</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQCOPY">xmlSecKeyReqCopy</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> src</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQDEBUGDUMP">xmlSecKeyReqDebugDump</a>               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQDEBUGXMLDUMP">xmlSecKeyReqDebugXmlDump</a>            (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQFINALIZE">xmlSecKeyReqFinalize</a>                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQINITIALIZE">xmlSecKeyReqInitialize</a>              (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQMATCHKEY">xmlSecKeyReqMatchKey</a>                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQMATCHKEYVALUE">xmlSecKeyReqMatchKeyValue</a>           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> value</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYREQRESET">xmlSecKeyReqReset</a>                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYSETNAME">xmlSecKeySetName</a>                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYSETVALUE">xmlSecKeySetValue</a>                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> value</code>);
+typedef             <a href="xmlsec-keys.html#XMLSECKEYUSAGE">xmlSecKeyUsage</a>;
+#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEANY">xmlSecKeyUsageAny</a>
 #define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEDECRYPT">xmlSecKeyUsageDecrypt</a>
+#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEENCRYPT">xmlSecKeyUsageEncrypt</a>
 #define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEKEYEXCHANGE">xmlSecKeyUsageKeyExchange</a>
-#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEANY">xmlSecKeyUsageAny</a>
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYUSEWITHINITIALIZE">xmlSecKeyUseWithInitialize</a>          (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYUSEWITHFINALIZE">xmlSecKeyUseWithFinalize</a>            (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYUSEWITHRESET">xmlSecKeyUseWithReset</a>               (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYUSEWITHCOPY">xmlSecKeyUseWithCopy</a>                (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> dst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> src);
-<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a>  <a href="xmlsec-keys.html#XMLSECKEYUSEWITHCREATE">xmlSecKeyUseWithCreate</a>             (const <font>xmlChar</font> *application,
-                                                         const <font>xmlChar</font> *identifier);
-<font>xmlSecKeyUseWithPtr</font>  <a href="xmlsec-keys.html#XMLSECKEYUSEWITHDUPLICATE">xmlSecKeyUseWithDuplicate</a>          (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYUSEWITHDESTROY">xmlSecKeyUseWithDestroy</a>             (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYUSEWITHSET">xmlSecKeyUseWithSet</a>                 (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         const <font>xmlChar</font> *application,
-                                                         const <font>xmlChar</font> *identifier);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYUSEWITHDEBUGDUMP">xmlSecKeyUseWithDebugDump</a>           (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYUSEWITHDEBUGXMLDUMP">xmlSecKeyUseWithDebugXmlDump</a>        (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         <font>FILE</font> *output);
+#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGESIGN">xmlSecKeyUsageSign</a>
+#define             <a href="xmlsec-keys.html#XMLSECKEYUSAGEVERIFY">xmlSecKeyUsageVerify</a>
 struct              <a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWith</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHCOPY">xmlSecKeyUseWithCopy</a>                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> src</code>);
+<a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="RETURNVALUE">xmlSecKeyUseWithPtr</span></a> <a href="xmlsec-keys.html#XMLSECKEYUSEWITHCREATE">xmlSecKeyUseWithCreate</a>              (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *application</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *identifier</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHDEBUGDUMP">xmlSecKeyUseWithDebugDump</a>           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHDEBUGXMLDUMP">xmlSecKeyUseWithDebugXmlDump</a>        (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHDESTROY">xmlSecKeyUseWithDestroy</a>             (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);
+<gtkdoclink href="XMLSECKEYUSEWITHPTR"><span class="RETURNVALUE">xmlSecKeyUseWithPtr</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHDUPLICATE">xmlSecKeyUseWithDuplicate</a>           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHFINALIZE">xmlSecKeyUseWithFinalize</a>            (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHINITIALIZE">xmlSecKeyUseWithInitialize</a>          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHPTRLISTGETKLASS">xmlSecKeyUseWithPtrListGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keys.html#XMLSECKEYUSEWITHPTRLISTID">xmlSecKeyUseWithPtrListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-keys.html#XMLSECKEYUSEWITHPTRLISTGETKLASS">xmlSecKeyUseWithPtrListGetKlass</a>     (void);
-struct              <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReq</a>;
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYREQINITIALIZE">xmlSecKeyReqInitialize</a>              (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYREQFINALIZE">xmlSecKeyReqFinalize</a>                (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYREQRESET">xmlSecKeyReqReset</a>                   (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYREQCOPY">xmlSecKeyReqCopy</a>                    (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> dst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> src);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYREQMATCHKEY">xmlSecKeyReqMatchKey</a>                (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYREQMATCHKEYVALUE">xmlSecKeyReqMatchKeyValue</a>           (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> value);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYREQDEBUGDUMP">xmlSecKeyReqDebugDump</a>               (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYREQDEBUGXMLDUMP">xmlSecKeyReqDebugXmlDump</a>            (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <font>FILE</font> *output);
-struct              <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKey</a>;
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYCREATE">xmlSecKeyCreate</a>                     (void);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYDESTROY">xmlSecKeyDestroy</a>                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYEMPTY">xmlSecKeyEmpty</a>                      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>xmlSecKeyPtr</font>        <a href="xmlsec-keys.html#XMLSECKEYDUPLICATE">xmlSecKeyDuplicate</a>                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYCOPY">xmlSecKeyCopy</a>                       (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> keyDst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> keySrc);
-const <font>xmlChar</font>*      <a href="xmlsec-keys.html#XMLSECKEYGETNAME">xmlSecKeyGetName</a>                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYSETNAME">xmlSecKeySetName</a>                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>xmlChar</font> *name);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   <a href="xmlsec-keys.html#XMLSECKEYGETTYPE">xmlSecKeyGetType</a>                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>xmlSecKeyDataPtr</font>    <a href="xmlsec-keys.html#XMLSECKEYGETVALUE">xmlSecKeyGetValue</a>                   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYSETVALUE">xmlSecKeySetValue</a>                   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> value);
-<font>xmlSecKeyDataPtr</font>    <a href="xmlsec-keys.html#XMLSECKEYGETDATA">xmlSecKeyGetData</a>                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlSecKeyDataId</font> dataId);
-<font>xmlSecKeyDataPtr</font>    <a href="xmlsec-keys.html#XMLSECKEYENSUREDATA">xmlSecKeyEnsureData</a>                 (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlSecKeyDataId</font> dataId);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYADOPTDATA">xmlSecKeyAdoptData</a>                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYDEBUGDUMP">xmlSecKeyDebugDump</a>                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keys.html#XMLSECKEYDEBUGXMLDUMP">xmlSecKeyDebugXmlDump</a>               (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>FILE</font> *output);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYGENERATE">xmlSecKeyGenerate</a>                   (<font>xmlSecKeyDataId</font> dataId,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYGENERATEBYNAME">xmlSecKeyGenerateByName</a>             (const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-keys.html#XMLSECKEYMATCH">xmlSecKeyMatch</a>                      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYREADBUFFER">xmlSecKeyReadBuffer</a>                 (<font>xmlSecKeyDataId</font> dataId,
-                                                         <a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a> *buffer);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYREADBINARYFILE">xmlSecKeyReadBinaryFile</a>             (<font>xmlSecKeyDataId</font> dataId,
-                                                         const <font>char</font> *filename);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-keys.html#XMLSECKEYREADMEMORY">xmlSecKeyReadMemory</a>                 (<font>xmlSecKeyDataId</font> dataId,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);
-#define             <a href="xmlsec-keys.html#XMLSECKEYISVALID">xmlSecKeyIsValid</a>                    (key)
-#define             <a href="xmlsec-keys.html#XMLSECKEYCHECKID">xmlSecKeyCheckId</a>                    (key, keyId)
-#define             <a href="xmlsec-keys.html#XMLSECKEYPTRLISTID">xmlSecKeyPtrListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-keys.html#XMLSECKEYPTRLISTGETKLASS">xmlSecKeyPtrListGetKlass</a>            (void);</pre>
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHRESET">xmlSecKeyUseWithReset</a>               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keys.html#XMLSECKEYUSEWITHSET">xmlSecKeyUseWithSet</a>                 (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *application</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *identifier</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-KEYS.DESCRIPTION"></a><h2>Description</h2>
@@ -182,1029 +183,974 @@ const <font>xmlChar</font>*      <a href="xmlsec-keys.html#XMLSECKEYGETNAME">xml
 <div class="REFSECT1">
 <a name="XMLSEC-KEYS.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSAGE"></a><h3>xmlSecKeyUsage</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int 			xmlSecKeyUsage;</pre>
-<p>The key usage.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGESIGN"></a><h3>xmlSecKeyUsageSign</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageSign		0x00000001</pre>
-<p>Key can be used in any way.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGEVERIFY"></a><h3>xmlSecKeyUsageVerify</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageVerify		0x00000002</pre>
-<p>Key for signing.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGEENCRYPT"></a><h3>xmlSecKeyUsageEncrypt</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageEncrypt		0x00000004</pre>
-<p>Key for signature verification.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGEDECRYPT"></a><h3>xmlSecKeyUsageDecrypt</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageDecrypt		0x00000008</pre>
-<p>An encryption key.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGEKEYEXCHANGE"></a><h3>xmlSecKeyUsageKeyExchange</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageKeyExchange	0x00000010</pre>
-<p>The key is used for key exchange.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSAGEANY"></a><h3>xmlSecKeyUsageAny</h3>
-<pre class="PROGRAMLISTING">#define	xmlSecKeyUsageAny		0xFFFFFFFF</pre>
-<p>A decryption key.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHINITIALIZE"></a><h3>xmlSecKeyUseWithInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyUseWithInitialize          (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);</pre>
-<p>Initializes <code class="PARAMETER">keyUseWith</code> object.</p>
-<p></p>
+<a name="XMLSECKEY"></a><h3>struct xmlSecKey</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKey {
+    xmlChar*                            name;
+    xmlSecKeyDataPtr                    value;
+    xmlSecPtrListPtr                    dataList;
+    xmlSecKeyUsage                      usage;
+    time_t                              notValidBefore;
+    time_t                              notValidAfter;
+};</pre>
+<p>The key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8836"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10832"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8841"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10839"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> <code class="STRUCTFIELD">value</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHFINALIZE"></a><h3>xmlSecKeyUseWithFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyUseWithFinalize            (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);</pre>
-<p>Finalizes <code class="PARAMETER">keyUseWith</code> object.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8857"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHRESET"></a><h3>xmlSecKeyUseWithReset ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyUseWithReset               (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);</pre>
-<p>Resets the <code class="PARAMETER">keyUseWith</code> to its state after initialization.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8873"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHCOPY"></a><h3>xmlSecKeyUseWithCopy ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyUseWithCopy                (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> dst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> src);</pre>
-<p>Copies information from <code class="PARAMETER">dst</code> to <code class="PARAMETER">src</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8891"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to destination object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10846"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> <code class="STRUCTFIELD">dataList</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8896"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to source object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10853"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYUSAGE"><span class="TYPE">xmlSecKeyUsage</span></a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8901"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10860"><span style="white-space: nowrap"><gtkdoclink href="TIME-T"><span class="TYPE">time_t</span></gtkdoclink> <code class="STRUCTFIELD">notValidBefore</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the start key validity interval.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10867"><span style="white-space: nowrap"><gtkdoclink href="TIME-T"><span class="TYPE">time_t</span></gtkdoclink> <code class="STRUCTFIELD">notValidAfter</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the end key validity interval.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHCREATE"></a><h3>xmlSecKeyUseWithCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a>  xmlSecKeyUseWithCreate             (const <font>xmlChar</font> *application,
-                                                         const <font>xmlChar</font> *identifier);</pre>
-<p>Creates new xmlSecKeyUseWith object. The caller is responsible for destroying
-returned object with <code class="PARAMETER">xmlSecKeyUseWithDestroy</code> function.</p>
-<p></p>
+<a name="XMLSECKEYADOPTDATA"></a><h3>xmlSecKeyAdoptData ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyAdoptData                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Adds <code class="PARAMETER">data</code> to the <code class="PARAMETER">key</code>. The <code class="PARAMETER">data</code> object will be destroyed
+by <code class="PARAMETER">key</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8918"><span style="white-space: nowrap"><code class="PARAMETER">application</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the application value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10893"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8923"><span style="white-space: nowrap"><code class="PARAMETER">identifier</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the identifier value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10898"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8928"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created object or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHDUPLICATE"></a><h3>xmlSecKeyUseWithDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyUseWithPtr</font>  xmlSecKeyUseWithDuplicate          (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);</pre>
-<p>Duplicates <code class="PARAMETER">keyUseWith</code> object. The caller is responsible for destroying
-returned object with <code class="PARAMETER">xmlSecKeyUseWithDestroy</code> function.</p>
-<p></p>
+<a name="XMLSECKEYCHECKID"></a><h3>xmlSecKeyCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyCheckId(key, keyId)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">key</code> is valid and <code class="PARAMETER">key</code>'s id is equal to <code class="PARAMETER">keyId</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8945"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10918"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8950"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created object or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10923"><span style="white-space: nowrap"><code class="PARAMETER">keyId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key Id.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHDESTROY"></a><h3>xmlSecKeyUseWithDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyUseWithDestroy             (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith);</pre>
-<p>Destroys <code class="PARAMETER">keyUseWith</code> created with <code class="PARAMETER">xmlSecKeyUseWithCreate</code> or <code class="PARAMETER">xmlSecKeyUseWithDuplicate</code>
-functions.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8968"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHSET"></a><h3>xmlSecKeyUseWithSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyUseWithSet                 (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         const <font>xmlChar</font> *application,
-                                                         const <font>xmlChar</font> *identifier);</pre>
-<p>Sets <code class="PARAMETER">application</code> and <code class="PARAMETER">identifier</code> in the <code class="PARAMETER">keyUseWith</code>.</p>
-<p></p>
+<a name="XMLSECKEYCOPY"></a><h3>xmlSecKeyCopy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyCopy                       (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> keyDst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> keySrc</code>);</pre>
+<p>Copies key data from <code class="PARAMETER">keySrc</code> to <code class="PARAMETER">keyDst</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8988"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8993"><span style="white-space: nowrap"><code class="PARAMETER">application</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the new application value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10945"><span style="white-space: nowrap"><code class="PARAMETER">keyDst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8998"><span style="white-space: nowrap"><code class="PARAMETER">identifier</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the new identifier value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10950"><span style="white-space: nowrap"><code class="PARAMETER">keySrc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9003"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10955"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHDEBUGDUMP"></a><h3>xmlSecKeyUseWithDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyUseWithDebugDump           (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints xmlSecKeyUseWith debug information to a file <code class="PARAMETER">output</code>.</p>
+<a name="XMLSECKEYCREATE"></a><h3>xmlSecKeyCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyCreate                     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Allocates and initializes new key. Caller is responsible for
+freeing returned object with <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN10973"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated <code class="PARAMETER">xmlSecKey</code> structure
+or NULL if an error occurs.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDEBUGDUMP"></a><h3>xmlSecKeyDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDebugDump                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the information about the <code class="PARAMETER">key</code> to the <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9020"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10996"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9025"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11001"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHDEBUGXMLDUMP"></a><h3>xmlSecKeyUseWithDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyUseWithDebugXmlDump        (<a href="xmlsec-keys.html#XMLSECKEYUSEWITH">xmlSecKeyUseWithPtr</a> keyUseWith,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints xmlSecKeyUseWith debug information to a file <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECKEYDEBUGXMLDUMP"></a><h3>xmlSecKeyDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDebugXmlDump               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the information about the <code class="PARAMETER">key</code> to the <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9042"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the pointer to information about key application/user.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11023"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9047"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11028"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITH"></a><h3>struct xmlSecKeyUseWith</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyUseWith {
-    xmlChar*                    application;
-    xmlChar*                    identifier;
-
-    void*                       reserved1;
-    void*                       reserved2;
-};</pre>
-<p>Information about application and user of the key.</p>
+<a name="XMLSECKEYDESTROY"></a><h3>xmlSecKeyDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDestroy                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Destroys the key created using <a href="xmlsec-keys.html#XMLSECKEYCREATE"><span class="TYPE">xmlSecKeyCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN11047"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDUPLICATE"></a><h3>xmlSecKeyDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        xmlSecKeyDuplicate                  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Creates a duplicate of the given <code class="PARAMETER">key</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9060"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">application</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the application.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9066"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">identifier</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the identifier.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11065"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the <a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKey</span></a> structure.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9072"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for future use.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9078"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for future use.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11072"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated <a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKey</span></a> structure
+or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHPTRLISTID"></a><h3>xmlSecKeyUseWithPtrListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyUseWithPtrListId	xmlSecKeyUseWithPtrListGetKlass()</pre>
-<p>The keys list klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYUSEWITHPTRLISTGETKLASS"></a><h3>xmlSecKeyUseWithPtrListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecKeyUseWithPtrListGetKlass     (void);</pre>
-<p>The key data list klass.</p>
-<p></p>
+<a name="XMLSECKEYEMPTY"></a><h3>xmlSecKeyEmpty ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyEmpty                      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Clears the <code class="PARAMETER">key</code> data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9100"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key data list klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11092"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQ"></a><h3>struct xmlSecKeyReq</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyReq {
-    xmlSecKeyDataId	        keyId;
-    xmlSecKeyDataType		keyType;
-    xmlSecKeyUsage		keyUsage;
-    xmlSecSize			keyBitsSize;
-    xmlSecPtrList               keyUseWithList;    
-
-    void*                       reserved1;
-    void*                       reserved2;
-};</pre>
-<p>The key requirements information.</p>
-<p></p>
+<a name="XMLSECKEYENSUREDATA"></a><h3>xmlSecKeyEnsureData ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink>    xmlSecKeyEnsureData                 (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);</pre>
+<p>If necessary, creates key data of <code class="PARAMETER">dataId</code> klass and adds to <code class="PARAMETER">key</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9113"><span style="white-space: nowrap"><font>xmlSecKeyDataId</font> <code class="STRUCTFIELD">keyId</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key value klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9119"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> <code class="STRUCTFIELD">keyType</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11114"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9125"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYUSAGE">xmlSecKeyUsage</a> <code class="STRUCTFIELD">keyUsage</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11119"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the requested data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9131"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">keyBitsSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the desired key size (in bits!).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9137"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">keyUseWithList</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the desired key use with application/identifier information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9143"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for future use.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9149"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for future use.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11124"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to key data or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQINITIALIZE"></a><h3>xmlSecKeyReqInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyReqInitialize              (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Initialize key requirements object. Caller is responsible for
-cleaning it with <a href="xmlsec-keys.html#XMLSECKEYREQFINALIZE"><span class="TYPE">xmlSecKeyReqFinalize</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYGENERATE"></a><h3>xmlSecKeyGenerate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyGenerate                   (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Generates new key of requested klass <code class="PARAMETER">dataId</code> and <code class="PARAMETER">type</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9167"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11149"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the requested key klass (rsa, dsa, aes, ...).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11154"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new key size (in bits!).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11159"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new key type (session, permanent, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9172"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11164"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQFINALIZE"></a><h3>xmlSecKeyReqFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyReqFinalize                (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Cleans the key requirements object initialized with <a href="xmlsec-keys.html#XMLSECKEYREQINITIALIZE"><span class="TYPE">xmlSecKeyReqInitialize</span></a>
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9189"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYREQRESET"></a><h3>xmlSecKeyReqReset ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyReqReset                   (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Resets key requirements object for new key search.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9204"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYREQCOPY"></a><h3>xmlSecKeyReqCopy ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyReqCopy                    (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> dst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> src);</pre>
-<p>Copies key requirements from <code class="PARAMETER">src</code> object to <code class="PARAMETER">dst</code> object.</p>
-<p></p>
+<a name="XMLSECKEYGENERATEBYNAME"></a><h3>xmlSecKeyGenerateByName ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyGenerateByName             (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Generates new key of requested <code class="PARAMETER">klass</code> and <code class="PARAMETER">type</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9222"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11189"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the requested key klass name (rsa, dsa, aes, ...).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11194"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new key size (in bits!).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9227"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11199"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new key type (session, permanent, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9232"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQMATCHKEY"></a><h3>xmlSecKeyReqMatchKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyReqMatchKey                (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Checks whether <code class="PARAMETER">key</code> matches key requirements <code class="PARAMETER">keyReq</code>.</p>
-<p></p>
+<a name="XMLSECKEYGETDATA"></a><h3>xmlSecKeyGetData ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink>    xmlSecKeyGetData                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);</pre>
+<p>Gets key's data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9250"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11224"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9255"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11229"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the requested data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9260"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if key matches requirements, 0 if not and a negative value
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11234"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>additional data associated with the <code class="PARAMETER">key</code> (see also
+<a href="xmlsec-keys.html#XMLSECKEYADOPTDATA"><span class="TYPE">xmlSecKeyAdoptData</span></a> function).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQMATCHKEYVALUE"></a><h3>xmlSecKeyReqMatchKeyValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyReqMatchKeyValue           (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> value);</pre>
-<p>Checks whether <code class="PARAMETER">keyValue</code> matches key requirements <code class="PARAMETER">keyReq</code>.</p>
-<p></p>
+<a name="XMLSECKEYGETNAME"></a><h3>xmlSecKeyGetName ()</h3>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     xmlSecKeyGetName                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Gets key name (see also <a href="xmlsec-keys.html#XMLSECKEYSETNAME"><span class="TYPE">xmlSecKeySetName</span></a> function).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9278"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11256"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9283"><span style="white-space: nowrap"><code class="PARAMETER">value</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9288"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if key value matches requirements, 0 if not and a negative value
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11261"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key name.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQDEBUGDUMP"></a><h3>xmlSecKeyReqDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyReqDebugDump               (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">keyReq</code> into <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECKEYGETTYPE"></a><h3>xmlSecKeyGetType ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   xmlSecKeyGetType                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Gets <code class="PARAMETER">key</code> type.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9306"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11279"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9311"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11284"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key type.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREQDEBUGXMLDUMP"></a><h3>xmlSecKeyReqDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyReqDebugXmlDump            (<a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">keyReq</code> into <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECKEYGETVALUE"></a><h3>xmlSecKeyGetValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink>    xmlSecKeyGetValue                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Gets key value (see also <a href="xmlsec-keys.html#XMLSECKEYSETVALUE"><span class="TYPE">xmlSecKeySetValue</span></a> function).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9329"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11303"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9334"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11308"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key value (crypto material).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEY"></a><h3>struct xmlSecKey</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKey {
-    xmlChar*				name;
-    xmlSecKeyDataPtr			value;
-    xmlSecPtrListPtr			dataList;
-    xmlSecKeyUsage			usage;
-    time_t				notValidBefore;
-    time_t				notValidAfter;    
-};</pre>
-<p>The key.</p>
+<a name="XMLSECKEYISVALID"></a><h3>xmlSecKeyIsValid()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyIsValid(key)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">key</code> is not NULL and <code class="PARAMETER">key</code>-&gt;id is not NULL
+or 0 otherwise.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN11322"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYMATCH"></a><h3>xmlSecKeyMatch ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyMatch                      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Checks whether the <code class="PARAMETER">key</code> matches the given criteria.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9347"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9353"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> <code class="STRUCTFIELD">value</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11346"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9359"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> <code class="STRUCTFIELD">dataList</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11351"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key name (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9365"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYUSAGE">xmlSecKeyUsage</a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11356"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9371"><span style="white-space: nowrap"><font>time_t</font> <code class="STRUCTFIELD">notValidBefore</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the start key validity interval.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9377"><span style="white-space: nowrap"><font>time_t</font> <code class="STRUCTFIELD">notValidAfter</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the end key validity interval.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11361"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if the key satisfies the given criteria or 0 otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYCREATE"></a><h3>xmlSecKeyCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyCreate                     (void);</pre>
-<p>Allocates and initializes new key. Caller is responsible for 
-freeing returned object with <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9394"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated <code class="PARAMETER">xmlSecKey</code> structure
-or NULL if an error occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDESTROY"></a><h3>xmlSecKeyDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDestroy                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Destroys the key created using <a href="xmlsec-keys.html#XMLSECKEYCREATE"><span class="TYPE">xmlSecKeyCreate</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYPTRLISTGETKLASS"></a><h3>xmlSecKeyPtrListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecKeyPtrListGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The keys list klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9412"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11377"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>keys list id.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYEMPTY"></a><h3>xmlSecKeyEmpty ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyEmpty                      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Clears the <code class="PARAMETER">key</code> data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9428"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr></tbody></table>
+<a name="XMLSECKEYPTRLISTID"></a><h3>xmlSecKeyPtrListId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyPtrListId      xmlSecKeyPtrListGetKlass()</pre>
+<p>The keys list klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDUPLICATE"></a><h3>xmlSecKeyDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        xmlSecKeyDuplicate                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Creates a duplicate of the given <code class="PARAMETER">key</code>.</p>
-<p></p>
+<a name="XMLSECKEYREADBINARYFILE"></a><h3>xmlSecKeyReadBinaryFile ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyReadBinaryFile             (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);</pre>
+<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a binary file <code class="PARAMETER">filename</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9444"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the <a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKey</span></a> structure.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11405"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9451"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated <a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKey</span></a> structure
-or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11410"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11415"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYCOPY"></a><h3>xmlSecKeyCopy ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyCopy                       (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> keyDst,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> keySrc);</pre>
-<p>Copies key data from <code class="PARAMETER">keySrc</code> to <code class="PARAMETER">keyDst</code>.</p>
-<p></p>
+<a name="XMLSECKEYREADBUFFER"></a><h3>xmlSecKeyReadBuffer ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyReadBuffer                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a> *buffer</code>);</pre>
+<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9471"><span style="white-space: nowrap"><code class="PARAMETER">keyDst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11436"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9476"><span style="white-space: nowrap"><code class="PARAMETER">keySrc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the source key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11441"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer that contains the binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9481"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11446"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGETNAME"></a><h3>xmlSecKeyGetName ()</h3>
-<pre class="PROGRAMLISTING">const <font>xmlChar</font>*      xmlSecKeyGetName                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Gets key name (see also <a href="xmlsec-keys.html#XMLSECKEYSETNAME"><span class="TYPE">xmlSecKeySetName</span></a> function).</p>
-<p></p>
+<a name="XMLSECKEYREADMEMORY"></a><h3>xmlSecKeyReadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecKeyReadMemory                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);</pre>
+<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a memory block <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9498"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11471"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9503"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11476"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the memory containing the key</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11481"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the memory block</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11486"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSETNAME"></a><h3>xmlSecKeySetName ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeySetName                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>xmlChar</font> *name);</pre>
-<p>Sets key name (see also <a href="xmlsec-keys.html#XMLSECKEYGETNAME"><span class="TYPE">xmlSecKeyGetName</span></a> function).</p>
-<p></p>
+<a name="XMLSECKEYREQ"></a><h3>struct xmlSecKeyReq</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyReq {
+    xmlSecKeyDataId             keyId;
+    xmlSecKeyDataType           keyType;
+    xmlSecKeyUsage              keyUsage;
+    xmlSecSize                  keyBitsSize;
+    xmlSecPtrList               keyUseWithList;
+
+    void*                       reserved1;
+    void*                       reserved2;
+};</pre>
+<p>The key requirements information.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9521"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11498"><span style="white-space: nowrap"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> <code class="STRUCTFIELD">keyId</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key value klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11505"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> <code class="STRUCTFIELD">keyType</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9526"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new key name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11512"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEYUSAGE"><span class="TYPE">xmlSecKeyUsage</span></a> <code class="STRUCTFIELD">keyUsage</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9531"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11519"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">keyBitsSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key size (in bits!).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11526"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">keyUseWithList</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key use with application/identifier information.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11533"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for future use.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11540"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for future use.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGETTYPE"></a><h3>xmlSecKeyGetType ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   xmlSecKeyGetType                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Gets <code class="PARAMETER">key</code> type.</p>
-<p></p>
+<a name="XMLSECKEYREQCOPY"></a><h3>xmlSecKeyReqCopy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyReqCopy                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> src</code>);</pre>
+<p>Copies key requirements from <code class="PARAMETER">src</code> object to <code class="PARAMETER">dst</code> object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9547"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11564"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9552"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11569"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGETVALUE"></a><h3>xmlSecKeyGetValue ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataPtr</font>    xmlSecKeyGetValue                   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Gets key value (see also <a href="xmlsec-keys.html#XMLSECKEYSETVALUE"><span class="TYPE">xmlSecKeySetValue</span></a> function).</p>
-<p></p>
+<a name="XMLSECKEYREQDEBUGDUMP"></a><h3>xmlSecKeyReqDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyReqDebugDump               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">keyReq</code> into <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9569"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11596"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key value (crypto material).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11601"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSETVALUE"></a><h3>xmlSecKeySetValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeySetValue                   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> value);</pre>
-<p>Sets key value (see also <a href="xmlsec-keys.html#XMLSECKEYGETVALUE"><span class="TYPE">xmlSecKeyGetValue</span></a> function).</p>
-<p></p>
+<a name="XMLSECKEYREQDEBUGXMLDUMP"></a><h3>xmlSecKeyReqDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyReqDebugXmlDump            (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">keyReq</code> into <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9592"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9597"><span style="white-space: nowrap"><code class="PARAMETER">value</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11623"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9602"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11628"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGETDATA"></a><h3>xmlSecKeyGetData ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataPtr</font>    xmlSecKeyGetData                    (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlSecKeyDataId</font> dataId);</pre>
-<p>Gets key's data.</p>
+<a name="XMLSECKEYREQFINALIZE"></a><h3>xmlSecKeyReqFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyReqFinalize                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Cleans the key requirements object initialized with <a href="xmlsec-keys.html#XMLSECKEYREQINITIALIZE"><span class="TYPE">xmlSecKeyReqInitialize</span></a>
+function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN11647"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYREQINITIALIZE"></a><h3>xmlSecKeyReqInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyReqInitialize              (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Initialize key requirements object. Caller is responsible for
+cleaning it with <a href="xmlsec-keys.html#XMLSECKEYREQFINALIZE"><span class="TYPE">xmlSecKeyReqFinalize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9618"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9623"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the requested data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11666"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9628"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> additional data associated with the <code class="PARAMETER">key</code> (see also 
-<a href="xmlsec-keys.html#XMLSECKEYADOPTDATA"><span class="TYPE">xmlSecKeyAdoptData</span></a> function).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11671"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYENSUREDATA"></a><h3>xmlSecKeyEnsureData ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataPtr</font>    xmlSecKeyEnsureData                 (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlSecKeyDataId</font> dataId);</pre>
-<p>If necessary, creates key data of <code class="PARAMETER">dataId</code> klass and adds to <code class="PARAMETER">key</code>.</p>
-<p></p>
+<a name="XMLSECKEYREQMATCHKEY"></a><h3>xmlSecKeyReqMatchKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyReqMatchKey                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Checks whether <code class="PARAMETER">key</code> matches key requirements <code class="PARAMETER">keyReq</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9649"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11693"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9654"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the requested data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11698"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9659"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to key data or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11703"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if key matches requirements, 0 if not and a negative value
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYADOPTDATA"></a><h3>xmlSecKeyAdoptData ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyAdoptData                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Adds <code class="PARAMETER">data</code> to the <code class="PARAMETER">key</code>. The <code class="PARAMETER">data</code> object will be destroyed
-by <code class="PARAMETER">key</code>.</p>
-<p></p>
+<a name="XMLSECKEYREQMATCHKEYVALUE"></a><h3>xmlSecKeyReqMatchKeyValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyReqMatchKeyValue           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> value</code>);</pre>
+<p>Checks whether <code class="PARAMETER">keyValue</code> matches key requirements <code class="PARAMETER">keyReq</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9679"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11725"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9684"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11730"><span style="white-space: nowrap"><code class="PARAMETER">value</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9689"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11735"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if key value matches requirements, 0 if not and a negative value
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDEBUGDUMP"></a><h3>xmlSecKeyDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDebugDump                  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the information about the <code class="PARAMETER">key</code> to the <code class="PARAMETER">output</code>.</p>
+<a name="XMLSECKEYREQRESET"></a><h3>xmlSecKeyReqReset ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyReqReset                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Resets key requirements object for new key search.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN11752"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSETNAME"></a><h3>xmlSecKeySetName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeySetName                    (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>);</pre>
+<p>Sets key name (see also <a href="xmlsec-keys.html#XMLSECKEYGETNAME"><span class="TYPE">xmlSecKeyGetName</span></a> function).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9707"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11774"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11779"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new key name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9712"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11784"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDEBUGXMLDUMP"></a><h3>xmlSecKeyDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDebugXmlDump               (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the information about the <code class="PARAMETER">key</code> to the <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECKEYSETVALUE"></a><h3>xmlSecKeySetValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeySetValue                   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> value</code>);</pre>
+<p>Sets key value (see also <a href="xmlsec-keys.html#XMLSECKEYGETVALUE"><span class="TYPE">xmlSecKeyGetValue</span></a> function).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9730"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11806"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9735"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11811"><span style="white-space: nowrap"><code class="PARAMETER">value</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN11816"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGENERATE"></a><h3>xmlSecKeyGenerate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyGenerate                   (<font>xmlSecKeyDataId</font> dataId,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Generates new key of requested klass <code class="PARAMETER">dataId</code> and <code class="PARAMETER">type</code>.</p>
-<p></p>
+<a name="XMLSECKEYUSAGE"></a><h3>xmlSecKeyUsage</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                    xmlSecKeyUsage;</pre>
+<p>The key usage.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGEANY"></a><h3>xmlSecKeyUsageAny</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageAny               0xFFFFFFFF</pre>
+<p>A decryption key.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGEDECRYPT"></a><h3>xmlSecKeyUsageDecrypt</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageDecrypt           0x00000008</pre>
+<p>An encryption key.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGEENCRYPT"></a><h3>xmlSecKeyUsageEncrypt</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageEncrypt           0x00000004</pre>
+<p>Key for signature verification.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGEKEYEXCHANGE"></a><h3>xmlSecKeyUsageKeyExchange</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageKeyExchange       0x00000010</pre>
+<p>The key is used for key exchange.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGESIGN"></a><h3>xmlSecKeyUsageSign</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageSign              0x00000001</pre>
+<p>Key can be used in any way.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSAGEVERIFY"></a><h3>xmlSecKeyUsageVerify</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUsageVerify            0x00000002</pre>
+<p>Key for signing.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSEWITH"></a><h3>struct xmlSecKeyUseWith</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyUseWith {
+    xmlChar*                    application;
+    xmlChar*                    identifier;
+
+    void*                       reserved1;
+    void*                       reserved2;
+};</pre>
+<p>Information about application and user of the key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9754"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the requested key klass (rsa, dsa, aes, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11870"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">application</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the application.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9759"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new key size (in bits!).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11877"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">identifier</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the identifier.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9764"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new key type (session, permanent, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11884"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for future use.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9769"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11891"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for future use.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYGENERATEBYNAME"></a><h3>xmlSecKeyGenerateByName ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyGenerateByName             (const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Generates new key of requested <code class="PARAMETER">klass</code> and <code class="PARAMETER">type</code>.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHCOPY"></a><h3>xmlSecKeyUseWithCopy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyUseWithCopy                (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> src</code>);</pre>
+<p>Copies information from <code class="PARAMETER">dst</code> to <code class="PARAMETER">src</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9788"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the requested key klass name (rsa, dsa, aes, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11915"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9793"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new key size (in bits!).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11920"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9798"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new key type (session, permanent, ...).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9803"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11925"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYMATCH"></a><h3>xmlSecKeyMatch ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyMatch                      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Checks whether the <code class="PARAMETER">key</code> matches the given criteria.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHCREATE"></a><h3>xmlSecKeyUseWithCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="RETURNVALUE">xmlSecKeyUseWithPtr</span></a> xmlSecKeyUseWithCreate              (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *application</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *identifier</code>);</pre>
+<p>Creates new xmlSecKeyUseWith object. The caller is responsible for destroying
+returned object with <code class="PARAMETER">xmlSecKeyUseWithDestroy</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9821"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9826"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key name (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11946"><span style="white-space: nowrap"><code class="PARAMETER">application</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the application value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9831"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key requirements.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11951"><span style="white-space: nowrap"><code class="PARAMETER">identifier</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the identifier value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9836"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if the key satisfies the given criteria or 0 otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11956"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created object or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREADBUFFER"></a><h3>xmlSecKeyReadBuffer ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyReadBuffer                 (<font>xmlSecKeyDataId</font> dataId,
-                                                         <a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a> *buffer);</pre>
-<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a buffer.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHDEBUGDUMP"></a><h3>xmlSecKeyUseWithDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyUseWithDebugDump           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints xmlSecKeyUseWith debug information to a file <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9853"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value data klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9858"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the buffer that contains the binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11977"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9863"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN11982"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREADBINARYFILE"></a><h3>xmlSecKeyReadBinaryFile ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyReadBinaryFile             (<font>xmlSecKeyDataId</font> dataId,
-                                                         const <font>char</font> *filename);</pre>
-<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a binary file <code class="PARAMETER">filename</code>.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHDEBUGXMLDUMP"></a><h3>xmlSecKeyUseWithDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyUseWithDebugXmlDump        (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints xmlSecKeyUseWith debug information to a file <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9881"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12003"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9886"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9891"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12008"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYREADMEMORY"></a><h3>xmlSecKeyReadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecKeyReadMemory                 (<font>xmlSecKeyDataId</font> dataId,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);</pre>
-<p>Reads the key value of klass <code class="PARAMETER">dataId</code> from a memory block <code class="PARAMETER">data</code>.</p>
+<a name="XMLSECKEYUSEWITHDESTROY"></a><h3>xmlSecKeyUseWithDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyUseWithDestroy             (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);</pre>
+<p>Destroys <code class="PARAMETER">keyUseWith</code> created with <code class="PARAMETER">xmlSecKeyUseWithCreate</code> or <code class="PARAMETER">xmlSecKeyUseWithDuplicate</code>
+functions.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12028"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSEWITHDUPLICATE"></a><h3>xmlSecKeyUseWithDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYUSEWITHPTR"><span class="RETURNVALUE">xmlSecKeyUseWithPtr</span></gtkdoclink> xmlSecKeyUseWithDuplicate           (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);</pre>
+<p>Duplicates <code class="PARAMETER">keyUseWith</code> object. The caller is responsible for destroying
+returned object with <code class="PARAMETER">xmlSecKeyUseWithDestroy</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9910"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value data klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9915"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the memory containing the key</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12047"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9920"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the size of the memory block</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN9925"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12052"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created object or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYISVALID"></a><h3>xmlSecKeyIsValid()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyIsValid(key)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">key</code> is not NULL and <code class="PARAMETER">key</code>-&gt;id is not NULL
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHFINALIZE"></a><h3>xmlSecKeyUseWithFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyUseWithFinalize            (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);</pre>
+<p>Finalizes <code class="PARAMETER">keyUseWith</code> object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9940"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12070"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYCHECKID"></a><h3>xmlSecKeyCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyCheckId(key, keyId)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">key</code> is valid and <code class="PARAMETER">key</code>'s id is equal to <code class="PARAMETER">keyId</code>.</p>
-<p></p>
+<a name="XMLSECKEYUSEWITHINITIALIZE"></a><h3>xmlSecKeyUseWithInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyUseWithInitialize          (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);</pre>
+<p>Initializes <code class="PARAMETER">keyUseWith</code> object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9956"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12088"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN9961"><span style="white-space: nowrap"><code class="PARAMETER">keyId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key Id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12093"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYPTRLISTID"></a><h3>xmlSecKeyPtrListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyPtrListId	xmlSecKeyPtrListGetKlass()</pre>
-<p>The keys list klass.</p>
+<a name="XMLSECKEYUSEWITHPTRLISTGETKLASS"></a><h3>xmlSecKeyUseWithPtrListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecKeyUseWithPtrListGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The key data list klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12109"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key data list klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYPTRLISTGETKLASS"></a><h3>xmlSecKeyPtrListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecKeyPtrListGetKlass            (void);</pre>
+<a name="XMLSECKEYUSEWITHPTRLISTID"></a><h3>xmlSecKeyUseWithPtrListId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyUseWithPtrListId       xmlSecKeyUseWithPtrListGetKlass()</pre>
 <p>The keys list klass.</p>
-<p></p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSEWITHRESET"></a><h3>xmlSecKeyUseWithReset ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyUseWithReset               (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>);</pre>
+<p>Resets the <code class="PARAMETER">keyUseWith</code> to its state after initialization.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN9982"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> keys list id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12133"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYUSEWITHSET"></a><h3>xmlSecKeyUseWithSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyUseWithSet                 (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYUSEWITH"><span class="TYPE">xmlSecKeyUseWithPtr</span></a> keyUseWith</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *application</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *identifier</code>);</pre>
+<p>Sets <code class="PARAMETER">application</code> and <code class="PARAMETER">identifier</code> in the <code class="PARAMETER">keyUseWith</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12159"><span style="white-space: nowrap"><code class="PARAMETER">keyUseWith</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to information about key application/user.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12164"><span style="white-space: nowrap"><code class="PARAMETER">application</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new application value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12169"><span style="white-space: nowrap"><code class="PARAMETER">identifier</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new identifier value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12174"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-keysdata.html"><b>&lt;&lt;&lt; keysdata</b></a></td>
diff --git a/docs/api/xmlsec-keysdata.html b/docs/api/xmlsec-keysdata.html
index 568c2869..f37f6583 100644
--- a/docs/api/xmlsec-keysdata.html
+++ b/docs/api/xmlsec-keysdata.html
@@ -87,175 +87,180 @@
 <h1>
 <a name="XMLSEC-KEYSDATA"></a>keysdata</h1>
 <div class="REFNAMEDIV">
-<a name="AEN6169"></a><h2>Name</h2>keysdata -- Crypto key data object definition.</div>
+<a name="AEN7511"></a><h2>Name</h2>keysdata -- Crypto key data object definition.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-KEYSDATA.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">typedef             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a>;
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEUNKNOWN">xmlSecKeyDataUsageUnknown</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODEREAD">xmlSecKeyDataUsageKeyInfoNodeRead</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODEWRITE">xmlSecKeyDataUsageKeyInfoNodeWrite</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODEREAD">xmlSecKeyDataUsageKeyValueNodeRead</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODEWRITE">xmlSecKeyDataUsageKeyValueNodeWrite</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODEXML">xmlSecKeyDataUsageRetrievalMethodNodeXml</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODEBIN">xmlSecKeyDataUsageRetrievalMethodNodeBin</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEANY">xmlSecKeyDataUsageAny</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODE">xmlSecKeyDataUsageKeyInfoNode</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODE">xmlSecKeyDataUsageKeyValueNode</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODE">xmlSecKeyDataUsageRetrievalMethodNode</a>
-typedef             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>;
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEUNKNOWN">xmlSecKeyDataTypeUnknown</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPENONE">xmlSecKeyDataTypeNone</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPUBLIC">xmlSecKeyDataTypePublic</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPRIVATE">xmlSecKeyDataTypePrivate</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPESYMMETRIC">xmlSecKeyDataTypeSymmetric</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPESESSION">xmlSecKeyDataTypeSession</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPERMANENT">xmlSecKeyDataTypePermanent</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPETRUSTED">xmlSecKeyDataTypeTrusted</a>
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEANY">xmlSecKeyDataTypeAny</a>
+<pre class="SYNOPSIS">struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyData</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINREAD">xmlSecKeyDataBinRead</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATABINREADMETHOD">*xmlSecKeyDataBinReadMethod</a>)       (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITE">xmlSecKeyDataBinWrite</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITEMETHOD">*xmlSecKeyDataBinWriteMethod</a>)      (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYSIZE">xmlSecKeyDataBinarySize</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEBINREAD">xmlSecKeyDataBinaryValueBinRead</a>     (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEBINWRITE">xmlSecKeyDataBinaryValueBinWrite</a>    (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDEBUGDUMP">xmlSecKeyDataBinaryValueDebugDump</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDEBUGXMLDUMP">xmlSecKeyDataBinaryValueDebugXmlDump</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDUPLICATE">xmlSecKeyDataBinaryValueDuplicate</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEFINALIZE">xmlSecKeyDataBinaryValueFinalize</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEGETBUFFER">xmlSecKeyDataBinaryValueGetBuffer</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEGETSIZE">xmlSecKeyDataBinaryValueGetSize</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEINITIALIZE">xmlSecKeyDataBinaryValueInitialize</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUESETBUFFER">xmlSecKeyDataBinaryValueSetBuffer</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEXMLREAD">xmlSecKeyDataBinaryValueXmlRead</a>     (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEXMLWRITE">xmlSecKeyDataBinaryValueXmlWrite</a>    (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKID">xmlSecKeyDataCheckId</a>                (data,
+                                                         dataId)
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKSIZE">xmlSecKeyDataCheckSize</a>              (data,
+                                                         size)
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKUSAGE">xmlSecKeyDataCheckUsage</a>             (data,
+                                                         usg)
+<a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-keysdata.html#XMLSECKEYDATACREATE">xmlSecKeyDataCreate</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMP">xmlSecKeyDataDebugDump</a>              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD">*xmlSecKeyDataDebugDumpMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGXMLDUMP">xmlSecKeyDataDebugXmlDump</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY">xmlSecKeyDataDestroy</a>                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATE">xmlSecKeyDataDuplicate</a>              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATEMETHOD">*xmlSecKeyDataDuplicateMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATAFINALIZEMETHOD">*xmlSecKeyDataFinalizeMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
 enum                <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a>;
-<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSGET">xmlSecKeyDataIdsGet</a>                 (void);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSINIT">xmlSecKeyDataIdsInit</a>                (void);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSSHUTDOWN">xmlSecKeyDataIdsShutdown</a>            (void);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSREGISTERDEFAULT">xmlSecKeyDataIdsRegisterDefault</a>     (void);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSREGISTER">xmlSecKeyDataIdsRegister</a>            (<font>xmlSecKeyDataId</font> id);
-struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyData</a>;
-<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-keysdata.html#XMLSECKEYDATACREATE">xmlSecKeyDataCreate</a>                 (<font>xmlSecKeyDataId</font> id);
-<font>xmlSecKeyDataPtr</font>    <a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATE">xmlSecKeyDataDuplicate</a>              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY">xmlSecKeyDataDestroy</a>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATE">xmlSecKeyDataGenerate</a>               (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPE">xmlSecKeyDataGetType</a>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZE">xmlSecKeyDataGetSize</a>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-const <font>xmlChar</font>*      <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIER">xmlSecKeyDataGetIdentifier</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMP">xmlSecKeyDataDebugDump</a>              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGXMLDUMP">xmlSecKeyDataDebugXmlDump</a>           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREAD">xmlSecKeyDataXmlRead</a>                (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITE">xmlSecKeyDataXmlWrite</a>               (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINREAD">xmlSecKeyDataBinRead</a>                (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITE">xmlSecKeyDataBinWrite</a>               (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATE">xmlSecKeyDataGenerate</a>               (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATEMETHOD">*xmlSecKeyDataGenerateMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIER">xmlSecKeyDataGetIdentifier</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIERMETHOD">*xmlSecKeyDataGetIdentifierMethod</a>) (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETNAME">xmlSecKeyDataGetName</a>                (data)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAISVALID">xmlSecKeyDataIsValid</a>                (data)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKID">xmlSecKeyDataCheckId</a>                (data, dataId)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKUSAGE">xmlSecKeyDataCheckUsage</a>             (data, usg)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATACHECKSIZE">xmlSecKeyDataCheckSize</a>              (data, size)
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZE">xmlSecKeyDataGetSize</a>                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZEMETHOD">*xmlSecKeyDataGetSizeMethod</a>)       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   <a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPE">xmlSecKeyDataGetType</a>                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPEMETHOD">*xmlSecKeyDataGetTypeMethod</a>)       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTDEBUGDUMP">xmlSecKeyDataIdListDebugDump</a>        (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTDEBUGXMLDUMP">xmlSecKeyDataIdListDebugXmlDump</a>     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFIND">xmlSecKeyDataIdListFind</a>             (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYHREF">xmlSecKeyDataIdListFindByHref</a>       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYNAME">xmlSecKeyDataIdListFindByName</a>       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYNODE">xmlSecKeyDataIdListFindByNode</a>       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTGETKLASS">xmlSecKeyDataIdListGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTID">xmlSecKeyDataIdListId</a>
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDUNKNOWN">xmlSecKeyDataIdUnknown</a>
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAINITMETHOD">*xmlSecKeyDataInitMethod</a>)          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATEMETHOD">*xmlSecKeyDataDuplicateMethod</a>)     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);
-<font>void</font>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATAFINALIZEMETHOD">*xmlSecKeyDataFinalizeMethod</a>)      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREADMETHOD">*xmlSecKeyDataXmlReadMethod</a>)       (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITEMETHOD">*xmlSecKeyDataXmlWriteMethod</a>)      (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATABINREADMETHOD">*xmlSecKeyDataBinReadMethod</a>)       (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITEMETHOD">*xmlSecKeyDataBinWriteMethod</a>)      (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATEMETHOD">*xmlSecKeyDataGenerateMethod</a>)      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPEMETHOD">*xmlSecKeyDataGetTypeMethod</a>)       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZEMETHOD">*xmlSecKeyDataGetSizeMethod</a>)       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-const <font>xmlChar</font> *     (<a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIERMETHOD">*xmlSecKeyDataGetIdentifierMethod</a>) (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>void</font>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD">*xmlSecKeyDataDebugDumpMethod</a>)     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);
+<a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSGET">xmlSecKeyDataIdsGet</a>                 (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSINIT">xmlSecKeyDataIdsInit</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSREGISTER">xmlSecKeyDataIdsRegister</a>            (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSREGISTERDEFAULT">xmlSecKeyDataIdsRegisterDefault</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAIDSSHUTDOWN">xmlSecKeyDataIdsShutdown</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAINITMETHOD">*xmlSecKeyDataInitMethod</a>)          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAISVALID">xmlSecKeyDataIsValid</a>                (data)
 struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATAKLASS">xmlSecKeyDataKlass</a>;
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAKLASSGETNAME">xmlSecKeyDataKlassGetName</a>           (klass)
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATALISTGETKLASS">xmlSecKeyDataListGetKlass</a>           (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATALISTID">xmlSecKeyDataListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATALISTGETKLASS">xmlSecKeyDataListGetKlass</a>           (void);
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTID">xmlSecKeyDataIdListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTGETKLASS">xmlSecKeyDataIdListGetKlass</a>         (void);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFIND">xmlSecKeyDataIdListFind</a>             (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecKeyDataId</font> dataId);
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYNODE">xmlSecKeyDataIdListFindByNode</a>       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYHREF">xmlSecKeyDataIdListFindByHref</a>       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *href,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTFINDBYNAME">xmlSecKeyDataIdListFindByName</a>       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTDEBUGDUMP">xmlSecKeyDataIdListDebugDump</a>        (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATAIDLISTDEBUGXMLDUMP">xmlSecKeyDataIdListDebugXmlDump</a>     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYSIZE">xmlSecKeyDataBinarySize</a>
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEINITIALIZE">xmlSecKeyDataBinaryValueInitialize</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDUPLICATE">xmlSecKeyDataBinaryValueDuplicate</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEFINALIZE">xmlSecKeyDataBinaryValueFinalize</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEXMLREAD">xmlSecKeyDataBinaryValueXmlRead</a>     (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEXMLWRITE">xmlSecKeyDataBinaryValueXmlWrite</a>    (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEBINREAD">xmlSecKeyDataBinaryValueBinRead</a>     (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEBINWRITE">xmlSecKeyDataBinaryValueBinWrite</a>    (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDEBUGDUMP">xmlSecKeyDataBinaryValueDebugDump</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEDEBUGXMLDUMP">xmlSecKeyDataBinaryValueDebugXmlDump</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEGETSIZE">xmlSecKeyDataBinaryValueGetSize</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>xmlSecBufferPtr</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUEGETBUFFER">xmlSecKeyDataBinaryValueGetBuffer</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-keysdata.html#XMLSECKEYDATABINARYVALUESETBUFFER">xmlSecKeyDataBinaryValueSetBuffer</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
 struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStore</a>;
-<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a>  <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECREATE">xmlSecKeyDataStoreCreate</a>         (<font>xmlSecKeyDataStoreId</font> id);
-<font>void</font>                <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREDESTROY">xmlSecKeyDataStoreDestroy</a>           (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECHECKID">xmlSecKeyDataStoreCheckId</a>           (store,
+                                                         storeId)
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECHECKSIZE">xmlSecKeyDataStoreCheckSize</a>         (store,
+                                                         size)
+<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="RETURNVALUE">xmlSecKeyDataStorePtr</span></a> <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECREATE">xmlSecKeyDataStoreCreate</a>          (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink> id</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREDESTROY">xmlSecKeyDataStoreDestroy</a>           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREFINALIZEMETHOD">*xmlSecKeyDataStoreFinalizeMethod</a>) (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREGETNAME">xmlSecKeyDataStoreGetName</a>           (store)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREISVALID">xmlSecKeyDataStoreIsValid</a>           (store)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECHECKID">xmlSecKeyDataStoreCheckId</a>           (store, storeId)
-#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECHECKSIZE">xmlSecKeyDataStoreCheckSize</a>         (store, size)
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREIDUNKNOWN">xmlSecKeyDataStoreIdUnknown</a>
-<font>int</font>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREINITIALIZEMETHOD">*xmlSecKeyDataStoreInitializeMethod</a>)
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);
-<font>void</font>                (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREFINALIZEMETHOD">*xmlSecKeyDataStoreFinalizeMethod</a>) (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREINITIALIZEMETHOD">*xmlSecKeyDataStoreInitializeMethod</a>)
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREISVALID">xmlSecKeyDataStoreIsValid</a>           (store)
 struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREKLASS">xmlSecKeyDataStoreKlass</a>;
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREKLASSGETNAME">xmlSecKeyDataStoreKlassGetName</a>      (klass)
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREPTRLISTGETKLASS">xmlSecKeyDataStorePtrListGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREPTRLISTID">xmlSecKeyDataStorePtrListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREPTRLISTGETKLASS">xmlSecKeyDataStorePtrListGetKlass</a>   (void);</pre>
+typedef             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>;
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEANY">xmlSecKeyDataTypeAny</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPENONE">xmlSecKeyDataTypeNone</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPERMANENT">xmlSecKeyDataTypePermanent</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPRIVATE">xmlSecKeyDataTypePrivate</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEPUBLIC">xmlSecKeyDataTypePublic</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPESESSION">xmlSecKeyDataTypeSession</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPESYMMETRIC">xmlSecKeyDataTypeSymmetric</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPETRUSTED">xmlSecKeyDataTypeTrusted</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEUNKNOWN">xmlSecKeyDataTypeUnknown</a>
+typedef             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a>;
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEANY">xmlSecKeyDataUsageAny</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODE">xmlSecKeyDataUsageKeyInfoNode</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODEREAD">xmlSecKeyDataUsageKeyInfoNodeRead</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYINFONODEWRITE">xmlSecKeyDataUsageKeyInfoNodeWrite</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODE">xmlSecKeyDataUsageKeyValueNode</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODEREAD">xmlSecKeyDataUsageKeyValueNodeRead</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEKEYVALUENODEWRITE">xmlSecKeyDataUsageKeyValueNodeWrite</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODE">xmlSecKeyDataUsageRetrievalMethodNode</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODEBIN">xmlSecKeyDataUsageRetrievalMethodNodeBin</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGERETRIEVALMETHODNODEXML">xmlSecKeyDataUsageRetrievalMethodNodeXml</a>
+#define             <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGEUNKNOWN">xmlSecKeyDataUsageUnknown</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREAD">xmlSecKeyDataXmlRead</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREADMETHOD">*xmlSecKeyDataXmlReadMethod</a>)       (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITE">xmlSecKeyDataXmlWrite</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITEMETHOD">*xmlSecKeyDataXmlWriteMethod</a>)      (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-KEYSDATA.DESCRIPTION"></a><h2>Description</h2>
@@ -264,1694 +269,1378 @@ struct              <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREKLASS">xmlSe
 <div class="REFSECT1">
 <a name="XMLSEC-KEYSDATA.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGE"></a><h3>xmlSecKeyDataUsage</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int					xmlSecKeyDataUsage;</pre>
-<p>The bits mask that determines possible keys data usage.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEUNKNOWN"></a><h3>xmlSecKeyDataUsageUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageUnknown			0x00000</pre>
-<p>The key data usage is unknown.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYINFONODEREAD"></a><h3>xmlSecKeyDataUsageKeyInfoNodeRead</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyInfoNodeRead		0x00001</pre>
-<p>The key data could be read from a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYINFONODEWRITE"></a><h3>xmlSecKeyDataUsageKeyInfoNodeWrite</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyInfoNodeWrite		0x00002</pre>
-<p>The key data could be written to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYVALUENODEREAD"></a><h3>xmlSecKeyDataUsageKeyValueNodeRead</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyValueNodeRead		0x00004</pre>
-<p>The key data could be read from a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYVALUENODEWRITE"></a><h3>xmlSecKeyDataUsageKeyValueNodeWrite</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyValueNodeWrite		0x00008</pre>
-<p>The key data could be written to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODEXML"></a><h3>xmlSecKeyDataUsageRetrievalMethodNodeXml</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageRetrievalMethodNodeXml	0x00010</pre>
-<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
-in XML format.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODEBIN"></a><h3>xmlSecKeyDataUsageRetrievalMethodNodeBin</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageRetrievalMethodNodeBin	0x00020</pre>
-<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
-in binary format.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEANY"></a><h3>xmlSecKeyDataUsageAny</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageAny				0xFFFFF</pre>
-<p>Any key data usage.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYINFONODE"></a><h3>xmlSecKeyDataUsageKeyInfoNode</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageKeyInfoNode</pre>
-<p>The key data could be read and written from/to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGEKEYVALUENODE"></a><h3>xmlSecKeyDataUsageKeyValueNode</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageKeyValueNode</pre>
-<p>The key data could be read and written from/to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODE"></a><h3>xmlSecKeyDataUsageRetrievalMethodNode</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageRetrievalMethodNode</pre>
-<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
-in any format.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPE"></a><h3>xmlSecKeyDataType</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int				xmlSecKeyDataType;</pre>
-<p>The key data type (public/private, session/permanet, etc.).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPEUNKNOWN"></a><h3>xmlSecKeyDataTypeUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeUnknown			0x0000</pre>
-<p>The key data type is unknown (same as <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPENONE"><span class="TYPE">xmlSecKeyDataTypeNone</span></a>).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPENONE"></a><h3>xmlSecKeyDataTypeNone</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeNone				xmlSecKeyDataTypeUnknown</pre>
-<p>The key data type is unknown (same as <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEUNKNOWN"><span class="TYPE">xmlSecKeyDataTypeUnknown</span></a>).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPEPUBLIC"></a><h3>xmlSecKeyDataTypePublic</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePublic				0x0001</pre>
-<p>The key data contain a public key.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPEPRIVATE"></a><h3>xmlSecKeyDataTypePrivate</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePrivate			0x0002</pre>
-<p>The key data contain a private key.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPESYMMETRIC"></a><h3>xmlSecKeyDataTypeSymmetric</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeSymmetric			0x0004</pre>
-<p>The key data contain a symmetric key.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPESESSION"></a><h3>xmlSecKeyDataTypeSession</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeSession			0x0008</pre>
-<p>The key data contain session key (one time key, not stored in keys manager).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPEPERMANENT"></a><h3>xmlSecKeyDataTypePermanent</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePermanent			0x0010</pre>
-<p>The key data contain permanent key (stored in keys manager).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPETRUSTED"></a><h3>xmlSecKeyDataTypeTrusted</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeTrusted			0x0100</pre>
-<p>The key data is trusted.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATATYPEANY"></a><h3>xmlSecKeyDataTypeAny</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeAny				0xFFFF</pre>
-<p>Any key data.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAFORMAT"></a><h3>enum xmlSecKeyDataFormat</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecKeyDataFormatUnknown = 0,
-    xmlSecKeyDataFormatBinary,
-    xmlSecKeyDataFormatPem,
-    xmlSecKeyDataFormatDer,
-    xmlSecKeyDataFormatPkcs8Pem,
-    xmlSecKeyDataFormatPkcs8Der,
-    xmlSecKeyDataFormatPkcs12,
-    xmlSecKeyDataFormatCertPem,
-    xmlSecKeyDataFormatCertDer
-} xmlSecKeyDataFormat;</pre>
-<p>The key data format (binary, der, pem, etc.).</p>
-<p></p>
+<a name="XMLSECKEYDATA"></a><h3>struct xmlSecKeyData</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyData {
+    xmlSecKeyDataId                     id;
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The key data: key value (crypto material), x509 data, pgp data, etc.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATUNKNOWN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatUnknown</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data format is unknown.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8091"><span style="white-space: nowrap"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> <code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id (<gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATBINARY"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatBinary</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8100"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPem</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PEM key data (cert or public/private key).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8107"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATABINREAD"></a><h3>xmlSecKeyDataBinRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinRead                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads the key data of klass <code class="PARAMETER">id</code> from binary buffer <code class="PARAMETER">buf</code> to <code class="PARAMETER">key</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATDER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatDer</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the DER key data (cert or public/private key).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8141"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS8PEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs8Pem</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the PKCS8 PEM private key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8146"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS8DER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs8Der</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the PKCS8 DER private key. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8151"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS12"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs12</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 format (bag of keys and certs)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8156"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATCERTPEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatCertPem</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PEM cert.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8161"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATCERTDER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatCertDer</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>		the DER cert.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8167"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAIDSGET"></a><h3>xmlSecKeyDataIdsGet ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    xmlSecKeyDataIdsGet                 (void);</pre>
-<p>Gets global registered key data klasses list.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6676"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to list of all registered key data klasses.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDSINIT"></a><h3>xmlSecKeyDataIdsInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataIdsInit                (void);</pre>
-<p>Initializes the key data klasses. This function is called from the 
-<a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function and the application should not call it directly.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6692"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDSSHUTDOWN"></a><h3>xmlSecKeyDataIdsShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataIdsShutdown            (void);</pre>
-<p>Shuts down the keys data klasses. This function is called from the 
-<a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function and the application should not call it directly.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDSREGISTERDEFAULT"></a><h3>xmlSecKeyDataIdsRegisterDefault ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataIdsRegisterDefault     (void);</pre>
-<p>Registers default (implemented by XML Security Library)
-key data klasses: <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element processing klass, 
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element processing klass, ...</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6718"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDSREGISTER"></a><h3>xmlSecKeyDataIdsRegister ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataIdsRegister            (<font>xmlSecKeyDataId</font> id);</pre>
-<p>Registers <code class="PARAMETER">id</code> in the global list of key data klasses.</p>
-<p></p>
+<a name="XMLSECKEYDATABINREADMETHOD"></a><h3>xmlSecKeyDataBinReadMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataBinReadMethod)       (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Key data specific method for reading binary buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6734"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8196"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8201"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8206"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6739"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8211"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8216"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8222"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATA"></a><h3>struct xmlSecKeyData</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyData {
-    xmlSecKeyDataId			id;
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The key data: key value (crypto material), x509 data, pgp data, etc.</p>
-<p></p>
+<a name="XMLSECKEYDATABINWRITE"></a><h3>xmlSecKeyDataBinWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinWrite               (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Writes the key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> to a binary buffer <code class="PARAMETER">buf</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6752"><span style="white-space: nowrap"><font>xmlSecKeyDataId</font> <code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id (<gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8254"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8259"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8264"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output binary buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8269"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6760"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8274"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6766"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8280"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATACREATE"></a><h3>xmlSecKeyDataCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecKeyDataCreate                 (<font>xmlSecKeyDataId</font> id);</pre>
-<p>Allocates and initializes new key data of the specified type <code class="PARAMETER">id</code>.
-Caller is responsible for destroing returend object with 
-<a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY"><span class="TYPE">xmlSecKeyDataDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYDATABINWRITEMETHOD"></a><h3>xmlSecKeyDataBinWriteMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataBinWriteMethod)      (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Key data specific method for reading binary buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6785"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8309"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated key data structure
-or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8314"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8319"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8324"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8329"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8335"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADUPLICATE"></a><h3>xmlSecKeyDataDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataPtr</font>    xmlSecKeyDataDuplicate              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Creates a duplicate of the given <code class="PARAMETER">data</code>. Caller is responsible for 
-destroing returend object with <a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY"><span class="TYPE">xmlSecKeyDataDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYSIZE"></a><h3>xmlSecKeyDataBinarySize</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataBinarySize</pre>
+<p>The binary key data object size.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATABINARYVALUEBINREAD"></a><h3>xmlSecKeyDataBinaryValueBinRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueBinRead     (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads binary key data of the klass <code class="PARAMETER">id</code> from <code class="PARAMETER">buf</code> to the <code class="PARAMETER">key</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6808"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8373"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6813"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated key data structure
-or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8378"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8383"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source binary buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8388"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source binary buffer size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8393"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8399"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADESTROY"></a><h3>xmlSecKeyDataDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataDestroy                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Destroys the data and frees all allocated memory.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN6828"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the key data.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAGENERATE"></a><h3>xmlSecKeyDataGenerate ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataGenerate               (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Generates new key data of given size and type.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEBINWRITE"></a><h3>xmlSecKeyDataBinaryValueBinWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueBinWrite    (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> **buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *bufSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Writes binary key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> to <code class="PARAMETER">buf</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6845"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8431"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8436"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6850"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the desired key data size (in bits).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8441"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6855"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8446"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination binary buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6860"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8451"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8457"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETTYPE"></a><h3>xmlSecKeyDataGetType ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   xmlSecKeyDataGetType                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets key data type.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEDEBUGDUMP"></a><h3>xmlSecKeyDataBinaryValueDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataBinaryValueDebugDump   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary key data debug information to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6875"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8478"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6880"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8483"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETSIZE"></a><h3>xmlSecKeyDataGetSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecKeyDataGetSize                (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets key data size.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEDEBUGXMLDUMP"></a><h3>xmlSecKeyDataBinaryValueDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataBinaryValueDebugXmlDump
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary key data debug information to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6895"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8504"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6900"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data size (in bits).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8509"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETIDENTIFIER"></a><h3>xmlSecKeyDataGetIdentifier ()</h3>
-<pre class="PROGRAMLISTING">const <font>xmlChar</font>*      xmlSecKeyDataGetIdentifier          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets key data identifier string.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEDUPLICATE"></a><h3>xmlSecKeyDataBinaryValueDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueDuplicate   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);</pre>
+<p>Copies binary key data from <code class="PARAMETER">src</code> to <code class="PARAMETER">dst</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6915"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8531"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6920"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data id string.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8536"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source binary key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8541"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADEBUGDUMP"></a><h3>xmlSecKeyDataDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataDebugDump              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints key data debug info.</p>
+<a name="XMLSECKEYDATABINARYVALUEFINALIZE"></a><h3>xmlSecKeyDataBinaryValueFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataBinaryValueFinalize    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Cleans up binary key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN8558"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATABINARYVALUEGETBUFFER"></a><h3>xmlSecKeyDataBinaryValueGetBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink>     xmlSecKeyDataBinaryValueGetBuffer   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the binary key data buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6936"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8575"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6941"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8580"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to binary key data buffer.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADEBUGXMLDUMP"></a><h3>xmlSecKeyDataDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataDebugXmlDump           (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints key data debug info in XML format.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEGETSIZE"></a><h3>xmlSecKeyDataBinaryValueGetSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecKeyDataBinaryValueGetSize     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the binary key data size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6957"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8597"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6962"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8602"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>binary key data size in bits.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAXMLREAD"></a><h3>xmlSecKeyDataXmlRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataXmlRead                (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads the key data of klass <code class="PARAMETER">id</code> from XML <code class="PARAMETER">node</code> and adds them to <code class="PARAMETER">key</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEINITIALIZE"></a><h3>xmlSecKeyDataBinaryValueInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueInitialize  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Initializes key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6983"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8619"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8624"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATABINARYVALUESETBUFFER"></a><h3>xmlSecKeyDataBinaryValueSetBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueSetBuffer   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of <code class="PARAMETER">data</code> to <code class="PARAMETER">buf</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6988"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the destination key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8649"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6993"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8654"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN6998"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8659"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7004"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8664"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAXMLWRITE"></a><h3>xmlSecKeyDataXmlWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataXmlWrite               (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Writes the key data of klass <code class="PARAMETER">id</code> from <code class="PARAMETER">key</code> to an XML <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEXMLREAD"></a><h3>xmlSecKeyDataBinaryValueXmlRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueXmlRead     (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads binary key data from <code class="PARAMETER">node</code> to the key by base64 decoding the <code class="PARAMETER">node</code> content.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7025"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8692"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7030"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the source key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8697"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7035"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8702"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7040"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8707"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7046"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8713"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINREAD"></a><h3>xmlSecKeyDataBinRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinRead                (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads the key data of klass <code class="PARAMETER">id</code> from binary buffer <code class="PARAMETER">buf</code> to <code class="PARAMETER">key</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATABINARYVALUEXMLWRITE"></a><h3>xmlSecKeyDataBinaryValueXmlWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataBinaryValueXmlWrite    (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Base64 encodes binary key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> and
+sets to the <code class="PARAMETER">node</code> content.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7068"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7073"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the destination key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8742"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7078"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input binary buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8747"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7083"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8752"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7088"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8757"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7094"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8763"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINWRITE"></a><h3>xmlSecKeyDataBinWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinWrite               (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Writes the key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> to a binary buffer <code class="PARAMETER">buf</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATACHECKID"></a><h3>xmlSecKeyDataCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckId(data, dataId)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">data</code>'s id is equal to <code class="PARAMETER">dataId</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7116"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8778"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7121"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the source key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7126"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output binary buffer.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7131"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8783"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data Id.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATACHECKSIZE"></a><h3>xmlSecKeyDataCheckSize()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckSize(data, size)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">data</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7136"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8798"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7142"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8803"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETNAME"></a><h3>xmlSecKeyDataGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataGetName(data)</pre>
-<p>Macro. Returns the key data name.</p>
-<p></p>
+<a name="XMLSECKEYDATACHECKUSAGE"></a><h3>xmlSecKeyDataCheckUsage()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckUsage(data, usg)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and could be used for <code class="PARAMETER">usg</code>.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7155"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8817"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8822"><span style="white-space: nowrap"><code class="PARAMETER">usg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data usage.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAISVALID"></a><h3>xmlSecKeyDataIsValid()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataIsValid(data)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is not NULL and <code class="PARAMETER">data</code>-&gt;id is not NULL
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECKEYDATACREATE"></a><h3>xmlSecKeyDataCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecKeyDataCreate                 (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>);</pre>
+<p>Allocates and initializes new key data of the specified type <code class="PARAMETER">id</code>.
+Caller is responsible for destroying returned object with
+<a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY"><span class="TYPE">xmlSecKeyDataDestroy</span></a> function.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7170"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8842"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN8847"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated key data structure
+or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATACHECKID"></a><h3>xmlSecKeyDataCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckId(data, dataId)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">data</code>'s id is equal to <code class="PARAMETER">dataId</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATADEBUGDUMP"></a><h3>xmlSecKeyDataDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataDebugDump              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints key data debug info.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7186"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8867"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7191"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data Id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8872"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATACHECKUSAGE"></a><h3>xmlSecKeyDataCheckUsage()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckUsage(data, usg)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and could be used for <code class="PARAMETER">usg</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATADEBUGDUMPMETHOD"></a><h3>xmlSecKeyDataDebugDumpMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecKeyDataDebugDumpMethod)     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Key data specific method for printing debug info.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7206"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8892"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7211"><span style="white-space: nowrap"><code class="PARAMETER">usg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8897"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the FILE to print debug info (should be open for writing).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATACHECKSIZE"></a><h3>xmlSecKeyDataCheckSize()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataCheckSize(data, size)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">data</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
-<p></p>
+<a name="XMLSECKEYDATADEBUGXMLDUMP"></a><h3>xmlSecKeyDataDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataDebugXmlDump           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints key data debug info in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7227"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8917"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7232"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the expected size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8922"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAIDUNKNOWN"></a><h3>xmlSecKeyDataIdUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataIdUnknown 			((xmlSecKeyDataId)NULL)</pre>
-<p>The "unknown" id.</p>
+<a name="XMLSECKEYDATADESTROY"></a><h3>xmlSecKeyDataDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataDestroy                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Destroys the data and frees all allocated memory.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN8939"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the key data.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAINITMETHOD"></a><h3>xmlSecKeyDataInitMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataInitMethod)          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Key data specific initialization method.</p>
-<p></p>
+<a name="XMLSECKEYDATADUPLICATE"></a><h3>xmlSecKeyDataDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAPTR"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></gtkdoclink>    xmlSecKeyDataDuplicate              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Creates a duplicate of the given <code class="PARAMETER">data</code>. Caller is responsible for
+destroying returned object with <a href="xmlsec-keysdata.html#XMLSECKEYDATADESTROY"><span class="TYPE">xmlSecKeyDataDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7254"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8959"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7259"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8964"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated key data structure
+or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATADUPLICATEMETHOD"></a><h3>xmlSecKeyDataDuplicateMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataDuplicateMethod)     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataDuplicateMethod)     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);</pre>
 <p>Key data specific duplication (copy) method.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7275"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to destination key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8984"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7280"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the poiniter to source key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8989"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poiniter to source key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7285"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN8994"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAFINALIZEMETHOD"></a><h3>xmlSecKeyDataFinalizeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecKeyDataFinalizeMethod)      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecKeyDataFinalizeMethod)      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Key data specific finalization method. All the objects and resources allocated
 by the key data object must be freed inside this method.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7300"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9011"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAXMLREADMETHOD"></a><h3>xmlSecKeyDataXmlReadMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataXmlReadMethod)       (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Key data specific method for reading XML node.</p>
-<p></p>
+<a name="XMLSECKEYDATAFORMAT"></a><h3>enum xmlSecKeyDataFormat</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecKeyDataFormatUnknown = 0,
+    xmlSecKeyDataFormatBinary,
+    xmlSecKeyDataFormatPem,
+    xmlSecKeyDataFormatDer,
+    xmlSecKeyDataFormatPkcs8Pem,
+    xmlSecKeyDataFormatPkcs8Der,
+    xmlSecKeyDataFormatPkcs12,
+    xmlSecKeyDataFormatCertPem,
+    xmlSecKeyDataFormatCertDer
+} xmlSecKeyDataFormat;</pre>
+<p>The key data format (binary, der, pem, etc.).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7318"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7323"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATUNKNOWN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatUnknown</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data format is unknown.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7328"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data's value XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATBINARY"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatBinary</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7333"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPem</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the PEM key data (cert or public/private key).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7339"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATDER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatDer</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the DER key data (cert or public/private key).</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAXMLWRITEMETHOD"></a><h3>xmlSecKeyDataXmlWriteMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataXmlWriteMethod)      (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Key data specific method for writing XML node.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7357"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS8PEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs8Pem</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS8 PEM private key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7362"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS8DER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs8Der</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS8 DER private key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7367"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to data's value XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATPKCS12"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatPkcs12</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 format (bag of keys and certs)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7372"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the &lt;dsig:KeyInfo&gt; node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATCERTPEM"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatCertPem</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the PEM cert.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7377"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECKEYDATAFORMATCERTDER"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecKeyDataFormatCertDer</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the DER cert.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINREADMETHOD"></a><h3>xmlSecKeyDataBinReadMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataBinReadMethod)       (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Key data specific method for reading binary buffer.</p>
-<p></p>
+<a name="XMLSECKEYDATAGENERATE"></a><h3>xmlSecKeyDataGenerate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataGenerate               (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Generates new key data of given size and type.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7396"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9086"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7401"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9091"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data size (in bits).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7406"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9096"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7411"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the buffer size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7416"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7422"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9101"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINWRITEMETHOD"></a><h3>xmlSecKeyDataBinWriteMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataBinWriteMethod)      (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Key data specific method for reading binary buffer.</p>
-<p></p>
+<a name="XMLSECKEYDATAGENERATEMETHOD"></a><h3>xmlSecKeyDataGenerateMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataGenerateMethod)      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> sizeBits</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Key data specific method for generating new key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7441"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data id.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7446"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7451"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9124"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7456"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9129"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data specific size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7461"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9134"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the required key type (session/permanent, etc.)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7467"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9139"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGENERATEMETHOD"></a><h3>xmlSecKeyDataGenerateMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataGenerateMethod)      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> sizeBits,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Key data specific method for generating new key data.</p>
-<p></p>
+<a name="XMLSECKEYDATAGETIDENTIFIER"></a><h3>xmlSecKeyDataGetIdentifier ()</h3>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     xmlSecKeyDataGetIdentifier          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets key data identifier string.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7484"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9156"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7489"><span style="white-space: nowrap"><code class="PARAMETER">sizeBits</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key data specific size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9161"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data id string.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAGETIDENTIFIERMETHOD"></a><h3>xmlSecKeyDataGetIdentifierMethod ()</h3>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     (*xmlSecKeyDataGetIdentifierMethod) (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Key data specific method to get the key data identifier string (for example,
+X509 data identifier is the subject of the verified cert).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7494"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the required key type (session/permanent, etc.)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9178"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7499"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9183"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the identifier string or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETTYPEMETHOD"></a><h3>xmlSecKeyDataGetTypeMethod ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a>   (*xmlSecKeyDataGetTypeMethod)       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Key data specific method to get the key type.</p>
+<a name="XMLSECKEYDATAGETNAME"></a><h3>xmlSecKeyDataGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataGetName(data)</pre>
+<p>Macro. Returns the key data name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9195"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAGETSIZE"></a><h3>xmlSecKeyDataGetSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecKeyDataGetSize                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets key data size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7514"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		 the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9212"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7519"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9217"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data size (in bits).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAGETSIZEMETHOD"></a><h3>xmlSecKeyDataGetSizeMethod ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          (*xmlSecKeyDataGetSizeMethod)       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          (*xmlSecKeyDataGetSizeMethod)       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Key data specific method to get the key size.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7534"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9234"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7539"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key size in bits.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9239"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key size in bits.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAGETIDENTIFIERMETHOD"></a><h3>xmlSecKeyDataGetIdentifierMethod ()</h3>
-<pre class="PROGRAMLISTING">const <font>xmlChar</font> *     (*xmlSecKeyDataGetIdentifierMethod) (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Key data specific method to get the key data identifier string (for example,
-X509 data identifier is the subject of the verified cert).</p>
-<p></p>
+<a name="XMLSECKEYDATAGETTYPE"></a><h3>xmlSecKeyDataGetType ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   xmlSecKeyDataGetType                (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets key data type.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7554"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9256"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7559"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the identifier string or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9261"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data type.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATADEBUGDUMPMETHOD"></a><h3>xmlSecKeyDataDebugDumpMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecKeyDataDebugDumpMethod)     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);</pre>
-<p>Key data specific method for printing debug info.</p>
-<p></p>
+<a name="XMLSECKEYDATAGETTYPEMETHOD"></a><h3>xmlSecKeyDataGetTypeMethod ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="RETURNVALUE">xmlSecKeyDataType</span></a>   (*xmlSecKeyDataGetTypeMethod)       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Key data specific method to get the key type.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7575"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9278"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7580"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the FILE to print debug info (should be open for writing).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9283"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key type.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAKLASS"></a><h3>struct xmlSecKeyDataKlass</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyDataKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
-
-    /* data */
-    const xmlChar*			name;    
-    xmlSecKeyDataUsage			usage;
-    const xmlChar*			href;
-    const xmlChar*			dataNodeName;
-    const xmlChar*			dataNodeNs;
-    
-    /* constructors/destructor */
-    xmlSecKeyDataInitMethod		initialize;
-    xmlSecKeyDataDuplicateMethod	duplicate;
-    xmlSecKeyDataFinalizeMethod		finalize;
-    xmlSecKeyDataGenerateMethod		generate;
-    
-    /* get info */
-    xmlSecKeyDataGetTypeMethod		getType;
-    xmlSecKeyDataGetSizeMethod		getSize;
-    xmlSecKeyDataGetIdentifierMethod	getIdentifier;
-
-    /* read/write */
-    xmlSecKeyDataXmlReadMethod		xmlRead;
-    xmlSecKeyDataXmlWriteMethod		xmlWrite;
-    xmlSecKeyDataBinReadMethod		binRead;
-    xmlSecKeyDataBinWriteMethod		binWrite;
-
-    /* debug */
-    xmlSecKeyDataDebugDumpMethod	debugDump;
-    xmlSecKeyDataDebugDumpMethod	debugXmlDump;
-
-    /* for the future */
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The data id (klass).</p>
-<p></p>
+<a name="XMLSECKEYDATAIDLISTDEBUGDUMP"></a><h3>xmlSecKeyDataIdListDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataIdListDebugDump        (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary key data debug information to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7593"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the klass size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7599"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the object size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7605"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the object name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7611"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the allowed data usage.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7617"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">href</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the identification string (href).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7623"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">dataNodeName</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the data's XML node name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7629"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">dataNodeNs</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data's XML node namespace.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7635"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAINITMETHOD">xmlSecKeyDataInitMethod</a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the initialization method.  </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7641"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATEMETHOD">xmlSecKeyDataDuplicateMethod</a> <code class="STRUCTFIELD">duplicate</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the duplicate (copy) method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9304"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7647"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFINALIZEMETHOD">xmlSecKeyDataFinalizeMethod</a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the finalization (destroy) method.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7653"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATEMETHOD">xmlSecKeyDataGenerateMethod</a> <code class="STRUCTFIELD">generate</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the new data generation method.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7659"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPEMETHOD">xmlSecKeyDataGetTypeMethod</a> <code class="STRUCTFIELD">getType</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method to access data's type information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7665"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZEMETHOD">xmlSecKeyDataGetSizeMethod</a> <code class="STRUCTFIELD">getSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method to access data's size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7671"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIERMETHOD">xmlSecKeyDataGetIdentifierMethod</a> <code class="STRUCTFIELD">getIdentifier</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the method to access data's string identifier.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7677"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREADMETHOD">xmlSecKeyDataXmlReadMethod</a> <code class="STRUCTFIELD">xmlRead</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method for reading data from XML node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7683"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITEMETHOD">xmlSecKeyDataXmlWriteMethod</a> <code class="STRUCTFIELD">xmlWrite</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method for writing data to XML node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7689"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATABINREADMETHOD">xmlSecKeyDataBinReadMethod</a> <code class="STRUCTFIELD">binRead</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method for reading data from a binary buffer.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7695"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITEMETHOD">xmlSecKeyDataBinWriteMethod</a> <code class="STRUCTFIELD">binWrite</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the method for writing data to binary buffer.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7701"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD">xmlSecKeyDataDebugDumpMethod</a> <code class="STRUCTFIELD">debugDump</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the method for printing debug data information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7707"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD">xmlSecKeyDataDebugDumpMethod</a> <code class="STRUCTFIELD">debugXmlDump</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the method for printing debug data information in XML format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7713"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7719"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9309"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAKLASSGETNAME"></a><h3>xmlSecKeyDataKlassGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataKlassGetName(klass)</pre>
-<p>Macro. Returns data klass name.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7733"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATALISTID"></a><h3>xmlSecKeyDataListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataListId	xmlSecKeyDataListGetKlass()</pre>
-<p>The key data klasses list klass id.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATALISTGETKLASS"></a><h3>xmlSecKeyDataListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecKeyDataListGetKlass           (void);</pre>
-<p>The key data list klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7754"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key data list klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTID"></a><h3>xmlSecKeyDataIdListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataIdListId	xmlSecKeyDataIdListGetKlass()</pre>
-<p>The key data list klass id.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTGETKLASS"></a><h3>xmlSecKeyDataIdListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecKeyDataIdListGetKlass         (void);</pre>
-<p>The key data id list klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN7775"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key data id list klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTFIND"></a><h3>xmlSecKeyDataIdListFind ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataIdListFind             (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecKeyDataId</font> dataId);</pre>
-<p>Lookups <code class="PARAMETER">dataId</code> in <code class="PARAMETER">list</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATAIDLISTDEBUGXMLDUMP"></a><h3>xmlSecKeyDataIdListDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataIdListDebugXmlDump     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary key data debug information to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7793"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9330"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7798"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7803"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if <code class="PARAMETER">dataId</code> is found in the <code class="PARAMETER">list</code>, 0 if not and a negative
-value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9335"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTFINDBYNODE"></a><h3>xmlSecKeyDataIdListFindByNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataIdListFindByNode       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);</pre>
-<p>Lookups data klass in the list with given <code class="PARAMETER">nodeName</code>, <code class="PARAMETER">nodeNs</code> and 
-<code class="PARAMETER">usage</code> in the <code class="PARAMETER">list</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATAIDLISTFIND"></a><h3>xmlSecKeyDataIdListFind ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataIdListFind             (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> dataId</code>);</pre>
+<p>Lookups <code class="PARAMETER">dataId</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7827"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7832"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data klass XML node name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN7837"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data klass XML node namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9357"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7842"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9362"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7847"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data klass is found and NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9367"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if <code class="PARAMETER">dataId</code> is found in the <code class="PARAMETER">list</code>, 0 if not and a negative
+value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAIDLISTFINDBYHREF"></a><h3>xmlSecKeyDataIdListFindByHref ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataIdListFindByHref       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *href,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataIdListFindByHref       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);</pre>
 <p>Lookups data klass in the list with given <code class="PARAMETER">href</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7867"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9395"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7872"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data klass href.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9400"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data klass href.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7877"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9405"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7882"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data klass is found and NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9410"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data klass is found and NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATAIDLISTFINDBYNAME"></a><h3>xmlSecKeyDataIdListFindByName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecKeyDataIdListFindByName       (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE">xmlSecKeyDataUsage</a> usage);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataIdListFindByName       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);</pre>
 <p>Lookups data klass in the list with given <code class="PARAMETER">name</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7902"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9436"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7907"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data klass name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9441"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data klass name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7912"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key data usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9446"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7917"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data klass is found and NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9451"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data klass is found and NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTDEBUGDUMP"></a><h3>xmlSecKeyDataIdListDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataIdListDebugDump        (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary key data debug information to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATAIDLISTFINDBYNODE"></a><h3>xmlSecKeyDataIdListFindByNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecKeyDataIdListFindByNode       (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> usage</code>);</pre>
+<p>Lookups data klass in the list with given <code class="PARAMETER">nodeName</code>, <code class="PARAMETER">nodeNs</code> and
+<code class="PARAMETER">usage</code> in the <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7934"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9481"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7939"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9486"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data klass XML node name.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATAIDLISTDEBUGXMLDUMP"></a><h3>xmlSecKeyDataIdListDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataIdListDebugXmlDump     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary key data debug information to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7956"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key data ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9491"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data klass XML node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7961"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9496"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key data usage.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN9501"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data klass is found and NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYSIZE"></a><h3>xmlSecKeyDataBinarySize</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataBinarySize</pre>
-<p>The binary key data object size.</p>
+<a name="XMLSECKEYDATAIDLISTGETKLASS"></a><h3>xmlSecKeyDataIdListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecKeyDataIdListGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The key data id list klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9517"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key data id list klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEINITIALIZE"></a><h3>xmlSecKeyDataBinaryValueInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueInitialize  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Initializes key data.</p>
+<a name="XMLSECKEYDATAIDLISTID"></a><h3>xmlSecKeyDataIdListId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataIdListId   xmlSecKeyDataIdListGetKlass()</pre>
+<p>The key data list klass id.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAIDUNKNOWN"></a><h3>xmlSecKeyDataIdUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataIdUnknown                  ((xmlSecKeyDataId)NULL)</pre>
+<p>The "unknown" id.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAIDSGET"></a><h3>xmlSecKeyDataIdsGet ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    xmlSecKeyDataIdsGet                 (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets global registered key data klasses list.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9545"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list of all registered key data klasses.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAIDSINIT"></a><h3>xmlSecKeyDataIdsInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataIdsInit                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Initializes the key data klasses. This function is called from the
+<a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function and the application should not call it directly.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9563"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAIDSREGISTER"></a><h3>xmlSecKeyDataIdsRegister ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataIdsRegister            (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>);</pre>
+<p>Registers <code class="PARAMETER">id</code> in the global list of key data klasses.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7983"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9581"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN7988"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9586"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEDUPLICATE"></a><h3>xmlSecKeyDataBinaryValueDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueDuplicate   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);</pre>
-<p>Copies binary key data from <code class="PARAMETER">src</code> to <code class="PARAMETER">dst</code>.</p>
+<a name="XMLSECKEYDATAIDSREGISTERDEFAULT"></a><h3>xmlSecKeyDataIdsRegisterDefault ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataIdsRegisterDefault     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Registers default (implemented by XML Security Library)
+key data klasses: <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> element processing klass,
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> element processing klass, ...</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9604"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAIDSSHUTDOWN"></a><h3>xmlSecKeyDataIdsShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataIdsShutdown            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Shuts down the keys data klasses. This function is called from the
+<a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function and the application should not call it directly.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAINITMETHOD"></a><h3>xmlSecKeyDataInitMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataInitMethod)          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Key data specific initialization method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8006"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to destination binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9633"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8011"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to source binary key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8016"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9638"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEFINALIZE"></a><h3>xmlSecKeyDataBinaryValueFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataBinaryValueFinalize    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Cleans up binary key data.</p>
-<p></p>
+<a name="XMLSECKEYDATAISVALID"></a><h3>xmlSecKeyDataIsValid()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataIsValid(data)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is not NULL and <code class="PARAMETER">data</code>-&gt;id is not NULL
+or 0 otherwise.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8031"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9652"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEXMLREAD"></a><h3>xmlSecKeyDataBinaryValueXmlRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueXmlRead     (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads binary key data from <code class="PARAMETER">node</code> to the key by base64 decoding the <code class="PARAMETER">node</code> content.</p>
-<p></p>
+<a name="XMLSECKEYDATAKLASS"></a><h3>struct xmlSecKeyDataKlass</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyDataKlass {
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
+
+    /* data */
+    const xmlChar*                      name;
+    xmlSecKeyDataUsage                  usage;
+    const xmlChar*                      href;
+    const xmlChar*                      dataNodeName;
+    const xmlChar*                      dataNodeNs;
+
+    /* constructors/destructor */
+    xmlSecKeyDataInitMethod             initialize;
+    xmlSecKeyDataDuplicateMethod        duplicate;
+    xmlSecKeyDataFinalizeMethod         finalize;
+    xmlSecKeyDataGenerateMethod         generate;
+
+    /* get info */
+    xmlSecKeyDataGetTypeMethod          getType;
+    xmlSecKeyDataGetSizeMethod          getSize;
+    xmlSecKeyDataGetIdentifierMethod    getIdentifier;
+
+    /* read/write */
+    xmlSecKeyDataXmlReadMethod          xmlRead;
+    xmlSecKeyDataXmlWriteMethod         xmlWrite;
+    xmlSecKeyDataBinReadMethod          binRead;
+    xmlSecKeyDataBinWriteMethod         binWrite;
+
+    /* debug */
+    xmlSecKeyDataDebugDumpMethod        debugDump;
+    xmlSecKeyDataDebugDumpMethod        debugXmlDump;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The data id (klass).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8051"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9664"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the klass size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8056"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9671"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the object size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8061"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9678"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the object name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8066"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9685"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAUSAGE"><span class="TYPE">xmlSecKeyDataUsage</span></a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the allowed data usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8072"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9692"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">href</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the identification string (href).</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEXMLWRITE"></a><h3>xmlSecKeyDataBinaryValueXmlWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueXmlWrite    (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Base64 encodes binary key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> and 
-sets to the <code class="PARAMETER">node</code> content.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8093"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9699"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">dataNodeName</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data's XML node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8098"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9706"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">dataNodeNs</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data's XML node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8103"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9713"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAINITMETHOD"><span class="TYPE">xmlSecKeyDataInitMethod</span></a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the initialization method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8108"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9720"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADUPLICATEMETHOD"><span class="TYPE">xmlSecKeyDataDuplicateMethod</span></a> <code class="STRUCTFIELD">duplicate</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the duplicate (copy) method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9727"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFINALIZEMETHOD"><span class="TYPE">xmlSecKeyDataFinalizeMethod</span></a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the finalization (destroy) method.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEBINREAD"></a><h3>xmlSecKeyDataBinaryValueBinRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueBinRead     (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads binary key data of the klass <code class="PARAMETER">id</code> from <code class="PARAMETER">buf</code> to the <code class="PARAMETER">key</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8136"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9734"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGENERATEMETHOD"><span class="TYPE">xmlSecKeyDataGenerateMethod</span></a> <code class="STRUCTFIELD">generate</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new data generation method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8141"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9741"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETTYPEMETHOD"><span class="TYPE">xmlSecKeyDataGetTypeMethod</span></a> <code class="STRUCTFIELD">getType</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method to access data's type information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8146"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the source binary buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9748"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETSIZEMETHOD"><span class="TYPE">xmlSecKeyDataGetSizeMethod</span></a> <code class="STRUCTFIELD">getSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method to access data's size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8151"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the source binary buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9755"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAGETIDENTIFIERMETHOD"><span class="TYPE">xmlSecKeyDataGetIdentifierMethod</span></a> <code class="STRUCTFIELD">getIdentifier</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method to access data's string identifier.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8156"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9762"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLREADMETHOD"><span class="TYPE">xmlSecKeyDataXmlReadMethod</span></a> <code class="STRUCTFIELD">xmlRead</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for reading data from XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8162"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9769"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATAXMLWRITEMETHOD"><span class="TYPE">xmlSecKeyDataXmlWriteMethod</span></a> <code class="STRUCTFIELD">xmlWrite</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for writing data to XML node.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEBINWRITE"></a><h3>xmlSecKeyDataBinaryValueBinWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueBinWrite    (<font>xmlSecKeyDataId</font> id,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> **buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *bufSize,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Writes binary key data of klass <code class="PARAMETER">id</code> from the <code class="PARAMETER">key</code> to <code class="PARAMETER">buf</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8184"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9776"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATABINREADMETHOD"><span class="TYPE">xmlSecKeyDataBinReadMethod</span></a> <code class="STRUCTFIELD">binRead</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for reading data from a binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8189"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9783"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATABINWRITEMETHOD"><span class="TYPE">xmlSecKeyDataBinWriteMethod</span></a> <code class="STRUCTFIELD">binWrite</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for writing data to binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8194"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination binary buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9790"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD"><span class="TYPE">xmlSecKeyDataDebugDumpMethod</span></a> <code class="STRUCTFIELD">debugDump</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for printing debug data information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8199"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination binary buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9797"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATADEBUGDUMPMETHOD"><span class="TYPE">xmlSecKeyDataDebugDumpMethod</span></a> <code class="STRUCTFIELD">debugXmlDump</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the method for printing debug data information in XML format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8204"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9804"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8210"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9811"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEDEBUGDUMP"></a><h3>xmlSecKeyDataBinaryValueDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataBinaryValueDebugDump   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary key data debug information to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATAKLASSGETNAME"></a><h3>xmlSecKeyDataKlassGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataKlassGetName(klass)</pre>
+<p>Macro. Returns data klass name.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8227"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8232"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9825"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEDEBUGXMLDUMP"></a><h3>xmlSecKeyDataBinaryValueDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataBinaryValueDebugXmlDump
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary key data debug information to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECKEYDATALISTGETKLASS"></a><h3>xmlSecKeyDataListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecKeyDataListGetKlass           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The key data list klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8249"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8254"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN9841"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key data list klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEGETSIZE"></a><h3>xmlSecKeyDataBinaryValueGetSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecKeyDataBinaryValueGetSize     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the binary key data size.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8269"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8274"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> binary key data size in bits.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECKEYDATALISTID"></a><h3>xmlSecKeyDataListId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataListId     xmlSecKeyDataListGetKlass()</pre>
+<p>The key data klasses list klass id.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUEGETBUFFER"></a><h3>xmlSecKeyDataBinaryValueGetBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBufferPtr</font>     xmlSecKeyDataBinaryValueGetBuffer   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the binary key data buffer.</p>
-<p></p>
+<a name="XMLSECKEYDATASTORE"></a><h3>struct xmlSecKeyDataStore</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyDataStore {
+    xmlSecKeyDataStoreId                id;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The key data store. Key data store holds common key data specific information
+required for key data processing. For example, X509 data store may hold
+information about trusted (root) certificates.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8289"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9859"><span style="white-space: nowrap"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink> <code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store id (<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink>).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN9868"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8294"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to binary key data buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9875"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATABINARYVALUESETBUFFER"></a><h3>xmlSecKeyDataBinaryValueSetBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeyDataBinaryValueSetBuffer   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of <code class="PARAMETER">data</code> to <code class="PARAMETER">buf</code>.</p>
-<p></p>
+<a name="XMLSECKEYDATASTORECHECKID"></a><h3>xmlSecKeyDataStoreCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreCheckId(store, storeId)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">store</code>'s id is equal to <code class="PARAMETER">storeId</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8313"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9892"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8318"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to binary buffer.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8323"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary buffer size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8328"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9897"><span style="white-space: nowrap"><code class="PARAMETER">storeId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store Id.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTORE"></a><h3>struct xmlSecKeyDataStore</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyDataStore {
-    xmlSecKeyDataStoreId		id;
-
-    /* for the future */
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The key data store. Key data store holds common key data specific information
-required for key data processing. For example, X509 data store may hold 
-information about trusted (root) certificates.</p>
-<p></p>
+<a name="XMLSECKEYDATASTORECHECKSIZE"></a><h3>xmlSecKeyDataStoreCheckSize()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreCheckSize(store, size)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">stores</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8341"><span style="white-space: nowrap"><font>xmlSecKeyDataStoreId</font> <code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store id (<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink>).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8349"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9912"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8355"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9917"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATASTORECREATE"></a><h3>xmlSecKeyDataStoreCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a>  xmlSecKeyDataStoreCreate         (<font>xmlSecKeyDataStoreId</font> id);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="RETURNVALUE">xmlSecKeyDataStorePtr</span></a> xmlSecKeyDataStoreCreate          (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink> id</code>);</pre>
 <p>Creates new key data store of the specified klass <code class="PARAMETER">id</code>. Caller is responsible
-for freeng returned object with <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREDESTROY"><span class="TYPE">xmlSecKeyDataStoreDestroy</span></a> function.</p>
-<p></p>
+for freeing returned object with <a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREDESTROY"><span class="TYPE">xmlSecKeyDataStoreDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8374"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9937"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store id.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8379"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated key data store structure
+<td align="LEFT" valign="TOP"><a name="AEN9942"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated key data store structure
 or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -1959,164 +1648,121 @@ or NULL if an error occurs.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATASTOREDESTROY"></a><h3>xmlSecKeyDataStoreDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyDataStoreDestroy           (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyDataStoreDestroy           (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);</pre>
 <p>Destroys the key data store created with <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORECREATE"><span class="TYPE">xmlSecKeyDataStoreCreate</span></a>
 function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8396"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the key data store..</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9961"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the key data store..</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTOREGETNAME"></a><h3>xmlSecKeyDataStoreGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreGetName(store)</pre>
-<p>Macro. Returns key data store name.</p>
-<p></p>
+<a name="XMLSECKEYDATASTOREFINALIZEMETHOD"></a><h3>xmlSecKeyDataStoreFinalizeMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecKeyDataStoreFinalizeMethod) (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);</pre>
+<p>Key data store specific finalization (destroy) method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8409"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9978"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data store.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTOREISVALID"></a><h3>xmlSecKeyDataStoreIsValid()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreIsValid(store)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is not NULL and <code class="PARAMETER">store</code>-&gt;id is not NULL
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECKEYDATASTOREGETNAME"></a><h3>xmlSecKeyDataStoreGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreGetName(store)</pre>
+<p>Macro. Returns key data store name.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8424"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN9990"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTORECHECKID"></a><h3>xmlSecKeyDataStoreCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreCheckId(store, storeId)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">store</code>'s id is equal to <code class="PARAMETER">storeId</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8440"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8445"><span style="white-space: nowrap"><code class="PARAMETER">storeId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store Id.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYDATASTORECHECKSIZE"></a><h3>xmlSecKeyDataStoreCheckSize()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreCheckSize(store, size)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">data</code> is valid and <code class="PARAMETER">stores</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8461"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN8466"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the expected size.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECKEYDATASTOREIDUNKNOWN"></a><h3>xmlSecKeyDataStoreIdUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataStoreIdUnknown 			NULL</pre>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataStoreIdUnknown                     NULL</pre>
 <p>The "unknown" id.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATASTOREINITIALIZEMETHOD"></a><h3>xmlSecKeyDataStoreInitializeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyDataStoreInitializeMethod)
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataStoreInitializeMethod)
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);</pre>
 <p>Key data store specific initialization method.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8488"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10013"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8493"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10018"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTOREFINALIZEMETHOD"></a><h3>xmlSecKeyDataStoreFinalizeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecKeyDataStoreFinalizeMethod) (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);</pre>
-<p>Key data store specific finalization (destroy) method.</p>
-<p></p>
+<a name="XMLSECKEYDATASTOREISVALID"></a><h3>xmlSecKeyDataStoreIsValid()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreIsValid(store)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is not NULL and <code class="PARAMETER">store</code>-&gt;id is not NULL
+or 0 otherwise.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8508"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the data store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10032"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATASTOREKLASS"></a><h3>struct xmlSecKeyDataStoreKlass</h3>
 <pre class="PROGRAMLISTING">struct xmlSecKeyDataStoreKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
 
     /* data */
-    const xmlChar*			name;    
-        
+    const xmlChar*                      name;
+
     /* constructors/destructor */
-    xmlSecKeyDataStoreInitializeMethod	initialize;
-    xmlSecKeyDataStoreFinalizeMethod	finalize;
+    xmlSecKeyDataStoreInitializeMethod  initialize;
+    xmlSecKeyDataStoreFinalizeMethod    finalize;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };</pre>
 <p>The data store id (klass).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8521"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data store klass size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10044"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data store klass size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8527"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data store obj size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10051"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data store obj size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8533"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10058"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8539"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREINITIALIZEMETHOD">xmlSecKeyDataStoreInitializeMethod</a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's initialization method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10065"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREINITIALIZEMETHOD"><span class="TYPE">xmlSecKeyDataStoreInitializeMethod</span></a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's initialization method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8545"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREFINALIZEMETHOD">xmlSecKeyDataStoreFinalizeMethod</a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's finalization (destroy) method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10072"><span style="white-space: nowrap"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTOREFINALIZEMETHOD"><span class="TYPE">xmlSecKeyDataStoreFinalizeMethod</span></a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's finalization (destroy) method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8551"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10079"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN8557"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10086"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
@@ -2126,30 +1772,290 @@ or 0 otherwise.</p>
 <pre class="PROGRAMLISTING">#define             xmlSecKeyDataStoreKlassGetName(klass)</pre>
 <p>Macro. Returns store klass name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN10100"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATASTOREPTRLISTGETKLASS"></a><h3>xmlSecKeyDataStorePtrListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecKeyDataStorePtrListGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Key data stores list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8571"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN10116"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>key data stores list klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECKEYDATASTOREPTRLISTID"></a><h3>xmlSecKeyDataStorePtrListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyDataStorePtrListId	xmlSecKeyDataStorePtrListGetKlass()</pre>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataStorePtrListId     xmlSecKeyDataStorePtrListGetKlass()</pre>
 <p>The data store list id (klass).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPE"></a><h3>xmlSecKeyDataType</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                            xmlSecKeyDataType;</pre>
+<p>The key data type (public/private, session/permanet, etc.).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPEANY"></a><h3>xmlSecKeyDataTypeAny</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeAny                            0xFFFF</pre>
+<p>Any key data.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPENONE"></a><h3>xmlSecKeyDataTypeNone</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeNone                           xmlSecKeyDataTypeUnknown</pre>
+<p>The key data type is unknown (same as <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPEUNKNOWN"><span class="TYPE">xmlSecKeyDataTypeUnknown</span></a>).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPEPERMANENT"></a><h3>xmlSecKeyDataTypePermanent</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePermanent                      0x0010</pre>
+<p>The key data contain permanent key (stored in keys manager).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPEPRIVATE"></a><h3>xmlSecKeyDataTypePrivate</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePrivate                        0x0002</pre>
+<p>The key data contain a private key.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPEPUBLIC"></a><h3>xmlSecKeyDataTypePublic</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypePublic                         0x0001</pre>
+<p>The key data contain a public key.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPESESSION"></a><h3>xmlSecKeyDataTypeSession</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeSession                        0x0008</pre>
+<p>The key data contain session key (one time key, not stored in keys manager).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPESYMMETRIC"></a><h3>xmlSecKeyDataTypeSymmetric</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeSymmetric                      0x0004</pre>
+<p>The key data contain a symmetric key.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPETRUSTED"></a><h3>xmlSecKeyDataTypeTrusted</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeTrusted                        0x0100</pre>
+<p>The key data is trusted.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATATYPEUNKNOWN"></a><h3>xmlSecKeyDataTypeUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataTypeUnknown                        0x0000</pre>
+<p>The key data type is unknown (same as <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPENONE"><span class="TYPE">xmlSecKeyDataTypeNone</span></a>).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGE"></a><h3>xmlSecKeyDataUsage</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                                    xmlSecKeyDataUsage;</pre>
+<p>The bits mask that determines possible keys data usage.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEANY"></a><h3>xmlSecKeyDataUsageAny</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageAny                           0xFFFFF</pre>
+<p>Any key data usage.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYINFONODE"></a><h3>xmlSecKeyDataUsageKeyInfoNode</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageKeyInfoNode</pre>
+<p>The key data could be read and written from/to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYINFONODEREAD"></a><h3>xmlSecKeyDataUsageKeyInfoNodeRead</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyInfoNodeRead               0x00001</pre>
+<p>The key data could be read from a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYINFONODEWRITE"></a><h3>xmlSecKeyDataUsageKeyInfoNodeWrite</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyInfoNodeWrite              0x00002</pre>
+<p>The key data could be written to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo%20" target="_top">&lt;dsig:KeyInfo /&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYVALUENODE"></a><h3>xmlSecKeyDataUsageKeyValueNode</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageKeyValueNode</pre>
+<p>The key data could be read and written from/to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYVALUENODEREAD"></a><h3>xmlSecKeyDataUsageKeyValueNodeRead</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyValueNodeRead              0x00004</pre>
+<p>The key data could be read from a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEKEYVALUENODEWRITE"></a><h3>xmlSecKeyDataUsageKeyValueNodeWrite</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageKeyValueNodeWrite             0x00008</pre>
+<p>The key data could be written to a <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue%20" target="_top">&lt;dsig:KeyValue /&gt;</a> child.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODE"></a><h3>xmlSecKeyDataUsageRetrievalMethodNode</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyDataUsageRetrievalMethodNode</pre>
+<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
+in any format.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODEBIN"></a><h3>xmlSecKeyDataUsageRetrievalMethodNodeBin</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageRetrievalMethodNodeBin        0x00020</pre>
+<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
+in binary format.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGERETRIEVALMETHODNODEXML"></a><h3>xmlSecKeyDataUsageRetrievalMethodNodeXml</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageRetrievalMethodNodeXml        0x00010</pre>
+<p>The key data could be retrieved using <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod%20" target="_top">&lt;dsig:RetrievalMethod /&gt;</a> node
+in XML format.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAUSAGEUNKNOWN"></a><h3>xmlSecKeyDataUsageUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyDataUsageUnknown                       0x00000</pre>
+<p>The key data usage is unknown.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAXMLREAD"></a><h3>xmlSecKeyDataXmlRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataXmlRead                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads the key data of klass <code class="PARAMETER">id</code> from XML <code class="PARAMETER">node</code> and adds them to <code class="PARAMETER">key</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10296"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10301"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10306"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10311"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10317"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYDATASTOREPTRLISTGETKLASS"></a><h3>xmlSecKeyDataStorePtrListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecKeyDataStorePtrListGetKlass   (void);</pre>
-<p>Key data stores list.</p>
+<a name="XMLSECKEYDATAXMLREADMETHOD"></a><h3>xmlSecKeyDataXmlReadMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataXmlReadMethod)       (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Key data specific method for reading XML node.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10343"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10348"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10353"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data's value XML node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10358"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10364"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAXMLWRITE"></a><h3>xmlSecKeyDataXmlWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeyDataXmlWrite               (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Writes the key data of klass <code class="PARAMETER">id</code> from <code class="PARAMETER">key</code> to an XML <code class="PARAMETER">node</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10393"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10398"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10403"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10408"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10414"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYDATAXMLWRITEMETHOD"></a><h3>xmlSecKeyDataXmlWriteMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyDataXmlWriteMethod)      (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATAID"><span class="TYPE">xmlSecKeyDataId</span></gtkdoclink> id</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Key data specific method for writing XML node.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN8592"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> key data stores list klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10440"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data id.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10445"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10450"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data's value XML node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10455"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the &lt;dsig:KeyInfo&gt; node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN10460"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-keysmngr.html b/docs/api/xmlsec-keysmngr.html
index 7c5314b7..2d406667 100644
--- a/docs/api/xmlsec-keysmngr.html
+++ b/docs/api/xmlsec-keysmngr.html
@@ -87,55 +87,57 @@
 <h1>
 <a name="XMLSEC-KEYSMNGR"></a>keysmngr</h1>
 <div class="REFNAMEDIV">
-<a name="AEN9992"></a><h2>Name</h2>keysmngr -- Keys manager object support.</div>
+<a name="AEN12184"></a><h2>Name</h2>keysmngr -- Keys manager object support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-KEYSMNGR.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a>   <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRCREATE">xmlSecKeysMngrCreate</a>                (void);
-<font>void</font>                <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRDESTROY">xmlSecKeysMngrDestroy</a>               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>xmlSecKeyPtr</font>        <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRFINDKEY">xmlSecKeysMngrFindKey</a>               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRADOPTKEYSSTORE">xmlSecKeysMngrAdoptKeysStore</a>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);
-<font>xmlSecKeyStorePtr</font>   <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETKEYSSTORE">xmlSecKeysMngrGetKeysStore</a>          (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRADOPTDATASTORE">xmlSecKeysMngrAdoptDataStore</a>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);
-<font>xmlSecKeyDataStorePtr</font>  <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETDATASTORE">xmlSecKeysMngrGetDataStore</a>       (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>xmlSecKeyDataStoreId</font> id);
-<font>xmlSecKeyPtr</font>        (<a href="xmlsec-keysmngr.html#XMLSECGETKEYCALLBACK">*xmlSecGetKeyCallback</a>)             (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
-struct              <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngr</a>;
-<font>xmlSecKeyPtr</font>        <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETKEY">xmlSecKeysMngrGetKey</a>                (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        (<a href="xmlsec-keysmngr.html#XMLSECGETKEYCALLBACK">*xmlSecGetKeyCallback</a>)             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
 struct              <a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStore</a>;
-<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a>   <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECREATE">xmlSecKeyStoreCreate</a>                (<font>xmlSecKeyStoreId</font> id);
-<font>void</font>                <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREDESTROY">xmlSecKeyStoreDestroy</a>               (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);
-<font>xmlSecKeyPtr</font>        <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEY">xmlSecKeyStoreFindKey</a>               (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
+#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECHECKID">xmlSecKeyStoreCheckId</a>               (store,
+                                                         storeId)
+#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECHECKSIZE">xmlSecKeyStoreCheckSize</a>             (store,
+                                                         size)
+<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="RETURNVALUE">xmlSecKeyStorePtr</span></a>   <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECREATE">xmlSecKeyStoreCreate</a>                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYSTOREID"><span class="TYPE">xmlSecKeyStoreId</span></gtkdoclink> id</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREDESTROY">xmlSecKeyStoreDestroy</a>               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINALIZEMETHOD">*xmlSecKeyStoreFinalizeMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);
+<gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEY">xmlSecKeyStoreFindKey</a>               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEYMETHOD">*xmlSecKeyStoreFindKeyMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
 #define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREGETNAME">xmlSecKeyStoreGetName</a>               (store)
-#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREISVALID">xmlSecKeyStoreIsValid</a>               (store)
-#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECHECKID">xmlSecKeyStoreCheckId</a>               (store, storeId)
-#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECHECKSIZE">xmlSecKeyStoreCheckSize</a>             (store, size)
 #define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREIDUNKNOWN">xmlSecKeyStoreIdUnknown</a>
-<font>int</font>                 (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREINITIALIZEMETHOD">*xmlSecKeyStoreInitializeMethod</a>)   (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);
-<font>void</font>                (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINALIZEMETHOD">*xmlSecKeyStoreFinalizeMethod</a>)     (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);
-<font>xmlSecKeyPtr</font>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEYMETHOD">*xmlSecKeyStoreFindKeyMethod</a>)      (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-keysmngr.html#XMLSECKEYSTOREINITIALIZEMETHOD">*xmlSecKeyStoreInitializeMethod</a>)   (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);
+#define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREISVALID">xmlSecKeyStoreIsValid</a>               (store)
 struct              <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREKLASS">xmlSecKeyStoreKlass</a>;
 #define             <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREKLASSGETNAME">xmlSecKeyStoreKlassGetName</a>          (klass)
+struct              <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngr</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRADOPTDATASTORE">xmlSecKeysMngrAdoptDataStore</a>        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRADOPTKEYSSTORE">xmlSecKeysMngrAdoptKeysStore</a>        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);
+<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="RETURNVALUE">xmlSecKeysMngrPtr</span></a>   <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRCREATE">xmlSecKeysMngrCreate</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRDESTROY">xmlSecKeysMngrDestroy</a>               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRFINDKEY">xmlSecKeysMngrFindKey</a>               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="XMLSECKEYDATASTOREPTR"><span class="RETURNVALUE">xmlSecKeyDataStorePtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETDATASTORE">xmlSecKeysMngrGetDataStore</a>        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink> id</code>);
+<gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETKEY">xmlSecKeysMngrGetKey</a>                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);
+<gtkdoclink href="XMLSECKEYSTOREPTR"><span class="RETURNVALUE">xmlSecKeyStorePtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRGETKEYSSTORE">xmlSecKeysMngrGetKeysStore</a>          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREADOPTKEY">xmlSecSimpleKeysStoreAdoptKey</a>       (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECPTRLISTPTR"><span class="RETURNVALUE">xmlSecPtrListPtr</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREGETKEYS">xmlSecSimpleKeysStoreGetKeys</a>        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);
+<gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREGETKLASS">xmlSecSimpleKeysStoreGetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID">xmlSecSimpleKeysStoreId</a>
-<font>xmlSecKeyStoreId</font>    <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREGETKLASS">xmlSecSimpleKeysStoreGetKlass</a>       (void);
-<font>int</font>                 <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREADOPTKEY">xmlSecSimpleKeysStoreAdoptKey</a>       (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORELOAD">xmlSecSimpleKeysStoreLoad</a>           (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>int</font>                 <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORESAVE">xmlSecSimpleKeysStoreSave</a>           (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>xmlSecPtrListPtr</font>    <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREGETKEYS">xmlSecSimpleKeysStoreGetKeys</a>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORELOAD">xmlSecSimpleKeysStoreLoad</a>           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTORESAVE">xmlSecSimpleKeysStoreSave</a>           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-KEYSMNGR.DESCRIPTION"></a><h2>Description</h2>
@@ -144,620 +146,590 @@ struct              <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREKLASS">xmlSecKey
 <div class="REFSECT1">
 <a name="XMLSEC-KEYSMNGR.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRCREATE"></a><h3>xmlSecKeysMngrCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a>   xmlSecKeysMngrCreate                (void);</pre>
-<p>Creates new keys manager. Caller is responsible for freeing it with 
-<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRDESTROY"><span class="TYPE">xmlSecKeysMngrDestroy</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10098"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated keys manager or NULL if 
-an error occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYSMNGRDESTROY"></a><h3>xmlSecKeysMngrDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeysMngrDestroy               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Destroys keys manager created with <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRCREATE"><span class="TYPE">xmlSecKeysMngrCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10115"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYSMNGRFINDKEY"></a><h3>xmlSecKeysMngrFindKey ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        xmlSecKeysMngrFindKey               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Lookups key in the keys manager keys store. The caller is responsible 
-for destroying the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
-<p></p>
+<a name="XMLSECGETKEYCALLBACK"></a><h3>xmlSecGetKeyCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        (*xmlSecGetKeyCallback)             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code> and extracts the key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10134"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10139"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12388"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10144"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12394"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10150"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to a key or NULL if key is not found or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12400"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key or NULL if the key is not found or
+an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRADOPTKEYSSTORE"></a><h3>xmlSecKeysMngrAdoptKeysStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeysMngrAdoptKeysStore        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
-<p>Adopts keys store in the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECKEYSTORE"></a><h3>struct xmlSecKeyStore</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyStore {
+    xmlSecKeyStoreId                    id;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The keys store.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10167"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12412"><span style="white-space: nowrap"><gtkdoclink href="XMLSECKEYSTOREID"><span class="TYPE">xmlSecKeyStoreId</span></gtkdoclink> <code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store id (<gtkdoclink href="XMLSECKEYSTOREID"><span class="TYPE">xmlSecKeyStoreId</span></gtkdoclink>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10172"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12421"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10177"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12428"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRGETKEYSSTORE"></a><h3>xmlSecKeysMngrGetKeysStore ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyStorePtr</font>   xmlSecKeysMngrGetKeysStore          (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Gets the keys store.</p>
-<p></p>
+<a name="XMLSECKEYSTORECHECKID"></a><h3>xmlSecKeyStoreCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreCheckId(store, storeId)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">store</code>'s id is equal to <code class="PARAMETER">storeId</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10192"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12445"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10197"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the keys store in the keys manager <code class="PARAMETER">mngr</code> or NULL if 
-there is no store or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12450"><span style="white-space: nowrap"><code class="PARAMETER">storeId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store Id.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRADOPTDATASTORE"></a><h3>xmlSecKeysMngrAdoptDataStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecKeysMngrAdoptDataStore        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store);</pre>
-<p>Adopts data store in the keys manager.</p>
-<p></p>
+<a name="XMLSECKEYSTORECHECKSIZE"></a><h3>xmlSecKeyStoreCheckSize()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreCheckSize(store, size)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">stores</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10214"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10219"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to data store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12465"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10224"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12470"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRGETDATASTORE"></a><h3>xmlSecKeysMngrGetDataStore ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataStorePtr</font>  xmlSecKeysMngrGetDataStore       (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>xmlSecKeyDataStoreId</font> id);</pre>
-<p>Lookups the data store of given klass <code class="PARAMETER">id</code> in the keys manager.</p>
-<p></p>
+<a name="XMLSECKEYSTORECREATE"></a><h3>xmlSecKeyStoreCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="RETURNVALUE">xmlSecKeyStorePtr</span></a>   xmlSecKeyStoreCreate                (<code class="PARAMETER"><gtkdoclink href="XMLSECKEYSTOREID"><span class="TYPE">xmlSecKeyStoreId</span></gtkdoclink> id</code>);</pre>
+<p>Creates new store of the specified klass <code class="PARAMETER">klass</code>. Caller is responsible
+for freeing the returned store by calling <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREDESTROY"><span class="TYPE">xmlSecKeyStoreDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10241"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12490"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10246"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the desired data store klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10251"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to data store or NULL if it is not found or an error
-occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12495"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated keys store or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGETKEYCALLBACK"></a><h3>xmlSecGetKeyCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        (*xmlSecGetKeyCallback)             (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code> and extracts the key.</p>
-<p></p>
+<a name="XMLSECKEYSTOREDESTROY"></a><h3>xmlSecKeyStoreDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeyStoreDestroy               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);</pre>
+<p>Destroys the store created with <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECREATE"><span class="TYPE">xmlSecKeyStoreCreate</span></a> function.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10269"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10275"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10281"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to key or NULL if the key is not found or 
-an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12514"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys store.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGR"></a><h3>struct xmlSecKeysMngr</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeysMngr {
-    xmlSecKeyStorePtr		keysStore;	
-    xmlSecPtrList		storesList;	
-    xmlSecGetKeyCallback	getKey;		
-};</pre>
-<p>The keys manager structure.</p>
-<p></p>
+<a name="XMLSECKEYSTOREFINALIZEMETHOD"></a><h3>xmlSecKeyStoreFinalizeMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecKeyStoreFinalizeMethod)     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);</pre>
+<p>Keys store specific finalization (destroy) method.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10294"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> <code class="STRUCTFIELD">keysStore</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the key store (list of keys known to keys manager).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10300"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">storesList</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the list of key data stores known to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10306"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECGETKEYCALLBACK">xmlSecGetKeyCallback</a> <code class="STRUCTFIELD">getKey</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the callback used to read <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12531"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSMNGRGETKEY"></a><h3>xmlSecKeysMngrGetKey ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        xmlSecKeysMngrGetKey                (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Reads the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code> and extracts the key.</p>
-<p></p>
+<a name="XMLSECKEYSTOREFINDKEY"></a><h3>xmlSecKeyStoreFindKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        xmlSecKeyStoreFindKey               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Lookups key in the store. The caller is responsible for destroying
+the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10326"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12556"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10332"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.	</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12561"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10338"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to key or NULL if the key is not found or 
-an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12566"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12572"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to a key or NULL if key is not found or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTORE"></a><h3>struct xmlSecKeyStore</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyStore {
-    xmlSecKeyStoreId			id;
-
-    /* for the future */
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The keys store.</p>
-<p></p>
+<a name="XMLSECKEYSTOREFINDKEYMETHOD"></a><h3>xmlSecKeyStoreFindKeyMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        (*xmlSecKeyStoreFindKeyMethod)      (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Keys store specific find method. The caller is responsible for destroying
+the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10351"><span style="white-space: nowrap"><font>xmlSecKeyStoreId</font> <code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store id (<gtkdoclink href="XMLSECKEYSTOREID"><span class="TYPE">xmlSecKeyStoreId</span></gtkdoclink>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12597"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12602"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10359"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12607"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key info context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10365"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12612"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to a key or NULL if key is not found or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTORECREATE"></a><h3>xmlSecKeyStoreCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a>   xmlSecKeyStoreCreate                (<font>xmlSecKeyStoreId</font> id);</pre>
-<p>Creates new store of the specified klass <code class="PARAMETER">klass</code>. Caller is responsible
-for freeing the returned store by calling <a href="xmlsec-keysmngr.html#XMLSECKEYSTOREDESTROY"><span class="TYPE">xmlSecKeyStoreDestroy</span></a> function.</p>
+<a name="XMLSECKEYSTOREGETNAME"></a><h3>xmlSecKeyStoreGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreGetName(store)</pre>
+<p>Macro. Returns key store name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12624"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSTOREIDUNKNOWN"></a><h3>xmlSecKeyStoreIdUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecKeyStoreIdUnknown                         ((xmlSecKeyDataStoreId)NULL)</pre>
+<p>The "unknown" id.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSTOREINITIALIZEMETHOD"></a><h3>xmlSecKeyStoreInitializeMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecKeyStoreInitializeMethod)   (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);</pre>
+<p>Keys store specific initialization method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10384"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the key store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12647"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10389"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly allocated keys store or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12652"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREDESTROY"></a><h3>xmlSecKeyStoreDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecKeyStoreDestroy               (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
-<p>Destroys the store created with <a href="xmlsec-keysmngr.html#XMLSECKEYSTORECREATE"><span class="TYPE">xmlSecKeyStoreCreate</span></a> function.</p>
-<p></p>
+<a name="XMLSECKEYSTOREISVALID"></a><h3>xmlSecKeyStoreIsValid()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreIsValid(store)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is not NULL and <code class="PARAMETER">store</code>-&gt;id is not NULL
+or 0 otherwise.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10406"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys store. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12666"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREFINDKEY"></a><h3>xmlSecKeyStoreFindKey ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        xmlSecKeyStoreFindKey               (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Lookups key in the store. The caller is responsible for destroying 
-the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
-<p></p>
+<a name="XMLSECKEYSTOREKLASS"></a><h3>struct xmlSecKeyStoreKlass</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeyStoreKlass {
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
+
+    /* data */
+    const xmlChar*                      name;
+
+    /* constructors/destructor */
+    xmlSecKeyStoreInitializeMethod      initialize;
+    xmlSecKeyStoreFinalizeMethod        finalize;
+    xmlSecKeyStoreFindKeyMethod         findKey;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The keys store id (klass).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10425"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12678"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store klass size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10430"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12685"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store obj size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10435"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12692"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10441"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to a key or NULL if key is not found or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12699"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREINITIALIZEMETHOD"><span class="TYPE">xmlSecKeyStoreInitializeMethod</span></a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's initialization method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12706"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINALIZEMETHOD"><span class="TYPE">xmlSecKeyStoreFinalizeMethod</span></a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's finalization (destroy) method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12713"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEYMETHOD"><span class="TYPE">xmlSecKeyStoreFindKeyMethod</span></a> <code class="STRUCTFIELD">findKey</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the store's find method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12720"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12727"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREGETNAME"></a><h3>xmlSecKeyStoreGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreGetName(store)</pre>
-<p>Macro. Returns key store name.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10454"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYSTOREISVALID"></a><h3>xmlSecKeyStoreIsValid()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreIsValid(store)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is not NULL and <code class="PARAMETER">store</code>-&gt;id is not NULL
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECKEYSTOREKLASSGETNAME"></a><h3>xmlSecKeyStoreKlassGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreKlassGetName(klass)</pre>
+<p>Macro. Returns store klass name.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10469"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12741"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTORECHECKID"></a><h3>xmlSecKeyStoreCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreCheckId(store, storeId)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">store</code>'s id is equal to <code class="PARAMETER">storeId</code>.</p>
-<p></p>
+<a name="XMLSECKEYSMNGR"></a><h3>struct xmlSecKeysMngr</h3>
+<pre class="PROGRAMLISTING">struct xmlSecKeysMngr {
+    xmlSecKeyStorePtr           keysStore;
+    xmlSecPtrList               storesList;
+    xmlSecGetKeyCallback        getKey;
+};</pre>
+<p>The keys manager structure.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10485"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12753"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> <code class="STRUCTFIELD">keysStore</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key store (list of keys known to keys manager).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12760"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">storesList</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of key data stores known to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10490"><span style="white-space: nowrap"><code class="PARAMETER">storeId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store Id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12767"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECGETKEYCALLBACK"><span class="TYPE">xmlSecGetKeyCallback</span></a> <code class="STRUCTFIELD">getKey</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the callback used to read <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTORECHECKSIZE"></a><h3>xmlSecKeyStoreCheckSize()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreCheckSize(store, size)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">store</code> is valid and <code class="PARAMETER">stores</code>'s object has at least <code class="PARAMETER">size</code> bytes.</p>
-<p></p>
+<a name="XMLSECKEYSMNGRADOPTDATASTORE"></a><h3>xmlSecKeysMngrAdoptDataStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeysMngrAdoptDataStore        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>);</pre>
+<p>Adopts data store in the keys manager.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10506"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12790"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10511"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the expected size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12795"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to data store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12800"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREIDUNKNOWN"></a><h3>xmlSecKeyStoreIdUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecKeyStoreIdUnknown 			((xmlSecKeyDataStoreId)NULL)</pre>
-<p>The "unknown" id.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECKEYSTOREINITIALIZEMETHOD"></a><h3>xmlSecKeyStoreInitializeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecKeyStoreInitializeMethod)   (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
-<p>Keys store specific initialization method.</p>
-<p></p>
+<a name="XMLSECKEYSMNGRADOPTKEYSSTORE"></a><h3>xmlSecKeysMngrAdoptKeysStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecKeysMngrAdoptKeysStore        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);</pre>
+<p>Adopts keys store in the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10533"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12821"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10538"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12826"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN12831"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREFINALIZEMETHOD"></a><h3>xmlSecKeyStoreFinalizeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecKeyStoreFinalizeMethod)     (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
-<p>Keys store specific finalization (destroy) method.</p>
-<p></p>
+<a name="XMLSECKEYSMNGRCREATE"></a><h3>xmlSecKeysMngrCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="RETURNVALUE">xmlSecKeysMngrPtr</span></a>   xmlSecKeysMngrCreate                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Creates new keys manager. Caller is responsible for freeing it with
+<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRDESTROY"><span class="TYPE">xmlSecKeysMngrDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10553"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12849"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly allocated keys manager or NULL if
+an error occurs.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREFINDKEYMETHOD"></a><h3>xmlSecKeyStoreFindKeyMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyPtr</font>        (*xmlSecKeyStoreFindKeyMethod)      (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
-<p>Keys store specific find method. The caller is responsible for destroying 
-the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
+<a name="XMLSECKEYSMNGRDESTROY"></a><h3>xmlSecKeysMngrDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecKeysMngrDestroy               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Destroys keys manager created with <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGRCREATE"><span class="TYPE">xmlSecKeysMngrCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN12868"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSMNGRFINDKEY"></a><h3>xmlSecKeysMngrFindKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        xmlSecKeysMngrFindKey               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Lookups key in the keys manager keys store. The caller is responsible
+for destroying the returned key using <a href="xmlsec-keys.html#XMLSECKEYDESTROY"><span class="TYPE">xmlSecKeyDestroy</span></a> method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10572"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12893"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10577"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired key name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12898"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired key name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10582"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to key info context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12903"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10587"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to a key or NULL if key is not found or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12909"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to a key or NULL if key is not found or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREKLASS"></a><h3>struct xmlSecKeyStoreKlass</h3>
-<pre class="PROGRAMLISTING">struct xmlSecKeyStoreKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
-
-    /* data */
-    const xmlChar*			name;    
-        
-    /* constructors/destructor */
-    xmlSecKeyStoreInitializeMethod	initialize;
-    xmlSecKeyStoreFinalizeMethod	finalize;
-    xmlSecKeyStoreFindKeyMethod		findKey;
-
-    /* for the future */
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The keys store id (klass).</p>
-<p></p>
+<a name="XMLSECKEYSMNGRGETDATASTORE"></a><h3>xmlSecKeysMngrGetDataStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATASTOREPTR"><span class="RETURNVALUE">xmlSecKeyDataStorePtr</span></gtkdoclink> xmlSecKeysMngrGetDataStore        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="TYPE">xmlSecKeyDataStoreId</span></gtkdoclink> id</code>);</pre>
+<p>Lookups the data store of given klass <code class="PARAMETER">id</code> in the keys manager.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10600"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store klass size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12930"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10606"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store obj size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12935"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10612"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12940"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to data store or NULL if it is not found or an error
+occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSMNGRGETKEY"></a><h3>xmlSecKeysMngrGetKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYPTR"><span class="RETURNVALUE">xmlSecKeyPtr</span></gtkdoclink>        xmlSecKeysMngrGetKey                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
+<p>Reads the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code> and extracts the key.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10618"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREINITIALIZEMETHOD">xmlSecKeyStoreInitializeMethod</a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's initialization method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12962"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10624"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINALIZEMETHOD">xmlSecKeyStoreFinalizeMethod</a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's finalization (destroy) method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12968"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10630"><span style="white-space: nowrap"><a href="xmlsec-keysmngr.html#XMLSECKEYSTOREFINDKEYMETHOD">xmlSecKeyStoreFindKeyMethod</a> <code class="STRUCTFIELD">findKey</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the store's find method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key or NULL if the key is not found or
+an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECKEYSMNGRGETKEYSSTORE"></a><h3>xmlSecKeysMngrGetKeysStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYSTOREPTR"><span class="RETURNVALUE">xmlSecKeyStorePtr</span></gtkdoclink>   xmlSecKeysMngrGetKeysStore          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Gets the keys store.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10636"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12991"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10642"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN12996"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys store in the keys manager <code class="PARAMETER">mngr</code> or NULL if
+there is no store or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECKEYSTOREKLASSGETNAME"></a><h3>xmlSecKeyStoreKlassGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecKeyStoreKlassGetName(klass)</pre>
-<p>Macro. Returns store klass name.</p>
-<p></p>
+<a name="XMLSECSIMPLEKEYSSTOREADOPTKEY"></a><h3>xmlSecSimpleKeysStoreAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecSimpleKeysStoreAdoptKey       (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10656"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to store klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13019"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to simple keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13024"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13029"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECSIMPLEKEYSSTOREID"></a><h3>xmlSecSimpleKeysStoreId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecSimpleKeysStoreId		xmlSecSimpleKeysStoreGetKlass()</pre>
-<p>A simple keys store klass id.</p>
+<a name="XMLSECSIMPLEKEYSSTOREGETKEYS"></a><h3>xmlSecSimpleKeysStoreGetKeys ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTPTR"><span class="RETURNVALUE">xmlSecPtrListPtr</span></gtkdoclink>    xmlSecSimpleKeysStoreGetKeys        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>);</pre>
+<p>Gets list of keys from simple keys store.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13046"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to simple keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13051"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the list of keys stored in the keys store or NULL
+if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECSIMPLEKEYSSTOREGETKLASS"></a><h3>xmlSecSimpleKeysStoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyStoreId</font>    xmlSecSimpleKeysStoreGetKlass       (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink>    xmlSecSimpleKeysStoreGetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The simple list based keys store klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10677"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> simple list based keys store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13067"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>simple list based keys store klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECSIMPLEKEYSSTOREADOPTKEY"></a><h3>xmlSecSimpleKeysStoreAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecSimpleKeysStoreAdoptKey       (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10695"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to simple keys store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10700"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10705"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECSIMPLEKEYSSTOREID"></a><h3>xmlSecSimpleKeysStoreId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecSimpleKeysStoreId         xmlSecSimpleKeysStoreGetKlass()</pre>
+<p>A simple keys store klass id.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECSIMPLEKEYSSTORELOAD"></a><h3>xmlSecSimpleKeysStoreLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecSimpleKeysStoreLoad           (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecSimpleKeysStoreLoad           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
 <p>Reads keys from an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10722"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to simple keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13096"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to simple keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10727"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13101"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10732"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to associated keys manager. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13106"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to associated keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10737"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13111"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECSIMPLEKEYSSTORESAVE"></a><h3>xmlSecSimpleKeysStoreSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecSimpleKeysStoreSave           (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecSimpleKeysStoreSave           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 <p>Writes keys from <code class="PARAMETER">store</code> to an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10755"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to simple keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13135"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to simple keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10760"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13140"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10765"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the saved keys type (public, private, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13145"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the saved keys type (public, private, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10770"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECSIMPLEKEYSSTOREGETKEYS"></a><h3>xmlSecSimpleKeysStoreGetKeys ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListPtr</font>    xmlSecSimpleKeysStoreGetKeys        (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store);</pre>
-<p>Gets list of keys from simple keys store.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10785"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to simple keys store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the list of keys stored in the keys store or NULL
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13150"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-list.html b/docs/api/xmlsec-list.html
index f070e9de..63b01594 100644
--- a/docs/api/xmlsec-list.html
+++ b/docs/api/xmlsec-list.html
@@ -87,47 +87,50 @@
 <h1>
 <a name="XMLSEC-LIST"></a>list</h1>
 <div class="REFNAMEDIV">
-<a name="AEN10800"></a><h2>Name</h2>list -- Generic list structure implementation.</div>
+<a name="AEN13160"></a><h2>Name</h2>list -- Generic list structure implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-LIST.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">struct              <a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a>;
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTSETDEFAULTALLOCMODE">xmlSecPtrListSetDefaultAllocMode</a>    (<a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> defAllocMode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> defInitialSize);
-<font>int</font>                 <a href="xmlsec-list.html#XMLSECPTRLISTINITIALIZE">xmlSecPtrListInitialize</a>             (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtrListId</font> id);
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTFINALIZE">xmlSecPtrListFinalize</a>               (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);
-<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    <a href="xmlsec-list.html#XMLSECPTRLISTCREATE">xmlSecPtrListCreate</a>                 (<font>xmlSecPtrListId</font> id);
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTDESTROY">xmlSecPtrListDestroy</a>                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTEMPTY">xmlSecPtrListEmpty</a>                  (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);
-<font>int</font>                 <a href="xmlsec-list.html#XMLSECPTRLISTCOPY">xmlSecPtrListCopy</a>                   (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> dst,
-                                                         <a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> src);
-<font>xmlSecPtrListPtr</font>    <a href="xmlsec-list.html#XMLSECPTRLISTDUPLICATE">xmlSecPtrListDuplicate</a>              (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-list.html#XMLSECPTRLISTGETSIZE">xmlSecPtrListGetSize</a>                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);
-<a href="xmlsec-xmlsec.html#XMLSECPTR">xmlSecPtr</a>           <a href="xmlsec-list.html#XMLSECPTRLISTGETITEM">xmlSecPtrListGetItem</a>                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<font>int</font>                 <a href="xmlsec-list.html#XMLSECPTRLISTADD">xmlSecPtrListAdd</a>                    (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtr</font> item);
-<font>int</font>                 <a href="xmlsec-list.html#XMLSECPTRLISTSET">xmlSecPtrListSet</a>                    (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtr</font> item,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<font>int</font>                 <a href="xmlsec-list.html#XMLSECPTRLISTREMOVE">xmlSecPtrListRemove</a>                 (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTDEBUGDUMP">xmlSecPtrListDebugDump</a>              (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-list.html#XMLSECPTRLISTDEBUGXMLDUMP">xmlSecPtrListDebugXmlDump</a>           (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
+<pre class="SYNOPSIS"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD">*xmlSecPtrDebugDumpItemMethod</a>)     (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-list.html#XMLSECPTRDESTROYITEMMETHOD">*xmlSecPtrDestroyItemMethod</a>)       (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>);
+<a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           (<a href="xmlsec-list.html#XMLSECPTRDUPLICATEITEMMETHOD">*xmlSecPtrDuplicateItemMethod</a>)     (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>);
+struct              <a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTADD">xmlSecPtrListAdd</a>                    (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> item</code>);
+#define             <a href="xmlsec-list.html#XMLSECPTRLISTCHECKID">xmlSecPtrListCheckId</a>                (list,
+                                                         dataId)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTCOPY">xmlSecPtrListCopy</a>                   (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> src</code>);
+<a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    <a href="xmlsec-list.html#XMLSECPTRLISTCREATE">xmlSecPtrListCreate</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLSECPTRLISTID"><span class="TYPE">xmlSecPtrListId</span></gtkdoclink> id</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTDEBUGDUMP">xmlSecPtrListDebugDump</a>              (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTDEBUGXMLDUMP">xmlSecPtrListDebugXmlDump</a>           (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTDESTROY">xmlSecPtrListDestroy</a>                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);
+<gtkdoclink href="XMLSECPTRLISTPTR"><span class="RETURNVALUE">xmlSecPtrListPtr</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTDUPLICATE">xmlSecPtrListDuplicate</a>              (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTEMPTY">xmlSecPtrListEmpty</a>                  (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTFINALIZE">xmlSecPtrListFinalize</a>               (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);
+<a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           <a href="xmlsec-list.html#XMLSECPTRLISTGETITEM">xmlSecPtrListGetItem</a>                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
 #define             <a href="xmlsec-list.html#XMLSECPTRLISTGETNAME">xmlSecPtrListGetName</a>                (list)
-#define             <a href="xmlsec-list.html#XMLSECPTRLISTISVALID">xmlSecPtrListIsValid</a>                (list)
-#define             <a href="xmlsec-list.html#XMLSECPTRLISTCHECKID">xmlSecPtrListCheckId</a>                (list, dataId)
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-list.html#XMLSECPTRLISTGETSIZE">xmlSecPtrListGetSize</a>                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);
 #define             <a href="xmlsec-list.html#XMLSECPTRLISTIDUNKNOWN">xmlSecPtrListIdUnknown</a>
-<a href="xmlsec-xmlsec.html#XMLSECPTR">xmlSecPtr</a>           (<a href="xmlsec-list.html#XMLSECPTRDUPLICATEITEMMETHOD">*xmlSecPtrDuplicateItemMethod</a>)     (<font>xmlSecPtr</font> ptr);
-<font>void</font>                (<a href="xmlsec-list.html#XMLSECPTRDESTROYITEMMETHOD">*xmlSecPtrDestroyItemMethod</a>)       (<font>xmlSecPtr</font> ptr);
-<font>void</font>                (<a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD">*xmlSecPtrDebugDumpItemMethod</a>)     (<font>xmlSecPtr</font> ptr,
-                                                         <font>FILE</font> *output);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTINITIALIZE">xmlSecPtrListInitialize</a>             (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECPTRLISTID"><span class="TYPE">xmlSecPtrListId</span></gtkdoclink> id</code>);
+#define             <a href="xmlsec-list.html#XMLSECPTRLISTISVALID">xmlSecPtrListIsValid</a>                (list)
 struct              <a href="xmlsec-list.html#XMLSECPTRLISTKLASS">xmlSecPtrListKlass</a>;
 #define             <a href="xmlsec-list.html#XMLSECPTRLISTKLASSGETNAME">xmlSecPtrListKlassGetName</a>           (klass)
-#define             <a href="xmlsec-list.html#XMLSECSTRINGLISTID">xmlSecStringListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-list.html#XMLSECSTRINGLISTGETKLASS">xmlSecStringListGetKlass</a>            (void);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTREMOVE">xmlSecPtrListRemove</a>                 (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           <a href="xmlsec-list.html#XMLSECPTRLISTREMOVEANDRETURN">xmlSecPtrListRemoveAndReturn</a>        (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTSET">xmlSecPtrListSet</a>                    (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> item</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-list.html#XMLSECPTRLISTSETDEFAULTALLOCMODE">xmlSecPtrListSetDefaultAllocMode</a>    (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> defAllocMode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> defInitialSize</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-list.html#XMLSECSTRINGLISTGETKLASS">xmlSecStringListGetKlass</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-list.html#XMLSECSTRINGLISTID">xmlSecStringListId</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-LIST.DESCRIPTION"></a><h2>Description</h2>
@@ -136,484 +139,492 @@ struct              <a href="xmlsec-list.html#XMLSECPTRLISTKLASS">xmlSecPtrListK
 <div class="REFSECT1">
 <a name="XMLSEC-LIST.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECPTRLIST"></a><h3>struct xmlSecPtrList</h3>
-<pre class="PROGRAMLISTING">struct xmlSecPtrList {
-    xmlSecPtrListId		id;        
-
-    xmlSecPtr*			data;
-    xmlSecSize			use;
-    xmlSecSize			max;
-    xmlSecAllocMode 		allocMode;
-};</pre>
-<p>The pointers list.</p>
-<p></p>
+<a name="XMLSECPTRDEBUGDUMPITEMMETHOD"></a><h3>xmlSecPtrDebugDumpItemMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecPtrDebugDumpItemMethod)     (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">item</code> to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10894"><span style="white-space: nowrap"><font>xmlSecPtrListId</font> <code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>				the list items description.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10900"><span style="white-space: nowrap"><font>xmlSecPtr</font> *<code class="STRUCTFIELD">data</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the list data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10906"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">use</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the current list size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN10912"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">max</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the max (allocated) list size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13351"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poinetr to list item.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10918"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> <code class="STRUCTFIELD">allocMode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the memory allocation mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13356"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTSETDEFAULTALLOCMODE"></a><h3>xmlSecPtrListSetDefaultAllocMode ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListSetDefaultAllocMode    (<a href="xmlsec-buffer.html#XMLSECALLOCMODE">xmlSecAllocMode</a> defAllocMode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> defInitialSize);</pre>
-<p>Sets new default allocation mode and minimal initial list size.</p>
+<a name="XMLSECPTRDESTROYITEMMETHOD"></a><h3>xmlSecPtrDestroyItemMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecPtrDestroyItemMethod)       (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>);</pre>
+<p>Destroys list item <code class="PARAMETER">ptr</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13374"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poinetr to list item.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRDUPLICATEITEMMETHOD"></a><h3>xmlSecPtrDuplicateItemMethod ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           (*xmlSecPtrDuplicateItemMethod)     (<code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> ptr</code>);</pre>
+<p>Duplicates item <code class="PARAMETER">ptr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10935"><span style="white-space: nowrap"><code class="PARAMETER">defAllocMode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the new default memory allocation mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13392"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poinetr to list item.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10940"><span style="white-space: nowrap"><code class="PARAMETER">defInitialSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the new default minimal initial size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13397"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to new item copy or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTINITIALIZE"></a><h3>xmlSecPtrListInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPtrListInitialize             (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtrListId</font> id);</pre>
-<p>Initializes the list of given klass. Caller is responsible 
-for cleaning up by calling <a href="xmlsec-list.html#XMLSECPTRLISTFINALIZE"><span class="TYPE">xmlSecPtrListFinalize</span></a> function.</p>
-<p></p>
+<a name="XMLSECPTRLIST"></a><h3>struct xmlSecPtrList</h3>
+<pre class="PROGRAMLISTING">struct xmlSecPtrList {
+    xmlSecPtrListId             id;
+
+    xmlSecPtr*                  data;
+    xmlSecSize                  use;
+    xmlSecSize                  max;
+    xmlSecAllocMode             allocMode;
+};</pre>
+<p>The pointers list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10958"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13409"><span style="white-space: nowrap"><gtkdoclink href="XMLSECPTRLISTID"><span class="TYPE">xmlSecPtrListId</span></gtkdoclink> <code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list items description.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13416"><span style="white-space: nowrap"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> *<code class="STRUCTFIELD">data</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10963"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the list klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13423"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">use</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current list size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN10968"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13430"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">max</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the max (allocated) list size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13437"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> <code class="STRUCTFIELD">allocMode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the memory allocation mode.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTFINALIZE"></a><h3>xmlSecPtrListFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListFinalize               (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);</pre>
-<p>Cleans up the list initialized with <a href="xmlsec-list.html#XMLSECPTRLISTINITIALIZE"><span class="TYPE">xmlSecPtrListInitialize</span></a>
-function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN10985"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECPTRLISTCREATE"></a><h3>xmlSecPtrListCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    xmlSecPtrListCreate                 (<font>xmlSecPtrListId</font> id);</pre>
-<p>Creates new list object. Caller is responsible for freeing returned list
-by calling <a href="xmlsec-list.html#XMLSECPTRLISTDESTROY"><span class="TYPE">xmlSecPtrListDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECPTRLISTADD"></a><h3>xmlSecPtrListAdd ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPtrListAdd                    (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> item</code>);</pre>
+<p>Adds <code class="PARAMETER">item</code> to the end of the <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11002"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the list klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13461"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13466"><span style="white-space: nowrap"><code class="PARAMETER">item</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the item.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11007"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated list or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13471"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTDESTROY"></a><h3>xmlSecPtrListDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListDestroy                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);</pre>
-<p>Destroys <code class="PARAMETER">list</code> created with <a href="xmlsec-list.html#XMLSECPTRLISTCREATE"><span class="TYPE">xmlSecPtrListCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11025"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECPTRLISTEMPTY"></a><h3>xmlSecPtrListEmpty ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListEmpty                  (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);</pre>
-<p>Remove all items from <code class="PARAMETER">list</code> (if any).</p>
-<p></p>
+<a name="XMLSECPTRLISTCHECKID"></a><h3>xmlSecPtrListCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecPtrListCheckId(list, dataId)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">list</code> is valid and <code class="PARAMETER">list</code>'s id is equal to <code class="PARAMETER">dataId</code>.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11041"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13486"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13491"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list Id.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECPTRLISTCOPY"></a><h3>xmlSecPtrListCopy ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPtrListCopy                   (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> dst,
-                                                         <a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> src);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPtrListCopy                   (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> src</code>);</pre>
 <p>Copies <code class="PARAMETER">src</code> list items to <code class="PARAMETER">dst</code> list using <gtkdoclink href="DUPLICATEITEM"><span class="TYPE">duplicateItem</span></gtkdoclink> method
-of the list klass. If <gtkdoclink href="DUPLICATEITEM"><span class="TYPE">duplicateItem</span></gtkdoclink> method is NULL then 
+of the list klass. If <gtkdoclink href="DUPLICATEITEM"><span class="TYPE">duplicateItem</span></gtkdoclink> method is NULL then
 we jsut copy pointers to items.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11063"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13517"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11068"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13522"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11073"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13527"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTDUPLICATE"></a><h3>xmlSecPtrListDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListPtr</font>    xmlSecPtrListDuplicate              (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);</pre>
-<p>Creates a new copy of <code class="PARAMETER">list</code> and all its items.</p>
-<p></p>
+<a name="XMLSECPTRLISTCREATE"></a><h3>xmlSecPtrListCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    xmlSecPtrListCreate                 (<code class="PARAMETER"><gtkdoclink href="XMLSECPTRLISTID"><span class="TYPE">xmlSecPtrListId</span></gtkdoclink> id</code>);</pre>
+<p>Creates new list object. Caller is responsible for freeing returned list
+by calling <a href="xmlsec-list.html#XMLSECPTRLISTDESTROY"><span class="TYPE">xmlSecPtrListDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11089"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13546"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11094"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated list or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13551"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated list or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTGETSIZE"></a><h3>xmlSecPtrListGetSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecPtrListGetSize                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list);</pre>
-<p>Gets list size.</p>
-<p></p>
+<a name="XMLSECPTRLISTDEBUGDUMP"></a><h3>xmlSecPtrListDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListDebugDump              (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">list</code> to the <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11109"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13573"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the number of itmes in <code class="PARAMETER">list</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13578"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTGETITEM"></a><h3>xmlSecPtrListGetItem ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECPTR">xmlSecPtr</a>           xmlSecPtrListGetItem                (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
-<p>Gets item from the list.</p>
-<p></p>
+<a name="XMLSECPTRLISTDEBUGXMLDUMP"></a><h3>xmlSecPtrListDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListDebugXmlDump           (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">list</code> to the <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11131"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13600"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11136"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the item position.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11141"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the list item at position <code class="PARAMETER">pos</code> or NULL if <code class="PARAMETER">pos</code> is greater
-than the number of items in the list or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13605"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTADD"></a><h3>xmlSecPtrListAdd ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPtrListAdd                    (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtr</font> item);</pre>
-<p>Adds <code class="PARAMETER">item</code> to the end of the <code class="PARAMETER">list</code>.</p>
+<a name="XMLSECPTRLISTDESTROY"></a><h3>xmlSecPtrListDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListDestroy                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);</pre>
+<p>Destroys <code class="PARAMETER">list</code> created with <a href="xmlsec-list.html#XMLSECPTRLISTCREATE"><span class="TYPE">xmlSecPtrListCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13625"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRLISTDUPLICATE"></a><h3>xmlSecPtrListDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTPTR"><span class="RETURNVALUE">xmlSecPtrListPtr</span></gtkdoclink>    xmlSecPtrListDuplicate              (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);</pre>
+<p>Creates a new copy of <code class="PARAMETER">list</code> and all its items.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11161"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11166"><span style="white-space: nowrap"><code class="PARAMETER">item</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the item.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13643"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11171"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13648"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated list or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTSET"></a><h3>xmlSecPtrListSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPtrListSet                    (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecPtr</font> item,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
-<p>Sets the value of list item at position <code class="PARAMETER">pos</code>. The old value
-is destroyed.</p>
-<p></p>
+<a name="XMLSECPTRLISTEMPTY"></a><h3>xmlSecPtrListEmpty ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListEmpty                  (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);</pre>
+<p>Remove all items from <code class="PARAMETER">list</code> (if any).</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11189"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11194"><span style="white-space: nowrap"><code class="PARAMETER">item</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the item.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11199"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pos.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13666"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTREMOVE"></a><h3>xmlSecPtrListRemove ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPtrListRemove                 (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
-<p>Destroys list item at the position <code class="PARAMETER">pos</code> and sets it value to NULL.</p>
+<a name="XMLSECPTRLISTFINALIZE"></a><h3>xmlSecPtrListFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListFinalize               (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);</pre>
+<p>Cleans up the list initialized with <a href="xmlsec-list.html#XMLSECPTRLISTINITIALIZE"><span class="TYPE">xmlSecPtrListInitialize</span></a>
+function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13685"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRLISTGETITEM"></a><h3>xmlSecPtrListGetItem ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           xmlSecPtrListGetItem                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
+<p>Gets item from the list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11221"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13705"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11226"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13710"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the item position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11231"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13715"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list item at position <code class="PARAMETER">pos</code> or NULL if <code class="PARAMETER">pos</code> is greater
+than the number of items in the list or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTDEBUGDUMP"></a><h3>xmlSecPtrListDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListDebugDump              (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">list</code> to the <code class="PARAMETER">output</code>.</p>
+<a name="XMLSECPTRLISTGETNAME"></a><h3>xmlSecPtrListGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecPtrListGetName(list)</pre>
+<p>Macro. Returns lists's name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13729"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the ponter to list.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRLISTGETSIZE"></a><h3>xmlSecPtrListGetSize ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecPtrListGetSize                (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>);</pre>
+<p>Gets list size.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11249"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13746"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11254"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13751"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the number of itmes in <code class="PARAMETER">list</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTDEBUGXMLDUMP"></a><h3>xmlSecPtrListDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecPtrListDebugXmlDump           (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">list</code> to the <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECPTRLISTIDUNKNOWN"></a><h3>xmlSecPtrListIdUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecPtrListIdUnknown                  NULL</pre>
+<p>The "unknown" id.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRLISTINITIALIZE"></a><h3>xmlSecPtrListInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPtrListInitialize             (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECPTRLISTID"><span class="TYPE">xmlSecPtrListId</span></gtkdoclink> id</code>);</pre>
+<p>Initializes the list of given klass. Caller is responsible
+for cleaning up by calling <a href="xmlsec-list.html#XMLSECPTRLISTFINALIZE"><span class="TYPE">xmlSecPtrListFinalize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11272"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13780"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13785"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11277"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTGETNAME"></a><h3>xmlSecPtrListGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecPtrListGetName(list)</pre>
-<p>Macro. Returns lists's name.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11290"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the ponter to list.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECPTRLISTISVALID"></a><h3>xmlSecPtrListIsValid()</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecPtrListIsValid(list)</pre>
 <p>Macro. Returns 1 if <code class="PARAMETER">list</code> is not NULL and <code class="PARAMETER">list</code>-&gt;id is not NULL
 or 0 otherwise.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11305"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13804"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTCHECKID"></a><h3>xmlSecPtrListCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecPtrListCheckId(list, dataId)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">list</code> is valid and <code class="PARAMETER">list</code>'s id is equal to <code class="PARAMETER">dataId</code>.</p>
-<p></p>
+<a name="XMLSECPTRLISTKLASS"></a><h3>struct xmlSecPtrListKlass</h3>
+<pre class="PROGRAMLISTING">struct xmlSecPtrListKlass {
+    const xmlChar*                      name;
+    xmlSecPtrDuplicateItemMethod        duplicateItem;
+    xmlSecPtrDestroyItemMethod          destroyItem;
+    xmlSecPtrDebugDumpItemMethod        debugDumpItem;
+    xmlSecPtrDebugDumpItemMethod        debugXmlDumpItem;
+};</pre>
+<p>List klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11321"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13816"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list klass name.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13823"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDUPLICATEITEMMETHOD"><span class="TYPE">xmlSecPtrDuplicateItemMethod</span></a> <code class="STRUCTFIELD">duplicateItem</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the duplciate item method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13830"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDESTROYITEMMETHOD"><span class="TYPE">xmlSecPtrDestroyItemMethod</span></a> <code class="STRUCTFIELD">destroyItem</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destroy item method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13837"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD"><span class="TYPE">xmlSecPtrDebugDumpItemMethod</span></a> <code class="STRUCTFIELD">debugDumpItem</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the debug dump item method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11326"><span style="white-space: nowrap"><code class="PARAMETER">dataId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the list Id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13844"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD"><span class="TYPE">xmlSecPtrDebugDumpItemMethod</span></a> <code class="STRUCTFIELD">debugXmlDumpItem</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the debug dump item in xml format method.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTIDUNKNOWN"></a><h3>xmlSecPtrListIdUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecPtrListIdUnknown 			NULL</pre>
-<p>The "unknown" id.</p>
+<a name="XMLSECPTRLISTKLASSGETNAME"></a><h3>xmlSecPtrListKlassGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecPtrListKlassGetName(klass)</pre>
+<p>Macro. Returns the list klass name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN13858"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list klass.
+2</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRDUPLICATEITEMMETHOD"></a><h3>xmlSecPtrDuplicateItemMethod ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECPTR">xmlSecPtr</a>           (*xmlSecPtrDuplicateItemMethod)     (<font>xmlSecPtr</font> ptr);</pre>
-<p>Duplicates item <code class="PARAMETER">ptr</code>.</p>
-<p></p>
+<a name="XMLSECPTRLISTREMOVE"></a><h3>xmlSecPtrListRemove ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPtrListRemove                 (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
+<p>Destroys list item at the position <code class="PARAMETER">pos</code> and sets it value to NULL.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11349"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the poinetr to list item.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13879"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13884"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11354"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to new item copy or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13889"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRDESTROYITEMMETHOD"></a><h3>xmlSecPtrDestroyItemMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecPtrDestroyItemMethod)       (<font>xmlSecPtr</font> ptr);</pre>
-<p>Destroys list item <code class="PARAMETER">ptr</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11370"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the poinetr to list item.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECPTRDEBUGDUMPITEMMETHOD"></a><h3>xmlSecPtrDebugDumpItemMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecPtrDebugDumpItemMethod)     (<font>xmlSecPtr</font> ptr,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">item</code> to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECPTRLISTREMOVEANDRETURN"></a><h3>xmlSecPtrListRemoveAndReturn ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECPTR"><span class="RETURNVALUE">xmlSecPtr</span></a>           xmlSecPtrListRemoveAndReturn        (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
+<p>Remove the list item at the position <code class="PARAMETER">pos</code> and return it back.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11388"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the poinetr to list item.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13910"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13915"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11393"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13920"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the list item.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTKLASS"></a><h3>struct xmlSecPtrListKlass</h3>
-<pre class="PROGRAMLISTING">struct xmlSecPtrListKlass {
-    const xmlChar*			name;
-    xmlSecPtrDuplicateItemMethod	duplicateItem;
-    xmlSecPtrDestroyItemMethod		destroyItem;
-    xmlSecPtrDebugDumpItemMethod	debugDumpItem;
-    xmlSecPtrDebugDumpItemMethod	debugXmlDumpItem;
-};</pre>
-<p>List klass.</p>
-<p></p>
+<a name="XMLSECPTRLISTSET"></a><h3>xmlSecPtrListSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPtrListSet                    (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSEC"><span class="TYPE">xmlSecPtr</span></gtkdoclink> item</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
+<p>Sets the value of list item at position <code class="PARAMETER">pos</code>. The old value
+is destroyed.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11406"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the list klass name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13944"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN13949"><span style="white-space: nowrap"><code class="PARAMETER">item</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the item.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11412"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDUPLICATEITEMMETHOD">xmlSecPtrDuplicateItemMethod</a> <code class="STRUCTFIELD">duplicateItem</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the duplciate item method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13954"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pos.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11418"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDESTROYITEMMETHOD">xmlSecPtrDestroyItemMethod</a> <code class="STRUCTFIELD">destroyItem</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the destroy item method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13959"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPTRLISTSETDEFAULTALLOCMODE"></a><h3>xmlSecPtrListSetDefaultAllocMode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecPtrListSetDefaultAllocMode    (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECALLOCMODE"><span class="TYPE">xmlSecAllocMode</span></a> defAllocMode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> defInitialSize</code>);</pre>
+<p>Sets new default allocation mode and minimal initial list size.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11424"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD">xmlSecPtrDebugDumpItemMethod</a> <code class="STRUCTFIELD">debugDumpItem</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the debug dump item method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13979"><span style="white-space: nowrap"><code class="PARAMETER">defAllocMode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new default memory allocation mode.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11430"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRDEBUGDUMPITEMMETHOD">xmlSecPtrDebugDumpItemMethod</a> <code class="STRUCTFIELD">debugXmlDumpItem</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the debug dump item in xml format method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN13984"><span style="white-space: nowrap"><code class="PARAMETER">defInitialSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new default minimal initial size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPTRLISTKLASSGETNAME"></a><h3>xmlSecPtrListKlassGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecPtrListKlassGetName(klass)</pre>
-<p>Macro. Returns the list klass name.</p>
-<p></p>
+<a name="XMLSECSTRINGLISTGETKLASS"></a><h3>xmlSecStringListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecStringListGetKlass            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The strins list class.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11444"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the list klass.
-2</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14000"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>strings list klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -621,19 +632,6 @@ or 0 otherwise.</p>
 <a name="XMLSECSTRINGLISTID"></a><h3>xmlSecStringListId</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecStringListId</pre>
 <p>Strings list klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECSTRINGLISTGETKLASS"></a><h3>xmlSecStringListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecStringListGetKlass            (void);</pre>
-<p>The strins list class.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11465"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> strings list klass.</p></td>
-</tr></tbody></table>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-membuf.html b/docs/api/xmlsec-membuf.html
index f0264174..9eef1375 100644
--- a/docs/api/xmlsec-membuf.html
+++ b/docs/api/xmlsec-membuf.html
@@ -87,12 +87,12 @@
 <h1>
 <a name="XMLSEC-MEMBUF"></a>membuf</h1>
 <div class="REFNAMEDIV">
-<a name="AEN11475"></a><h2>Name</h2>membuf -- Memory buffer transform implementation.</div>
+<a name="AEN14016"></a><h2>Name</h2>membuf -- Memory buffer transform implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MEMBUF.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFID">xmlSecTransformMemBufId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFGETKLASS">xmlSecTransformMemBufGetKlass</a>       (void);
-<font>xmlSecBufferPtr</font>     <a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFGETBUFFER">xmlSecTransformMemBufGetBuffer</a>      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink><a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFGETBUFFER">xmlSecTransformMemBufGetBuffer</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFGETKLASS">xmlSecTransformMemBufGetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-membuf.html#XMLSECTRANSFORMMEMBUFID">xmlSecTransformMemBufId</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MEMBUF.DESCRIPTION"></a><h2>Description</h2>
@@ -101,40 +101,37 @@
 <div class="REFSECT1">
 <a name="XMLSEC-MEMBUF.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMMEMBUFID"></a><h3>xmlSecTransformMemBufId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformMemBufId</pre>
-<p>The Memory Buffer transform klass.</p>
+<a name="XMLSECTRANSFORMMEMBUFGETBUFFER"></a><h3>xmlSecTransformMemBufGetBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink>     xmlSecTransformMemBufGetBuffer      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>Gets the pointer to memory buffer transform buffer.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN14051"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to memory buffer transform.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN14056"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the transform's <a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a>.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMMEMBUFGETKLASS"></a><h3>xmlSecTransformMemBufGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformMemBufGetKlass       (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformMemBufGetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The memory buffer transorm (used to store the data that go through it).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11508"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> memory buffer transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14074"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>memory buffer transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMMEMBUFGETBUFFER"></a><h3>xmlSecTransformMemBufGetBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBufferPtr</font>     xmlSecTransformMemBufGetBuffer      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>Gets the pointer to memory buffer transform buffer.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11523"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to memory buffer transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11528"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the transform's <a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a>. </p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECTRANSFORMMEMBUFID"></a><h3>xmlSecTransformMemBufId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformMemBufId</pre>
+<p>The Memory Buffer transform klass.</p>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-mscrypto-app.html b/docs/api/xmlsec-mscrypto-app.html
index 3cbc875d..3b483d55 100644
--- a/docs/api/xmlsec-mscrypto-app.html
+++ b/docs/api/xmlsec-mscrypto-app.html
@@ -87,81 +87,81 @@
 <h1>
 <a name="XMLSEC-MSCRYPTO-APP"></a>app</h1>
 <div class="REFNAMEDIV">
-<a name="AEN27937"></a><h2>Name</h2>app -- Application functions implementation for MS Crypto.</div>
+<a name="AEN38588"></a><h2>Name</h2>app -- Application functions implementation for MS Crypto.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MSCRYPTO-APP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPINIT">xmlSecMSCryptoAppInit</a>               (const <font>char</font> *config);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPSHUTDOWN">xmlSecMSCryptoAppShutdown</a>           (void);
-const <font>char</font>*         <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPGETCERTSTORENAME">xmlSecMSCryptoAppGetCertStoreName</a>   (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT">xmlSecMSCryptoAppDefaultKeysMngrInit</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecMSCryptoAppDefaultKeysMngrAdoptKey</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRLOAD">xmlSecMSCryptoAppDefaultKeysMngrLoad</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSAVE">xmlSecMSCryptoAppDefaultKeysMngrSave</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPRIVATEKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPUBLICKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSYMKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEYSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> keyStore);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTTRUSTEDSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> trustedStore);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTUNTRUSTEDSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> untrustedStore);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYSMNGRCERTLOAD">xmlSecMSCryptoAppKeysMngrCertLoad</a>   (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYSMNGRCERTLOADMEMORY">xmlSecMSCryptoAppKeysMngrCertLoadMemory</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYLOAD">xmlSecMSCryptoAppKeyLoad</a>            (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYLOADMEMORY">xmlSecMSCryptoAppKeyLoadMemory</a>      (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPPKCS12LOAD">xmlSecMSCryptoAppPkcs12Load</a>         (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPPKCS12LOADMEMORY">xmlSecMSCryptoAppPkcs12LoadMemory</a>   (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYCERTLOAD">xmlSecMSCryptoAppKeyCertLoad</a>        (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYCERTLOADMEMORY">xmlSecMSCryptoAppKeyCertLoadMemory</a>  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>void</font>*               <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPGETDEFAULTPWDCALLBACK">xmlSecMSCryptoAppGetDefaultPwdCallback</a>
-                                                        (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecMSCryptoAppDefaultKeysMngrAdoptKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEYSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> keyStore</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTTRUSTEDSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> trustedStore</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTUNTRUSTEDSTORE">xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> untrustedStore</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT">xmlSecMSCryptoAppDefaultKeysMngrInit</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRLOAD">xmlSecMSCryptoAppDefaultKeysMngrLoad</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPRIVATEKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPUBLICKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSAVE">xmlSecMSCryptoAppDefaultKeysMngrSave</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSYMKEYLOAD">xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);
+<gtkdoclink href="LPCTSTR:CAPS"><span class="RETURNVALUE">LPCTSTR</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPGETCERTSTORENAME">xmlSecMSCryptoAppGetCertStoreName</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPGETDEFAULTPWDCALLBACK">xmlSecMSCryptoAppGetDefaultPwdCallback</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPINIT">xmlSecMSCryptoAppInit</a>               (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYCERTLOAD">xmlSecMSCryptoAppKeyCertLoad</a>        (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYCERTLOADMEMORY">xmlSecMSCryptoAppKeyCertLoadMemory</a>  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYLOAD">xmlSecMSCryptoAppKeyLoad</a>            (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYLOADMEMORY">xmlSecMSCryptoAppKeyLoadMemory</a>      (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYSMNGRCERTLOAD">xmlSecMSCryptoAppKeysMngrCertLoad</a>   (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPKEYSMNGRCERTLOADMEMORY">xmlSecMSCryptoAppKeysMngrCertLoadMemory</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPPKCS12LOAD">xmlSecMSCryptoAppPkcs12Load</a>         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPPKCS12LOADMEMORY">xmlSecMSCryptoAppPkcs12LoadMemory</a>   (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPSHUTDOWN">xmlSecMSCryptoAppShutdown</a>           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-APP.DESCRIPTION"></a><h2>Description</h2>
@@ -170,593 +170,571 @@ const <font>char</font>*         <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPT
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-APP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPINIT"></a><h3>xmlSecMSCryptoAppInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppInit               (const <font>char</font> *config);</pre>
-<p>General crypto engine initialization. This function is used
-by XMLSec command line utility and called before 
-<code class="PARAMETER">xmlSecInit</code> function.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecMSCryptoAppDefaultKeysMngrInit</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28060"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the name of another then the default ms certificate store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38861"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28065"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38866"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38871"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPSHUTDOWN"></a><h3>xmlSecMSCryptoAppShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppShutdown           (void);</pre>
-<p>General crypto engine shutdown. This function is used
-by XMLSec command line utility and called after 
-<code class="PARAMETER">xmlSecShutdown</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN28080"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPGETCERTSTORENAME"></a><h3>xmlSecMSCryptoAppGetCertStoreName ()</h3>
-<pre class="PROGRAMLISTING">const <font>char</font>*         xmlSecMSCryptoAppGetCertStoreName   (void);</pre>
-<p>Gets the MS Crypto certs store name set by <code class="PARAMETER">xmlSecMSCryptoAppInit</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN28095"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the MS Crypto certs name used by xmlsec-mscrypto.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrInit
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
-and a default MSCrypto crypto key data stores.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEYSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> keyStore</code>);</pre>
+<p>Adds <code class="PARAMETER">keyStore</code> to the list of key stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28113"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38893"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28118"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38898"><span style="white-space: nowrap"><code class="PARAMETER">keyStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptKey
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecMSCryptoAppDefaultKeysMngrInit</span></a>
-function.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTTRUSTEDSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> trustedStore</code>);</pre>
+<p>Adds <code class="PARAMETER">trustedStore</code> to the list of trusted cert stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28138"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38925"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28143"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38930"><span style="white-space: nowrap"><code class="PARAMETER">trustedStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certs store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28148"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38935"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrLoad
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);</pre>
-<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created 
-with <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecMSCryptoAppDefaultKeysMngrInit</span></a> function.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTUNTRUSTEDSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> untrustedStore</code>);</pre>
+<p>Adds <code class="PARAMETER">trustedStore</code> to the list of un-trusted cert stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28168"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38957"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28173"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38962"><span style="white-space: nowrap"><code class="PARAMETER">untrustedStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certs store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28178"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38967"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrSave
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrInit
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
+and a default MSCrypto crypto key data stores.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28196"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN28201"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>   the destination filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN28206"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the type of keys to save (public/private/symmetric).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38987"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28211"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38992"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPRIVATEKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);</pre>
-<p>Adds private key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrLoad
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-mscrypto-app.html#XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecMSCryptoAppDefaultKeysMngrInit</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28229"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39016"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28234"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>       the key handle.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39021"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28239"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39026"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPUBLICKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);</pre>
-<p>Adds public key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPRIVATEKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);</pre>
+<p>Adds private key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28257"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39048"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28262"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>       the key handle.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39053"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key handle.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28267"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39058"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSYMKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCRYPTKEY</font> hKey);</pre>
-<p>Adds symmetric key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRPUBLICKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);</pre>
+<p>Adds public key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28285"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39080"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28290"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>       the key handle.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39085"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key handle.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28295"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39090"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTKEYSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> keyStore);</pre>
-<p>Adds <code class="PARAMETER">keyStore</code> to the list of key stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrSave
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28313"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		        the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39114"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39119"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28318"><span style="white-space: nowrap"><code class="PARAMETER">keyStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39124"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28323"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39129"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTTRUSTEDSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> trustedStore);</pre>
-<p>Adds <code class="PARAMETER">trustedStore</code> to the list of trusted cert stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRSYMKEYLOAD"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="TYPE">HCRYPTKEY</span></gtkdoclink> hKey</code>);</pre>
+<p>Adds symmetric key <code class="PARAMETER">hKey</code> to the keys manager <code class="PARAMETER">mngr</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28341"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		        the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39151"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28346"><span style="white-space: nowrap"><code class="PARAMETER">trustedStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>       the pointer to certs store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39156"><span style="white-space: nowrap"><code class="PARAMETER">hKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key handle.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28351"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39161"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPDEFAULTKEYSMNGRADOPTUNTRUSTEDSTORE"></a><h3>xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>HCERTSTORE</font> untrustedStore);</pre>
-<p>Adds <code class="PARAMETER">trustedStore</code> to the list of un-trusted cert stores in the keys manager <code class="PARAMETER">mngr</code>.</p>
+<a name="XMLSECMSCRYPTOAPPGETCERTSTORENAME"></a><h3>xmlSecMSCryptoAppGetCertStoreName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="LPCTSTR:CAPS"><span class="RETURNVALUE">LPCTSTR</span></gtkdoclink>             xmlSecMSCryptoAppGetCertStoreName   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the MS Crypto certs store name set by <code class="PARAMETER">xmlSecMSCryptoAppInit</code> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN39178"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the MS Crypto certs name used by xmlsec-mscrypto.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecMSCryptoAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecMSCryptoAppGetDefaultPwdCallback
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN39194"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOAPPINIT"></a><h3>xmlSecMSCryptoAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppInit               (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28369"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		        the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN28374"><span style="white-space: nowrap"><code class="PARAMETER">untrustedStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the pointer to certs store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39212"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name of another then the default ms certificate store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28379"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39217"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecMSCryptoAppKeysMngrCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppKeysMngrCertLoad   (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPKEYCERTLOAD"></a><h3>xmlSecMSCryptoAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppKeyCertLoad        (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28399"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39241"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28404"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate file.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39246"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28409"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39251"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28414"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
-   			trusted or not.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN28420"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39256"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecMSCryptoAppKeysMngrCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppKeysMngrCertLoadMemory
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">data</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPKEYCERTLOADMEMORY"></a><h3>xmlSecMSCryptoAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppKeyCertLoadMemory  (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">data</code> and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28441"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN28446"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the binary certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39283"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28451"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           size of binary certificate (data)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39288"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28456"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39293"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>size of certificate binary (data)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28461"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
-   			trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39298"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28467"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39303"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOAPPKEYLOAD"></a><h3>xmlSecMSCryptoAppKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecMSCryptoAppKeyLoad            (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecMSCryptoAppKeyLoad            (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from the a file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28486"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39332"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28491"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39337"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28496"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39342"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28501"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39347"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28506"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39352"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28511"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39357"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOAPPKEYLOADMEMORY"></a><h3>xmlSecMSCryptoAppKeyLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecMSCryptoAppKeyLoadMemory      (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecMSCryptoAppKeyLoadMemory      (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from the a file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28531"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39389"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28536"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39394"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28541"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39399"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28546"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39404"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28551"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39409"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28556"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39414"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28561"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39419"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPPKCS12LOAD"></a><h3>xmlSecMSCryptoAppPkcs12Load ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecMSCryptoAppPkcs12Load         (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 file</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecMSCryptoAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppKeysMngrCertLoad   (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code> (not implemented yet).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28579"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39447"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28584"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39452"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28589"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39457"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28594"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39462"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28599"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39468"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPPKCS12LOADMEMORY"></a><h3>xmlSecMSCryptoAppPkcs12LoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecMSCryptoAppPkcs12LoadMemory   (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 binary</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecMSCryptoAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppKeysMngrCertLoadMemory
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28618"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary PKCS12 key in data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39499"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28623"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           size of binary pkcs12 data</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39504"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28628"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39509"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>size of binary certificate (data)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28633"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39514"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28638"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39519"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28643"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39525"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPKEYCERTLOAD"></a><h3>xmlSecMSCryptoAppKeyCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppKeyCertLoad        (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPPKCS12LOAD"></a><h3>xmlSecMSCryptoAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecMSCryptoAppPkcs12Load         (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28661"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39551"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39556"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28666"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39561"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28671"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39566"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28676"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39571"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPKEYCERTLOADMEMORY"></a><h3>xmlSecMSCryptoAppKeyCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoAppKeyCertLoadMemory  (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">data</code> and adds it to key.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPPKCS12LOADMEMORY"></a><h3>xmlSecMSCryptoAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecMSCryptoAppPkcs12LoadMemory   (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 binary</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28695"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39600"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary PKCS12 key in data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39605"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>size of binary pkcs12 data</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28700"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39610"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28705"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           size of certificate binary (data)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39615"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28710"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39620"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28715"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39625"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecMSCryptoAppGetDefaultPwdCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>*               xmlSecMSCryptoAppGetDefaultPwdCallback
-                                                        (void);</pre>
-<p>Gets default password callback.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOAPPSHUTDOWN"></a><h3>xmlSecMSCryptoAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoAppShutdown           (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN28729"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> default password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39642"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 </div>
diff --git a/docs/api/xmlsec-mscrypto-certkeys.html b/docs/api/xmlsec-mscrypto-certkeys.html
index 24c0cadd..dd4ab225 100644
--- a/docs/api/xmlsec-mscrypto-certkeys.html
+++ b/docs/api/xmlsec-mscrypto-certkeys.html
@@ -87,16 +87,20 @@
 <h1>
 <a name="XMLSEC-MSCRYPTO-CERTKEYS"></a>certkeys</h1>
 <div class="REFNAMEDIV">
-<a name="AEN28739"></a><h2>Name</h2>certkeys -- MS Crypto certificates helper functions.</div>
+<a name="AEN39652"></a><h2>Name</h2>certkeys -- MS Crypto certificates helper functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MSCRYPTO-CERTKEYS.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETCERT">xmlSecMSCryptoKeyDataGetCert</a>        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>HCRYPTKEY</font>           <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETKEY">xmlSecMSCryptoKeyDataGetKey</a>         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>HCRYPTKEY</font>           <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETDECRYPTKEY">xmlSecMSCryptoKeyDataGetDecryptKey</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTDUP">xmlSecMSCryptoCertDup</a>               (<font>PCCERT_CONTEXT</font> pCert);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTADOPT">xmlSecMSCryptoCertAdopt</a>             (<font>PCCERT_CONTEXT</font> pCert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="SYNOPSIS"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTADOPT">xmlSecMSCryptoCertAdopt</a>             (<code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> pCert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOCERTDUP">xmlSecMSCryptoCertDup</a>               (<code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> pCert</code>);
+<gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETCERT">xmlSecMSCryptoKeyDataGetCert</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="HCRYPTKEY:CAPS"><span class="RETURNVALUE">HCRYPTKEY</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETDECRYPTKEY">xmlSecMSCryptoKeyDataGetDecryptKey</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="HCRYPTKEY:CAPS"><span class="RETURNVALUE">HCRYPTKEY</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETKEY">xmlSecMSCryptoKeyDataGetKey</a>         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="DWORD:CAPS"><span class="RETURNVALUE">DWORD</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETMSCRYPTOKEYSPEC">xmlSecMSCryptoKeyDataGetMSCryptoKeySpec</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="HCRYPTPROV:CAPS"><span class="RETURNVALUE">HCRYPTPROV</span></gtkdoclink><a href="xmlsec-mscrypto-certkeys.html#XMLSECMSCRYPTOKEYDATAGETMSCRYPTOPROVIDER">xmlSecMSCryptoKeyDataGetMSCryptoProvider</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-CERTKEYS.DESCRIPTION"></a><h2>Description</h2>
@@ -105,105 +109,136 @@
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-CERTKEYS.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAGETCERT"></a><h3>xmlSecMSCryptoKeyDataGetCert ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoKeyDataGetCert        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Native MSCrypto certificate retrieval from xmlsec keydata. The 
-returned PCCERT_CONTEXT must not be released by the caller.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOCERTADOPT"></a><h3>xmlSecMSCryptoCertAdopt ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecMSCryptoCertAdopt             (<code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> pCert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Creates key data value from the cert.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28777"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data to retrieve certificate from.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39726"><span style="white-space: nowrap"><code class="PARAMETER">pCert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to cert.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28782"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> PCCERT_CONTEXT on success or NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39731"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected key type.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39736"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created xmlsec key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAGETKEY"></a><h3>xmlSecMSCryptoKeyDataGetKey ()</h3>
-<pre class="PROGRAMLISTING"><font>HCRYPTKEY</font>           xmlSecMSCryptoKeyDataGetKey         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Native MSCrypto key retrieval from xmlsec keydata. The 
-returned HKEY must not be destroyed by the caller.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOCERTDUP"></a><h3>xmlSecMSCryptoCertDup ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink>      xmlSecMSCryptoCertDup               (<code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> pCert</code>);</pre>
+<p>Duplicates the <code class="PARAMETER">pCert</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28798"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data to retrieve certificate from.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39754"><span style="white-space: nowrap"><code class="PARAMETER">pCert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to cert.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28803"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              type of key requested (public/private)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39759"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created PCCERT_CONTEXT object or
+NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAGETCERT"></a><h3>xmlSecMSCryptoKeyDataGetCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink>      xmlSecMSCryptoKeyDataGetCert        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Native MSCrypto certificate retrieval from xmlsec keydata. The
+returned PCCERT_CONTEXT must not be released by the caller.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28808"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HKEY on success or NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39776"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data to retrieve certificate from.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39781"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>PCCERT_CONTEXT on success or NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATAGETDECRYPTKEY"></a><h3>xmlSecMSCryptoKeyDataGetDecryptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>HCRYPTKEY</font>           xmlSecMSCryptoKeyDataGetDecryptKey  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="RETURNVALUE">HCRYPTKEY</span></gtkdoclink>           xmlSecMSCryptoKeyDataGetDecryptKey  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Native MSCrypto decrypt key retrieval from xmlsec keydata. The
 returned HKEY must not be destroyed by the caller.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28823"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the key data pointer</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39798"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data pointer</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28828"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HKEY on success or NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39803"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HKEY on success or NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOCERTDUP"></a><h3>xmlSecMSCryptoCertDup ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoCertDup               (<font>PCCERT_CONTEXT</font> pCert);</pre>
-<p>Duplicates the <code class="PARAMETER">pCert</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAGETKEY"></a><h3>xmlSecMSCryptoKeyDataGetKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="HCRYPTKEY:CAPS"><span class="RETURNVALUE">HCRYPTKEY</span></gtkdoclink>           xmlSecMSCryptoKeyDataGetKey         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Native MSCrypto key retrieval from xmlsec keydata. The
+returned HKEY must not be destroyed by the caller.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28844"><span style="white-space: nowrap"><code class="PARAMETER">pCert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to cert.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39823"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data to retrieve certificate from.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28849"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created PCCERT_CONTEXT object or 
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39828"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>type of key requested (public/private)</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39833"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HKEY on success or NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOCERTADOPT"></a><h3>xmlSecMSCryptoCertAdopt ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecMSCryptoCertAdopt             (<font>PCCERT_CONTEXT</font> pCert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Creates key data value from the cert.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAGETMSCRYPTOKEYSPEC"></a><h3>xmlSecMSCryptoKeyDataGetMSCryptoKeySpec ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="DWORD:CAPS"><span class="RETURNVALUE">DWORD</span></gtkdoclink>               xmlSecMSCryptoKeyDataGetMSCryptoKeySpec
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets key spec info.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28865"><span style="white-space: nowrap"><code class="PARAMETER">pCert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to cert.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39850"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28870"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the expected key type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39855"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key spec info from key data</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAGETMSCRYPTOPROVIDER"></a><h3>xmlSecMSCryptoKeyDataGetMSCryptoProvider ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="HCRYPTPROV:CAPS"><span class="RETURNVALUE">HCRYPTPROV</span></gtkdoclink>          xmlSecMSCryptoKeyDataGetMSCryptoProvider
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets crypto provider handle</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN39872"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN28875"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created xmlsec key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN39877"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the crypto provider handler or 0 if there is an error.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-mscrypto-crypto.html b/docs/api/xmlsec-mscrypto-crypto.html
index 0fcc44f0..75394feb 100644
--- a/docs/api/xmlsec-mscrypto-crypto.html
+++ b/docs/api/xmlsec-mscrypto-crypto.html
@@ -87,70 +87,136 @@
 <h1>
 <a name="XMLSEC-MSCRYPTO-CRYPTO"></a>crypto</h1>
 <div class="REFNAMEDIV">
-<a name="AEN28885"></a><h2>Name</h2>crypto -- Crypto transforms implementation for MS Crypto.</div>
+<a name="AEN39887"></a><h2>Name</h2>crypto -- Crypto transforms implementation for MS Crypto.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MSCRYPTO-CRYPTO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-mscrypto-crypto.html#XMLSECCRYPTOGETFUNCTIONS-MSCRYPTO">xmlSecCryptoGetFunctions_mscrypto</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOINIT">xmlSecMSCryptoInit</a>                  (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOSHUTDOWN">xmlSecMSCryptoShutdown</a>              (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYSMNGRINIT">xmlSecMSCryptoKeysMngrInit</a>          (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOGENERATERANDOM">xmlSecMSCryptoGenerateRandom</a>        (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <font>size_t</font> size);
-<font>void</font>                <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOERRORSDEFAULTCALLBACK">xmlSecMSCryptoErrorsDefaultCallback</a> (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);
-<font>BYTE</font>*               <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCERTSTRTONAME">xmlSecMSCryptoCertStrToName</a>         (<font>DWORD</font> dwCertEncodingType,
-                                                         <font>LPCTSTR</font> pszX500,
-                                                         <font>DWORD</font> dwStrType,
-                                                         <font>DWORD</font> *len);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECCRYPTOGETFUNCTIONS-MSCRYPTO">xmlSecCryptoGetFunctions_mscrypto</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="LPWSTR:CAPS"><span class="RETURNVALUE">LPWSTR</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTLOCALETOUNICODE">xmlSecMSCryptoConvertLocaleToUnicode</a>
+                                                        (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *str</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTLOCALETOUTF8">xmlSecMSCryptoConvertLocaleToUtf8</a>   (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *str</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTTSTRTOUTF8">xmlSecMSCryptoConvertTstrToUtf8</a>     (<code class="PARAMETER"><gtkdoclink href="LPCTSTR:CAPS"><span class="TYPE">LPCTSTR</span></gtkdoclink> str</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUNICODETOUTF8">xmlSecMSCryptoConvertUnicodeToUtf8</a>  (<code class="PARAMETER"><gtkdoclink href="LPCWSTR:CAPS"><span class="TYPE">LPCWSTR</span></gtkdoclink> str</code>);
+<gtkdoclink href="CHAR"><span class="RETURNVALUE">char</span></gtkdoclink> *              <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOLOCALE">xmlSecMSCryptoConvertUtf8ToLocale</a>   (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="LPTSTR:CAPS"><span class="RETURNVALUE">LPTSTR</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOTSTR">xmlSecMSCryptoConvertUtf8ToTstr</a>     (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="LPWSTR:CAPS"><span class="RETURNVALUE">LPWSTR</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOCONVERTUTF8TOUNICODE">xmlSecMSCryptoConvertUtf8ToUnicode</a>  (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOERRORSDEFAULTCALLBACK">xmlSecMSCryptoErrorsDefaultCallback</a> (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOGENERATERANDOM">xmlSecMSCryptoGenerateRandom</a>        (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SIZE-T"><span class="TYPE">size_t</span></gtkdoclink> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOHMACGETMINOUTPUTLENGTH">xmlSecMSCryptoHmacGetMinOutputLength</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOHMACSETMINOUTPUTLENGTH">xmlSecMSCryptoHmacSetMinOutputLength</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOINIT">xmlSecMSCryptoInit</a>                  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESGETKLASS">xmlSecMSCryptoKeyDataAesGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESID">xmlSecMSCryptoKeyDataAesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESSET">xmlSecMSCryptoKeyDataAesSet</a>         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADESGETKLASS">xmlSecMSCryptoKeyDataDesGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADESID">xmlSecMSCryptoKeyDataDesId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADSAGETKLASS">xmlSecMSCryptoKeyDataDsaGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADSAID">xmlSecMSCryptoKeyDataDsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADSAGETKLASS">xmlSecMSCryptoKeyDataDsaGetKlass</a>    (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDSASHA1ID">xmlSecMSCryptoTransformDsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDSASHA1GETKLASS">xmlSecMSCryptoTransformDsaSha1GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAGOST2001GETKLASS">xmlSecMSCryptoKeyDataGost2001GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAGOST2001ID">xmlSecMSCryptoKeyDataGost2001Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAGOST2001GETKLASS">xmlSecMSCryptoKeyDataGost2001GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94ID">xmlSecMSCryptoTransformGost2001GostR3411_94Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94GETKLASS">xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACGETKLASS">xmlSecMSCryptoKeyDataHmacGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACID">xmlSecMSCryptoKeyDataHmacId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAHMACSET">xmlSecMSCryptoKeyDataHmacSet</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATARSAGETKLASS">xmlSecMSCryptoKeyDataRsaGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATARSAID">xmlSecMSCryptoKeyDataRsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATARSAGETKLASS">xmlSecMSCryptoKeyDataRsaGetKlass</a>    (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1ID">xmlSecMSCryptoTransformRsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1GETKLASS">xmlSecMSCryptoTransformRsaSha1GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1ID">xmlSecMSCryptoTransformRsaPkcs1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1GETKLASS">xmlSecMSCryptoTransformRsaPkcs1GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1ID">xmlSecMSCryptoTransformSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1GETKLASS">xmlSecMSCryptoTransformSha1GetKlass</a> (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOSTR3411-94ID">xmlSecMSCryptoTransformGostR3411_94Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOSTR3411-94GETKLASS">xmlSecMSCryptoTransformGostR3411_94GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESID">xmlSecMSCryptoKeyDataAesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESGETKLASS">xmlSecMSCryptoKeyDataAesGetKlass</a>    (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATAAESSET">xmlSecMSCryptoKeyDataAesSet</a>         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYSMNGRINIT">xmlSecMSCryptoKeysMngrInit</a>          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOSHUTDOWN">xmlSecMSCryptoShutdown</a>              (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES128CBCGETKLASS">xmlSecMSCryptoTransformAes128CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES128CBCID">xmlSecMSCryptoTransformAes128CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES128CBCGETKLASS">xmlSecMSCryptoTransformAes128CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES192CBCGETKLASS">xmlSecMSCryptoTransformAes192CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES192CBCID">xmlSecMSCryptoTransformAes192CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES192CBCGETKLASS">xmlSecMSCryptoTransformAes192CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES256CBCGETKLASS">xmlSecMSCryptoTransformAes256CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES256CBCID">xmlSecMSCryptoTransformAes256CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMAES256CBCGETKLASS">xmlSecMSCryptoTransformAes256CbcGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADESID">xmlSecMSCryptoKeyDataDesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOKEYDATADESGETKLASS">xmlSecMSCryptoKeyDataDesGetKlass</a>    (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDES3CBCGETKLASS">xmlSecMSCryptoTransformDes3CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDES3CBCID">xmlSecMSCryptoTransformDes3CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDES3CBCGETKLASS">xmlSecMSCryptoTransformDes3CbcGetKlass</a>
-                                                        (void);</pre>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDSASHA1GETKLASS">xmlSecMSCryptoTransformDsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMDSASHA1ID">xmlSecMSCryptoTransformDsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94GETKLASS">xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94ID">xmlSecMSCryptoTransformGost2001GostR3411_94Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOSTR3411-94GETKLASS">xmlSecMSCryptoTransformGostR3411_94GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMGOSTR3411-94ID">xmlSecMSCryptoTransformGostR3411_94Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACMD5GETKLASS">xmlSecMSCryptoTransformHmacMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACMD5ID">xmlSecMSCryptoTransformHmacMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA1GETKLASS">xmlSecMSCryptoTransformHmacSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA1ID">xmlSecMSCryptoTransformHmacSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA256GETKLASS">xmlSecMSCryptoTransformHmacSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA256ID">xmlSecMSCryptoTransformHmacSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA384GETKLASS">xmlSecMSCryptoTransformHmacSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA384ID">xmlSecMSCryptoTransformHmacSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA512GETKLASS">xmlSecMSCryptoTransformHmacSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMHMACSHA512ID">xmlSecMSCryptoTransformHmacSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES128GETKLASS">xmlSecMSCryptoTransformKWAes128GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES128ID">xmlSecMSCryptoTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES192GETKLASS">xmlSecMSCryptoTransformKWAes192GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES192ID">xmlSecMSCryptoTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES256GETKLASS">xmlSecMSCryptoTransformKWAes256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWAES256ID">xmlSecMSCryptoTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWDES3GETKLASS">xmlSecMSCryptoTransformKWDes3GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMKWDES3ID">xmlSecMSCryptoTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMMD5GETKLASS">xmlSecMSCryptoTransformMd5GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMMD5ID">xmlSecMSCryptoTransformMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAMD5GETKLASS">xmlSecMSCryptoTransformRsaMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAMD5ID">xmlSecMSCryptoTransformRsaMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAOAEPGETKLASS">xmlSecMSCryptoTransformRsaOaepGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAOAEPID">xmlSecMSCryptoTransformRsaOaepId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1GETKLASS">xmlSecMSCryptoTransformRsaPkcs1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSAPKCS1ID">xmlSecMSCryptoTransformRsaPkcs1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1GETKLASS">xmlSecMSCryptoTransformRsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA1ID">xmlSecMSCryptoTransformRsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA256GETKLASS">xmlSecMSCryptoTransformRsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA256ID">xmlSecMSCryptoTransformRsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA384GETKLASS">xmlSecMSCryptoTransformRsaSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA384ID">xmlSecMSCryptoTransformRsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA512GETKLASS">xmlSecMSCryptoTransformRsaSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMRSASHA512ID">xmlSecMSCryptoTransformRsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1GETKLASS">xmlSecMSCryptoTransformSha1GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA1ID">xmlSecMSCryptoTransformSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA256GETKLASS">xmlSecMSCryptoTransformSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA256ID">xmlSecMSCryptoTransformSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA384GETKLASS">xmlSecMSCryptoTransformSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA384ID">xmlSecMSCryptoTransformSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA512GETKLASS">xmlSecMSCryptoTransformSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-crypto.html#XMLSECMSCRYPTOTRANSFORMSHA512ID">xmlSecMSCryptoTransformSha512Id</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-CRYPTO.DESCRIPTION"></a><h2>Description</h2>
@@ -160,196 +226,324 @@
 <a name="XMLSEC-MSCRYPTO-CRYPTO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTOGETFUNCTIONS-MSCRYPTO"></a><h3>xmlSecCryptoGetFunctions_mscrypto ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoGetFunctions_mscrypto
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoGetFunctions_mscrypto
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>Gets MSCrypto specific functions table.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN28983"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> xmlsec-mscrypto functions table.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40244"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>xmlsec-mscrypto functions table.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOINIT"></a><h3>xmlSecMSCryptoInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoInit                  (void);</pre>
-<p>XMLSec library specific crypto engine initialization.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOCONVERTLOCALETOUNICODE"></a><h3>xmlSecMSCryptoConvertLocaleToUnicode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="LPWSTR:CAPS"><span class="RETURNVALUE">LPWSTR</span></gtkdoclink>              xmlSecMSCryptoConvertLocaleToUnicode
+                                                        (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *str</code>);</pre>
+<p>Converts input string from current system locale to Unicode.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN28997"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40261"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40266"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOSHUTDOWN"></a><h3>xmlSecMSCryptoShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoShutdown              (void);</pre>
-<p>XMLSec library specific crypto engine shutdown.</p>
+<a name="XMLSECMSCRYPTOCONVERTLOCALETOUTF8"></a><h3>xmlSecMSCryptoConvertLocaleToUtf8 ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecMSCryptoConvertLocaleToUtf8   (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *str</code>);</pre>
+<p>Converts input string from locale to UTF8.</p>
 <p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29011"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40283"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40288"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYSMNGRINIT"></a><h3>xmlSecMSCryptoKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeysMngrInit          (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Adds MSCrypto specific key data stores in keys manager.</p>
+<a name="XMLSECMSCRYPTOCONVERTTSTRTOUTF8"></a><h3>xmlSecMSCryptoConvertTstrToUtf8 ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecMSCryptoConvertTstrToUtf8     (<code class="PARAMETER"><gtkdoclink href="LPCTSTR:CAPS"><span class="TYPE">LPCTSTR</span></gtkdoclink> str</code>);</pre>
+<p>Converts input string from TSTR (locale or Unicode) to UTF8.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40305"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40310"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOCONVERTUNICODETOUTF8"></a><h3>xmlSecMSCryptoConvertUnicodeToUtf8 ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecMSCryptoConvertUnicodeToUtf8  (<code class="PARAMETER"><gtkdoclink href="LPCWSTR:CAPS"><span class="TYPE">LPCWSTR</span></gtkdoclink> str</code>);</pre>
+<p>Converts input string from Unicode to UTF8.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29026"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40327"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29031"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40332"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOGENERATERANDOM"></a><h3>xmlSecMSCryptoGenerateRandom ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoGenerateRandom        (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <font>size_t</font> size);</pre>
-<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>
-(not implemented yet).</p>
+<a name="XMLSECMSCRYPTOCONVERTUTF8TOLOCALE"></a><h3>xmlSecMSCryptoConvertUtf8ToLocale ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CHAR"><span class="RETURNVALUE">char</span></gtkdoclink> *              xmlSecMSCryptoConvertUtf8ToLocale   (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Converts input string from UTF8 to locale.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40349"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40354"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOCONVERTUTF8TOTSTR"></a><h3>xmlSecMSCryptoConvertUtf8ToTstr ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="LPTSTR:CAPS"><span class="RETURNVALUE">LPTSTR</span></gtkdoclink>              xmlSecMSCryptoConvertUtf8ToTstr     (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Converts input string from UTF8 to TSTR (locale or Unicode).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29049"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40371"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40376"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOCONVERTUTF8TOUNICODE"></a><h3>xmlSecMSCryptoConvertUtf8ToUnicode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="LPWSTR:CAPS"><span class="RETURNVALUE">LPWSTR</span></gtkdoclink>              xmlSecMSCryptoConvertUtf8ToUnicode  (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Converts input string from UTF8 to Unicode.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29054"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the numer of bytes to generate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40393"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to convert.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29059"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40398"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOERRORSDEFAULTCALLBACK"></a><h3>xmlSecMSCryptoErrorsDefaultCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecMSCryptoErrorsDefaultCallback (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecMSCryptoErrorsDefaultCallback (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);</pre>
 <p>The default errors reporting callback function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29080"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location file name (__FILE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40433"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location file name (__FILE__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29085"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location line number (__LINE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40438"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29090"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location function name (__FUNCTION__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40443"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function name (__FUNCTION__ macro).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29095"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40448"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29100"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40453"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29105"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error code.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40458"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29110"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the additional error message.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40463"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the additional error message.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOCERTSTRTONAME"></a><h3>xmlSecMSCryptoCertStrToName ()</h3>
-<pre class="PROGRAMLISTING"><font>BYTE</font>*               xmlSecMSCryptoCertStrToName         (<font>DWORD</font> dwCertEncodingType,
-                                                         <font>LPCTSTR</font> pszX500,
-                                                         <font>DWORD</font> dwStrType,
-                                                         <font>DWORD</font> *len);</pre>
-<p>Converts input string to name by calling <code class="PARAMETER">CertStrToName</code> function.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOGENERATERANDOM"></a><h3>xmlSecMSCryptoGenerateRandom ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoGenerateRandom        (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SIZE-T"><span class="TYPE">size_t</span></gtkdoclink> size</code>);</pre>
+<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>
+(not implemented yet).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29129"><span style="white-space: nowrap"><code class="PARAMETER">dwCertEncodingType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the encoding used.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40485"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29134"><span style="white-space: nowrap"><code class="PARAMETER">pszX500</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the string to convert.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40490"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the numer of bytes to generate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29139"><span style="white-space: nowrap"><code class="PARAMETER">dwStrType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the string type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40495"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecMSCryptoHmacGetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoHmacGetMinOutputLength
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the value of min HMAC length.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40511"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the min HMAC output length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecMSCryptoHmacSetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecMSCryptoHmacSetMinOutputLength
+                                                        (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);</pre>
+<p>Sets the min HMAC output length</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40528"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new min length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOINIT"></a><h3>xmlSecMSCryptoInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoInit                  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine initialization.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40544"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAAESGETKLASS"></a><h3>xmlSecMSCryptoKeyDataAesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataAesGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES key data klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40560"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAAESID"></a><h3>xmlSecMSCryptoKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataAesId</pre>
+<p>The AES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAAESSET"></a><h3>xmlSecMSCryptoKeyDataAesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeyDataAesSet         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of AES key data.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40589"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to AES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40594"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29144"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the result len.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40599"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29149"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a pointer to newly allocated string or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40604"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATADSAID"></a><h3>xmlSecMSCryptoKeyDataDsaId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataDsaId</pre>
-<p>The DSA key klass.</p>
+<a name="XMLSECMSCRYPTOKEYDATADESGETKLASS"></a><h3>xmlSecMSCryptoKeyDataDesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataDesGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DES key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40620"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATADESID"></a><h3>xmlSecMSCryptoKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataDesId</pre>
+<p>The DES key data klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATADSAGETKLASS"></a><h3>xmlSecMSCryptoKeyDataDsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataDsaGetKlass    (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataDsaGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The DSA key data klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29170"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to DSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40642"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to DSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMDSASHA1ID"></a><h3>xmlSecMSCryptoTransformDsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformDsaSha1Id</pre>
-<p>The DSA SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATADSAID"></a><h3>xmlSecMSCryptoKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataDsaId</pre>
+<p>The DSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformDsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformDsaSha1GetKlass
-                                                        (void);</pre>
-<p>The DSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAGOST2001GETKLASS"></a><h3>xmlSecMSCryptoKeyDataGost2001GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataGost2001GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GOST2001 key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29191"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40664"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GOST2001 key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -357,39 +551,60 @@
 <a name="XMLSECMSCRYPTOKEYDATAGOST2001ID"></a><h3>xmlSecMSCryptoKeyDataGost2001Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataGost2001Id</pre>
 <p>The GOST2001 key klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAGOST2001GETKLASS"></a><h3>xmlSecMSCryptoKeyDataGost2001GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataGost2001GetKlass
-                                                        (void);</pre>
-<p>The GOST2001 key data klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAHMACGETKLASS"></a><h3>xmlSecMSCryptoKeyDataHmacGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataHmacGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29212"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to GOST2001 key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40686"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94ID"></a><h3>xmlSecMSCryptoTransformGost2001GostR3411_94Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformGost2001GostR3411_94Id</pre>
-<p>The GOST2001 GOSTR3411_94 signature transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAHMACID"></a><h3>xmlSecMSCryptoKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataHmacId</pre>
+<p>The DHMAC key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94GETKLASS"></a><h3>xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass
-                                                        (void);</pre>
-<p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
+<a name="XMLSECMSCRYPTOKEYDATAHMACSET"></a><h3>xmlSecMSCryptoKeyDataHmacSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeyDataHmacSet        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of HMAC key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40715"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to HMAC key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40720"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40725"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40730"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATARSAGETKLASS"></a><h3>xmlSecMSCryptoKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataRsaGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The MSCrypto RSA CertKey data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29233"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> GOST2001-GOSTR3411_94 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40746"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MSCrypto RSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -397,77 +612,153 @@
 <a name="XMLSECMSCRYPTOKEYDATARSAID"></a><h3>xmlSecMSCryptoKeyDataRsaId</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataRsaId</pre>
 <p>The RSA key klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATARSAGETKLASS"></a><h3>xmlSecMSCryptoKeyDataRsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataRsaGetKlass    (void);</pre>
-<p>The MSCrypto RSA CertKey data klass.</p>
+<a name="XMLSECMSCRYPTOKEYSMNGRINIT"></a><h3>xmlSecMSCryptoKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeysMngrInit          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Adds MSCrypto specific key data stores in keys manager.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40769"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN40774"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOSHUTDOWN"></a><h3>xmlSecMSCryptoShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoShutdown              (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29254"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to MSCrypto RSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMRSASHA1ID"></a><h3>xmlSecMSCryptoTransformRsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaSha1Id</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes128CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformAes128CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 128 CBC encryption transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40806"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformRsaSha1GetKlass
-                                                        (void);</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOTRANSFORMAES128CBCID"></a><h3>xmlSecMSCryptoTransformAes128CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes128CbcId</pre>
+<p>The AES128 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes192CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformAes192CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 192 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29275"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40828"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMRSAPKCS1ID"></a><h3>xmlSecMSCryptoTransformRsaPkcs1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaPkcs1Id</pre>
-<p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOTRANSFORMAES192CBCID"></a><h3>xmlSecMSCryptoTransformAes192CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes192CbcId</pre>
+<p>The AES192 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaPkcs1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformRsaPkcs1GetKlass
-                                                        (void);</pre>
-<p>The RSA-PKCS1 key transport transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes256CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformAes256CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 256 CBC encryption transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40850"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMAES256CBCID"></a><h3>xmlSecMSCryptoTransformAes256CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes256CbcId</pre>
+<p>The AES256 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformDes3CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29296"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-PKCS1 key transport transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40872"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMSHA1ID"></a><h3>xmlSecMSCryptoTransformSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformSha1Id</pre>
-<p>The SHA1 digest transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMDES3CBCID"></a><h3>xmlSecMSCryptoTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformDes3CbcId</pre>
+<p>The DES3 CBC cipher transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformDsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40894"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMSHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformSha1GetKlass (void);</pre>
-<p>SHA-1 digest transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMDSASHA1ID"></a><h3>xmlSecMSCryptoTransformDsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformDsaSha1Id</pre>
+<p>The DSA SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94GETKLASS"></a><h3>xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40916"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>GOST2001-GOSTR3411_94 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMGOST2001GOSTR3411-94ID"></a><h3>xmlSecMSCryptoTransformGost2001GostR3411_94Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformGost2001GostR3411_94Id</pre>
+<p>The GOST2001 GOSTR3411_94 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMGOSTR3411-94GETKLASS"></a><h3>xmlSecMSCryptoTransformGostR3411_94GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformGostR3411_94GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>GOSTR3411_94 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29317"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-1 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40938"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GOSTR3411_94 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -475,167 +766,383 @@
 <a name="XMLSECMSCRYPTOTRANSFORMGOSTR3411-94ID"></a><h3>xmlSecMSCryptoTransformGostR3411_94Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformGostR3411_94Id</pre>
 <p>The GOSTR3411_94 digest transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMGOSTR3411-94GETKLASS"></a><h3>xmlSecMSCryptoTransformGostR3411_94GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformGostR3411_94GetKlass
-                                                        (void);</pre>
-<p>GOSTR3411_94 digest transform klass.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecMSCryptoTransformHmacMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformHmacMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-MD5 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29338"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to GOSTR3411_94 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN40960"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAAESID"></a><h3>xmlSecMSCryptoKeyDataAesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataAesId</pre>
-<p>The AES key data klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMHMACMD5ID"></a><h3>xmlSecMSCryptoTransformHmacMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformHmacMd5Id</pre>
+<p>The HMAC with MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformHmacSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformHmacSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA1 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN40982"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAAESGETKLASS"></a><h3>xmlSecMSCryptoKeyDataAesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataAesGetKlass    (void);</pre>
-<p>The AES key data klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA1ID"></a><h3>xmlSecMSCryptoTransformHmacSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformHmacSha1Id</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecMSCryptoTransformHmacSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformHmacSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA256 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41004"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA256ID"></a><h3>xmlSecMSCryptoTransformHmacSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformHmacSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecMSCryptoTransformHmacSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformHmacSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA384 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29359"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41026"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAAESSET"></a><h3>xmlSecMSCryptoKeyDataAesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeyDataAesSet         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of AES key data.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA384ID"></a><h3>xmlSecMSCryptoTransformHmacSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformHmacSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecMSCryptoTransformHmacSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformHmacSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA512 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41048"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMHMACSHA512ID"></a><h3>xmlSecMSCryptoTransformHmacSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformHmacSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecMSCryptoTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformKWAes128GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 kew wrapper transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29376"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to AES key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29381"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29386"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29391"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41070"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES128CBCID"></a><h3>xmlSecMSCryptoTransformAes128CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes128CbcId</pre>
-<p>The AES128 CBC cipher transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES128ID"></a><h3>xmlSecMSCryptoTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformKWAes128Id</pre>
+<p>The AES 128 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecMSCryptoTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformKWAes192GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 kew wrapper transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41092"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes128CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformAes128CbcGetKlass
-                                                        (void);</pre>
-<p>AES 128 CBC encryption transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES192ID"></a><h3>xmlSecMSCryptoTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformKWAes192Id</pre>
+<p>The AES 192 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecMSCryptoTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformKWAes256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 kew wrapper transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 kew wrapper transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMKWAES256ID"></a><h3>xmlSecMSCryptoTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformKWAes256Id</pre>
+<p>The AES 256 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecMSCryptoTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformKWDes3GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29412"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 128 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41136"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES192CBCID"></a><h3>xmlSecMSCryptoTransformAes192CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes192CbcId</pre>
-<p>The AES192 CBC cipher transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMKWDES3ID"></a><h3>xmlSecMSCryptoTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformKWDes3Id</pre>
+<p>The DES3 KW transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMMD5GETKLASS"></a><h3>xmlSecMSCryptoTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformMd5GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes192CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformAes192CbcGetKlass
-                                                        (void);</pre>
-<p>AES 192 CBC encryption transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMMD5ID"></a><h3>xmlSecMSCryptoTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformMd5Id</pre>
+<p>The MD5 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41180"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSAMD5ID"></a><h3>xmlSecMSCryptoTransformRsaMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaMd5Id</pre>
+<p>The RSA-MD5 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecMSCryptoTransformRsaOaepGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaOaepGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-OAEP key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29433"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 192 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41202"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-OAEP key transport transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES256CBCID"></a><h3>xmlSecMSCryptoTransformAes256CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformAes256CbcId</pre>
-<p>The AES256 CBC cipher transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMRSAOAEPID"></a><h3>xmlSecMSCryptoTransformRsaOaepId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaOaepId</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaPkcs1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaPkcs1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-PKCS1 key transport transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41224"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-PKCS1 key transport transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformAes256CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformAes256CbcGetKlass
-                                                        (void);</pre>
-<p>AES 256 CBC encryption transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMRSAPKCS1ID"></a><h3>xmlSecMSCryptoTransformRsaPkcs1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaPkcs1Id</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41246"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA1ID"></a><h3>xmlSecMSCryptoTransformRsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaSha1Id</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29454"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 256 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41268"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATADESID"></a><h3>xmlSecMSCryptoKeyDataDesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataDesId</pre>
-<p>The DES key data klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA256ID"></a><h3>xmlSecMSCryptoTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaSha256Id</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41290"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATADESGETKLASS"></a><h3>xmlSecMSCryptoKeyDataDesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataDesGetKlass    (void);</pre>
-<p>The DES key data klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA384ID"></a><h3>xmlSecMSCryptoTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaSha384Id</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecMSCryptoTransformRsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformRsaSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41312"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMRSASHA512ID"></a><h3>xmlSecMSCryptoTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformRsaSha512Id</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA1GETKLASS"></a><h3>xmlSecMSCryptoTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformSha1GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29475"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41334"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMDES3CBCID"></a><h3>xmlSecMSCryptoTransformDes3CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformDes3CbcId</pre>
-<p>The DES3 CBC cipher transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMSHA1ID"></a><h3>xmlSecMSCryptoTransformSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformSha1Id</pre>
+<p>The SHA1 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA256GETKLASS"></a><h3>xmlSecMSCryptoTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-256 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41356"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-256 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecMSCryptoTransformDes3CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecMSCryptoTransformDes3CbcGetKlass
-                                                        (void);</pre>
-<p>Triple DES CBC encryption transform klass.</p>
+<a name="XMLSECMSCRYPTOTRANSFORMSHA256ID"></a><h3>xmlSecMSCryptoTransformSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformSha256Id</pre>
+<p>The SHA256 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA384GETKLASS"></a><h3>xmlSecMSCryptoTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-384 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41378"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-384 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA384ID"></a><h3>xmlSecMSCryptoTransformSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformSha384Id</pre>
+<p>The SHA384 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA512GETKLASS"></a><h3>xmlSecMSCryptoTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecMSCryptoTransformSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-512 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29496"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to Triple DES encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41400"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-512 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOTRANSFORMSHA512ID"></a><h3>xmlSecMSCryptoTransformSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoTransformSha512Id</pre>
+<p>The SHA512 digest transform klass.</p>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-mscrypto-certkeys.html"><b>&lt;&lt;&lt; certkeys</b></a></td>
diff --git a/docs/api/xmlsec-mscrypto-keysstore.html b/docs/api/xmlsec-mscrypto-keysstore.html
index c846170c..0ec0d207 100644
--- a/docs/api/xmlsec-mscrypto-keysstore.html
+++ b/docs/api/xmlsec-mscrypto-keysstore.html
@@ -87,19 +87,19 @@
 <h1>
 <a name="XMLSEC-MSCRYPTO-KEYSSTORE"></a>keysstore</h1>
 <div class="REFNAMEDIV">
-<a name="AEN29506"></a><h2>Name</h2>keysstore -- Keys store implementation for MS Crypto.</div>
+<a name="AEN41416"></a><h2>Name</h2>keysstore -- Keys store implementation for MS Crypto.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MSCRYPTO-KEYSSTORE.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREID">xmlSecMSCryptoKeysStoreId</a>
-<font>xmlSecKeyStoreId</font>    <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREGETKLASS">xmlSecMSCryptoKeysStoreGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREADOPTKEY">xmlSecMSCryptoKeysStoreAdoptKey</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTORELOAD">xmlSecMSCryptoKeysStoreLoad</a>         (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>int</font>                 <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTORESAVE">xmlSecMSCryptoKeysStoreSave</a>         (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREADOPTKEY">xmlSecMSCryptoKeysStoreAdoptKey</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink><a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREGETKLASS">xmlSecMSCryptoKeysStoreGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTOREID">xmlSecMSCryptoKeysStoreId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTORELOAD">xmlSecMSCryptoKeysStoreLoad</a>         (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-keysstore.html#XMLSECMSCRYPTOKEYSSTORESAVE">xmlSecMSCryptoKeysStoreSave</a>         (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-KEYSSTORE.DESCRIPTION"></a><h2>Description</h2>
@@ -108,99 +108,94 @@
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-KEYSSTORE.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYSSTOREID"></a><h3>xmlSecMSCryptoKeysStoreId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecMSCryptoKeysStoreId	xmlSecMSCryptoKeysStoreGetKlass()</pre>
-<p>A MSCrypto keys store klass id.</p>
+<a name="XMLSECMSCRYPTOKEYSSTOREADOPTKEY"></a><h3>xmlSecMSCryptoKeysStoreAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeysStoreAdoptKey     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN41483"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCrypto keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN41488"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN41493"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYSSTOREGETKLASS"></a><h3>xmlSecMSCryptoKeysStoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyStoreId</font>    xmlSecMSCryptoKeysStoreGetKlass     (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink>    xmlSecMSCryptoKeysStoreGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The MSCrypto list based keys store klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29550"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> MSCrypto list based keys store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41509"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>MSCrypto list based keys store klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYSSTOREADOPTKEY"></a><h3>xmlSecMSCryptoKeysStoreAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeysStoreAdoptKey     (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29568"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCrypto keys store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29573"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29578"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECMSCRYPTOKEYSSTOREID"></a><h3>xmlSecMSCryptoKeysStoreId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecMSCryptoKeysStoreId       xmlSecMSCryptoKeysStoreGetKlass()</pre>
+<p>A MSCrypto keys store klass id.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYSSTORELOAD"></a><h3>xmlSecMSCryptoKeysStoreLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeysStoreLoad         (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeysStoreLoad         (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
 <p>Reads keys from an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29595"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCrypto keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41538"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCrypto keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29600"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41543"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29605"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to associated keys manager. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41548"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to associated keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29610"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41553"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYSSTORESAVE"></a><h3>xmlSecMSCryptoKeysStoreSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeysStoreSave         (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeysStoreSave         (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 <p>Writes keys from <code class="PARAMETER">store</code> to an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29628"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCrypto keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41577"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCrypto keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29633"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41582"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29638"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the saved keys type (public, private, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41587"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the saved keys type (public, private, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29643"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41592"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-mscrypto-x509.html b/docs/api/xmlsec-mscrypto-x509.html
index 09112731..5d9115c5 100644
--- a/docs/api/xmlsec-mscrypto-x509.html
+++ b/docs/api/xmlsec-mscrypto-x509.html
@@ -87,56 +87,47 @@
 <h1>
 <a name="XMLSEC-MSCRYPTO-X509"></a>x509</h1>
 <div class="REFNAMEDIV">
-<a name="AEN29653"></a><h2>Name</h2>x509 -- X509 certificates support implementation for MS Crypto.</div>
+<a name="AEN41602"></a><h2>Name</h2>x509 -- X509 certificates support implementation for MS Crypto.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-MSCRYPTO-X509.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ID">xmlSecMSCryptoKeyDataX509Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETKLASS">xmlSecMSCryptoKeyDataX509GetKlass</a>   (void);
-<font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETKEYCERT">xmlSecMSCryptoKeyDataX509GetKeyCert</a> (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTKEYCERT">xmlSecMSCryptoKeyDataX509AdoptKeyCert</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCERT_CONTEXT</font> cert);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTCERT">xmlSecMSCryptoKeyDataX509AdoptCert</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCERT_CONTEXT</font> cert);
-<font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCERT">xmlSecMSCryptoKeyDataX509GetCert</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCERTSSIZE">xmlSecMSCryptoKeyDataX509GetCertsSize</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTCRL">xmlSecMSCryptoKeyDataX509AdoptCrl</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCRL_CONTEXT</font> crl);
-<font>PCCRL_CONTEXT</font>       <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCRL">xmlSecMSCryptoKeyDataX509GetCrl</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCRLSSIZE">xmlSecMSCryptoKeyDataX509GetCrlsSize</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATARAWX509CERTGETKLASS">xmlSecMSCryptoKeyDataRawX509CertGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATARAWX509CERTID">xmlSecMSCryptoKeyDataRawX509CertId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATARAWX509CERTGETKLASS">xmlSecMSCryptoKeyDataRawX509CertGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREID">xmlSecMSCryptoX509StoreId</a>
-<font>xmlSecKeyDataStoreId</font>  <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREGETKLASS">xmlSecMSCryptoX509StoreGetKlass</a>   (void);
-<font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREFINDCERT">xmlSecMSCryptoX509StoreFindCert</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>PCCERT_CONTEXT</font>      <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREVERIFY">xmlSecMSCryptoX509StoreVerify</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> certs,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTCERT">xmlSecMSCryptoX509StoreAdoptCert</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>PCCERT_CONTEXT</font> cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTKEYSTORE">xmlSecMSCryptoX509StoreAdoptKeyStore</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> keyStore);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptTrustedStore</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> trustedStore);
-<font>int</font>                 <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTUNTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptUntrustedStore</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> untrustedStore);
-<font>void</font>                <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREENABLESYSTEMTRUSTEDCERTS">xmlSecMSCryptoX509StoreEnableSystemTrustedCerts</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>int</font> val);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTCERT">xmlSecMSCryptoKeyDataX509AdoptCert</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTCRL">xmlSecMSCryptoKeyDataX509AdoptCrl</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCRL-CONTEXT:CAPS"><span class="TYPE">PCCRL_CONTEXT</span></gtkdoclink> crl</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ADOPTKEYCERT">xmlSecMSCryptoKeyDataX509AdoptKeyCert</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>);
+<gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCERT">xmlSecMSCryptoKeyDataX509GetCert</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCERTSSIZE">xmlSecMSCryptoKeyDataX509GetCertsSize</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="PCCRL-CONTEXT:CAPS"><span class="RETURNVALUE">PCCRL_CONTEXT</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCRL">xmlSecMSCryptoKeyDataX509GetCrl</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETCRLSSIZE">xmlSecMSCryptoKeyDataX509GetCrlsSize</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETKEYCERT">xmlSecMSCryptoKeyDataX509GetKeyCert</a> (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509GETKLASS">xmlSecMSCryptoKeyDataX509GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOKEYDATAX509ID">xmlSecMSCryptoKeyDataX509Id</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTCERT">xmlSecMSCryptoX509StoreAdoptCert</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTKEYSTORE">xmlSecMSCryptoX509StoreAdoptKeyStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> keyStore</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptTrustedStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> trustedStore</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREADOPTUNTRUSTEDSTORE">xmlSecMSCryptoX509StoreAdoptUntrustedStore</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> untrustedStore</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREENABLESYSTEMTRUSTEDCERTS">xmlSecMSCryptoX509StoreEnableSystemTrustedCerts</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> val</code>);
+<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink><a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREGETKLASS">xmlSecMSCryptoX509StoreGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-mscrypto-x509.html#XMLSECMSCRYPTOX509STOREID">xmlSecMSCryptoX509StoreId</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-X509.DESCRIPTION"></a><h2>Description</h2>
@@ -145,109 +136,108 @@
 <div class="REFSECT1">
 <a name="XMLSEC-MSCRYPTO-X509.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509ID"></a><h3>xmlSecMSCryptoKeyDataX509Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataX509Id</pre>
-<p>The MSCrypto X509 data klass.</p>
+<a name="XMLSECMSCRYPTOKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecMSCryptoKeyDataRawX509CertGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataRawX509CertGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The raw X509 certificates key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN41753"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>raw X509 certificates key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509GETKLASS"></a><h3>xmlSecMSCryptoKeyDataX509GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataX509GetKlass   (void);</pre>
-<p>The MSCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29754"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the X509 data klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECMSCRYPTOKEYDATARAWX509CERTID"></a><h3>xmlSecMSCryptoKeyDataRawX509CertId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataRawX509CertId</pre>
+<p>The MSCrypto raw X509 certificate klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509GETKEYCERT"></a><h3>xmlSecMSCryptoKeyDataX509GetKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoKeyDataX509GetKeyCert (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the certificate from which the key was extracted.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTCERT"></a><h3>xmlSecMSCryptoKeyDataX509AdoptCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeyDataX509AdoptCert  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>);</pre>
+<p>Adds certificate to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29769"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41779"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29774"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key's certificate or NULL if key data was not used for key
-extraction or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41784"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCRYPTO X509 certificate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN41789"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecMSCryptoKeyDataX509AdoptKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeyDataX509AdoptKeyCert
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCERT_CONTEXT</font> cert);</pre>
-<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTCRL"></a><h3>xmlSecMSCryptoKeyDataX509AdoptCrl ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeyDataX509AdoptCrl   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCRL-CONTEXT:CAPS"><span class="TYPE">PCCRL_CONTEXT</span></gtkdoclink> crl</code>);</pre>
+<p>Adds CRL to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29791"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41809"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29796"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCRYPTO X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41814"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCrypto X509 CRL.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29801"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41819"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTCERT"></a><h3>xmlSecMSCryptoKeyDataX509AdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeyDataX509AdoptCert  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCERT_CONTEXT</font> cert);</pre>
-<p>Adds certificate to the X509 key data.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecMSCryptoKeyDataX509AdoptKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoKeyDataX509AdoptKeyCert
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>);</pre>
+<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29817"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41840"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29822"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCRYPTO X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41845"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to MSCRYPTO X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29827"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41850"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATAX509GETCERT"></a><h3>xmlSecMSCryptoKeyDataX509GetCert ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoKeyDataX509GetCert    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink>      xmlSecMSCryptoKeyDataX509GetCert    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a certificate from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29843"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41870"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29848"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41875"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29853"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the 
+<td align="LEFT" valign="TOP"><a name="AEN41880"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of certificates in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -255,65 +245,40 @@ number of certificates in <code class="PARAMETER">data</code> or an error occurs
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATAX509GETCERTSSIZE"></a><h3>xmlSecMSCryptoKeyDataX509GetCertsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecMSCryptoKeyDataX509GetCertsSize
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecMSCryptoKeyDataX509GetCertsSize
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of certificates in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29871"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29876"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of certificates in <code class="PARAMETER">data</code>.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATAX509ADOPTCRL"></a><h3>xmlSecMSCryptoKeyDataX509AdoptCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoKeyDataX509AdoptCrl   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>PCCRL_CONTEXT</font> crl);</pre>
-<p>Adds CRL to the X509 key data.</p>
-<p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29893"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41900"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29898"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to MSCrypto X509 CRL.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN29903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41905"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of certificates in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATAX509GETCRL"></a><h3>xmlSecMSCryptoKeyDataX509GetCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCRL_CONTEXT</font>       xmlSecMSCryptoKeyDataX509GetCrl     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PCCRL-CONTEXT:CAPS"><span class="RETURNVALUE">PCCRL_CONTEXT</span></gtkdoclink>       xmlSecMSCryptoKeyDataX509GetCrl     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a CRL from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29919"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41926"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29924"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                the desired CRL position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41931"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired CRL position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29929"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the
+<td align="LEFT" valign="TOP"><a name="AEN41936"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -321,253 +286,188 @@ number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></t
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOKEYDATAX509GETCRLSSIZE"></a><h3>xmlSecMSCryptoKeyDataX509GetCrlsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecMSCryptoKeyDataX509GetCrlsSize
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecMSCryptoKeyDataX509GetCrlsSize
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of CRLs in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29947"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41956"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN29952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41961"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATARAWX509CERTID"></a><h3>xmlSecMSCryptoKeyDataRawX509CertId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataRawX509CertId</pre>
-<p>The MSCrypto raw X509 certificate klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecMSCryptoKeyDataRawX509CertGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecMSCryptoKeyDataRawX509CertGetKlass
-                                                        (void);</pre>
-<p>The raw X509 certificates key data klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> raw X509 certificates key data klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOX509STOREID"></a><h3>xmlSecMSCryptoX509StoreId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoX509StoreId</pre>
-<p>The MSCrypto X509 store klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOX509STOREGETKLASS"></a><h3>xmlSecMSCryptoX509StoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataStoreId</font>  xmlSecMSCryptoX509StoreGetKlass   (void);</pre>
-<p>The MSCrypto X509 certificates key data store klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN29995"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to MSCrypto X509 certificates key data store klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECMSCRYPTOX509STOREFINDCERT"></a><h3>xmlSecMSCryptoX509StoreFindCert ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoX509StoreFindCert     (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Searches <code class="PARAMETER">store</code> for a certificate that matches given criteria.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAX509GETKEYCERT"></a><h3>xmlSecMSCryptoKeyDataX509GetKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="RETURNVALUE">PCCERT_CONTEXT</span></gtkdoclink>      xmlSecMSCryptoKeyDataX509GetKeyCert (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the certificate from which the key was extracted.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30016"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>          the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41979"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30021"><span style="white-space: nowrap"><code class="PARAMETER">subjectName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>    the desired certificate name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30026"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the desired certificate issuer name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30031"><span style="white-space: nowrap"><code class="PARAMETER">issuerSerial</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>   the desired certificate issuer serial number.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30036"><span style="white-space: nowrap"><code class="PARAMETER">ski</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>            the desired certificate SKI.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30041"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30047"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to found certificate or NULL if certificate is not found
-or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN41984"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key's certificate or NULL if key data was not used for key
+extraction or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECMSCRYPTOX509STOREVERIFY"></a><h3>xmlSecMSCryptoX509StoreVerify ()</h3>
-<pre class="PROGRAMLISTING"><font>PCCERT_CONTEXT</font>      xmlSecMSCryptoX509StoreVerify       (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> certs,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Verifies <code class="PARAMETER">certs</code> list.</p>
-<p></p>
+<a name="XMLSECMSCRYPTOKEYDATAX509GETKLASS"></a><h3>xmlSecMSCryptoKeyDataX509GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecMSCryptoKeyDataX509GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The MSCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30065"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the pointer to X509 certificate context store klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30070"><span style="white-space: nowrap"><code class="PARAMETER">certs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the untrusted certificates stack.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30075"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN30081"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the first verified certificate from <code class="PARAMETER">certs</code>.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN42002"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the X509 data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOKEYDATAX509ID"></a><h3>xmlSecMSCryptoKeyDataX509Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoKeyDataX509Id</pre>
+<p>The MSCrypto X509 data klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOX509STOREADOPTCERT"></a><h3>xmlSecMSCryptoX509StoreAdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoX509StoreAdoptCert    (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>PCCERT_CONTEXT</font> cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoX509StoreAdoptCert    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="PCCERT-CONTEXT:CAPS"><span class="TYPE">PCCERT_CONTEXT</span></gtkdoclink> cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 <p>Adds trusted (root) or untrusted certificate to the store.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30099"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42031"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30104"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to PCCERT_CONTEXT X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42036"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to PCCERT_CONTEXT X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30109"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the certificate type (trusted/untrusted).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42041"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42046"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOX509STOREADOPTKEYSTORE"></a><h3>xmlSecMSCryptoX509StoreAdoptKeyStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoX509StoreAdoptKeyStore
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> keyStore);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoX509StoreAdoptKeyStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> keyStore</code>);</pre>
 <p>Adds <code class="PARAMETER">keyStore</code> to the list of key stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30131"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42067"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30136"><span style="white-space: nowrap"><code class="PARAMETER">keyStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42072"><span style="white-space: nowrap"><code class="PARAMETER">keyStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30141"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42077"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOX509STOREADOPTTRUSTEDSTORE"></a><h3>xmlSecMSCryptoX509StoreAdoptTrustedStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoX509StoreAdoptTrustedStore
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> trustedStore);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoX509StoreAdoptTrustedStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> trustedStore</code>);</pre>
 <p>Adds <code class="PARAMETER">trustedStore</code> to the list of trusted certs stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30158"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42098"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30163"><span style="white-space: nowrap"><code class="PARAMETER">trustedStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>       the pointer to certs store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42103"><span style="white-space: nowrap"><code class="PARAMETER">trustedStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certs store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30168"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42108"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOX509STOREADOPTUNTRUSTEDSTORE"></a><h3>xmlSecMSCryptoX509StoreAdoptUntrustedStore ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecMSCryptoX509StoreAdoptUntrustedStore
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>HCERTSTORE</font> untrustedStore);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecMSCryptoX509StoreAdoptUntrustedStore
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="HCERTSTORE:CAPS"><span class="TYPE">HCERTSTORE</span></gtkdoclink> untrustedStore</code>);</pre>
 <p>Adds <code class="PARAMETER">trustedStore</code> to the list of un-trusted certs stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30185"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42129"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30190"><span style="white-space: nowrap"><code class="PARAMETER">untrustedStore</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the pointer to certs store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42134"><span style="white-space: nowrap"><code class="PARAMETER">untrustedStore</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certs store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30195"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42139"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECMSCRYPTOX509STOREENABLESYSTEMTRUSTEDCERTS"></a><h3>xmlSecMSCryptoX509StoreEnableSystemTrustedCerts ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecMSCryptoX509StoreEnableSystemTrustedCerts
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>int</font> val);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecMSCryptoX509StoreEnableSystemTrustedCerts
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> val</code>);</pre>
 <p>Enables/disables the system trusted certs.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30211"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42159"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN30216"><span style="white-space: nowrap"><code class="PARAMETER">val</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                the enable/disable flag</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN42164"><span style="white-space: nowrap"><code class="PARAMETER">val</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the enable/disable flag</p></td>
 </tr>
 </tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOX509STOREGETKLASS"></a><h3>xmlSecMSCryptoX509StoreGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink> xmlSecMSCryptoX509StoreGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The MSCrypto X509 certificates key data store klass.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN42180"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MSCrypto X509 certificates key data store klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECMSCRYPTOX509STOREID"></a><h3>xmlSecMSCryptoX509StoreId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecMSCryptoX509StoreId</pre>
+<p>The MSCrypto X509 store klass.</p>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-mscrypto-keysstore.html"><b>&lt;&lt;&lt; keysstore</b></a></td>
diff --git a/docs/api/xmlsec-nodeset.html b/docs/api/xmlsec-nodeset.html
index 277a6d74..91d4e56d 100644
--- a/docs/api/xmlsec-nodeset.html
+++ b/docs/api/xmlsec-nodeset.html
@@ -87,41 +87,41 @@
 <h1>
 <a name="XMLSEC-NODESET"></a>nodeset</h1>
 <div class="REFNAMEDIV">
-<a name="AEN11540"></a><h2>Name</h2>nodeset -- Nodeset object implementation.</div>
+<a name="AEN14090"></a><h2>Name</h2>nodeset -- Nodeset object implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NODESET.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">enum                <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a>;
+<pre class="SYNOPSIS">struct              <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSet</a>;
+<gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETADD">xmlSecNodeSetAdd</a>                    (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> newNSet</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETOP"><span class="TYPE">xmlSecNodeSetOp</span></a> op</code>);
+<gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETADDLIST">xmlSecNodeSetAddList</a>                (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> newNSet</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETOP"><span class="TYPE">xmlSecNodeSetOp</span></a> op</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETCONTAINS">xmlSecNodeSetContains</a>               (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>);
+<gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETCREATE">xmlSecNodeSetCreate</a>                 (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODESET"><span class="TYPE">xmlNodeSetPtr</span></gtkdoclink> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE"><span class="TYPE">xmlSecNodeSetType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETDEBUGDUMP">xmlSecNodeSetDebugDump</a>              (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETDESTROY">xmlSecNodeSetDestroy</a>                (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETDOCDESTROY">xmlSecNodeSetDocDestroy</a>             (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETDUMPTEXTNODES">xmlSecNodeSetDumpTextNodes</a>          (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLOUTPUTBUFFER"><span class="TYPE">xmlOutputBufferPtr</span></gtkdoclink> out</code>);
+<gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETGETCHILDREN">xmlSecNodeSetGetChildren</a>            (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> withComments</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> invert</code>);
 enum                <a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a>;
-struct              <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSet</a>;
-<font>int</font>                 (<a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK">*xmlSecNodeSetWalkCallback</a>)        (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <font>xmlNodePtr</font> parent,
-                                                         <font>void</font> *data);
-<font>xmlSecNodeSetPtr</font>    <a href="xmlsec-nodeset.html#XMLSECNODESETCREATE">xmlSecNodeSetCreate</a>                 (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlNodeSetPtr</font> nodes,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a> type);
-<font>void</font>                <a href="xmlsec-nodeset.html#XMLSECNODESETDESTROY">xmlSecNodeSetDestroy</a>                (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset);
-<font>void</font>                <a href="xmlsec-nodeset.html#XMLSECNODESETDOCDESTROY">xmlSecNodeSetDocDestroy</a>             (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset);
-<font>int</font>                 <a href="xmlsec-nodeset.html#XMLSECNODESETCONTAINS">xmlSecNodeSetContains</a>               (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> parent);
-<font>xmlSecNodeSetPtr</font>    <a href="xmlsec-nodeset.html#XMLSECNODESETADD">xmlSecNodeSetAdd</a>                    (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> newNSet,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a> op);
-<font>xmlSecNodeSetPtr</font>    <a href="xmlsec-nodeset.html#XMLSECNODESETADDLIST">xmlSecNodeSetAddList</a>                (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> newNSet,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a> op);
-<font>xmlSecNodeSetPtr</font>    <a href="xmlsec-nodeset.html#XMLSECNODESETGETCHILDREN">xmlSecNodeSetGetChildren</a>            (<font>xmlDocPtr</font> doc,
-                                                         const <font>xmlNodePtr</font> parent,
-                                                         <font>int</font> withComments,
-                                                         <font>int</font> invert);
-<font>int</font>                 <a href="xmlsec-nodeset.html#XMLSECNODESETWALK">xmlSecNodeSetWalk</a>                   (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK">xmlSecNodeSetWalkCallback</a> walkFunc,
-                                                         <font>void</font> *data);
-<font>int</font>                 <a href="xmlsec-nodeset.html#XMLSECNODESETDUMPTEXTNODES">xmlSecNodeSetDumpTextNodes</a>          (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlOutputBufferPtr</font> out);
-<font>void</font>                <a href="xmlsec-nodeset.html#XMLSECNODESETDEBUGDUMP">xmlSecNodeSetDebugDump</a>              (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>FILE</font> *output);</pre>
+enum                <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nodeset.html#XMLSECNODESETWALK">xmlSecNodeSetWalk</a>                   (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK"><span class="TYPE">xmlSecNodeSetWalkCallback</span></a> walkFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *data</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK">*xmlSecNodeSetWalkCallback</a>)        (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *data</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NODESET.DESCRIPTION"></a><h2>Description</h2>
@@ -130,419 +130,405 @@ struct              <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSet</a
 <div class="REFSECT1">
 <a name="XMLSEC-NODESET.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECNODESETTYPE"></a><h3>enum xmlSecNodeSetType</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecNodeSetNormal = 0,
-    xmlSecNodeSetInvert,
-    xmlSecNodeSetTree,
-    xmlSecNodeSetTreeWithoutComments, 
-    xmlSecNodeSetTreeInvert,
-    xmlSecNodeSetTreeWithoutCommentsInvert,
-    xmlSecNodeSetList
-} xmlSecNodeSetType;</pre>
-<p>The basic nodes sets types.</p>
-<p></p>
+<a name="XMLSECNODESET"></a><h3>struct xmlSecNodeSet</h3>
+<pre class="PROGRAMLISTING">struct xmlSecNodeSet {
+    xmlNodeSetPtr       nodes;
+    xmlDocPtr           doc;
+    int                 destroyDoc;
+    xmlSecNodeSetType   type;
+    xmlSecNodeSetOp     op;
+    xmlSecNodeSetPtr    next;
+    xmlSecNodeSetPtr    prev;
+    xmlSecNodeSetPtr    children;
+};</pre>
+<p>The enchanced nodes set.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETNORMAL"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetNormal</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	nodes set = nodes in the list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14231"><span style="white-space: nowrap"><gtkdoclink href="XMLNODESET"><span class="TYPE">xmlNodeSetPtr</span></gtkdoclink> <code class="STRUCTFIELD">nodes</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the nodes list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetInvert</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>  	nodes set = all document nodes minus nodes in the list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14238"><span style="white-space: nowrap"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> <code class="STRUCTFIELD">doc</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the parent XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTree</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		nodes set = nodes in the list and all their subtress.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14245"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">destroyDoc</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then <code class="PARAMETER">doc</code> will
+be destroyed when node set is destroyed.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEWITHOUTCOMMENTS"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeWithoutComments</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		nodes set = nodes in the list and 
-			all their subtress but no comment nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14253"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE"><span class="TYPE">xmlSecNodeSetType</span></a> <code class="STRUCTFIELD">type</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the nodes set type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeInvert</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	nodes set = all document nodes minus nodes in the 
-				list and all their subtress.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14260"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESETOP"><span class="TYPE">xmlSecNodeSetOp</span></a> <code class="STRUCTFIELD">op</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEWITHOUTCOMMENTSINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeWithoutCommentsInvert</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	nodes set = all document nodes 
-				minus (nodes in the list and all their subtress 
-			plus all comment nodes).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14267"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> <code class="STRUCTFIELD">next</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the next nodes set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETLIST"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetList</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		nodes set = all nodes in the chidren list of nodes sets.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14274"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> <code class="STRUCTFIELD">prev</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the previous nodes set.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN14281"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> <code class="STRUCTFIELD">children</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the children list (valid only if type
+equal to <a href="xmlsec-nodeset.html#XMLSECNODESETLIST"><span class="TYPE">xmlSecNodeSetList</span></a>).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETOP"></a><h3>enum xmlSecNodeSetOp</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecNodeSetIntersection = 0,
-    xmlSecNodeSetSubtraction,
-    xmlSecNodeSetUnion
-} xmlSecNodeSetOp;</pre>
-<p>The simple nodes sets operations.</p>
-<p></p>
+<a name="XMLSECNODESETADD"></a><h3>xmlSecNodeSetAdd ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink>    xmlSecNodeSetAdd                    (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> newNSet</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETOP"><span class="TYPE">xmlSecNodeSetOp</span></a> op</code>);</pre>
+<p>Adds <code class="PARAMETER">newNSet</code> to the <code class="PARAMETER">nset</code> using operation <code class="PARAMETER">op</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETINTERSECTION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetIntersection</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	intersection.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14311"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to currrent nodes set (or NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETSUBTRACTION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetSubtraction</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	subtraction.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14316"><span style="white-space: nowrap"><code class="PARAMETER">newNSet</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to new nodes set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECNODESETUNION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetUnion</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	union.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14321"><span style="white-space: nowrap"><code class="PARAMETER">op</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation type.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN14326"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to combined nodes set or NULL if an error
+occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESET"></a><h3>struct xmlSecNodeSet</h3>
-<pre class="PROGRAMLISTING">struct xmlSecNodeSet {
-    xmlNodeSetPtr	nodes;
-    xmlDocPtr		doc;
-    int			destroyDoc;
-    xmlSecNodeSetType	type;
-    xmlSecNodeSetOp	op;
-    xmlSecNodeSetPtr	next;
-    xmlSecNodeSetPtr	prev;
-    xmlSecNodeSetPtr	children;
-};</pre>
-<p>The enchanced nodes set.</p>
-<p></p>
+<a name="XMLSECNODESETADDLIST"></a><h3>xmlSecNodeSetAddList ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink>    xmlSecNodeSetAddList                (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> newNSet</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETOP"><span class="TYPE">xmlSecNodeSetOp</span></a> op</code>);</pre>
+<p>Adds <code class="PARAMETER">newNSet</code> to the <code class="PARAMETER">nset</code> as child using operation <code class="PARAMETER">op</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11679"><span style="white-space: nowrap"><font>xmlNodeSetPtr</font> <code class="STRUCTFIELD">nodes</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the nodes list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14352"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to currrent nodes set (or NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11685"><span style="white-space: nowrap"><font>xmlDocPtr</font> <code class="STRUCTFIELD">doc</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the parent XML document.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14357"><span style="white-space: nowrap"><code class="PARAMETER">newNSet</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to new nodes set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11691"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">destroyDoc</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the flag: if set to 1 then <code class="PARAMETER">doc</code> will
-			be destroyed when node set is destroyed.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14362"><span style="white-space: nowrap"><code class="PARAMETER">op</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11698"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a> <code class="STRUCTFIELD">type</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the nodes set type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14367"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to combined nodes set or NULL if an error
+occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNODESETCONTAINS"></a><h3>xmlSecNodeSetContains ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNodeSetContains               (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>);</pre>
+<p>Checks whether the <code class="PARAMETER">node</code> is in the nodes set or not.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11704"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a> <code class="STRUCTFIELD">op</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the operation type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14391"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11710"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> <code class="STRUCTFIELD">next</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the next nodes set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14396"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to XML node to check.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11716"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> <code class="STRUCTFIELD">prev</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the previous nodes set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14401"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <code class="PARAMETER">node</code> parent node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11722"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> <code class="STRUCTFIELD">children</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the children list (valid only if type 
-			equal to <a href="xmlsec-nodeset.html#XMLSECNODESETLIST"><span class="TYPE">xmlSecNodeSetList</span></a>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14407"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if the <code class="PARAMETER">node</code> is in the nodes set <code class="PARAMETER">nset</code>, 0 if it is not
+and a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETWALKCALLBACK"></a><h3>xmlSecNodeSetWalkCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecNodeSetWalkCallback)        (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         <font>xmlNodePtr</font> parent,
-                                                         <font>void</font> *data);</pre>
-<p>The callback function called once per each node in the nodes set.</p>
-<p></p>
+<a name="XMLSECNODESETCREATE"></a><h3>xmlSecNodeSetCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink>    xmlSecNodeSetCreate                 (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODESET"><span class="TYPE">xmlNodeSetPtr</span></gtkdoclink> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE"><span class="TYPE">xmlSecNodeSetType</span></a> type</code>);</pre>
+<p>Creates new nodes set. Caller is responsible for freeing returned object
+by calling <a href="xmlsec-nodeset.html#XMLSECNODESETDESTROY"><span class="TYPE">xmlSecNodeSetDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11743"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the pointer to <a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSet</span></a> structure.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14434"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to parent XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11750"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the pointer current XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14439"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11755"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the pointer to the <code class="PARAMETER">cur</code> parent node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14444"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the nodes set type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11761"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the pointer to application specific data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11766"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs
-an walk procedure should be interrupted.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14449"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated node set or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETCREATE"></a><h3>xmlSecNodeSetCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecNodeSetPtr</font>    xmlSecNodeSetCreate                 (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlNodeSetPtr</font> nodes,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a> type);</pre>
-<p>Creates new nodes set. Caller is responsible for freeng returend object
-by calling <a href="xmlsec-nodeset.html#XMLSECNODESETDESTROY"><span class="TYPE">xmlSecNodeSetDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECNODESETDEBUGDUMP"></a><h3>xmlSecNodeSetDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecNodeSetDebugDump              (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints information about <code class="PARAMETER">nset</code> to the <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11785"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to parent XML document.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11790"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the list of nodes.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11795"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the nodes set type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14471"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11800"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated node set or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14476"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNODESETDESTROY"></a><h3>xmlSecNodeSetDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecNodeSetDestroy                (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecNodeSetDestroy                (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>);</pre>
 <p>Destroys the nodes set created with <a href="xmlsec-nodeset.html#XMLSECNODESETCREATE"><span class="TYPE">xmlSecNodeSetCreate</span></a> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11817"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14495"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNODESETDOCDESTROY"></a><h3>xmlSecNodeSetDocDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecNodeSetDocDestroy             (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecNodeSetDocDestroy             (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>);</pre>
 <p>Instructs node set to destroy nodes parent doc when node set is destroyed.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN11832"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14512"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETCONTAINS"></a><h3>xmlSecNodeSetContains ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNodeSetContains               (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> parent);</pre>
-<p>Checks whether the <code class="PARAMETER">node</code> is in the nodes set or not.</p>
-<p></p>
+<a name="XMLSECNODESETDUMPTEXTNODES"></a><h3>xmlSecNodeSetDumpTextNodes ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNodeSetDumpTextNodes          (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLOUTPUTBUFFER"><span class="TYPE">xmlOutputBufferPtr</span></gtkdoclink> out</code>);</pre>
+<p>Dumps content of all the text nodes from <code class="PARAMETER">nset</code> to <code class="PARAMETER">out</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11850"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11855"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to XML node to check.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14534"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11860"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <code class="PARAMETER">node</code> parent node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14539"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11866"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if the <code class="PARAMETER">node</code> is in the nodes set <code class="PARAMETER">nset</code>, 0 if it is not
-and a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14544"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETADD"></a><h3>xmlSecNodeSetAdd ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecNodeSetPtr</font>    xmlSecNodeSetAdd                    (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> newNSet,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a> op);</pre>
-<p>Adds <code class="PARAMETER">newNSet</code> to the <code class="PARAMETER">nset</code> using operation <code class="PARAMETER">op</code>.</p>
-<p></p>
+<a name="XMLSECNODESETGETCHILDREN"></a><h3>xmlSecNodeSetGetChildren ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECNODESETPTR"><span class="RETURNVALUE">xmlSecNodeSetPtr</span></gtkdoclink>    xmlSecNodeSetGetChildren            (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> withComments</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> invert</code>);</pre>
+<p>Creates a new nodes set that contains:
+ - if <code class="PARAMETER">withComments</code> is not 0 and <code class="PARAMETER">invert</code> is 0:
+   all nodes in the <code class="PARAMETER">parent</code> subtree;
+ - if <code class="PARAMETER">withComments</code> is 0 and <code class="PARAMETER">invert</code> is 0:
+   all nodes in the <code class="PARAMETER">parent</code> subtree except comment nodes;
+ - if <code class="PARAMETER">withComments</code> is not 0 and <code class="PARAMETER">invert</code> not is 0:
+   all nodes in the <code class="PARAMETER">doc</code> except nodes in the <code class="PARAMETER">parent</code> subtree;
+ - if <code class="PARAMETER">withComments</code> is 0 and <code class="PARAMETER">invert</code> is 0:
+   all nodes in the <code class="PARAMETER">doc</code> except nodes in the <code class="PARAMETER">parent</code> subtree
+   and comment nodes.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11888"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to currrent nodes set (or NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14584"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11893"><span style="white-space: nowrap"><code class="PARAMETER">newNSet</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to new nodes set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14589"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to parent XML node or NULL if we want to include all document nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11898"><span style="white-space: nowrap"><code class="PARAMETER">op</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the operation type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14594"><span style="white-space: nowrap"><code class="PARAMETER">withComments</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag include  comments or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to combined nodes set or NULL if an error 
-occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14599"><span style="white-space: nowrap"><code class="PARAMETER">invert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the "invert" flag.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN14604"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the newly created <a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSet</span></a> structure
+or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETADDLIST"></a><h3>xmlSecNodeSetAddList ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecNodeSetPtr</font>    xmlSecNodeSetAddList                (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> newNSet,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETOP">xmlSecNodeSetOp</a> op);</pre>
-<p>Adds <code class="PARAMETER">newNSet</code> to the <code class="PARAMETER">nset</code> as child using operation <code class="PARAMETER">op</code>.</p>
-<p></p>
+<a name="XMLSECNODESETOP"></a><h3>enum xmlSecNodeSetOp</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecNodeSetIntersection = 0,
+    xmlSecNodeSetSubtraction,
+    xmlSecNodeSetUnion
+} xmlSecNodeSetOp;</pre>
+<p>The simple nodes sets operations.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11923"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to currrent nodes set (or NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN11928"><span style="white-space: nowrap"><code class="PARAMETER">newNSet</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to new nodes set.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETINTERSECTION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetIntersection</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>intersection.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11933"><span style="white-space: nowrap"><code class="PARAMETER">op</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the operation type.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETSUBTRACTION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetSubtraction</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>subtraction.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11938"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to combined nodes set or NULL if an error 
-occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETUNION"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetUnion</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>union.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETGETCHILDREN"></a><h3>xmlSecNodeSetGetChildren ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecNodeSetPtr</font>    xmlSecNodeSetGetChildren            (<font>xmlDocPtr</font> doc,
-                                                         const <font>xmlNodePtr</font> parent,
-                                                         <font>int</font> withComments,
-                                                         <font>int</font> invert);</pre>
-<p>Creates a new nodes set that contains:
- - if <code class="PARAMETER">withComments</code> is not 0 and <code class="PARAMETER">invert</code> is 0:
-   all nodes in the <code class="PARAMETER">parent</code> subtree;
- - if <code class="PARAMETER">withComments</code> is 0 and <code class="PARAMETER">invert</code> is 0:
-   all nodes in the <code class="PARAMETER">parent</code> subtree except comment nodes;
- - if <code class="PARAMETER">withComments</code> is not 0 and <code class="PARAMETER">invert</code> not is 0:
-   all nodes in the <code class="PARAMETER">doc</code> except nodes in the <code class="PARAMETER">parent</code> subtree;
- - if <code class="PARAMETER">withComments</code> is 0 and <code class="PARAMETER">invert</code> is 0:
-   all nodes in the <code class="PARAMETER">doc</code> except nodes in the <code class="PARAMETER">parent</code> subtree 
-   and comment nodes.</p>
-<p></p>
+<a name="XMLSECNODESETTYPE"></a><h3>enum xmlSecNodeSetType</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecNodeSetNormal = 0,
+    xmlSecNodeSetInvert,
+    xmlSecNodeSetTree,
+    xmlSecNodeSetTreeWithoutComments,
+    xmlSecNodeSetTreeInvert,
+    xmlSecNodeSetTreeWithoutCommentsInvert,
+    xmlSecNodeSetList
+} xmlSecNodeSetType;</pre>
+<p>The basic nodes sets types.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11970"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML document.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETNORMAL"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetNormal</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = nodes in the list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11975"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	 	the pointer to parent XML node or NULL if we want to include all document nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetInvert</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = all document nodes minus nodes in the list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11980"><span style="white-space: nowrap"><code class="PARAMETER">withComments</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the flag include  comments or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTree</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = nodes in the list and all their subtress.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11985"><span style="white-space: nowrap"><code class="PARAMETER">invert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the "invert" flag.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEWITHOUTCOMMENTS"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeWithoutComments</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = nodes in the list and
+                             all their subtress but no comment nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN11990"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the newly created <a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSet</span></a> structure
-or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeInvert</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = all document nodes minus nodes in the
+                             list and all their subtress.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETTREEWITHOUTCOMMENTSINVERT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetTreeWithoutCommentsInvert</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = all document nodes
+                             minus (nodes in the list and all their subtress
+                             plus all comment nodes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECNODESETLIST"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecNodeSetList</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>nodes set = all nodes in the chidren list of nodes sets.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNODESETWALK"></a><h3>xmlSecNodeSetWalk ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNodeSetWalk                   (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK">xmlSecNodeSetWalkCallback</a> walkFunc,
-                                                         <font>void</font> *data);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNodeSetWalk                   (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETWALKCALLBACK"><span class="TYPE">xmlSecNodeSetWalkCallback</span></a> walkFunc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *data</code>);</pre>
 <p>Calls the function <code class="PARAMETER">walkFunc</code> once per each node in the nodes set <code class="PARAMETER">nset</code>.
-If the <code class="PARAMETER">walkFunc</code> returns a negative value, then the walk procedure 
+If the <code class="PARAMETER">walkFunc</code> returns a negative value, then the walk procedure
 is interrupted.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12012"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14696"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node set.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12017"><span style="white-space: nowrap"><code class="PARAMETER">walkFunc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the callback functions.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14701"><span style="white-space: nowrap"><code class="PARAMETER">walkFunc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the callback functions.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12022"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the application specific data passed to the <code class="PARAMETER">walkFunc</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14706"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the application specific data passed to the <code class="PARAMETER">walkFunc</code>.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12028"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14712"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNODESETDUMPTEXTNODES"></a><h3>xmlSecNodeSetDumpTextNodes ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNodeSetDumpTextNodes          (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>xmlOutputBufferPtr</font> out);</pre>
-<p>Dumps content of all the text nodes from <code class="PARAMETER">nset</code> to <code class="PARAMETER">out</code>.</p>
-<p></p>
+<a name="XMLSECNODESETWALKCALLBACK"></a><h3>xmlSecNodeSetWalkCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecNodeSetWalkCallback)        (<code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nset</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *data</code>);</pre>
+<p>The callback function called once per each node in the nodes set.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12046"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14738"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSet</span></a> structure.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12051"><span style="white-space: nowrap"><code class="PARAMETER">out</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the output buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14745"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer current XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12056"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14750"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the <code class="PARAMETER">cur</code> parent node.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECNODESETDEBUGDUMP"></a><h3>xmlSecNodeSetDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecNodeSetDebugDump              (<a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nset,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints information about <code class="PARAMETER">nset</code> to the <code class="PARAMETER">output</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12074"><span style="white-space: nowrap"><code class="PARAMETER">nset</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14756"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to application specific data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12079"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14761"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs
+an walk procedure should be interrupted.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-notes-compiling-unix.html b/docs/api/xmlsec-notes-compiling-unix.html
index 3541dc8e..476552ea 100644
--- a/docs/api/xmlsec-notes-compiling-unix.html
+++ b/docs/api/xmlsec-notes-compiling-unix.html
@@ -174,7 +174,7 @@ clean:
 		</p>
 <div class="EXAMPLE">
 <a name="AEN86"></a><p><b>Example 6. Using xmlsec1-config script in a Makefile
-		    to select crypto engine (gnutls) at linking time.</b></p>
+		    to select crypto engine (e.g. gnutls) at linking time.</b></p>
 <pre class="PROGRAMLISTING">PROGRAM = test
 PROGRAM_FILES = test.c
 
diff --git a/docs/api/xmlsec-notes-contexts.html b/docs/api/xmlsec-notes-contexts.html
index 247f83f6..21d879f9 100644
--- a/docs/api/xmlsec-notes-contexts.html
+++ b/docs/api/xmlsec-notes-contexts.html
@@ -157,13 +157,13 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* limit the Reference URI attributes to empty or NULL */
     dsigCtx-&gt;enabledReferenceUris = xmlSecTransformUriTypeEmpty;
     
-    /* limit allowed transforms for siganture and reference processing */
+    /* limit allowed transforms for signature and reference processing */
     if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformSha1Id) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformRsaSha1Id) &lt; 0)) {
 
-        fprintf(stderr,"Error: failed to limit allowed siganture transforms\n");
+        fprintf(stderr,"Error: failed to limit allowed signature transforms\n");
 	goto done;
     }
     if((xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformInclC14NId) &lt; 0) ||
diff --git a/docs/api/xmlsec-notes-init-shutdown.html b/docs/api/xmlsec-notes-init-shutdown.html
index 63bf65e1..a86c318d 100644
--- a/docs/api/xmlsec-notes-init-shutdown.html
+++ b/docs/api/xmlsec-notes-init-shutdown.html
@@ -95,7 +95,7 @@
 <ul>
 <li><p>libxml library;</p></li>
 <li><p>libxslt library;</p></li>
-<li><p>crypto library (OpenSSL, GnuTLS, NSS, ...);</p></li>
+<li><p>crypto library (OpenSSL, GnuTLS, GCrypt, NSS, ...);</p></li>
 <li><p>xmlsec library 
 		(<a href="xmlsec-xmlsec.html#XMLSECINIT">xmlSecInit</a> 
 		and <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN">xmlSecShutdown</a> 
diff --git a/docs/api/xmlsec-notes-new-crypto-skeleton.html b/docs/api/xmlsec-notes-new-crypto-skeleton.html
index fcdebf4f..979bbe34 100644
--- a/docs/api/xmlsec-notes-new-crypto-skeleton.html
+++ b/docs/api/xmlsec-notes-new-crypto-skeleton.html
@@ -239,7 +239,7 @@ src/mycrypto/Makefile
 	library):
 	<div class="EXAMPLE">
 <a name="AEN532"></a><p><b>Example 5. Compiling the results.</b></p>
-<pre class="PROGRAMLISTING">./autogen.sh --without-openssl --without-nss --without-gnutls \
+<pre class="PROGRAMLISTING">./autogen.sh --without-openssl --without-nss --without-gnutls --without-gcrypt \
     	     --with-mycrypto=$HOME --disable-tmpl-tests
 make	
 	    </pre>
diff --git a/docs/api/xmlsec-notes-new-crypto.html b/docs/api/xmlsec-notes-new-crypto.html
index e6e76857..ef8b4d00 100644
--- a/docs/api/xmlsec-notes-new-crypto.html
+++ b/docs/api/xmlsec-notes-new-crypto.html
@@ -102,7 +102,7 @@
 <h1 class="SECT1"><a name="XMLSEC-NOTES-NEW-CRYPTO-OVERVIEW">Overview.</a></h1>
 <p>XML Security Library can support practicaly any cryptographic
     library. Currently, it has "out-of-the-box" support for OpenSSL,
-    NSS and GnuTLS. If your favorite library is not supported yet then
+    MSCrypto, NSS, GnuTLS and GCrypt. If your favorite library is not supported yet then
     you can write necessary code yourself. If you and your company
     (university, ...) are willing to share the results of your work I would 
     be happy to add support for new libraries to the main XML Security 
@@ -111,7 +111,7 @@
     <a href="xmlsec-notes-structure.html">separates</a> 
     the cryptographic library (engine) 
     specific code in an "xmlsec-&lt;crypto&gt;" library (where "&lt;crypto&gt;" is 
-    "openssl", "gnutls", "nss", etc.) which includes following items:
+    "openssl", "mscrypt", "gnutls", "gcrypt", "nss", etc.) which includes following items:
     </p>
 <p></p>
 <ul>
diff --git a/docs/api/xmlsec-notes-overview.html b/docs/api/xmlsec-notes-overview.html
index ba56bbe2..c27b9be9 100644
--- a/docs/api/xmlsec-notes-overview.html
+++ b/docs/api/xmlsec-notes-overview.html
@@ -90,7 +90,7 @@
 <p>XML Security Library provides support for XML Digital Signature 
 	and XML Encryption. It is based on LibXML/LibXSLT and can use
 	practicaly any crypto library (currently there is "out of the box" 
-	support for OpenSSL, GnuTLS and NSS).
+	support for OpenSSL, MSCrypto, GnuTLS, GCrypt and NSS).
 	</p>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-notes-sign.html b/docs/api/xmlsec-notes-sign.html
index 4e746c66..5ba58e48 100644
--- a/docs/api/xmlsec-notes-sign.html
+++ b/docs/api/xmlsec-notes-sign.html
@@ -86,7 +86,7 @@
 </tr></table>
 <br clear="all"><div class="SECT1">
 <h1 class="SECT1"><a name="XMLSEC-NOTES-SIGN">Signing a document.</a></h1>
-<p>The typical siganture process includes following steps:
+<p>The typical signature process includes following steps:
 	  </p>
 <p></p>
 <ul>
diff --git a/docs/api/xmlsec-notes-structure.html b/docs/api/xmlsec-notes-structure.html
index f9dd86b5..ba89d19f 100644
--- a/docs/api/xmlsec-notes-structure.html
+++ b/docs/api/xmlsec-notes-structure.html
@@ -89,7 +89,8 @@
 <a name="XMLSEC-NOTES-STRUCTURE"></a>XML Security Library Structure.</h1>
 <p>In order to provide the an ability to use different crypto engines, 
 	the XML Security Library is splitted in two parts: core library (xmlsec)
-	and crypto library (xmlsec-openssl, xmlsec-gnutls, xmlsec-nss, ...). 
+	and crypto library (xmlsec-openssl, xmlsec-mscrypt, xmlsec-gnutls, 
+	xmlsec-gcrypt, xmlsec-nss, ...).
 	</p>
 <div class="FIGURE">
 <a name="AEN28"></a><p><b>Figure 1. The library structure and dependencies.</b></p>
diff --git a/docs/api/xmlsec-notes-verify.html b/docs/api/xmlsec-notes-verify.html
index 05a95fb9..da3847f2 100644
--- a/docs/api/xmlsec-notes-verify.html
+++ b/docs/api/xmlsec-notes-verify.html
@@ -86,7 +86,7 @@
 </tr></table>
 <br clear="all"><div class="SECT1">
 <h1 class="SECT1"><a name="XMLSEC-NOTES-VERIFY">Verifying a signed document</a></h1>
-<p>The typical siganture verification process includes following steps:
+<p>The typical signature verification process includes following steps:
 	  </p>
 <p></p>
 <ul>
diff --git a/docs/api/xmlsec-nss-app.html b/docs/api/xmlsec-nss-app.html
index 54a49dcd..a58fa9d7 100644
--- a/docs/api/xmlsec-nss-app.html
+++ b/docs/api/xmlsec-nss-app.html
@@ -87,74 +87,74 @@
 <h1>
 <a name="XMLSEC-NSS-APP"></a>app</h1>
 <div class="REFNAMEDIV">
-<a name="AEN25422"></a><h2>Name</h2>app -- Application functions implementation for NSS.</div>
+<a name="AEN35063"></a><h2>Name</h2>app -- Application functions implementation for NSS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-APP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPINIT">xmlSecNssAppInit</a>                    (const <font>char</font> *config);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPSHUTDOWN">xmlSecNssAppShutdown</a>                (void);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT">xmlSecNssAppDefaultKeysMngrInit</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecNssAppDefaultKeysMngrAdoptKey</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRLOAD">xmlSecNssAppDefaultKeysMngrLoad</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRSAVE">xmlSecNssAppDefaultKeysMngrSave</a>     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOAD">xmlSecNssAppKeysMngrCertLoad</a>        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOADMEMORY">xmlSecNssAppKeysMngrCertLoadMemory</a>  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOADSECITEM">xmlSecNssAppKeysMngrCertLoadSECItem</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOAD">xmlSecNssAppKeyLoad</a>                 (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOADMEMORY">xmlSecNssAppKeyLoadMemory</a>           (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOADSECITEM">xmlSecNssAppKeyLoadSECItem</a>          (<font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOAD">xmlSecNssAppPkcs12Load</a>              (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOADMEMORY">xmlSecNssAppPkcs12LoadMemory</a>        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOADSECITEM">xmlSecNssAppPkcs12LoadSECItem</a>       (<font>SECItem</font> *secItem,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOAD">xmlSecNssAppKeyCertLoad</a>             (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOADMEMORY">xmlSecNssAppKeyCertLoadMemory</a>       (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOADSECITEM">xmlSecNssAppKeyCertLoadSECItem</a>      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYFROMCERTLOADSECITEM">xmlSecNssAppKeyFromCertLoadSECItem</a>  (<font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>void</font>*               <a href="xmlsec-nss-app.html#XMLSECNSSAPPGETDEFAULTPWDCALLBACK">xmlSecNssAppGetDefaultPwdCallback</a>   (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecNssAppDefaultKeysMngrAdoptKey</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT">xmlSecNssAppDefaultKeysMngrInit</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRLOAD">xmlSecNssAppDefaultKeysMngrLoad</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRSAVE">xmlSecNssAppDefaultKeysMngrSave</a>     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-nss-app.html#XMLSECNSSAPPGETDEFAULTPWDCALLBACK">xmlSecNssAppGetDefaultPwdCallback</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPINIT">xmlSecNssAppInit</a>                    (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOAD">xmlSecNssAppKeyCertLoad</a>             (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOADMEMORY">xmlSecNssAppKeyCertLoadMemory</a>       (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYCERTLOADSECITEM">xmlSecNssAppKeyCertLoadSECItem</a>      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYFROMCERTLOADSECITEM">xmlSecNssAppKeyFromCertLoadSECItem</a>  (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOAD">xmlSecNssAppKeyLoad</a>                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOADMEMORY">xmlSecNssAppKeyLoadMemory</a>           (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYLOADSECITEM">xmlSecNssAppKeyLoadSECItem</a>          (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOAD">xmlSecNssAppKeysMngrCertLoad</a>        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOADMEMORY">xmlSecNssAppKeysMngrCertLoadMemory</a>  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPKEYSMNGRCERTLOADSECITEM">xmlSecNssAppKeysMngrCertLoadSECItem</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOAD">xmlSecNssAppPkcs12Load</a>              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOADMEMORY">xmlSecNssAppPkcs12LoadMemory</a>        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-nss-app.html#XMLSECNSSAPPPKCS12LOADSECITEM">xmlSecNssAppPkcs12LoadSECItem</a>       (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-app.html#XMLSECNSSAPPSHUTDOWN">xmlSecNssAppShutdown</a>                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-APP.DESCRIPTION"></a><h2>Description</h2>
@@ -163,591 +163,571 @@
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-APP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPINIT"></a><h3>xmlSecNssAppInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppInit                    (const <font>char</font> *config);</pre>
-<p>General crypto engine initialization. This function is used
-by XMLSec command line utility and called before 
-<code class="PARAMETER">xmlSecInit</code> function.</p>
-<p></p>
+<a name="XMLSECNSSAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecNssAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppDefaultKeysMngrAdoptKey (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecNssAppDefaultKeysMngrInit</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25547"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the path to NSS database files.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35346"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25552"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35351"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN35356"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPSHUTDOWN"></a><h3>xmlSecNssAppShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppShutdown                (void);</pre>
-<p>General crypto engine shutdown. This function is used
-by XMLSec command line utility and called after 
-<code class="PARAMETER">xmlSecShutdown</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN25567"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECNSSAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecNssAppDefaultKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppDefaultKeysMngrInit     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppDefaultKeysMngrInit     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
 <p>Initializes <code class="PARAMETER">mngr</code> with NSS keys store <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREID"><span class="TYPE">xmlSecNssKeysStoreId</span></a>
 and a default NSS crypto key data stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25585"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35376"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25590"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35381"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecNssAppDefaultKeysMngrAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppDefaultKeysMngrAdoptKey (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecNssAppDefaultKeysMngrInit</span></a>
-function.</p>
-<p></p>
+<a name="XMLSECNSSAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecNssAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppDefaultKeysMngrLoad     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecNssAppDefaultKeysMngrInit</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25610"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35405"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25615"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35410"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25620"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35415"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecNssAppDefaultKeysMngrLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppDefaultKeysMngrLoad     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);</pre>
-<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created 
-with <a href="xmlsec-nss-app.html#XMLSECNSSAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecNssAppDefaultKeysMngrInit</span></a> function.</p>
-<p></p>
+<a name="XMLSECNSSAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecNssAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppDefaultKeysMngrSave     (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25640"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35439"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN35444"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25645"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35449"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25650"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35454"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecNssAppDefaultKeysMngrSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppDefaultKeysMngrSave     (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
+<a name="XMLSECNSSAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecNssAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecNssAppGetDefaultPwdCallback   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN35470"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSAPPINIT"></a><h3>xmlSecNssAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppInit                    (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25668"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25673"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25678"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the type of keys to save (public/private/symmetric).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35488"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to NSS database files.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25683"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35493"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecNssAppKeysMngrCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeysMngrCertLoad        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code></p>
-<p></p>
+<a name="XMLSECNSSAPPKEYCERTLOAD"></a><h3>xmlSecNssAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeyCertLoad             (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25703"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25708"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate file.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35517"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25713"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format (PEM or DER).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35522"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25718"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate type (trusted/untrusted).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35527"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25723"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35532"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecNssAppKeysMngrCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeysMngrCertLoadMemory  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">data</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code></p>
-<p></p>
+<a name="XMLSECNSSAPPKEYCERTLOADMEMORY"></a><h3>xmlSecNssAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeyCertLoadMemory       (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from <code class="PARAMETER">data</code> and adds it to key</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25744"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35559"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25749"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35564"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25754"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35569"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25759"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate format (PEM or DER).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35574"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25764"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate type (trusted/untrusted).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN25769"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35579"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYSMNGRCERTLOADSECITEM"></a><h3>xmlSecNssAppKeysMngrCertLoadSECItem ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeysMngrCertLoadSECItem (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">secItem</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code></p>
-<p></p>
+<a name="XMLSECNSSAPPKEYCERTLOADSECITEM"></a><h3>xmlSecNssAppKeyCertLoadSECItem ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeyCertLoadSECItem      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from <code class="PARAMETER">secItem</code> and adds it to key</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25789"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35603"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN35608"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to SECItem.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25794"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to SECItem.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35613"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25799"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate format (PEM or DER).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35618"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSAPPKEYFROMCERTLOADSECITEM"></a><h3>xmlSecNssAppKeyFromCertLoadSECItem ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppKeyFromCertLoadSECItem  (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Loads public key from cert.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN35638"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <code class="PARAMETER">SECItem</code> object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25804"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate type (trusted/untrusted).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35644"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the cert format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25809"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35649"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSAPPKEYLOAD"></a><h3>xmlSecNssAppKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppKeyLoad                 (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppKeyLoad                 (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from a file</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25828"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35678"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25833"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35683"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25838"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35688"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25843"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35693"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25848"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35698"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25853"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35703"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSAPPKEYLOADMEMORY"></a><h3>xmlSecNssAppKeyLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppKeyLoadMemory           (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppKeyLoadMemory           (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from a binary <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25874"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35736"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25879"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35741"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25884"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35746"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25889"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key data2 password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35751"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key data2 password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25894"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35756"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25899"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35761"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25904"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35766"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSAPPKEYLOADSECITEM"></a><h3>xmlSecNssAppKeyLoadSECItem ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppKeyLoadSECItem          (<font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppKeyLoadSECItem          (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from a file</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25923"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to sec item.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35795"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to sec item.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25928"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35800"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25933"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35805"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25938"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35810"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25943"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35815"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25948"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35820"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPPKCS12LOAD"></a><h3>xmlSecNssAppPkcs12Load ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppPkcs12Load              (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 file.
-For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECNSSAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecNssAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeysMngrCertLoad        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code></p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25966"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35848"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25971"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35853"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25976"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35858"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format (PEM or DER).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25981"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35863"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN25986"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35868"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPPKCS12LOADMEMORY"></a><h3>xmlSecNssAppPkcs12LoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppPkcs12LoadMemory        (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 binary data.
-For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECNSSAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecNssAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeysMngrCertLoadMemory  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code></p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26005"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35899"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26010"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35904"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26015"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35909"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26020"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35914"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate format (PEM or DER).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26025"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35919"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26030"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35924"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPPKCS12LOADSECITEM"></a><h3>xmlSecNssAppPkcs12LoadSECItem ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppPkcs12LoadSECItem       (<font>SECItem</font> *secItem,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 SECItem.
-For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECNSSAPPKEYSMNGRCERTLOADSECITEM"></a><h3>xmlSecNssAppKeysMngrCertLoadSECItem ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppKeysMngrCertLoadSECItem (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">secItem</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code></p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26048"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the <code class="PARAMETER">SECItem</code> object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35952"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26054"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35957"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to SECItem.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26059"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35962"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate format (PEM or DER).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26064"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35967"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26069"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35972"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYCERTLOAD"></a><h3>xmlSecNssAppKeyCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeyCertLoad             (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key</p>
-<p></p>
+<a name="XMLSECNSSAPPPKCS12LOAD"></a><h3>xmlSecNssAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppPkcs12Load              (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file.
+For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26087"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN35998"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36003"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26092"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36008"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26097"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36013"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26102"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36018"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYCERTLOADMEMORY"></a><h3>xmlSecNssAppKeyCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeyCertLoadMemory       (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from <code class="PARAMETER">data</code> and adds it to key</p>
-<p></p>
+<a name="XMLSECNSSAPPPKCS12LOADMEMORY"></a><h3>xmlSecNssAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppPkcs12LoadMemory        (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 binary data.
+For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26121"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36047"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26126"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36052"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26131"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36057"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26136"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36062"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26141"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36067"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36072"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYCERTLOADSECITEM"></a><h3>xmlSecNssAppKeyCertLoadSECItem ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssAppKeyCertLoadSECItem      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from <code class="PARAMETER">secItem</code> and adds it to key</p>
-<p></p>
+<a name="XMLSECNSSAPPPKCS12LOADSECITEM"></a><h3>xmlSecNssAppPkcs12LoadSECItem ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecNssAppPkcs12LoadSECItem       (<code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *secItem</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 SECItem.
+For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26159"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36098"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <code class="PARAMETER">SECItem</code> object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26164"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to SECItem.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36104"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26169"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36109"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26174"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36114"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECNSSAPPKEYFROMCERTLOADSECITEM"></a><h3>xmlSecNssAppKeyFromCertLoadSECItem ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecNssAppKeyFromCertLoadSECItem  (<font>SECItem</font> *secItem,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Loads public key from cert.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26190"><span style="white-space: nowrap"><code class="PARAMETER">secItem</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the <code class="PARAMETER">SECItem</code> object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26196"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the cert format.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26201"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36119"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecNssAppGetDefaultPwdCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>*               xmlSecNssAppGetDefaultPwdCallback   (void);</pre>
-<p>Gets default password callback.</p>
-<p></p>
+<a name="XMLSECNSSAPPSHUTDOWN"></a><h3>xmlSecNssAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssAppShutdown                (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26215"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> default password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36136"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 </div>
diff --git a/docs/api/xmlsec-nss-bignum.html b/docs/api/xmlsec-nss-bignum.html
index e4919f88..91b71825 100644
--- a/docs/api/xmlsec-nss-bignum.html
+++ b/docs/api/xmlsec-nss-bignum.html
@@ -87,15 +87,15 @@
 <h1>
 <a name="XMLSEC-NSS-BIGNUM"></a>bignum</h1>
 <div class="REFNAMEDIV">
-<a name="AEN26225"></a><h2>Name</h2>bignum -- Big numbers helper functions.</div>
+<a name="AEN36146"></a><h2>Name</h2>bignum -- Big numbers helper functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-BIGNUM.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>SECItem</font>*            <a href="xmlsec-nss-bignum.html#XMLSECNSSNODEGETBIGNUMVALUE">xmlSecNssNodeGetBigNumValue</a>         (<font>PRArenaPool</font> *arena,
-                                                         const <font>xmlNodePtr</font> cur,
-                                                         <font>SECItem</font> *a);
-<font>int</font>                 <a href="xmlsec-nss-bignum.html#XMLSECNSSNODESETBIGNUMVALUE">xmlSecNssNodeSetBigNumValue</a>         (<font>xmlNodePtr</font> cur,
-                                                         const <font>SECItem</font> *a,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="SECITEM"><span class="RETURNVALUE">SECItem</span></gtkdoclink> *           <a href="xmlsec-nss-bignum.html#XMLSECNSSNODEGETBIGNUMVALUE">xmlSecNssNodeGetBigNumValue</a>         (<code class="PARAMETER"><gtkdoclink href="PRARENAPOOL"><span class="TYPE">PRArenaPool</span></gtkdoclink> *arena</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *a</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-bignum.html#XMLSECNSSNODESETBIGNUMVALUE">xmlSecNssNodeSetBigNumValue</a>         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *a</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-BIGNUM.DESCRIPTION"></a><h2>Description</h2>
@@ -105,31 +105,30 @@
 <a name="XMLSEC-NSS-BIGNUM.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECNSSNODEGETBIGNUMVALUE"></a><h3>xmlSecNssNodeGetBigNumValue ()</h3>
-<pre class="PROGRAMLISTING"><font>SECItem</font>*            xmlSecNssNodeGetBigNumValue         (<font>PRArenaPool</font> *arena,
-                                                         const <font>xmlNodePtr</font> cur,
-                                                         <font>SECItem</font> *a);</pre>
-<p>Converts the node content from CryptoBinary format 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>) 
+<pre class="PROGRAMLISTING"><gtkdoclink href="SECITEM"><span class="RETURNVALUE">SECItem</span></gtkdoclink> *           xmlSecNssNodeGetBigNumValue         (<code class="PARAMETER"><gtkdoclink href="PRARENAPOOL"><span class="TYPE">PRArenaPool</span></gtkdoclink> *arena</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *a</code>);</pre>
+<p>Converts the node content from CryptoBinary format
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>)
 to a SECItem. If no SECItem object provided then a new
 one is created (caller is responsible for freeing it).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26260"><span style="white-space: nowrap"><code class="PARAMETER">arena</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the arena from which to allocate memory</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36201"><span style="white-space: nowrap"><code class="PARAMETER">arena</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the arena from which to allocate memory</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26265"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the poitner to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36206"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poitner to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26270"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a SECItem object to hold the BigNum value</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36211"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a SECItem object to hold the BigNum value</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26275"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a pointer to SECItem produced from CryptoBinary string
+<td align="LEFT" valign="TOP"><a name="AEN36216"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to SECItem produced from CryptoBinary string
 or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -137,34 +136,33 @@ or NULL if an error occurs.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSNODESETBIGNUMVALUE"></a><h3>xmlSecNssNodeSetBigNumValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssNodeSetBigNumValue         (<font>xmlNodePtr</font> cur,
-                                                         const <font>SECItem</font> *a,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssNodeSetBigNumValue         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="SECITEM"><span class="TYPE">SECItem</span></gtkdoclink> *a</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
 <p>Converts SECItem to CryptoBinary string
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>) 
-and sets it as the content of the given node. If the 
-addLineBreaks is set then line breaks are added 
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>)
+and sets it as the content of the given node. If the
+addLineBreaks is set then line breaks are added
 before and after the CryptoBinary string.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26294"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36241"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26299"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a SECItem containing the BigNum value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36246"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a SECItem containing the BigNum value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26304"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> if the flag is equal to 1 then 
-	linebreaks will be added before and after
-	new buffer content.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36251"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>if the flag is equal to 1 then
+linebreaks will be added before and after
+new buffer content.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26309"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or -1 otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36256"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or -1 otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-nss-crypto.html b/docs/api/xmlsec-nss-crypto.html
index aea87106..b08cc5a5 100644
--- a/docs/api/xmlsec-nss-crypto.html
+++ b/docs/api/xmlsec-nss-crypto.html
@@ -87,78 +87,102 @@
 <h1>
 <a name="XMLSEC-NSS-CRYPTO"></a>crypto</h1>
 <div class="REFNAMEDIV">
-<a name="AEN26319"></a><h2>Name</h2>crypto -- Crypto transforms implementation for NSS.</div>
+<a name="AEN36266"></a><h2>Name</h2>crypto -- Crypto transforms implementation for NSS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-CRYPTO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-nss-crypto.html#XMLSECCRYPTOGETFUNCTIONS-NSS">xmlSecCryptoGetFunctions_nss</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSINIT">xmlSecNssInit</a>                       (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSSHUTDOWN">xmlSecNssShutdown</a>                   (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYSMNGRINIT">xmlSecNssKeysMngrInit</a>               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSGENERATERANDOM">xmlSecNssGenerateRandom</a>             (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>void</font>                <a href="xmlsec-nss-crypto.html#XMLSECNSSERRORSDEFAULTCALLBACK">xmlSecNssErrorsDefaultCallback</a>      (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);
-<font>PK11SlotInfo</font> *      <a href="xmlsec-nss-crypto.html#XMLSECNSSGETINTERNALKEYSLOT">xmlSecNssGetInternalKeySlot</a>         (void);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECCRYPTOGETFUNCTIONS-NSS">xmlSecCryptoGetFunctions_nss</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSERRORSDEFAULTCALLBACK">xmlSecNssErrorsDefaultCallback</a>      (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSGENERATERANDOM">xmlSecNssGenerateRandom</a>             (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="PK11SLOTINFO"><span class="RETURNVALUE">PK11SlotInfo</span></gtkdoclink> *      <a href="xmlsec-nss-crypto.html#XMLSECNSSGETINTERNALKEYSLOT">xmlSecNssGetInternalKeySlot</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSHMACGETMINOUTPUTLENGTH">xmlSecNssHmacGetMinOutputLength</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSHMACSETMINOUTPUTLENGTH">xmlSecNssHmacSetMinOutputLength</a>     (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSINIT">xmlSecNssInit</a>                       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAAESGETKLASS">xmlSecNssKeyDataAesGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAAESID">xmlSecNssKeyDataAesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAAESGETKLASS">xmlSecNssKeyDataAesGetKlass</a>         (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAAESSET">xmlSecNssKeyDataAesSet</a>              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAAESSET">xmlSecNssKeyDataAesSet</a>              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESGETKLASS">xmlSecNssKeyDataDesGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESID">xmlSecNssKeyDataDesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESSET">xmlSecNssKeyDataDesSet</a>              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADSAGETKLASS">xmlSecNssKeyDataDsaGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADSAID">xmlSecNssKeyDataDsaId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACGETKLASS">xmlSecNssKeyDataHmacGetKlass</a>        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACID">xmlSecNssKeyDataHmacId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACSET">xmlSecNssKeyDataHmacSet</a>             (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATARSAGETKLASS">xmlSecNssKeyDataRsaGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATARSAID">xmlSecNssKeyDataRsaId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSKEYSMNGRINIT">xmlSecNssKeysMngrInit</a>               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSSHUTDOWN">xmlSecNssShutdown</a>                   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES128CBCGETKLASS">xmlSecNssTransformAes128CbcGetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES128CBCID">xmlSecNssTransformAes128CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES128CBCGETKLASS">xmlSecNssTransformAes128CbcGetKlass</a> (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES192CBCGETKLASS">xmlSecNssTransformAes192CbcGetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES192CBCID">xmlSecNssTransformAes192CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES192CBCGETKLASS">xmlSecNssTransformAes192CbcGetKlass</a> (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES256CBCGETKLASS">xmlSecNssTransformAes256CbcGetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES256CBCID">xmlSecNssTransformAes256CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMAES256CBCGETKLASS">xmlSecNssTransformAes256CbcGetKlass</a> (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128ID">xmlSecNssTransformKWAes128Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128GETKLASS">xmlSecNssTransformKWAes128GetKlass</a>  (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES192ID">xmlSecNssTransformKWAes192Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES192GETKLASS">xmlSecNssTransformKWAes192GetKlass</a>  (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES256ID">xmlSecNssTransformKWAes256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES256GETKLASS">xmlSecNssTransformKWAes256GetKlass</a>  (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESID">xmlSecNssKeyDataDesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESGETKLASS">xmlSecNssKeyDataDesGetKlass</a>         (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADESSET">xmlSecNssKeyDataDesSet</a>              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDES3CBCGETKLASS">xmlSecNssTransformDes3CbcGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDES3CBCID">xmlSecNssTransformDes3CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDES3CBCGETKLASS">xmlSecNssTransformDes3CbcGetKlass</a>   (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3ID">xmlSecNssTransformKWDes3Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3GETKLASS">xmlSecNssTransformKWDes3GetKlass</a>    (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADSAID">xmlSecNssKeyDataDsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATADSAGETKLASS">xmlSecNssKeyDataDsaGetKlass</a>         (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDSASHA1GETKLASS">xmlSecNssTransformDsaSha1GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDSASHA1ID">xmlSecNssTransformDsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMDSASHA1GETKLASS">xmlSecNssTransformDsaSha1GetKlass</a>   (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSHMACGETMINOUTPUTLENGTH">xmlSecNssHmacGetMinOutputLength</a>     (void);
-<font>void</font>                <a href="xmlsec-nss-crypto.html#XMLSECNSSHMACSETMINOUTPUTLENGTH">xmlSecNssHmacSetMinOutputLength</a>     (<font>int</font> min_length);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACID">xmlSecNssKeyDataHmacId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACGETKLASS">xmlSecNssKeyDataHmacGetKlass</a>        (void);
-<font>int</font>                 <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATAHMACSET">xmlSecNssKeyDataHmacSet</a>             (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACMD5GETKLASS">xmlSecNssTransformHmacMd5GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACMD5ID">xmlSecNssTransformHmacMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACMD5GETKLASS">xmlSecNssTransformHmacMd5GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACRIPEMD160GETKLASS">xmlSecNssTransformHmacRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACRIPEMD160ID">xmlSecNssTransformHmacRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACRIPEMD160GETKLASS">xmlSecNssTransformHmacRipemd160GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA1GETKLASS">xmlSecNssTransformHmacSha1GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA1ID">xmlSecNssTransformHmacSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA1GETKLASS">xmlSecNssTransformHmacSha1GetKlass</a>  (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATARSAID">xmlSecNssKeyDataRsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-crypto.html#XMLSECNSSKEYDATARSAGETKLASS">xmlSecNssKeyDataRsaGetKlass</a>         (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1ID">xmlSecNssTransformRsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1GETKLASS">xmlSecNssTransformRsaSha1GetKlass</a>   (void);
-#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1ID">xmlSecNssTransformRsaPkcs1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1GETKLASS">xmlSecNssTransformRsaPkcs1GetKlass</a>  (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA256GETKLASS">xmlSecNssTransformHmacSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA256ID">xmlSecNssTransformHmacSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA384GETKLASS">xmlSecNssTransformHmacSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA384ID">xmlSecNssTransformHmacSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA512GETKLASS">xmlSecNssTransformHmacSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMHMACSHA512ID">xmlSecNssTransformHmacSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128GETKLASS">xmlSecNssTransformKWAes128GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES128ID">xmlSecNssTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES192GETKLASS">xmlSecNssTransformKWAes192GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES192ID">xmlSecNssTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES256GETKLASS">xmlSecNssTransformKWAes256GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWAES256ID">xmlSecNssTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3GETKLASS">xmlSecNssTransformKWDes3GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMKWDES3ID">xmlSecNssTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMMD5GETKLASS">xmlSecNssTransformMd5GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMMD5ID">xmlSecNssTransformMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAMD5GETKLASS">xmlSecNssTransformRsaMd5GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAMD5ID">xmlSecNssTransformRsaMd5Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAOAEPGETKLASS">xmlSecNssTransformRsaOaepGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAOAEPID">xmlSecNssTransformRsaOaepId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAOAEPGETKLASS">xmlSecNssTransformRsaOaepGetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1GETKLASS">xmlSecNssTransformRsaPkcs1GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSAPKCS1ID">xmlSecNssTransformRsaPkcs1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1GETKLASS">xmlSecNssTransformRsaSha1GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA1ID">xmlSecNssTransformRsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA256GETKLASS">xmlSecNssTransformRsaSha256GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA256ID">xmlSecNssTransformRsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA384GETKLASS">xmlSecNssTransformRsaSha384GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA384ID">xmlSecNssTransformRsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA512GETKLASS">xmlSecNssTransformRsaSha512GetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMRSASHA512ID">xmlSecNssTransformRsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA1GETKLASS">xmlSecNssTransformSha1GetKlass</a>      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA1ID">xmlSecNssTransformSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA1GETKLASS">xmlSecNssTransformSha1GetKlass</a>      (void);</pre>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA256GETKLASS">xmlSecNssTransformSha256GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA256ID">xmlSecNssTransformSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA384GETKLASS">xmlSecNssTransformSha384GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA384ID">xmlSecNssTransformSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA512GETKLASS">xmlSecNssTransformSha512GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-crypto.html#XMLSECNSSTRANSFORMSHA512ID">xmlSecNssTransformSha512Id</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-CRYPTO.DESCRIPTION"></a><h2>Description</h2>
@@ -168,567 +192,653 @@
 <a name="XMLSEC-NSS-CRYPTO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECCRYPTOGETFUNCTIONS-NSS"></a><h3>xmlSecCryptoGetFunctions_nss ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoGetFunctions_nss
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoGetFunctions_nss (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>Gets the pointer to xmlsec-nss functions table.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26446"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the xmlsec-nss functions table or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36586"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the xmlsec-nss functions table or NULL if an error occurs.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSINIT"></a><h3>xmlSecNssInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssInit                       (void);</pre>
-<p>XMLSec library specific crypto engine initialization.</p>
+<a name="XMLSECNSSERRORSDEFAULTCALLBACK"></a><h3>xmlSecNssErrorsDefaultCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecNssErrorsDefaultCallback      (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);</pre>
+<p>The default errors reporting callback function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36621"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location file name (__FILE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36626"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36631"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function name (__FUNCTION__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36636"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36641"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36646"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36651"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the additional error message.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSGENERATERANDOM"></a><h3>xmlSecNssGenerateRandom ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssGenerateRandom             (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36673"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36678"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the numer of bytes to generate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36683"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSGETINTERNALKEYSLOT"></a><h3>xmlSecNssGetInternalKeySlot ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="PK11SLOTINFO"><span class="RETURNVALUE">PK11SlotInfo</span></gtkdoclink> *      xmlSecNssGetInternalKeySlot         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets internal NSS key slot.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26460"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36699"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>internal key slot and initializes it if needed.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSSHUTDOWN"></a><h3>xmlSecNssShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssShutdown                   (void);</pre>
-<p>XMLSec library specific crypto engine shutdown.</p>
-<p></p>
+<a name="XMLSECNSSHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecNssHmacGetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssHmacGetMinOutputLength     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the value of min HMAC length.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26474"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36715"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the min HMAC output length</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYSMNGRINIT"></a><h3>xmlSecNssKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeysMngrInit               (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Adds NSS specific key data stores in keys manager.</p>
+<a name="XMLSECNSSHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecNssHmacSetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecNssHmacSetMinOutputLength     (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);</pre>
+<p>Sets the min HMAC output length</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN36732"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new min length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSINIT"></a><h3>xmlSecNssInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssInit                       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine initialization.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26489"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26494"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN36748"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSGENERATERANDOM"></a><h3>xmlSecNssGenerateRandom ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssGenerateRandom             (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
+<a name="XMLSECNSSKEYDATAAESGETKLASS"></a><h3>xmlSecNssKeyDataAesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataAesGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN36764"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYDATAAESID"></a><h3>xmlSecNssKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataAesId</pre>
+<p>The AES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYDATAAESSET"></a><h3>xmlSecNssKeyDataAesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataAesSet              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of AES key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26512"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36793"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to AES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36798"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26517"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the numer of bytes to generate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36803"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26522"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36808"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSERRORSDEFAULTCALLBACK"></a><h3>xmlSecNssErrorsDefaultCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecNssErrorsDefaultCallback      (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
-<p>The default errors reporting callback function.</p>
+<a name="XMLSECNSSKEYDATADESGETKLASS"></a><h3>xmlSecNssKeyDataDesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataDesGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DES key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN36824"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYDATADESID"></a><h3>xmlSecNssKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataDesId</pre>
+<p>The DES key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYDATADESSET"></a><h3>xmlSecNssKeyDataDesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataDesSet              (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of DES key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26543"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location file name (__FILE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36853"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DES key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26548"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location line number (__LINE__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36858"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26553"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location function name (__FUNCTION__ macro).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36863"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26558"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26563"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26568"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error code.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26573"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the additional error message.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36868"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSGETINTERNALKEYSLOT"></a><h3>xmlSecNssGetInternalKeySlot ()</h3>
-<pre class="PROGRAMLISTING"><font>PK11SlotInfo</font> *      xmlSecNssGetInternalKeySlot         (void);</pre>
-<p>Gets internal NSS key slot.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATADSAGETKLASS"></a><h3>xmlSecNssKeyDataDsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataDsaGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26587"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> internal key slot and initializes it if needed.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36884"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to DSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAAESID"></a><h3>xmlSecNssKeyDataAesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataAesId</pre>
-<p>The AES key data klass.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATADSAID"></a><h3>xmlSecNssKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataDsaId</pre>
+<p>The DSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAAESGETKLASS"></a><h3>xmlSecNssKeyDataAesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataAesGetKlass         (void);</pre>
-<p>The AES key data klass.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAHMACGETKLASS"></a><h3>xmlSecNssKeyDataHmacGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataHmacGetKlass        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26608"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36906"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAAESSET"></a><h3>xmlSecNssKeyDataAesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataAesSet              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of AES key data.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAHMACID"></a><h3>xmlSecNssKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataHmacId</pre>
+<p>The DHMAC key data klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYDATAHMACSET"></a><h3>xmlSecNssKeyDataHmacSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataHmacSet             (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of HMAC key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26625"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to AES key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36935"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to HMAC key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26630"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36940"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26635"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36945"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN26640"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN36950"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMAES128CBCID"></a><h3>xmlSecNssTransformAes128CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes128CbcId</pre>
-<p>The AES128 CBC cipher transform klass.</p>
+<a name="XMLSECNSSKEYDATARSAGETKLASS"></a><h3>xmlSecNssKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataRsaGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN36966"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to RSA key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecNssTransformAes128CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformAes128CbcGetKlass (void);</pre>
-<p>AES 128 CBC encryption transform klass.</p>
+<a name="XMLSECNSSKEYDATARSAID"></a><h3>xmlSecNssKeyDataRsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataRsaId</pre>
+<p>The RSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSKEYSMNGRINIT"></a><h3>xmlSecNssKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeysMngrInit               (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Adds NSS specific key data stores in keys manager.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36989"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN36994"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSSHUTDOWN"></a><h3>xmlSecNssShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssShutdown                   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26661"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 128 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37010"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMAES192CBCID"></a><h3>xmlSecNssTransformAes192CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes192CbcId</pre>
-<p>The AES192 CBC cipher transform klass.</p>
+<a name="XMLSECNSSTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecNssTransformAes128CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformAes128CbcGetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 128 CBC encryption transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37026"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMAES128CBCID"></a><h3>xmlSecNssTransformAes128CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes128CbcId</pre>
+<p>The AES128 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecNssTransformAes192CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformAes192CbcGetKlass (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformAes192CbcGetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>AES 192 CBC encryption transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26682"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 192 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37048"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMAES256CBCID"></a><h3>xmlSecNssTransformAes256CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes256CbcId</pre>
-<p>The AES256 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMAES192CBCID"></a><h3>xmlSecNssTransformAes192CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes192CbcId</pre>
+<p>The AES192 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecNssTransformAes256CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformAes256CbcGetKlass (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformAes256CbcGetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>AES 256 CBC encryption transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26703"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 256 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37070"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES128ID"></a><h3>xmlSecNssTransformKWAes128Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes128Id</pre>
-<p>The AES 128 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMAES256CBCID"></a><h3>xmlSecNssTransformAes256CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformAes256CbcId</pre>
+<p>The AES256 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecNssTransformKWAes128GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformKWAes128GetKlass  (void);</pre>
-<p>The AES-128 key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecNssTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformDes3CbcGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26724"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-128 key wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37092"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES192ID"></a><h3>xmlSecNssTransformKWAes192Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes192Id</pre>
-<p>The AES 192 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMDES3CBCID"></a><h3>xmlSecNssTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformDes3CbcId</pre>
+<p>The Triple DES CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecNssTransformKWAes192GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformKWAes192GetKlass  (void);</pre>
-<p>The AES-192 key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecNssTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformDsaSha1GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26745"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-192 key wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES256ID"></a><h3>xmlSecNssTransformKWAes256Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes256Id</pre>
-<p>The AES 256 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMDSASHA1ID"></a><h3>xmlSecNssTransformDsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformDsaSha1Id</pre>
+<p>The DSA SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecNssTransformKWAes256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformKWAes256GetKlass  (void);</pre>
-<p>The AES-256 key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecNssTransformHmacMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacMd5GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-MD5 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26766"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-256 key wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37136"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATADESID"></a><h3>xmlSecNssKeyDataDesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataDesId</pre>
-<p>The DES key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACMD5ID"></a><h3>xmlSecNssTransformHmacMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacMd5Id</pre>
+<p>The HMAC with MD5 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATADESGETKLASS"></a><h3>xmlSecNssKeyDataDesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataDesGetKlass         (void);</pre>
-<p>The DES key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecNssTransformHmacRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-RIPEMD160 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26787"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-RIPEMD160 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATADESSET"></a><h3>xmlSecNssKeyDataDesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataDesSet              (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of DES key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26804"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DES key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26809"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26814"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26819"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECNSSTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecNssTransformHmacRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacRipemd160Id</pre>
+<p>The HMAC with RipeMD160 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMDES3CBCID"></a><h3>xmlSecNssTransformDes3CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformDes3CbcId</pre>
-<p>The Triple DES CBC cipher transform klass.</p>
+<a name="XMLSECNSSTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecNssTransformHmacSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacSha1GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA1 transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37180"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecNssTransformDes3CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformDes3CbcGetKlass   (void);</pre>
-<p>Triple DES CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA1ID"></a><h3>xmlSecNssTransformHmacSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacSha1Id</pre>
+<p>The HMAC with SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecNssTransformHmacSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA256 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26840"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to Triple DES encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37202"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWDES3ID"></a><h3>xmlSecNssTransformKWDes3Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWDes3Id</pre>
-<p>The DES3 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA256ID"></a><h3>xmlSecNssTransformHmacSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacSha256Id</pre>
+<p>The HMAC with SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecNssTransformKWDes3GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformKWDes3GetKlass    (void);</pre>
-<p>The Triple DES key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecNssTransformHmacSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA384 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26861"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Triple DES key wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37224"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATADSAID"></a><h3>xmlSecNssKeyDataDsaId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataDsaId</pre>
-<p>The DSA key klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA384ID"></a><h3>xmlSecNssTransformHmacSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacSha384Id</pre>
+<p>The HMAC with SHA384 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATADSAGETKLASS"></a><h3>xmlSecNssKeyDataDsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataDsaGetKlass         (void);</pre>
-<p>The DSA key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecNssTransformHmacSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformHmacSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA512 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26882"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to DSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37246"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMDSASHA1ID"></a><h3>xmlSecNssTransformDsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformDsaSha1Id</pre>
-<p>The DSA SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMHMACSHA512ID"></a><h3>xmlSecNssTransformHmacSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacSha512Id</pre>
+<p>The HMAC with SHA512 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecNssTransformDsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformDsaSha1GetKlass   (void);</pre>
-<p>The DSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecNssTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformKWAes128GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37268"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecNssHmacGetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssHmacGetMinOutputLength     (void);</pre>
-<p>Gets the value of min HMAC length.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMKWAES128ID"></a><h3>xmlSecNssTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes128Id</pre>
+<p>The AES 128 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecNssTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformKWAes192GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26917"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the min HMAC output length</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37290"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecNssHmacSetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecNssHmacSetMinOutputLength     (<font>int</font> min_length);</pre>
-<p>Sets the min HMAC output length</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMKWAES192ID"></a><h3>xmlSecNssTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes192Id</pre>
+<p>The AES 192 key wrap transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecNssTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformKWAes256GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26932"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the new min length </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37312"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAHMACID"></a><h3>xmlSecNssKeyDataHmacId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataHmacId</pre>
-<p>The DHMAC key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMKWAES256ID"></a><h3>xmlSecNssTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWAes256Id</pre>
+<p>The AES 256 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAHMACGETKLASS"></a><h3>xmlSecNssKeyDataHmacGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataHmacGetKlass        (void);</pre>
-<p>The HMAC key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecNssTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformKWDes3GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN26953"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HMAC key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37334"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAHMACSET"></a><h3>xmlSecNssKeyDataHmacSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataHmacSet             (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of HMAC key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26970"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to HMAC key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26975"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26980"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN26985"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECNSSTRANSFORMKWDES3ID"></a><h3>xmlSecNssTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformKWDes3Id</pre>
+<p>The DES3 KW transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACMD5ID"></a><h3>xmlSecNssTransformHmacMd5Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacMd5Id</pre>
-<p>The HMAC with MD5 signature transform klass.</p>
+<a name="XMLSECNSSTRANSFORMMD5GETKLASS"></a><h3>xmlSecNssTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformMd5GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>MD5 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37356"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MD5 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecNssTransformHmacMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformHmacMd5GetKlass   (void);</pre>
-<p>The HMAC-MD5 transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMMD5ID"></a><h3>xmlSecNssTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformMd5Id</pre>
+<p>The MD5 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecNssTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaMd5GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27006"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-MD5 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37378"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecNssTransformHmacRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacRipemd160Id</pre>
-<p>The HMAC with RipeMD160 signature transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSAMD5ID"></a><h3>xmlSecNssTransformRsaMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaMd5Id</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecNssTransformHmacRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformHmacRipemd160GetKlass
-                                                        (void);</pre>
-<p>The HMAC-RIPEMD160 transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecNssTransformRsaOaepGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaOaepGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-PKCS1 key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27027"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-RIPEMD160 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37400"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-PKCS1 key transport transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACSHA1ID"></a><h3>xmlSecNssTransformHmacSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformHmacSha1Id</pre>
-<p>The HMAC with SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSAOAEPID"></a><h3>xmlSecNssTransformRsaOaepId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaOaepId</pre>
+<p>The RSA OAEP key transport transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecNssTransformHmacSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformHmacSha1GetKlass  (void);</pre>
-<p>The HMAC-SHA1 transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecNssTransformRsaPkcs1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaPkcs1GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-PKCS1 key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27048"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA1 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37422"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-PKCS1 key transport transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATARSAID"></a><h3>xmlSecNssKeyDataRsaId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataRsaId</pre>
-<p>The RSA key klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSAPKCS1ID"></a><h3>xmlSecNssTransformRsaPkcs1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaPkcs1Id</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATARSAGETKLASS"></a><h3>xmlSecNssKeyDataRsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataRsaGetKlass         (void);</pre>
-<p>The RSA key data klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecNssTransformRsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaSha1GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27069"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to RSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37444"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -736,56 +846,67 @@
 <a name="XMLSECNSSTRANSFORMRSASHA1ID"></a><h3>xmlSecNssTransformRsaSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaSha1Id</pre>
 <p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecNssTransformRsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformRsaSha1GetKlass   (void);</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecNssTransformRsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaSha256GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27090"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37466"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMRSAPKCS1ID"></a><h3>xmlSecNssTransformRsaPkcs1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaPkcs1Id</pre>
-<p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSASHA256ID"></a><h3>xmlSecNssTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaSha256Id</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecNssTransformRsaPkcs1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformRsaPkcs1GetKlass  (void);</pre>
-<p>The RSA-PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecNssTransformRsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaSha384GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27111"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-PKCS1 key transport transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37488"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMRSAOAEPID"></a><h3>xmlSecNssTransformRsaOaepId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaOaepId</pre>
-<p>The RSA OAEP key transport transform klass.</p>
-<p></p>
+<a name="XMLSECNSSTRANSFORMRSASHA384ID"></a><h3>xmlSecNssTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaSha384Id</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecNssTransformRsaOaepGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformRsaOaepGetKlass   (void);</pre>
-<p>The RSA-PKCS1 key transport transform klass.</p>
+<a name="XMLSECNSSTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecNssTransformRsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformRsaSha512GetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37510"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMRSASHA512ID"></a><h3>xmlSecNssTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformRsaSha512Id</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA1GETKLASS"></a><h3>xmlSecNssTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformSha1GetKlass      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27132"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-PKCS1 key transport transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37532"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -793,20 +914,58 @@
 <a name="XMLSECNSSTRANSFORMSHA1ID"></a><h3>xmlSecNssTransformSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecNssTransformSha1Id</pre>
 <p>The SHA1 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA256GETKLASS"></a><h3>xmlSecNssTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformSha256GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA256 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37554"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA256 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSTRANSFORMSHA1GETKLASS"></a><h3>xmlSecNssTransformSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecNssTransformSha1GetKlass      (void);</pre>
-<p>SHA-1 digest transform klass.</p>
+<a name="XMLSECNSSTRANSFORMSHA256ID"></a><h3>xmlSecNssTransformSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformSha256Id</pre>
+<p>The SHA256 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA384GETKLASS"></a><h3>xmlSecNssTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformSha384GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA384 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN37576"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA384 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA384ID"></a><h3>xmlSecNssTransformSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformSha384Id</pre>
+<p>The SHA384 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA512GETKLASS"></a><h3>xmlSecNssTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecNssTransformSha512GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA512 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27153"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-1 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37598"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA512 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSTRANSFORMSHA512ID"></a><h3>xmlSecNssTransformSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssTransformSha512Id</pre>
+<p>The SHA512 digest transform klass.</p>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-nss-bignum.html"><b>&lt;&lt;&lt; bignum</b></a></td>
diff --git a/docs/api/xmlsec-nss-keysstore.html b/docs/api/xmlsec-nss-keysstore.html
index 7b9631f4..16969e54 100644
--- a/docs/api/xmlsec-nss-keysstore.html
+++ b/docs/api/xmlsec-nss-keysstore.html
@@ -87,19 +87,19 @@
 <h1>
 <a name="XMLSEC-NSS-KEYSSTORE"></a>keysstore</h1>
 <div class="REFNAMEDIV">
-<a name="AEN27163"></a><h2>Name</h2>keysstore -- Keys store implementation for NSS.</div>
+<a name="AEN37614"></a><h2>Name</h2>keysstore -- Keys store implementation for NSS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-KEYSSTORE.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREID">xmlSecNssKeysStoreId</a>
-<font>xmlSecKeyStoreId</font>    <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREGETKLASS">xmlSecNssKeysStoreGetKlass</a>          (void);
-<font>int</font>                 <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREADOPTKEY">xmlSecNssKeysStoreAdoptKey</a>          (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTORELOAD">xmlSecNssKeysStoreLoad</a>              (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>int</font>                 <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTORESAVE">xmlSecNssKeysStoreSave</a>              (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREADOPTKEY">xmlSecNssKeysStoreAdoptKey</a>          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink><a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREGETKLASS">xmlSecNssKeysStoreGetKlass</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTOREID">xmlSecNssKeysStoreId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTORELOAD">xmlSecNssKeysStoreLoad</a>              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-keysstore.html#XMLSECNSSKEYSSTORESAVE">xmlSecNssKeysStoreSave</a>              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-KEYSSTORE.DESCRIPTION"></a><h2>Description</h2>
@@ -108,99 +108,94 @@
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-KEYSSTORE.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYSSTOREID"></a><h3>xmlSecNssKeysStoreId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecNssKeysStoreId		xmlSecNssKeysStoreGetKlass()</pre>
-<p>A Nss keys store klass id.</p>
+<a name="XMLSECNSSKEYSSTOREADOPTKEY"></a><h3>xmlSecNssKeysStoreAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeysStoreAdoptKey          (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN37681"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to Nss keys store.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN37686"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN37691"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYSSTOREGETKLASS"></a><h3>xmlSecNssKeysStoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyStoreId</font>    xmlSecNssKeysStoreGetKlass          (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYSTOREID"><span class="RETURNVALUE">xmlSecKeyStoreId</span></gtkdoclink>    xmlSecNssKeysStoreGetKlass          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The Nss list based keys store klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27207"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Nss list based keys store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37707"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Nss list based keys store klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYSSTOREADOPTKEY"></a><h3>xmlSecNssKeysStoreAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeysStoreAdoptKey          (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the <code class="PARAMETER">store</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27225"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to Nss keys store.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27230"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27235"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECNSSKEYSSTOREID"></a><h3>xmlSecNssKeysStoreId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecNssKeysStoreId            xmlSecNssKeysStoreGetKlass()</pre>
+<p>A Nss keys store klass id.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYSSTORELOAD"></a><h3>xmlSecNssKeysStoreLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeysStoreLoad              (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *uri,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeysStoreLoad              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
 <p>Reads keys from an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27252"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to Nss keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37736"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to Nss keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27257"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37741"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27262"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to associated keys manager. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37746"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to associated keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27267"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37751"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYSSTORESAVE"></a><h3>xmlSecNssKeysStoreSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeysStoreSave              (<a href="xmlsec-keysmngr.html#XMLSECKEYSTORE">xmlSecKeyStorePtr</a> store,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeysStoreSave              (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSTORE"><span class="TYPE">xmlSecKeyStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 <p>Writes keys from <code class="PARAMETER">store</code> to an XML file.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27285"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to Nss keys store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37775"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to Nss keys store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27290"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37780"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27295"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the saved keys type (public, private, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37785"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the saved keys type (public, private, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27300"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-nss-pkikeys.html b/docs/api/xmlsec-nss-pkikeys.html
index b40dd16d..046704ee 100644
--- a/docs/api/xmlsec-nss-pkikeys.html
+++ b/docs/api/xmlsec-nss-pkikeys.html
@@ -87,16 +87,16 @@
 <h1>
 <a name="XMLSEC-NSS-PKIKEYS"></a>pkikeys</h1>
 <div class="REFNAMEDIV">
-<a name="AEN27310"></a><h2>Name</h2>pkikeys -- PKI keys data implementation.</div>
+<a name="AEN37800"></a><h2>Name</h2>pkikeys -- PKI keys data implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-PKIKEYS.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIADOPTKEY">xmlSecNssPKIAdoptKey</a>                (<font>SECKEYPrivateKey</font> *privkey,
-                                                         <font>SECKEYPublicKey</font> *pubkey);
-<font>SECKEYPublicKey</font>*    <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETPUBKEY">xmlSecNssPKIKeyDataGetPubKey</a>        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>SECKEYPrivateKey</font>*   <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETPRIVKEY">xmlSecNssPKIKeyDataGetPrivKey</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>KeyType</font>             <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETKEYTYPE">xmlSecNssPKIKeyDataGetKeyType</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATADUPLICATE">xmlSecNssPKIKeyDataDuplicate</a>        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);</pre>
+<pre class="SYNOPSIS"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIADOPTKEY">xmlSecNssPKIAdoptKey</a>                (<code class="PARAMETER"><gtkdoclink href="SECKEYPRIVATEKEY"><span class="TYPE">SECKEYPrivateKey</span></gtkdoclink> *privkey</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECKEYPUBLICKEY"><span class="TYPE">SECKEYPublicKey</span></gtkdoclink> *pubkey</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATADUPLICATE">xmlSecNssPKIKeyDataDuplicate</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);
+<gtkdoclink href="KEYTYPE"><span class="RETURNVALUE">KeyType</span></gtkdoclink><a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETKEYTYPE">xmlSecNssPKIKeyDataGetKeyType</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="SECKEYPRIVATEKEY"><span class="RETURNVALUE">SECKEYPrivateKey</span></gtkdoclink> *  <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETPRIVKEY">xmlSecNssPKIKeyDataGetPrivKey</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="SECKEYPUBLICKEY"><span class="RETURNVALUE">SECKEYPublicKey</span></gtkdoclink> *   <a href="xmlsec-nss-pkikeys.html#XMLSECNSSPKIKEYDATAGETPUBKEY">xmlSecNssPKIKeyDataGetPubKey</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-PKIKEYS.DESCRIPTION"></a><h2>Description</h2>
@@ -106,103 +106,98 @@
 <a name="XMLSEC-NSS-PKIKEYS.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECNSSPKIADOPTKEY"></a><h3>xmlSecNssPKIAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecNssPKIAdoptKey                (<font>SECKEYPrivateKey</font> *privkey,
-                                                         <font>SECKEYPublicKey</font> *pubkey);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecNssPKIAdoptKey                (<code class="PARAMETER"><gtkdoclink href="SECKEYPRIVATEKEY"><span class="TYPE">SECKEYPrivateKey</span></gtkdoclink> *privkey</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="SECKEYPUBLICKEY"><span class="TYPE">SECKEYPublicKey</span></gtkdoclink> *pubkey</code>);</pre>
 <p>Build a KeyData object from the given Private Key and Public
 Key handles.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27349"><span style="white-space: nowrap"><code class="PARAMETER">privkey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>        the NSS Private Key handle</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37862"><span style="white-space: nowrap"><code class="PARAMETER">privkey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the NSS Private Key handle</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27354"><span style="white-space: nowrap"><code class="PARAMETER">pubkey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>         the NSS Public Key handle</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37867"><span style="white-space: nowrap"><code class="PARAMETER">pubkey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the NSS Public Key handle</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27359"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to KeyData object or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37872"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to KeyData object or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSPKIKEYDATAGETPUBKEY"></a><h3>xmlSecNssPKIKeyDataGetPubKey ()</h3>
-<pre class="PROGRAMLISTING"><font>SECKEYPublicKey</font>*    xmlSecNssPKIKeyDataGetPubKey        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the Public Key from the key data.</p>
-<p></p>
+<a name="XMLSECNSSPKIKEYDATADUPLICATE"></a><h3>xmlSecNssPKIKeyDataDuplicate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssPKIKeyDataDuplicate        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> src</code>);</pre>
+<p>Duplicates the keydata from src to dst</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27374"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS Key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37892"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS Key data to copy to.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27379"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SECKEYPublicKey or NULL if an error occurs.
-Caller is responsible for freeing the key when done</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37897"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS Key data to copy from.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN37902"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>-1 on error, 0 on success</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSPKIKEYDATAGETPRIVKEY"></a><h3>xmlSecNssPKIKeyDataGetPrivKey ()</h3>
-<pre class="PROGRAMLISTING"><font>SECKEYPrivateKey</font>*   xmlSecNssPKIKeyDataGetPrivKey       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the Private Key from the key data.</p>
-<p></p>
+<a name="XMLSECNSSPKIKEYDATAGETKEYTYPE"></a><h3>xmlSecNssPKIKeyDataGetKeyType ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="KEYTYPE"><span class="RETURNVALUE">KeyType</span></gtkdoclink>             xmlSecNssPKIKeyDataGetKeyType       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the Key Type from the key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27394"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS Key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37919"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS Key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27399"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SECKEYPrivateKey or NULL if an error occurs.
-Caller is responsible for freeing the key when done</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37924"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Key Type</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSPKIKEYDATAGETKEYTYPE"></a><h3>xmlSecNssPKIKeyDataGetKeyType ()</h3>
-<pre class="PROGRAMLISTING"><font>KeyType</font>             xmlSecNssPKIKeyDataGetKeyType       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the Key Type from the key data.</p>
-<p></p>
+<a name="XMLSECNSSPKIKEYDATAGETPRIVKEY"></a><h3>xmlSecNssPKIKeyDataGetPrivKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="SECKEYPRIVATEKEY"><span class="RETURNVALUE">SECKEYPrivateKey</span></gtkdoclink> *  xmlSecNssPKIKeyDataGetPrivKey       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the Private Key from the key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27414"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS Key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37941"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS Key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27419"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Key Type </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37946"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SECKEYPrivateKey or NULL if an error occurs.
+Caller is responsible for freeing the key when done</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSPKIKEYDATADUPLICATE"></a><h3>xmlSecNssPKIKeyDataDuplicate ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssPKIKeyDataDuplicate        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> dst,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> src);</pre>
-<p>Duplicates the keydata from src to dst</p>
-<p></p>
+<a name="XMLSECNSSPKIKEYDATAGETPUBKEY"></a><h3>xmlSecNssPKIKeyDataGetPubKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="SECKEYPUBLICKEY"><span class="RETURNVALUE">SECKEYPublicKey</span></gtkdoclink> *   xmlSecNssPKIKeyDataGetPubKey        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the Public Key from the key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27435"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS Key data to copy to.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37963"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS Key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27440"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS Key data to copy from.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27445"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> -1 on error, 0 on success</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN37968"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SECKEYPublicKey or NULL if an error occurs.
+Caller is responsible for freeing the key when done</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-nss-ref.html b/docs/api/xmlsec-nss-ref.html
index be7f0920..81b0c6d7 100644
--- a/docs/api/xmlsec-nss-ref.html
+++ b/docs/api/xmlsec-nss-ref.html
@@ -5,7 +5,7 @@
 <meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
 <link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
 <link rel="UP" title="XML Security Library API Reference." href="xmlsec-reference.html">
-<link rel="PREVIOUS" title="crypto" href="xmlsec-gnutls-crypto.html">
+<link rel="PREVIOUS" title="crypto" href="xmlsec-gcrypt-crypto.html">
 <link rel="NEXT" title="app" href="xmlsec-nss-app.html">
 <style type="text/css">.synopsis, .classsynopsis {
     background: #eeeeee;
@@ -78,7 +78,7 @@
 </td>
 <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
 <table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
-<td><a accesskey="p" href="xmlsec-gnutls-crypto.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
+<td><a accesskey="p" href="xmlsec-gcrypt-crypto.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
 <td><a accesskey="u" href="xmlsec-reference.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
 <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
 <th width="100%" align="center">XML Security Library Reference Manual</th>
@@ -107,7 +107,7 @@
     build by extracting comments from the code sources. </p>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
-<td align="left"><a accesskey="p" href="xmlsec-gnutls-crypto.html"><b>&lt;&lt;&lt; crypto</b></a></td>
+<td align="left"><a accesskey="p" href="xmlsec-gcrypt-crypto.html"><b>&lt;&lt;&lt; crypto</b></a></td>
 <td align="right"><a accesskey="n" href="xmlsec-nss-app.html"><b>app &gt;&gt;&gt;</b></a></td>
 </tr></table>
 </td></tr></table></td>
diff --git a/docs/api/xmlsec-nss-x509.html b/docs/api/xmlsec-nss-x509.html
index b5b413cd..c66585a4 100644
--- a/docs/api/xmlsec-nss-x509.html
+++ b/docs/api/xmlsec-nss-x509.html
@@ -87,41 +87,41 @@
 <h1>
 <a name="XMLSEC-NSS-X509"></a>x509</h1>
 <div class="REFNAMEDIV">
-<a name="AEN27455"></a><h2>Name</h2>x509 -- X509 certificates support implementation for NSS.</div>
+<a name="AEN37978"></a><h2>Name</h2>x509 -- X509 certificates support implementation for NSS.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-NSS-X509.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ID">xmlSecNssKeyDataX509Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETKLASS">xmlSecNssKeyDataX509GetKlass</a>        (void);
-<font>CERTCertificate</font>*    <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETKEYCERT">xmlSecNssKeyDataX509GetKeyCert</a>      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTKEYCERT">xmlSecNssKeyDataX509AdoptKeyCert</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTCertificate</font> *cert);
-<font>int</font>                 <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTCERT">xmlSecNssKeyDataX509AdoptCert</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTCertificate</font> *cert);
-<font>CERTCertificate</font>*    <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCERT">xmlSecNssKeyDataX509GetCert</a>         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCERTSSIZE">xmlSecNssKeyDataX509GetCertsSize</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTCRL">xmlSecNssKeyDataX509AdoptCrl</a>        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTSignedCrl</font> *crl);
-<font>CERTSignedCrl</font>*      <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCRL">xmlSecNssKeyDataX509GetCrl</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCRLSSIZE">xmlSecNssKeyDataX509GetCrlsSize</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-nss-x509.html#XMLSECNSSX509CERTGETKEY">xmlSecNssX509CertGetKey</a>             (<font>CERTCertificate</font> *cert);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATARAWX509CERTGETKLASS">xmlSecNssKeyDataRawX509CertGetKlass</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATARAWX509CERTID">xmlSecNssKeyDataRawX509CertId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATARAWX509CERTGETKLASS">xmlSecNssKeyDataRawX509CertGetKlass</a> (void);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTCERT">xmlSecNssKeyDataX509AdoptCert</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTCRL">xmlSecNssKeyDataX509AdoptCrl</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTSIGNEDCRL"><span class="TYPE">CERTSignedCrl</span></gtkdoclink> *crl</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ADOPTKEYCERT">xmlSecNssKeyDataX509AdoptKeyCert</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCERT">xmlSecNssKeyDataX509GetCert</a>         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCERTSSIZE">xmlSecNssKeyDataX509GetCertsSize</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="CERTSIGNEDCRL"><span class="RETURNVALUE">CERTSignedCrl</span></gtkdoclink> *     <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCRL">xmlSecNssKeyDataX509GetCrl</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETCRLSSIZE">xmlSecNssKeyDataX509GetCrlsSize</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETKEYCERT">xmlSecNssKeyDataX509GetKeyCert</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509GETKLASS">xmlSecNssKeyDataX509GetKlass</a>        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-nss-x509.html#XMLSECNSSKEYDATAX509ID">xmlSecNssKeyDataX509Id</a>
+<a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-nss-x509.html#XMLSECNSSX509CERTGETKEY">xmlSecNssX509CertGetKey</a>             (<code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREADOPTCERT">xmlSecNssX509StoreAdoptCert</a>         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREFINDCERT">xmlSecNssX509StoreFindCert</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *subjectName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerSerial</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ski</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);
+<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink><a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREGETKLASS">xmlSecNssX509StoreGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREID">xmlSecNssX509StoreId</a>
-<font>xmlSecKeyDataStoreId</font>  <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREGETKLASS">xmlSecNssX509StoreGetKlass</a>        (void);
-<font>CERTCertificate</font>*    <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREFINDCERT">xmlSecNssX509StoreFindCert</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>CERTCertificate</font>*    <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREVERIFY">xmlSecNssX509StoreVerify</a>            (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>CERTCertList</font> *certs,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREADOPTCERT">xmlSecNssX509StoreAdoptCert</a>         (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>CERTCertificate</font> *cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   <a href="xmlsec-nss-x509.html#XMLSECNSSX509STOREVERIFY">xmlSecNssX509StoreVerify</a>            (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTLIST"><span class="TYPE">CERTCertList</span></gtkdoclink> *certs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-X509.DESCRIPTION"></a><h2>Description</h2>
@@ -130,108 +130,106 @@
 <div class="REFSECT1">
 <a name="XMLSEC-NSS-X509.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509ID"></a><h3>xmlSecNssKeyDataX509Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataX509Id</pre>
-<p>The NSS X509 data klass.</p>
+<a name="XMLSECNSSKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecNssKeyDataRawX509CertGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataRawX509CertGetKlass (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The raw X509 certificates key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN38132"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>raw X509 certificates key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509GETKLASS"></a><h3>xmlSecNssKeyDataX509GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataX509GetKlass        (void);</pre>
-<p>The NSS X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27543"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the X509 data klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECNSSKEYDATARAWX509CERTID"></a><h3>xmlSecNssKeyDataRawX509CertId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataRawX509CertId</pre>
+<p>The NSS raw X509 certificate klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509GETKEYCERT"></a><h3>xmlSecNssKeyDataX509GetKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>CERTCertificate</font>*    xmlSecNssKeyDataX509GetKeyCert      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the certificate from which the key was extracted.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAX509ADOPTCERT"></a><h3>xmlSecNssKeyDataX509AdoptCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataX509AdoptCert       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);</pre>
+<p>Adds certificate to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27558"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38158"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27563"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key's certificate or NULL if key data was not used for key
-extraction or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38163"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS X509 certificate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38168"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecNssKeyDataX509AdoptKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataX509AdoptKeyCert    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTCertificate</font> *cert);</pre>
-<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAX509ADOPTCRL"></a><h3>xmlSecNssKeyDataX509AdoptCrl ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataX509AdoptCrl        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTSIGNEDCRL"><span class="TYPE">CERTSignedCrl</span></gtkdoclink> *crl</code>);</pre>
+<p>Adds CRL to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27580"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38188"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27585"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to NSS X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38193"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS X509 CRL.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27590"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38198"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509ADOPTCERT"></a><h3>xmlSecNssKeyDataX509AdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataX509AdoptCert       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTCertificate</font> *cert);</pre>
-<p>Adds certificate to the X509 key data.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecNssKeyDataX509AdoptKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssKeyDataX509AdoptKeyCert    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);</pre>
+<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27606"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38219"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27611"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to NSS X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38224"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27616"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38229"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYDATAX509GETCERT"></a><h3>xmlSecNssKeyDataX509GetCert ()</h3>
-<pre class="PROGRAMLISTING"><font>CERTCertificate</font>*    xmlSecNssKeyDataX509GetCert         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   xmlSecNssKeyDataX509GetCert         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a certificate from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27632"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38249"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27637"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38254"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27642"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the 
+<td align="LEFT" valign="TOP"><a name="AEN38259"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of certificates in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -239,64 +237,39 @@ number of certificates in <code class="PARAMETER">data</code> or an error occurs
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYDATAX509GETCERTSSIZE"></a><h3>xmlSecNssKeyDataX509GetCertsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecNssKeyDataX509GetCertsSize    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecNssKeyDataX509GetCertsSize    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of certificates in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27660"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38279"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27665"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of certificates in <code class="PARAMETER">data</code>.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECNSSKEYDATAX509ADOPTCRL"></a><h3>xmlSecNssKeyDataX509AdoptCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssKeyDataX509AdoptCrl        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>CERTSignedCrl</font> *crl);</pre>
-<p>Adds CRL to the X509 key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27682"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27687"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to NSS X509 CRL.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27692"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38284"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of certificates in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYDATAX509GETCRL"></a><h3>xmlSecNssKeyDataX509GetCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>CERTSignedCrl</font>*      xmlSecNssKeyDataX509GetCrl          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CERTSIGNEDCRL"><span class="RETURNVALUE">CERTSignedCrl</span></gtkdoclink> *     xmlSecNssKeyDataX509GetCrl          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a CRL from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27708"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38305"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27713"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                the desired CRL position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38310"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired CRL position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27718"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the
+<td align="LEFT" valign="TOP"><a name="AEN38315"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -304,174 +277,183 @@ number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></t
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECNSSKEYDATAX509GETCRLSSIZE"></a><h3>xmlSecNssKeyDataX509GetCrlsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecNssKeyDataX509GetCrlsSize     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecNssKeyDataX509GetCrlsSize     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of CRLs in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27736"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38335"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27741"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38340"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSX509CERTGETKEY"></a><h3>xmlSecNssX509CertGetKey ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecNssX509CertGetKey             (<font>CERTCertificate</font> *cert);</pre>
-<p>Extracts public key from the <code class="PARAMETER">cert</code>.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAX509GETKEYCERT"></a><h3>xmlSecNssKeyDataX509GetKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   xmlSecNssKeyDataX509GetKeyCert      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the certificate from which the key was extracted.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27758"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38358"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27763"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> public key value or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38363"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key's certificate or NULL if key data was not used for key
+extraction or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSKEYDATARAWX509CERTID"></a><h3>xmlSecNssKeyDataRawX509CertId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataRawX509CertId</pre>
-<p>The NSS raw X509 certificate klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECNSSKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecNssKeyDataRawX509CertGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecNssKeyDataRawX509CertGetKlass (void);</pre>
-<p>The raw X509 certificates key data klass.</p>
-<p></p>
+<a name="XMLSECNSSKEYDATAX509GETKLASS"></a><h3>xmlSecNssKeyDataX509GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecNssKeyDataX509GetKlass        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The NSS X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27784"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> raw X509 certificates key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38381"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the X509 data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSX509STOREID"></a><h3>xmlSecNssX509StoreId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNssX509StoreId</pre>
-<p>The NSS X509 store klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECNSSX509STOREGETKLASS"></a><h3>xmlSecNssX509StoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataStoreId</font>  xmlSecNssX509StoreGetKlass        (void);</pre>
-<p>The NSS X509 certificates key data store klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN27805"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to NSS X509 certificates key data store klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECNSSKEYDATAX509ID"></a><h3>xmlSecNssKeyDataX509Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssKeyDataX509Id</pre>
+<p>The NSS X509 data klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSX509STOREFINDCERT"></a><h3>xmlSecNssX509StoreFindCert ()</h3>
-<pre class="PROGRAMLISTING"><font>CERTCertificate</font>*    xmlSecNssX509StoreFindCert          (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Searches <code class="PARAMETER">store</code> for a certificate that matches given criteria.</p>
-<p></p>
+<a name="XMLSECNSSX509CERTGETKEY"></a><h3>xmlSecNssX509CertGetKey ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecNssX509CertGetKey             (<code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>);</pre>
+<p>Extracts public key from the <code class="PARAMETER">cert</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27826"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN27831"><span style="white-space: nowrap"><code class="PARAMETER">subjectName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the desired certificate name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38405"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27836"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate issuer name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38410"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>public key value or NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSX509STOREADOPTCERT"></a><h3>xmlSecNssX509StoreAdoptCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNssX509StoreAdoptCert         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTIFICATE"><span class="TYPE">CERTCertificate</span></gtkdoclink> *cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Adds trusted (root) or untrusted certificate to the store.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27841"><span style="white-space: nowrap"><code class="PARAMETER">issuerSerial</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the desired certificate issuer serial number.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38433"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27846"><span style="white-space: nowrap"><code class="PARAMETER">ski</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate SKI.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38438"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to NSS X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27851"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38443"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27857"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to found certificate or NULL if certificate is not found
-or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38448"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSX509STOREVERIFY"></a><h3>xmlSecNssX509StoreVerify ()</h3>
-<pre class="PROGRAMLISTING"><font>CERTCertificate</font>*    xmlSecNssX509StoreVerify            (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>CERTCertList</font> *certs,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Verifies <code class="PARAMETER">certs</code> list.</p>
-<p></p>
+<a name="XMLSECNSSX509STOREFINDCERT"></a><h3>xmlSecNssX509StoreFindCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   xmlSecNssX509StoreFindCert          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *subjectName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerSerial</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ski</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
+<p>Searches <code class="PARAMETER">store</code> for a certificate that matches given criteria.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27875"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38481"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27880"><span style="white-space: nowrap"><code class="PARAMETER">certs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the untrusted certificates stack.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38486"><span style="white-space: nowrap"><code class="PARAMETER">subjectName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27885"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38491"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate issuer name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27891"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the first verified certificate from <code class="PARAMETER">certs</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38496"><span style="white-space: nowrap"><code class="PARAMETER">issuerSerial</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate issuer serial number.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38501"><span style="white-space: nowrap"><code class="PARAMETER">ski</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate SKI.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38506"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN38512"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECNSSX509STOREADOPTCERT"></a><h3>xmlSecNssX509StoreAdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNssX509StoreAdoptCert         (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>CERTCertificate</font> *cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Adds trusted (root) or untrusted certificate to the store.</p>
+<a name="XMLSECNSSX509STOREGETKLASS"></a><h3>xmlSecNssX509StoreGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink> xmlSecNssX509StoreGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The NSS X509 certificates key data store klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN38528"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to NSS X509 certificates key data store klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSX509STOREID"></a><h3>xmlSecNssX509StoreId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNssX509StoreId</pre>
+<p>The NSS X509 store klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECNSSX509STOREVERIFY"></a><h3>xmlSecNssX509StoreVerify ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="CERTCERTIFICATE"><span class="RETURNVALUE">CERTCertificate</span></gtkdoclink> *   xmlSecNssX509StoreVerify            (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="CERTCERTLIST"><span class="TYPE">CERTCertList</span></gtkdoclink> *certs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
+<p>Verifies <code class="PARAMETER">certs</code> list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27909"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38558"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27914"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to NSS X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38563"><span style="white-space: nowrap"><code class="PARAMETER">certs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the untrusted certificates stack.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27919"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the certificate type (trusted/untrusted).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38568"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN27924"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN38574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the first verified certificate from <code class="PARAMETER">certs</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-openssl-app.html b/docs/api/xmlsec-openssl-app.html
index 1572b60e..40297363 100644
--- a/docs/api/xmlsec-openssl-app.html
+++ b/docs/api/xmlsec-openssl-app.html
@@ -87,83 +87,83 @@
 <h1>
 <a name="XMLSEC-OPENSSL-APP"></a>app</h1>
 <div class="REFNAMEDIV">
-<a name="AEN21122"></a><h2>Name</h2>app -- Application functions implementation for OpenSSL.</div>
+<a name="AEN26126"></a><h2>Name</h2>app -- Application functions implementation for OpenSSL.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-OPENSSL-APP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPINIT">xmlSecOpenSSLAppInit</a>                (const <font>char</font> *config);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPSHUTDOWN">xmlSecOpenSSLAppShutdown</a>            (void);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT">xmlSecOpenSSLAppDefaultKeysMngrInit</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecOpenSSLAppDefaultKeysMngrAdoptKey</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRLOAD">xmlSecOpenSSLAppDefaultKeysMngrLoad</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRSAVE">xmlSecOpenSSLAppDefaultKeysMngrSave</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOAD">xmlSecOpenSSLAppKeysMngrCertLoad</a>    (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOADMEMORY">xmlSecOpenSSLAppKeysMngrCertLoadMemory</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOADBIO">xmlSecOpenSSLAppKeysMngrCertLoadBIO</a> (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRADDCERTSPATH">xmlSecOpenSSLAppKeysMngrAddCertsPath</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *path);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRADDCERTSFILE">xmlSecOpenSSLAppKeysMngrAddCertsFile</a>
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *file);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOAD">xmlSecOpenSSLAppKeyLoad</a>             (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOADMEMORY">xmlSecOpenSSLAppKeyLoadMemory</a>       (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOADBIO">xmlSecOpenSSLAppKeyLoadBIO</a>          (<font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOAD">xmlSecOpenSSLAppPkcs12Load</a>          (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOADMEMORY">xmlSecOpenSSLAppPkcs12LoadMemory</a>    (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOADBIO">xmlSecOpenSSLAppPkcs12LoadBIO</a>       (<font>BIO</font> *bio,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOAD">xmlSecOpenSSLAppKeyCertLoad</a>         (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOADMEMORY">xmlSecOpenSSLAppKeyCertLoadMemory</a>   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>int</font>                 <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOADBIO">xmlSecOpenSSLAppKeyCertLoadBIO</a>      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYFROMCERTLOADBIO">xmlSecOpenSSLAppKeyFromCertLoadBIO</a>  (<font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);
-<font>void</font>*               <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPGETDEFAULTPWDCALLBACK">xmlSecOpenSSLAppGetDefaultPwdCallback</a>
-                                                        (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRADOPTKEY">xmlSecOpenSSLAppDefaultKeysMngrAdoptKey</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT">xmlSecOpenSSLAppDefaultKeysMngrInit</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRLOAD">xmlSecOpenSSLAppDefaultKeysMngrLoad</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRSAVE">xmlSecOpenSSLAppDefaultKeysMngrSave</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPGETDEFAULTPWDCALLBACK">xmlSecOpenSSLAppGetDefaultPwdCallback</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPINIT">xmlSecOpenSSLAppInit</a>                (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOAD">xmlSecOpenSSLAppKeyCertLoad</a>         (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOADBIO">xmlSecOpenSSLAppKeyCertLoadBIO</a>      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYCERTLOADMEMORY">xmlSecOpenSSLAppKeyCertLoadMemory</a>   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYFROMCERTLOADBIO">xmlSecOpenSSLAppKeyFromCertLoadBIO</a>  (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOAD">xmlSecOpenSSLAppKeyLoad</a>             (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOADBIO">xmlSecOpenSSLAppKeyLoadBIO</a>          (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYLOADMEMORY">xmlSecOpenSSLAppKeyLoadMemory</a>       (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRADDCERTSFILE">xmlSecOpenSSLAppKeysMngrAddCertsFile</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRADDCERTSPATH">xmlSecOpenSSLAppKeysMngrAddCertsPath</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *path</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOAD">xmlSecOpenSSLAppKeysMngrCertLoad</a>    (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOADBIO">xmlSecOpenSSLAppKeysMngrCertLoadBIO</a> (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPKEYSMNGRCERTLOADMEMORY">xmlSecOpenSSLAppKeysMngrCertLoadMemory</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOAD">xmlSecOpenSSLAppPkcs12Load</a>          (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOADBIO">xmlSecOpenSSLAppPkcs12LoadBIO</a>       (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPPKCS12LOADMEMORY">xmlSecOpenSSLAppPkcs12LoadMemory</a>    (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPSHUTDOWN">xmlSecOpenSSLAppShutdown</a>            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-APP.DESCRIPTION"></a><h2>Description</h2>
@@ -172,644 +172,622 @@
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-APP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPINIT"></a><h3>xmlSecOpenSSLAppInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppInit                (const <font>char</font> *config);</pre>
-<p>General crypto engine initialization. This function is used
-by XMLSec command line utility and called before 
-<code class="PARAMETER">xmlSecInit</code> function.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrAdoptKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppDefaultKeysMngrAdoptKey
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecOpenSSLAppDefaultKeysMngrInit</span></a>
+function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21255"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the path to certs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26427"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN26432"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21260"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26437"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPSHUTDOWN"></a><h3>xmlSecOpenSSLAppShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppShutdown            (void);</pre>
-<p>General crypto engine shutdown. This function is used
-by XMLSec command line utility and called after 
-<code class="PARAMETER">xmlSecShutdown</code> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN21275"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppDefaultKeysMngrInit (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppDefaultKeysMngrInit (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
 <p>Initializes <code class="PARAMETER">mngr</code> with simple keys store <a href="xmlsec-keysmngr.html#XMLSECSIMPLEKEYSSTOREID"><span class="TYPE">xmlSecSimpleKeysStoreId</span></a>
 and a default OpenSSL crypto key data stores.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21293"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26457"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21298"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26462"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRADOPTKEY"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrAdoptKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppDefaultKeysMngrAdoptKey
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Adds <code class="PARAMETER">key</code> to the keys manager <code class="PARAMETER">mngr</code> created with <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecOpenSSLAppDefaultKeysMngrInit</span></a>
-function.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppDefaultKeysMngrLoad (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *uri</code>);</pre>
+<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created
+with <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecOpenSSLAppDefaultKeysMngrInit</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21318"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26486"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21323"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26491"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21328"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26496"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRLOAD"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppDefaultKeysMngrLoad (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *uri);</pre>
-<p>Loads XML keys file from <code class="PARAMETER">uri</code> to the keys manager <code class="PARAMETER">mngr</code> created 
-with <a href="xmlsec-openssl-app.html#XMLSECOPENSSLAPPDEFAULTKEYSMNGRINIT"><span class="TYPE">xmlSecOpenSSLAppDefaultKeysMngrInit</span></a> function.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrSave ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppDefaultKeysMngrSave (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21348"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26520"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21353"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26525"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21358"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26530"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of keys to save (public/private/symmetric).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN26535"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPDEFAULTKEYSMNGRSAVE"></a><h3>xmlSecOpenSSLAppDefaultKeysMngrSave ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppDefaultKeysMngrSave (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Saves keys from <code class="PARAMETER">mngr</code> to  XML keys file.</p>
+<a name="XMLSECOPENSSLAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecOpenSSLAppGetDefaultPwdCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink> *              xmlSecOpenSSLAppGetDefaultPwdCallback
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets default password callback.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN26551"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>default password callback.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLAPPINIT"></a><h3>xmlSecOpenSSLAppInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppInit                (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *config</code>);</pre>
+<p>General crypto engine initialization. This function is used
+by XMLSec command line utility and called before
+<code class="PARAMETER">xmlSecInit</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21376"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26569"><span style="white-space: nowrap"><code class="PARAMETER">config</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to certs.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21381"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination filename.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21386"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the type of keys to save (public/private/symmetric).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21391"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeysMngrCertLoad    (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYCERTLOAD"></a><h3>xmlSecOpenSSLAppKeyCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeyCertLoad         (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21411"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21416"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate file.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26598"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21421"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26603"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21426"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
-   			trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26608"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21432"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26613"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeysMngrCertLoadMemory
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeyCertLoadBIO ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeyCertLoadBIO      (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from memory buffer and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21453"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21458"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21463"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26636"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21468"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26641"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate bio.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21473"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26646"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21478"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26651"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoadBIO ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeysMngrCertLoadBIO (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         <font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
-<p>Reads cert from an OpenSSL BIO object and adds to the list of trusted or known
-untrusted certs in <code class="PARAMETER">store</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYCERTLOADMEMORY"></a><h3>xmlSecOpenSSLAppKeyCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeyCertLoadMemory   (<code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Reads the certificate from memory buffer and adds it to key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21497"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26677"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21502"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the certificate BIO.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26682"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21507"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26687"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21512"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag that indicates is the certificate trusted or not.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26692"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21517"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26697"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYSMNGRADDCERTSPATH"></a><h3>xmlSecOpenSSLAppKeysMngrAddCertsPath ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeysMngrAddCertsPath
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *path);</pre>
-<p>Reads cert from <code class="PARAMETER">path</code> and adds to the list of trusted certificates.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYFROMCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeyFromCertLoadBIO ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppKeyFromCertLoadBIO  (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>);</pre>
+<p>Loads public key from cert.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21534"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26717"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BIO.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21539"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the path to trusted certificates.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26722"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the cert format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21544"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26727"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYSMNGRADDCERTSFILE"></a><h3>xmlSecOpenSSLAppKeysMngrAddCertsFile ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeysMngrAddCertsFile
-                                                        (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr,
-                                                         const <font>char</font> *file);</pre>
-<p>Reads certs from <code class="PARAMETER">file</code> and adds to the list of trusted certificates.
-It is possible for <code class="PARAMETER">file</code> to contain multiple certs.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYLOAD"></a><h3>xmlSecOpenSSLAppKeyLoad ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppKeyLoad             (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the a file.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21562"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26756"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key filename.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN26761"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN26766"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN26771"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21567"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the file containing trusted certificates.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26776"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21572"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26781"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYLOAD"></a><h3>xmlSecOpenSSLAppKeyLoad ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppKeyLoad             (const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the a file.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYLOADBIO"></a><h3>xmlSecOpenSSLAppKeyLoadBIO ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppKeyLoadBIO          (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key from the an OpenSSL BIO object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21591"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26810"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key BIO.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21596"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26815"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21601"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26820"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21606"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26825"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21611"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26830"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21616"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26835"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLAPPKEYLOADMEMORY"></a><h3>xmlSecOpenSSLAppKeyLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppKeyLoadMemory       (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppKeyLoadMemory       (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
 <p>Reads key from the memory buffer.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21636"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26867"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21641"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the size of binary key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26872"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of binary key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21646"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26877"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21651"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26882"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21656"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26887"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21661"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26892"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21666"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26897"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYLOADBIO"></a><h3>xmlSecOpenSSLAppKeyLoadBIO ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppKeyLoadBIO          (<font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key from the an OpenSSL BIO object.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYSMNGRADDCERTSFILE"></a><h3>xmlSecOpenSSLAppKeysMngrAddCertsFile ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeysMngrAddCertsFile
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>);</pre>
+<p>Reads certs from <code class="PARAMETER">file</code> and adds to the list of trusted certificates.
+It is possible for <code class="PARAMETER">file</code> to contain multiple certs.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21685"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key BIO.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26919"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21690"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26924"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the file containing trusted certificates.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21695"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26929"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLAPPKEYSMNGRADDCERTSPATH"></a><h3>xmlSecOpenSSLAppKeysMngrAddCertsPath ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeysMngrAddCertsPath
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *path</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">path</code> and adds to the list of trusted certificates.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21700"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the key password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26950"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21705"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26955"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to trusted certificates.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21710"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26960"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPPKCS12LOAD"></a><h3>xmlSecOpenSSLAppPkcs12Load ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppPkcs12Load          (const <font>char</font> *filename,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 file.
-For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOAD"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoad ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeysMngrCertLoad    (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from <code class="PARAMETER">filename</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21728"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26988"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21733"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26993"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21738"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26998"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21743"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27003"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate in <code class="PARAMETER">filename</code>
+trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21748"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27009"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPPKCS12LOADMEMORY"></a><h3>xmlSecOpenSSLAppPkcs12LoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppPkcs12LoadMemory    (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
-For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoadBIO ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeysMngrCertLoadBIO (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from an OpenSSL BIO object and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21767"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27036"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21772"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27041"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate BIO.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21777"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27046"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21782"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27051"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21787"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21792"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27056"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPPKCS12LOADBIO"></a><h3>xmlSecOpenSSLAppPkcs12LoadBIO ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppPkcs12LoadBIO       (<font>BIO</font> *bio,
-                                                         const <font>char</font> *pwd,
-                                                         <font>void</font> *pwdCallback,
-                                                         <font>void</font> *pwdCallbackCtx);</pre>
-<p>Reads key and all associated certificates from the PKCS12 data in an OpenSSL BIO object.
-For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
-in format=xmlSecKeyDataFormatPkcs12.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPKEYSMNGRCERTLOADMEMORY"></a><h3>xmlSecOpenSSLAppKeysMngrCertLoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppKeysMngrCertLoadMemory
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT"><span class="TYPE">xmlSecKeyDataFormat</span></a> format</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
+<p>Reads cert from binary buffer <code class="PARAMETER">data</code> and adds to the list of trusted or known
+untrusted certs in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21810"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 key bio.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27087"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the keys manager.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27092"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21815"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the PKCS12 file password.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27097"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21820"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27102"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate file format.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21825"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the user context for password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27107"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates is the certificate trusted or not.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21830"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27112"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYCERTLOAD"></a><h3>xmlSecOpenSSLAppKeyCertLoad ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeyCertLoad         (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <font>char</font> *filename,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from $<code class="PARAMETER">filename</code> and adds it to key.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPPKCS12LOAD"></a><h3>xmlSecOpenSSLAppPkcs12Load ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppPkcs12Load          (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 file.
+For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21848"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27138"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21853"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27143"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21858"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27148"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21863"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27153"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYCERTLOADMEMORY"></a><h3>xmlSecOpenSSLAppKeyCertLoadMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeyCertLoadMemory   (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from memory buffer and adds it to key.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPPKCS12LOADBIO"></a><h3>xmlSecOpenSSLAppPkcs12LoadBIO ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppPkcs12LoadBIO       (<code class="PARAMETER"><gtkdoclink href="BIO:CAPS"><span class="TYPE">BIO</span></gtkdoclink> *bio</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 data in an OpenSSL BIO object.
+For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21881"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27184"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 key bio.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21886"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27189"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21891"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate binary data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27194"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21896"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27199"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21901"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeyCertLoadBIO ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLAppKeyCertLoadBIO      (<a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key,
-                                                         <font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Reads the certificate from memory buffer and adds it to key.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPPKCS12LOADMEMORY"></a><h3>xmlSecOpenSSLAppPkcs12LoadMemory ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY"><span class="RETURNVALUE">xmlSecKeyPtr</span></a>        xmlSecOpenSSLAppPkcs12LoadMemory    (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *pwd</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallback</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *pwdCallbackCtx</code>);</pre>
+<p>Reads key and all associated certificates from the PKCS12 data in memory buffer.
+For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
+in format=xmlSecKeyDataFormatPkcs12.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21918"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27233"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21923"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate bio.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27238"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 binary data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21928"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate file format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27243"><span style="white-space: nowrap"><code class="PARAMETER">pwd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the PKCS12 file password.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21933"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPKEYFROMCERTLOADBIO"></a><h3>xmlSecOpenSSLAppKeyFromCertLoadBIO ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a>        xmlSecOpenSSLAppKeyFromCertLoadBIO  (<font>BIO</font> *bio,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATAFORMAT">xmlSecKeyDataFormat</a> format);</pre>
-<p>Loads public key from cert.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN21949"><span style="white-space: nowrap"><code class="PARAMETER">bio</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the BIO.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27248"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallback</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21954"><span style="white-space: nowrap"><code class="PARAMETER">format</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the cert format.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27253"><span style="white-space: nowrap"><code class="PARAMETER">pwdCallbackCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the user context for password callback.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21959"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27258"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLAPPGETDEFAULTPWDCALLBACK"></a><h3>xmlSecOpenSSLAppGetDefaultPwdCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>*               xmlSecOpenSSLAppGetDefaultPwdCallback
-                                                        (void);</pre>
-<p>Gets default password callback.</p>
-<p></p>
+<a name="XMLSECOPENSSLAPPSHUTDOWN"></a><h3>xmlSecOpenSSLAppShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLAppShutdown            (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>General crypto engine shutdown. This function is used
+by XMLSec command line utility and called after
+<code class="PARAMETER">xmlSecShutdown</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN21973"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> default password callback.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27275"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 </div>
diff --git a/docs/api/xmlsec-openssl-bn.html b/docs/api/xmlsec-openssl-bn.html
index 857263c5..93613247 100644
--- a/docs/api/xmlsec-openssl-bn.html
+++ b/docs/api/xmlsec-openssl-bn.html
@@ -87,14 +87,14 @@
 <h1>
 <a name="XMLSEC-OPENSSL-BN"></a>bn</h1>
 <div class="REFNAMEDIV">
-<a name="AEN21983"></a><h2>Name</h2>bn -- Big numbers helper functions.</div>
+<a name="AEN27285"></a><h2>Name</h2>bn -- Big numbers helper functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-OPENSSL-BN.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>BIGNUM</font>*             <a href="xmlsec-openssl-bn.html#XMLSECOPENSSLNODEGETBNVALUE">xmlSecOpenSSLNodeGetBNValue</a>         (const <font>xmlNodePtr</font> cur,
-                                                         <font>BIGNUM</font> **a);
-<font>int</font>                 <a href="xmlsec-openssl-bn.html#XMLSECOPENSSLNODESETBNVALUE">xmlSecOpenSSLNodeSetBNValue</a>         (<font>xmlNodePtr</font> cur,
-                                                         const <font>BIGNUM</font> *a,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="BIGNUM:CAPS"><span class="RETURNVALUE">BIGNUM</span></gtkdoclink> *            <a href="xmlsec-openssl-bn.html#XMLSECOPENSSLNODEGETBNVALUE">xmlSecOpenSSLNodeGetBNValue</a>         (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIGNUM:CAPS"><span class="TYPE">BIGNUM</span></gtkdoclink> **a</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-bn.html#XMLSECOPENSSLNODESETBNVALUE">xmlSecOpenSSLNodeSetBNValue</a>         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="BIGNUM:CAPS"><span class="TYPE">BIGNUM</span></gtkdoclink> *a</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-BN.DESCRIPTION"></a><h2>Description</h2>
@@ -104,26 +104,25 @@
 <a name="XMLSEC-OPENSSL-BN.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLNODEGETBNVALUE"></a><h3>xmlSecOpenSSLNodeGetBNValue ()</h3>
-<pre class="PROGRAMLISTING"><font>BIGNUM</font>*             xmlSecOpenSSLNodeGetBNValue         (const <font>xmlNodePtr</font> cur,
-                                                         <font>BIGNUM</font> **a);</pre>
-<p>Converts the node content from CryptoBinary format 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>) 
+<pre class="PROGRAMLISTING"><gtkdoclink href="BIGNUM:CAPS"><span class="RETURNVALUE">BIGNUM</span></gtkdoclink> *            xmlSecOpenSSLNodeGetBNValue         (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="BIGNUM:CAPS"><span class="TYPE">BIGNUM</span></gtkdoclink> **a</code>);</pre>
+<p>Converts the node content from CryptoBinary format
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>)
 to a BIGNUM. If no BIGNUM buffer provided then a new
 BIGNUM is created (caller is responsible for freeing it).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22016"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the poitner to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27334"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the poitner to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22021"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the BIGNUM buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27339"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BIGNUM buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22026"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> a pointer to BIGNUM produced from CryptoBinary string
+<td align="LEFT" valign="TOP"><a name="AEN27344"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>a pointer to BIGNUM produced from CryptoBinary string
 or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -131,34 +130,33 @@ or NULL if an error occurs.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLNODESETBNVALUE"></a><h3>xmlSecOpenSSLNodeSetBNValue ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLNodeSetBNValue         (<font>xmlNodePtr</font> cur,
-                                                         const <font>BIGNUM</font> *a,
-                                                         <font>int</font> addLineBreaks);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLNodeSetBNValue         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="BIGNUM:CAPS"><span class="TYPE">BIGNUM</span></gtkdoclink> *a</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> addLineBreaks</code>);</pre>
 <p>Converts BIGNUM to CryptoBinary string
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>) 
-and sets it as the content of the given node. If the 
-addLineBreaks is set then line breaks are added 
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-CRYPTOBINARY"><span class="TYPE">sec-CryptoBinary</span></gtkdoclink>)
+and sets it as the content of the given node. If the
+addLineBreaks is set then line breaks are added
 before and after the CryptoBinary string.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22045"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27369"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22050"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the BIGNUM.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27374"><span style="white-space: nowrap"><code class="PARAMETER">a</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the BIGNUM.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22055"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> if the flag is equal to 1 then 
-	linebreaks will be added before and after
-	new buffer content.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27379"><span style="white-space: nowrap"><code class="PARAMETER">addLineBreaks</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>if the flag is equal to 1 then
+linebreaks will be added before and after
+new buffer content.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22060"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or -1 otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN27384"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or -1 otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-openssl-crypto.html b/docs/api/xmlsec-openssl-crypto.html
index c95af313..f4469f42 100644
--- a/docs/api/xmlsec-openssl-crypto.html
+++ b/docs/api/xmlsec-openssl-crypto.html
@@ -87,161 +87,191 @@
 <h1>
 <a name="XMLSEC-OPENSSL-CRYPTO"></a>crypto</h1>
 <div class="REFNAMEDIV">
-<a name="AEN22070"></a><h2>Name</h2>crypto -- Crypto transforms implementation for OpenSSL.</div>
+<a name="AEN27394"></a><h2>Name</h2>crypto -- Crypto transforms implementation for OpenSSL.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-OPENSSL-CRYPTO.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA224--CAPS">XMLSEC_NO_SHA224</a>
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA256--CAPS">XMLSEC_NO_SHA256</a>
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA384--CAPS">XMLSEC_NO_SHA384</a>
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-NO-SHA512--CAPS">XMLSEC_NO_SHA512</a>
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-NO-AES--CAPS">XMLSEC_NO_AES</a>
-<font>xmlSecCryptoDLFunctionsPtr</font>  <a href="xmlsec-openssl-crypto.html#XMLSECCRYPTOGETFUNCTIONS-OPENSSL">xmlSecCryptoGetFunctions_openssl</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLINIT">xmlSecOpenSSLInit</a>                   (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLSHUTDOWN">xmlSecOpenSSLShutdown</a>               (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYSMNGRINIT">xmlSecOpenSSLKeysMngrInit</a>           (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLGENERATERANDOM">xmlSecOpenSSLGenerateRandom</a>         (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLSETDEFAULTTRUSTEDCERTSFOLDER">xmlSecOpenSSLSetDefaultTrustedCertsFolder</a>
-                                                        (const <font>xmlChar</font> *path);
-const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLGETDEFAULTTRUSTEDCERTSFOLDER">xmlSecOpenSSLGetDefaultTrustedCertsFolder</a>
-                                                        (void);
+<pre class="SYNOPSIS">#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-ERRORS-FUNCTION:CAPS">XMLSEC_OPENSSL_ERRORS_FUNCTION</a>
+#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-ERRORS-LIB:CAPS">XMLSEC_OPENSSL_ERRORS_LIB</a>
+<gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECCRYPTOGETFUNCTIONS-OPENSSL">xmlSecCryptoGetFunctions_openssl</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLERRORSDEFAULTCALLBACK">xmlSecOpenSSLErrorsDefaultCallback</a>  (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLGENERATERANDOM">xmlSecOpenSSLGenerateRandom</a>         (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLGETDEFAULTTRUSTEDCERTSFOLDER">xmlSecOpenSSLGetDefaultTrustedCertsFolder</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLHMACGETMINOUTPUTLENGTH">xmlSecOpenSSLHmacGetMinOutputLength</a> (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLHMACSETMINOUTPUTLENGTH">xmlSecOpenSSLHmacSetMinOutputLength</a> (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLINIT">xmlSecOpenSSLInit</a>                   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAAESGETKLASS">xmlSecOpenSSLKeyDataAesGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAAESID">xmlSecOpenSSLKeyDataAesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAAESGETKLASS">xmlSecOpenSSLKeyDataAesGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAAESSET">xmlSecOpenSSLKeyDataAesSet</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAAESSET">xmlSecOpenSSLKeyDataAesSet</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESGETKLASS">xmlSecOpenSSLKeyDataDesGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESID">xmlSecOpenSSLKeyDataDesId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESSET">xmlSecOpenSSLKeyDataDesSet</a>          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAADOPTDSA">xmlSecOpenSSLKeyDataDsaAdoptDsa</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="DSA:CAPS"><span class="TYPE">DSA</span></gtkdoclink> *dsa</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAADOPTEVP">xmlSecOpenSSLKeyDataDsaAdoptEvp</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);
+<gtkdoclink href="DSA:CAPS"><span class="RETURNVALUE">DSA</span></gtkdoclink> *               <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETDSA">xmlSecOpenSSLKeyDataDsaGetDsa</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETEVP">xmlSecOpenSSLKeyDataDsaGetEvp</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETKLASS">xmlSecOpenSSLKeyDataDsaGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAID">xmlSecOpenSSLKeyDataDsaId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAADOPTECDSA">xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa</a> (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EC-KEY:CAPS"><span class="TYPE">EC_KEY</span></gtkdoclink> *ecdsa</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAADOPTEVP">xmlSecOpenSSLKeyDataEcdsaAdoptEvp</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);
+<gtkdoclink href="EC-KEY:CAPS"><span class="RETURNVALUE">EC_KEY</span></gtkdoclink> *            <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETECDSA">xmlSecOpenSSLKeyDataEcdsaGetEcdsa</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETEVP">xmlSecOpenSSLKeyDataEcdsaGetEvp</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAGETKLASS">xmlSecOpenSSLKeyDataEcdsaGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAECDSAID">xmlSecOpenSSLKeyDataEcdsaId</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAGOST2001GETKLASS">xmlSecOpenSSLKeyDataGost2001GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAGOST2001ID">xmlSecOpenSSLKeyDataGost2001Id</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACGETKLASS">xmlSecOpenSSLKeyDataHmacGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACID">xmlSecOpenSSLKeyDataHmacId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACSET">xmlSecOpenSSLKeyDataHmacSet</a>         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAADOPTEVP">xmlSecOpenSSLKeyDataRsaAdoptEvp</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAADOPTRSA">xmlSecOpenSSLKeyDataRsaAdoptRsa</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="RSA:CAPS"><span class="TYPE">RSA</span></gtkdoclink> *rsa</code>);
+<gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETEVP">xmlSecOpenSSLKeyDataRsaGetEvp</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETKLASS">xmlSecOpenSSLKeyDataRsaGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="RSA:CAPS"><span class="RETURNVALUE">RSA</span></gtkdoclink> *               <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETRSA">xmlSecOpenSSLKeyDataRsaGetRsa</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAID">xmlSecOpenSSLKeyDataRsaId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYSMNGRINIT">xmlSecOpenSSLKeysMngrInit</a>           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLSETDEFAULTTRUSTEDCERTSFOLDER">xmlSecOpenSSLSetDefaultTrustedCertsFolder</a>
+                                                        (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *path</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLSHUTDOWN">xmlSecOpenSSLShutdown</a>               (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES128CBCGETKLASS">xmlSecOpenSSLTransformAes128CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES128CBCID">xmlSecOpenSSLTransformAes128CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES128CBCGETKLASS">xmlSecOpenSSLTransformAes128CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES192CBCGETKLASS">xmlSecOpenSSLTransformAes192CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES192CBCID">xmlSecOpenSSLTransformAes192CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES192CBCGETKLASS">xmlSecOpenSSLTransformAes192CbcGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES256CBCGETKLASS">xmlSecOpenSSLTransformAes256CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES256CBCID">xmlSecOpenSSLTransformAes256CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMAES256CBCGETKLASS">xmlSecOpenSSLTransformAes256CbcGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES128ID">xmlSecOpenSSLTransformKWAes128Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES128GETKLASS">xmlSecOpenSSLTransformKWAes128GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES192ID">xmlSecOpenSSLTransformKWAes192Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES192GETKLASS">xmlSecOpenSSLTransformKWAes192GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES256ID">xmlSecOpenSSLTransformKWAes256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES256GETKLASS">xmlSecOpenSSLTransformKWAes256GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESID">xmlSecOpenSSLKeyDataDesId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESGETKLASS">xmlSecOpenSSLKeyDataDesGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADESSET">xmlSecOpenSSLKeyDataDesSet</a>          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDES3CBCGETKLASS">xmlSecOpenSSLTransformDes3CbcGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDES3CBCID">xmlSecOpenSSLTransformDes3CbcId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDES3CBCGETKLASS">xmlSecOpenSSLTransformDes3CbcGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWDES3ID">xmlSecOpenSSLTransformKWDes3Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWDES3GETKLASS">xmlSecOpenSSLTransformKWDes3GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAID">xmlSecOpenSSLKeyDataDsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETKLASS">xmlSecOpenSSLKeyDataDsaGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAADOPTDSA">xmlSecOpenSSLKeyDataDsaAdoptDsa</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>DSA</font> *dsa);
-<font>DSA</font>*                <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETDSA">xmlSecOpenSSLKeyDataDsaGetDsa</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAADOPTEVP">xmlSecOpenSSLKeyDataDsaAdoptEvp</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);
-<font>EVP_PKEY</font>*           <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATADSAGETEVP">xmlSecOpenSSLKeyDataDsaGetEvp</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA1GETKLASS">xmlSecOpenSSLTransformDsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA1ID">xmlSecOpenSSLTransformDsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA1GETKLASS">xmlSecOpenSSLTransformDsaSha1GetKlass</a>
-                                                        (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLHMACGETMINOUTPUTLENGTH">xmlSecOpenSSLHmacGetMinOutputLength</a> (void);
-<font>void</font>                <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLHMACSETMINOUTPUTLENGTH">xmlSecOpenSSLHmacSetMinOutputLength</a> (<font>int</font> min_length);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACID">xmlSecOpenSSLKeyDataHmacId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACGETKLASS">xmlSecOpenSSLKeyDataHmacGetKlass</a>    (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATAHMACSET">xmlSecOpenSSLKeyDataHmacSet</a>         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA256GETKLASS">xmlSecOpenSSLTransformDsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMDSASHA256ID">xmlSecOpenSSLTransformDsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA1GETKLASS">xmlSecOpenSSLTransformEcdsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA1ID">xmlSecOpenSSLTransformEcdsaSha1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA224GETKLASS">xmlSecOpenSSLTransformEcdsaSha224GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA224ID">xmlSecOpenSSLTransformEcdsaSha224Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA256GETKLASS">xmlSecOpenSSLTransformEcdsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA256ID">xmlSecOpenSSLTransformEcdsaSha256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA384GETKLASS">xmlSecOpenSSLTransformEcdsaSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA384ID">xmlSecOpenSSLTransformEcdsaSha384Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA512GETKLASS">xmlSecOpenSSLTransformEcdsaSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMECDSASHA512ID">xmlSecOpenSSLTransformEcdsaSha512Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMGOST2001GOSTR3411-94GETKLASS">xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMGOST2001GOSTR3411-94ID">xmlSecOpenSSLTransformGost2001GostR3411_94Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMGOSTR3411-94GETKLASS">xmlSecOpenSSLTransformGostR3411_94GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMGOSTR3411-94ID">xmlSecOpenSSLTransformGostR3411_94Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACMD5GETKLASS">xmlSecOpenSSLTransformHmacMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACMD5ID">xmlSecOpenSSLTransformHmacMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACMD5GETKLASS">xmlSecOpenSSLTransformHmacMd5GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACRIPEMD160GETKLASS">xmlSecOpenSSLTransformHmacRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACRIPEMD160ID">xmlSecOpenSSLTransformHmacRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACRIPEMD160GETKLASS">xmlSecOpenSSLTransformHmacRipemd160GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA1GETKLASS">xmlSecOpenSSLTransformHmacSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA1ID">xmlSecOpenSSLTransformHmacSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA1GETKLASS">xmlSecOpenSSLTransformHmacSha1GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA224GETKLASS">xmlSecOpenSSLTransformHmacSha224GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA224ID">xmlSecOpenSSLTransformHmacSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA224GETKLASS">xmlSecOpenSSLTransformHmacSha224GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA256GETKLASS">xmlSecOpenSSLTransformHmacSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA256ID">xmlSecOpenSSLTransformHmacSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA256GETKLASS">xmlSecOpenSSLTransformHmacSha256GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA384GETKLASS">xmlSecOpenSSLTransformHmacSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA384ID">xmlSecOpenSSLTransformHmacSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA384GETKLASS">xmlSecOpenSSLTransformHmacSha384GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA512GETKLASS">xmlSecOpenSSLTransformHmacSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA512ID">xmlSecOpenSSLTransformHmacSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMHMACSHA512GETKLASS">xmlSecOpenSSLTransformHmacSha512GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES128GETKLASS">xmlSecOpenSSLTransformKWAes128GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES128ID">xmlSecOpenSSLTransformKWAes128Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES192GETKLASS">xmlSecOpenSSLTransformKWAes192GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES192ID">xmlSecOpenSSLTransformKWAes192Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES256GETKLASS">xmlSecOpenSSLTransformKWAes256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWAES256ID">xmlSecOpenSSLTransformKWAes256Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWDES3GETKLASS">xmlSecOpenSSLTransformKWDes3GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMKWDES3ID">xmlSecOpenSSLTransformKWDes3Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMMD5GETKLASS">xmlSecOpenSSLTransformMd5GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMMD5ID">xmlSecOpenSSLTransformMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMMD5GETKLASS">xmlSecOpenSSLTransformMd5GetKlass</a>   (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRIPEMD160GETKLASS">xmlSecOpenSSLTransformRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRIPEMD160ID">xmlSecOpenSSLTransformRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRIPEMD160GETKLASS">xmlSecOpenSSLTransformRipemd160GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAID">xmlSecOpenSSLKeyDataRsaId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETKLASS">xmlSecOpenSSLKeyDataRsaGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAADOPTRSA">xmlSecOpenSSLKeyDataRsaAdoptRsa</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>RSA</font> *rsa);
-<font>RSA</font>*                <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETRSA">xmlSecOpenSSLKeyDataRsaGetRsa</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAADOPTEVP">xmlSecOpenSSLKeyDataRsaAdoptEvp</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);
-<font>EVP_PKEY</font>*           <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLKEYDATARSAGETEVP">xmlSecOpenSSLKeyDataRsaGetEvp</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAMD5GETKLASS">xmlSecOpenSSLTransformRsaMd5GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAMD5ID">xmlSecOpenSSLTransformRsaMd5Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAMD5GETKLASS">xmlSecOpenSSLTransformRsaMd5GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAOAEPGETKLASS">xmlSecOpenSSLTransformRsaOaepGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAOAEPID">xmlSecOpenSSLTransformRsaOaepId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAPKCS1GETKLASS">xmlSecOpenSSLTransformRsaPkcs1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAPKCS1ID">xmlSecOpenSSLTransformRsaPkcs1Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSARIPEMD160GETKLASS">xmlSecOpenSSLTransformRsaRipemd160GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSARIPEMD160ID">xmlSecOpenSSLTransformRsaRipemd160Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSARIPEMD160GETKLASS">xmlSecOpenSSLTransformRsaRipemd160GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA1GETKLASS">xmlSecOpenSSLTransformRsaSha1GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA1ID">xmlSecOpenSSLTransformRsaSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA1GETKLASS">xmlSecOpenSSLTransformRsaSha1GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA224GETKLASS">xmlSecOpenSSLTransformRsaSha224GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA224ID">xmlSecOpenSSLTransformRsaSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA224GETKLASS">xmlSecOpenSSLTransformRsaSha224GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA256GETKLASS">xmlSecOpenSSLTransformRsaSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA256ID">xmlSecOpenSSLTransformRsaSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA256GETKLASS">xmlSecOpenSSLTransformRsaSha256GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA384GETKLASS">xmlSecOpenSSLTransformRsaSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA384ID">xmlSecOpenSSLTransformRsaSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA384GETKLASS">xmlSecOpenSSLTransformRsaSha384GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA512GETKLASS">xmlSecOpenSSLTransformRsaSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA512ID">xmlSecOpenSSLTransformRsaSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSASHA512GETKLASS">xmlSecOpenSSLTransformRsaSha512GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAPKCS1ID">xmlSecOpenSSLTransformRsaPkcs1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAPKCS1GETKLASS">xmlSecOpenSSLTransformRsaPkcs1GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAOAEPID">xmlSecOpenSSLTransformRsaOaepId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMRSAOAEPGETKLASS">xmlSecOpenSSLTransformRsaOaepGetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA1GETKLASS">xmlSecOpenSSLTransformSha1GetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA1ID">xmlSecOpenSSLTransformSha1Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA1GETKLASS">xmlSecOpenSSLTransformSha1GetKlass</a>  (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA224GETKLASS">xmlSecOpenSSLTransformSha224GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA224ID">xmlSecOpenSSLTransformSha224Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA224GETKLASS">xmlSecOpenSSLTransformSha224GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA256GETKLASS">xmlSecOpenSSLTransformSha256GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA256ID">xmlSecOpenSSLTransformSha256Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA256GETKLASS">xmlSecOpenSSLTransformSha256GetKlass</a>
-                                                        (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA384GETKLASS">xmlSecOpenSSLTransformSha384GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA384ID">xmlSecOpenSSLTransformSha384Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA384GETKLASS">xmlSecOpenSSLTransformSha384GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA512ID">xmlSecOpenSSLTransformSha512Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA512GETKLASS">xmlSecOpenSSLTransformSha512GetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-ERRORS-LIB--CAPS">XMLSEC_OPENSSL_ERRORS_LIB</a>
-#define             <a href="xmlsec-openssl-crypto.html#XMLSEC-OPENSSL-ERRORS-FUNCTION--CAPS">XMLSEC_OPENSSL_ERRORS_FUNCTION</a>
-<font>void</font>                <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLERRORSDEFAULTCALLBACK">xmlSecOpenSSLErrorsDefaultCallback</a>  (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA512GETKLASS">xmlSecOpenSSLTransformSha512GetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-crypto.html#XMLSECOPENSSLTRANSFORMSHA512ID">xmlSecOpenSSLTransformSha512Id</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-CRYPTO.DESCRIPTION"></a><h2>Description</h2>
@@ -250,608 +280,881 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-CRYPTO.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-NO-SHA224--CAPS"></a><h3>XMLSEC_NO_SHA224</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_NO_SHA224 1</pre>
-<p></p>
+<a name="XMLSEC-OPENSSL-ERRORS-FUNCTION:CAPS"></a><h3>XMLSEC_OPENSSL_ERRORS_FUNCTION</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_OPENSSL_ERRORS_FUNCTION                  0</pre>
+<p>Macro. The XMLSec library functions OpenSSL errors reporting functions.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-OPENSSL-ERRORS-LIB:CAPS"></a><h3>XMLSEC_OPENSSL_ERRORS_LIB</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_OPENSSL_ERRORS_LIB                       (ERR_LIB_USER + 57)</pre>
+<p>Macro. The XMLSec library klass for OpenSSL errors reporting functions.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-NO-SHA256--CAPS"></a><h3>XMLSEC_NO_SHA256</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_NO_SHA256 1</pre>
+<a name="XMLSECCRYPTOGETFUNCTIONS-OPENSSL"></a><h3>xmlSecCryptoGetFunctions_openssl ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECCRYPTODLFUNCTIONS"><span class="RETURNVALUE">xmlSecCryptoDLFunctionsPtr</span></gtkdoclink> xmlSecCryptoGetFunctions_openssl
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the pointer to xmlsec-openssl functions table.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN27914"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the xmlsec-openssl functions table or NULL if an error occurs.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-NO-SHA384--CAPS"></a><h3>XMLSEC_NO_SHA384</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_NO_SHA384 1</pre>
+<a name="XMLSECOPENSSLERRORSDEFAULTCALLBACK"></a><h3>xmlSecOpenSSLErrorsDefaultCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecOpenSSLErrorsDefaultCallback  (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> line</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *func</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorObject</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *errorSubject</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> reason</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *msg</code>);</pre>
+<p>The default OpenSSL errors reporting callback function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27949"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location file name (__FILE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27954"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location line number (__LINE__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27959"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error location function name (__FUNCTION__ macro).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27964"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error object</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27969"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error specific error subject.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27974"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the error code.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN27979"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the additional error message.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-NO-SHA512--CAPS"></a><h3>XMLSEC_NO_SHA512</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_NO_SHA512 1</pre>
+<a name="XMLSECOPENSSLGENERATERANDOM"></a><h3>xmlSecOpenSSLGenerateRandom ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLGenerateRandom         (<code class="PARAMETER"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28001"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28006"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the numer of bytes to generate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28011"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-NO-AES--CAPS"></a><h3>XMLSEC_NO_AES</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_NO_AES	 1</pre>
+<a name="XMLSECOPENSSLGETDEFAULTTRUSTEDCERTSFOLDER"></a><h3>xmlSecOpenSSLGetDefaultTrustedCertsFolder ()</h3>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     xmlSecOpenSSLGetDefaultTrustedCertsFolder
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the default trusted certs folder.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28027"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default trusted cert folder.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCRYPTOGETFUNCTIONS-OPENSSL"></a><h3>xmlSecCryptoGetFunctions_openssl ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecCryptoDLFunctionsPtr</font>  xmlSecCryptoGetFunctions_openssl
-                                                        (void);</pre>
-<p>Gets the pointer to xmlsec-openssl functions table.</p>
+<a name="XMLSECOPENSSLHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecOpenSSLHmacGetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLHmacGetMinOutputLength (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets the value of min HMAC length.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28043"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the min HMAC output length</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecOpenSSLHmacSetMinOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecOpenSSLHmacSetMinOutputLength (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> min_length</code>);</pre>
+<p>Sets the min HMAC output length</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22313"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the xmlsec-openssl functions table or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28060"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new min length</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLINIT"></a><h3>xmlSecOpenSSLInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLInit                   (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLInit                   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>XMLSec library specific crypto engine initialization.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22327"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28076"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLSHUTDOWN"></a><h3>xmlSecOpenSSLShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLShutdown               (void);</pre>
-<p>XMLSec library specific crypto engine shutdown.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAAESGETKLASS"></a><h3>xmlSecOpenSSLKeyDataAesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataAesGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22341"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28092"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYSMNGRINIT"></a><h3>xmlSecOpenSSLKeysMngrInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeysMngrInit           (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> mngr);</pre>
-<p>Adds OpenSSL specific key data stores in keys manager.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAAESID"></a><h3>xmlSecOpenSSLKeyDataAesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataAesId</pre>
+<p>The AES key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATAAESSET"></a><h3>xmlSecOpenSSLKeyDataAesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataAesSet          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of AES key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22356"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28121"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to AES key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28126"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28131"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22361"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28136"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLGENERATERANDOM"></a><h3>xmlSecOpenSSLGenerateRandom ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLGenerateRandom         (<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Generates <code class="PARAMETER">size</code> random bytes and puts result in <code class="PARAMETER">buffer</code>.</p>
+<a name="XMLSECOPENSSLKEYDATADESGETKLASS"></a><h3>xmlSecOpenSSLKeyDataDesGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataDesGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DES key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28152"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DES key data klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATADESID"></a><h3>xmlSecOpenSSLKeyDataDesId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataDesId</pre>
+<p>The DES key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATADESSET"></a><h3>xmlSecOpenSSLKeyDataDesSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataDesSet          (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of DES key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22379"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28181"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DES key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22384"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the numer of bytes to generate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28186"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22389"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28191"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28196"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLSETDEFAULTTRUSTEDCERTSFOLDER"></a><h3>xmlSecOpenSSLSetDefaultTrustedCertsFolder ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLSetDefaultTrustedCertsFolder
-                                                        (const <font>xmlChar</font> *path);</pre>
-<p>Sets the default trusted certs folder.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATADSAADOPTDSA"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptDsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataDsaAdoptDsa     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="DSA:CAPS"><span class="TYPE">DSA</span></gtkdoclink> *dsa</code>);</pre>
+<p>Sets the value of DSA key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22404"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the default trusted certs path.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28216"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22409"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28221"><span style="white-space: nowrap"><code class="PARAMETER">dsa</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL DSA key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28226"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLGETDEFAULTTRUSTEDCERTSFOLDER"></a><h3>xmlSecOpenSSLGetDefaultTrustedCertsFolder ()</h3>
-<pre class="PROGRAMLISTING">const <font>xmlChar</font>*      xmlSecOpenSSLGetDefaultTrustedCertsFolder
-                                                        (void);</pre>
-<p>Gets the default trusted certs folder.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATADSAADOPTEVP"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataDsaAdoptEvp     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Sets the DSA key data value to OpenSSL EVP key.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22423"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the default trusted cert folder.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28246"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28251"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL EVP key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28256"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAAESID"></a><h3>xmlSecOpenSSLKeyDataAesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataAesId</pre>
-<p>The AES key klass.</p>
+<a name="XMLSECOPENSSLKEYDATADSAGETDSA"></a><h3>xmlSecOpenSSLKeyDataDsaGetDsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="DSA:CAPS"><span class="RETURNVALUE">DSA</span></gtkdoclink> *               xmlSecOpenSSLKeyDataDsaGetDsa       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL DSA key from DSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28273"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28278"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL DSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAAESGETKLASS"></a><h3>xmlSecOpenSSLKeyDataAesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataAesGetKlass     (void);</pre>
-<p>The AES key data klass.</p>
+<a name="XMLSECOPENSSLKEYDATADSAGETEVP"></a><h3>xmlSecOpenSSLKeyDataDsaGetEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          xmlSecOpenSSLKeyDataDsaGetEvp       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL EVP key from DSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28295"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to DSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28300"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL EVP key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATADSAGETKLASS"></a><h3>xmlSecOpenSSLKeyDataDsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataDsaGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22444"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28316"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to DSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAAESSET"></a><h3>xmlSecOpenSSLKeyDataAesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataAesSet          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of AES key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATADSAID"></a><h3>xmlSecOpenSSLKeyDataDsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataDsaId</pre>
+<p>The DSA key klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATAECDSAADOPTECDSA"></a><h3>xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EC-KEY:CAPS"><span class="TYPE">EC_KEY</span></gtkdoclink> *ecdsa</code>);</pre>
+<p>Sets the value of ECDSA key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22461"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to AES key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28342"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to ECDSA key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22466"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28347"><span style="white-space: nowrap"><code class="PARAMETER">ecdsa</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL ECDSA key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22471"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28352"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATAECDSAADOPTEVP"></a><h3>xmlSecOpenSSLKeyDataEcdsaAdoptEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataEcdsaAdoptEvp   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Sets the ECDSA key data value to OpenSSL EVP key.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28372"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to ECDSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28377"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL EVP key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22476"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28382"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES128CBCID"></a><h3>xmlSecOpenSSLTransformAes128CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes128CbcId</pre>
-<p>The AES128 CBC cipher transform klass.</p>
+<a name="XMLSECOPENSSLKEYDATAECDSAGETECDSA"></a><h3>xmlSecOpenSSLKeyDataEcdsaGetEcdsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EC-KEY:CAPS"><span class="RETURNVALUE">EC_KEY</span></gtkdoclink> *            xmlSecOpenSSLKeyDataEcdsaGetEcdsa   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL ECDSA key from ECDSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28399"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to ECDSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28404"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL ECDSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes128CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformAes128CbcGetKlass
-                                                        (void);</pre>
-<p>AES 128 CBC encryption transform klass.</p>
+<a name="XMLSECOPENSSLKEYDATAECDSAGETEVP"></a><h3>xmlSecOpenSSLKeyDataEcdsaGetEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          xmlSecOpenSSLKeyDataEcdsaGetEvp     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL EVP key from ECDSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28421"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to ECDSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28426"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL EVP key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLKEYDATAECDSAGETKLASS"></a><h3>xmlSecOpenSSLKeyDataEcdsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataEcdsaGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22497"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 128 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28442"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to ECDSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES192CBCID"></a><h3>xmlSecOpenSSLTransformAes192CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes192CbcId</pre>
-<p>The AES192 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAECDSAID"></a><h3>xmlSecOpenSSLKeyDataEcdsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataEcdsaId</pre>
+<p>The ECDSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes192CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformAes192CbcGetKlass
-                                                        (void);</pre>
-<p>AES 192 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAGOST2001GETKLASS"></a><h3>xmlSecOpenSSLKeyDataGost2001GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataGost2001GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GOST2001 key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22518"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 192 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28464"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GOST2001 key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES256CBCID"></a><h3>xmlSecOpenSSLTransformAes256CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes256CbcId</pre>
-<p>The AES256 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAGOST2001ID"></a><h3>xmlSecOpenSSLKeyDataGost2001Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataGost2001Id</pre>
+<p>The GOST2001 key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes256CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformAes256CbcGetKlass
-                                                        (void);</pre>
-<p>AES 256 CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAHMACGETKLASS"></a><h3>xmlSecOpenSSLKeyDataHmacGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataHmacGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22539"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to AES 256 CBC encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28486"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>HMAC key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES128ID"></a><h3>xmlSecOpenSSLTransformKWAes128Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes128Id</pre>
-<p>The AES 128 key wrap transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAHMACID"></a><h3>xmlSecOpenSSLKeyDataHmacId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataHmacId</pre>
+<p>The DHMAC key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes128GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformKWAes128GetKlass
-                                                        (void);</pre>
-<p>The AES-128 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAHMACSET"></a><h3>xmlSecOpenSSLKeyDataHmacSet ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataHmacSet         (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufSize</code>);</pre>
+<p>Sets the value of HMAC key data.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22560"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-128 kew wrapper transform klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28515"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to HMAC key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28520"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28525"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key value size (in bytes).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28530"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES192ID"></a><h3>xmlSecOpenSSLTransformKWAes192Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes192Id</pre>
-<p>The AES 192 key wrap transform klass.</p>
+<a name="XMLSECOPENSSLKEYDATARSAADOPTEVP"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataRsaAdoptEvp     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Sets the RSA key data value to OpenSSL EVP key.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28550"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28555"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL EVP key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28560"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes192GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformKWAes192GetKlass
-                                                        (void);</pre>
-<p>The AES-192 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATARSAADOPTRSA"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptRsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataRsaAdoptRsa     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="RSA:CAPS"><span class="TYPE">RSA</span></gtkdoclink> *rsa</code>);</pre>
+<p>Sets the value of RSA key data.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22581"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-192 kew wrapper transform klass.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28580"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28585"><span style="white-space: nowrap"><code class="PARAMETER">rsa</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL RSA key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28590"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES256ID"></a><h3>xmlSecOpenSSLTransformKWAes256Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes256Id</pre>
-<p>The AES 256 key wrap transform klass.</p>
+<a name="XMLSECOPENSSLKEYDATARSAGETEVP"></a><h3>xmlSecOpenSSLKeyDataRsaGetEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          xmlSecOpenSSLKeyDataRsaGetEvp       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL EVP key from RSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28607"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28612"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL EVP key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformKWAes256GetKlass
-                                                        (void);</pre>
-<p>The AES-256 kew wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATARSAGETKLASS"></a><h3>xmlSecOpenSSLKeyDataRsaGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataRsaGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The OpenSSL RSA key data klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22602"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> AES-256 kew wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28628"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL RSA key data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADESID"></a><h3>xmlSecOpenSSLKeyDataDesId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataDesId</pre>
-<p>The DES key klass.</p>
+<a name="XMLSECOPENSSLKEYDATARSAGETRSA"></a><h3>xmlSecOpenSSLKeyDataRsaGetRsa ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="RSA:CAPS"><span class="RETURNVALUE">RSA</span></gtkdoclink> *               xmlSecOpenSSLKeyDataRsaGetRsa       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the OpenSSL RSA key from RSA key data.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28645"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to RSA key data.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN28650"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL RSA key or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADESGETKLASS"></a><h3>xmlSecOpenSSLKeyDataDesGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataDesGetKlass     (void);</pre>
-<p>The DES key data klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22623"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DES key data klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECOPENSSLKEYDATARSAID"></a><h3>xmlSecOpenSSLKeyDataRsaId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataRsaId</pre>
+<p>The RSA key klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADESSET"></a><h3>xmlSecOpenSSLKeyDataDesSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataDesSet          (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of DES key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYSMNGRINIT"></a><h3>xmlSecOpenSSLKeysMngrInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeysMngrInit           (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> mngr</code>);</pre>
+<p>Adds OpenSSL specific key data stores in keys manager.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22640"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DES key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28673"><span style="white-space: nowrap"><code class="PARAMETER">mngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22645"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28678"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLSETDEFAULTTRUSTEDCERTSFOLDER"></a><h3>xmlSecOpenSSLSetDefaultTrustedCertsFolder ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLSetDefaultTrustedCertsFolder
+                                                        (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *path</code>);</pre>
+<p>Sets the default trusted certs folder.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22650"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28695"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default trusted certs path.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN22655"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28700"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMDES3CBCID"></a><h3>xmlSecOpenSSLTransformDes3CbcId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformDes3CbcId</pre>
-<p>The DES3 CBC cipher transform klass.</p>
+<a name="XMLSECOPENSSLSHUTDOWN"></a><h3>xmlSecOpenSSLShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLShutdown               (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>XMLSec library specific crypto engine shutdown.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28716"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformDes3CbcGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformDes3CbcGetKlass
-                                                        (void);</pre>
-<p>Triple DES CBC encryption transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMAES128CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes128CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformAes128CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 128 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22676"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to Triple DES encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28732"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 128 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWDES3ID"></a><h3>xmlSecOpenSSLTransformKWDes3Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWDes3Id</pre>
-<p>The DES3 CBC cipher transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMAES128CBCID"></a><h3>xmlSecOpenSSLTransformAes128CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes128CbcId</pre>
+<p>The AES128 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecOpenSSLTransformKWDes3GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformKWDes3GetKlass
-                                                        (void);</pre>
-<p>The Triple DES key wrapper transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMAES192CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes192CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformAes192CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 192 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22697"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Triple DES key wrapper transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28754"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 192 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAID"></a><h3>xmlSecOpenSSLKeyDataDsaId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataDsaId</pre>
-<p>The DSA key klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMAES192CBCID"></a><h3>xmlSecOpenSSLTransformAes192CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes192CbcId</pre>
+<p>The AES192 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAGETKLASS"></a><h3>xmlSecOpenSSLKeyDataDsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataDsaGetKlass     (void);</pre>
-<p>The DSA key data klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMAES256CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformAes256CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformAes256CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>AES 256 CBC encryption transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22718"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to DSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28776"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to AES 256 CBC encryption transform.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAADOPTDSA"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptDsa ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataDsaAdoptDsa     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>DSA</font> *dsa);</pre>
-<p>Sets the value of DSA key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22734"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22739"><span style="white-space: nowrap"><code class="PARAMETER">dsa</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL DSA key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22744"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECOPENSSLTRANSFORMAES256CBCID"></a><h3>xmlSecOpenSSLTransformAes256CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformAes256CbcId</pre>
+<p>The AES256 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAGETDSA"></a><h3>xmlSecOpenSSLKeyDataDsaGetDsa ()</h3>
-<pre class="PROGRAMLISTING"><font>DSA</font>*                xmlSecOpenSSLKeyDataDsaGetDsa       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the OpenSSL DSA key from DSA key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMDES3CBCGETKLASS"></a><h3>xmlSecOpenSSLTransformDes3CbcGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformDes3CbcGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Triple DES CBC encryption transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22759"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22764"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL DSA key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28798"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to Triple DES encryption transform.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAADOPTEVP"></a><h3>xmlSecOpenSSLKeyDataDsaAdoptEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataDsaAdoptEvp     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);</pre>
-<p>Sets the DSA key data value to OpenSSL EVP key.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22780"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22785"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL EVP key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22790"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECOPENSSLTRANSFORMDES3CBCID"></a><h3>xmlSecOpenSSLTransformDes3CbcId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformDes3CbcId</pre>
+<p>The DES3 CBC cipher transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATADSAGETEVP"></a><h3>xmlSecOpenSSLKeyDataDsaGetEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>EVP_PKEY</font>*           xmlSecOpenSSLKeyDataDsaGetEvp       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the OpenSSL EVP key from DSA key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformDsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformDsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA1 signature transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22805"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to DSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22810"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL EVP key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28820"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA1 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMDSASHA1ID"></a><h3>xmlSecOpenSSLTransformDsaSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformDsaSha1Id</pre>
 <p>The DSA SHA1 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMDSASHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformDsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformDsaSha1GetKlass
-                                                        (void);</pre>
-<p>The DSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMDSASHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformDsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformDsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The DSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22831"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> DSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28842"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>DSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLHMACGETMINOUTPUTLENGTH"></a><h3>xmlSecOpenSSLHmacGetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLHmacGetMinOutputLength (void);</pre>
-<p>Gets the value of min HMAC length.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMDSASHA256ID"></a><h3>xmlSecOpenSSLTransformDsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformDsaSha256Id</pre>
+<p>The DSA SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformEcdsaSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformEcdsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA1 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22845"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the min HMAC output length</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28864"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA1 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLHMACSETMINOUTPUTLENGTH"></a><h3>xmlSecOpenSSLHmacSetMinOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecOpenSSLHmacSetMinOutputLength (<font>int</font> min_length);</pre>
-<p>Sets the min HMAC output length</p>
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA1ID"></a><h3>xmlSecOpenSSLTransformEcdsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformEcdsaSha1Id</pre>
+<p>The ECDSA-SHA1 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformEcdsaSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformEcdsaSha224GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA224 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28886"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA224 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA224ID"></a><h3>xmlSecOpenSSLTransformEcdsaSha224Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformEcdsaSha224Id</pre>
+<p>The ECDSA-SHA224 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformEcdsaSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformEcdsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA256 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22860"><span style="white-space: nowrap"><code class="PARAMETER">min_length</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the new min length </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28908"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAHMACID"></a><h3>xmlSecOpenSSLKeyDataHmacId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataHmacId</pre>
-<p>The DHMAC key klass.</p>
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA256ID"></a><h3>xmlSecOpenSSLTransformEcdsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformEcdsaSha256Id</pre>
+<p>The ECDSA-SHA256 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformEcdsaSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformEcdsaSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA384 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28930"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA384 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAHMACGETKLASS"></a><h3>xmlSecOpenSSLKeyDataHmacGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataHmacGetKlass    (void);</pre>
-<p>The HMAC key data klass.</p>
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA384ID"></a><h3>xmlSecOpenSSLTransformEcdsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformEcdsaSha384Id</pre>
+<p>The ECDSA-SHA384 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformEcdsaSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformEcdsaSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The ECDSA-SHA512 signature transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>ECDSA-SHA512 signature transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMECDSASHA512ID"></a><h3>xmlSecOpenSSLTransformEcdsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformEcdsaSha512Id</pre>
+<p>The ECDSA-SHA512 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMGOST2001GOSTR3411-94GETKLASS"></a><h3>xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The GOST2001-GOSTR3411_94 signature transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22881"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> HMAC key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN28974"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>GOST2001-GOSTR3411_94 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAHMACSET"></a><h3>xmlSecOpenSSLKeyDataHmacSet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataHmacSet         (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufSize);</pre>
-<p>Sets the value of HMAC key data.</p>
+<a name="XMLSECOPENSSLTRANSFORMGOST2001GOSTR3411-94ID"></a><h3>xmlSecOpenSSLTransformGost2001GostR3411_94Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformGost2001GostR3411_94Id</pre>
+<p>The GOST2001 GOSTR3411_94 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMGOSTR3411-94GETKLASS"></a><h3>xmlSecOpenSSLTransformGostR3411_94GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformGostR3411_94GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>GOSTR3411_94 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN28996"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to GOSTR3411_94 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMGOSTR3411-94ID"></a><h3>xmlSecOpenSSLTransformGostR3411_94Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformGostR3411_94Id</pre>
+<p>The GOSTR3411_94 signature transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-MD5 transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22898"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to HMAC key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22903"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to key value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22908"><span style="white-space: nowrap"><code class="PARAMETER">bufSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key value size (in bytes).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN22913"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29018"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-MD5 transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMHMACMD5ID"></a><h3>xmlSecOpenSSLTransformHmacMd5Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacMd5Id</pre>
 <p>The HMAC with MD5 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacMd5GetKlass
-                                                        (void);</pre>
-<p>The HMAC-MD5 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-RIPEMD160 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22934"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-MD5 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29040"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-RIPEMD160 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -859,19 +1162,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACRIPEMD160ID"></a><h3>xmlSecOpenSSLTransformHmacRipemd160Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacRipemd160Id</pre>
 <p>The HMAC with RipeMD160 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACRIPEMD160GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacRipemd160GetKlass
-                                                        (void);</pre>
-<p>The HMAC-RIPEMD160 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA1 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22955"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-RIPEMD160 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29062"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA1 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -879,19 +1180,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACSHA1ID"></a><h3>xmlSecOpenSSLTransformHmacSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacSha1Id</pre>
 <p>The HMAC with SHA1 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACSHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacSha1GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA1 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACSHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacSha224GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA224 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22976"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA1 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29084"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA224 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -899,19 +1198,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACSHA224ID"></a><h3>xmlSecOpenSSLTransformHmacSha224Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacSha224Id</pre>
 <p>The HMAC with SHA224 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACSHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacSha224GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA224 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA256 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN22997"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA224 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29106"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA256 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -919,19 +1216,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACSHA256ID"></a><h3>xmlSecOpenSSLTransformHmacSha256Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacSha256Id</pre>
 <p>The HMAC with SHA256 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACSHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacSha256GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA256 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA384 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23018"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA256 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29128"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA384 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -939,19 +1234,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACSHA384ID"></a><h3>xmlSecOpenSSLTransformHmacSha384Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacSha384Id</pre>
 <p>The HMAC with SHA384 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACSHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacSha384GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA384 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformHmacSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The HMAC-SHA512 transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23039"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA384 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29150"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the HMAC-SHA512 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -959,339 +1252,285 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMHMACSHA512ID"></a><h3>xmlSecOpenSSLTransformHmacSha512Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformHmacSha512Id</pre>
 <p>The HMAC with SHA512 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMHMACSHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformHmacSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformHmacSha512GetKlass
-                                                        (void);</pre>
-<p>The HMAC-SHA512 transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES128GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes128GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformKWAes128GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-128 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23060"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the HMAC-SHA512 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29172"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-128 kew wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMMD5ID"></a><h3>xmlSecOpenSSLTransformMd5Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformMd5Id</pre>
-<p>The MD5 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES128ID"></a><h3>xmlSecOpenSSLTransformKWAes128Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes128Id</pre>
+<p>The AES 128 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformMd5GetKlass   (void);</pre>
-<p>MD5 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES192GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes192GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformKWAes192GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-192 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23081"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to MD5 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29194"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-192 kew wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRIPEMD160ID"></a><h3>xmlSecOpenSSLTransformRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRipemd160Id</pre>
-<p>The RIPEMD160 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES192ID"></a><h3>xmlSecOpenSSLTransformKWAes192Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes192Id</pre>
+<p>The AES 192 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecOpenSSLTransformRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRipemd160GetKlass
-                                                        (void);</pre>
-<p>RIPEMD-160 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES256GETKLASS"></a><h3>xmlSecOpenSSLTransformKWAes256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformKWAes256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The AES-256 kew wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23102"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to RIPEMD-160 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29216"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>AES-256 kew wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAID"></a><h3>xmlSecOpenSSLKeyDataRsaId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataRsaId</pre>
-<p>The RSA key klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWAES256ID"></a><h3>xmlSecOpenSSLTransformKWAes256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWAes256Id</pre>
+<p>The AES 256 key wrap transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAGETKLASS"></a><h3>xmlSecOpenSSLKeyDataRsaGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataRsaGetKlass     (void);</pre>
-<p>The OpenSSL RSA key data klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMKWDES3GETKLASS"></a><h3>xmlSecOpenSSLTransformKWDes3GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformKWDes3GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Triple DES key wrapper transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23123"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL RSA key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29238"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Triple DES key wrapper transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAADOPTRSA"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptRsa ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataRsaAdoptRsa     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>RSA</font> *rsa);</pre>
-<p>Sets the value of RSA key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23139"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to RSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23144"><span style="white-space: nowrap"><code class="PARAMETER">rsa</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL RSA key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23149"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECOPENSSLTRANSFORMKWDES3ID"></a><h3>xmlSecOpenSSLTransformKWDes3Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformKWDes3Id</pre>
+<p>The DES3 KW transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAGETRSA"></a><h3>xmlSecOpenSSLKeyDataRsaGetRsa ()</h3>
-<pre class="PROGRAMLISTING"><font>RSA</font>*                xmlSecOpenSSLKeyDataRsaGetRsa       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the OpenSSL RSA key from RSA key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformMd5GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>MD5 digest transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23164"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to RSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23169"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL RSA key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29260"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to MD5 digest transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAADOPTEVP"></a><h3>xmlSecOpenSSLKeyDataRsaAdoptEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataRsaAdoptEvp     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);</pre>
-<p>Sets the RSA key data value to OpenSSL EVP key.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23185"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to RSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23190"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL EVP key.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23195"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<a name="XMLSECOPENSSLTRANSFORMMD5ID"></a><h3>xmlSecOpenSSLTransformMd5Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformMd5Id</pre>
+<p>The MD5 digest transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARSAGETEVP"></a><h3>xmlSecOpenSSLKeyDataRsaGetEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>EVP_PKEY</font>*           xmlSecOpenSSLKeyDataRsaGetEvp       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the OpenSSL EVP key from RSA key data.</p>
+<a name="XMLSECOPENSSLTRANSFORMRIPEMD160GETKLASS"></a><h3>xmlSecOpenSSLTransformRipemd160GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>RIPEMD-160 digest transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29282"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to RIPEMD-160 digest transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMRIPEMD160ID"></a><h3>xmlSecOpenSSLTransformRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRipemd160Id</pre>
+<p>The RIPEMD160 digest transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaMd5GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaMd5GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-MD5 signature transform klass.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23210"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to RSA key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23215"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL EVP key or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29304"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-MD5 signature transform klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSAMD5ID"></a><h3>xmlSecOpenSSLTransformRsaMd5Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaMd5Id</pre>
 <p>The RSA-MD5 signature transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSAMD5GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaMd5GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaMd5GetKlass
-                                                        (void);</pre>
-<p>The RSA-MD5 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecOpenSSLTransformRsaOaepGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaOaepGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-OAEP key transport transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23236"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-MD5 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29326"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-OAEP key transport transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecOpenSSLTransformRsaRipemd160Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaRipemd160Id</pre>
-<p>The RSA-RIPEMD160 signature transform klass.</p>
+<a name="XMLSECOPENSSLTRANSFORMRSAOAEPID"></a><h3>xmlSecOpenSSLTransformRsaOaepId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaOaepId</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaPkcs1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaPkcs1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The RSA-PKCS1 key transport transform klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29348"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-PKCS1 key transport transform klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLTRANSFORMRSAPKCS1ID"></a><h3>xmlSecOpenSSLTransformRsaPkcs1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaPkcs1Id</pre>
+<p>The RSA PKCS1 key transport transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSARIPEMD160GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaRipemd160GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaRipemd160GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaRipemd160GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-RIPEMD160 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23257"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-RIPEMD160 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29370"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-RIPEMD160 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSASHA1ID"></a><h3>xmlSecOpenSSLTransformRsaSha1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha1Id</pre>
-<p>The RSA-SHA1 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSARIPEMD160ID"></a><h3>xmlSecOpenSSLTransformRsaRipemd160Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaRipemd160Id</pre>
+<p>The RSA-RIPEMD160 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSASHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaSha1GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaSha1GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-SHA1 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23278"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA1 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29392"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA1 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSASHA224ID"></a><h3>xmlSecOpenSSLTransformRsaSha224Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha224Id</pre>
-<p>The RSA-SHA224 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSASHA1ID"></a><h3>xmlSecOpenSSLTransformRsaSha1Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha1Id</pre>
+<p>The RSA-SHA1 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSASHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaSha224GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaSha224GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-SHA224 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23299"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA224 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29414"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA224 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSASHA256ID"></a><h3>xmlSecOpenSSLTransformRsaSha256Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha256Id</pre>
-<p>The RSA-SHA256 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSASHA224ID"></a><h3>xmlSecOpenSSLTransformRsaSha224Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha224Id</pre>
+<p>The RSA-SHA224 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSASHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaSha256GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-SHA256 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23320"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA256 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29436"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA256 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSASHA384ID"></a><h3>xmlSecOpenSSLTransformRsaSha384Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha384Id</pre>
-<p>The RSA-SHA384 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSASHA256ID"></a><h3>xmlSecOpenSSLTransformRsaSha256Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha256Id</pre>
+<p>The RSA-SHA256 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSASHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaSha384GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-SHA384 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23341"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA384 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29458"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA384 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSASHA512ID"></a><h3>xmlSecOpenSSLTransformRsaSha512Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha512Id</pre>
-<p>The RSA-SHA512 signature transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSASHA384ID"></a><h3>xmlSecOpenSSLTransformRsaSha384Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha384Id</pre>
+<p>The RSA-SHA384 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLTRANSFORMRSASHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaSha512GetKlass
-                                                        (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformRsaSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The RSA-SHA512 signature transform klass.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23362"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-SHA512 signature transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29480"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>RSA-SHA512 signature transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSAPKCS1ID"></a><h3>xmlSecOpenSSLTransformRsaPkcs1Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaPkcs1Id</pre>
-<p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSAPKCS1GETKLASS"></a><h3>xmlSecOpenSSLTransformRsaPkcs1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaPkcs1GetKlass
-                                                        (void);</pre>
-<p>The RSA-PKCS1 key transport transform klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23383"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-PKCS1 key transport transform klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSAOAEPID"></a><h3>xmlSecOpenSSLTransformRsaOaepId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaOaepId</pre>
-<p>The RSA PKCS1 key transport transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMRSASHA512ID"></a><h3>xmlSecOpenSSLTransformRsaSha512Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformRsaSha512Id</pre>
+<p>The RSA-SHA512 signature transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMRSAOAEPGETKLASS"></a><h3>xmlSecOpenSSLTransformRsaOaepGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformRsaOaepGetKlass
-                                                        (void);</pre>
-<p>The RSA-OAEP key transport transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMSHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformSha1GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformSha1GetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-1 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23404"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> RSA-OAEP key transport transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29502"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-1 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -1299,18 +1538,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMSHA1ID"></a><h3>xmlSecOpenSSLTransformSha1Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformSha1Id</pre>
 <p>The SHA1 digest transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMSHA1GETKLASS"></a><h3>xmlSecOpenSSLTransformSha1GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformSha1GetKlass  (void);</pre>
-<p>SHA-1 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMSHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformSha224GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformSha224GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-224 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23425"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-1 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29524"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-224 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -1318,19 +1556,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMSHA224ID"></a><h3>xmlSecOpenSSLTransformSha224Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformSha224Id</pre>
 <p>The SHA224 digest transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMSHA224GETKLASS"></a><h3>xmlSecOpenSSLTransformSha224GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformSha224GetKlass
-                                                        (void);</pre>
-<p>SHA-224 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMSHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformSha256GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformSha256GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-256 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23446"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-224 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29546"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-256 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -1338,19 +1574,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMSHA256ID"></a><h3>xmlSecOpenSSLTransformSha256Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformSha256Id</pre>
 <p>The SHA256 digest transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMSHA256GETKLASS"></a><h3>xmlSecOpenSSLTransformSha256GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformSha256GetKlass
-                                                        (void);</pre>
-<p>SHA-256 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMSHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformSha384GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformSha384GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-384 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23467"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-256 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29568"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-384 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -1358,19 +1592,17 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMSHA384ID"></a><h3>xmlSecOpenSSLTransformSha384Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformSha384Id</pre>
 <p>The SHA384 digest transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMSHA384GETKLASS"></a><h3>xmlSecOpenSSLTransformSha384GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformSha384GetKlass
-                                                        (void);</pre>
-<p>SHA-384 digest transform klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLTRANSFORMSHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformSha512GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecOpenSSLTransformSha512GetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>SHA-512 digest transform klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23488"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-384 digest transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29590"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to SHA-512 digest transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -1378,78 +1610,6 @@ const <font>xmlChar</font>*      <a href="xmlsec-openssl-crypto.html#XMLSECOPENS
 <a name="XMLSECOPENSSLTRANSFORMSHA512ID"></a><h3>xmlSecOpenSSLTransformSha512Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecOpenSSLTransformSha512Id</pre>
 <p>The SHA512 digest transform klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLTRANSFORMSHA512GETKLASS"></a><h3>xmlSecOpenSSLTransformSha512GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecOpenSSLTransformSha512GetKlass
-                                                        (void);</pre>
-<p>SHA-512 digest transform klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23509"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to SHA-512 digest transform klass.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-OPENSSL-ERRORS-LIB--CAPS"></a><h3>XMLSEC_OPENSSL_ERRORS_LIB</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_OPENSSL_ERRORS_LIB			(ERR_LIB_USER + 57)</pre>
-<p>Macro. The XMLSec library klass for OpenSSL errors reporting functions.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-OPENSSL-ERRORS-FUNCTION--CAPS"></a><h3>XMLSEC_OPENSSL_ERRORS_FUNCTION</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_OPENSSL_ERRORS_FUNCTION			0</pre>
-<p>Macro. The XMLSec library functions OpenSSL errors reporting functions.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLERRORSDEFAULTCALLBACK"></a><h3>xmlSecOpenSSLErrorsDefaultCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecOpenSSLErrorsDefaultCallback  (const <font>char</font> *file,
-                                                         <font>int</font> line,
-                                                         const <font>char</font> *func,
-                                                         const <font>char</font> *errorObject,
-                                                         const <font>char</font> *errorSubject,
-                                                         <font>int</font> reason,
-                                                         const <font>char</font> *msg);</pre>
-<p>The default OpenSSL errors reporting callback function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23544"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location file name (__FILE__ macro).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23549"><span style="white-space: nowrap"><code class="PARAMETER">line</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location line number (__LINE__ macro).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23554"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error location function name (__FUNCTION__ macro).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23559"><span style="white-space: nowrap"><code class="PARAMETER">errorObject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error object </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23564"><span style="white-space: nowrap"><code class="PARAMETER">errorSubject</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the error specific error subject.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23569"><span style="white-space: nowrap"><code class="PARAMETER">reason</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the error code.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23574"><span style="white-space: nowrap"><code class="PARAMETER">msg</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the additional error message.</p></td>
-</tr>
-</tbody></table>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-openssl-evp.html b/docs/api/xmlsec-openssl-evp.html
index 7365c623..4b6022b3 100644
--- a/docs/api/xmlsec-openssl-evp.html
+++ b/docs/api/xmlsec-openssl-evp.html
@@ -87,14 +87,14 @@
 <h1>
 <a name="XMLSEC-OPENSSL-EVP"></a>evp</h1>
 <div class="REFNAMEDIV">
-<a name="AEN23584"></a><h2>Name</h2>evp -- EVP keys data implementation.</div>
+<a name="AEN29606"></a><h2>Name</h2>evp -- EVP keys data implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-OPENSSL-EVP.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>int</font>                 <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDATAADOPTEVP">xmlSecOpenSSLEvpKeyDataAdoptEvp</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);
-<font>EVP_PKEY</font>*           <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDATAGETEVP">xmlSecOpenSSLEvpKeyDataGetEvp</a>       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>EVP_PKEY</font>*           <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDUP">xmlSecOpenSSLEvpKeyDup</a>              (<font>EVP_PKEY</font> *pKey);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYADOPT">xmlSecOpenSSLEvpKeyAdopt</a>            (<font>EVP_PKEY</font> *pKey);</pre>
+<pre class="SYNOPSIS"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYADOPT">xmlSecOpenSSLEvpKeyAdopt</a>            (<code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDATAADOPTEVP">xmlSecOpenSSLEvpKeyDataAdoptEvp</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);
+<gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDATAGETEVP">xmlSecOpenSSLEvpKeyDataGetEvp</a>       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          <a href="xmlsec-openssl-evp.html#XMLSECOPENSSLEVPKEYDUP">xmlSecOpenSSLEvpKeyDup</a>              (<code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-EVP.DESCRIPTION"></a><h2>Description</h2>
@@ -103,78 +103,74 @@
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-EVP.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLEVPKEYDATAADOPTEVP"></a><h3>xmlSecOpenSSLEvpKeyDataAdoptEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLEvpKeyDataAdoptEvp     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>EVP_PKEY</font> *pKey);</pre>
-<p>Sets the value of key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLEVPKEYADOPT"></a><h3>xmlSecOpenSSLEvpKeyAdopt ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecOpenSSLEvpKeyAdopt            (<code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Creates xmlsec key object from OpenSSL key object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23619"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL EVP key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23624"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to EVP key.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29656"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to EVP_PKEY.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23629"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29661"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created xmlsec key or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLEVPKEYDATAGETEVP"></a><h3>xmlSecOpenSSLEvpKeyDataGetEvp ()</h3>
-<pre class="PROGRAMLISTING"><font>EVP_PKEY</font>*           xmlSecOpenSSLEvpKeyDataGetEvp       (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the EVP_PKEY from the key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLEVPKEYDATAADOPTEVP"></a><h3>xmlSecOpenSSLEvpKeyDataAdoptEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLEvpKeyDataAdoptEvp     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Sets the value of key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23644"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL EVP data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29681"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL EVP key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23649"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to EVP_PKEY or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29686"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to EVP key.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN29691"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLEVPKEYDUP"></a><h3>xmlSecOpenSSLEvpKeyDup ()</h3>
-<pre class="PROGRAMLISTING"><font>EVP_PKEY</font>*           xmlSecOpenSSLEvpKeyDup              (<font>EVP_PKEY</font> *pKey);</pre>
-<p>Duplicates <code class="PARAMETER">pKey</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLEVPKEYDATAGETEVP"></a><h3>xmlSecOpenSSLEvpKeyDataGetEvp ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          xmlSecOpenSSLEvpKeyDataGetEvp       (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the EVP_PKEY from the key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23665"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to EVP_PKEY.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29708"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL EVP data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23670"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created EVP_PKEY object or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29713"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to EVP_PKEY or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLEVPKEYADOPT"></a><h3>xmlSecOpenSSLEvpKeyAdopt ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecOpenSSLEvpKeyAdopt            (<font>EVP_PKEY</font> *pKey);</pre>
-<p>Creates xmlsec key object from OpenSSL key object.</p>
-<p></p>
+<a name="XMLSECOPENSSLEVPKEYDUP"></a><h3>xmlSecOpenSSLEvpKeyDup ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="EVP-PKEY:CAPS"><span class="RETURNVALUE">EVP_PKEY</span></gtkdoclink> *          xmlSecOpenSSLEvpKeyDup              (<code class="PARAMETER"><gtkdoclink href="EVP-PKEY:CAPS"><span class="TYPE">EVP_PKEY</span></gtkdoclink> *pKey</code>);</pre>
+<p>Duplicates <code class="PARAMETER">pKey</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23685"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to EVP_PKEY.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29731"><span style="white-space: nowrap"><code class="PARAMETER">pKey</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to EVP_PKEY.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23690"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created xmlsec key or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29736"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created EVP_PKEY object or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-openssl-x509.html b/docs/api/xmlsec-openssl-x509.html
index e6fc9927..cd9efaf7 100644
--- a/docs/api/xmlsec-openssl-x509.html
+++ b/docs/api/xmlsec-openssl-x509.html
@@ -87,53 +87,53 @@
 <h1>
 <a name="XMLSEC-OPENSSL-X509"></a>x509</h1>
 <div class="REFNAMEDIV">
-<a name="AEN23700"></a><h2>Name</h2>x509 -- X509 certificates support implementation for OpenSSL.</div>
+<a name="AEN29746"></a><h2>Name</h2>x509 -- X509 certificates support implementation for OpenSSL.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-OPENSSL-X509.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509--CAPS">XMLSEC_STACK_OF_X509</a>
-#define             <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL--CAPS">XMLSEC_STACK_OF_X509_CRL</a>
-#define             <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ID">xmlSecOpenSSLKeyDataX509Id</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETKLASS">xmlSecOpenSSLKeyDataX509GetKlass</a>    (void);
-<font>X509</font>*               <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETKEYCERT">xmlSecOpenSSLKeyDataX509GetKeyCert</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTKEYCERT">xmlSecOpenSSLKeyDataX509AdoptKeyCert</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509</font> *cert);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTCERT">xmlSecOpenSSLKeyDataX509AdoptCert</a>   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509</font> *cert);
-<font>X509</font>*               <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCERT">xmlSecOpenSSLKeyDataX509GetCert</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCERTSSIZE">xmlSecOpenSSLKeyDataX509GetCertsSize</a>
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTCRL">xmlSecOpenSSLKeyDataX509AdoptCrl</a>    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509_CRL</font> *crl);
-<font>X509_CRL</font>*           <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCRL">xmlSecOpenSSLKeyDataX509GetCrl</a>      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);
-<a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCRLSSIZE">xmlSecOpenSSLKeyDataX509GetCrlsSize</a> (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);
-<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509CERTGETKEY">xmlSecOpenSSLX509CertGetKey</a>         (<font>X509</font> *cert);
+<pre class="SYNOPSIS">#define             <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509:CAPS">XMLSEC_STACK_OF_X509</a>
+#define             <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL:CAPS">XMLSEC_STACK_OF_X509_CRL</a>
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATARAWX509CERTGETKLASS">xmlSecOpenSSLKeyDataRawX509CertGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATARAWX509CERTID">xmlSecOpenSSLKeyDataRawX509CertId</a>
-<font>xmlSecKeyDataId</font>     <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATARAWX509CERTGETKLASS">xmlSecOpenSSLKeyDataRawX509CertGetKlass</a>
-                                                        (void);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTCERT">xmlSecOpenSSLKeyDataX509AdoptCert</a>   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTCRL">xmlSecOpenSSLKeyDataX509AdoptCrl</a>    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509-CRL:CAPS"><span class="TYPE">X509_CRL</span></gtkdoclink> *crl</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ADOPTKEYCERT">xmlSecOpenSSLKeyDataX509AdoptKeyCert</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCERT">xmlSecOpenSSLKeyDataX509GetCert</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCERTSSIZE">xmlSecOpenSSLKeyDataX509GetCertsSize</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="X509-CRL:CAPS"><span class="RETURNVALUE">X509_CRL</span></gtkdoclink> *          <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCRL">xmlSecOpenSSLKeyDataX509GetCrl</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);
+<a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETCRLSSIZE">xmlSecOpenSSLKeyDataX509GetCrlsSize</a> (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETKEYCERT">xmlSecOpenSSLKeyDataX509GetKeyCert</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);
+<gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509GETKLASS">xmlSecOpenSSLKeyDataX509GetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLKEYDATAX509ID">xmlSecOpenSSLKeyDataX509Id</a>
+<a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509CERTGETKEY">xmlSecOpenSSLX509CertGetKey</a>         (<code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADDCERTSFILE">xmlSecOpenSSLX509StoreAddCertsFile</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADDCERTSPATH">xmlSecOpenSSLX509StoreAddCertsPath</a>  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *path</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADOPTCERT">xmlSecOpenSSLX509StoreAdoptCert</a>     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADOPTCRL">xmlSecOpenSSLX509StoreAdoptCrl</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509-CRL:CAPS"><span class="TYPE">X509_CRL</span></gtkdoclink> *crl</code>);
+<gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREFINDCERT">xmlSecOpenSSLX509StoreFindCert</a>      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *subjectName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerSerial</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ski</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);
+<gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink><a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREGETKLASS">xmlSecOpenSSLX509StoreGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREID">xmlSecOpenSSLX509StoreId</a>
-<font>xmlSecKeyDataStoreId</font>  <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREGETKLASS">xmlSecOpenSSLX509StoreGetKlass</a>    (void);
-<font>X509</font>*               <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREFINDCERT">xmlSecOpenSSLX509StoreFindCert</a>      (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>X509</font>*               <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREVERIFY">xmlSecOpenSSLX509StoreVerify</a>        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509--CAPS">XMLSEC_STACK_OF_X509</a> *certs,
-                                                         <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL--CAPS">XMLSEC_STACK_OF_X509_CRL</a> *crls,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADOPTCERT">xmlSecOpenSSLX509StoreAdoptCert</a>     (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>X509</font> *cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADOPTCRL">xmlSecOpenSSLX509StoreAdoptCrl</a>      (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>X509_CRL</font> *crl);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADDCERTSPATH">xmlSecOpenSSLX509StoreAddCertsPath</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         const <font>char</font> *path);
-<font>int</font>                 <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREADDCERTSFILE">xmlSecOpenSSLX509StoreAddCertsFile</a>  (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         const <font>char</font> *file);</pre>
+<gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              <a href="xmlsec-openssl-x509.html#XMLSECOPENSSLX509STOREVERIFY">xmlSecOpenSSLX509StoreVerify</a>        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509:CAPS"><span class="TYPE">XMLSEC_STACK_OF_X509</span></a> *certs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL:CAPS"><span class="TYPE">XMLSEC_STACK_OF_X509_CRL</span></a> *crls</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-X509.DESCRIPTION"></a><h2>Description</h2>
@@ -142,123 +142,120 @@
 <div class="REFSECT1">
 <a name="XMLSEC-OPENSSL-X509.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-STACK-OF-X509--CAPS"></a><h3>XMLSEC_STACK_OF_X509</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_STACK_OF_X509		STACK_OF(X509)</pre>
+<a name="XMLSEC-STACK-OF-X509:CAPS"></a><h3>XMLSEC_STACK_OF_X509</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_STACK_OF_X509            STACK_OF(X509)</pre>
 <p>Macro. To make docbook happy.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-STACK-OF-X509-CRL--CAPS"></a><h3>XMLSEC_STACK_OF_X509_CRL</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_STACK_OF_X509_CRL	STACK_OF(X509_CRL)</pre>
+<a name="XMLSEC-STACK-OF-X509-CRL:CAPS"></a><h3>XMLSEC_STACK_OF_X509_CRL</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_STACK_OF_X509_CRL        STACK_OF(X509_CRL)</pre>
 <p>Macro. To make docbook happy.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509ID"></a><h3>xmlSecOpenSSLKeyDataX509Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataX509Id</pre>
-<p>The OpenSSL X509 data klass.</p>
+<a name="XMLSECOPENSSLKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecOpenSSLKeyDataRawX509CertGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataRawX509CertGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The raw X509 certificates key data klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN29944"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>raw X509 certificates key data klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509GETKLASS"></a><h3>xmlSecOpenSSLKeyDataX509GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataX509GetKlass    (void);</pre>
-<p>The OpenSSL X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN23817"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the X509 data klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECOPENSSLKEYDATARAWX509CERTID"></a><h3>xmlSecOpenSSLKeyDataRawX509CertId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataRawX509CertId</pre>
+<p>The OpenSSL raw X509 certificate klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509GETKEYCERT"></a><h3>xmlSecOpenSSLKeyDataX509GetKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>X509</font>*               xmlSecOpenSSLKeyDataX509GetKeyCert  (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
-<p>Gets the certificate from which the key was extracted.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAX509ADOPTCERT"></a><h3>xmlSecOpenSSLKeyDataX509AdoptCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataX509AdoptCert   (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);</pre>
+<p>Adds certificate to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23832"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29970"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23837"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the key's certificate or NULL if key data was not used for key
-extraction or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN29975"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL X509 certificate.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN29980"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecOpenSSLKeyDataX509AdoptKeyCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataX509AdoptKeyCert
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509</font> *cert);</pre>
-<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAX509ADOPTCRL"></a><h3>xmlSecOpenSSLKeyDataX509AdoptCrl ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataX509AdoptCrl    (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509-CRL:CAPS"><span class="TYPE">X509_CRL</span></gtkdoclink> *crl</code>);</pre>
+<p>Adds CRL to the X509 key data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23854"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30000"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23859"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30005"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL X509 CRL.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23864"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30010"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509ADOPTCERT"></a><h3>xmlSecOpenSSLKeyDataX509AdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataX509AdoptCert   (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509</font> *cert);</pre>
-<p>Adds certificate to the X509 key data.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAX509ADOPTKEYCERT"></a><h3>xmlSecOpenSSLKeyDataX509AdoptKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLKeyDataX509AdoptKeyCert
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);</pre>
+<p>Sets the key's certificate in <code class="PARAMETER">data</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23880"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30031"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23885"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30036"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23890"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30041"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLKEYDATAX509GETCERT"></a><h3>xmlSecOpenSSLKeyDataX509GetCert ()</h3>
-<pre class="PROGRAMLISTING"><font>X509</font>*               xmlSecOpenSSLKeyDataX509GetCert     (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              xmlSecOpenSSLKeyDataX509GetCert     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a certificate from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23906"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30061"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23911"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30066"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23916"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the 
+<td align="LEFT" valign="TOP"><a name="AEN30071"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to certificate or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of certificates in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -266,65 +263,40 @@ number of certificates in <code class="PARAMETER">data</code> or an error occurs
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLKEYDATAX509GETCERTSSIZE"></a><h3>xmlSecOpenSSLKeyDataX509GetCertsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecOpenSSLKeyDataX509GetCertsSize
-                                                        (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecOpenSSLKeyDataX509GetCertsSize
+                                                        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of certificates in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23934"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30091"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23939"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of certificates in <code class="PARAMETER">data</code>.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATAX509ADOPTCRL"></a><h3>xmlSecOpenSSLKeyDataX509AdoptCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLKeyDataX509AdoptCrl    (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <font>X509_CRL</font> *crl);</pre>
-<p>Adds CRL to the X509 key data.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23956"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23961"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL X509 CRL.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN23966"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30096"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of certificates in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLKEYDATAX509GETCRL"></a><h3>xmlSecOpenSSLKeyDataX509GetCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>X509_CRL</font>*           xmlSecOpenSSLKeyDataX509GetCrl      (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> pos);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="X509-CRL:CAPS"><span class="RETURNVALUE">X509_CRL</span></gtkdoclink> *          xmlSecOpenSSLKeyDataX509GetCrl      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> pos</code>);</pre>
 <p>Gets a CRL from X509 key data.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23982"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30117"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23987"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired CRL position.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30122"><span style="white-space: nowrap"><code class="PARAMETER">pos</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired CRL position.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN23992"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the 
+<td align="LEFT" valign="TOP"><a name="AEN30127"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to CRL or NULL if <code class="PARAMETER">pos</code> is larger than the
 number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -332,251 +304,256 @@ number of CRLs in <code class="PARAMETER">data</code> or an error occurs.</p></t
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLKEYDATAX509GETCRLSSIZE"></a><h3>xmlSecOpenSSLKeyDataX509GetCrlsSize ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>          xmlSecOpenSSLKeyDataX509GetCrlsSize (<a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a> data);</pre>
+<pre class="PROGRAMLISTING"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="RETURNVALUE">xmlSecSize</span></a>          xmlSecOpenSSLKeyDataX509GetCrlsSize (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
 <p>Gets the number of CRLs in <code class="PARAMETER">data</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24010"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30147"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24015"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30152"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>te number of CRLs in <code class="PARAMETER">data</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509CERTGETKEY"></a><h3>xmlSecOpenSSLX509CertGetKey ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA">xmlSecKeyDataPtr</a>    xmlSecOpenSSLX509CertGetKey         (<font>X509</font> *cert);</pre>
-<p>Extracts public key from the <code class="PARAMETER">cert</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAX509GETKEYCERT"></a><h3>xmlSecOpenSSLKeyDataX509GetKeyCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              xmlSecOpenSSLKeyDataX509GetKeyCert  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="TYPE">xmlSecKeyDataPtr</span></a> data</code>);</pre>
+<p>Gets the certificate from which the key was extracted.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24032"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30170"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24037"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> public key value or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30175"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key's certificate or NULL if key data was not used for key
+extraction or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARAWX509CERTID"></a><h3>xmlSecOpenSSLKeyDataRawX509CertId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataRawX509CertId</pre>
-<p>The OpenSSL raw X509 certificate klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLKEYDATARAWX509CERTGETKLASS"></a><h3>xmlSecOpenSSLKeyDataRawX509CertGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataId</font>     xmlSecOpenSSLKeyDataRawX509CertGetKlass
-                                                        (void);</pre>
-<p>The raw X509 certificates key data klass.</p>
-<p></p>
+<a name="XMLSECOPENSSLKEYDATAX509GETKLASS"></a><h3>xmlSecOpenSSLKeyDataX509GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATAID"><span class="RETURNVALUE">xmlSecKeyDataId</span></gtkdoclink>     xmlSecOpenSSLKeyDataX509GetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The OpenSSL X509 key data klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-X509DATA"><span class="TYPE">sec-X509Data</span></gtkdoclink>).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24058"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> raw X509 certificates key data klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30193"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the X509 data klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREID"></a><h3>xmlSecOpenSSLX509StoreId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLX509StoreId</pre>
-<p>The OpenSSL X509 store klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREGETKLASS"></a><h3>xmlSecOpenSSLX509StoreGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecKeyDataStoreId</font>  xmlSecOpenSSLX509StoreGetKlass    (void);</pre>
-<p>The OpenSSL X509 certificates key data store klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN24079"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to OpenSSL X509 certificates key data store klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECOPENSSLKEYDATAX509ID"></a><h3>xmlSecOpenSSLKeyDataX509Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLKeyDataX509Id</pre>
+<p>The OpenSSL X509 data klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREFINDCERT"></a><h3>xmlSecOpenSSLX509StoreFindCert ()</h3>
-<pre class="PROGRAMLISTING"><font>X509</font>*               xmlSecOpenSSLX509StoreFindCert      (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>xmlChar</font> *subjectName,
-                                                         <font>xmlChar</font> *issuerName,
-                                                         <font>xmlChar</font> *issuerSerial,
-                                                         <font>xmlChar</font> *ski,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Searches <code class="PARAMETER">store</code> for a certificate that matches given criteria.</p>
-<p></p>
+<a name="XMLSECOPENSSLX509CERTGETKEY"></a><h3>xmlSecOpenSSLX509CertGetKey ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-keysdata.html#XMLSECKEYDATA"><span class="RETURNVALUE">xmlSecKeyDataPtr</span></a>    xmlSecOpenSSLX509CertGetKey         (<code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>);</pre>
+<p>Extracts public key from the <code class="PARAMETER">cert</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24100"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24105"><span style="white-space: nowrap"><code class="PARAMETER">subjectName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the desired certificate name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24110"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate issuer name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30217"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24115"><span style="white-space: nowrap"><code class="PARAMETER">issuerSerial</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the desired certificate issuer serial number.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30222"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>public key value or NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLX509STOREADDCERTSFILE"></a><h3>xmlSecOpenSSLX509StoreAddCertsFile ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLX509StoreAddCertsFile  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *file</code>);</pre>
+<p>Adds all certs in <code class="PARAMETER">file</code> to the list of trusted certs
+in <code class="PARAMETER">store</code>. It is possible for <code class="PARAMETER">file</code> to contain multiple certs.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24120"><span style="white-space: nowrap"><code class="PARAMETER">ski</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired certificate SKI.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30245"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL x509 store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24125"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30250"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certs file.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24131"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to found certificate or NULL if certificate is not found
-or an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30255"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREVERIFY"></a><h3>xmlSecOpenSSLX509StoreVerify ()</h3>
-<pre class="PROGRAMLISTING"><font>X509</font>*               xmlSecOpenSSLX509StoreVerify        (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509--CAPS">XMLSEC_STACK_OF_X509</a> *certs,
-                                                         <a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL--CAPS">XMLSEC_STACK_OF_X509_CRL</a> *crls,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> *keyInfoCtx);</pre>
-<p>Verifies <code class="PARAMETER">certs</code> list.</p>
-<p></p>
+<a name="XMLSECOPENSSLX509STOREADDCERTSPATH"></a><h3>xmlSecOpenSSLX509StoreAddCertsPath ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLX509StoreAddCertsPath  (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *path</code>);</pre>
+<p>Adds all certs in the <code class="PARAMETER">path</code> to the list of trusted certs
+in <code class="PARAMETER">store</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24150"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24155"><span style="white-space: nowrap"><code class="PARAMETER">certs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the untrusted certificates stack.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN24160"><span style="white-space: nowrap"><code class="PARAMETER">crls</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the crls stack.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30277"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL x509 store.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24165"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30282"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the path to the certs dir.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24171"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the first verified certificate from <code class="PARAMETER">certs</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30287"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLX509STOREADOPTCERT"></a><h3>xmlSecOpenSSLX509StoreAdoptCert ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLX509StoreAdoptCert     (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>X509</font> *cert,
-                                                         <a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE">xmlSecKeyDataType</a> type);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLX509StoreAdoptCert     (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509:CAPS"><span class="TYPE">X509</span></gtkdoclink> *cert</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATATYPE"><span class="TYPE">xmlSecKeyDataType</span></a> type</code>);</pre>
 <p>Adds trusted (root) or untrusted certificate to the store.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24189"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30310"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24194"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL X509 certificate.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30315"><span style="white-space: nowrap"><code class="PARAMETER">cert</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL X509 certificate.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24199"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the certificate type (trusted/untrusted).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30320"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the certificate type (trusted/untrusted).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24204"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30325"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECOPENSSLX509STOREADOPTCRL"></a><h3>xmlSecOpenSSLX509StoreAdoptCrl ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLX509StoreAdoptCrl      (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         <font>X509_CRL</font> *crl);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecOpenSSLX509StoreAdoptCrl      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="X509-CRL:CAPS"><span class="TYPE">X509_CRL</span></gtkdoclink> *crl</code>);</pre>
 <p>Adds X509 CRL to the store.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24220"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to X509 key data store klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30345"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24225"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to OpenSSL X509_CRL.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30350"><span style="white-space: nowrap"><code class="PARAMETER">crl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to OpenSSL X509_CRL.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24230"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30355"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREADDCERTSPATH"></a><h3>xmlSecOpenSSLX509StoreAddCertsPath ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLX509StoreAddCertsPath  (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         const <font>char</font> *path);</pre>
-<p>Adds all certs in the <code class="PARAMETER">path</code> to the list of trusted certs
-in <code class="PARAMETER">store</code>.</p>
-<p></p>
+<a name="XMLSECOPENSSLX509STOREFINDCERT"></a><h3>xmlSecOpenSSLX509StoreFindCert ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              xmlSecOpenSSLX509StoreFindCert      (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *subjectName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerSerial</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ski</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
+<p>Searches <code class="PARAMETER">store</code> for a certificate that matches given criteria.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24248"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to OpenSSL x509 store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30388"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30393"><span style="white-space: nowrap"><code class="PARAMETER">subjectName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24253"><span style="white-space: nowrap"><code class="PARAMETER">path</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the path to the certs dir.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30398"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate issuer name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24258"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30403"><span style="white-space: nowrap"><code class="PARAMETER">issuerSerial</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate issuer serial number.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30408"><span style="white-space: nowrap"><code class="PARAMETER">ski</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired certificate SKI.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30413"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30419"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to found certificate or NULL if certificate is not found
+or an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECOPENSSLX509STOREADDCERTSFILE"></a><h3>xmlSecOpenSSLX509StoreAddCertsFile ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecOpenSSLX509StoreAddCertsFile  (<a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE">xmlSecKeyDataStorePtr</a> store,
-                                                         const <font>char</font> *file);</pre>
-<p>Adds all certs in <code class="PARAMETER">file</code> to the list of trusted certs
-in <code class="PARAMETER">store</code>. It is possible for <code class="PARAMETER">file</code> to contain multiple certs.</p>
+<a name="XMLSECOPENSSLX509STOREGETKLASS"></a><h3>xmlSecOpenSSLX509StoreGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECKEYDATASTOREID"><span class="RETURNVALUE">xmlSecKeyDataStoreId</span></gtkdoclink> xmlSecOpenSSLX509StoreGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The OpenSSL X509 certificates key data store klass.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN30435"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to OpenSSL X509 certificates key data store klass.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLX509STOREID"></a><h3>xmlSecOpenSSLX509StoreId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecOpenSSLX509StoreId</pre>
+<p>The OpenSSL X509 store klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECOPENSSLX509STOREVERIFY"></a><h3>xmlSecOpenSSLX509StoreVerify ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="X509:CAPS"><span class="RETURNVALUE">X509</span></gtkdoclink> *              xmlSecOpenSSLX509StoreVerify        (<code class="PARAMETER"><a href="xmlsec-keysdata.html#XMLSECKEYDATASTORE"><span class="TYPE">xmlSecKeyDataStorePtr</span></a> store</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509:CAPS"><span class="TYPE">XMLSEC_STACK_OF_X509</span></a> *certs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-openssl-x509.html#XMLSEC-STACK-OF-X509-CRL:CAPS"><span class="TYPE">XMLSEC_STACK_OF_X509_CRL</span></a> *crls</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> *keyInfoCtx</code>);</pre>
+<p>Verifies <code class="PARAMETER">certs</code> list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24277"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to OpenSSL x509 store.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30468"><span style="white-space: nowrap"><code class="PARAMETER">store</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to X509 key data store klass.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30473"><span style="white-space: nowrap"><code class="PARAMETER">certs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the untrusted certificates stack.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN30478"><span style="white-space: nowrap"><code class="PARAMETER">crls</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the crls stack.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24282"><span style="white-space: nowrap"><code class="PARAMETER">file</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the certs file.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30483"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN24287"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN30489"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the first verified certificate from <code class="PARAMETER">certs</code>.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-parser.html b/docs/api/xmlsec-parser.html
index 6138abc9..d2e2bc94 100644
--- a/docs/api/xmlsec-parser.html
+++ b/docs/api/xmlsec-parser.html
@@ -87,21 +87,21 @@
 <h1>
 <a name="XMLSEC-PARSER"></a>parser</h1>
 <div class="REFNAMEDIV">
-<a name="AEN12089"></a><h2>Name</h2>parser -- Parser transform implementation.</div>
+<a name="AEN14771"></a><h2>Name</h2>parser -- Parser transform implementation.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-PARSER.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>xmlDocPtr</font>           <a href="xmlsec-parser.html#XMLSECPARSEFILE">xmlSecParseFile</a>                     (const <font>char</font> *filename);
-<font>xmlDocPtr</font>           <a href="xmlsec-parser.html#XMLSECPARSEMEMORY">xmlSecParseMemory</a>                   (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size,
-                                                         <font>int</font> recovery);
-<font>xmlDocPtr</font>           <a href="xmlsec-parser.html#XMLSECPARSEMEMORYEXT">xmlSecParseMemoryExt</a>                (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> prefixSize,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufferSize,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *postfix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> postfixSize);
-#define             <a href="xmlsec-parser.html#XMLSECTRANSFORMXMLPARSERID">xmlSecTransformXmlParserId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-parser.html#XMLSECTRANSFORMXMLPARSERGETKLASS">xmlSecTransformXmlParserGetKlass</a>    (void);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink><a href="xmlsec-parser.html#XMLSECPARSEFILE">xmlSecParseFile</a>                     (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);
+<gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink><a href="xmlsec-parser.html#XMLSECPARSEMEMORY">xmlSecParseMemory</a>                   (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> recovery</code>);
+<gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink><a href="xmlsec-parser.html#XMLSECPARSEMEMORYEXT">xmlSecParseMemoryExt</a>                (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> prefixSize</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufferSize</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *postfix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> postfixSize</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-parser.html#XMLSECTRANSFORMXMLPARSERGETKLASS">xmlSecTransformXmlParserGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-parser.html#XMLSECTRANSFORMXMLPARSERID">xmlSecTransformXmlParserId</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-PARSER.DESCRIPTION"></a><h2>Description</h2>
@@ -111,113 +111,108 @@
 <a name="XMLSEC-PARSER.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
 <a name="XMLSECPARSEFILE"></a><h3>xmlSecParseFile ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlDocPtr</font>           xmlSecParseFile                     (const <font>char</font> *filename);</pre>
-<p>Loads XML Doc from file <code class="PARAMETER">filename</code>. We need a special version because of 
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink>           xmlSecParseFile                     (<code class="PARAMETER">const <gtkdoclink href="CHAR"><span class="TYPE">char</span></gtkdoclink> *filename</code>);</pre>
+<p>Loads XML Doc from file <code class="PARAMETER">filename</code>. We need a special version because of
 c14n issue. The code is copied from <gtkdoclink href="XMLSAXPARSEFILEWITHDATA"><code class="FUNCTION">xmlSAXParseFileWithData()</code></gtkdoclink> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12132"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the filename.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14842"><span style="white-space: nowrap"><code class="PARAMETER">filename</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the filename.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12137"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the loaded XML document or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14847"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the loaded XML document or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECPARSEMEMORY"></a><h3>xmlSecParseMemory ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlDocPtr</font>           xmlSecParseMemory                   (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size,
-                                                         <font>int</font> recovery);</pre>
-<p>Loads XML Doc from memory. We need a special version because of 
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink>           xmlSecParseMemory                   (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> recovery</code>);</pre>
+<p>Loads XML Doc from memory. We need a special version because of
 c14n issue. The code is copied from <gtkdoclink href="XMLSAXPARSEMEMORY"><code class="FUNCTION">xmlSAXParseMemory()</code></gtkdoclink> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12156"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14872"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12161"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the input buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14877"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12166"><span style="white-space: nowrap"><code class="PARAMETER">recovery</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the flag.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14882"><span style="white-space: nowrap"><code class="PARAMETER">recovery</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12171"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the loaded XML document or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14887"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the loaded XML document or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECPARSEMEMORYEXT"></a><h3>xmlSecParseMemoryExt ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlDocPtr</font>           xmlSecParseMemoryExt                (const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> prefixSize,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bufferSize,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *postfix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> postfixSize);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink>           xmlSecParseMemoryExt                (<code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> prefixSize</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bufferSize</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *postfix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> postfixSize</code>);</pre>
 <p>Loads XML Doc from 3 chunks of memory: <code class="PARAMETER">prefix</code>, <code class="PARAMETER">buffer</code> and <code class="PARAMETER">postfix</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12194"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the first part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14922"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the first part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12199"><span style="white-space: nowrap"><code class="PARAMETER">prefixSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the size of the first part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14927"><span style="white-space: nowrap"><code class="PARAMETER">prefixSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the first part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12204"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the second part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14932"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the second part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12209"><span style="white-space: nowrap"><code class="PARAMETER">bufferSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the size of the second part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14937"><span style="white-space: nowrap"><code class="PARAMETER">bufferSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the second part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12214"><span style="white-space: nowrap"><code class="PARAMETER">postfix</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the third part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14942"><span style="white-space: nowrap"><code class="PARAMETER">postfix</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the third part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12219"><span style="white-space: nowrap"><code class="PARAMETER">postfixSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the size of the third part of the input.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14947"><span style="white-space: nowrap"><code class="PARAMETER">postfixSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the third part of the input.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12224"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the loaded XML document or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14952"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the loaded XML document or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXMLPARSERID"></a><h3>xmlSecTransformXmlParserId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformXmlParserId</pre>
-<p>The XML Parser transform klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECTRANSFORMXMLPARSERGETKLASS"></a><h3>xmlSecTransformXmlParserGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformXmlParserGetKlass    (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformXmlParserGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>The XML parser transform.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN12245"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> XML parser transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN14968"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>XML parser transform klass.</p></td>
 </tr></tbody></table>
 </div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMXMLPARSERID"></a><h3>xmlSecTransformXmlParserId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformXmlParserId</pre>
+<p>The XML Parser transform klass.</p>
+</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-nodeset.html"><b>&lt;&lt;&lt; nodeset</b></a></td>
diff --git a/docs/api/xmlsec-reference.html b/docs/api/xmlsec-reference.html
index bafcc156..0efbc524 100644
--- a/docs/api/xmlsec-reference.html
+++ b/docs/api/xmlsec-reference.html
@@ -90,6 +90,7 @@
 <dt><a href="xmlsec-ref.html">XML Security Core Library API Reference.</a></dt>
 <dt><a href="xmlsec-openssl-ref.html">XML Security Library for OpenSLL API Reference.</a></dt>
 <dt><a href="xmlsec-gnutls-ref.html">XML Security Library for GnuTLS API Reference.</a></dt>
+<dt><a href="xmlsec-gcrypt-ref.html">XML Security Library for GCrypt API Reference.</a></dt>
 <dt><a href="xmlsec-nss-ref.html">XML Security Library for NSS API Reference.</a></dt>
 <dt><a href="xmlsec-mscrypto-ref.html">XML Security Library for MSCrypto API Reference.</a></dt>
 <dt><a href="xmlsec-index.html">XML Security Library Reference Index</a></dt>
diff --git a/docs/api/xmlsec-templates.html b/docs/api/xmlsec-templates.html
index d9cc96ce..4c6c6c22 100644
--- a/docs/api/xmlsec-templates.html
+++ b/docs/api/xmlsec-templates.html
@@ -87,121 +87,121 @@
 <h1>
 <a name="XMLSEC-TEMPLATES"></a>templates</h1>
 <div class="REFNAMEDIV">
-<a name="AEN12255"></a><h2>Name</h2>templates -- Dynamic templates creation functions.</div>
+<a name="AEN14984"></a><h2>Name</h2>templates -- Dynamic templates creation functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-TEMPLATES.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS"><font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATURECREATE">xmlSecTmplSignatureCreate</a>           (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> c14nMethodId,
-                                                         <font>xmlSecTransformId</font> signMethodId,
-                                                         const <font>xmlChar</font> *id);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATURECREATENSPREF">xmlSecTmplSignatureCreateNsPref</a>     (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> c14nMethodId,
-                                                         <font>xmlSecTransformId</font> signMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *nsPrefix);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREENSUREKEYINFO">xmlSecTmplSignatureEnsureKeyInfo</a>    (<font>xmlNodePtr</font> signNode,
-                                                         const <font>xmlChar</font> *id);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREADDREFERENCE">xmlSecTmplSignatureAddReference</a>     (<font>xmlNodePtr</font> signNode,
-                                                         <font>xmlSecTransformId</font> digestMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREADDOBJECT">xmlSecTmplSignatureAddObject</a>        (<font>xmlNodePtr</font> signNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *mimeType,
-                                                         const <font>xmlChar</font> *encoding);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREGETSIGNMETHODNODE">xmlSecTmplSignatureGetSignMethodNode</a>
-                                                        (<font>xmlNodePtr</font> signNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREGETC14NMETHODNODE">xmlSecTmplSignatureGetC14NMethodNode</a>
-                                                        (<font>xmlNodePtr</font> signNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLREFERENCEADDTRANSFORM">xmlSecTmplReferenceAddTransform</a>     (<font>xmlNodePtr</font> referenceNode,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLOBJECTADDSIGNPROPERTIES">xmlSecTmplObjectAddSignProperties</a>   (<font>xmlNodePtr</font> objectNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *target);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLOBJECTADDMANIFEST">xmlSecTmplObjectAddManifest</a>         (<font>xmlNodePtr</font> objectNode,
-                                                         const <font>xmlChar</font> *id);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLMANIFESTADDREFERENCE">xmlSecTmplManifestAddReference</a>      (<font>xmlNodePtr</font> manifestNode,
-                                                         <font>xmlSecTransformId</font> digestMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATACREATE">xmlSecTmplEncDataCreate</a>             (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> encMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *mimeType,
-                                                         const <font>xmlChar</font> *encoding);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSUREKEYINFO">xmlSecTmplEncDataEnsureKeyInfo</a>      (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSUREENCPROPERTIES">xmlSecTmplEncDataEnsureEncProperties</a>
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAADDENCPROPERTY">xmlSecTmplEncDataAddEncProperty</a>     (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *target);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSURECIPHERVALUE">xmlSecTmplEncDataEnsureCipherValue</a>  (<font>xmlNodePtr</font> encNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSURECIPHERREFERENCE">xmlSecTmplEncDataEnsureCipherReference</a>
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLENCDATAGETENCMETHODNODE">xmlSecTmplEncDataGetEncMethodNode</a>   (<font>xmlNodePtr</font> encNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLCIPHERREFERENCEADDTRANSFORM">xmlSecTmplCipherReferenceAddTransform</a>
-                                                        (<font>xmlNodePtr</font> cipherReferenceNode,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLREFERENCELISTADDDATAREFERENCE">xmlSecTmplReferenceListAddDataReference</a>
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLREFERENCELISTADDKEYREFERENCE">xmlSecTmplReferenceListAddKeyReference</a>
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDKEYNAME">xmlSecTmplKeyInfoAddKeyName</a>         (<font>xmlNodePtr</font> keyInfoNode,
-                                                         const <font>xmlChar</font> *name);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDKEYVALUE">xmlSecTmplKeyInfoAddKeyValue</a>        (<font>xmlNodePtr</font> keyInfoNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDX509DATA">xmlSecTmplKeyInfoAddX509Data</a>        (<font>xmlNodePtr</font> keyInfoNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDRETRIEVALMETHOD">xmlSecTmplKeyInfoAddRetrievalMethod</a> (<font>xmlNodePtr</font> keyInfoNode,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLRETRIEVALMETHODADDTRANSFORM">xmlSecTmplRetrievalMethodAddTransform</a>
-                                                        (<font>xmlNodePtr</font> retrMethodNode,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDENCRYPTEDKEY">xmlSecTmplKeyInfoAddEncryptedKey</a>    (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <font>xmlSecTransformId</font> encMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *recipient);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDISSUERSERIAL">xmlSecTmplX509DataAddIssuerSerial</a>   (<font>xmlNodePtr</font> x509DataNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509ISSUERSERIALADDISSUERNAME">xmlSecTmplX509IssuerSerialAddIssuerName</a>
-                                                        (<font>xmlNodePtr</font> x509IssuerSerialNode,
-                                                         const <font>xmlChar</font> *issuerName);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509ISSUERSERIALADDSERIALNUMBER">xmlSecTmplX509IssuerSerialAddSerialNumber</a>
-                                                        (<font>xmlNodePtr</font> x509IssuerSerialNode,
-                                                         const <font>xmlChar</font> *serial);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDSUBJECTNAME">xmlSecTmplX509DataAddSubjectName</a>    (<font>xmlNodePtr</font> x509DataNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDSKI">xmlSecTmplX509DataAddSKI</a>            (<font>xmlNodePtr</font> x509DataNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDCERTIFICATE">xmlSecTmplX509DataAddCertificate</a>    (<font>xmlNodePtr</font> x509DataNode);
-<font>xmlNodePtr</font>          <a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDCRL">xmlSecTmplX509DataAddCRL</a>            (<font>xmlNodePtr</font> x509DataNode);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDHMACOUTPUTLENGTH">xmlSecTmplTransformAddHmacOutputLength</a>
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bitsLen);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDRSAOAEPPARAM">xmlSecTmplTransformAddRsaOaepParam</a>  (<font>xmlNodePtr</font> transformNode,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXSLTSTYLESHEET">xmlSecTmplTransformAddXsltStylesheet</a>
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *xslt);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDC14NINCLNAMESPACES">xmlSecTmplTransformAddC14NInclNamespaces</a>
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *prefixList);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPATH">xmlSecTmplTransformAddXPath</a>         (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPATH2">xmlSecTmplTransformAddXPath2</a>        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);
-<font>int</font>                 <a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPOINTER">xmlSecTmplTransformAddXPointer</a>      (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);</pre>
+<pre class="SYNOPSIS"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLCIPHERREFERENCEADDTRANSFORM">xmlSecTmplCipherReferenceAddTransform</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cipherReferenceNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAADDENCPROPERTY">xmlSecTmplEncDataAddEncProperty</a>     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *target</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATACREATE">xmlSecTmplEncDataCreate</a>             (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> encMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *mimeType</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *encoding</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSURECIPHERREFERENCE">xmlSecTmplEncDataEnsureCipherReference</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSURECIPHERVALUE">xmlSecTmplEncDataEnsureCipherValue</a>  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSUREENCPROPERTIES">xmlSecTmplEncDataEnsureEncProperties</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAENSUREKEYINFO">xmlSecTmplEncDataEnsureKeyInfo</a>      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLENCDATAGETENCMETHODNODE">xmlSecTmplEncDataGetEncMethodNode</a>   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDENCRYPTEDKEY">xmlSecTmplKeyInfoAddEncryptedKey</a>    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> encMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *recipient</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDKEYNAME">xmlSecTmplKeyInfoAddKeyName</a>         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDKEYVALUE">xmlSecTmplKeyInfoAddKeyValue</a>        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDRETRIEVALMETHOD">xmlSecTmplKeyInfoAddRetrievalMethod</a> (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLKEYINFOADDX509DATA">xmlSecTmplKeyInfoAddX509Data</a>        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLMANIFESTADDREFERENCE">xmlSecTmplManifestAddReference</a>      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> manifestNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> digestMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLOBJECTADDMANIFEST">xmlSecTmplObjectAddManifest</a>         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> objectNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLOBJECTADDSIGNPROPERTIES">xmlSecTmplObjectAddSignProperties</a>   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> objectNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *target</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLREFERENCEADDTRANSFORM">xmlSecTmplReferenceAddTransform</a>     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> referenceNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLREFERENCELISTADDDATAREFERENCE">xmlSecTmplReferenceListAddDataReference</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLREFERENCELISTADDKEYREFERENCE">xmlSecTmplReferenceListAddKeyReference</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLRETRIEVALMETHODADDTRANSFORM">xmlSecTmplRetrievalMethodAddTransform</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> retrMethodNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREADDOBJECT">xmlSecTmplSignatureAddObject</a>        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *mimeType</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *encoding</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREADDREFERENCE">xmlSecTmplSignatureAddReference</a>     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> digestMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATURECREATE">xmlSecTmplSignatureCreate</a>           (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> c14nMethodId</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> signMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATURECREATENSPREF">xmlSecTmplSignatureCreateNsPref</a>     (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> c14nMethodId</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> signMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nsPrefix</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREENSUREKEYINFO">xmlSecTmplSignatureEnsureKeyInfo</a>    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREGETC14NMETHODNODE">xmlSecTmplSignatureGetC14NMethodNode</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLSIGNATUREGETSIGNMETHODNODE">xmlSecTmplSignatureGetSignMethodNode</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDC14NINCLNAMESPACES">xmlSecTmplTransformAddC14NInclNamespaces</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefixList</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDHMACOUTPUTLENGTH">xmlSecTmplTransformAddHmacOutputLength</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bitsLen</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDRSAOAEPPARAM">xmlSecTmplTransformAddRsaOaepParam</a>  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPATH">xmlSecTmplTransformAddXPath</a>         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPATH2">xmlSecTmplTransformAddXPath2</a>        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXPOINTER">xmlSecTmplTransformAddXPointer</a>      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLTRANSFORMADDXSLTSTYLESHEET">xmlSecTmplTransformAddXsltStylesheet</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *xslt</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDCRL">xmlSecTmplX509DataAddCRL</a>            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDCERTIFICATE">xmlSecTmplX509DataAddCertificate</a>    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDISSUERSERIAL">xmlSecTmplX509DataAddIssuerSerial</a>   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDSKI">xmlSecTmplX509DataAddSKI</a>            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509DATAADDSUBJECTNAME">xmlSecTmplX509DataAddSubjectName</a>    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509ISSUERSERIALADDISSUERNAME">xmlSecTmplX509IssuerSerialAddIssuerName</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509IssuerSerialNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>);
+<gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-templates.html#XMLSECTMPLX509ISSUERSERIALADDSERIALNUMBER">xmlSecTmplX509IssuerSerialAddSerialNumber</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509IssuerSerialNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *serial</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-TEMPLATES.DESCRIPTION"></a><h2>Description</h2>
@@ -210,588 +210,473 @@
 <div class="REFSECT1">
 <a name="XMLSEC-TEMPLATES.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATURECREATE"></a><h3>xmlSecTmplSignatureCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureCreate           (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> c14nMethodId,
-                                                         <font>xmlSecTransformId</font> signMethodId,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Creates new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with the mandatory <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>, 
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> and 
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> children and sub-children. 
-The application is responsible for inserting the returned node
-in the XML document.</p>
-<p></p>
+<a name="XMLSECTMPLCIPHERREFERENCEADDTRANSFORM"></a><h3>xmlSecTmplCipherReferenceAddTransform ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplCipherReferenceAddTransform
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cipherReferenceNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node (and the parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node)
+with specified transform methods <code class="PARAMETER">transform</code> to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a>
+child node of the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12465"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to signature document or NULL; in the 
-		second case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code>
-		to ensure that all the children nodes have correct 
-		pointer to XML document.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12471"><span style="white-space: nowrap"><code class="PARAMETER">c14nMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the signature canonicalization method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15436"><span style="white-space: nowrap"><code class="PARAMETER">cipherReferenceNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12476"><span style="white-space: nowrap"><code class="PARAMETER">signMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the signature  method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15442"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform id.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12481"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12486"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node or NULL if an 
-error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15447"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATURECREATENSPREF"></a><h3>xmlSecTmplSignatureCreateNsPref ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureCreateNsPref     (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> c14nMethodId,
-                                                         <font>xmlSecTransformId</font> signMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *nsPrefix);</pre>
-<p>Creates new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with the mandatory
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a>,
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> and <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> children and
-sub-children. This method differs from xmlSecTmplSignatureCreate in
-that it will define the http://www.w3.org/2000/09/xmldsig#
-namespace with the given prefix that will be used for all of the
-appropriate child nodes.  The application is responsible for
-inserting the returned node in the XML document.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAADDENCPROPERTY"></a><h3>xmlSecTmplEncDataAddEncProperty ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataAddEncProperty     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *target</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperty" target="_top">&lt;enc:EncryptionProperty/&gt;</a> node (and the parent
+<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node if required) to the
+<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12511"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to signature document or NULL; in the 
-		second case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code>
-		to ensure that all the children nodes have correct 
-		pointer to XML document.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12517"><span style="white-space: nowrap"><code class="PARAMETER">c14nMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the signature canonicalization method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15475"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12522"><span style="white-space: nowrap"><code class="PARAMETER">signMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the signature  method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15481"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Id attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12527"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15486"><span style="white-space: nowrap"><code class="PARAMETER">target</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Target attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12532"><span style="white-space: nowrap"><code class="PARAMETER">nsPrefix</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the namespace prefix for the signature element (e.g. "dsig"), or NULL </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12537"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node or NULL if an 
-error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15491"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperty" target="_top">&lt;enc:EncryptionProperty/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATUREENSUREKEYINFO"></a><h3>xmlSecTmplSignatureEnsureKeyInfo ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureEnsureKeyInfo    (<font>xmlNodePtr</font> signNode,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Adds (if necessary) <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> 
-node <code class="PARAMETER">signNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATACREATE"></a><h3>xmlSecTmplEncDataCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataCreate             (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> encMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *mimeType</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *encoding</code>);</pre>
+<p>Creates new <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData%20" target="_top">&lt;enc:EncryptedData /&gt;</a> node for encryption template.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12557"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15525"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature document or NULL; in the later
+case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code> to ensure
+that all the children nodes have correct pointer to XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12563"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12568"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node or NULL if an 
-error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATUREADDREFERENCE"></a><h3>xmlSecTmplSignatureAddReference ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureAddReference     (<font>xmlNodePtr</font> signNode,
-                                                         <font>xmlSecTransformId</font> digestMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node with given URI (<code class="PARAMETER">uri</code>), Id (<code class="PARAMETER">id</code>) and 
-Type (<code class="PARAMETER">type</code>) attributes and the required children <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestMethod" target="_top">&lt;dsig:DigestMethod/&gt;</a> and
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top">&lt;dsig:DigestValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> child of <code class="PARAMETER">signNode</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12596"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15531"><span style="white-space: nowrap"><code class="PARAMETER">encMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the encryption method (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12602"><span style="white-space: nowrap"><code class="PARAMETER">digestMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the reference digest method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15536"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Id attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12607"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15541"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Type attribute (optional)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12612"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the reference node uri (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15546"><span style="white-space: nowrap"><code class="PARAMETER">mimeType</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the MimeType attribute (optional)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12617"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the reference node type (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15551"><span style="white-space: nowrap"><code class="PARAMETER">encoding</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Encoding attribute (optional)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12622"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node or NULL 
+<td align="LEFT" valign="TOP"><a name="AEN15556"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer newly created  <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node or NULL
 if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATUREADDOBJECT"></a><h3>xmlSecTmplSignatureAddObject ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureAddObject        (<font>xmlNodePtr</font> signNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *mimeType,
-                                                         const <font>xmlChar</font> *encoding);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node <code class="PARAMETER">signNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAENSURECIPHERREFERENCE"></a><h3>xmlSecTmplEncDataEnsureCipherReference ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataEnsureCipherReference
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node with specified URI attribute <code class="PARAMETER">uri</code>
+to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12644"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12650"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12655"><span style="white-space: nowrap"><code class="PARAMETER">mimeType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the object mime type (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15581"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12660"><span style="white-space: nowrap"><code class="PARAMETER">encoding</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the object encoding (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15587"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI attribute (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12665"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node or NULL 
-if an error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATUREGETSIGNMETHODNODE"></a><h3>xmlSecTmplSignatureGetSignMethodNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureGetSignMethodNode
-                                                        (<font>xmlNodePtr</font> signNode);</pre>
-<p>Gets pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> child of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12683"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature%20" target="_top">&lt;dsig:Signature /&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12689"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod%20" target="_top">&lt;dsig:SignatureMethod /&gt;</a> node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15592"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLSIGNATUREGETC14NMETHODNODE"></a><h3>xmlSecTmplSignatureGetC14NMethodNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplSignatureGetC14NMethodNode
-                                                        (<font>xmlNodePtr</font> signNode);</pre>
-<p>Gets pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a> child of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAENSURECIPHERVALUE"></a><h3>xmlSecTmplEncDataEnsureCipherValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataEnsureCipherValue  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12707"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature%20" target="_top">&lt;dsig:Signature /&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15613"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12713"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod%20" target="_top">&lt;dsig:CanonicalizationMethod /&gt;</a> node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15619"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLREFERENCEADDTRANSFORM"></a><h3>xmlSecTmplReferenceAddTransform ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplReferenceAddTransform     (<font>xmlNodePtr</font> referenceNode,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node <code class="PARAMETER">referenceNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAENSUREENCPROPERTIES"></a><h3>xmlSecTmplEncDataEnsureEncProperties ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataEnsureEncProperties
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12733"><span style="white-space: nowrap"><code class="PARAMETER">referenceNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15643"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12739"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform method id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15649"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Id attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12744"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node or NULL if an 
-error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15654"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLOBJECTADDSIGNPROPERTIES"></a><h3>xmlSecTmplObjectAddSignProperties ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplObjectAddSignProperties   (<font>xmlNodePtr</font> objectNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *target);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureProperties" target="_top">&lt;dsig:SignatureProperties/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node <code class="PARAMETER">objectNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAENSUREKEYINFO"></a><h3>xmlSecTmplEncDataEnsureKeyInfo ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataEnsureKeyInfo      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> to the  <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12765"><span style="white-space: nowrap"><code class="PARAMETER">objectNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15678"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12771"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15684"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Id attrbibute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12776"><span style="white-space: nowrap"><code class="PARAMETER">target</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Target  (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12781"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureProperties" target="_top">&lt;dsig:SignatureProperties/&gt;</a> node or NULL 
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15689"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLOBJECTADDMANIFEST"></a><h3>xmlSecTmplObjectAddManifest ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplObjectAddManifest         (<font>xmlNodePtr</font> objectNode,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node <code class="PARAMETER">objectNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLENCDATAGETENCMETHODNODE"></a><h3>xmlSecTmplEncDataGetEncMethodNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplEncDataGetEncMethodNode   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>);</pre>
+<p>Gets pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncrytpionMethod" target="_top">&lt;enc:EncrytpionMethod/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12801"><span style="white-space: nowrap"><code class="PARAMETER">objectNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15708"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EcnryptedData%20" target="_top">&lt;enc:EcnryptedData /&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12807"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12812"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node or NULL 
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15714"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod%20" target="_top">&lt;enc:EncryptionMethod /&gt;</a> node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLMANIFESTADDREFERENCE"></a><h3>xmlSecTmplManifestAddReference ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplManifestAddReference      (<font>xmlNodePtr</font> manifestNode,
-                                                         <font>xmlSecTransformId</font> digestMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node with specified URI (<code class="PARAMETER">uri</code>), Id (<code class="PARAMETER">id</code>) and 
-Type (<code class="PARAMETER">type</code>) attributes and the required children <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestMethod" target="_top">&lt;dsig:DigestMethod/&gt;</a> and
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top">&lt;dsig:DigestValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node <code class="PARAMETER">manifestNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLKEYINFOADDENCRYPTEDKEY"></a><h3>xmlSecTmplKeyInfoAddEncryptedKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplKeyInfoAddEncryptedKey    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> encMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *recipient</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node with given attributes to
+the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12840"><span style="white-space: nowrap"><code class="PARAMETER">manifestNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15747"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12846"><span style="white-space: nowrap"><code class="PARAMETER">digestMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the reference digest method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15753"><span style="white-space: nowrap"><code class="PARAMETER">encMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the encryption method (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12851"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the node id (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15758"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Id attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12856"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the reference node uri (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15763"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Type attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12861"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the reference node type (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15768"><span style="white-space: nowrap"><code class="PARAMETER">recipient</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Recipient attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12866"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node or NULL 
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15773"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATACREATE"></a><h3>xmlSecTmplEncDataCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataCreate             (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlSecTransformId</font> encMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *mimeType,
-                                                         const <font>xmlChar</font> *encoding);</pre>
-<p>Creates new <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData%20" target="_top">&lt;enc:EncryptedData /&gt;</a> node for encryption template.</p>
-<p></p>
+<a name="XMLSECTMPLKEYINFOADDKEYNAME"></a><h3>xmlSecTmplKeyInfoAddKeyName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplKeyInfoAddKeyName         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12888"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to signature document or NULL; in the later
-		case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code> to ensure 
-		that all the children nodes have correct pointer to XML document.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15797"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12894"><span style="white-space: nowrap"><code class="PARAMETER">encMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the encryption method (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15803"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the key name (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12899"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Id attribute (optional).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12904"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Type attribute (optional)</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12909"><span style="white-space: nowrap"><code class="PARAMETER">mimeType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the MimeType attribute (optional)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15808"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTMPLKEYINFOADDKEYVALUE"></a><h3>xmlSecTmplKeyInfoAddKeyValue ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplKeyInfoAddKeyValue        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12914"><span style="white-space: nowrap"><code class="PARAMETER">encoding</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Encoding attribute (optional)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15829"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12919"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer newly created  <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node or NULL 
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15835"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAENSUREKEYINFO"></a><h3>xmlSecTmplEncDataEnsureKeyInfo ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataEnsureKeyInfo      (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> to the  <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLKEYINFOADDRETRIEVALMETHOD"></a><h3>xmlSecTmplKeyInfoAddRetrievalMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplKeyInfoAddRetrievalMethod (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12939"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15862"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN15868"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI attribute (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12945"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the Id attrbibute (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15873"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Type attribute(optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12950"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node or 
+<td align="LEFT" valign="TOP"><a name="AEN15878"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node or
 NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAENSUREENCPROPERTIES"></a><h3>xmlSecTmplEncDataEnsureEncProperties ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataEnsureEncProperties
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> 
-node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLKEYINFOADDX509DATA"></a><h3>xmlSecTmplKeyInfoAddX509Data ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplKeyInfoAddX509Data        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> keyInfoNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12970"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15899"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN12976"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Id attribute (optional).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN12981"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node or 
+<td align="LEFT" valign="TOP"><a name="AEN15905"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node or
 NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAADDENCPROPERTY"></a><h3>xmlSecTmplEncDataAddEncProperty ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataAddEncProperty     (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *target);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperty" target="_top">&lt;enc:EncryptionProperty/&gt;</a> node (and the parent 
-<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperties" target="_top">&lt;enc:EncryptionProperties/&gt;</a> node if required) to the 
-<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLMANIFESTADDREFERENCE"></a><h3>xmlSecTmplManifestAddReference ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplManifestAddReference      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> manifestNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> digestMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node with specified URI (<code class="PARAMETER">uri</code>), Id (<code class="PARAMETER">id</code>) and
+Type (<code class="PARAMETER">type</code>) attributes and the required children <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestMethod" target="_top">&lt;dsig:DigestMethod/&gt;</a> and
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top">&lt;dsig:DigestValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node <code class="PARAMETER">manifestNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13003"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15943"><span style="white-space: nowrap"><code class="PARAMETER">manifestNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13009"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Id attribute (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15949"><span style="white-space: nowrap"><code class="PARAMETER">digestMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference digest method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13014"><span style="white-space: nowrap"><code class="PARAMETER">target</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Target attribute (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15954"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13019"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionProperty" target="_top">&lt;enc:EncryptionProperty/&gt;</a> node or 
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15959"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference node uri (may be NULL).</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAENSURECIPHERVALUE"></a><h3>xmlSecTmplEncDataEnsureCipherValue ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataEnsureCipherValue  (<font>xmlNodePtr</font> encNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13038"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15964"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference node type (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13044"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> node or 
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15969"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node or NULL
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAENSURECIPHERREFERENCE"></a><h3>xmlSecTmplEncDataEnsureCipherReference ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataEnsureCipherReference
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node with specified URI attribute <code class="PARAMETER">uri</code>
-to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLOBJECTADDMANIFEST"></a><h3>xmlSecTmplObjectAddManifest ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplObjectAddManifest         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> objectNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node <code class="PARAMETER">objectNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13065"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15993"><span style="white-space: nowrap"><code class="PARAMETER">objectNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13071"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the URI attribute (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN15999"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13076"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node or 
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16004"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node or NULL
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLENCDATAGETENCMETHODNODE"></a><h3>xmlSecTmplEncDataGetEncMethodNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplEncDataGetEncMethodNode   (<font>xmlNodePtr</font> encNode);</pre>
-<p>Gets pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncrytpionMethod" target="_top">&lt;enc:EncrytpionMethod/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLOBJECTADDSIGNPROPERTIES"></a><h3>xmlSecTmplObjectAddSignProperties ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplObjectAddSignProperties   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> objectNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *target</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureProperties" target="_top">&lt;dsig:SignatureProperties/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node <code class="PARAMETER">objectNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13093"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EcnryptedData%20" target="_top">&lt;enc:EcnryptedData /&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16031"><span style="white-space: nowrap"><code class="PARAMETER">objectNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16037"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16042"><span style="white-space: nowrap"><code class="PARAMETER">target</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Target  (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13099"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod%20" target="_top">&lt;enc:EncryptionMethod /&gt;</a> node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16047"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureProperties" target="_top">&lt;dsig:SignatureProperties/&gt;</a> node or NULL
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLCIPHERREFERENCEADDTRANSFORM"></a><h3>xmlSecTmplCipherReferenceAddTransform ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplCipherReferenceAddTransform
-                                                        (<font>xmlNodePtr</font> cipherReferenceNode,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node (and the parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node)
-with specified transform methods <code class="PARAMETER">transform</code> to the <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a>
-child node of the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node <code class="PARAMETER">encNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLREFERENCEADDTRANSFORM"></a><h3>xmlSecTmplReferenceAddTransform ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplReferenceAddTransform     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> referenceNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node <code class="PARAMETER">referenceNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13122"><span style="white-space: nowrap"><code class="PARAMETER">cipherReferenceNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherReference" target="_top">&lt;enc:CipherReference/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16071"><span style="white-space: nowrap"><code class="PARAMETER">referenceNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13128"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16077"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform method id.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13133"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node or 
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16082"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node or NULL if an
+error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTMPLREFERENCELISTADDDATAREFERENCE"></a><h3>xmlSecTmplReferenceListAddDataReference ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplReferenceListAddDataReference
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplReferenceListAddDataReference
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
 <p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-DataReference" target="_top">&lt;enc:DataReference/&gt;</a> and the parent <a href="http://www.w3.org/TR/xmlenc-core/#sec-ReferenceList" target="_top">&lt;enc:ReferenceList/&gt;</a> node (if needed).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13152"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	                the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16105"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13158"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                        uri to reference (optional)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16111"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>uri to reference (optional)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13163"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-DataReference" target="_top">&lt;enc:DataReference/&gt;</a> node or 
+<td align="LEFT" valign="TOP"><a name="AEN16116"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-DataReference" target="_top">&lt;enc:DataReference/&gt;</a> node or
 NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
@@ -799,525 +684,599 @@ NULL if an error occurs.</p></td>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTMPLREFERENCELISTADDKEYREFERENCE"></a><h3>xmlSecTmplReferenceListAddKeyReference ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplReferenceListAddKeyReference
-                                                        (<font>xmlNodePtr</font> encNode,
-                                                         const <font>xmlChar</font> *uri);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplReferenceListAddKeyReference
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> encNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
 <p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-KeyReference" target="_top">&lt;enc:KeyReference/&gt;</a> and the parent <a href="http://www.w3.org/TR/xmlenc-core/#sec-ReferenceList" target="_top">&lt;enc:ReferenceList/&gt;</a> node (if needed).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13182"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	                the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16139"><span style="white-space: nowrap"><code class="PARAMETER">encNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13188"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                        uri to reference (optional)</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16145"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>uri to reference (optional)</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13193"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-KeyReference" target="_top">&lt;enc:KeyReference/&gt;</a> node or 
+<td align="LEFT" valign="TOP"><a name="AEN16150"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-KeyReference" target="_top">&lt;enc:KeyReference/&gt;</a> node or
 NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLKEYINFOADDKEYNAME"></a><h3>xmlSecTmplKeyInfoAddKeyName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplKeyInfoAddKeyName         (<font>xmlNodePtr</font> keyInfoNode,
-                                                         const <font>xmlChar</font> *name);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLRETRIEVALMETHODADDTRANSFORM"></a><h3>xmlSecTmplRetrievalMethodAddTransform ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplRetrievalMethodAddTransform
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> retrMethodNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node (and the parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node
+if required) to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node <code class="PARAMETER">retrMethod</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13213"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16175"><span style="white-space: nowrap"><code class="PARAMETER">retrMethodNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13219"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the key name (optional).	</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16181"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform id.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13224"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a> node or
+<td align="LEFT" valign="TOP"><a name="AEN16186"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node or
 NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLKEYINFOADDKEYVALUE"></a><h3>xmlSecTmplKeyInfoAddKeyValue ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplKeyInfoAddKeyValue        (<font>xmlNodePtr</font> keyInfoNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATUREADDOBJECT"></a><h3>xmlSecTmplSignatureAddObject ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureAddObject        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *mimeType</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *encoding</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node <code class="PARAMETER">signNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13243"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16216"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13249"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyValue" target="_top">&lt;dsig:KeyValue/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16222"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTMPLKEYINFOADDX509DATA"></a><h3>xmlSecTmplKeyInfoAddX509Data ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplKeyInfoAddX509Data        (<font>xmlNodePtr</font> keyInfoNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13268"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16227"><span style="white-space: nowrap"><code class="PARAMETER">mimeType</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the object mime type (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13274"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16232"><span style="white-space: nowrap"><code class="PARAMETER">encoding</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the object encoding (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16237"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Object" target="_top">&lt;dsig:Object/&gt;</a> node or NULL
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLKEYINFOADDRETRIEVALMETHOD"></a><h3>xmlSecTmplKeyInfoAddRetrievalMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplKeyInfoAddRetrievalMethod (<font>xmlNodePtr</font> keyInfoNode,
-                                                         const <font>xmlChar</font> *uri,
-                                                         const <font>xmlChar</font> *type);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATUREADDREFERENCE"></a><h3>xmlSecTmplSignatureAddReference ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureAddReference     (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> digestMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node with given URI (<code class="PARAMETER">uri</code>), Id (<code class="PARAMETER">id</code>) and
+Type (<code class="PARAMETER">type</code>) attributes and the required children <a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestMethod" target="_top">&lt;dsig:DigestMethod/&gt;</a> and
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-DigestValue" target="_top">&lt;dsig:DigestValue/&gt;</a> to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> child of <code class="PARAMETER">signNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13295"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16275"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13301"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the URI attribute (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16281"><span style="white-space: nowrap"><code class="PARAMETER">digestMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference digest method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13306"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Type attribute(optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16286"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13311"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16291"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference node uri (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16296"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference node type (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16301"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node or NULL
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLRETRIEVALMETHODADDTRANSFORM"></a><h3>xmlSecTmplRetrievalMethodAddTransform ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplRetrievalMethodAddTransform
-                                                        (<font>xmlNodePtr</font> retrMethodNode,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node (and the parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node
-if required) to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node <code class="PARAMETER">retrMethod</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATURECREATE"></a><h3>xmlSecTmplSignatureCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureCreate           (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> c14nMethodId</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> signMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Creates new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with the mandatory <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>,
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> and
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> children and sub-children.
+The application is responsible for inserting the returned node
+in the XML document.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13332"><span style="white-space: nowrap"><code class="PARAMETER">retrMethodNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod" target="_top">&lt;dsig:RetrievalMethod/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16333"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature document or NULL; in the
+second case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code>
+to ensure that all the children nodes have correct
+pointer to XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13338"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16339"><span style="white-space: nowrap"><code class="PARAMETER">c14nMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature canonicalization method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13343"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transforms" target="_top">&lt;dsig:Transforms/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16344"><span style="white-space: nowrap"><code class="PARAMETER">signMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature  method.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16349"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16354"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node or NULL if an
+error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLKEYINFOADDENCRYPTEDKEY"></a><h3>xmlSecTmplKeyInfoAddEncryptedKey ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplKeyInfoAddEncryptedKey    (<font>xmlNodePtr</font> keyInfoNode,
-                                                         <font>xmlSecTransformId</font> encMethodId,
-                                                         const <font>xmlChar</font> *id,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *recipient);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node with given attributes to 
-the <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node <code class="PARAMETER">keyInfoNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATURECREATENSPREF"></a><h3>xmlSecTmplSignatureCreateNsPref ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureCreateNsPref     (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> c14nMethodId</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> signMethodId</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nsPrefix</code>);</pre>
+<p>Creates new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with the mandatory
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>, <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a>,
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> and <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> children and
+sub-children. This method differs from xmlSecTmplSignatureCreate in
+that it will define the http://www.w3.org/2000/09/xmldsig#
+namespace with the given prefix that will be used for all of the
+appropriate child nodes.  The application is responsible for
+inserting the returned node in the XML document.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13366"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16389"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature document or NULL; in the
+second case, application must later call <code class="PARAMETER">xmlSetTreeDoc</code>
+to ensure that all the children nodes have correct
+pointer to XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13372"><span style="white-space: nowrap"><code class="PARAMETER">encMethodId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the encryption method (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16395"><span style="white-space: nowrap"><code class="PARAMETER">c14nMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature canonicalization method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13377"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Id attribute (optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16400"><span style="white-space: nowrap"><code class="PARAMETER">signMethodId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature  method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13382"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Type attribute (optional). </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16405"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13387"><span style="white-space: nowrap"><code class="PARAMETER">recipient</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the Recipient attribute (optional). </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16410"><span style="white-space: nowrap"><code class="PARAMETER">nsPrefix</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the namespace prefix for the signature element (e.g. "dsig"), or NULL</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13392"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16415"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node or NULL if an
+error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509DATAADDISSUERSERIAL"></a><h3>xmlSecTmplX509DataAddIssuerSerial ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509DataAddIssuerSerial   (<font>xmlNodePtr</font> x509DataNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATUREENSUREKEYINFO"></a><h3>xmlSecTmplSignatureEnsureKeyInfo ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureEnsureKeyInfo    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Adds (if necessary) <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a>
+node <code class="PARAMETER">signNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13410"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16439"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the  pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13416"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16445"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node id (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16450"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node or NULL if an
+error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509ISSUERSERIALADDISSUERNAME"></a><h3>xmlSecTmplX509IssuerSerialAddIssuerName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509IssuerSerialAddIssuerName
-                                                        (<font>xmlNodePtr</font> x509IssuerSerialNode,
-                                                         const <font>xmlChar</font> *issuerName);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerName" target="_top">&lt;dsig:X509IssuerName/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node <code class="PARAMETER">x509IssuerSerialNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATUREGETC14NMETHODNODE"></a><h3>xmlSecTmplSignatureGetC14NMethodNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureGetC14NMethodNode
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>);</pre>
+<p>Gets pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod" target="_top">&lt;dsig:CanonicalizationMethod/&gt;</a> child of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13436"><span style="white-space: nowrap"><code class="PARAMETER">x509IssuerSerialNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN13442"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the issuer name (optional).	</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16470"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature%20" target="_top">&lt;dsig:Signature /&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13447"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerName" target="_top">&lt;dsig:X509IssuerName/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16476"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-CanonicalizationMethod%20" target="_top">&lt;dsig:CanonicalizationMethod /&gt;</a> node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509ISSUERSERIALADDSERIALNUMBER"></a><h3>xmlSecTmplX509IssuerSerialAddSerialNumber ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509IssuerSerialAddSerialNumber
-                                                        (<font>xmlNodePtr</font> x509IssuerSerialNode,
-                                                         const <font>xmlChar</font> *serial);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SerialNumber" target="_top">&lt;dsig:X509SerialNumber/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node <code class="PARAMETER">x509IssuerSerialNode</code>.</p>
-<p></p>
+<a name="XMLSECTMPLSIGNATUREGETSIGNMETHODNODE"></a><h3>xmlSecTmplSignatureGetSignMethodNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplSignatureGetSignMethodNode
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> signNode</code>);</pre>
+<p>Gets pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod" target="_top">&lt;dsig:SignatureMethod/&gt;</a> child of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13467"><span style="white-space: nowrap"><code class="PARAMETER">x509IssuerSerialNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16496"><span style="white-space: nowrap"><code class="PARAMETER">signNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature%20" target="_top">&lt;dsig:Signature /&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13473"><span style="white-space: nowrap"><code class="PARAMETER">serial</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the serial number (optional).	</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN13478"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SerialNumber" target="_top">&lt;dsig:X509SerialNumber/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16502"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureMethod%20" target="_top">&lt;dsig:SignatureMethod /&gt;</a> node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509DATAADDSUBJECTNAME"></a><h3>xmlSecTmplX509DataAddSubjectName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509DataAddSubjectName    (<font>xmlNodePtr</font> x509DataNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDC14NINCLNAMESPACES"></a><h3>xmlSecTmplTransformAddC14NInclNamespaces ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddC14NInclNamespaces
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefixList</code>);</pre>
+<p>Adds "inclusive" namespaces to the ExcC14N transform node <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13496"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16524"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13502"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16530"><span style="white-space: nowrap"><code class="PARAMETER">prefixList</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the white space delimited  list of namespace prefixes,
+where "<gtkdoclink href="DEFAULT"><span class="TYPE">default</span></gtkdoclink>" indicates the default namespace
+(optional).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16537"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 if success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509DATAADDSKI"></a><h3>xmlSecTmplX509DataAddSKI ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509DataAddSKI            (<font>xmlNodePtr</font> x509DataNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI" target="_top">&lt;dsig:X509SKI/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDHMACOUTPUTLENGTH"></a><h3>xmlSecTmplTransformAddHmacOutputLength ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddHmacOutputLength
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> bitsLen</code>);</pre>
+<p>Creates <a href="http://www.w3.org/TR/xmldsig-core/#sec-HMACOutputLength" target="_top">&lt;dsig:HMACOutputLength/&gt;</a> child for the HMAC transform
+node <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13520"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16559"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13526"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI" target="_top">&lt;dsig:X509SKI/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16565"><span style="white-space: nowrap"><code class="PARAMETER">bitsLen</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the required length in bits</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16570"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negatie value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509DATAADDCERTIFICATE"></a><h3>xmlSecTmplX509DataAddCertificate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509DataAddCertificate    (<font>xmlNodePtr</font> x509DataNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDRSAOAEPPARAM"></a><h3>xmlSecTmplTransformAddRsaOaepParam ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddRsaOaepParam  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buf</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Creates <a href="http://www.w3.org/TR/xmlenc-core/#sec-OAEPParam" target="_top">&lt;enc:OAEPParam/&gt;</a> child node in the <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13544"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16595"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13550"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16601"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the OAEP param buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16606"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the OAEP param buffer size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16611"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLX509DATAADDCRL"></a><h3>xmlSecTmplX509DataAddCRL ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecTmplX509DataAddCRL            (<font>xmlNodePtr</font> x509DataNode);</pre>
-<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDXPATH"></a><h3>xmlSecTmplTransformAddXPath ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddXPath         (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);</pre>
+<p>Writes XPath transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node
+<code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13568"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16636"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13574"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node or
-NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16642"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XPath expression.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16647"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the NULL terminated list of namespace prefix/href pairs
+(optional).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16652"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 for success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDHMACOUTPUTLENGTH"></a><h3>xmlSecTmplTransformAddHmacOutputLength ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddHmacOutputLength
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> bitsLen);</pre>
-<p>Creates <a href="http://www.w3.org/TR/xmldsig-core/#sec-HMACOutputLength" target="_top">&lt;dsig:HMACOutputLength/&gt;</a> child for the HMAC transform 
-node <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDXPATH2"></a><h3>xmlSecTmplTransformAddXPath2 ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddXPath2        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);</pre>
+<p>Writes XPath2 transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node
+<code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13593"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16680"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16686"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XPath2 transform type ("union", "intersect" or "subtract").</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13599"><span style="white-space: nowrap"><code class="PARAMETER">bitsLen</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the required length in bits</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16691"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XPath expression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13604"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negatie value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16696"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the NULL terminated list of namespace prefix/href pairs.
+(optional).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16701"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 for success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDRSAOAEPPARAM"></a><h3>xmlSecTmplTransformAddRsaOaepParam ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddRsaOaepParam  (<font>xmlNodePtr</font> transformNode,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buf,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Creates <a href="http://www.w3.org/TR/xmlenc-core/#sec-OAEPParam" target="_top">&lt;enc:OAEPParam/&gt;</a> child node in the <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLTRANSFORMADDXPOINTER"></a><h3>xmlSecTmplTransformAddXPointer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddXPointer      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expression</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **nsList</code>);</pre>
+<p>Writes XPoniter transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node
+<code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13623"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16726"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13629"><span style="white-space: nowrap"><code class="PARAMETER">buf</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the OAEP param buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16732"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XPath expression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13634"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the OAEP param buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16737"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the NULL terminated list of namespace prefix/href pairs.
+(optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13639"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16742"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 for success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTMPLTRANSFORMADDXSLTSTYLESHEET"></a><h3>xmlSecTmplTransformAddXsltStylesheet ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddXsltStylesheet
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *xslt);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTmplTransformAddXsltStylesheet
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> transformNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *xslt</code>);</pre>
 <p>Writes the XSLT transform expression to the <code class="PARAMETER">node</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13656"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16763"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13662"><span style="white-space: nowrap"><code class="PARAMETER">xslt</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XSLT transform exspression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16769"><span style="white-space: nowrap"><code class="PARAMETER">xslt</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XSLT transform exspression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13667"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16774"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDC14NINCLNAMESPACES"></a><h3>xmlSecTmplTransformAddC14NInclNamespaces ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddC14NInclNamespaces
-                                                        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *prefixList);</pre>
-<p>Adds "inclusive" namespaces to the ExcC14N transform node <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLX509DATAADDCRL"></a><h3>xmlSecTmplX509DataAddCRL ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509DataAddCRL            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13684"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16793"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13690"><span style="white-space: nowrap"><code class="PARAMETER">prefixList</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the white space delimited  list of namespace prefixes, 
-		where "<gtkdoclink href="DEFAULT"><span class="TYPE">default</span></gtkdoclink>" indicates the default namespace
-		(optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16799"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node or
+NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTMPLX509DATAADDCERTIFICATE"></a><h3>xmlSecTmplX509DataAddCertificate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509DataAddCertificate    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN16819"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13697"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 if success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16825"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDXPATH"></a><h3>xmlSecTmplTransformAddXPath ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddXPath         (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);</pre>
-<p>Writes XPath transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node 
-<code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLX509DATAADDISSUERSERIAL"></a><h3>xmlSecTmplX509DataAddIssuerSerial ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509DataAddIssuerSerial   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13716"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16845"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13722"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the XPath expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16851"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTMPLX509DATAADDSKI"></a><h3>xmlSecTmplX509DataAddSKI ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509DataAddSKI            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI" target="_top">&lt;dsig:X509SKI/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13727"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the NULL terminated list of namespace prefix/href pairs
-		(optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16871"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13732"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 for success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16877"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SKI" target="_top">&lt;dsig:X509SKI/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDXPATH2"></a><h3>xmlSecTmplTransformAddXPath2 ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddXPath2        (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *type,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);</pre>
-<p>Writes XPath2 transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node 
-<code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLX509DATAADDSUBJECTNAME"></a><h3>xmlSecTmplX509DataAddSubjectName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509DataAddSubjectName    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509DataNode</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node to the given <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13752"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16897"><span style="white-space: nowrap"><code class="PARAMETER">x509DataNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13758"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XPath2 transform type ("union", "intersect" or "subtract").</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTMPLX509ISSUERSERIALADDISSUERNAME"></a><h3>xmlSecTmplX509IssuerSerialAddIssuerName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509IssuerSerialAddIssuerName
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509IssuerSerialNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *issuerName</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerName" target="_top">&lt;dsig:X509IssuerName/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node <code class="PARAMETER">x509IssuerSerialNode</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13763"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the XPath expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16927"><span style="white-space: nowrap"><code class="PARAMETER">x509IssuerSerialNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13768"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the NULL terminated list of namespace prefix/href pairs.
-		(optional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16933"><span style="white-space: nowrap"><code class="PARAMETER">issuerName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the issuer name (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13773"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 for success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16938"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerName" target="_top">&lt;dsig:X509IssuerName/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTMPLTRANSFORMADDXPOINTER"></a><h3>xmlSecTmplTransformAddXPointer ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTmplTransformAddXPointer      (<font>xmlNodePtr</font> transformNode,
-                                                         const <font>xmlChar</font> *expression,
-                                                         const <font>xmlChar</font> **nsList);</pre>
-<p>Writes XPoniter transform infromation to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node 
-<code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECTMPLX509ISSUERSERIALADDSERIALNUMBER"></a><h3>xmlSecTmplX509IssuerSerialAddSerialNumber ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODE"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecTmplX509IssuerSerialAddSerialNumber
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> x509IssuerSerialNode</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *serial</code>);</pre>
+<p>Adds <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SerialNumber" target="_top">&lt;dsig:X509SerialNumber/&gt;</a> node to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node <code class="PARAMETER">x509IssuerSerialNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13792"><span style="white-space: nowrap"><code class="PARAMETER">transformNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the pointer to the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16962"><span style="white-space: nowrap"><code class="PARAMETER">x509IssuerSerialNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13798"><span style="white-space: nowrap"><code class="PARAMETER">expression</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the XPath expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16968"><span style="white-space: nowrap"><code class="PARAMETER">serial</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the serial number (optional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN13803"><span style="white-space: nowrap"><code class="PARAMETER">nsList</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the NULL terminated list of namespace prefix/href pairs.
-		(optional).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN13808"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 for success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN16973"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the newly created <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SerialNumber" target="_top">&lt;dsig:X509SerialNumber/&gt;</a> node or
+NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-transforms.html b/docs/api/xmlsec-transforms.html
index a02f0a4c..2cf0855c 100644
--- a/docs/api/xmlsec-transforms.html
+++ b/docs/api/xmlsec-transforms.html
@@ -87,259 +87,262 @@
 <h1>
 <a name="XMLSEC-TRANSFORMS"></a>transforms</h1>
 <div class="REFNAMEDIV">
-<a name="AEN13818"></a><h2>Name</h2>transforms -- Transform object definition.</div>
+<a name="AEN16984"></a><h2>Name</h2>transforms -- Transform object definition.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-TRANSFORMS.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-transforms.html#XMLSEC-TRANSFORM-BINARY-CHUNK--CAPS">XMLSEC_TRANSFORM_BINARY_CHUNK</a>
-<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSGET">xmlSecTransformIdsGet</a>               (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSINIT">xmlSecTransformIdsInit</a>              (void);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSSHUTDOWN">xmlSecTransformIdsShutdown</a>          (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSREGISTERDEFAULT">xmlSecTransformIdsRegisterDefault</a>   (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSREGISTER">xmlSecTransformIdsRegister</a>          (<font>xmlSecTransformId</font> id);
-enum                <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS">xmlSecTransformStatus</a>;
+<pre class="SYNOPSIS">#define             <a href="xmlsec-transforms.html#XMLSEC-TRANSFORMCTX-FLAGS-USE-VISA3D-HACK:CAPS">XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK</a>
+#define             <a href="xmlsec-transforms.html#XMLSEC-TRANSFORM-BINARY-CHUNK:CAPS">XMLSEC_TRANSFORM_BINARY_CHUNK</a>
+struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransform</a>;
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64GETKLASS">xmlSecTransformBase64GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64ID">xmlSecTransformBase64Id</a>
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64SETLINESIZE">xmlSecTransformBase64SetLineSize</a>    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> lineSize</code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKID">xmlSecTransformCheckId</a>              (transform,
+                                                         i)
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKSIZE">xmlSecTransformCheckSize</a>            (transform,
+                                                         size)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT">xmlSecTransformConnect</a>              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> left</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> right</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="RETURNVALUE">xmlSecTransformPtr</span></a>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATE">xmlSecTransformCreate</a>               (<code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);
+<gtkdoclink href="XMLPARSERINPUTBUFFER"><span class="RETURNVALUE">xmlParserInputBufferPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATEINPUTBUFFER">xmlSecTransformCreateInputBuffer</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="XMLOUTPUTBUFFERPTR"><span class="RETURNVALUE">xmlOutputBufferPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATEOUTPUTBUFFER">xmlSecTransformCreateOutputBuffer</a>   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXAPPEND">xmlSecTransformCtxAppend</a>            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXBINARYEXECUTE">xmlSecTransformCtxBinaryExecute</a>     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCOPYUSERPREF">xmlSecTransformCtxCopyUserPref</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> src</code>);
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="RETURNVALUE">xmlSecTransformCtxPtr</span></a> <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATE">xmlSecTransformCtxCreate</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATEANDAPPEND">xmlSecTransformCtxCreateAndAppend</a>   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);
+<gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATEANDPREPEND">xmlSecTransformCtxCreateAndPrepend</a>  (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDEBUGDUMP">xmlSecTransformCtxDebugDump</a>         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDEBUGXMLDUMP">xmlSecTransformCtxDebugXmlDump</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDESTROY">xmlSecTransformCtxDestroy</a>           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXEXECUTE">xmlSecTransformCtxExecute</a>           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXFINALIZE">xmlSecTransformCtxFinalize</a>          (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXINITIALIZE">xmlSecTransformCtxInitialize</a>        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);
+<gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXNODEREAD">xmlSecTransformCtxNodeRead</a>          (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXNODESLISTREAD">xmlSecTransformCtxNodesListRead</a>     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK">*xmlSecTransformCtxPreExecuteCallback</a>)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREPARE">xmlSecTransformCtxPrepare</a>           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="TYPE">xmlSecTransformDataType</span></a> inputDataType</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREPEND">xmlSecTransformCtxPrepend</a>           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXRESET">xmlSecTransformCtxReset</a>             (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXSETURI">xmlSecTransformCtxSetUri</a>            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> hereNode</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXURIEXECUTE">xmlSecTransformCtxUriExecute</a>        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXXMLEXECUTE">xmlSecTransformCtxXmlExecute</a>        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>);
+typedef             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>;
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEBIN">xmlSecTransformDataTypeBin</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEUNKNOWN">xmlSecTransformDataTypeUnknown</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEXML">xmlSecTransformDataTypeXml</a>
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEBUGDUMP">xmlSecTransformDebugDump</a>            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEBUGXMLDUMP">xmlSecTransformDebugXmlDump</a>         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTGETDATATYPE">xmlSecTransformDefaultGetDataType</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPOPBIN">xmlSecTransformDefaultPopBin</a>        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPOPXML">xmlSecTransformDefaultPopXml</a>        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPUSHBIN">xmlSecTransformDefaultPushBin</a>       (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPUSHXML">xmlSecTransformDefaultPushXml</a>       (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMDESTROY">xmlSecTransformDestroy</a>              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDGETKLASS">xmlSecTransformEnvelopedGetKlass</a>    (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDID">xmlSecTransformEnvelopedId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NGETKLASS">xmlSecTransformExclC14NGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NID">xmlSecTransformExclC14NId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NWITHCOMMENTSGETKLASS">xmlSecTransformExclC14NWithCommentsGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NWITHCOMMENTSID">xmlSecTransformExclC14NWithCommentsId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTE">xmlSecTransformExecute</a>              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> last</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTEMETHOD">*xmlSecTransformExecuteMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> last</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (<a href="xmlsec-transforms.html#XMLSECTRANSFORMFINALIZEMETHOD">*xmlSecTransformFinalizeMethod</a>)    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> <a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPE">xmlSecTransformGetDataType</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> (<a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPEMETHOD">*xmlSecTransformGetDataTypeMethod</a>)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMGETNAME">xmlSecTransformGetName</a>              (transform)
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTDEBUGDUMP">xmlSecTransformIdListDebugDump</a>      (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTDEBUGXMLDUMP">xmlSecTransformIdListDebugXmlDump</a>   (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFIND">xmlSecTransformIdListFind</a>           (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFINDBYHREF">xmlSecTransformIdListFindByHref</a>     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFINDBYNAME">xmlSecTransformIdListFindByName</a>     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTGETKLASS">xmlSecTransformIdListGetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTID">xmlSecTransformIdListId</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDUNKNOWN">xmlSecTransformIdUnknown</a>
+<a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSGET">xmlSecTransformIdsGet</a>               (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSINIT">xmlSecTransformIdsInit</a>              (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSREGISTER">xmlSecTransformIdsRegister</a>          (<code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSREGISTERDEFAULT">xmlSecTransformIdsRegisterDefault</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMIDSSHUTDOWN">xmlSecTransformIdsShutdown</a>          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11GETKLASS">xmlSecTransformInclC14N11GetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11ID">xmlSecTransformInclC14N11Id</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11WITHCOMMENTSGETKLASS">xmlSecTransformInclC14N11WithCommentsGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11WITHCOMMENTSID">xmlSecTransformInclC14N11WithCommentsId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NGETKLASS">xmlSecTransformInclC14NGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NID">xmlSecTransformInclC14NId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NWITHCOMMENTSGETKLASS">xmlSecTransformInclC14NWithCommentsGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NWITHCOMMENTSID">xmlSecTransformInclC14NWithCommentsId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMINITIALIZEMETHOD">*xmlSecTransformInitializeMethod</a>)  (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMISVALID">xmlSecTransformIsValid</a>              (transform)
+struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORMKLASS">xmlSecTransformKlass</a>;
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMKLASSGETNAME">xmlSecTransformKlassGetName</a>         (klass)
 enum                <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a>;
+<gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREAD">xmlSecTransformNodeRead</a>             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREADMETHOD">*xmlSecTransformNodeReadMethod</a>)    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEWRITEMETHOD">*xmlSecTransformNodeWriteMethod</a>)   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
 enum                <a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION">xmlSecTransformOperation</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBIN">xmlSecTransformPopBin</a>               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBINMETHOD">*xmlSecTransformPopBinMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXML">xmlSecTransformPopXml</a>               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXMLMETHOD">*xmlSecTransformPopXmlMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUMP">xmlSecTransformPump</a>                 (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> left</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> right</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBIN">xmlSecTransformPushBin</a>              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBINMETHOD">*xmlSecTransformPushBinMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXML">xmlSecTransformPushXml</a>              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXMLMETHOD">*xmlSecTransformPushXmlMethod</a>)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVE">xmlSecTransformRemove</a>               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVEXMLTAGSC14NGETKLASS">xmlSecTransformRemoveXmlTagsC14NGetKlass</a>
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVEXMLTAGSC14NID">xmlSecTransformRemoveXmlTagsC14NId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEY">xmlSecTransformSetKey</a>               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYMETHOD">*xmlSecTransformSetKeyMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQ">xmlSecTransformSetKeyReq</a>            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD">*xmlSecTransformSetKeyRequirementsMethod</a>)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);
+enum                <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS">xmlSecTransformStatus</a>;
 typedef             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE">xmlSecTransformUriType</a>;
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPENONE">xmlSecTransformUriTypeNone</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPEANY">xmlSecTransformUriTypeAny</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPECHECK">xmlSecTransformUriTypeCheck</a>         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE"><span class="TYPE">xmlSecTransformUriType</span></a> type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPEEMPTY">xmlSecTransformUriTypeEmpty</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPESAMEDOCUMENT">xmlSecTransformUriTypeSameDocument</a>
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPELOCAL">xmlSecTransformUriTypeLocal</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPENONE">xmlSecTransformUriTypeNone</a>
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPEREMOTE">xmlSecTransformUriTypeRemote</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPEANY">xmlSecTransformUriTypeAny</a>
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPECHECK">xmlSecTransformUriTypeCheck</a>         (<a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE">xmlSecTransformUriType</a> type,
-                                                         const <font>xmlChar</font> *uri);
-typedef             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>;
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEUNKNOWN">xmlSecTransformDataTypeUnknown</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEBIN">xmlSecTransformDataTypeBin</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPEXML">xmlSecTransformDataTypeXml</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPESAMEDOCUMENT">xmlSecTransformUriTypeSameDocument</a>
 typedef             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a>;
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEUNKNOWN">xmlSecTransformUsageUnknown</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEDSIGTRANSFORM">xmlSecTransformUsageDSigTransform</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEANY">xmlSecTransformUsageAny</a>
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEC14NMETHOD">xmlSecTransformUsageC14NMethod</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEDSIGTRANSFORM">xmlSecTransformUsageDSigTransform</a>
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEDIGESTMETHOD">xmlSecTransformUsageDigestMethod</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGESIGNATUREMETHOD">xmlSecTransformUsageSignatureMethod</a>
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEENCRYPTIONMETHOD">xmlSecTransformUsageEncryptionMethod</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEANY">xmlSecTransformUsageAny</a>
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK">*xmlSecTransformCtxPreExecuteCallback</a>)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-#define             <a href="xmlsec-transforms.html#XMLSEC-TRANSFORMCTX-FLAGS-USE-VISA3D-HACK--CAPS">XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK</a>
-struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a>;
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATE">xmlSecTransformCtxCreate</a>         (void);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDESTROY">xmlSecTransformCtxDestroy</a>           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXINITIALIZE">xmlSecTransformCtxInitialize</a>        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXFINALIZE">xmlSecTransformCtxFinalize</a>          (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXRESET">xmlSecTransformCtxReset</a>             (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCOPYUSERPREF">xmlSecTransformCtxCopyUserPref</a>      (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> dst,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> src);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXSETURI">xmlSecTransformCtxSetUri</a>            (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <font>xmlChar</font> *uri,
-                                                         <font>xmlNodePtr</font> hereNode);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXAPPEND">xmlSecTransformCtxAppend</a>            (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREPEND">xmlSecTransformCtxPrepend</a>           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<font>xmlSecTransformPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATEANDAPPEND">xmlSecTransformCtxCreateAndAppend</a>   (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlSecTransformId</font> id);
-<font>xmlSecTransformPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATEANDPREPEND">xmlSecTransformCtxCreateAndPrepend</a>  (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlSecTransformId</font> id);
-<font>xmlSecTransformPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXNODEREAD">xmlSecTransformCtxNodeRead</a>          (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXNODESLISTREAD">xmlSecTransformCtxNodesListRead</a>     (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREPARE">xmlSecTransformCtxPrepare</a>           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a> inputDataType);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXBINARYEXECUTE">xmlSecTransformCtxBinaryExecute</a>     (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXURIEXECUTE">xmlSecTransformCtxUriExecute</a>        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <font>xmlChar</font> *uri);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXXMLEXECUTE">xmlSecTransformCtxXmlExecute</a>        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXEXECUTE">xmlSecTransformCtxExecute</a>           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlDocPtr</font> doc);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDEBUGDUMP">xmlSecTransformCtxDebugDump</a>         (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDEBUGXMLDUMP">xmlSecTransformCtxDebugXmlDump</a>      (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>FILE</font> *output);
-struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransform</a>;
-<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATE">xmlSecTransformCreate</a>               (<font>xmlSecTransformId</font> id);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMDESTROY">xmlSecTransformDestroy</a>              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<font>xmlSecTransformPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREAD">xmlSecTransformNodeRead</a>             (<font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMPUMP">xmlSecTransformPump</a>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> left,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> right,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEY">xmlSecTransformSetKey</a>               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQ">xmlSecTransformSetKeyReq</a>            (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFY">xmlSecTransformVerify</a>               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYNODECONTENT">xmlSecTransformVerifyNodeContent</a>    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPE">xmlSecTransformGetDataType</a>     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBIN">xmlSecTransformPushBin</a>              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBIN">xmlSecTransformPopBin</a>               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXML">xmlSecTransformPushXml</a>              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXML">xmlSecTransformPopXml</a>               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTE">xmlSecTransformExecute</a>              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>int</font> last,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEBUGDUMP">xmlSecTransformDebugDump</a>            (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEBUGXMLDUMP">xmlSecTransformDebugXmlDump</a>         (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>FILE</font> *output);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMGETNAME">xmlSecTransformGetName</a>              (transform)
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMISVALID">xmlSecTransformIsValid</a>              (transform)
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKTYPE">xmlSecTransformCheckType</a>            (transform, t)
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKID">xmlSecTransformCheckId</a>              (transform, i)
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMCHECKSIZE">xmlSecTransformCheckSize</a>            (transform, size)
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT">xmlSecTransformConnect</a>              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> left,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> right,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVE">xmlSecTransformRemove</a>               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTGETDATATYPE">xmlSecTransformDefaultGetDataType</a>
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPUSHBIN">xmlSecTransformDefaultPushBin</a>       (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPOPBIN">xmlSecTransformDefaultPopBin</a>        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPUSHXML">xmlSecTransformDefaultPushXml</a>       (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMDEFAULTPOPXML">xmlSecTransformDefaultPopXml</a>        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>xmlOutputBufferPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATEOUTPUTBUFFER">xmlSecTransformCreateOutputBuffer</a>   (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>xmlParserInputBufferPtr</font>  <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATEINPUTBUFFER">xmlSecTransformCreateInputBuffer</a>
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMINITIALIZEMETHOD">*xmlSecTransformInitializeMethod</a>)  (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<font>void</font>                (<a href="xmlsec-transforms.html#XMLSECTRANSFORMFINALIZEMETHOD">*xmlSecTransformFinalizeMethod</a>)    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  (<a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPEMETHOD">*xmlSecTransformGetDataTypeMethod</a>)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREADMETHOD">*xmlSecTransformNodeReadMethod</a>)    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEWRITEMETHOD">*xmlSecTransformNodeWriteMethod</a>)   (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD">*xmlSecTransformSetKeyRequirementsMethod</a>)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYMETHOD">*xmlSecTransformSetKeyMethod</a>)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYMETHOD">*xmlSecTransformVerifyMethod</a>)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBINMETHOD">*xmlSecTransformPushBinMethod</a>)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBINMETHOD">*xmlSecTransformPopBinMethod</a>)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXMLMETHOD">*xmlSecTransformPushXmlMethod</a>)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXMLMETHOD">*xmlSecTransformPopXmlMethod</a>)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-<font>int</font>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTEMETHOD">*xmlSecTransformExecuteMethod</a>)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>int</font> last,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);
-struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORMKLASS">xmlSecTransformKlass</a>;
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMKLASSGETNAME">xmlSecTransformKlassGetName</a>         (klass)
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTID">xmlSecTransformIdListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTGETKLASS">xmlSecTransformIdListGetKlass</a>       (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFIND">xmlSecTransformIdListFind</a>           (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFINDBYHREF">xmlSecTransformIdListFindByHref</a>     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *href,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTFINDBYNAME">xmlSecTransformIdListFindByName</a>     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTDEBUGDUMP">xmlSecTransformIdListDebugDump</a>      (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDLISTDEBUGXMLDUMP">xmlSecTransformIdListDebugXmlDump</a>   (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMIDUNKNOWN">xmlSecTransformIdUnknown</a>
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64ID">xmlSecTransformBase64Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64GETKLASS">xmlSecTransformBase64GetKlass</a>       (void);
-<font>void</font>                <a href="xmlsec-transforms.html#XMLSECTRANSFORMBASE64SETLINESIZE">xmlSecTransformBase64SetLineSize</a>    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> lineSize);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NID">xmlSecTransformInclC14NId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NGETKLASS">xmlSecTransformInclC14NGetKlass</a>     (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NWITHCOMMENTSID">xmlSecTransformInclC14NWithCommentsId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14NWITHCOMMENTSGETKLASS">xmlSecTransformInclC14NWithCommentsGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11ID">xmlSecTransformInclC14N11Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11GETKLASS">xmlSecTransformInclC14N11GetKlass</a>   (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11WITHCOMMENTSID">xmlSecTransformInclC14N11WithCommentsId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMINCLC14N11WITHCOMMENTSGETKLASS">xmlSecTransformInclC14N11WithCommentsGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NID">xmlSecTransformExclC14NId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NGETKLASS">xmlSecTransformExclC14NGetKlass</a>     (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NWITHCOMMENTSID">xmlSecTransformExclC14NWithCommentsId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMEXCLC14NWITHCOMMENTSGETKLASS">xmlSecTransformExclC14NWithCommentsGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDID">xmlSecTransformEnvelopedId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMENVELOPEDGETKLASS">xmlSecTransformEnvelopedGetKlass</a>    (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATHID">xmlSecTransformXPathId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATHGETKLASS">xmlSecTransformXPathGetKlass</a>        (void);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGESIGNATUREMETHOD">xmlSecTransformUsageSignatureMethod</a>
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGEUNKNOWN">xmlSecTransformUsageUnknown</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFY">xmlSecTransformVerify</a>               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYMETHOD">*xmlSecTransformVerifyMethod</a>)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYNODECONTENT">xmlSecTransformVerifyNodeContent</a>    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKGETKLASS">xmlSecTransformVisa3DHackGetKlass</a>   (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKID">xmlSecTransformVisa3DHackId</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKSETID">xmlSecTransformVisa3DHackSetID</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATH2GETKLASS">xmlSecTransformXPath2GetKlass</a>       (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATH2ID">xmlSecTransformXPath2Id</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATH2GETKLASS">xmlSecTransformXPath2GetKlass</a>       (void);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATHGETKLASS">xmlSecTransformXPathGetKlass</a>        (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPATHID">xmlSecTransformXPathId</a>
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERGETKLASS">xmlSecTransformXPointerGetKlass</a>     (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERID">xmlSecTransformXPointerId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERGETKLASS">xmlSecTransformXPointerGetKlass</a>     (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERSETEXPR">xmlSecTransformXPointerSetExpr</a>      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *expr,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a> nodeSetType,
-                                                         <font>xmlNodePtr</font> hereNode);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXPOINTERSETEXPR">xmlSecTransformXPointerSetExpr</a>      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE"><span class="TYPE">xmlSecNodeSetType</span></a> nodeSetType</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> hereNode</code>);
+<gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTGETKLASS">xmlSecTransformXsltGetKlass</a>         (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTID">xmlSecTransformXsltId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTGETKLASS">xmlSecTransformXsltGetKlass</a>         (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVEXMLTAGSC14NID">xmlSecTransformRemoveXmlTagsC14NId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMREMOVEXMLTAGSC14NGETKLASS">xmlSecTransformRemoveXmlTagsC14NGetKlass</a>
-                                                        (void);
-#define             <a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKID">xmlSecTransformVisa3DHackId</a>
-<font>xmlSecTransformId</font>   <a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKGETKLASS">xmlSecTransformVisa3DHackGetKlass</a>   (void);
-<font>int</font>                 <a href="xmlsec-transforms.html#XMLSECTRANSFORMVISA3DHACKSETID">xmlSecTransformVisa3DHackSetID</a>      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *id);</pre>
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-transforms.html#XMLSECTRANSFORMXSLTSETDEFAULTSECURITYPREFS">xmlSecTransformXsltSetDefaultSecurityPrefs</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XSLTSECURITYPREFS"><span class="TYPE">xsltSecurityPrefsPtr</span></gtkdoclink> sec</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-TRANSFORMS.DESCRIPTION"></a><h2>Description</h2>
@@ -348,2654 +351,2583 @@ struct              <a href="xmlsec-transforms.html#XMLSECTRANSFORMKLASS">xmlSec
 <div class="REFSECT1">
 <a name="XMLSEC-TRANSFORMS.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-TRANSFORM-BINARY-CHUNK--CAPS"></a><h3>XMLSEC_TRANSFORM_BINARY_CHUNK</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_TRANSFORM_BINARY_CHUNK			64</pre>
-<p>The binary data chunks size. XMLSec processes binary data one chunk 
-at a time. Changing this impacts xmlsec memory usage and performance.</p>
-<p></p>
+<a name="XMLSEC-TRANSFORMCTX-FLAGS-USE-VISA3D-HACK:CAPS"></a><h3>XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK               0x00000001</pre>
+<p>If this flag is set then URI ID references are resolved directly
+without using XPointers. This allows one to sign/verify Visa3D
+documents that don't follow XML, XPointer and XML DSig specifications.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDSGET"></a><h3>xmlSecTransformIdsGet ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a>    xmlSecTransformIdsGet               (void);</pre>
-<p>Gets global registered transform klasses list.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14242"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to list of all registered transform klasses.</p></td>
-</tr></tbody></table>
+<a name="XMLSEC-TRANSFORM-BINARY-CHUNK:CAPS"></a><h3>XMLSEC_TRANSFORM_BINARY_CHUNK</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_TRANSFORM_BINARY_CHUNK                   64</pre>
+<p>The binary data chunks size. XMLSec processes binary data one chunk
+at a time. Changing this impacts xmlsec memory usage and performance.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDSINIT"></a><h3>xmlSecTransformIdsInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformIdsInit              (void);</pre>
-<p>Initializes the transform klasses. This function is called from the 
-<a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function and the application should not call it directly.</p>
-<p></p>
+<a name="XMLSECTRANSFORM"></a><h3>struct xmlSecTransform</h3>
+<pre class="PROGRAMLISTING">struct xmlSecTransform {
+    xmlSecTransformId                   id;
+    xmlSecTransformOperation            operation;
+    xmlSecTransformStatus               status;
+    xmlNodePtr                          hereNode;
+
+    /* transforms chain */
+    xmlSecTransformPtr                  next;
+    xmlSecTransformPtr                  prev;
+
+    /* binary data */
+    xmlSecBuffer                        inBuf;
+    xmlSecBuffer                        outBuf;
+
+    /* xml data */
+    xmlSecNodeSetPtr                    inNodes;
+    xmlSecNodeSetPtr                    outNodes;
+
+    /* reserved for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The transform structure.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14258"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17888"><span style="white-space: nowrap"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> <code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform id (pointer to <gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink>).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17897"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION"><span class="TYPE">xmlSecTransformOperation</span></a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's opertaion.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17904"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS"><span class="TYPE">xmlSecTransformStatus</span></a> <code class="STRUCTFIELD">status</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current status.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17911"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">hereNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform's <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform%20" target="_top">&lt;dsig:Transform /&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17919"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">next</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to next transform in the chain.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17926"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">prev</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to previous transform in the chain.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17933"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a> <code class="STRUCTFIELD">inBuf</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary data buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17940"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBuffer</span></a> <code class="STRUCTFIELD">outBuf</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output binary data buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17947"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> <code class="STRUCTFIELD">inNodes</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input XML nodes.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17954"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> <code class="STRUCTFIELD">outNodes</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the output XML nodes.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17961"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN17968"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDSSHUTDOWN"></a><h3>xmlSecTransformIdsShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformIdsShutdown          (void);</pre>
-<p>Shuts down the keys data klasses. This function is called from the 
-<a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function and the application should not call it directly.</p>
+<a name="XMLSECTRANSFORMBASE64GETKLASS"></a><h3>xmlSecTransformBase64GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformBase64GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Base64 transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>).
+The normative specification for base64 decoding transforms is RFC 2045
+(http://www.ietf.org/rfc/rfc2045.txt). The base64 Transform element has
+no content. The input is decoded by the algorithms. This transform is
+useful if an application needs to sign the raw data associated with
+the encoded content of an element.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN17988"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>base64 transform id.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDSREGISTERDEFAULT"></a><h3>xmlSecTransformIdsRegisterDefault ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformIdsRegisterDefault   (void);</pre>
-<p>Registers default (implemented by XML Security Library)
-transform klasses: XPath transform, Base64 transform, ...</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14282"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMBASE64ID"></a><h3>xmlSecTransformBase64Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformBase64Id</pre>
+<p>The base64 encode transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDSREGISTER"></a><h3>xmlSecTransformIdsRegister ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformIdsRegister          (<font>xmlSecTransformId</font> id);</pre>
-<p>Registers <code class="PARAMETER">id</code> in the global list of transform klasses.</p>
-<p></p>
+<a name="XMLSECTRANSFORMBASE64SETLINESIZE"></a><h3>xmlSecTransformBase64SetLineSize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformBase64SetLineSize    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> lineSize</code>);</pre>
+<p>Sets the max line size to <code class="PARAMETER">lineSize</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14298"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18015"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to BASE64 encode transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14303"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18020"><span style="white-space: nowrap"><code class="PARAMETER">lineSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new max line size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSTATUS"></a><h3>enum xmlSecTransformStatus</h3>
-<pre class="PROGRAMLISTING">typedef enum  {
-    xmlSecTransformStatusNone = 0,
-    xmlSecTransformStatusWorking,
-    xmlSecTransformStatusFinished,
-    xmlSecTransformStatusOk,
-    xmlSecTransformStatusFail
-} xmlSecTransformStatus;</pre>
-<p>The transform execution status.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCHECKID"></a><h3>xmlSecTransformCheckId()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformCheckId(transform, i)</pre>
+<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid and has specified id <code class="PARAMETER">i</code>
+or 0 otherwise.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSNONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusNone</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the status unknown.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSWORKING"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusWorking</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the transform is executed.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18034"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSFINISHED"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusFinished</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the transform finished</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSOK"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusOk</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform succeeded.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSFAIL"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusFail</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform failed (an error occur).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18039"><span style="white-space: nowrap"><code class="PARAMETER">i</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform id.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMMODE"></a><h3>enum xmlSecTransformMode</h3>
-<pre class="PROGRAMLISTING">typedef enum  {
-    xmlSecTransformModeNone = 0,
-    xmlSecTransformModePush,
-    xmlSecTransformModePop
-} xmlSecTransformMode;</pre>
-<p>The transform operation mode</p>
-<p></p>
+<a name="XMLSECTRANSFORMCHECKSIZE"></a><h3>xmlSecTransformCheckSize()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformCheckSize(transform, size)</pre>
+<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid and has at least <code class="PARAMETER">size</code>
+bytes or 0 otherwise.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODENONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModeNone</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the mode is unknown.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18053"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODEPUSH"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModePush</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		pushing data thru transform. </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODEPOP"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModePop</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 		popping data from transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18058"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform object size.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMOPERATION"></a><h3>enum xmlSecTransformOperation</h3>
-<pre class="PROGRAMLISTING">typedef enum  {
-    xmlSecTransformOperationNone = 0,
-    xmlSecTransformOperationEncode,
-    xmlSecTransformOperationDecode,
-    xmlSecTransformOperationSign,
-    xmlSecTransformOperationVerify,
-    xmlSecTransformOperationEncrypt,
-    xmlSecTransformOperationDecrypt
-} xmlSecTransformOperation;</pre>
-<p>The transform operation.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCONNECT"></a><h3>xmlSecTransformConnect ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformConnect              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> left</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> right</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>If the data object is a node-set and the next transform requires octets,
+the signature application MUST attempt to convert the node-set to an octet
+stream using Canonical XML [XML-C14N].</p>
+<p>The story is different if the right transform is base64 decode
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>):</p>
+<p>This transform requires an octet stream for input. If an XPath node-set
+(or sufficiently functional alternative) is given as input, then it is
+converted to an octet stream by performing operations logically equivalent
+to 1) applying an XPath transform with expression self::<gtkdoclink href="TEXT"><code class="FUNCTION">text()</code></gtkdoclink>, then 2)
+taking the string-value of the node-set. Thus, if an XML element is
+identified by a barename XPointer in the Reference URI, and its content
+consists solely of base64 encoded character data, then this transform
+automatically strips away the start and end tags of the identified element
+and any of its descendant elements as well as any descendant comments and
+processing instructions. The output of this transform is an octet stream.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONNONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationNone</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the operation is unknown.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONENCODE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationEncode</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the encode operation (for base64 transform).	</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONDECODE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationDecode</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the decode operation (for base64 transform).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONSIGN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationSign</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the sign or digest operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18087"><span style="white-space: nowrap"><code class="PARAMETER">left</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to left (prev) transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONVERIFY"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationVerify</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the verification of signature or digest operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18092"><span style="white-space: nowrap"><code class="PARAMETER">right</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to right (next) transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONENCRYPT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationEncrypt</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the encryption operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18097"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONDECRYPT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationDecrypt</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the decryption operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18102"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPE"></a><h3>xmlSecTransformUriType</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int				xmlSecTransformUriType;</pre>
-<p>URI transform type bit mask.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPENONE"></a><h3>xmlSecTransformUriTypeNone</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeNone		0x0000</pre>
-<p>The URI type is unknown or not set.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPEEMPTY"></a><h3>xmlSecTransformUriTypeEmpty</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeEmpty		0x0001</pre>
-<p>The empty URI ("") type.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPESAMEDOCUMENT"></a><h3>xmlSecTransformUriTypeSameDocument</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeSameDocument	0x0002		</pre>
-<p>The smae document ("#...") but not empty ("") URI type.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPELOCAL"></a><h3>xmlSecTransformUriTypeLocal</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeLocal		0x0004</pre>
-<p>The local URI ("file:///....") type.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPEREMOTE"></a><h3>xmlSecTransformUriTypeRemote</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeRemote		0x0008</pre>
-<p>The remote URI type.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPEANY"></a><h3>xmlSecTransformUriTypeAny</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeAny		0xFFFF</pre>
-<p>Any URI type.</p>
+<a name="XMLSECTRANSFORMCREATE"></a><h3>xmlSecTransformCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="RETURNVALUE">xmlSecTransformPtr</span></a>  xmlSecTransformCreate               (<code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);</pre>
+<p>Creates new transform of the <code class="PARAMETER">id</code> klass. The caller is responsible for
+destroying returned tansform using <a href="xmlsec-transforms.html#XMLSECTRANSFORMDESTROY"><span class="TYPE">xmlSecTransformDestroy</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18122"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform id to create.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18127"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created transform or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMURITYPECHECK"></a><h3>xmlSecTransformUriTypeCheck ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformUriTypeCheck         (<a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE">xmlSecTransformUriType</a> type,
-                                                         const <font>xmlChar</font> *uri);</pre>
-<p>Checks if <code class="PARAMETER">uri</code> matches expected type <code class="PARAMETER">type</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCREATEINPUTBUFFER"></a><h3>xmlSecTransformCreateInputBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLPARSERINPUTBUFFER"><span class="RETURNVALUE">xmlParserInputBufferPtr</span></gtkdoclink> xmlSecTransformCreateInputBuffer
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Creates input buffer to read data from <code class="PARAMETER">transform</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14469"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the expected URI type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18148"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14474"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the uri for checking.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18153"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14479"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if <code class="PARAMETER">uri</code> matches <code class="PARAMETER">type</code>, 0 if not or a negative value
-if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18158"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to new input buffer or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDATATYPE"></a><h3>xmlSecTransformDataType</h3>
-<pre class="PROGRAMLISTING">typedef xmlSecByte				xmlSecTransformDataType;</pre>
-<p>Transform data type bit mask.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDATATYPEUNKNOWN"></a><h3>xmlSecTransformDataTypeUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeUnknown		0x0000</pre>
-<p>The transform data type is unknown or nor data expected.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDATATYPEBIN"></a><h3>xmlSecTransformDataTypeBin</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeBin		0x0001</pre>
-<p>The binary transform data.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDATATYPEXML"></a><h3>xmlSecTransformDataTypeXml</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeXml		0x0002</pre>
-<p>The xml transform data.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGE"></a><h3>xmlSecTransformUsage</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int				xmlSecTransformUsage;</pre>
-<p>The transform usage bit mask.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEUNKNOWN"></a><h3>xmlSecTransformUsageUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageUnknown		0x0000</pre>
-<p>Transforms usage is unknown or undefined.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEDSIGTRANSFORM"></a><h3>xmlSecTransformUsageDSigTransform</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageDSigTransform	0x0001</pre>
-<p>Transform could be used in &lt;dsig:Transform&gt;.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEC14NMETHOD"></a><h3>xmlSecTransformUsageC14NMethod</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageC14NMethod		0x0002</pre>
-<p>Transform could be used in &lt;dsig:CanonicalizationMethod&gt;.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEDIGESTMETHOD"></a><h3>xmlSecTransformUsageDigestMethod</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageDigestMethod	0x0004</pre>
-<p>Transform could be used in &lt;dsig:DigestMethod&gt;.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGESIGNATUREMETHOD"></a><h3>xmlSecTransformUsageSignatureMethod</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageSignatureMethod	0x0008</pre>
-<p>Transform could be used in &lt;dsig:SignatureMethod&gt;.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEENCRYPTIONMETHOD"></a><h3>xmlSecTransformUsageEncryptionMethod</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageEncryptionMethod	0x0010</pre>
-<p>Transform could be used in &lt;enc:EncryptionMethod&gt;.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMUSAGEANY"></a><h3>xmlSecTransformUsageAny</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformUsageAny			0xFFFF</pre>
-<p>Transform could be used for operation.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXPREEXECUTECALLBACK"></a><h3>xmlSecTransformCtxPreExecuteCallback ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformCtxPreExecuteCallback)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The callback called after creating transforms chain but before
-starting data processing. Application can use this callback to
-do additional transforms chain verification or modification and
-aborting transforms execution (if necessary).</p>
-<p></p>
+<a name="XMLSECTRANSFORMCREATEOUTPUTBUFFER"></a><h3>xmlSecTransformCreateOutputBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLOUTPUTBUFFERPTR"><span class="RETURNVALUE">xmlOutputBufferPtr</span></gtkdoclink>  xmlSecTransformCreateOutputBuffer   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Creates output buffer to write data to <code class="PARAMETER">transform</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14580"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform's context. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18179"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14585"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success and a negative value otherwise (in this case,
-transforms chain will not be executed and xmlsec processing stops).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18184"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18189"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to new output buffer or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-TRANSFORMCTX-FLAGS-USE-VISA3D-HACK--CAPS"></a><h3>XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK		0x00000001</pre>
-<p>If this flag is set then URI ID references are resolved directly
-without using XPointers. This allows one to sign/verify Visa3D
-documents that don't follow XML, XPointer and XML DSig specifications.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECTRANSFORMCTX"></a><h3>struct xmlSecTransformCtx</h3>
 <pre class="PROGRAMLISTING">struct xmlSecTransformCtx {
     /* user settings */
-    void*					userData;
-    unsigned int				flags;
-    unsigned int				flags2;
-    xmlSecTransformUriType			enabledUris;
-    xmlSecPtrList				enabledTransforms;
-    xmlSecTransformCtxPreExecuteCallback	preExecCallback;
-    
+    void*                                       userData;
+    unsigned int                                flags;
+    unsigned int                                flags2;
+    xmlSecTransformUriType                      enabledUris;
+    xmlSecPtrList                               enabledTransforms;
+    xmlSecTransformCtxPreExecuteCallback        preExecCallback;
+
     /* results */
-    xmlSecBufferPtr				result;
-    xmlSecTransformStatus			status;
-    xmlChar*					uri;
-    xmlChar*					xptrExpr;
-    xmlSecTransformPtr				first;
-    xmlSecTransformPtr				last;
+    xmlSecBufferPtr                             result;
+    xmlSecTransformStatus                       status;
+    xmlChar*                                    uri;
+    xmlChar*                                    xptrExpr;
+    xmlSecTransformPtr                          first;
+    xmlSecTransformPtr                          last;
 
     /* for the future */
-    void*					reserved0;
-    void*					reserved1;
+    void*                                       reserved0;
+    void*                                       reserved1;
 };</pre>
 <p>The transform execution context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14605"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to user data (xmlsec and xmlsec-crypto never 
-		touch this).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18201"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to user data (xmlsec and xmlsec-crypto never
+touch this).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14611"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the bit mask flags to control transforms execution 
-		(reserved for the future).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18208"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask flags to control transforms execution
+(reserved for the future).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14617"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the bit mask flags to control transforms execution 
-			(reserved for the future).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18215"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask flags to control transforms execution
+(reserved for the future).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14623"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE">xmlSecTransformUriType</a> <code class="STRUCTFIELD">enabledUris</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the allowed transform data source uri types.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18222"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE"><span class="TYPE">xmlSecTransformUriType</span></a> <code class="STRUCTFIELD">enabledUris</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the allowed transform data source uri types.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14629"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">enabledTransforms</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the list of enabled transforms; if list is empty (default)
-		then all registered transforms are enabled.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18229"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">enabledTransforms</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of enabled transforms; if list is empty (default)
+then all registered transforms are enabled.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14635"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK">xmlSecTransformCtxPreExecuteCallback</a> <code class="STRUCTFIELD">preExecCallback</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the callback called after preparing transform chain
-		and right before actual data processing; application
-		can use this callback to change transforms parameters,
-		insert additional transforms in the chain or do
-		additional validation (and abort transform execution 
-		if needed).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18236"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK"><span class="TYPE">xmlSecTransformCtxPreExecuteCallback</span></a> <code class="STRUCTFIELD">preExecCallback</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the callback called after preparing transform chain
+and right before actual data processing; application
+can use this callback to change transforms parameters,
+insert additional transforms in the chain or do
+additional validation (and abort transform execution
+if needed).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14641"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> <code class="STRUCTFIELD">result</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms result buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18243"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> <code class="STRUCTFIELD">result</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms result buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14647"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS">xmlSecTransformStatus</a> <code class="STRUCTFIELD">status</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transforms chain processng status.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18250"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS"><span class="TYPE">xmlSecTransformStatus</span></a> <code class="STRUCTFIELD">status</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transforms chain processng status.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14653"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">uri</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data source URI without xpointer expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18257"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">uri</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data source URI without xpointer expression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14659"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">xptrExpr</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the xpointer expression from data source URI (if any).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18264"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">xptrExpr</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the xpointer expression from data source URI (if any).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14665"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">first</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the first transform in the chain.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18271"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">first</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the first transform in the chain.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14671"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">last</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the last transform in the chain.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18278"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">last</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the last transform in the chain.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14677"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18285"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14683"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18292"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXCREATE"></a><h3>xmlSecTransformCtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a>  xmlSecTransformCtxCreate         (void);</pre>
-<p>Creates transforms chain processing context.
-The caller is responsible for destroying returend object by calling 
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDESTROY"><span class="TYPE">xmlSecTransformCtxDestroy</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14700"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated context object or NULL if an error
-occurs.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXDESTROY"></a><h3>xmlSecTransformCtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformCtxDestroy           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);</pre>
-<p>Destroy context object created with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATE"><span class="TYPE">xmlSecTransformCtxCreate</span></a> function.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXAPPEND"></a><h3>xmlSecTransformCtxAppend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxAppend            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>Connects the <code class="PARAMETER">transform</code> to the end of the chain of transforms in the <code class="PARAMETER">ctx</code>
+(see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14717"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18318"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18323"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to new transform.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18328"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXINITIALIZE"></a><h3>xmlSecTransformCtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxInitialize        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);</pre>
-<p>Initializes transforms chain processing context.
-The caller is responsible for cleaing up returend object by calling 
-<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXFINALIZE"><span class="TYPE">xmlSecTransformCtxFinalize</span></a> function.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXBINARYEXECUTE"></a><h3>xmlSecTransformCtxBinaryExecute ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxBinaryExecute     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);</pre>
+<p>Processes binary data using transforms chain in the <code class="PARAMETER">ctx</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14734"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18352"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18357"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary data buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14739"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18362"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18367"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXFINALIZE"></a><h3>xmlSecTransformCtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformCtxFinalize          (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);</pre>
-<p>Cleans up <code class="PARAMETER">ctx</code> object initialized with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXINITIALIZE"><span class="TYPE">xmlSecTransformCtxInitialize</span></a> function.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXCOPYUSERPREF"></a><h3>xmlSecTransformCtxCopyUserPref ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxCopyUserPref      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> src</code>);</pre>
+<p>Copies user settings from <code class="PARAMETER">src</code> context to <code class="PARAMETER">dst</code>.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14757"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18389"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination transforms chain processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18394"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source transforms chain processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18399"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXRESET"></a><h3>xmlSecTransformCtxReset ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformCtxReset             (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx);</pre>
-<p>Resets transfroms context for new processing.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXCREATE"></a><h3>xmlSecTransformCtxCreate ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="RETURNVALUE">xmlSecTransformCtxPtr</span></a> xmlSecTransformCtxCreate          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Creates transforms chain processing context.
+The caller is responsible for destroying returned object by calling
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXDESTROY"><span class="TYPE">xmlSecTransformCtxDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN14772"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18417"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated context object or NULL if an error
+occurs.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXCOPYUSERPREF"></a><h3>xmlSecTransformCtxCopyUserPref ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxCopyUserPref      (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> dst,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> src);</pre>
-<p>Copies user settings from <code class="PARAMETER">src</code> context to <code class="PARAMETER">dst</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXCREATEANDAPPEND"></a><h3>xmlSecTransformCtxCreateAndAppend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink>  xmlSecTransformCtxCreateAndAppend   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);</pre>
+<p>Creaeates new transform and connects it to the end of the chain of
+transforms in the <code class="PARAMETER">ctx</code> (see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14790"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18440"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14795"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18445"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14800"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18450"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created transform or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXSETURI"></a><h3>xmlSecTransformCtxSetUri ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxSetUri            (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <font>xmlChar</font> *uri,
-                                                         <font>xmlNodePtr</font> hereNode);</pre>
-<p>Parses uri and adds xpointer transforms if required.</p>
-<p>The following examples demonstrate what the URI attribute identifies and
-how it is dereferenced 
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-REFERENCEPROCESSINGMODEL"><span class="TYPE">sec-ReferenceProcessingModel</span></gtkdoclink>):</p>
-<p>- URI="http://example.com/bar.xml"
-identifies the octets that represent the external resource 
-'http://example.com/bar.xml', that is probably an XML document given 
-its file extension. </p>
-<p>- URI="http://example.com/bar.xml<gtkdoclink href="CHAPTER1"><span class="TYPE">chapter1</span></gtkdoclink>"
-identifies the element with ID attribute value 'chapter1' of the 
-external XML resource 'http://example.com/bar.xml', provided as an 
-octet stream. Again, for the sake of interoperability, the element 
-identified as 'chapter1' should be obtained using an XPath transform 
-rather than a URI fragment (barename XPointer resolution in external 
-resources is not REQUIRED in this specification). </p>
-<p>- URI=""
-identifies the node-set (minus any comment nodes) of the XML resource 
-containing the signature </p>
-<p>- URI="<gtkdoclink href="CHAPTER1"><span class="TYPE">chapter1</span></gtkdoclink>"
-identifies a node-set containing the element with ID attribute value 
-'chapter1' of the XML resource containing the signature. XML Signature 
-(and its applications) modify this node-set to include the element plus 
-all descendents including namespaces and attributes -- but not comments.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXCREATEANDPREPEND"></a><h3>xmlSecTransformCtxCreateAndPrepend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink>  xmlSecTransformCtxCreateAndPrepend  (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);</pre>
+<p>Creaeates new transform and connects it to the end of the chain of
+transforms in the <code class="PARAMETER">ctx</code> (see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14828"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN14833"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the URI.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18473"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14838"><span style="white-space: nowrap"><code class="PARAMETER">hereNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to "here" node required by some 
-		XML transforms (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18478"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14843"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18483"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created transform or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXAPPEND"></a><h3>xmlSecTransformCtxAppend ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxAppend            (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>Connects the <code class="PARAMETER">transform</code> to the end of the chain of transforms in the <code class="PARAMETER">ctx</code> 
-(see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXDEBUGDUMP"></a><h3>xmlSecTransformCtxDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformCtxDebugDump         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints transforms context debug information to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14863"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18504"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14868"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to new transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN14873"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18509"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXPREPEND"></a><h3>xmlSecTransformCtxPrepend ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxPrepend           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>Connects the <code class="PARAMETER">transform</code> to the beggining of the chain of transforms in the <code class="PARAMETER">ctx</code> 
-(see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXDEBUGXMLDUMP"></a><h3>xmlSecTransformCtxDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformCtxDebugXmlDump      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints transforms context debug information to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14893"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18530"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14898"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to new transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN14903"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18535"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXCREATEANDAPPEND"></a><h3>xmlSecTransformCtxCreateAndAppend ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformPtr</font>  xmlSecTransformCtxCreateAndAppend   (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlSecTransformId</font> id);</pre>
-<p>Creaeates new transform and connects it to the end of the chain of 
-transforms in the <code class="PARAMETER">ctx</code> (see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
+<a name="XMLSECTRANSFORMCTXDESTROY"></a><h3>xmlSecTransformCtxDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformCtxDestroy           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);</pre>
+<p>Destroy context object created with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXCREATE"><span class="TYPE">xmlSecTransformCtxCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN18554"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMCTXEXECUTE"></a><h3>xmlSecTransformCtxExecute ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxExecute           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>);</pre>
+<p>Executes transforms chain in <code class="PARAMETER">ctx</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14922"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18575"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14927"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the new transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18580"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to input document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14932"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created transform or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18585"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXCREATEANDPREPEND"></a><h3>xmlSecTransformCtxCreateAndPrepend ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformPtr</font>  xmlSecTransformCtxCreateAndPrepend  (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlSecTransformId</font> id);</pre>
-<p>Creaeates new transform and connects it to the end of the chain of 
-transforms in the <code class="PARAMETER">ctx</code> (see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
+<a name="XMLSECTRANSFORMCTXFINALIZE"></a><h3>xmlSecTransformCtxFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformCtxFinalize          (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);</pre>
+<p>Cleans up <code class="PARAMETER">ctx</code> object initialized with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXINITIALIZE"><span class="TYPE">xmlSecTransformCtxInitialize</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN18605"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMCTXINITIALIZE"></a><h3>xmlSecTransformCtxInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxInitialize        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);</pre>
+<p>Initializes transforms chain processing context.
+The caller is responsible for cleaning up returned object by calling
+<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXFINALIZE"><span class="TYPE">xmlSecTransformCtxFinalize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14951"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18624"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14956"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the new transform klass.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN14961"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created transform or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18629"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMCTXNODEREAD"></a><h3>xmlSecTransformCtxNodeRead ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformPtr</font>  xmlSecTransformCtxNodeRead          (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);</pre>
-<p>Reads the transform from the <code class="PARAMETER">node</code> and appends it to the current chain 
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink>  xmlSecTransformCtxNodeRead          (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);</pre>
+<p>Reads the transform from the <code class="PARAMETER">node</code> and appends it to the current chain
 of transforms in <code class="PARAMETER">ctx</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14980"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18654"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14985"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform's node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18659"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform's node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14990"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transform's usage (signature, encryption, etc.).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18664"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's usage (signature, encryption, etc.).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN14995"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created transform or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18669"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created transform or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMCTXNODESLISTREAD"></a><h3>xmlSecTransformCtxNodesListRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxNodesListRead     (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);</pre>
-<p>Reads transforms from the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> children of the <code class="PARAMETER">node</code> and 
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxNodesListRead     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);</pre>
+<p>Reads transforms from the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> children of the <code class="PARAMETER">node</code> and
 appends them to the current transforms chain in <code class="PARAMETER">ctx</code> object.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15015"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18695"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15020"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> nodes parent node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18700"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> nodes parent node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15026"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transform's usage (signature, encryption, etc.).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18706"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's usage (signature, encryption, etc.).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15031"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18711"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXPREPARE"></a><h3>xmlSecTransformCtxPrepare ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxPrepare           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a> inputDataType);</pre>
-<p>Prepares the transform context for processing data of <code class="PARAMETER">inputDataType</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXPREEXECUTECALLBACK"></a><h3>xmlSecTransformCtxPreExecuteCallback ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformCtxPreExecuteCallback)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The callback called after creating transforms chain but before
+starting data processing. Application can use this callback to
+do additional transforms chain verification or modification and
+aborting transforms execution (if necessary).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15048"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18728"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform's context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15053"><span style="white-space: nowrap"><code class="PARAMETER">inputDataType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the expected input type.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15058"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18733"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success and a negative value otherwise (in this case,
+transforms chain will not be executed and xmlsec processing stops).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXBINARYEXECUTE"></a><h3>xmlSecTransformCtxBinaryExecute ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxBinaryExecute     (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);</pre>
-<p>Processes binary data using transforms chain in the <code class="PARAMETER">ctx</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXPREPARE"></a><h3>xmlSecTransformCtxPrepare ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxPrepare           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="TYPE">xmlSecTransformDataType</span></a> inputDataType</code>);</pre>
+<p>Prepares the transform context for processing data of <code class="PARAMETER">inputDataType</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15076"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18754"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15081"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input binary data buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18759"><span style="white-space: nowrap"><code class="PARAMETER">inputDataType</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected input type.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15086"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15091"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18764"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXURIEXECUTE"></a><h3>xmlSecTransformCtxUriExecute ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxUriExecute        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         const <font>xmlChar</font> *uri);</pre>
-<p>Process binary data from the URI using transforms chain in <code class="PARAMETER">ctx</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXPREPEND"></a><h3>xmlSecTransformCtxPrepend ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxPrepend           (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>Connects the <code class="PARAMETER">transform</code> to the beggining of the chain of transforms in the <code class="PARAMETER">ctx</code>
+(see <a href="xmlsec-transforms.html#XMLSECTRANSFORMCONNECT"><span class="TYPE">xmlSecTransformConnect</span></a> function for details).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15108"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18788"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15113"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the URI.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18793"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to new transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15118"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18798"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXXMLEXECUTE"></a><h3>xmlSecTransformCtxXmlExecute ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxXmlExecute        (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes);</pre>
-<p>Process <code class="PARAMETER">nodes</code> using transforms in the transforms chain in <code class="PARAMETER">ctx</code>.</p>
+<a name="XMLSECTRANSFORMCTXRESET"></a><h3>xmlSecTransformCtxReset ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformCtxReset             (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>);</pre>
+<p>Resets transfroms context for new processing.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN18815"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMCTXSETURI"></a><h3>xmlSecTransformCtxSetUri ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxSetUri            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> hereNode</code>);</pre>
+<p>Parses uri and adds xpointer transforms if required.</p>
+<p>The following examples demonstrate what the URI attribute identifies and
+how it is dereferenced
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-REFERENCEPROCESSINGMODEL"><span class="TYPE">sec-ReferenceProcessingModel</span></gtkdoclink>):</p>
+<p></p>
+<p></p>
+<ul><li><p>URI="http://example.com/bar.xml"
+identifies the octets that represent the external resource
+'http://example.com/bar.xml', that is probably an XML document given
+its file extension.</p></li></ul>
+<p></p>
+<p></p>
+<ul><li><p>URI="http://example.com/bar.xml<gtkdoclink href="CHAPTER1"><span class="TYPE">chapter1</span></gtkdoclink>"
+identifies the element with ID attribute value 'chapter1' of the
+external XML resource 'http://example.com/bar.xml', provided as an
+octet stream. Again, for the sake of interoperability, the element
+identified as 'chapter1' should be obtained using an XPath transform
+rather than a URI fragment (barename XPointer resolution in external
+resources is not REQUIRED in this specification).</p></li></ul>
+<p></p>
+<p></p>
+<ul><li><p>URI=""
+identifies the node-set (minus any comment nodes) of the XML resource
+containing the signature</p></li></ul>
+<p></p>
+<p></p>
+<ul><li><p>URI="<gtkdoclink href="CHAPTER1"><span class="TYPE">chapter1</span></gtkdoclink>"
+identifies a node-set containing the element with ID attribute value
+'chapter1' of the XML resource containing the signature. XML Signature
+(and its applications) modify this node-set to include the element plus
+all descendents including namespaces and attributes -- but not comments.</p></li></ul>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15136"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18861"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18866"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15141"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input node set.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18871"><span style="white-space: nowrap"><code class="PARAMETER">hereNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to "here" node required by some
+XML transforms (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15146"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18876"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXEXECUTE"></a><h3>xmlSecTransformCtxExecute ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformCtxExecute           (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>xmlDocPtr</font> doc);</pre>
-<p>Executes transforms chain in <code class="PARAMETER">ctx</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXURIEXECUTE"></a><h3>xmlSecTransformCtxUriExecute ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxUriExecute        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
+<p>Process binary data from the URI using transforms chain in <code class="PARAMETER">ctx</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15163"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18897"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15168"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to input document.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18902"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15173"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18907"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXDEBUGDUMP"></a><h3>xmlSecTransformCtxDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformCtxDebugDump         (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints transforms context debug information to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMCTXXMLEXECUTE"></a><h3>xmlSecTransformCtxXmlExecute ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformCtxXmlExecute        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> ctx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>);</pre>
+<p>Process <code class="PARAMETER">nodes</code> using transforms in the transforms chain in <code class="PARAMETER">ctx</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15190"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18929"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transforms chain processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15195"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18934"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input node set.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN18939"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCTXDEBUGXMLDUMP"></a><h3>xmlSecTransformCtxDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformCtxDebugXmlDump      (<a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> ctx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints transforms context debug information to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDATATYPE"></a><h3>xmlSecTransformDataType</h3>
+<pre class="PROGRAMLISTING">typedef xmlSecByte                              xmlSecTransformDataType;</pre>
+<p>Transform data type bit mask.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDATATYPEBIN"></a><h3>xmlSecTransformDataTypeBin</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeBin              0x0001</pre>
+<p>The binary transform data.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDATATYPEUNKNOWN"></a><h3>xmlSecTransformDataTypeUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeUnknown          0x0000</pre>
+<p>The transform data type is unknown or nor data expected.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDATATYPEXML"></a><h3>xmlSecTransformDataTypeXml</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformDataTypeXml              0x0002</pre>
+<p>The xml transform data.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDEBUGDUMP"></a><h3>xmlSecTransformDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformDebugDump            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints transform's debug information to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15212"><span style="white-space: nowrap"><code class="PARAMETER">ctx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transforms chain processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18984"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15217"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN18989"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORM"></a><h3>struct xmlSecTransform</h3>
-<pre class="PROGRAMLISTING">struct xmlSecTransform {
-    xmlSecTransformId 			id; 
-    xmlSecTransformOperation		operation;
-    xmlSecTransformStatus		status;
-    xmlNodePtr				hereNode;
-
-    /* transforms chain */
-    xmlSecTransformPtr			next;
-    xmlSecTransformPtr			prev;
-
-    /* binary data */
-    xmlSecBuffer			inBuf;
-    xmlSecBuffer			outBuf;
-        
-    /* xml data */
-    xmlSecNodeSetPtr			inNodes;
-    xmlSecNodeSetPtr			outNodes;
-
-    /* reserved for the future */    
-    void*				reserved0;
-    void*				reserved1;
-};</pre>
-<p>The transform structure.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDEBUGXMLDUMP"></a><h3>xmlSecTransformDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformDebugXmlDump         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints transform's debug information to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15230"><span style="white-space: nowrap"><font>xmlSecTransformId</font> <code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform id (pointer to <gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19010"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15238"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION">xmlSecTransformOperation</a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transform's opertaion.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19015"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDEFAULTGETDATATYPE"></a><h3>xmlSecTransformDefaultGetDataType ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> xmlSecTransformDefaultGetDataType
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Gets transform input (<code class="PARAMETER">mode</code> is "push") or output (<code class="PARAMETER">mode</code> is "pop") data
+type (binary or XML) by analyzing available pushBin/popBin/pushXml/popXml
+methods.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15244"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUS">xmlSecTransformStatus</a> <code class="STRUCTFIELD">status</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current status.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19040"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15250"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">hereNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform's <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform%20" target="_top">&lt;dsig:Transform /&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19045"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data mode (push or pop).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15257"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">next</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to next transform in the chain.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19050"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15263"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">prev</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to previous transform in the chain.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19055"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's data type for the <code class="PARAMETER">mode</code> operation.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMDEFAULTPOPBIN"></a><h3>xmlSecTransformDefaultPopBin ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformDefaultPopBin        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Pops data from previous transform in the chain, processes data by calling
+transform's execute method and returns result in the <code class="PARAMETER">data</code> buffer. The
+size of returned data is placed in the <code class="PARAMETER">dataSize</code>.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15269"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a> <code class="STRUCTFIELD">inBuf</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input binary data buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19087"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15275"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBuffer</a> <code class="STRUCTFIELD">outBuf</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the output binary data buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19092"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer to store result data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15281"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> <code class="STRUCTFIELD">inNodes</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input XML nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19097"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the buffer <gtkdoclink href="DATA"><span class="TYPE">data</span></gtkdoclink>.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15287"><span style="white-space: nowrap"><a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> <code class="STRUCTFIELD">outNodes</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the output XML nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19104"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to returned data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15293"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19109"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15299"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19114"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCREATE"></a><h3>xmlSecTransformCreate ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a>  xmlSecTransformCreate               (<font>xmlSecTransformId</font> id);</pre>
-<p>Creates new transform of the <code class="PARAMETER">id</code> klass. The caller is responsible for
-destroying returned tansform using <a href="xmlsec-transforms.html#XMLSECTRANSFORMDESTROY"><span class="TYPE">xmlSecTransformDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDEFAULTPOPXML"></a><h3>xmlSecTransformDefaultPopXml ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformDefaultPopXml        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Pops data from previous transform in the chain, processes the data
+by calling transform's execute method and returns result in <code class="PARAMETER">nodes</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15318"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform id to create.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19138"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN19143"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store popinter to result nodes.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN19148"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15323"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created transform or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19153"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDESTROY"></a><h3>xmlSecTransformDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformDestroy              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>Destroys transform created with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATE"><span class="TYPE">xmlSecTransformCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN15340"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMNODEREAD"></a><h3>xmlSecTransformNodeRead ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformPtr</font>  xmlSecTransformNodeRead             (<font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Reads transform from the <code class="PARAMETER">node</code> as follows:</p>
-<p>   1) reads "Algorithm" attribute;</p>
-<p>   2) checks the lists of known and allowed transforms;</p>
-<p>   3) calls transform's create method;</p>
-<p>   4) calls transform's read transform node method.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDEFAULTPUSHBIN"></a><h3>xmlSecTransformDefaultPushBin ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformDefaultPushBin       (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Process binary <code class="PARAMETER">data</code> by calling transform's execute method and pushes
+results to next transform.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15362"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the transform's node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19183"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN19188"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary data,</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15367"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transform usage (signature, encryption, ...).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19193"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15372"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19198"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then it's the last
+data chunk.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15377"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created transform or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19203"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN19208"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPUMP"></a><h3>xmlSecTransformPump ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformPump                 (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> left,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> right,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Pops data from <code class="PARAMETER">left</code> transform and pushes to <code class="PARAMETER">right</code> transform until
-no more data is available.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDEFAULTPUSHXML"></a><h3>xmlSecTransformDefaultPushXml ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformDefaultPushXml       (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Processes <code class="PARAMETER">nodes</code> by calling transform's execute method and pushes
+result to the next transform in the chain.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15396"><span style="white-space: nowrap"><code class="PARAMETER">left</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the source pumping transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19232"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15401"><span style="white-space: nowrap"><code class="PARAMETER">right</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the destination pumping transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19237"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15406"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19242"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15411"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19247"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSETKEY"></a><h3>xmlSecTransformSetKey ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformSetKey               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>Sets the transform's key.</p>
-<p></p>
+<a name="XMLSECTRANSFORMDESTROY"></a><h3>xmlSecTransformDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformDestroy              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>Destroys transform created with <a href="xmlsec-transforms.html#XMLSECTRANSFORMCREATE"><span class="TYPE">xmlSecTransformCreate</span></a> function.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15427"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15432"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to key. </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15437"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19266"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSETKEYREQ"></a><h3>xmlSecTransformSetKeyReq ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformSetKeyReq            (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Sets the key requirements for <code class="PARAMETER">transform</code> in the <code class="PARAMETER">keyReq</code>.</p>
+<a name="XMLSECTRANSFORMENVELOPEDGETKLASS"></a><h3>xmlSecTransformEnvelopedGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformEnvelopedGetKlass    (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The enveloped transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-ENVELOPEDSIGNATURE"><span class="TYPE">sec-EnvelopedSignature</span></gtkdoclink>):</p>
+<p>An enveloped signature transform T removes the whole Signature element
+containing T from the digest calculation of the Reference element
+containing T. The entire string of characters used by an XML processor
+to match the Signature with the XML production element is removed.
+The output of the transform is equivalent to the output that would
+result from replacing T with an XPath transform containing the following
+XPath parameter element:</p>
+<p>&lt;XPath xmlns:dsig="&amp;dsig;"&gt;
+  count(ancestor-or-self::dsig:Signature |
+  <gtkdoclink href="HERE"><code class="FUNCTION">here()</code></gtkdoclink>/ancestor::dsig:Signature[1]) &gt;
+  count(ancestor-or-self::dsig:Signature)&lt;/XPath&gt;</p>
+<p>The input and output requirements of this transform are identical to
+those of the XPath transform, but may only be applied to a node-set from
+its parent XML document. Note that it is not necessary to use an XPath
+expression evaluator to create this transform. However, this transform
+MUST produce output in exactly the same manner as the XPath transform
+parameterized by the XPath expression above.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19289"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>enveloped transform id.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMENVELOPEDID"></a><h3>xmlSecTransformEnvelopedId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformEnvelopedId</pre>
+<p>The "enveloped" transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMEXCLC14NGETKLASS"></a><h3>xmlSecTransformExclC14NGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformExclC14NGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Exclusive canoncicalization that ommits comments transform klass
+(http://www.w3.org/TR/xml-exc-c14n/).</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15455"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15460"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys requirements object. </p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15465"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19311"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>exclusive c14n transform id.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMVERIFY"></a><h3>xmlSecTransformVerify ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformVerify               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Verifies the data with transform's processing results
-(for digest, HMAC and signature transforms). The verification
-result is stored in the <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> object.</p>
+<a name="XMLSECTRANSFORMEXCLC14NID"></a><h3>xmlSecTransformExclC14NId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformExclC14NId</pre>
+<p>The exclusive C14N without comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMEXCLC14NWITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformExclC14NWithCommentsGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformExclC14NWithCommentsGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Exclusive canoncicalization that includes comments transform klass
+(http://www.w3.org/TR/xml-exc-c14n/).</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19333"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>exclusive c14n with comments transform id.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMEXCLC14NWITHCOMMENTSID"></a><h3>xmlSecTransformExclC14NWithCommentsId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformExclC14NWithCommentsId</pre>
+<p>The exclusive C14N with comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMEXECUTE"></a><h3>xmlSecTransformExecute ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformExecute              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> last</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Executes transform (used by default popBin/pushBin/popXml/pushXml methods).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15487"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15492"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the binary data for verification.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19362"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15497"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19367"><span style="white-space: nowrap"><code class="PARAMETER">last</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then it's the last data chunk.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15502"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19372"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15507"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19377"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMVERIFYNODECONTENT"></a><h3>xmlSecTransformVerifyNodeContent ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformVerifyNodeContent    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Gets the <code class="PARAMETER">node</code> content, base64 decodes it and calls <a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFY"><span class="TYPE">xmlSecTransformVerify</span></a>
-function to verify binary results.</p>
-<p></p>
+<a name="XMLSECTRANSFORMEXECUTEMETHOD"></a><h3>xmlSecTransformExecuteMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformExecuteMethod)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> last</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Transform specific method to process a chunk of data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15527"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19400"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15532"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19405"><span style="white-space: nowrap"><code class="PARAMETER">last</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then it's the last data chunk.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15537"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19410"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15542"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19415"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECTRANSFORMFINALIZEMETHOD"></a><h3>xmlSecTransformFinalizeMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                (*xmlSecTransformFinalizeMethod)    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>The transform specific destroy method.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19432"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECTRANSFORMGETDATATYPE"></a><h3>xmlSecTransformGetDataType ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  xmlSecTransformGetDataType     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Gets transform input (<code class="PARAMETER">mode</code> is "push") or output (<code class="PARAMETER">mode</code> is "pop") data 
+<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> xmlSecTransformGetDataType      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Gets transform input (<code class="PARAMETER">mode</code> is "push") or output (<code class="PARAMETER">mode</code> is "pop") data
 type (binary or XML).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15561"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19457"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15566"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data mode (push or pop).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19462"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data mode (push or pop).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15571"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19467"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15576"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the transform's data type for the <code class="PARAMETER">mode</code> operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19472"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's data type for the <code class="PARAMETER">mode</code> operation.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPUSHBIN"></a><h3>xmlSecTransformPushBin ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformPushBin              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Process binary <code class="PARAMETER">data</code> and pushes results to next transform.</p>
-<p></p>
+<a name="XMLSECTRANSFORMGETDATATYPEMETHOD"></a><h3>xmlSecTransformGetDataTypeMethod ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE"><span class="RETURNVALUE">xmlSecTransformDataType</span></a> (*xmlSecTransformGetDataTypeMethod)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE"><span class="TYPE">xmlSecTransformMode</span></a> mode</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to query information about transform
+data type in specified mode <code class="PARAMETER">mode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15597"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15602"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input binary data,</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15607"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19497"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15612"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag: if set to 1 then it's the last
-		data chunk.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19502"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mode.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15617"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19507"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15622"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19512"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>transform data type.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPOPBIN"></a><h3>xmlSecTransformPopBin ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformPopBin               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Pops data from previous transform in the chain, processes data and 
-returns result in the <code class="PARAMETER">data</code> buffer. The size of returned data is 
-placed in the <code class="PARAMETER">dataSize</code>.</p>
+<a name="XMLSECTRANSFORMGETNAME"></a><h3>xmlSecTransformGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformGetName(transform)</pre>
+<p>Macro. Returns transform name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19524"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMIDLISTDEBUGDUMP"></a><h3>xmlSecTransformIdListDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformIdListDebugDump      (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary transform debug information to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15643"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19545"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15648"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the buffer to store result data.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15653"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the size of the buffer <gtkdoclink href="DATA"><span class="TYPE">data</span></gtkdoclink>.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15660"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to returned data size.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15665"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15670"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19550"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPUSHXML"></a><h3>xmlSecTransformPushXml ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformPushXml              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Processes <code class="PARAMETER">nodes</code> and pushes result to the next transform in the chain.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTDEBUGXMLDUMP"></a><h3>xmlSecTransformIdListDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformIdListDebugXmlDump   (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints binary transform debug information to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15688"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15693"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input nodes.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15698"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19571"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15703"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19576"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPOPXML"></a><h3>xmlSecTransformPopXml ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformPopXml               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Pops data from previous transform in the chain, processes the data and 
-returns result in <code class="PARAMETER">nodes</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTFIND"></a><h3>xmlSecTransformIdListFind ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformIdListFind           (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
+<p>Lookups <code class="PARAMETER">dataId</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15721"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15726"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to store popinter to result nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19598"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15731"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19603"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15736"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19608"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if <code class="PARAMETER">dataId</code> is found in the <code class="PARAMETER">list</code>, 0 if not and a negative
+value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXECUTE"></a><h3>xmlSecTransformExecute ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformExecute              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>int</font> last,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Executes transform (used by default popBin/pushBin/popXml/pushXml methods).</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTFINDBYHREF"></a><h3>xmlSecTransformIdListFindByHref ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformIdListFindByHref     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);</pre>
+<p>Lookups data klass in the list with given <code class="PARAMETER">href</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15753"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19636"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15758"><span style="white-space: nowrap"><code class="PARAMETER">last</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag: if set to 1 then it's the last data chunk.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19641"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired transform klass href.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15763"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19646"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired transform usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15768"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19651"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>transform klass is found and NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEBUGDUMP"></a><h3>xmlSecTransformDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformDebugDump            (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints transform's debug information to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTFINDBYNAME"></a><h3>xmlSecTransformIdListFindByName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformIdListFindByName     (<code class="PARAMETER"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> list</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>);</pre>
+<p>Lookups data klass in the list with given <code class="PARAMETER">name</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15785"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19677"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform ids list.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15790"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19682"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired transform klass name.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEBUGXMLDUMP"></a><h3>xmlSecTransformDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformDebugXmlDump         (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints transform's debug information to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15807"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19687"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the desired transform usage.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15812"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19692"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>transform klass is found and NULL otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMGETNAME"></a><h3>xmlSecTransformGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformGetName(transform)</pre>
-<p>Macro. Returns transform name.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTGETKLASS"></a><h3>xmlSecTransformIdListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecTransformIdListGetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The transform id list klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN15825"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19708"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the transform id list klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMISVALID"></a><h3>xmlSecTransformIsValid()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformIsValid(transform)</pre>
-<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDLISTID"></a><h3>xmlSecTransformIdListId</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformIdListId xmlSecTransformIdListGetKlass()</pre>
+<p>Transform klasses list klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMIDUNKNOWN"></a><h3>xmlSecTransformIdUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformIdUnknown                        ((xmlSecTransformId)NULL)</pre>
+<p>The "unknown" transform id (NULL).</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMIDSGET"></a><h3>xmlSecTransformIdsGet ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="RETURNVALUE">xmlSecPtrListPtr</span></a>    xmlSecTransformIdsGet               (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Gets global registered transform klasses list.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN15839"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19736"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to list of all registered transform klasses.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCHECKTYPE"></a><h3>xmlSecTransformCheckType()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformCheckType(transform, t)</pre>
-<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid and has specified type <code class="PARAMETER">t</code> 
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDSINIT"></a><h3>xmlSecTransformIdsInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformIdsInit              (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Initializes the transform klasses. This function is called from the
+<a href="xmlsec-xmlsec.html#XMLSECINIT"><span class="TYPE">xmlSecInit</span></a> function and the application should not call it directly.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15854"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15859"><span style="white-space: nowrap"><code class="PARAMETER">t</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the transform type.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19754"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCHECKID"></a><h3>xmlSecTransformCheckId()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformCheckId(transform, i)</pre>
-<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid and has specified id <code class="PARAMETER">i</code> 
-or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDSREGISTER"></a><h3>xmlSecTransformIdsRegister ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformIdsRegister          (<code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> id</code>);</pre>
+<p>Registers <code class="PARAMETER">id</code> in the global list of transform klasses.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15874"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19772"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15879"><span style="white-space: nowrap"><code class="PARAMETER">i</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19777"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCHECKSIZE"></a><h3>xmlSecTransformCheckSize()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformCheckSize(transform, size)</pre>
-<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid and has at least <code class="PARAMETER">size</code>
-bytes or 0 otherwise.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDSREGISTERDEFAULT"></a><h3>xmlSecTransformIdsRegisterDefault ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformIdsRegisterDefault   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Registers default (implemented by XML Security Library)
+transform klasses: XPath transform, Base64 transform, ...</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15894"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15899"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transform object size.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19793"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCONNECT"></a><h3>xmlSecTransformConnect ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformConnect              (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> left,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> right,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>If the data object is a node-set and the next transform requires octets, 
-the signature application MUST attempt to convert the node-set to an octet 
-stream using Canonical XML [XML-C14N].  </p>
-<p>The story is different if the right transform is base64 decode
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>):</p>
-<p>This transform requires an octet stream for input. If an XPath node-set 
-(or sufficiently functional alternative) is given as input, then it is 
-converted to an octet stream by performing operations logically equivalent 
-to 1) applying an XPath transform with expression self::<gtkdoclink href="TEXT"><code class="FUNCTION">text()</code></gtkdoclink>, then 2) 
-taking the string-value of the node-set. Thus, if an XML element is 
-identified by a barename XPointer in the Reference URI, and its content 
-consists solely of base64 encoded character data, then this transform 
-automatically strips away the start and end tags of the identified element 
-and any of its descendant elements as well as any descendant comments and 
-processing instructions. The output of this transform is an octet stream.</p>
-<p></p>
+<a name="XMLSECTRANSFORMIDSSHUTDOWN"></a><h3>xmlSecTransformIdsShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformIdsShutdown          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Shuts down the keys data klasses. This function is called from the
+<a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN"><span class="TYPE">xmlSecShutdown</span></a> function and the application should not call it directly.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14N11GETKLASS"></a><h3>xmlSecTransformInclC14N11GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformInclC14N11GetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>C14N version 1.1 (http://www.w3.org/TR/xml-c14n11)</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15922"><span style="white-space: nowrap"><code class="PARAMETER">left</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to left (prev) transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15927"><span style="white-space: nowrap"><code class="PARAMETER">right</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to right (next) transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15932"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15937"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs. </p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19821"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>c14n v1.1 transform id.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMREMOVE"></a><h3>xmlSecTransformRemove ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformRemove               (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>Removes <code class="PARAMETER">transform</code> from the chain.</p>
+<a name="XMLSECTRANSFORMINCLC14N11ID"></a><h3>xmlSecTransformInclC14N11Id</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14N11Id</pre>
+<p>The regular (inclusive) C14N 1.1 without comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14N11WITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformInclC14N11WithCommentsGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformInclC14N11WithCommentsGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>C14N version 1.1 (http://www.w3.org/TR/xml-c14n11) with comments</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19843"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>c14n v1.1 with comments transform id.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14N11WITHCOMMENTSID"></a><h3>xmlSecTransformInclC14N11WithCommentsId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14N11WithCommentsId</pre>
+<p>The regular (inclusive) C14N 1.1 with comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14NGETKLASS"></a><h3>xmlSecTransformInclC14NGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformInclC14NGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Inclusive (regular) canonicalization that omits comments transform klass
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-C14NALG"><span class="TYPE">sec-c14nAlg</span></gtkdoclink> and
+http://www.w3.org/TR/2001/REC-xml-c14n-20010315).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN15953"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> structure.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19867"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>c14n transform id.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEFAULTGETDATATYPE"></a><h3>xmlSecTransformDefaultGetDataType ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  xmlSecTransformDefaultGetDataType
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Gets transform input (<code class="PARAMETER">mode</code> is "push") or output (<code class="PARAMETER">mode</code> is "pop") data 
-type (binary or XML) by analyzing available pushBin/popBin/pushXml/popXml
-methods.</p>
+<a name="XMLSECTRANSFORMINCLC14NID"></a><h3>xmlSecTransformInclC14NId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14NId</pre>
+<p>The regular (inclusive) C14N without comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14NWITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformInclC14NWithCommentsGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformInclC14NWithCommentsGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Inclusive (regular) canonicalization that includes comments transform klass
+(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-C14NALG"><span class="TYPE">sec-c14nAlg</span></gtkdoclink> and
+http://www.w3.org/TR/2001/REC-xml-c14n-20010315).</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19891"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>c14n with comments transform id.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINCLC14NWITHCOMMENTSID"></a><h3>xmlSecTransformInclC14NWithCommentsId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14NWithCommentsId</pre>
+<p>The regular (inclusive) C14N with comments transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMINITIALIZEMETHOD"></a><h3>xmlSecTransformInitializeMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformInitializeMethod)  (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>The transform specific initialization method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15974"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19914"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN15979"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the data mode (push or pop).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15984"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform's chaing processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN15989"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the transform's data type for the <code class="PARAMETER">mode</code> operation.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19919"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEFAULTPUSHBIN"></a><h3>xmlSecTransformDefaultPushBin ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformDefaultPushBin       (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Process binary <code class="PARAMETER">data</code> by calling transform's execute method and pushes 
-results to next transform.</p>
+<a name="XMLSECTRANSFORMISVALID"></a><h3>xmlSecTransformIsValid()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformIsValid(transform)</pre>
+<p>Macro. Returns 1 if the <code class="PARAMETER">transform</code> is valid or 0 otherwise.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN19932"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMKLASS"></a><h3>struct xmlSecTransformKlass</h3>
+<pre class="PROGRAMLISTING">struct xmlSecTransformKlass {
+    /* data */
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
+    const xmlChar*                      name;
+    const xmlChar*                      href;
+    xmlSecTransformUsage                usage;
+
+    /* methods */
+    xmlSecTransformInitializeMethod     initialize;
+    xmlSecTransformFinalizeMethod       finalize;
+
+    xmlSecTransformNodeReadMethod       readNode;
+    xmlSecTransformNodeWriteMethod      writeNode;
+
+    xmlSecTransformSetKeyRequirementsMethod     setKeyReq;
+    xmlSecTransformSetKeyMethod         setKey;
+    xmlSecTransformVerifyMethod         verify;
+    xmlSecTransformGetDataTypeMethod    getDataType;
+
+    xmlSecTransformPushBinMethod        pushBin;
+    xmlSecTransformPopBinMethod         popBin;
+    xmlSecTransformPushXmlMethod        pushXml;
+    xmlSecTransformPopXmlMethod         popXml;
+
+    /* low level method */
+    xmlSecTransformExecuteMethod        execute;
+
+    /* reserved for future */
+    void*                               reserved0;
+    void*                               reserved1;
+};</pre>
+<p>The transform klass desccription structure.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16010"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19944"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform klass structure size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16015"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input binary data,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19951"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform object size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16020"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19958"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">name</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16025"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag: if set to 1 then it's the last
-		data chunk.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19965"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">href</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's identification string (href).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16030"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19972"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the allowed transforms usages.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16035"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19979"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMINITIALIZEMETHOD"><span class="TYPE">xmlSecTransformInitializeMethod</span></a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the initialization method.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEFAULTPOPBIN"></a><h3>xmlSecTransformDefaultPopBin ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformDefaultPopBin        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Pops data from previous transform in the chain, processes data by calling
-transform's execute method and returns result in the <code class="PARAMETER">data</code> buffer. The 
-size of returned data is placed in the <code class="PARAMETER">dataSize</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16056"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19986"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMFINALIZEMETHOD"><span class="TYPE">xmlSecTransformFinalizeMethod</span></a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the finmalization (destroy) function.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16061"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the buffer to store result data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN19993"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREADMETHOD"><span class="TYPE">xmlSecTransformNodeReadMethod</span></a> <code class="STRUCTFIELD">readNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML node read method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16066"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the size of the buffer <gtkdoclink href="DATA"><span class="TYPE">data</span></gtkdoclink>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20000"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEWRITEMETHOD"><span class="TYPE">xmlSecTransformNodeWriteMethod</span></a> <code class="STRUCTFIELD">writeNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML node write method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16073"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to returned data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20007"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD"><span class="TYPE">xmlSecTransformSetKeyRequirementsMethod</span></a> <code class="STRUCTFIELD">setKeyReq</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the set key requirements method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16078"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20014"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYMETHOD"><span class="TYPE">xmlSecTransformSetKeyMethod</span></a> <code class="STRUCTFIELD">setKey</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the set key method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16083"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20021"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYMETHOD"><span class="TYPE">xmlSecTransformVerifyMethod</span></a> <code class="STRUCTFIELD">verify</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the verify method (for digest and signature transforms).</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEFAULTPUSHXML"></a><h3>xmlSecTransformDefaultPushXml ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformDefaultPushXml       (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Processes <code class="PARAMETER">nodes</code> by calling transform's execute method and pushes 
-result to the next transform in the chain.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16101"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20028"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPEMETHOD"><span class="TYPE">xmlSecTransformGetDataTypeMethod</span></a> <code class="STRUCTFIELD">getDataType</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input/output data type query method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16106"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20035"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBINMETHOD"><span class="TYPE">xmlSecTransformPushBinMethod</span></a> <code class="STRUCTFIELD">pushBin</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary data "push thru chain" processing method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16111"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20042"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBINMETHOD"><span class="TYPE">xmlSecTransformPopBinMethod</span></a> <code class="STRUCTFIELD">popBin</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary data "pop from chain" procesing method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16116"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20049"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXMLMETHOD"><span class="TYPE">xmlSecTransformPushXmlMethod</span></a> <code class="STRUCTFIELD">pushXml</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data "push thru chain" processing method.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMDEFAULTPOPXML"></a><h3>xmlSecTransformDefaultPopXml ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformDefaultPopXml        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Pops data from previous transform in the chain, processes the data 
-by calling transform's execute method and returns result in <code class="PARAMETER">nodes</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16134"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20056"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXMLMETHOD"><span class="TYPE">xmlSecTransformPopXmlMethod</span></a> <code class="STRUCTFIELD">popXml</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data "pop from chain" procesing method.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16139"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to store popinter to result nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20063"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTEMETHOD"><span class="TYPE">xmlSecTransformExecuteMethod</span></a> <code class="STRUCTFIELD">execute</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the low level data processing method used  by default
+implementations of <code class="PARAMETER">pushBin</code>, <code class="PARAMETER">popBin</code>, <code class="PARAMETER">pushXml</code> and <code class="PARAMETER">popXml</code>.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16144"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20074"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16149"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20081"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCREATEOUTPUTBUFFER"></a><h3>xmlSecTransformCreateOutputBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlOutputBufferPtr</font>  xmlSecTransformCreateOutputBuffer   (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Creates output buffer to write data to <code class="PARAMETER">transform</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMKLASSGETNAME"></a><h3>xmlSecTransformKlassGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformKlassGetName(klass)</pre>
+<p>Macro. Returns transform klass name.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16166"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16171"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16176"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to new output buffer or NULL if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN20095"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transofrm's klass.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMCREATEINPUTBUFFER"></a><h3>xmlSecTransformCreateInputBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlParserInputBufferPtr</font>  xmlSecTransformCreateInputBuffer
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Creates input buffer to read data from <code class="PARAMETER">transform</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMMODE"></a><h3>enum xmlSecTransformMode</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecTransformModeNone = 0,
+    xmlSecTransformModePush,
+    xmlSecTransformModePop
+} xmlSecTransformMode;</pre>
+<p>The transform operation mode</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16193"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16198"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to transform context object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16203"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to new input buffer or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODENONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModeNone</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the mode is unknown.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMINITIALIZEMETHOD"></a><h3>xmlSecTransformInitializeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformInitializeMethod)  (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>The transform specific initialization method.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16218"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODEPUSH"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModePush</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>pushing data thru transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16223"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMMODEPOP"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformModePop</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>popping data from transform.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMFINALIZEMETHOD"></a><h3>xmlSecTransformFinalizeMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                (*xmlSecTransformFinalizeMethod)    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform);</pre>
-<p>The transform specific destroy method.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN16238"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMGETDATATYPEMETHOD"></a><h3>xmlSecTransformGetDataTypeMethod ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-transforms.html#XMLSECTRANSFORMDATATYPE">xmlSecTransformDataType</a>  (*xmlSecTransformGetDataTypeMethod)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMMODE">xmlSecTransformMode</a> mode,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to query information about transform
-data type in specified mode <code class="PARAMETER">mode</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMNODEREAD"></a><h3>xmlSecTransformNodeRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMPTR"><span class="RETURNVALUE">xmlSecTransformPtr</span></gtkdoclink>  xmlSecTransformNodeRead             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE"><span class="TYPE">xmlSecTransformUsage</span></a> usage</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Reads transform from the <code class="PARAMETER">node</code> as follows:</p>
+<p>   1) reads "Algorithm" attribute;</p>
+<p>   2) checks the lists of known and allowed transforms;</p>
+<p>   3) calls transform's create method;</p>
+<p>   4) calls transform's read transform node method.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16256"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20145"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the transform's node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16261"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20150"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform usage (signature, encryption, ...).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16266"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20155"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16271"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> transform data type.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20160"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created transform or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMNODEREADMETHOD"></a><h3>xmlSecTransformNodeReadMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformNodeReadMethod)    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to read the transform data from 
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformNodeReadMethod)    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to read the transform data from
 the <code class="PARAMETER">node</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16289"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20184"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16294"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20189"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16300"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20195"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16305"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20200"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMNODEWRITEMETHOD"></a><h3>xmlSecTransformNodeWriteMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformNodeWriteMethod)   (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformNodeWriteMethod)   (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
 <p>The transform specific method to write transform information to an XML node <code class="PARAMETER">node</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16323"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20224"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16328"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20229"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Transform" target="_top">&lt;dsig:Transform/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16334"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20235"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16339"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20240"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD"></a><h3>xmlSecTransformSetKeyRequirementsMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformSetKeyRequirementsMethod)
-                                                        (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEYREQ">xmlSecKeyReqPtr</a> keyReq);</pre>
-<p>Transform specific method to set transform's key requirements.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16355"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16360"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to key requirements structure.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16365"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMSETKEYMETHOD"></a><h3>xmlSecTransformSetKeyMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformSetKeyMethod)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> key);</pre>
-<p>The transform specific method to set the key for use.</p>
-<p></p>
+<a name="XMLSECTRANSFORMOPERATION"></a><h3>enum xmlSecTransformOperation</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecTransformOperationNone = 0,
+    xmlSecTransformOperationEncode,
+    xmlSecTransformOperationDecode,
+    xmlSecTransformOperationSign,
+    xmlSecTransformOperationVerify,
+    xmlSecTransformOperationEncrypt,
+    xmlSecTransformOperationDecrypt
+} xmlSecTransformOperation;</pre>
+<p>The transform operation.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16381"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONNONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationNone</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation is unknown.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16386"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the pointer to key.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONENCODE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationEncode</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the encode operation (for base64 transform).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16391"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMVERIFYMETHOD"></a><h3>xmlSecTransformVerifyMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformVerifyMethod)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to verify transform processing results
-(used by digest and signature transforms). This method sets <code class="PARAMETER">status</code>
-member of the <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> structure to either <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUSOK"><span class="TYPE">xmlSecTransformStatusOk</span></a>
-if verification succeeded or <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUSFAIL"><span class="TYPE">xmlSecTransformStatusFail</span></a> otherwise.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16416"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONDECODE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationDecode</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the decode operation (for base64 transform).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16421"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the input buffer.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONSIGN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationSign</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the sign or digest operation.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16426"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the size of input buffer <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONVERIFY"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationVerify</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the verification of signature or digest operation.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16432"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONENCRYPT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationEncrypt</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the encryption operation.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16437"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMOPERATIONDECRYPT"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformOperationDecrypt</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the decryption operation.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPUSHBINMETHOD"></a><h3>xmlSecTransformPushBinMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformPushBinMethod)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize,
-                                                         <font>int</font> final,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to process data from <code class="PARAMETER">data</code> and push
-result to the next transform in the chain.</p>
-<p></p>
+<a name="XMLSECTRANSFORMPOPBIN"></a><h3>xmlSecTransformPopBin ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformPopBin               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Pops data from previous transform in the chain, processes data and
+returns result in the <code class="PARAMETER">data</code> buffer. The size of returned data is
+placed in the <code class="PARAMETER">dataSize</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16457"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20313"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16462"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the input binary data,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20318"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer to store result data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16467"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the input data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20323"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the buffer <gtkdoclink href="DATA"><span class="TYPE">data</span></gtkdoclink>.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16472"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the flag: if set to 1 then it's the last
-			data chunk.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20330"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to returned data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16477"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20335"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16482"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20340"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMPOPBINMETHOD"></a><h3>xmlSecTransformPopBinMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformPopBinMethod)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> maxDataSize,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> *dataSize,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to pop data from previous transform 
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformPopBinMethod)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> maxDataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> *dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to pop data from previous transform
 in the chain and return result in the <code class="PARAMETER">data</code> buffer. The size of returned
 data is placed in the <code class="PARAMETER">dataSize</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16503"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20371"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16508"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the buffer to store result data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20376"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the buffer to store result data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16513"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the size of the buffer <code class="PARAMETER">data</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20381"><span style="white-space: nowrap"><code class="PARAMETER">maxDataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of the buffer <code class="PARAMETER">data</code>.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16519"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to returned data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20387"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to returned data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16524"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20392"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16529"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20397"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMPUSHXMLMETHOD"></a><h3>xmlSecTransformPushXmlMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformPushXmlMethod)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>The transform specific method to process <code class="PARAMETER">nodes</code> and push result to the next 
-transform in the chain.</p>
-<p></p>
+<a name="XMLSECTRANSFORMPOPXML"></a><h3>xmlSecTransformPopXml ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformPopXml               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Pops data from previous transform in the chain, processes the data and
+returns result in <code class="PARAMETER">nodes</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16547"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20421"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16552"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the input nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20426"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store popinter to result nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16557"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20431"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16562"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20436"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMPOPXMLMETHOD"></a><h3>xmlSecTransformPopXmlMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformPopXmlMethod)      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESET">xmlSecNodeSetPtr</a> *nodes,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformPopXmlMethod)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> *nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
 <p>The transform specific method to pop data from previous transform in the chain,
 process the data and return result in <code class="PARAMETER">nodes</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16580"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20460"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16585"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to store popinter to result nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20465"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to store popinter to result nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16590"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20470"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16595"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20475"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXECUTEMETHOD"></a><h3>xmlSecTransformExecuteMethod ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 (*xmlSecTransformExecuteMethod)     (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <font>int</font> last,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtxPtr</a> transformCtx);</pre>
-<p>Transform specific method to process a chunk of data.</p>
-<p></p>
+<a name="XMLSECTRANSFORMPUMP"></a><h3>xmlSecTransformPump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformPump                 (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> left</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> right</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Pops data from <code class="PARAMETER">left</code> transform and pushes to <code class="PARAMETER">right</code> transform until
+no more data is available.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16612"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to transform object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20500"><span style="white-space: nowrap"><code class="PARAMETER">left</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the source pumping transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16617"><span style="white-space: nowrap"><code class="PARAMETER">last</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the flag: if set to 1 then it's the last data chunk.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20505"><span style="white-space: nowrap"><code class="PARAMETER">right</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the destination pumping transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16622"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform context object.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20510"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16627"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20515"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKLASS"></a><h3>struct xmlSecTransformKlass</h3>
-<pre class="PROGRAMLISTING">struct xmlSecTransformKlass {
-    /* data */
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
-    const xmlChar*			name;
-    const xmlChar*			href;
-    xmlSecTransformUsage		usage;
-
-    /* methods */
-    xmlSecTransformInitializeMethod	initialize;
-    xmlSecTransformFinalizeMethod	finalize;
-
-    xmlSecTransformNodeReadMethod	readNode;
-    xmlSecTransformNodeWriteMethod	writeNode;
-
-    xmlSecTransformSetKeyRequirementsMethod	setKeyReq;
-    xmlSecTransformSetKeyMethod		setKey;
-    xmlSecTransformVerifyMethod		verify;
-    xmlSecTransformGetDataTypeMethod	getDataType;
-
-    xmlSecTransformPushBinMethod	pushBin;
-    xmlSecTransformPopBinMethod		popBin;
-    xmlSecTransformPushXmlMethod	pushXml;
-    xmlSecTransformPopXmlMethod		popXml;
-    
-    /* low level method */
-    xmlSecTransformExecuteMethod	execute;
-
-    /* reserved for future */ 
-    void* 				reserved0;
-    void* 				reserved1;
-};</pre>
-<p>The transform klass desccription structure.</p>
-<p></p>
+<a name="XMLSECTRANSFORMPUSHBIN"></a><h3>xmlSecTransformPushBin ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformPushBin              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Process binary <code class="PARAMETER">data</code> and pushes results to next transform.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16640"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">klassSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform klass structure size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20545"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16646"><span style="white-space: nowrap"><a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> <code class="STRUCTFIELD">objSize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform object size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20550"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary data,</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16652"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">name</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform's name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20555"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16658"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">href</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the transform's identification string (href).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20560"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then it's the last
+data chunk.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16664"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> <code class="STRUCTFIELD">usage</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the allowed transforms usages.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20565"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16670"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMINITIALIZEMETHOD">xmlSecTransformInitializeMethod</a> <code class="STRUCTFIELD">initialize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the initialization method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20570"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMPUSHBINMETHOD"></a><h3>xmlSecTransformPushBinMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformPushBinMethod)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> final</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to process data from <code class="PARAMETER">data</code> and push
+result to the next transform in the chain.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16676"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMFINALIZEMETHOD">xmlSecTransformFinalizeMethod</a> <code class="STRUCTFIELD">finalize</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the finmalization (destroy) function.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20600"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16682"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEREADMETHOD">xmlSecTransformNodeReadMethod</a> <code class="STRUCTFIELD">readNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML node read method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20605"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input binary data,</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16688"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMNODEWRITEMETHOD">xmlSecTransformNodeWriteMethod</a> <code class="STRUCTFIELD">writeNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML node write method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20610"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16694"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD">xmlSecTransformSetKeyRequirementsMethod</a> <code class="STRUCTFIELD">setKeyReq</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the set key requirements method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20615"><span style="white-space: nowrap"><code class="PARAMETER">final</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set to 1 then it's the last
+data chunk.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16700"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMSETKEYMETHOD">xmlSecTransformSetKeyMethod</a> <code class="STRUCTFIELD">setKey</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the set key method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20620"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16706"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFYMETHOD">xmlSecTransformVerifyMethod</a> <code class="STRUCTFIELD">verify</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the verify method (for digest and signature transforms).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20625"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMPUSHXML"></a><h3>xmlSecTransformPushXml ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformPushXml              (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Processes <code class="PARAMETER">nodes</code> and pushes result to the next transform in the chain.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16712"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMGETDATATYPEMETHOD">xmlSecTransformGetDataTypeMethod</a> <code class="STRUCTFIELD">getDataType</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the input/output data type query method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20649"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16718"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHBINMETHOD">xmlSecTransformPushBinMethod</a> <code class="STRUCTFIELD">pushBin</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the binary data "push thru chain" processing method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20654"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16724"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPBINMETHOD">xmlSecTransformPopBinMethod</a> <code class="STRUCTFIELD">popBin</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the binary data "pop from chain" procesing method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20659"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16730"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPUSHXMLMETHOD">xmlSecTransformPushXmlMethod</a> <code class="STRUCTFIELD">pushXml</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML data "push thru chain" processing method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20664"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMPUSHXMLMETHOD"></a><h3>xmlSecTransformPushXmlMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformPushXmlMethod)     (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESET"><span class="TYPE">xmlSecNodeSetPtr</span></a> nodes</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to process <code class="PARAMETER">nodes</code> and push result to the next
+transform in the chain.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16736"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMPOPXMLMETHOD">xmlSecTransformPopXmlMethod</a> <code class="STRUCTFIELD">popXml</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML data "pop from chain" procesing method.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20688"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16742"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMEXECUTEMETHOD">xmlSecTransformExecuteMethod</a> <code class="STRUCTFIELD">execute</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the low level data processing method used  by default
-			implementations of <code class="PARAMETER">pushBin</code>, <code class="PARAMETER">popBin</code>, <code class="PARAMETER">pushXml</code> and <code class="PARAMETER">popXml</code>.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20693"><span style="white-space: nowrap"><code class="PARAMETER">nodes</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16752"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20698"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16758"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20703"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMKLASSGETNAME"></a><h3>xmlSecTransformKlassGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformKlassGetName(klass)</pre>
-<p>Macro. Returns transform klass name.</p>
-<p></p>
+<a name="XMLSECTRANSFORMREMOVE"></a><h3>xmlSecTransformRemove ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformRemove               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>);</pre>
+<p>Removes <code class="PARAMETER">transform</code> from the chain.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN16772"><span style="white-space: nowrap"><code class="PARAMETER">klass</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the transofrm's klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20721"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> structure.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTID"></a><h3>xmlSecTransformIdListId</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformIdListId	xmlSecTransformIdListGetKlass()</pre>
-<p>Transform klasses list klass.</p>
+<a name="XMLSECTRANSFORMREMOVEXMLTAGSC14NGETKLASS"></a><h3>xmlSecTransformRemoveXmlTagsC14NGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformRemoveXmlTagsC14NGetKlass
+                                                        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The "remove xml tags" transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>):
+Base64 transform requires an octet stream for input. If an XPath node-set
+(or sufficiently functional alternative) is given as input, then it is
+converted to an octet stream by performing operations logically equivalent
+to 1) applying an XPath transform with expression self::<gtkdoclink href="TEXT"><code class="FUNCTION">text()</code></gtkdoclink>, then 2)
+taking the string-value of the node-set. Thus, if an XML element is
+identified by a barename XPointer in the Reference URI, and its content
+consists solely of base64 encoded character data, then this transform
+automatically strips away the start and end tags of the identified element
+and any of its descendant elements as well as any descendant comments and
+processing instructions. The output of this transform is an octet stream.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN20743"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>"remove xml tags" transform id.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTGETKLASS"></a><h3>xmlSecTransformIdListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecTransformIdListGetKlass       (void);</pre>
-<p>The transform id list klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN16793"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the transform id list klass.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMREMOVEXMLTAGSC14NID"></a><h3>xmlSecTransformRemoveXmlTagsC14NId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformRemoveXmlTagsC14NId</pre>
+<p>The "remove all xml tags" transform klass (used before base64 transforms).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTFIND"></a><h3>xmlSecTransformIdListFind ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformIdListFind           (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
-<p>Lookups <code class="PARAMETER">dataId</code> in <code class="PARAMETER">list</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSETKEY"></a><h3>xmlSecTransformSetKey ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformSetKey               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>Sets the transform's key.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16811"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20769"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16816"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20774"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16821"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if <code class="PARAMETER">dataId</code> is found in the <code class="PARAMETER">list</code>, 0 if not and a negative
-value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20779"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTFINDBYHREF"></a><h3>xmlSecTransformIdListFindByHref ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformIdListFindByHref     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *href,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);</pre>
-<p>Lookups data klass in the list with given <code class="PARAMETER">href</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSETKEYMETHOD"></a><h3>xmlSecTransformSetKeyMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformSetKeyMethod)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> key</code>);</pre>
+<p>The transform specific method to set the key for use.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16843"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20799"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16848"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired transform klass href.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20804"><span style="white-space: nowrap"><code class="PARAMETER">key</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16853"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired transform usage.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16858"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> transform klass is found and NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20809"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTFINDBYNAME"></a><h3>xmlSecTransformIdListFindByName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformIdListFindByName     (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         const <font>xmlChar</font> *name,
-                                                         <a href="xmlsec-transforms.html#XMLSECTRANSFORMUSAGE">xmlSecTransformUsage</a> usage);</pre>
-<p>Lookups data klass in the list with given <code class="PARAMETER">name</code> and <code class="PARAMETER">usage</code> in <code class="PARAMETER">list</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSETKEYREQ"></a><h3>xmlSecTransformSetKeyReq ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformSetKeyReq            (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Sets the key requirements for <code class="PARAMETER">transform</code> in the <code class="PARAMETER">keyReq</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16878"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform ids list.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN16883"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired transform klass name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20831"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16888"><span style="white-space: nowrap"><code class="PARAMETER">usage</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the desired transform usage.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20836"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys requirements object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16893"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> transform klass is found and NULL otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20841"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTDEBUGDUMP"></a><h3>xmlSecTransformIdListDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformIdListDebugDump      (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary transform debug information to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSETKEYREQUIREMENTSMETHOD"></a><h3>xmlSecTransformSetKeyRequirementsMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformSetKeyRequirementsMethod)
+                                                        (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keys.html#XMLSECKEYREQ"><span class="TYPE">xmlSecKeyReqPtr</span></a> keyReq</code>);</pre>
+<p>Transform specific method to set transform's key requirements.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16910"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20861"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16915"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20866"><span style="white-space: nowrap"><code class="PARAMETER">keyReq</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to key requirements structure.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN20871"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDLISTDEBUGXMLDUMP"></a><h3>xmlSecTransformIdListDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformIdListDebugXmlDump   (<a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> list,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints binary transform debug information to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECTRANSFORMSTATUS"></a><h3>enum xmlSecTransformStatus</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecTransformStatusNone = 0,
+    xmlSecTransformStatusWorking,
+    xmlSecTransformStatusFinished,
+    xmlSecTransformStatusOk,
+    xmlSecTransformStatusFail
+} xmlSecTransformStatus;</pre>
+<p>The transform execution status.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16932"><span style="white-space: nowrap"><code class="PARAMETER">list</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to transform ids list.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSNONE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusNone</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the status unknown.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSWORKING"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusWorking</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform is executed.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16937"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSFINISHED"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusFinished</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform finished</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSOK"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusOk</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform succeeded.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="XMLSECTRANSFORMSTATUSFAIL"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecTransformStatusFail</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform failed (an error occur).</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMIDUNKNOWN"></a><h3>xmlSecTransformIdUnknown</h3>
-<pre class="PROGRAMLISTING">#define xmlSecTransformIdUnknown			((xmlSecTransformId)NULL)</pre>
-<p>The "unknown" transform id (NULL).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMBASE64ID"></a><h3>xmlSecTransformBase64Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformBase64Id</pre>
-<p>The base64 encode transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMURITYPE"></a><h3>xmlSecTransformUriType</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                            xmlSecTransformUriType;</pre>
+<p>URI transform type bit mask.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMBASE64GETKLASS"></a><h3>xmlSecTransformBase64GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformBase64GetKlass       (void);</pre>
-<p>The Base64 transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>).
-The normative specification for base64 decoding transforms is RFC 2045
-(http://www.ietf.org/rfc/rfc2045.txt). The base64 Transform element has 
-no content. The input is decoded by the algorithms. This transform is 
-useful if an application needs to sign the raw data associated with 
-the encoded content of an element.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN16967"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> base64 transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMURITYPEANY"></a><h3>xmlSecTransformUriTypeAny</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeAny               0xFFFF</pre>
+<p>Any URI type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMBASE64SETLINESIZE"></a><h3>xmlSecTransformBase64SetLineSize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecTransformBase64SetLineSize    (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> lineSize);</pre>
-<p>Sets the max line size to <code class="PARAMETER">lineSize</code>.</p>
-<p></p>
+<a name="XMLSECTRANSFORMURITYPECHECK"></a><h3>xmlSecTransformUriTypeCheck ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformUriTypeCheck         (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE"><span class="TYPE">xmlSecTransformUriType</span></a> type</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
+<p>Checks if <code class="PARAMETER">uri</code> matches expected type <code class="PARAMETER">type</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16984"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to BASE64 encode transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20937"><span style="white-space: nowrap"><code class="PARAMETER">type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the expected URI type.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN20942"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the uri for checking.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN16989"><span style="white-space: nowrap"><code class="PARAMETER">lineSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new max line size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN20947"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if <code class="PARAMETER">uri</code> matches <code class="PARAMETER">type</code>, 0 if not or a negative value
+if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14NID"></a><h3>xmlSecTransformInclC14NId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14NId</pre>
-<p>The regular (inclusive) C14N without comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMURITYPEEMPTY"></a><h3>xmlSecTransformUriTypeEmpty</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeEmpty             0x0001</pre>
+<p>The empty URI ("") type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14NGETKLASS"></a><h3>xmlSecTransformInclC14NGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformInclC14NGetKlass     (void);</pre>
-<p>Inclusive (regular) canonicalization that omits comments transform klass
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-C14NALG"><span class="TYPE">sec-c14nAlg</span></gtkdoclink> and 
-http://www.w3.org/TR/2001/REC-xml-c14n-20010315).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17012"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> c14n transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMURITYPELOCAL"></a><h3>xmlSecTransformUriTypeLocal</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeLocal             0x0004</pre>
+<p>The local URI ("file:///....") type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14NWITHCOMMENTSID"></a><h3>xmlSecTransformInclC14NWithCommentsId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14NWithCommentsId</pre>
-<p>The regular (inclusive) C14N with comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMURITYPENONE"></a><h3>xmlSecTransformUriTypeNone</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeNone              0x0000</pre>
+<p>The URI type is unknown or not set.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14NWITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformInclC14NWithCommentsGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformInclC14NWithCommentsGetKlass
-                                                        (void);</pre>
-<p>Inclusive (regular) canonicalization that includes comments transform klass
-(http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-C14NALG"><span class="TYPE">sec-c14nAlg</span></gtkdoclink> and 
-http://www.w3.org/TR/2001/REC-xml-c14n-20010315).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17035"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> c14n with comments transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMURITYPEREMOTE"></a><h3>xmlSecTransformUriTypeRemote</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeRemote            0x0008</pre>
+<p>The remote URI type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14N11ID"></a><h3>xmlSecTransformInclC14N11Id</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14N11Id</pre>
-<p>The regular (inclusive) C14N 1.1 without comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMURITYPESAMEDOCUMENT"></a><h3>xmlSecTransformUriTypeSameDocument</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUriTypeSameDocument      0x0002</pre>
+<p>The smae document ("#...") but not empty ("") URI type.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14N11GETKLASS"></a><h3>xmlSecTransformInclC14N11GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformInclC14N11GetKlass   (void);</pre>
-<p>C14N version 1.1 (http://www.w3.org/TR/xml-c14n11)</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17056"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> c14n v1.1 transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMUSAGE"></a><h3>xmlSecTransformUsage</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                            xmlSecTransformUsage;</pre>
+<p>The transform usage bit mask.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14N11WITHCOMMENTSID"></a><h3>xmlSecTransformInclC14N11WithCommentsId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformInclC14N11WithCommentsId</pre>
-<p>The regular (inclusive) C14N 1.1 with comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMUSAGEANY"></a><h3>xmlSecTransformUsageAny</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageAny                 0xFFFF</pre>
+<p>Transform could be used for operation.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMINCLC14N11WITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformInclC14N11WithCommentsGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformInclC14N11WithCommentsGetKlass
-                                                        (void);</pre>
-<p>C14N version 1.1 (http://www.w3.org/TR/xml-c14n11) with comments</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17077"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> c14n v1.1 with comments transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMUSAGEC14NMETHOD"></a><h3>xmlSecTransformUsageC14NMethod</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageC14NMethod          0x0002</pre>
+<p>Transform could be used in &lt;dsig:CanonicalizationMethod&gt;.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXCLC14NID"></a><h3>xmlSecTransformExclC14NId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformExclC14NId</pre>
-<p>The exclusive C14N without comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMUSAGEDSIGTRANSFORM"></a><h3>xmlSecTransformUsageDSigTransform</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageDSigTransform       0x0001</pre>
+<p>Transform could be used in &lt;dsig:Transform&gt;.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXCLC14NGETKLASS"></a><h3>xmlSecTransformExclC14NGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformExclC14NGetKlass     (void);</pre>
-<p>Exclusive canoncicalization that ommits comments transform klass
-(http://www.w3.org/TR/xml-exc-c14n/).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17098"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> exclusive c14n transform id.</p></td>
-</tr></tbody></table>
+<a name="XMLSECTRANSFORMUSAGEDIGESTMETHOD"></a><h3>xmlSecTransformUsageDigestMethod</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageDigestMethod        0x0004</pre>
+<p>Transform could be used in &lt;dsig:DigestMethod&gt;.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXCLC14NWITHCOMMENTSID"></a><h3>xmlSecTransformExclC14NWithCommentsId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformExclC14NWithCommentsId</pre>
-<p>The exclusive C14N with comments transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMUSAGEENCRYPTIONMETHOD"></a><h3>xmlSecTransformUsageEncryptionMethod</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageEncryptionMethod    0x0010</pre>
+<p>Transform could be used in &lt;enc:EncryptionMethod&gt;.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMEXCLC14NWITHCOMMENTSGETKLASS"></a><h3>xmlSecTransformExclC14NWithCommentsGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformExclC14NWithCommentsGetKlass
-                                                        (void);</pre>
-<p>Exclusive canoncicalization that includes comments transform klass
-(http://www.w3.org/TR/xml-exc-c14n/).</p>
-<p></p>
+<a name="XMLSECTRANSFORMUSAGESIGNATUREMETHOD"></a><h3>xmlSecTransformUsageSignatureMethod</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageSignatureMethod     0x0008</pre>
+<p>Transform could be used in &lt;dsig:SignatureMethod&gt;.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMUSAGEUNKNOWN"></a><h3>xmlSecTransformUsageUnknown</h3>
+<pre class="PROGRAMLISTING">#define xmlSecTransformUsageUnknown             0x0000</pre>
+<p>Transforms usage is unknown or undefined.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMVERIFY"></a><h3>xmlSecTransformVerify ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformVerify               (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Verifies the data with transform's processing results
+(for digest, HMAC and signature transforms). The verification
+result is stored in the <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> object.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17119"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> exclusive c14n with comments transform id.</p></td>
-</tr></tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21057"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21062"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the binary data for verification.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21067"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the data size.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21072"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21077"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMENVELOPEDID"></a><h3>xmlSecTransformEnvelopedId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformEnvelopedId</pre>
-<p>The "enveloped" transform klass.</p>
+<a name="XMLSECTRANSFORMVERIFYMETHOD"></a><h3>xmlSecTransformVerifyMethod ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 (*xmlSecTransformVerifyMethod)      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>The transform specific method to verify transform processing results
+(used by digest and signature transforms). This method sets <code class="PARAMETER">status</code>
+member of the <a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransform</span></a> structure to either <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUSOK"><span class="TYPE">xmlSecTransformStatusOk</span></a>
+if verification succeeded or <a href="xmlsec-transforms.html#XMLSECTRANSFORMSTATUSFAIL"><span class="TYPE">xmlSecTransformStatusFail</span></a> otherwise.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21110"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21115"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the input buffer.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21120"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the size of input buffer <code class="PARAMETER">data</code>.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21126"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform context object.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21131"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMENVELOPEDGETKLASS"></a><h3>xmlSecTransformEnvelopedGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformEnvelopedGetKlass    (void);</pre>
-<p>The enveloped transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-ENVELOPEDSIGNATURE"><span class="TYPE">sec-EnvelopedSignature</span></gtkdoclink>):</p>
-<p>An enveloped signature transform T removes the whole Signature element 
-containing T from the digest calculation of the Reference element 
-containing T. The entire string of characters used by an XML processor 
-to match the Signature with the XML production element is removed. 
-The output of the transform is equivalent to the output that would 
-result from replacing T with an XPath transform containing the following 
-XPath parameter element:</p>
-<p>&lt;XPath xmlns:dsig="&amp;dsig;"&gt;
-  count(ancestor-or-self::dsig:Signature |
-  <gtkdoclink href="HERE"><code class="FUNCTION">here()</code></gtkdoclink>/ancestor::dsig:Signature[1]) &gt;
-  count(ancestor-or-self::dsig:Signature)&lt;/XPath&gt;
-   
-The input and output requirements of this transform are identical to 
-those of the XPath transform, but may only be applied to a node-set from 
-its parent XML document. Note that it is not necessary to use an XPath 
-expression evaluator to create this transform. However, this transform 
-MUST produce output in exactly the same manner as the XPath transform 
-parameterized by the XPath expression above.</p>
+<a name="XMLSECTRANSFORMVERIFYNODECONTENT"></a><h3>xmlSecTransformVerifyNodeContent ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformVerifyNodeContent    (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtxPtr</span></a> transformCtx</code>);</pre>
+<p>Gets the <code class="PARAMETER">node</code> content, base64 decodes it and calls <a href="xmlsec-transforms.html#XMLSECTRANSFORMVERIFY"><span class="TYPE">xmlSecTransformVerify</span></a>
+function to verify binary results.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21157"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to transform.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21162"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21167"><span style="white-space: nowrap"><code class="PARAMETER">transformCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform's chaing processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21172"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMVISA3DHACKGETKLASS"></a><h3>xmlSecTransformVisa3DHackGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformVisa3DHackGetKlass   (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The Visa3DHack transform klass. The only reason why we need this
+is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
+invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
+such expressions thru XPath/XPointer engine, we need to have this hack here.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17146"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> enveloped transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21188"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>Visa3DHack transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXPATHID"></a><h3>xmlSecTransformXPathId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformXPathId</pre>
-<p>The XPath transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMVISA3DHACKID"></a><h3>xmlSecTransformVisa3DHackId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformVisa3DHackId</pre>
+<p>Selects node subtree by given node id string. The only reason why we need this
+is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
+invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
+such expressions thru XPath/XPointer engine, we need to have this hack here.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXPATHGETKLASS"></a><h3>xmlSecTransformXPathGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformXPathGetKlass        (void);</pre>
-<p>The XPath transform evaluates given XPath expression and 
-intersects the result with the previous nodes set. See 
-http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-XPATH"><span class="TYPE">sec-XPath</span></gtkdoclink> for more details.</p>
+<a name="XMLSECTRANSFORMVISA3DHACKSETID"></a><h3>xmlSecTransformVisa3DHackSetID ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformVisa3DHackSetID      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *id</code>);</pre>
+<p>Sets the ID value for an Visa3DHack <code class="PARAMETER">transform</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21215"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to Visa3DHack transform.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21220"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the ID value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN21225"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECTRANSFORMXPATH2GETKLASS"></a><h3>xmlSecTransformXPath2GetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformXPath2GetKlass       (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The XPath2 transform (http://www.w3.org/TR/xmldsig-filter2/).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17169"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> XPath transform id.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21241"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>XPath2 transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
@@ -3003,192 +2935,128 @@ http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-XPATH"><span class="TYPE
 <a name="XMLSECTRANSFORMXPATH2ID"></a><h3>xmlSecTransformXPath2Id</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecTransformXPath2Id</pre>
 <p>The XPath2 transform klass.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXPATH2GETKLASS"></a><h3>xmlSecTransformXPath2GetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformXPath2GetKlass       (void);</pre>
-<p>The XPath2 transform (http://www.w3.org/TR/xmldsig-filter2/).</p>
-<p></p>
+<a name="XMLSECTRANSFORMXPATHGETKLASS"></a><h3>xmlSecTransformXPathGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformXPathGetKlass        (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The XPath transform evaluates given XPath expression and
+intersects the result with the previous nodes set. See
+http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-XPATH"><span class="TYPE">sec-XPath</span></gtkdoclink> for more details.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17190"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> XPath2 transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21265"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>XPath transform id.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXPOINTERID"></a><h3>xmlSecTransformXPointerId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformXPointerId</pre>
-<p>The XPointer transform klass.</p>
-<p></p>
+<a name="XMLSECTRANSFORMXPATHID"></a><h3>xmlSecTransformXPathId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformXPathId</pre>
+<p>The XPath transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECTRANSFORMXPOINTERGETKLASS"></a><h3>xmlSecTransformXPointerGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformXPointerGetKlass     (void);</pre>
-<p>The XPointer transform klass 
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformXPointerGetKlass     (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The XPointer transform klass
 (http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt).</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17211"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> XPointer transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21287"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>XPointer transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECTRANSFORMXPOINTERID"></a><h3>xmlSecTransformXPointerId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformXPointerId</pre>
+<p>The XPointer transform klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECTRANSFORMXPOINTERSETEXPR"></a><h3>xmlSecTransformXPointerSetExpr ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformXPointerSetExpr      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *expr,
-                                                         <a href="xmlsec-nodeset.html#XMLSECNODESETTYPE">xmlSecNodeSetType</a> nodeSetType,
-                                                         <font>xmlNodePtr</font> hereNode);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecTransformXPointerSetExpr      (<code class="PARAMETER"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> transform</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *expr</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-nodeset.html#XMLSECNODESETTYPE"><span class="TYPE">xmlSecNodeSetType</span></a> nodeSetType</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> hereNode</code>);</pre>
 <p>Sets the XPointer expression for an XPointer <code class="PARAMETER">transform</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17230"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to XPointer transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21320"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to XPointer transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17235"><span style="white-space: nowrap"><code class="PARAMETER">expr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the XPointer expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21325"><span style="white-space: nowrap"><code class="PARAMETER">expr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XPointer expression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17240"><span style="white-space: nowrap"><code class="PARAMETER">nodeSetType</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the type of evaluated XPointer expression.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21330"><span style="white-space: nowrap"><code class="PARAMETER">nodeSetType</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the type of evaluated XPointer expression.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17245"><span style="white-space: nowrap"><code class="PARAMETER">hereNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to "here" node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21335"><span style="white-space: nowrap"><code class="PARAMETER">hereNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to "here" node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17250"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21340"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMXSLTID"></a><h3>xmlSecTransformXsltId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformXsltId</pre>
-<p>The XSLT transform klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECTRANSFORMXSLTGETKLASS"></a><h3>xmlSecTransformXsltGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformXsltGetKlass         (void);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECTRANSFORMID"><span class="RETURNVALUE">xmlSecTransformId</span></gtkdoclink>   xmlSecTransformXsltGetKlass         (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
 <p>XSLT transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-XSLT"><span class="TYPE">sec-XSLT</span></gtkdoclink>):</p>
-<p>The normative specification for XSL Transformations is [XSLT]. 
-Specification of a namespace-qualified stylesheet element, which MUST be 
-the sole child of the Transform element, indicates that the specified style 
-sheet should be used. Whether this instantiates in-line processing of local 
-XSLT declarations within the resource is determined by the XSLT processing 
-model; the ordered application of multiple stylesheet may require multiple 
-Transforms. No special provision is made for the identification of a remote 
-stylesheet at a given URI because it can be communicated via an  xsl:include 
+<p>The normative specification for XSL Transformations is [XSLT].
+Specification of a namespace-qualified stylesheet element, which MUST be
+the sole child of the Transform element, indicates that the specified style
+sheet should be used. Whether this instantiates in-line processing of local
+XSLT declarations within the resource is determined by the XSLT processing
+model; the ordered application of multiple stylesheet may require multiple
+Transforms. No special provision is made for the identification of a remote
+stylesheet at a given URI because it can be communicated via an  xsl:include
 or  xsl:import within the stylesheet child of the Transform.</p>
-<p>This transform requires an octet stream as input. If the actual input is an 
-XPath node-set, then the signature application should attempt to convert it 
-to octets (apply Canonical XML]) as described in the Reference Processing 
+<p>This transform requires an octet stream as input. If the actual input is an
+XPath node-set, then the signature application should attempt to convert it
+to octets (apply Canonical XML]) as described in the Reference Processing
 Model (section 4.3.3.2).]</p>
-<p>The output of this transform is an octet stream. The processing rules for 
+<p>The output of this transform is an octet stream. The processing rules for
 the XSL style sheet or transform element are stated in the XSLT specification
-[XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml 
-for XML and HTML. As XSLT implementations do not produce consistent 
-serializations of their output, we further RECOMMEND inserting a transform 
-after the XSLT transform to canonicalize the output. These steps will help 
-to ensure interoperability of the resulting signatures among applications 
-that support the XSLT transform. Note that if the output is actually HTML, 
+[XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml
+for XML and HTML. As XSLT implementations do not produce consistent
+serializations of their output, we further RECOMMEND inserting a transform
+after the XSLT transform to canonicalize the output. These steps will help
+to ensure interoperability of the resulting signatures among applications
+that support the XSLT transform. Note that if the output is actually HTML,
 then the result of these steps is logically equivalent [XHTML].</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17276"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to XSLT transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21361"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to XSLT transform klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMREMOVEXMLTAGSC14NID"></a><h3>xmlSecTransformRemoveXmlTagsC14NId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformRemoveXmlTagsC14NId</pre>
-<p>The "remove all xml tags" transform klass (used before base64 transforms).</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMREMOVEXMLTAGSC14NGETKLASS"></a><h3>xmlSecTransformRemoveXmlTagsC14NGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformRemoveXmlTagsC14NGetKlass
-                                                        (void);</pre>
-<p>The "remove xml tags" transform klass (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-BASE-64"><span class="TYPE">sec-Base-64</span></gtkdoclink>):
-Base64 transform requires an octet stream for input. If an XPath node-set 
-(or sufficiently functional alternative) is given as input, then it is 
-converted to an octet stream by performing operations logically equivalent 
-to 1) applying an XPath transform with expression self::<gtkdoclink href="TEXT"><code class="FUNCTION">text()</code></gtkdoclink>, then 2) 
-taking the string-value of the node-set. Thus, if an XML element is 
-identified by a barename XPointer in the Reference URI, and its content 
-consists solely of base64 encoded character data, then this transform 
-automatically strips away the start and end tags of the identified element 
-and any of its descendant elements as well as any descendant comments and 
-processing instructions. The output of this transform is an octet stream.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17301"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> "remove xml tags" transform id.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMVISA3DHACKID"></a><h3>xmlSecTransformVisa3DHackId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecTransformVisa3DHackId</pre>
-<p>Selects node subtree by given node id string. The only reason why we need this 
-is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows 
-invalid XPointer expressions in the URI attribute. Since we couldn't evaluate 
-such expressions thru XPath/XPointer engine, we need to have this hack here.</p>
-<p></p>
+<a name="XMLSECTRANSFORMXSLTID"></a><h3>xmlSecTransformXsltId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecTransformXsltId</pre>
+<p>The XSLT transform klass.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECTRANSFORMVISA3DHACKGETKLASS"></a><h3>xmlSecTransformVisa3DHackGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecTransformId</font>   xmlSecTransformVisa3DHackGetKlass   (void);</pre>
-<p>The Visa3DHack transform klass. The only reason why we need this 
-is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows 
-invalid XPointer expressions in the URI attribute. Since we couldn't evaluate 
-such expressions thru XPath/XPointer engine, we need to have this hack here.</p>
-<p></p>
+<a name="XMLSECTRANSFORMXSLTSETDEFAULTSECURITYPREFS"></a><h3>xmlSecTransformXsltSetDefaultSecurityPrefs ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecTransformXsltSetDefaultSecurityPrefs
+                                                        (<code class="PARAMETER"><gtkdoclink href="XSLTSECURITYPREFS"><span class="TYPE">xsltSecurityPrefsPtr</span></gtkdoclink> sec</code>);</pre>
+<p>Sets the new default security preferences. The xmlsec default security policy is 
+to disable everything.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17322"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> Visa3DHack transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21384"><span style="white-space: nowrap"><code class="PARAMETER">sec</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new security preferences</p></td>
 </tr></tbody></table>
 </div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECTRANSFORMVISA3DHACKSETID"></a><h3>xmlSecTransformVisa3DHackSetID ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecTransformVisa3DHackSetID      (<a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> transform,
-                                                         const <font>xmlChar</font> *id);</pre>
-<p>Sets the ID value for an Visa3DHack <code class="PARAMETER">transform</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17339"><span style="white-space: nowrap"><code class="PARAMETER">transform</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to Visa3DHack transform.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17344"><span style="white-space: nowrap"><code class="PARAMETER">id</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the ID value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17349"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
-</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-templates.html"><b>&lt;&lt;&lt; templates</b></a></td>
diff --git a/docs/api/xmlsec-verify-with-key.html b/docs/api/xmlsec-verify-with-key.html
index a2cef107..da0b4eed 100644
--- a/docs/api/xmlsec-verify-with-key.html
+++ b/docs/api/xmlsec-verify-with-key.html
@@ -97,11 +97,11 @@
  * Verifies a file using a key from PEM file.
  * 
  * Usage: 
- *	verify1 &lt;signed-file&gt; &lt;pem-key&gt; 
+ *      verify1 &lt;signed-file&gt; &lt;pem-key&gt; 
  *
  * Example:
- *	./verify1 sign1-res.xml rsapub.pem
- *	./verify1 sign2-res.xml rsapub.pem
+ *      ./verify1 sign1-res.xml rsapub.pem
+ *      ./verify1 sign2-res.xml rsapub.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -118,6 +118,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -129,12 +130,16 @@ int verify_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file&gt;\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -145,17 +150,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -165,27 +182,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(verify_file(argv[1], argv[2]) &lt; 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -199,6 +216,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -208,8 +226,8 @@ main(int argc, char **argv) {
 
 /** 
  * verify_file:
- * @xml_file:		the signed XML file name.
- * @key_file:		the PEM public key file name.
+ * @xml_file:           the signed XML file name.
+ * @key_file:           the PEM public key file name.
  *
  * Verifies XML signature in #xml_file using public key from #key_file.
  *
@@ -228,48 +246,48 @@ verify_file(const char* xml_file, const char* key_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load public key */
     dsigCtx-&gt;signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx-&gt;signKey == NULL) {
         fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx-&gt;signKey, key_file) &lt; 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) &lt; 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx-&gt;status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -278,11 +296,11 @@ verify_file(const char* xml_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/docs/api/xmlsec-verify-with-keys-mngr.html b/docs/api/xmlsec-verify-with-keys-mngr.html
index 88f3b85c..3ee19da3 100644
--- a/docs/api/xmlsec-verify-with-keys-mngr.html
+++ b/docs/api/xmlsec-verify-with-keys-mngr.html
@@ -97,11 +97,11 @@
  * Verifies a file using keys manager
  * 
  * Usage: 
- *	verify2 &lt;signed-file&gt; &lt;public-pem-key1&gt; [&lt;public-pem-key2&gt; [...]]
+ *      verify2 &lt;signed-file&gt; &lt;public-pem-key1&gt; [&lt;public-pem-key2&gt; [...]]
  *
  * Example:
- *	./verify2 sign1-res.xml rsapub.pem
- *	./verify2 sign2-res.xml rsapub.pem
+ *      ./verify2 sign1-res.xml rsapub.pem
+ *      ./verify2 sign2-res.xml rsapub.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -118,6 +118,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -130,14 +131,18 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc &lt; 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file1&gt; [&lt;key-file2&gt; [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;key-file1&gt; [&lt;key-file2&gt; [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -148,17 +153,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -168,35 +185,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_keys(&amp;(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -213,6 +230,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -222,8 +240,8 @@ main(int argc, char **argv) {
 
 /**
  * load_keys:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load PEM keys from #files in it.
  * The caller is responsible for destroing returned keys manager using
@@ -247,43 +265,43 @@ load_keys(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i &lt; files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load key */
-	key = xmlSecCryptoAppKeyLoad(files[i], xmlSecKeyDataFormatPem, NULL, NULL, NULL);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load pem key from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load key */
+        key = xmlSecCryptoAppKeyLoad(files[i], xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load pem key from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
 
-	/* set key name to the file name, this is just an example! */
-	if(xmlSecKeySetName(key, BAD_CAST files[i]) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
-	
-	/* add key to keys manager, from now on keys manager is responsible 
-	 * for destroying key 
-	 */
-	if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* set key name to the file name, this is just an example! */
+        if(xmlSecKeySetName(key, BAD_CAST files[i]) &lt; 0) {
+            fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
+        
+        /* add key to keys manager, from now on keys manager is responsible 
+         * for destroying key 
+         */
+        if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) &lt; 0) {
+            fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -291,8 +309,8 @@ load_keys(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -311,35 +329,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) &lt; 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx-&gt;status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -348,11 +366,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/docs/api/xmlsec-verify-with-restrictions.html b/docs/api/xmlsec-verify-with-restrictions.html
index 0350798f..e1c47f24 100644
--- a/docs/api/xmlsec-verify-with-restrictions.html
+++ b/docs/api/xmlsec-verify-with-restrictions.html
@@ -103,15 +103,15 @@
  * certificates management policies for another crypto library may break it.
  *
  * Usage: 
- *	verify4 &lt;signed-file&gt; &lt;trusted-cert-pem-file1&gt; [&lt;trusted-cert-pem-file2&gt; [...]]
+ *      verify4 &lt;signed-file&gt; &lt;trusted-cert-pem-file1&gt; [&lt;trusted-cert-pem-file2&gt; [...]]
  *
  * Example (sucecess):
- *	./verify4 verify4-res.xml rootcert.pem
+ *      ./verify4 verify4-res.xml rootcert.pem
  *
  * Example (failure):
- *	./verify4 verify4-bad-res.xml rootcert.pem
+ *      ./verify4 verify4-bad-res.xml rootcert.pem
  * In the same time, verify3 example successfuly verifies this signature:
- *	./verify3 verify4-bad-res.xml rootcert.pem
+ *      ./verify3 verify4-bad-res.xml rootcert.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -128,6 +128,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -140,14 +141,17 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc &lt; 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;cert-file1&gt; [&lt;cert-file2&gt; [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;cert-file1&gt; [&lt;cert-file2&gt; [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -158,17 +162,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -178,35 +194,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load trusted certificates */
     mngr = load_trusted_certs(&amp;(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -223,6 +239,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -232,8 +249,8 @@ main(int argc, char **argv) {
 
 /**
  * load_trusted_certs:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load trusted certificates from PEM #files.
  * The caller is responsible for destroing returned keys manager using
@@ -256,24 +273,24 @@ load_trusted_certs(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i &lt; files_size; ++i) {
-	assert(files[i]);
-
-	/* load trusted cert */
-	if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        assert(files[i]);
+
+        /* load trusted cert */
+        if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) &lt; 0) {
+            fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -281,8 +298,8 @@ load_trusted_certs(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -301,35 +318,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* limit the Reference URI attributes to empty or NULL */
     dsigCtx-&gt;enabledReferenceUris = xmlSecTransformUriTypeEmpty;
     
-    /* limit allowed transforms for siganture and reference processing */
+    /* limit allowed transforms for signature and reference processing */
     if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformSha1Id) &lt; 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformRsaSha1Id) &lt; 0)) {
 
-        fprintf(stderr,"Error: failed to limit allowed siganture transforms\n");
-	goto done;
+        fprintf(stderr,"Error: failed to limit allowed signature transforms\n");
+        goto done;
     }
     if((xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformInclC14NId) &lt; 0) ||
        (xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformExclC14NId) &lt; 0) ||
@@ -337,34 +354,34 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
        (xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformEnvelopedId) &lt; 0)) {
 
         fprintf(stderr,"Error: failed to limit allowed reference transforms\n");
-	goto done;
+        goto done;
     }
 
     /* in addition, limit possible key data to valid X509 certificates only */
     if(xmlSecPtrListAdd(&amp;(dsigCtx-&gt;keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecKeyDataX509Id) &lt; 0) {
         fprintf(stderr,"Error: failed to limit allowed key data\n");
-	goto done;
+        goto done;
     }
     
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) &lt; 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
 
     /* check that we have only one Reference */
     if((dsigCtx-&gt;status == xmlSecDSigStatusSucceeded) &amp;&amp; 
         (xmlSecPtrListGetSize(&amp;(dsigCtx-&gt;signedInfoReferences)) != 1)) {
-	
+        
         fprintf(stderr,"Error: only one reference is allowed\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx-&gt;status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -373,11 +390,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/docs/api/xmlsec-verify-with-x509.html b/docs/api/xmlsec-verify-with-x509.html
index 5dbd2e04..8ee5478e 100644
--- a/docs/api/xmlsec-verify-with-x509.html
+++ b/docs/api/xmlsec-verify-with-x509.html
@@ -100,10 +100,10 @@
  * certificates management policies for another crypto library may break it.
  *
  * Usage: 
- *	verify3 &lt;signed-file&gt; &lt;trusted-cert-pem-file1&gt; [&lt;trusted-cert-pem-file2&gt; [...]]
+ *      verify3 &lt;signed-file&gt; &lt;trusted-cert-pem-file1&gt; [&lt;trusted-cert-pem-file2&gt; [...]]
  *
  * Example:
- *	./verify3 sign3-res.xml rootcert.pem
+ *      ./verify3 sign3-res.xml rootcert.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -120,6 +120,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include &lt;libxslt/xslt.h&gt;
+#include &lt;libxslt/security.h&gt;
 #endif /* XMLSEC_NO_XSLT */
 
 #include &lt;xmlsec/xmlsec.h&gt;
@@ -132,14 +133,17 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc &lt; 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;cert-file1&gt; [&lt;cert-file2&gt; [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s &lt;xml-file&gt; &lt;cert-file1&gt; [&lt;cert-file2&gt; [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -150,17 +154,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -170,35 +186,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) &lt; 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) &lt; 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() &lt; 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load trusted certificates */
     mngr = load_trusted_certs(&amp;(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) &lt; 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -215,6 +231,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -224,8 +241,8 @@ main(int argc, char **argv) {
 
 /**
  * load_trusted_certs:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load trusted certificates from PEM #files.
  * The caller is responsible for destroing returned keys manager using
@@ -248,24 +265,24 @@ load_trusted_certs(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) &lt; 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i &lt; files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load trusted cert */
-	if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) &lt; 0) {
-    	    fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load trusted cert */
+        if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) &lt; 0) {
+            fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -273,8 +290,8 @@ load_trusted_certs(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -293,35 +310,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) &lt; 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx-&gt;status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -330,11 +347,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/docs/api/xmlsec-version.html b/docs/api/xmlsec-version.html
index ef83d47d..854d2d39 100644
--- a/docs/api/xmlsec-version.html
+++ b/docs/api/xmlsec-version.html
@@ -87,14 +87,14 @@
 <h1>
 <a name="XMLSEC-VERSION"></a>version</h1>
 <div class="REFNAMEDIV">
-<a name="AEN17359"></a><h2>Name</h2>version -- Version macros.</div>
+<a name="AEN21394"></a><h2>Name</h2>version -- Version macros.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-VERSION.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-version.html#XMLSEC-VERSION--CAPS">XMLSEC_VERSION</a>
-#define             <a href="xmlsec-version.html#XMLSEC-VERSION-MAJOR--CAPS">XMLSEC_VERSION_MAJOR</a>
-#define             <a href="xmlsec-version.html#XMLSEC-VERSION-MINOR--CAPS">XMLSEC_VERSION_MINOR</a>
-#define             <a href="xmlsec-version.html#XMLSEC-VERSION-SUBMINOR--CAPS">XMLSEC_VERSION_SUBMINOR</a>
-#define             <a href="xmlsec-version.html#XMLSEC-VERSION-INFO--CAPS">XMLSEC_VERSION_INFO</a></pre>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-version.html#XMLSEC-VERSION:CAPS">XMLSEC_VERSION</a>
+#define             <a href="xmlsec-version.html#XMLSEC-VERSION-INFO:CAPS">XMLSEC_VERSION_INFO</a>
+#define             <a href="xmlsec-version.html#XMLSEC-VERSION-MAJOR:CAPS">XMLSEC_VERSION_MAJOR</a>
+#define             <a href="xmlsec-version.html#XMLSEC-VERSION-MINOR:CAPS">XMLSEC_VERSION_MINOR</a>
+#define             <a href="xmlsec-version.html#XMLSEC-VERSION-SUBMINOR:CAPS">XMLSEC_VERSION_SUBMINOR</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-VERSION.DESCRIPTION"></a><h2>Description</h2>
@@ -103,40 +103,35 @@
 <div class="REFSECT1">
 <a name="XMLSEC-VERSION.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-VERSION--CAPS"></a><h3>XMLSEC_VERSION</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_VERSION			"1.2.14"</pre>
+<a name="XMLSEC-VERSION:CAPS"></a><h3>XMLSEC_VERSION</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_VERSION			"1.2.19"</pre>
 <p>The library version string in the format
 "&lt;major-number&gt;.&lt;minor-number&gt;.&lt;sub-minor-number&gt;".</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-VERSION-MAJOR--CAPS"></a><h3>XMLSEC_VERSION_MAJOR</h3>
+<a name="XMLSEC-VERSION-INFO:CAPS"></a><h3>XMLSEC_VERSION_INFO</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_VERSION_INFO		"3:19:2"</pre>
+<p>The library version info string in the format
+"&lt;major-number&gt;+&lt;minor-number&gt;:&lt;sub-minor-number&gt;:&lt;minor-number&gt;".</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-VERSION-MAJOR:CAPS"></a><h3>XMLSEC_VERSION_MAJOR</h3>
 <pre class="PROGRAMLISTING">#define XMLSEC_VERSION_MAJOR		1</pre>
 <p>The library major version number.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-VERSION-MINOR--CAPS"></a><h3>XMLSEC_VERSION_MINOR</h3>
+<a name="XMLSEC-VERSION-MINOR:CAPS"></a><h3>XMLSEC_VERSION_MINOR</h3>
 <pre class="PROGRAMLISTING">#define XMLSEC_VERSION_MINOR		2</pre>
 <p>The library minor version number.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-VERSION-SUBMINOR--CAPS"></a><h3>XMLSEC_VERSION_SUBMINOR</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_VERSION_SUBMINOR		14</pre>
+<a name="XMLSEC-VERSION-SUBMINOR:CAPS"></a><h3>XMLSEC_VERSION_SUBMINOR</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_VERSION_SUBMINOR		19</pre>
 <p>The library sub-minor version number.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-VERSION-INFO--CAPS"></a><h3>XMLSEC_VERSION_INFO</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_VERSION_INFO		"3:14:2"</pre>
-<p>The library version info string in the format
-"&lt;major-number&gt;+&lt;minor-number&gt;:&lt;sub-minor-number&gt;:&lt;minor-number&gt;".</p>
-<p></p>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-x509.html b/docs/api/xmlsec-x509.html
index eb9444ca..4da80ad0 100644
--- a/docs/api/xmlsec-x509.html
+++ b/docs/api/xmlsec-x509.html
@@ -87,18 +87,18 @@
 <h1>
 <a name="XMLSEC-X509"></a>x509</h1>
 <div class="REFNAMEDIV">
-<a name="AEN21007"></a><h2>Name</h2>x509 -- <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node parser.</div>
+<a name="AEN26004"></a><h2>Name</h2>x509 -- <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node parser.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-X509.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-CERTIFICATE-NODE--CAPS">XMLSEC_X509DATA_CERTIFICATE_NODE</a>
-#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-SUBJECTNAME-NODE--CAPS">XMLSEC_X509DATA_SUBJECTNAME_NODE</a>
-#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-ISSUERSERIAL-NODE--CAPS">XMLSEC_X509DATA_ISSUERSERIAL_NODE</a>
-#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-SKI-NODE--CAPS">XMLSEC_X509DATA_SKI_NODE</a>
-#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-CRL-NODE--CAPS">XMLSEC_X509DATA_CRL_NODE</a>
-#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-DEFAULT--CAPS">XMLSEC_X509DATA_DEFAULT</a>
-<font>int</font>                 <a href="xmlsec-x509.html#XMLSECX509DATAGETNODECONTENT">xmlSecX509DataGetNodeContent</a>        (<font>xmlNodePtr</font> node,
-                                                         <font>int</font> deleteChildren,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-CERTIFICATE-NODE:CAPS">XMLSEC_X509DATA_CERTIFICATE_NODE</a>
+#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-CRL-NODE:CAPS">XMLSEC_X509DATA_CRL_NODE</a>
+#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-DEFAULT:CAPS">XMLSEC_X509DATA_DEFAULT</a>
+#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-ISSUERSERIAL-NODE:CAPS">XMLSEC_X509DATA_ISSUERSERIAL_NODE</a>
+#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-SKI-NODE:CAPS">XMLSEC_X509DATA_SKI_NODE</a>
+#define             <a href="xmlsec-x509.html#XMLSEC-X509DATA-SUBJECTNAME-NODE:CAPS">XMLSEC_X509DATA_SUBJECTNAME_NODE</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-x509.html#XMLSECX509DATAGETNODECONTENT">xmlSecX509DataGetNodeContent</a>        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> deleteChildren</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-X509.DESCRIPTION"></a><h2>Description</h2>
@@ -107,73 +107,66 @@
 <div class="REFSECT1">
 <a name="XMLSEC-X509.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-CERTIFICATE-NODE--CAPS"></a><h3>XMLSEC_X509DATA_CERTIFICATE_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_CERTIFICATE_NODE			0x00000001</pre>
+<a name="XMLSEC-X509DATA-CERTIFICATE-NODE:CAPS"></a><h3>XMLSEC_X509DATA_CERTIFICATE_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_CERTIFICATE_NODE                        0x00000001</pre>
 <p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Certificate" target="_top">&lt;dsig:X509Certificate/&gt;</a> node found or would be written back.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-SUBJECTNAME-NODE--CAPS"></a><h3>XMLSEC_X509DATA_SUBJECTNAME_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_SUBJECTNAME_NODE			0x00000002</pre>
-<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node found or would be written back.</p>
-<p></p>
+<a name="XMLSEC-X509DATA-CRL-NODE:CAPS"></a><h3>XMLSEC_X509DATA_CRL_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_CRL_NODE                                0x00000010</pre>
+<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node found or would be written back.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-ISSUERSERIAL-NODE--CAPS"></a><h3>XMLSEC_X509DATA_ISSUERSERIAL_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_ISSUERSERIAL_NODE			0x00000004</pre>
-<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node found or would be written back.</p>
-<p></p>
+<a name="XMLSEC-X509DATA-DEFAULT:CAPS"></a><h3>XMLSEC_X509DATA_DEFAULT</h3>
+<pre class="PROGRAMLISTING">#define             XMLSEC_X509DATA_DEFAULT</pre>
+<p>Default set of nodes to write in case of empty
+<a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node template.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-SKI-NODE--CAPS"></a><h3>XMLSEC_X509DATA_SKI_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_SKI_NODE				0x00000008</pre>
-<p>&lt;dsig:/X509SKI&gt; node found or would be written back.</p>
-<p></p>
+<a name="XMLSEC-X509DATA-ISSUERSERIAL-NODE:CAPS"></a><h3>XMLSEC_X509DATA_ISSUERSERIAL_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_ISSUERSERIAL_NODE                       0x00000004</pre>
+<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509IssuerSerial" target="_top">&lt;dsig:X509IssuerSerial/&gt;</a> node found or would be written back.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-CRL-NODE--CAPS"></a><h3>XMLSEC_X509DATA_CRL_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_CRL_NODE				0x00000010</pre>
-<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509CRL" target="_top">&lt;dsig:X509CRL/&gt;</a> node found or would be written back.</p>
-<p></p>
+<a name="XMLSEC-X509DATA-SKI-NODE:CAPS"></a><h3>XMLSEC_X509DATA_SKI_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_SKI_NODE                                0x00000008</pre>
+<p>&lt;dsig:/X509SKI&gt; node found or would be written back.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-X509DATA-DEFAULT--CAPS"></a><h3>XMLSEC_X509DATA_DEFAULT</h3>
-<pre class="PROGRAMLISTING">#define             XMLSEC_X509DATA_DEFAULT</pre>
-<p>Default set of nodes to write in case of empty
-<a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node template.</p>
-<p></p>
+<a name="XMLSEC-X509DATA-SUBJECTNAME-NODE:CAPS"></a><h3>XMLSEC_X509DATA_SUBJECTNAME_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_X509DATA_SUBJECTNAME_NODE                        0x00000002</pre>
+<p><a href="http://www.w3.org/TR/xmldsig-core/#sec-X509SubjectName" target="_top">&lt;dsig:X509SubjectName/&gt;</a> node found or would be written back.</p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECX509DATAGETNODECONTENT"></a><h3>xmlSecX509DataGetNodeContent ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecX509DataGetNodeContent        (<font>xmlNodePtr</font> node,
-                                                         <font>int</font> deleteChildren,
-                                                         <a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtxPtr</a> keyInfoCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecX509DataGetNodeContent        (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> deleteChildren</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtxPtr</span></a> keyInfoCtx</code>);</pre>
 <p>Reads the contents of <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node and returns it as
 a bits mask.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21091"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26095"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21097"><span style="white-space: nowrap"><code class="PARAMETER">deleteChildren</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the flag that indicates whether to remove node children after reading.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26101"><span style="white-space: nowrap"><code class="PARAMETER">deleteChildren</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag that indicates whether to remove node children after reading.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21102"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN26106"><span style="white-space: nowrap"><code class="PARAMETER">keyInfoCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN21108"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the bit mask representing the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node content
+<td align="LEFT" valign="TOP"><a name="AEN26112"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask representing the <a href="http://www.w3.org/TR/xmldsig-core/#sec-X509Data" target="_top">&lt;dsig:X509Data/&gt;</a> node content
 or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
diff --git a/docs/api/xmlsec-xmldsig.html b/docs/api/xmlsec-xmldsig.html
index 59d2e306..37ea57a9 100644
--- a/docs/api/xmlsec-xmldsig.html
+++ b/docs/api/xmlsec-xmldsig.html
@@ -87,55 +87,55 @@
 <h1>
 <a name="XMLSEC-XMLDSIG"></a>xmldsig</h1>
 <div class="REFNAMEDIV">
-<a name="AEN17415"></a><h2>Name</h2>xmldsig -- XML Digital Signature support.</div>
+<a name="AEN21445"></a><h2>Name</h2>xmldsig -- XML Digital Signature support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-XMLDSIG.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">enum                <a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS">xmlSecDSigStatus</a>;
-#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-IGNORE-MANIFESTS--CAPS">XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS</a>
-#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES--CAPS">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</a>
-#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES--CAPS">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</a>
-#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE--CAPS">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</a>
-#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-USE-VISA3D-HACK--CAPS">XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK</a>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-IGNORE-MANIFESTS:CAPS">XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS</a>
+#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES:CAPS">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</a>
+#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE:CAPS">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</a>
+#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</a>
+#define             <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-USE-VISA3D-HACK:CAPS">XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK</a>
 struct              <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtx</a>;
-<font>xmlSecDSigCtxPtr</font>    <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXCREATE">xmlSecDSigCtxCreate</a>                 (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDESTROY">xmlSecDSigCtxDestroy</a>                (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXINITIALIZE">xmlSecDSigCtxInitialize</a>             (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXFINALIZE">xmlSecDSigCtxFinalize</a>               (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXSIGN">xmlSecDSigCtxSign</a>                   (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlNodePtr</font> tmpl);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXVERIFY">xmlSecDSigCtxVerify</a>                 (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlNodePtr</font> node);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXENABLEREFERENCETRANSFORM">xmlSecDSigCtxEnableReferenceTransform</a>
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXENABLESIGNATURETRANSFORM">xmlSecDSigCtxEnableSignatureTransform</a>
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlSecTransformId</font> transformId);
-<font>xmlSecBufferPtr</font>     <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXGETPRESIGNBUFFER">xmlSecDSigCtxGetPreSignBuffer</a>       (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDEBUGDUMP">xmlSecDSigCtxDebugDump</a>              (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDEBUGXMLDUMP">xmlSecDSigCtxDebugXmlDump</a>           (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>FILE</font> *output);
-enum                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a>;
+<gtkdoclink href="XMLSECDSIGCTXPTR"><span class="RETURNVALUE">xmlSecDSigCtxPtr</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXCREATE">xmlSecDSigCtxCreate</a>                 (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDEBUGDUMP">xmlSecDSigCtxDebugDump</a>              (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDEBUGXMLDUMP">xmlSecDSigCtxDebugXmlDump</a>           (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDESTROY">xmlSecDSigCtxDestroy</a>                (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXENABLEREFERENCETRANSFORM">xmlSecDSigCtxEnableReferenceTransform</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXENABLESIGNATURETRANSFORM">xmlSecDSigCtxEnableSignatureTransform</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXFINALIZE">xmlSecDSigCtxFinalize</a>               (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);
+<gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXGETPRESIGNBUFFER">xmlSecDSigCtxGetPreSignBuffer</a>       (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXINITIALIZE">xmlSecDSigCtxInitialize</a>             (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXSIGN">xmlSecDSigCtxSign</a>                   (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGCTXVERIFY">xmlSecDSigCtxVerify</a>                 (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
 struct              <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtx</a>;
-<font>xmlSecDSigReferenceCtxPtr</font>  <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXCREATE">xmlSecDSigReferenceCtxCreate</a> (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a> origin);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDESTROY">xmlSecDSigReferenceCtxDestroy</a>       (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXINITIALIZE">xmlSecDSigReferenceCtxInitialize</a>    (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a> origin);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXFINALIZE">xmlSecDSigReferenceCtxFinalize</a>      (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);
-<font>int</font>                 <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXPROCESSNODE">xmlSecDSigReferenceCtxProcessNode</a>   (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>xmlNodePtr</font> node);
-<a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a>     <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXGETPREDIGESTBUFFER">xmlSecDSigReferenceCtxGetPreDigestBuffer</a>
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDEBUGDUMP">xmlSecDSigReferenceCtxDebugDump</a>     (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDEBUGXMLDUMP">xmlSecDSigReferenceCtxDebugXmlDump</a>  (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>FILE</font> *output);
+<gtkdoclink href="XMLSECDSIGREFERENCECTXPTR"><span class="RETURNVALUE">xmlSecDSigReferenceCtxPtr</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXCREATE">xmlSecDSigReferenceCtxCreate</a>  (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN"><span class="TYPE">xmlSecDSigReferenceOrigin</span></a> origin</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDEBUGDUMP">xmlSecDSigReferenceCtxDebugDump</a>     (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDEBUGXMLDUMP">xmlSecDSigReferenceCtxDebugXmlDump</a>  (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDESTROY">xmlSecDSigReferenceCtxDestroy</a>       (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXFINALIZE">xmlSecDSigReferenceCtxFinalize</a>      (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);
+<a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="RETURNVALUE">xmlSecBufferPtr</span></a>     <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXGETPREDIGESTBUFFER">xmlSecDSigReferenceCtxGetPreDigestBuffer</a>
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXINITIALIZE">xmlSecDSigReferenceCtxInitialize</a>    (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN"><span class="TYPE">xmlSecDSigReferenceOrigin</span></a> origin</code>);
+<gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXLISTGETKLASS">xmlSecDSigReferenceCtxListGetKlass</a>  (<code class="PARAMETER"><span class="TYPE">void</span></code>);
 #define             <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXLISTID">xmlSecDSigReferenceCtxListId</a>
-<font>xmlSecPtrListId</font>     <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXLISTGETKLASS">xmlSecDSigReferenceCtxListGetKlass</a>  (void);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXPROCESSNODE">xmlSecDSigReferenceCtxProcessNode</a>   (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
+enum                <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a>;
+enum                <a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS">xmlSecDSigStatus</a>;</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-XMLDSIG.DESCRIPTION"></a><h2>Description</h2>
@@ -144,458 +144,393 @@ struct              <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecD
 <div class="REFSECT1">
 <a name="XMLSEC-XMLDSIG.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECDSIGSTATUS"></a><h3>enum xmlSecDSigStatus</h3>
-<pre class="PROGRAMLISTING">typedef enum {
-    xmlSecDSigStatusUnknown = 0,
-    xmlSecDSigStatusSucceeded,
-    xmlSecDSigStatusInvalid
-} xmlSecDSigStatus;</pre>
-<p>XML Digital signature processing status.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSUNKNOWN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusUnknown</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	the status is unknow.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSSUCCEEDED"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusSucceeded</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the processing succeeded.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSINVALID"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusInvalid</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the processing failed.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-DSIG-FLAGS-IGNORE-MANIFESTS--CAPS"></a><h3>XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS			0x00000001</pre>
+<a name="XMLSEC-DSIG-FLAGS-IGNORE-MANIFESTS:CAPS"></a><h3>XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS                      0x00000001</pre>
 <p>If this flag is set then <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifests" target="_top">&lt;dsig:Manifests/&gt;</a> nodes will not be processed.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES--CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES		0x00000002</pre>
-<p>If this flag is set then pre-digest buffer for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> child
-of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element will be stored in <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtx</span></a>.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES--CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES		0x00000004</pre>
+<a name="XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES:CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES             0x00000004</pre>
 <p>If this flag is set then pre-digest buffer for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> child
 of <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> element will be stored in <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtx</span></a>.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-DSIG-FLAGS-STORE-SIGNATURE--CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_SIGNATURE			0x00000008</pre>
+<a name="XMLSEC-DSIG-FLAGS-STORE-SIGNATURE:CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_SIGNATURE                       0x00000008</pre>
 <p>If this flag is set then pre-signature buffer for <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>
 element processing will be stored in <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtx</span></a>.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-DSIG-FLAGS-USE-VISA3D-HACK--CAPS"></a><h3>XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK			0x00000010</pre>
+<a name="XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS"></a><h3>XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES           0x00000002</pre>
+<p>If this flag is set then pre-digest buffer for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> child
+of <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo" target="_top">&lt;dsig:KeyInfo/&gt;</a> element will be stored in <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtx</span></a>.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSEC-DSIG-FLAGS-USE-VISA3D-HACK:CAPS"></a><h3>XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK                       0x00000010</pre>
 <p>If this flag is set then URI ID references are resolved directly
 without using XPointers. This allows one to sign/verify Visa3D
 documents that don't follow XML, XPointer and XML DSig specifications.</p>
-<p></p>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGCTX"></a><h3>struct xmlSecDSigCtx</h3>
 <pre class="PROGRAMLISTING">struct xmlSecDSigCtx {
     /* these data user can set before performing the operation */
-    void*			userData;
-    unsigned int		flags;
-    unsigned int		flags2;
-    xmlSecKeyInfoCtx		keyInfoReadCtx;
-    xmlSecKeyInfoCtx		keyInfoWriteCtx;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformUriType	enabledReferenceUris;
-    xmlSecPtrListPtr		enabledReferenceTransforms;
+    void*                       userData;
+    unsigned int                flags;
+    unsigned int                flags2;
+    xmlSecKeyInfoCtx            keyInfoReadCtx;
+    xmlSecKeyInfoCtx            keyInfoWriteCtx;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformUriType      enabledReferenceUris;
+    xmlSecPtrListPtr            enabledReferenceTransforms;
     xmlSecTransformCtxPreExecuteCallback referencePreExecuteCallback;
-    xmlSecTransformId		defSignMethodId;
-    xmlSecTransformId		defC14NMethodId;
-    xmlSecTransformId		defDigestMethodId;
-        
+    xmlSecTransformId           defSignMethodId;
+    xmlSecTransformId           defC14NMethodId;
+    xmlSecTransformId           defDigestMethodId;
+
     /* these data are returned */
-    xmlSecKeyPtr		signKey;
-    xmlSecTransformOperation	operation;
-    xmlSecBufferPtr		result;
-    xmlSecDSigStatus		status;
-    xmlSecTransformPtr		signMethod;
-    xmlSecTransformPtr		c14nMethod;
-    xmlSecTransformPtr		preSignMemBufMethod;
-    xmlNodePtr			signValueNode;
-    xmlChar*			id;    
-    xmlSecPtrList    		signedInfoReferences;
-    xmlSecPtrList		manifestReferences;
+    xmlSecKeyPtr                signKey;
+    xmlSecTransformOperation    operation;
+    xmlSecBufferPtr             result;
+    xmlSecDSigStatus            status;
+    xmlSecTransformPtr          signMethod;
+    xmlSecTransformPtr          c14nMethod;
+    xmlSecTransformPtr          preSignMemBufMethod;
+    xmlNodePtr                  signValueNode;
+    xmlChar*                    id;
+    xmlSecPtrList               signedInfoReferences;
+    xmlSecPtrList               manifestReferences;
 
     /* reserved for future */
-    void*			reserved0;
-    void*			reserved1;    
+    void*                       reserved0;
+    void*                       reserved1;
 };</pre>
 <p>XML DSig processing context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17586"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to user data (xmlsec and xmlsec-crypto libraries
-			never touches this).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21673"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to user data (xmlsec and xmlsec-crypto libraries
+never touches this).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17592"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML Digital Signature processing flags.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21680"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML Digital Signature processing flags.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17598"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML Digital Signature processing flags.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21687"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML Digital Signature processing flags.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17604"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> <code class="STRUCTFIELD">keyInfoReadCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the reading key context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21694"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> <code class="STRUCTFIELD">keyInfoReadCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reading key context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17610"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> <code class="STRUCTFIELD">keyInfoWriteCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the writing key context (not used for signature verification).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21701"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> <code class="STRUCTFIELD">keyInfoWriteCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the writing key context (not used for signature verification).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17616"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21708"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtx</span></a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17623"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE">xmlSecTransformUriType</a> <code class="STRUCTFIELD">enabledReferenceUris</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the URI types allowed for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21716"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMURITYPE"><span class="TYPE">xmlSecTransformUriType</span></a> <code class="STRUCTFIELD">enabledReferenceUris</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI types allowed for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17630"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrListPtr</a> <code class="STRUCTFIELD">enabledReferenceTransforms</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the list of transforms allowed in <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21724"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrListPtr</span></a> <code class="STRUCTFIELD">enabledReferenceTransforms</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of transforms allowed in <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17637"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK">xmlSecTransformCtxPreExecuteCallback</a> <code class="STRUCTFIELD">referencePreExecuteCallback</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><a name="AEN21732"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTXPREEXECUTECALLBACK"><span class="TYPE">xmlSecTransformCtxPreExecuteCallback</span></a> <code class="STRUCTFIELD">referencePreExecuteCallback</code>;</span></a></td>
 <td align="LEFT" valign="TOP"><p>the callback for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node processing.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17644"><span style="white-space: nowrap"><font>xmlSecTransformId</font> <code class="STRUCTFIELD">defSignMethodId</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the default signing method klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21740"><span style="white-space: nowrap"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> <code class="STRUCTFIELD">defSignMethodId</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default signing method klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17650"><span style="white-space: nowrap"><font>xmlSecTransformId</font> <code class="STRUCTFIELD">defC14NMethodId</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the default c14n method klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21747"><span style="white-space: nowrap"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> <code class="STRUCTFIELD">defC14NMethodId</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default c14n method klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17656"><span style="white-space: nowrap"><font>xmlSecTransformId</font> <code class="STRUCTFIELD">defDigestMethodId</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the default digest method klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21754"><span style="white-space: nowrap"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> <code class="STRUCTFIELD">defDigestMethodId</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default digest method klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17662"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> <code class="STRUCTFIELD">signKey</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the signature key; application may set <gtkdoclink href="SIGNKEY"><span class="TYPE">signKey</span></gtkdoclink>
-			before calling <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXSIGN"><span class="TYPE">xmlSecDSigCtxSign</span></a> or <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXVERIFY"><span class="TYPE">xmlSecDSigCtxVerify</span></a>
-			functions.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21761"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> <code class="STRUCTFIELD">signKey</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature key; application may set <gtkdoclink href="SIGNKEY"><span class="TYPE">signKey</span></gtkdoclink>
+before calling <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXSIGN"><span class="TYPE">xmlSecDSigCtxSign</span></a> or <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXVERIFY"><span class="TYPE">xmlSecDSigCtxVerify</span></a>
+functions.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17674"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION">xmlSecTransformOperation</a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the operation: sign or verify.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21774"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION"><span class="TYPE">xmlSecTransformOperation</span></a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation: sign or verify.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17680"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> <code class="STRUCTFIELD">result</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to signature (not valid for signature verificaction).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21781"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> <code class="STRUCTFIELD">result</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature (not valid for signature verification).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17686"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS">xmlSecDSigStatus</a> <code class="STRUCTFIELD">status</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signatuire" target="_top">&lt;dsig:Signatuire/&gt;</a> procesisng status.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21788"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS"><span class="TYPE">xmlSecDSigStatus</span></a> <code class="STRUCTFIELD">status</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signatuire" target="_top">&lt;dsig:Signatuire/&gt;</a> processing status.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17693"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">signMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to signature transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21796"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">signMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17699"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">c14nMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to c14n transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21803"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">c14nMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to c14n transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17705"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">preSignMemBufMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to binary buffer right before signature
-			(valid only if <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</span></a> flag is set).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21810"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">preSignMemBufMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary buffer right before signature
+(valid only if <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</span></a> flag is set).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17713"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">signValueNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21819"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">signValueNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignatureValue" target="_top">&lt;dsig:SignatureValue/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17720"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>				the pointer to Id attribute of <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21827"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to Id attribute of <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17727"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">signedInfoReferences</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the list of references in <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> node.		</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21835"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">signedInfoReferences</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of references in <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17734"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST">xmlSecPtrList</a> <code class="STRUCTFIELD">manifestReferences</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the list of references in <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> nodes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21843"><span style="white-space: nowrap"><a href="xmlsec-list.html#XMLSECPTRLIST"><span class="TYPE">xmlSecPtrList</span></a> <code class="STRUCTFIELD">manifestReferences</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the list of references in <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17741"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21851"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17747"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21858"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGCTXCREATE"></a><h3>xmlSecDSigCtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecDSigCtxPtr</font>    xmlSecDSigCtxCreate                 (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECDSIGCTXPTR"><span class="RETURNVALUE">xmlSecDSigCtxPtr</span></gtkdoclink>    xmlSecDSigCtxCreate                 (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
 <p>Creates <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> element processing context.
-The caller is responsible for destroying returend object by calling 
+The caller is responsible for destroying returned object by calling
 <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXDESTROY"><span class="TYPE">xmlSecDSigCtxDestroy</span></a> function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17766"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21880"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17771"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated context object or NULL if an error
+<td align="LEFT" valign="TOP"><a name="AEN21885"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated context object or NULL if an error
 occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGCTXDESTROY"></a><h3>xmlSecDSigCtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigCtxDestroy                (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);</pre>
-<p>Destroy context object created with <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXCREATE"><span class="TYPE">xmlSecDSigCtxCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17788"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECDSIGCTXINITIALIZE"></a><h3>xmlSecDSigCtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigCtxInitialize             (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
-<p>Initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> element processing context.
-The caller is responsible for cleaing up returend object by calling 
-<a href="xmlsec-xmldsig.html#XMLSECDSIGCTXFINALIZE"><span class="TYPE">xmlSecDSigCtxFinalize</span></a> function.</p>
-<p></p>
+<a name="XMLSECDSIGCTXDEBUGDUMP"></a><h3>xmlSecDSigCtxDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigCtxDebugDump              (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the debug information about <code class="PARAMETER">dsigCtx</code> to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17808"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21907"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17814"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17819"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21913"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGCTXFINALIZE"></a><h3>xmlSecDSigCtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigCtxFinalize               (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);</pre>
-<p>Cleans up <code class="PARAMETER">dsigCtx</code> object initialized with <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXINITIALIZE"><span class="TYPE">xmlSecDSigCtxInitialize</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN17837"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECDSIGCTXSIGN"></a><h3>xmlSecDSigCtxSign ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigCtxSign                   (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlNodePtr</font> tmpl);</pre>
-<p>Signs the data as described in <code class="PARAMETER">tmpl</code> node.</p>
-<p></p>
+<a name="XMLSECDSIGCTXDEBUGXMLDUMP"></a><h3>xmlSecDSigCtxDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigCtxDebugXmlDump           (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the debug information about <code class="PARAMETER">dsigCtx</code> to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17855"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21935"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17861"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with signature template.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17867"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21941"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGCTXVERIFY"></a><h3>xmlSecDSigCtxVerify ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigCtxVerify                 (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlNodePtr</font> node);</pre>
-<p>Vaidates signature in the <code class="PARAMETER">node</code>. The verification result is returned
-in <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of the <code class="PARAMETER">dsigCtx</code> object.</p>
-<p></p>
+<a name="XMLSECDSIGCTXDESTROY"></a><h3>xmlSecDSigCtxDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigCtxDestroy                (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);</pre>
+<p>Destroy context object created with <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXCREATE"><span class="TYPE">xmlSecDSigCtxCreate</span></a> function.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17887"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17893"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer with <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN17899"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success (check <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of <code class="PARAMETER">dsigCtx</code> to get 
-signature verification result) or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN21960"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGCTXENABLEREFERENCETRANSFORM"></a><h3>xmlSecDSigCtxEnableReferenceTransform ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigCtxEnableReferenceTransform
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigCtxEnableReferenceTransform
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
 <p>Enables <code class="PARAMETER">transformId</code> for <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> elements processing.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17920"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21983"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17926"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21989"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17931"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN21994"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGCTXENABLESIGNATURETRANSFORM"></a><h3>xmlSecDSigCtxEnableSignatureTransform ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigCtxEnableSignatureTransform
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>xmlSecTransformId</font> transformId);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigCtxEnableSignatureTransform
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> transformId</code>);</pre>
 <p>Enables <code class="PARAMETER">transformId</code> for <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> element processing.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17949"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22016"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17955"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the transform klass.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22022"><span style="white-space: nowrap"><code class="PARAMETER">transformId</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transform klass.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17960"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22027"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECDSIGCTXFINALIZE"></a><h3>xmlSecDSigCtxFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigCtxFinalize               (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);</pre>
+<p>Cleans up <code class="PARAMETER">dsigCtx</code> object initialized with <a href="xmlsec-xmldsig.html#XMLSECDSIGCTXINITIALIZE"><span class="TYPE">xmlSecDSigCtxInitialize</span></a> function.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN22047"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECDSIGCTXGETPRESIGNBUFFER"></a><h3>xmlSecDSigCtxGetPreSignBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBufferPtr</font>     xmlSecDSigCtxGetPreSignBuffer       (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink>     xmlSecDSigCtxGetPreSignBuffer       (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>);</pre>
 <p>Gets pointer to the buffer with serialized <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> element
-just before signature claculation (valid if and only if 
-<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</span></a> context flag is set.</p>
-<p></p>
+just before signature claculation (valid if and only if
+<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNATURE:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNATURE</span></a> context flag is set.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17978"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22068"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN17984"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22074"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGCTXDEBUGDUMP"></a><h3>xmlSecDSigCtxDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigCtxDebugDump              (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the debug information about <code class="PARAMETER">dsigCtx</code> to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECDSIGCTXINITIALIZE"></a><h3>xmlSecDSigCtxInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigCtxInitialize             (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
+<p>Initializes <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> element processing context.
+The caller is responsible for cleaning up returned object by calling
+<a href="xmlsec-xmldsig.html#XMLSECDSIGCTXFINALIZE"><span class="TYPE">xmlSecDSigCtxFinalize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18002"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22097"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22103"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18008"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22108"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGCTXDEBUGXMLDUMP"></a><h3>xmlSecDSigCtxDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigCtxDebugXmlDump           (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the debug information about <code class="PARAMETER">dsigCtx</code> to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECDSIGCTXSIGN"></a><h3>xmlSecDSigCtxSign ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigCtxSign                   (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>);</pre>
+<p>Signs the data as described in <code class="PARAMETER">tmpl</code> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18026"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22129"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22135"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node with signature template.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18032"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22141"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCEORIGIN"></a><h3>enum xmlSecDSigReferenceOrigin</h3>
-<pre class="PROGRAMLISTING">typedef enum  {
-    xmlSecDSigReferenceOriginSignedInfo,
-    xmlSecDSigReferenceOriginManifest
-} xmlSecDSigReferenceOrigin;</pre>
-<p>The possible <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node locations: in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> 
-node or in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECDSIGCTXVERIFY"></a><h3>xmlSecDSigCtxVerify ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigCtxVerify                 (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Vaidates signature in the <code class="PARAMETER">node</code>. The verification result is returned
+in <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of the <code class="PARAMETER">dsigCtx</code> object.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECDSIGREFERENCEORIGINSIGNEDINFO"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigReferenceOriginSignedInfo</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>reference in &lt;dsig:SignedInfo&gt; node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22165"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="XMLSECDSIGREFERENCEORIGINMANIFEST"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigReferenceOriginManifest</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p> 	reference &lt;dsig:Manifest&gt; node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22171"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer with <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22177"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success (check <gtkdoclink href="STATUS"><span class="TYPE">status</span></gtkdoclink> member of <code class="PARAMETER">dsigCtx</code> to get
+signature verification result) or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
@@ -603,276 +538,311 @@ node or in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target=
 <div class="REFSECT2">
 <a name="XMLSECDSIGREFERENCECTX"></a><h3>struct xmlSecDSigReferenceCtx</h3>
 <pre class="PROGRAMLISTING">struct xmlSecDSigReferenceCtx {
-    void*			userData;
-    xmlSecDSigCtxPtr		dsigCtx;
-    xmlSecDSigReferenceOrigin	origin;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformPtr		digestMethod;
+    void*                       userData;
+    xmlSecDSigCtxPtr            dsigCtx;
+    xmlSecDSigReferenceOrigin   origin;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformPtr          digestMethod;
+
+    xmlSecBufferPtr             result;
+    xmlSecDSigStatus            status;
+    xmlSecTransformPtr          preDigestMemBufMethod;
+    xmlChar*                    id;
+    xmlChar*                    uri;
+    xmlChar*                    type;
 
-    xmlSecBufferPtr		result;
-    xmlSecDSigStatus		status;
-    xmlSecTransformPtr		preDigestMemBufMethod;
-    xmlChar*			id;
-    xmlChar*			uri;
-    xmlChar*			type;
-    
      /* reserved for future */
-    void*			reserved0;
-    void*			reserved1;    
+    void*                       reserved0;
+    void*                       reserved1;
 };</pre>
 <p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> processing context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18067"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to user data (xmlsec and xmlsec-crypto libraries
-			never touches this).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22193"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to user data (xmlsec and xmlsec-crypto libraries
+never touches this).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18073"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> <code class="STRUCTFIELD">dsigCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to "parent" <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22200"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> <code class="STRUCTFIELD">dsigCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to "parent" <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18080"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a> <code class="STRUCTFIELD">origin</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the signature origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a>).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22208"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN"><span class="TYPE">xmlSecDSigReferenceOrigin</span></a> <code class="STRUCTFIELD">origin</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a>).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18088"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the reference processing transforms context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22217"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtx</span></a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference processing transforms context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18094"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">digestMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to digest transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22224"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">digestMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to digest transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18100"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> <code class="STRUCTFIELD">result</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to digest result.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22231"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> <code class="STRUCTFIELD">result</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to digest result.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18106"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS">xmlSecDSigStatus</a> <code class="STRUCTFIELD">status</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the reference processing status.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22238"><span style="white-space: nowrap"><a href="xmlsec-xmldsig.html#XMLSECDSIGSTATUS"><span class="TYPE">xmlSecDSigStatus</span></a> <code class="STRUCTFIELD">status</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference processing status.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18112"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">preDigestMemBufMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the pointer to binary buffer right before digest
-			(valid only if either
-			<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</span></a> or
-			<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</span></a> flags are set).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22245"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">preDigestMemBufMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to binary buffer right before digest
+(valid only if either
+<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</span></a> or
+<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</span></a> flags are set).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18122"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>				the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node ID attribute. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22256"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node ID attribute.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18129"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">uri</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node URI attribute. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22264"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">uri</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node URI attribute.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18136"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">type</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node Type attribute. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22272"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">type</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node Type attribute.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18143"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22280"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved0</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18149"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22287"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGREFERENCECTXCREATE"></a><h3>xmlSecDSigReferenceCtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecDSigReferenceCtxPtr</font>  xmlSecDSigReferenceCtxCreate (<a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a> origin);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECDSIGREFERENCECTXPTR"><span class="RETURNVALUE">xmlSecDSigReferenceCtxPtr</span></gtkdoclink> xmlSecDSigReferenceCtxCreate  (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN"><span class="TYPE">xmlSecDSigReferenceOrigin</span></a> origin</code>);</pre>
 <p>Creates new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context. Caller is responsible
 for destroying the returned context by calling <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXDESTROY"><span class="TYPE">xmlSecDSigReferenceCtxDestroy</span></a>
 function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22312"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22318"><span style="white-space: nowrap"><code class="PARAMETER">origin</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22325"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly created context or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECDSIGREFERENCECTXDEBUGDUMP"></a><h3>xmlSecDSigReferenceCtxDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigReferenceCtxDebugDump     (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">dsigRefCtx</code> to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18169"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22347"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18175"><span style="white-space: nowrap"><code class="PARAMETER">origin</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the reference origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22353"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECDSIGREFERENCECTXDEBUGXMLDUMP"></a><h3>xmlSecDSigReferenceCtxDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigReferenceCtxDebugXmlDump  (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">dsigRefCtx</code> to <code class="PARAMETER">output</code> in output format.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22375"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18182"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly created context or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22381"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
 <a name="XMLSECDSIGREFERENCECTXDESTROY"></a><h3>xmlSecDSigReferenceCtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigReferenceCtxDestroy       (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigReferenceCtxDestroy       (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);</pre>
 <p>Destroy context object created with <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXCREATE"><span class="TYPE">xmlSecDSigReferenceCtxCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN22400"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECDSIGREFERENCECTXFINALIZE"></a><h3>xmlSecDSigReferenceCtxFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecDSigReferenceCtxFinalize      (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);</pre>
+<p>Cleans up context object created with <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXINITIALIZE"><span class="TYPE">xmlSecDSigReferenceCtxInitialize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18199"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22420"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECDSIGREFERENCECTXGETPREDIGESTBUFFER"></a><h3>xmlSecDSigReferenceCtxGetPreDigestBuffer ()</h3>
+<pre class="PROGRAMLISTING"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="RETURNVALUE">xmlSecBufferPtr</span></a>     xmlSecDSigReferenceCtxGetPreDigestBuffer
+                                                        (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>);</pre>
+<p>Gets the results of <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node processing just before digesting
+(valid only if <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</span></a> or
+<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES:CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</span></a> flas of signature context
+is set).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22443"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN22449"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the buffer or NULL if an error occurs.</p></td>
+</tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECDSIGREFERENCECTXINITIALIZE"></a><h3>xmlSecDSigReferenceCtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigReferenceCtxInitialize    (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGCTX">xmlSecDSigCtxPtr</a> dsigCtx,
-                                                         <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN">xmlSecDSigReferenceOrigin</a> origin);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigReferenceCtxInitialize    (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGCTX"><span class="TYPE">xmlSecDSigCtxPtr</span></a> dsigCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCEORIGIN"><span class="TYPE">xmlSecDSigReferenceOrigin</span></a> origin</code>);</pre>
 <p>Initializes new <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context. Caller is responsible
 for cleaning up the returned context by calling <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXFINALIZE"><span class="TYPE">xmlSecDSigReferenceCtxFinalize</span></a>
 function.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18220"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22475"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18226"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22481"><span style="white-space: nowrap"><code class="PARAMETER">dsigCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to parent <a href="http://www.w3.org/TR/xmldsig-core/#sec-Signature" target="_top">&lt;dsig:Signature/&gt;</a> node processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18232"><span style="white-space: nowrap"><code class="PARAMETER">origin</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the reference origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22487"><span style="white-space: nowrap"><code class="PARAMETER">origin</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reference origin (<a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a> or <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18239"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on succes or aa negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22494"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on succes or aa negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXFINALIZE"></a><h3>xmlSecDSigReferenceCtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigReferenceCtxFinalize      (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);</pre>
-<p>Cleans up context object created with <a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTXINITIALIZE"><span class="TYPE">xmlSecDSigReferenceCtxInitialize</span></a> function.</p>
-<p></p>
+<a name="XMLSECDSIGREFERENCECTXLISTGETKLASS"></a><h3>xmlSecDSigReferenceCtxListGetKlass ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECPTRLISTID"><span class="RETURNVALUE">xmlSecPtrListId</span></gtkdoclink>     xmlSecDSigReferenceCtxListGetKlass  (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing contexts list klass.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18256"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22511"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p><a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context list klass.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECDSIGREFERENCECTXLISTID"></a><h3>xmlSecDSigReferenceCtxListId</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecDSigReferenceCtxListId</pre>
+<p>The references list klass.</p>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECDSIGREFERENCECTXPROCESSNODE"></a><h3>xmlSecDSigReferenceCtxProcessNode ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecDSigReferenceCtxProcessNode   (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>xmlNodePtr</font> node);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecDSigReferenceCtxProcessNode   (<code class="PARAMETER"><a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX"><span class="TYPE">xmlSecDSigReferenceCtxPtr</span></a> dsigRefCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
 <p>The Reference Element (http://www.w3.org/TR/xmldsig-core/<gtkdoclink href="SEC-REFERENCE"><span class="TYPE">sec-Reference</span></gtkdoclink>)</p>
-<p>Reference is an element that may occur one or more times. It specifies 
-a digest algorithm and digest value, and optionally an identifier of the 
-object being signed, the type of the object, and/or a list of transforms 
-to be applied prior to digesting. The identification (URI) and transforms 
-describe how the digested content (i.e., the input to the digest method) 
-was created. The Type attribute facilitates the processing of referenced 
-data. For example, while this specification makes no requirements over 
-external data, an application may wish to signal that the referent is a 
-Manifest. An optional ID attribute permits a Reference to be referenced 
+<p>Reference is an element that may occur one or more times. It specifies
+a digest algorithm and digest value, and optionally an identifier of the
+object being signed, the type of the object, and/or a list of transforms
+to be applied prior to digesting. The identification (URI) and transforms
+describe how the digested content (i.e., the input to the digest method)
+was created. The Type attribute facilitates the processing of referenced
+data. For example, while this specification makes no requirements over
+external data, an application may wish to signal that the referent is a
+Manifest. An optional ID attribute permits a Reference to be referenced
 from elsewhere.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18276"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22541"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18282"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22547"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18288"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on succes or aa negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22553"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on succes or aa negative value otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXGETPREDIGESTBUFFER"></a><h3>xmlSecDSigReferenceCtxGetPreDigestBuffer ()</h3>
-<pre class="PROGRAMLISTING"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a>     xmlSecDSigReferenceCtxGetPreDigestBuffer
-                                                        (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx);</pre>
-<p>Gets the results of <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node processing just before digesting
-(valid only if <a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-SIGNEDINFO-REFERENCES--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES</span></a> or
-<a href="xmlsec-xmldsig.html#XMLSEC-DSIG-FLAGS-STORE-MANIFEST-REFERENCES--CAPS"><span class="TYPE">XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES</span></a> flas of signature context
-is set).</p>
-<p></p>
+<a name="XMLSECDSIGREFERENCEORIGIN"></a><h3>enum xmlSecDSigReferenceOrigin</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecDSigReferenceOriginSignedInfo,
+    xmlSecDSigReferenceOriginManifest
+} xmlSecDSigReferenceOrigin;</pre>
+<p>The possible <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> node locations: in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo" target="_top">&lt;dsig:SignedInfo/&gt;</a>
+node or in the <a href="http://www.w3.org/TR/xmldsig-core/#sec-Manifest" target="_top">&lt;dsig:Manifest/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18308"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECDSIGREFERENCEORIGINSIGNEDINFO"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigReferenceOriginSignedInfo</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>reference in &lt;dsig:SignedInfo&gt; node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18314"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the buffer or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECDSIGREFERENCEORIGINMANIFEST"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigReferenceOriginManifest</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>reference &lt;dsig:Manifest&gt; node.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXDEBUGDUMP"></a><h3>xmlSecDSigReferenceCtxDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigReferenceCtxDebugDump     (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">dsigRefCtx</code> to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECDSIGSTATUS"></a><h3>enum xmlSecDSigStatus</h3>
+<pre class="PROGRAMLISTING">typedef enum {
+    xmlSecDSigStatusUnknown = 0,
+    xmlSecDSigStatusSucceeded,
+    xmlSecDSigStatusInvalid
+} xmlSecDSigStatus;</pre>
+<p>XML Digital signature processing status.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18332"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSUNKNOWN"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusUnknown</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the status is unknown.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18338"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXDEBUGXMLDUMP"></a><h3>xmlSecDSigReferenceCtxDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecDSigReferenceCtxDebugXmlDump  (<a href="xmlsec-xmldsig.html#XMLSECDSIGREFERENCECTX">xmlSecDSigReferenceCtxPtr</a> dsigRefCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">dsigRefCtx</code> to <code class="PARAMETER">output</code> in output format.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN18356"><span style="white-space: nowrap"><code class="PARAMETER">dsigRefCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSSUCCEEDED"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusSucceeded</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the processing succeeded.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18362"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="XMLSECDSIGSTATUSINVALID"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecDSigStatusInvalid</tt></span></a></td>
+<td align="LEFT" valign="TOP"><p>the processing failed.</p></td>
 </tr>
 </tbody></table>
 </div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXLISTID"></a><h3>xmlSecDSigReferenceCtxListId</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecDSigReferenceCtxListId</pre>
-<p>The references list klass.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECDSIGREFERENCECTXLISTGETKLASS"></a><h3>xmlSecDSigReferenceCtxListGetKlass ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecPtrListId</font>     xmlSecDSigReferenceCtxListGetKlass  (void);</pre>
-<p>The <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing contexts list klass.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18384"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> <a href="http://www.w3.org/TR/xmldsig-core/#sec-Reference" target="_top">&lt;dsig:Reference/&gt;</a> element processing context list klass.</p></td>
-</tr></tbody></table>
-</div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
 <td align="left"><a accesskey="p" href="xmlsec-version.html"><b>&lt;&lt;&lt; version</b></a></td>
diff --git a/docs/api/xmlsec-xmlenc.html b/docs/api/xmlsec-xmlenc.html
index 59966603..01deef8b 100644
--- a/docs/api/xmlsec-xmlenc.html
+++ b/docs/api/xmlsec-xmlenc.html
@@ -87,38 +87,38 @@
 <h1>
 <a name="XMLSEC-XMLENC"></a>xmlenc</h1>
 <div class="REFNAMEDIV">
-<a name="AEN18395"></a><h2>Name</h2>xmlenc -- XML Encryption support.</div>
+<a name="AEN22605"></a><h2>Name</h2>xmlenc -- XML Encryption support.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-XMLENC.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">enum                <a href="xmlsec-xmlenc.html#XMLENCCTXMODE">xmlEncCtxMode</a>;
-#define             <a href="xmlsec-xmlenc.html#XMLSEC-ENC-RETURN-REPLACED-NODE--CAPS">XMLSEC_ENC_RETURN_REPLACED_NODE</a>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-xmlenc.html#XMLSEC-ENC-RETURN-REPLACED-NODE:CAPS">XMLSEC_ENC_RETURN_REPLACED_NODE</a>
+enum                <a href="xmlsec-xmlenc.html#XMLENCCTXMODE">xmlEncCtxMode</a>;
 struct              <a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtx</a>;
-<font>xmlSecEncCtxPtr</font>     <a href="xmlsec-xmlenc.html#XMLSECENCCTXCREATE">xmlSecEncCtxCreate</a>                  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-xmlenc.html#XMLSECENCCTXDESTROY">xmlSecEncCtxDestroy</a>                 (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXINITIALIZE">xmlSecEncCtxInitialize</a>              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);
-<font>void</font>                <a href="xmlsec-xmlenc.html#XMLSECENCCTXFINALIZE">xmlSecEncCtxFinalize</a>                (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXCOPYUSERPREF">xmlSecEncCtxCopyUserPref</a>            (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> dst,
-                                                         <a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> src);
-<font>void</font>                <a href="xmlsec-xmlenc.html#XMLSECENCCTXRESET">xmlSecEncCtxReset</a>                   (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXBINARYENCRYPT">xmlSecEncCtxBinaryEncrypt</a>           (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXXMLENCRYPT">xmlSecEncCtxXmlEncrypt</a>              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         <font>xmlNodePtr</font> node);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXURIENCRYPT">xmlSecEncCtxUriEncrypt</a>              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         const <font>xmlChar</font> *uri);
-<font>int</font>                 <a href="xmlsec-xmlenc.html#XMLSECENCCTXDECRYPT">xmlSecEncCtxDecrypt</a>                 (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> node);
-<font>xmlSecBufferPtr</font>     <a href="xmlsec-xmlenc.html#XMLSECENCCTXDECRYPTTOBUFFER">xmlSecEncCtxDecryptToBuffer</a>         (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> node);
-<font>void</font>                <a href="xmlsec-xmlenc.html#XMLSECENCCTXDEBUGDUMP">xmlSecEncCtxDebugDump</a>               (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-xmlenc.html#XMLSECENCCTXDEBUGXMLDUMP">xmlSecEncCtxDebugXmlDump</a>            (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>FILE</font> *output);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXBINARYENCRYPT">xmlSecEncCtxBinaryEncrypt</a>           (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXCOPYUSERPREF">xmlSecEncCtxCopyUserPref</a>            (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> src</code>);
+<gtkdoclink href="XMLSECENCCTXPTR"><span class="RETURNVALUE">xmlSecEncCtxPtr</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXCREATE">xmlSecEncCtxCreate</a>                  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXDEBUGDUMP">xmlSecEncCtxDebugDump</a>               (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXDEBUGXMLDUMP">xmlSecEncCtxDebugXmlDump</a>            (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXDECRYPT">xmlSecEncCtxDecrypt</a>                 (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
+<gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXDECRYPTTOBUFFER">xmlSecEncCtxDecryptToBuffer</a>         (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXDESTROY">xmlSecEncCtxDestroy</a>                 (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXFINALIZE">xmlSecEncCtxFinalize</a>                (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXINITIALIZE">xmlSecEncCtxInitialize</a>              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXRESET">xmlSecEncCtxReset</a>                   (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXURIENCRYPT">xmlSecEncCtxUriEncrypt</a>              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlenc.html#XMLSECENCCTXXMLENCRYPT">xmlSecEncCtxXmlEncrypt</a>              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-XMLENC.DESCRIPTION"></a><h2>Description</h2>
@@ -127,6 +127,12 @@ struct              <a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtx</a>;
 <div class="REFSECT1">
 <a name="XMLSEC-XMLENC.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
+<a name="XMLSEC-ENC-RETURN-REPLACED-NODE:CAPS"></a><h3>XMLSEC_ENC_RETURN_REPLACED_NODE</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_ENC_RETURN_REPLACED_NODE                 0x00000001</pre>
+<p>If this flag is set, then the replaced node will be returned in the replacedNodeList</p>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLENCCTXMODE"></a><h3>enum xmlEncCtxMode</h3>
 <pre class="PROGRAMLISTING">typedef enum {
     xmlEncCtxModeEncryptedData = 0,
@@ -134,459 +140,437 @@ struct              <a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtx</a>;
 } xmlEncCtxMode;</pre>
 <p>The <a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtx</span></a> mode.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLENCCTXMODEENCRYPTEDDATA"><span style="white-space: nowrap"><tt class="LITERAL">xmlEncCtxModeEncryptedData</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element procesing.</p></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element procesing.</p></td>
 </tr>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLENCCTXMODEENCRYPTEDKEY"><span style="white-space: nowrap"><tt class="LITERAL">xmlEncCtxModeEncryptedKey</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element processing.</p></td>
+<td align="LEFT" valign="TOP"><p>the <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> element processing.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSEC-ENC-RETURN-REPLACED-NODE--CAPS"></a><h3>XMLSEC_ENC_RETURN_REPLACED_NODE</h3>
-<pre class="PROGRAMLISTING">#define XMLSEC_ENC_RETURN_REPLACED_NODE			0x00000001</pre>
-<p>If this flag is set, then the replaced node will be returned in the replacedNodeList</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECENCCTX"></a><h3>struct xmlSecEncCtx</h3>
 <pre class="PROGRAMLISTING">struct xmlSecEncCtx {
     /* these data user can set before performing the operation */
-    void*			userData;
-    unsigned int		flags;
-    unsigned int		flags2;    
-    xmlEncCtxMode		mode;
-    xmlSecKeyInfoCtx		keyInfoReadCtx;
-    xmlSecKeyInfoCtx		keyInfoWriteCtx;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformId		defEncMethodId;
+    void*                       userData;
+    unsigned int                flags;
+    unsigned int                flags2;
+    xmlEncCtxMode               mode;
+    xmlSecKeyInfoCtx            keyInfoReadCtx;
+    xmlSecKeyInfoCtx            keyInfoWriteCtx;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformId           defEncMethodId;
 
     /* these data are returned */
-    xmlSecKeyPtr		encKey;
-    xmlSecTransformOperation	operation;
-    xmlSecBufferPtr		result;
-    int				resultBase64Encoded;
-    int				resultReplaced;
-    xmlSecTransformPtr		encMethod;
-		
-    /* attributes from EncryptedData or EncryptedKey */    
-    xmlChar*			id;
-    xmlChar*			type;
-    xmlChar*			mimeType;
-    xmlChar*			encoding;
-    xmlChar*			recipient;
-    xmlChar*			carriedKeyName;
+    xmlSecKeyPtr                encKey;
+    xmlSecTransformOperation    operation;
+    xmlSecBufferPtr             result;
+    int                         resultBase64Encoded;
+    int                         resultReplaced;
+    xmlSecTransformPtr          encMethod;
+
+    /* attributes from EncryptedData or EncryptedKey */
+    xmlChar*                    id;
+    xmlChar*                    type;
+    xmlChar*                    mimeType;
+    xmlChar*                    encoding;
+    xmlChar*                    recipient;
+    xmlChar*                    carriedKeyName;
 
     /* these are internal data, nobody should change that except us */
-    xmlNodePtr			encDataNode;
-    xmlNodePtr			encMethodNode;
-    xmlNodePtr			keyInfoNode;
-    xmlNodePtr			cipherValueNode;
-        
-    xmlNodePtr			replacedNodeList; /* the pointer to the replaced node */
-    void*			reserved1;	  /* reserved for future */
+    xmlNodePtr                  encDataNode;
+    xmlNodePtr                  encMethodNode;
+    xmlNodePtr                  keyInfoNode;
+    xmlNodePtr                  cipherValueNode;
+
+    xmlNodePtr                  replacedNodeList; /* the pointer to the replaced node */
+    void*                       reserved1;        /* reserved for future */
 };</pre>
 <p>XML Encrypiton context.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18498"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to user data (xmlsec and xmlsec-crypto libraries
-			never touches this).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22770"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">userData</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to user data (xmlsec and xmlsec-crypto libraries
+never touches this).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18504"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML Encryption processing flags.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22777"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML Encryption processing flags.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18510"><span style="white-space: nowrap">unsigned <font>int</font> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the XML Encryption processing flags.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22784"><span style="white-space: nowrap">unsigned <gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">flags2</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML Encryption processing flags.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18516"><span style="white-space: nowrap"><a href="xmlsec-xmlenc.html#XMLENCCTXMODE">xmlEncCtxMode</a> <code class="STRUCTFIELD">mode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the mode.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22791"><span style="white-space: nowrap"><a href="xmlsec-xmlenc.html#XMLENCCTXMODE"><span class="TYPE">xmlEncCtxMode</span></a> <code class="STRUCTFIELD">mode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mode.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18522"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> <code class="STRUCTFIELD">keyInfoReadCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the reading key context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22798"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> <code class="STRUCTFIELD">keyInfoReadCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the reading key context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18528"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX">xmlSecKeyInfoCtx</a> <code class="STRUCTFIELD">keyInfoWriteCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the writing key context (not used for signature verification).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22805"><span style="white-space: nowrap"><a href="xmlsec-keyinfo.html#XMLSECKEYINFOCTX"><span class="TYPE">xmlSecKeyInfoCtx</span></a> <code class="STRUCTFIELD">keyInfoWriteCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the writing key context (not used for signature verification).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18534"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX">xmlSecTransformCtx</a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the transforms processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22812"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMCTX"><span class="TYPE">xmlSecTransformCtx</span></a> <code class="STRUCTFIELD">transformCtx</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the transforms processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18540"><span style="white-space: nowrap"><font>xmlSecTransformId</font> <code class="STRUCTFIELD">defEncMethodId</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the default encryption method (used if
-			<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod" target="_top">&lt;enc:EncryptionMethod/&gt;</a> node is not present).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22819"><span style="white-space: nowrap"><gtkdoclink href="XMLSECTRANSFORMID"><span class="TYPE">xmlSecTransformId</span></gtkdoclink> <code class="STRUCTFIELD">defEncMethodId</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the default encryption method (used if
+<a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod" target="_top">&lt;enc:EncryptionMethod/&gt;</a> node is not present).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18547"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEY">xmlSecKeyPtr</a> <code class="STRUCTFIELD">encKey</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the signature key; application may set <gtkdoclink href="ENCKEY"><span class="TYPE">encKey</span></gtkdoclink>
-			before calling encryption/decryption functions.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22827"><span style="white-space: nowrap"><a href="xmlsec-keys.html#XMLSECKEY"><span class="TYPE">xmlSecKeyPtr</span></a> <code class="STRUCTFIELD">encKey</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the signature key; application may set <gtkdoclink href="ENCKEY"><span class="TYPE">encKey</span></gtkdoclink>
+before calling encryption/decryption functions.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18555"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION">xmlSecTransformOperation</a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the operation: encrypt or decrypt.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22836"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORMOPERATION"><span class="TYPE">xmlSecTransformOperation</span></a> <code class="STRUCTFIELD">operation</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the operation: encrypt or decrypt.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18561"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER">xmlSecBufferPtr</a> <code class="STRUCTFIELD">result</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to signature (not valid for signature verificaction).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22843"><span style="white-space: nowrap"><a href="xmlsec-buffer.html#XMLSECBUFFER"><span class="TYPE">xmlSecBufferPtr</span></a> <code class="STRUCTFIELD">result</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to signature (not valid for signature verification).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18567"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">resultBase64Encoded</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the flag: if set then result in <gtkdoclink href="RESULT"><span class="TYPE">result</span></gtkdoclink> is base64 encoded.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22850"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">resultBase64Encoded</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set then result in <gtkdoclink href="RESULT"><span class="TYPE">result</span></gtkdoclink> is base64 encoded.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18575"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">resultReplaced</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the flag: if set then resulted <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node is added to the document.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22859"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">resultReplaced</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the flag: if set then resulted <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node is added to the document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18583"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM">xmlSecTransformPtr</a> <code class="STRUCTFIELD">encMethod</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the pointer to encryption transform.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22868"><span style="white-space: nowrap"><a href="xmlsec-transforms.html#XMLSECTRANSFORM"><span class="TYPE">xmlSecTransformPtr</span></a> <code class="STRUCTFIELD">encMethod</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to encryption transform.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18589"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">id</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>				the ID attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22875"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">id</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the ID attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18597"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">type</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the Type attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22884"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">type</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Type attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18605"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">mimeType</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the MimeType attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22893"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">mimeType</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the MimeType attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18613"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">encoding</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the Encoding attributeof <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22902"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">encoding</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Encoding attributeof <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18621"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">recipient</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the Recipient attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node..</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22911"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">recipient</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the Recipient attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node..</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18628"><span style="white-space: nowrap"><font>xmlChar</font> *<code class="STRUCTFIELD">carriedKeyName</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the CarriedKeyName attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22919"><span style="white-space: nowrap"><gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">carriedKeyName</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the CarriedKeyName attribute of <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18635"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">encDataNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
-			or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22927"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">encDataNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a>
+or <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey" target="_top">&lt;enc:EncryptedKey/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18643"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">encMethodNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod" target="_top">&lt;enc:EncryptionMethod/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22936"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">encMethodNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptionMethod" target="_top">&lt;enc:EncryptionMethod/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18650"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">keyInfoNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-KeyInfo" target="_top">&lt;enc:KeyInfo/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22944"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">keyInfoNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-KeyInfo" target="_top">&lt;enc:KeyInfo/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18657"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">cipherValueNode</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22952"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">cipherValueNode</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-CipherValue" target="_top">&lt;enc:CipherValue/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18664"><span style="white-space: nowrap"><font>xmlNodePtr</font> <code class="STRUCTFIELD">replacedNodeList</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p> the first node of the list of replaced nodes depending on the nodeReplacementMode</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22960"><span style="white-space: nowrap"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> <code class="STRUCTFIELD">replacedNodeList</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the first node of the list of replaced nodes depending on the nodeReplacementMode</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18670"><span style="white-space: nowrap"><font>void</font> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>			reserved for the future.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22967"><span style="white-space: nowrap"><gtkdoclink href="VOID"><span class="TYPE">void</span></gtkdoclink> *<code class="STRUCTFIELD">reserved1</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>reserved for the future.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXCREATE"></a><h3>xmlSecEncCtxCreate ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecEncCtxPtr</font>     xmlSecEncCtxCreate                  (<a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
-<p>Creates <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element processing context.
-The caller is responsible for destroying returend object by calling 
-<a href="xmlsec-xmlenc.html#XMLSECENCCTXDESTROY"><span class="TYPE">xmlSecEncCtxDestroy</span></a> function.</p>
-<p></p>
+<a name="XMLSECENCCTXBINARYENCRYPT"></a><h3>xmlSecEncCtxBinaryEncrypt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxBinaryEncrypt           (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *data</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> dataSize</code>);</pre>
+<p>Encrypts <code class="PARAMETER">data</code> according to template <code class="PARAMETER">tmpl</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18689"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN22997"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18694"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated context object or NULL if an error
-occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23003"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECENCCTXDESTROY"></a><h3>xmlSecEncCtxDestroy ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecEncCtxDestroy                 (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);</pre>
-<p>Destroy context object created with <a href="xmlsec-xmlenc.html#XMLSECENCCTXCREATE"><span class="TYPE">xmlSecEncCtxCreate</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18711"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECENCCTXINITIALIZE"></a><h3>xmlSecEncCtxInitialize ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxInitialize              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR">xmlSecKeysMngrPtr</a> keysMngr);</pre>
-<p>Initializes <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element processing context.
-The caller is responsible for cleaing up returend object by calling 
-<a href="xmlsec-xmlenc.html#XMLSECENCCTXFINALIZE"><span class="TYPE">xmlSecEncCtxFinalize</span></a> function.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18731"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23009"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer for binary buffer.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18737"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to keys manager.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23014"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the <code class="PARAMETER">data</code> buffer size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18742"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23020"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXFINALIZE"></a><h3>xmlSecEncCtxFinalize ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecEncCtxFinalize                (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);</pre>
-<p>Cleans up <code class="PARAMETER">encCtx</code> object.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18758"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
 <a name="XMLSECENCCTXCOPYUSERPREF"></a><h3>xmlSecEncCtxCopyUserPref ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxCopyUserPref            (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> dst,
-                                                         <a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> src);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxCopyUserPref            (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> dst</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> src</code>);</pre>
 <p>Copies user preference from <code class="PARAMETER">src</code> context to <code class="PARAMETER">dst</code>.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18777"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to destination context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23042"><span style="white-space: nowrap"><code class="PARAMETER">dst</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to destination context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18782"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to source context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23047"><span style="white-space: nowrap"><code class="PARAMETER">src</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to source context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18787"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23052"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXRESET"></a><h3>xmlSecEncCtxReset ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecEncCtxReset                   (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx);</pre>
-<p>Resets <code class="PARAMETER">encCtx</code> object, user settings are not touched.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN18803"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECENCCTXBINARYENCRYPT"></a><h3>xmlSecEncCtxBinaryEncrypt ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxBinaryEncrypt           (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *data,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> dataSize);</pre>
-<p>Encrypts <code class="PARAMETER">data</code> according to template <code class="PARAMETER">tmpl</code>.</p>
-<p></p>
+<a name="XMLSECENCCTXCREATE"></a><h3>xmlSecEncCtxCreate ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECENCCTXPTR"><span class="RETURNVALUE">xmlSecEncCtxPtr</span></gtkdoclink>     xmlSecEncCtxCreate                  (<code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
+<p>Creates <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element processing context.
+The caller is responsible for destroying returned object by calling
+<a href="xmlsec-xmlenc.html#XMLSECENCCTXDESTROY"><span class="TYPE">xmlSecEncCtxDestroy</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18824"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN18830"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN18836"><span style="white-space: nowrap"><code class="PARAMETER">data</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer for binary buffer.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN18841"><span style="white-space: nowrap"><code class="PARAMETER">dataSize</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the <code class="PARAMETER">data</code> buffer size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23072"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18847"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23077"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated context object or NULL if an error
+occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXXMLENCRYPT"></a><h3>xmlSecEncCtxXmlEncrypt ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxXmlEncrypt              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         <font>xmlNodePtr</font> node);</pre>
-<p>Encrypts <code class="PARAMETER">node</code> according to template <code class="PARAMETER">tmpl</code>. If requested, <code class="PARAMETER">node</code> is replaced
-with result <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p>
-<p></p>
+<a name="XMLSECENCCTXDEBUGDUMP"></a><h3>xmlSecEncCtxDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecEncCtxDebugDump               (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the debug information about <code class="PARAMETER">encCtx</code> to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18868"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23099"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18874"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23105"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECENCCTXDEBUGXMLDUMP"></a><h3>xmlSecEncCtxDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecEncCtxDebugXmlDump            (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints the debug information about <code class="PARAMETER">encCtx</code> to <code class="PARAMETER">output</code> in XML format.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18880"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to node for encryption.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23127"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18885"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23133"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXURIENCRYPT"></a><h3>xmlSecEncCtxUriEncrypt ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxUriEncrypt              (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> tmpl,
-                                                         const <font>xmlChar</font> *uri);</pre>
-<p>Encrypts data from <code class="PARAMETER">uri</code> according to template <code class="PARAMETER">tmpl</code>.</p>
-<p></p>
+<a name="XMLSECENCCTXDECRYPT"></a><h3>xmlSecEncCtxDecrypt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxDecrypt                 (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Decrypts <code class="PARAMETER">node</code> and if necessary replaces <code class="PARAMETER">node</code> with decrypted data.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18904"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN18910"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23155"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18916"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the URI.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23161"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18921"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23167"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXDECRYPT"></a><h3>xmlSecEncCtxDecrypt ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecEncCtxDecrypt                 (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> node);</pre>
-<p>Decrypts <code class="PARAMETER">node</code> and if necessary replaces <code class="PARAMETER">node</code> with decrypted data.</p>
-<p></p>
+<a name="XMLSECENCCTXDECRYPTTOBUFFER"></a><h3>xmlSecEncCtxDecryptToBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECBUFFERPTR"><span class="RETURNVALUE">xmlSecBufferPtr</span></gtkdoclink>     xmlSecEncCtxDecryptToBuffer         (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Decrypts <code class="PARAMETER">node</code> data to the <code class="PARAMETER">encCtx</code> buffer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18939"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23189"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18945"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23195"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18951"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23201"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXDECRYPTTOBUFFER"></a><h3>xmlSecEncCtxDecryptToBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecBufferPtr</font>     xmlSecEncCtxDecryptToBuffer         (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>xmlNodePtr</font> node);</pre>
-<p>Decrypts <code class="PARAMETER">node</code> data to the <code class="PARAMETER">encCtx</code> buffer.</p>
+<a name="XMLSECENCCTXDESTROY"></a><h3>xmlSecEncCtxDestroy ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecEncCtxDestroy                 (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);</pre>
+<p>Destroy context object created with <a href="xmlsec-xmlenc.html#XMLSECENCCTXCREATE"><span class="TYPE">xmlSecEncCtxCreate</span></a> function.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN23220"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECENCCTXFINALIZE"></a><h3>xmlSecEncCtxFinalize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecEncCtxFinalize                (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);</pre>
+<p>Cleans up <code class="PARAMETER">encCtx</code> object.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN23239"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECENCCTXINITIALIZE"></a><h3>xmlSecEncCtxInitialize ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxInitialize              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-keysmngr.html#XMLSECKEYSMNGR"><span class="TYPE">xmlSecKeysMngrPtr</span></a> keysMngr</code>);</pre>
+<p>Initializes <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> element processing context.
+The caller is responsible for cleaning up returned object by calling
+<a href="xmlsec-xmlenc.html#XMLSECENCCTXFINALIZE"><span class="TYPE">xmlSecEncCtxFinalize</span></a> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18969"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23263"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18975"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23269"><span style="white-space: nowrap"><code class="PARAMETER">keysMngr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to keys manager.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18981"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23274"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXDEBUGDUMP"></a><h3>xmlSecEncCtxDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecEncCtxDebugDump               (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the debug information about <code class="PARAMETER">encCtx</code> to <code class="PARAMETER">output</code>.</p>
+<a name="XMLSECENCCTXRESET"></a><h3>xmlSecEncCtxReset ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecEncCtxReset                   (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>);</pre>
+<p>Resets <code class="PARAMETER">encCtx</code> object, user settings are not touched.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN23292"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECENCCTXURIENCRYPT"></a><h3>xmlSecEncCtxUriEncrypt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxUriEncrypt              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *uri</code>);</pre>
+<p>Encrypts data from <code class="PARAMETER">uri</code> according to template <code class="PARAMETER">tmpl</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN18999"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23318"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23324"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19005"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23330"><span style="white-space: nowrap"><code class="PARAMETER">uri</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the URI.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23335"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECENCCTXDEBUGXMLDUMP"></a><h3>xmlSecEncCtxDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecEncCtxDebugXmlDump            (<a href="xmlsec-xmlenc.html#XMLSECENCCTX">xmlSecEncCtxPtr</a> encCtx,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints the debug information about <code class="PARAMETER">encCtx</code> to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECENCCTXXMLENCRYPT"></a><h3>xmlSecEncCtxXmlEncrypt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecEncCtxXmlEncrypt              (<code class="PARAMETER"><a href="xmlsec-xmlenc.html#XMLSECENCCTX"><span class="TYPE">xmlSecEncCtxPtr</span></a> encCtx</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> tmpl</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Encrypts <code class="PARAMETER">node</code> according to template <code class="PARAMETER">tmpl</code>. If requested, <code class="PARAMETER">node</code> is replaced
+with result <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19023"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23362"><span style="white-space: nowrap"><code class="PARAMETER">encCtx</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> processing context.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23368"><span style="white-space: nowrap"><code class="PARAMETER">tmpl</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to <a href="http://www.w3.org/TR/xmlenc-core/#sec-EncryptedData" target="_top">&lt;enc:EncryptedData/&gt;</a> template node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23374"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node for encryption.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19029"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23379"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec-xmlsec.html b/docs/api/xmlsec-xmlsec.html
index b6720d63..de749fd8 100644
--- a/docs/api/xmlsec-xmlsec.html
+++ b/docs/api/xmlsec-xmlsec.html
@@ -87,22 +87,28 @@
 <h1>
 <a name="XMLSEC-XMLSEC"></a>xmlsec</h1>
 <div class="REFNAMEDIV">
-<a name="AEN19039"></a><h2>Name</h2>xmlsec -- Utility functions.</div>
+<a name="AEN23389"></a><h2>Name</h2>xmlsec -- Utility functions.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-XMLSEC.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">typedef             <font>xmlSecPtr</font>;
-#define             <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a>
+<pre class="SYNOPSIS">#define             <a href="xmlsec-xmlsec.html#ATTRIBUTE-UNUSED:CAPS">ATTRIBUTE_UNUSED</a>
+#define             <a href="xmlsec-xmlsec.html#XMLSEC-FUNC-TO-PTR:CAPS">XMLSEC_FUNC_TO_PTR</a>                  (func_type,
+                                                         func)
+#define             <a href="xmlsec-xmlsec.html#XMLSEC-PTR-TO-FUNC:CAPS">XMLSEC_PTR_TO_FUNC</a>                  (func_type,
+                                                         ptr)
+#define             <a href="xmlsec-xmlsec.html#XMLSEC-PTR-TO-FUNC-IMPL:CAPS">XMLSEC_PTR_TO_FUNC_IMPL</a>             (func_type)
+#define             <a href="xmlsec-xmlsec.html#XMLSEC-SIZE-BAD-CAST:CAPS">XMLSEC_SIZE_BAD_CAST</a>                (val)
 #define             <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a>
-<font>int</font>                 <a href="xmlsec-xmlsec.html#XMLSECINIT">xmlSecInit</a>                          (void);
-<font>int</font>                 <a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN">xmlSecShutdown</a>                      (void);
-#define             <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONEXACT">xmlSecCheckVersionExact</a>             ()
-#define             <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSION">xmlSecCheckVersion</a>                  ()
+#define             <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSION">xmlSecCheckVersion</a>
+#define             <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONEXACT">xmlSecCheckVersionExact</a>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONEXT">xmlSecCheckVersionExt</a>               (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> major</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> minor</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> subminor</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE"><span class="TYPE">xmlSecCheckVersionMode</span></a> mode</code>);
 enum                <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE">xmlSecCheckVersionMode</a>;
-<font>int</font>                 <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONEXT">xmlSecCheckVersionExt</a>               (<font>int</font> major,
-                                                         <font>int</font> minor,
-                                                         <font>int</font> subminor,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE">xmlSecCheckVersionMode</a> mode);
-#define             <a href="xmlsec-xmlsec.html#ATTRIBUTE-UNUSED--CAPS">ATTRIBUTE_UNUSED</a></pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlsec.html#XMLSECINIT">xmlSecInit</a>                          (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+typedef             <font>xmlSecPtr</font>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmlsec.html#XMLSECSHUTDOWN">xmlSecShutdown</a>                      (<code class="PARAMETER"><span class="TYPE">void</span></code>);
+#define             <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a></pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-XMLSEC.DESCRIPTION"></a><h2>Description</h2>
@@ -111,69 +117,122 @@ enum                <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE">xmlSecCh
 <div class="REFSECT1">
 <a name="XMLSEC-XMLSEC.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECPTR"></a><h3>xmlSecPtr</h3>
-<pre class="PROGRAMLISTING">typedef void*					xmlSecPtr;</pre>
-<p>Void pointer.</p>
-<p></p>
+<a name="ATTRIBUTE-UNUSED:CAPS"></a><h3>ATTRIBUTE_UNUSED</h3>
+<pre class="PROGRAMLISTING">#define ATTRIBUTE_UNUSED</pre>
+<p>Macro used to signal to GCC unused function parameters</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECSIZE"></a><h3>xmlSecSize</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecSize</pre>
-<p>Size of something. Should be typedef instead of define
-but it will break ABI (todo).</p>
+<a name="XMLSEC-FUNC-TO-PTR:CAPS"></a><h3>XMLSEC_FUNC_TO_PTR()</h3>
+<pre class="PROGRAMLISTING">#define             XMLSEC_FUNC_TO_PTR(func_type, func)</pre>
+<p>Macro converts from "func_type" function pointer to "void*" pointer.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23449"><span style="white-space: nowrap"><code class="PARAMETER">func_type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the function type.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23454"><span style="white-space: nowrap"><code class="PARAMETER">func</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the "func_type" function pointer to be converted.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBYTE"></a><h3>xmlSecByte</h3>
-<pre class="PROGRAMLISTING">#define xmlSecByte				unsigned char</pre>
-<p>One byte. Should be typedef instead of define
-but it will break ABI (todo).</p>
+<a name="XMLSEC-PTR-TO-FUNC:CAPS"></a><h3>XMLSEC_PTR_TO_FUNC()</h3>
+<pre class="PROGRAMLISTING">#define             XMLSEC_PTR_TO_FUNC(func_type, ptr)</pre>
+<p>Macro converts from "void*" pointer to "func_type" function pointer.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23466"><span style="white-space: nowrap"><code class="PARAMETER">func_type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the function type.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23471"><span style="white-space: nowrap"><code class="PARAMETER">ptr</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the "void*" pointer to be converted.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECINIT"></a><h3>xmlSecInit ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecInit                          (void);</pre>
-<p>Initializes XML Security Library. The depended libraries
-(LibXML and LibXSLT) must be initialized before.</p>
-<p></p>
+<a name="XMLSEC-PTR-TO-FUNC-IMPL:CAPS"></a><h3>XMLSEC_PTR_TO_FUNC_IMPL()</h3>
+<pre class="PROGRAMLISTING">#define             XMLSEC_PTR_TO_FUNC_IMPL(func_type)</pre>
+<p>Macro declares helper functions to convert between "void *" pointer and
+function pointer.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN19097"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23483"><span style="white-space: nowrap"><code class="PARAMETER">func_type</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the function type.</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECSHUTDOWN"></a><h3>xmlSecShutdown ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecShutdown                      (void);</pre>
-<p>Clean ups the XML Security Library.</p>
-<p></p>
+<a name="XMLSEC-SIZE-BAD-CAST:CAPS"></a><h3>XMLSEC_SIZE_BAD_CAST()</h3>
+<pre class="PROGRAMLISTING">#define XMLSEC_SIZE_BAD_CAST(val)               ((xmlSecSize)(val))</pre>
+<p>Bad cast to xmlSecSize</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN19111"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN23495"><span style="white-space: nowrap"><code class="PARAMETER">val</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the value to cast</p></td>
 </tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCHECKVERSIONEXACT"></a><h3>xmlSecCheckVersionExact()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecCheckVersionExact()</pre>
-<p>Macro. Returns 1 if the loaded xmlsec library version exactly matches 
-the one used to compile the caller, 0 if it does not or a negative
-value if an error occurs.</p>
-<p></p>
+<a name="XMLSECBYTE"></a><h3>xmlSecByte</h3>
+<pre class="PROGRAMLISTING">#define xmlSecByte                              unsigned char</pre>
+<p>One byte. Should be typedef instead of define
+but it will break ABI (todo).</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCHECKVERSION"></a><h3>xmlSecCheckVersion()</h3>
+<a name="XMLSECCHECKVERSION"></a><h3>xmlSecCheckVersion</h3>
 <pre class="PROGRAMLISTING">#define             xmlSecCheckVersion()</pre>
 <p>Macro. Returns 1 if the loaded xmlsec library version ABI compatible with
 the one used to compile the caller, 0 if it does not or a negative
 value if an error occurs.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCHECKVERSIONEXACT"></a><h3>xmlSecCheckVersionExact</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecCheckVersionExact()</pre>
+<p>Macro. Returns 1 if the loaded xmlsec library version exactly matches
+the one used to compile the caller, 0 if it does not or a negative
+value if an error occurs.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCHECKVERSIONEXT"></a><h3>xmlSecCheckVersionExt ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCheckVersionExt               (<code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> major</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> minor</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> subminor</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE"><span class="TYPE">xmlSecCheckVersionMode</span></a> mode</code>);</pre>
+<p>Checks if the loaded version of xmlsec library could be used.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23539"><span style="white-space: nowrap"><code class="PARAMETER">major</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the major version number.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23544"><span style="white-space: nowrap"><code class="PARAMETER">minor</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the minor version number.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23549"><span style="white-space: nowrap"><code class="PARAMETER">subminor</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the subminor version number.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23554"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the version check mode.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN23559"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if the loaded xmlsec library version is OK to use
+0 if it is not or a negative value if an error occurs.</p></td>
+</tr>
+</tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
@@ -184,58 +243,52 @@ value if an error occurs.</p>
 } xmlSecCheckVersionMode;</pre>
 <p>The xmlsec library version mode.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLSECCHECKVERSIONEXACTMATCH"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecCheckVersionExactMatch</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the version should match exactly.</p></td>
+<td align="LEFT" valign="TOP"><p>the version should match exactly.</p></td>
 </tr>
 <tr>
 <td align="LEFT" valign="TOP"><a name="XMLSECCHECKVERSIONABICOMPATIBLE"><span style="white-space: nowrap"><tt class="LITERAL">xmlSecCheckVersionABICompatible</tt></span></a></td>
-<td align="LEFT" valign="TOP"><p>	the version should be ABI compatible.</p></td>
+<td align="LEFT" valign="TOP"><p>the version should be ABI compatible.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCHECKVERSIONEXT"></a><h3>xmlSecCheckVersionExt ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCheckVersionExt               (<font>int</font> major,
-                                                         <font>int</font> minor,
-                                                         <font>int</font> subminor,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECCHECKVERSIONMODE">xmlSecCheckVersionMode</a> mode);</pre>
-<p>Checks if the loaded version of xmlsec library could be used.</p>
-<p></p>
+<a name="XMLSECINIT"></a><h3>xmlSecInit ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecInit                          (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Initializes XML Security Library. The depended libraries
+(LibXML and LibXSLT) must be initialized before.</p>
 <p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19161"><span style="white-space: nowrap"><code class="PARAMETER">major</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the major version number.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19166"><span style="white-space: nowrap"><code class="PARAMETER">minor</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the minor version number.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19171"><span style="white-space: nowrap"><code class="PARAMETER">subminor</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the subminor version number.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19176"><span style="white-space: nowrap"><code class="PARAMETER">mode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the version check mode.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19181"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if the loaded xmlsec library version is OK to use
-0 if it is not or a negative value if an error occurs.</p></td>
-</tr>
-</tbody></table>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN23592"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="ATTRIBUTE-UNUSED--CAPS"></a><h3>ATTRIBUTE_UNUSED</h3>
-<pre class="PROGRAMLISTING">#define             ATTRIBUTE_UNUSED</pre>
-<p>Macro used to signal to GCC unused function parameters</p>
+<a name="XMLSECPTR"></a><h3>xmlSecPtr</h3>
+<pre class="PROGRAMLISTING">typedef void*                                   xmlSecPtr;</pre>
+<p>Void pointer.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECSHUTDOWN"></a><h3>xmlSecShutdown ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecShutdown                      (<code class="PARAMETER"><span class="TYPE">void</span></code>);</pre>
+<p>Clean ups the XML Security Library.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN23614"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value otherwise.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECSIZE"></a><h3>xmlSecSize</h3>
+<pre class="PROGRAMLISTING">#define xmlSecSize                              unsigned int</pre>
+<p>Size of something. Should be typedef instead of define
+but it will break ABI (todo).</p>
 </div>
 </div>
 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
diff --git a/docs/api/xmlsec-xmltree.html b/docs/api/xmlsec-xmltree.html
index 2c874128..1094cbed 100644
--- a/docs/api/xmlsec-xmltree.html
+++ b/docs/api/xmlsec-xmltree.html
@@ -87,154 +87,154 @@
 <h1>
 <a name="XMLSEC-XMLTREE"></a>xmltree</h1>
 <div class="REFNAMEDIV">
-<a name="AEN19198"></a><h2>Name</h2>xmltree -- XML tree operations.</div>
+<a name="AEN23630"></a><h2>Name</h2>xmltree -- XML tree operations.</div>
 <div class="REFSYNOPSISDIV">
 <a name="XMLSEC-XMLTREE.SYNOPSIS"></a><h2>Synopsis</h2>
-<pre class="SYNOPSIS">#define             <a href="xmlsec-xmltree.html#XMLSECNODEGETNAME">xmlSecNodeGetName</a>                   (node)
-const <font>xmlChar</font>*      <a href="xmlsec-xmltree.html#XMLSECGETNODENSHREF">xmlSecGetNodeNsHref</a>                 (const <font>xmlNodePtr</font> cur);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECCHECKNODENAME">xmlSecCheckNodeName</a>                 (const <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECGETNEXTELEMENTNODE">xmlSecGetNextElementNode</a>            (<font>xmlNodePtr</font> cur);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECFINDCHILD">xmlSecFindChild</a>                     (const <font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECFINDPARENT">xmlSecFindParent</a>                    (const <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECFINDNODE">xmlSecFindNode</a>                      (const <font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECADDCHILD">xmlSecAddChild</a>                      (<font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECADDCHILDNODE">xmlSecAddChildNode</a>                  (<font>xmlNodePtr</font> parent,
-                                                         <font>xmlNodePtr</font> child);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECADDNEXTSIBLING">xmlSecAddNextSibling</a>                (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>xmlNodePtr</font>          <a href="xmlsec-xmltree.html#XMLSECADDPREVSIBLING">xmlSecAddPrevSibling</a>                (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACENODE">xmlSecReplaceNode</a>                   (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACENODEANDRETURN">xmlSecReplaceNodeAndReturn</a>          (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode,
-                                                         <font>xmlNodePtr</font> *replaced);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACECONTENT">xmlSecReplaceContent</a>                (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACECONTENTANDRETURN">xmlSecReplaceContentAndReturn</a>       (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode,
-                                                         <font>xmlNodePtr</font> *replaced);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACENODEBUFFER">xmlSecReplaceNodeBuffer</a>             (<font>xmlNodePtr</font> node,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECREPLACENODEBUFFERANDRETURN">xmlSecReplaceNodeBufferAndReturn</a>    (<font>xmlNodePtr</font> node,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size,
-                                                         <font>xmlNodePtr</font> *replaced);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECNODEENCODEANDSETCONTENT">xmlSecNodeEncodeAndSetContent</a>       (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *buffer);
-<font>void</font>                <a href="xmlsec-xmltree.html#XMLSECADDIDS">xmlSecAddIDs</a>                        (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> **ids);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECGENERATEANDADDID">xmlSecGenerateAndAddID</a>              (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         const <font>xmlChar</font> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);
-<font>xmlChar</font>*            <a href="xmlsec-xmltree.html#XMLSECGENERATEID">xmlSecGenerateID</a>                    (const <font>xmlChar</font> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);
-<font>xmlDocPtr</font>           <a href="xmlsec-xmltree.html#XMLSECCREATETREE">xmlSecCreateTree</a>                    (const <font>xmlChar</font> *rootNodeName,
-                                                         const <font>xmlChar</font> *rootNodeNs);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECISEMPTYNODE">xmlSecIsEmptyNode</a>                   (<font>xmlNodePtr</font> node);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECISEMPTYSTRING">xmlSecIsEmptyString</a>                 (const <font>xmlChar</font> *str);
-<font>xmlChar</font>*            <a href="xmlsec-xmltree.html#XMLSECGETQNAME">xmlSecGetQName</a>                      (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *href,
-                                                         const <font>xmlChar</font> *local);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECPRINTXMLSTRING">xmlSecPrintXmlString</a>                (<font>FILE</font> *fd,
-                                                         const <font>xmlChar</font> *str);
-#define             <a href="xmlsec-xmltree.html#XMLSECISHEX">xmlSecIsHex</a>                         (c)
-#define             <a href="xmlsec-xmltree.html#XMLSECGETHEX">xmlSecGetHex</a>                        (c)
-struct              <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERINFO">xmlSecQName2IntegerInfo</a>;
-typedef             <font>xmlSecQName2IntegerInfoConstPtr</font>;
-<font>xmlSecQName2IntegerInfoConstPtr</font>  <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINFO">xmlSecQName2IntegerGetInfo</a>
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINTEGER">xmlSecQName2IntegerGetInteger</a>       (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         const <font>xmlChar</font> *qnameHref,
-                                                         const <font>xmlChar</font> *qnameLocalPart,
-                                                         <font>int</font> *intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINTEGERFROMSTRING">xmlSecQName2IntegerGetIntegerFromString</a>
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *qname,
-                                                         <font>int</font> *intValue);
-<font>xmlChar</font> *           <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETSTRINGFROMINTEGER">xmlSecQName2IntegerGetStringFromInteger</a>
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERNODEREAD">xmlSecQName2IntegerNodeRead</a>         (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> *intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERNODEWRITE">xmlSecQName2IntegerNodeWrite</a>        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <font>int</font> intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERATTRIBUTEREAD">xmlSecQName2IntegerAttributeRead</a>    (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         <font>int</font> *intValue);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERATTRIBUTEWRITE">xmlSecQName2IntegerAttributeWrite</a>   (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         <font>int</font> intValue);
-<font>void</font>                <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERDEBUGDUMP">xmlSecQName2IntegerDebugDump</a>        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERDEBUGXMLDUMP">xmlSecQName2IntegerDebugXmlDump</a>     (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);
+<pre class="SYNOPSIS"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECADDCHILD">xmlSecAddChild</a>                      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECADDCHILDNODE">xmlSecAddChildNode</a>                  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> child</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECADDIDS">xmlSecAddIDs</a>                        (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **ids</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECADDNEXTSIBLING">xmlSecAddNextSibling</a>                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECADDPREVSIBLING">xmlSecAddPrevSibling</a>                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
 typedef             <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECCHECKNODENAME">xmlSecCheckNodeName</a>                 (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECCREATETREE">xmlSecCreateTree</a>                    (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *rootNodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *rootNodeNs</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECFINDCHILD">xmlSecFindChild</a>                     (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECFINDNODE">xmlSecFindNode</a>                      (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECFINDPARENT">xmlSecFindParent</a>                    (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECGENERATEANDADDID">xmlSecGenerateAndAddID</a>              (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-xmltree.html#XMLSECGENERATEID">xmlSecGenerateID</a>                    (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);
+#define             <a href="xmlsec-xmltree.html#XMLSECGETHEX">xmlSecGetHex</a>                        (c)
+<gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECGETNEXTELEMENTNODE">xmlSecGetNextElementNode</a>            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>);
+const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     <a href="xmlsec-xmltree.html#XMLSECGETNODENSHREF">xmlSecGetNodeNsHref</a>                 (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-xmltree.html#XMLSECGETQNAME">xmlSecGetQName</a>                      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *local</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECISEMPTYNODE">xmlSecIsEmptyNode</a>                   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECISEMPTYSTRING">xmlSecIsEmptyString</a>                 (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+#define             <a href="xmlsec-xmltree.html#XMLSECISHEX">xmlSecIsHex</a>                         (c)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECNODEENCODEANDSETCONTENT">xmlSecNodeEncodeAndSetContent</a>       (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *buffer</code>);
+#define             <a href="xmlsec-xmltree.html#XMLSECNODEGETNAME">xmlSecNodeGetName</a>                   (node)
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECPRINTXMLSTRING">xmlSecPrintXmlString</a>                (<code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *fd</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGDUMP">xmlSecQName2BitMaskDebugDump</a>        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGXMLDUMP">xmlSecQName2BitMaskDebugXmlDump</a>     (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETBITMASK">xmlSecQName2BitMaskGetBitMask</a>       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameLocalPart</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameHref</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETBITMASKFROMSTRING">xmlSecQName2BitMaskGetBitMaskFromString</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qname</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);
+<gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="RETURNVALUE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETINFO">xmlSecQName2BitMaskGetInfo</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETSTRINGFROMBITMASK">xmlSecQName2BitMaskGetStringFromBitMask</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);
 struct              <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKINFO">xmlSecQName2BitMaskInfo</a>;
 typedef             <font>xmlSecQName2BitMaskInfoConstPtr</font>;
-<font>xmlSecQName2BitMaskInfoConstPtr</font>  <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETINFO">xmlSecQName2BitMaskGetInfo</a>
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETBITMASK">xmlSecQName2BitMaskGetBitMask</a>       (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         const <font>xmlChar</font> *qnameLocalPart,
-                                                         const <font>xmlChar</font> *qnameHref,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKNODESREAD">xmlSecQName2BitMaskNodesRead</a>        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> *node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <font>int</font> stopOnUnknown,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETBITMASKFROMSTRING">xmlSecQName2BitMaskGetBitMaskFromString</a>
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *qname,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);
-<font>xmlChar</font> *           <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKGETSTRINGFROMBITMASK">xmlSecQName2BitMaskGetStringFromBitMask</a>
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);
-<font>int</font>                 <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKNODESWRITE">xmlSecQName2BitMaskNodesWrite</a>       (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);
-<font>void</font>                <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGDUMP">xmlSecQName2BitMaskDebugDump</a>        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);
-<font>void</font>                <a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKDEBUGXMLDUMP">xmlSecQName2BitMaskDebugXmlDump</a>     (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);</pre>
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKNODESREAD">xmlSecQName2BitMaskNodesRead</a>        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> stopOnUnknown</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2BITMASKNODESWRITE">xmlSecQName2BitMaskNodesWrite</a>       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERATTRIBUTEREAD">xmlSecQName2IntegerAttributeRead</a>    (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERATTRIBUTEWRITE">xmlSecQName2IntegerAttributeWrite</a>   (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERDEBUGDUMP">xmlSecQName2IntegerDebugDump</a>        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERDEBUGXMLDUMP">xmlSecQName2IntegerDebugXmlDump</a>     (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);
+<gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="RETURNVALUE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINFO">xmlSecQName2IntegerGetInfo</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINTEGER">xmlSecQName2IntegerGetInteger</a>       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameHref</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameLocalPart</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETINTEGERFROMSTRING">xmlSecQName2IntegerGetIntegerFromString</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qname</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);
+<gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERGETSTRINGFROMINTEGER">xmlSecQName2IntegerGetStringFromInteger</a>
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);
+struct              <a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERINFO">xmlSecQName2IntegerInfo</a>;
+typedef             <font>xmlSecQName2IntegerInfoConstPtr</font>;
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERNODEREAD">xmlSecQName2IntegerNodeRead</a>         (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECQNAME2INTEGERNODEWRITE">xmlSecQName2IntegerNodeWrite</a>        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACECONTENT">xmlSecReplaceContent</a>                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACECONTENTANDRETURN">xmlSecReplaceContentAndReturn</a>       (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACENODE">xmlSecReplaceNode</a>                   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACENODEANDRETURN">xmlSecReplaceNodeAndReturn</a>          (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACENODEBUFFER">xmlSecReplaceNodeBuffer</a>             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);
+<gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink><a href="xmlsec-xmltree.html#XMLSECREPLACENODEBUFFERANDRETURN">xmlSecReplaceNodeBufferAndReturn</a>    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);</pre>
 </div>
 <div class="REFSECT1">
 <a name="XMLSEC-XMLTREE.DESCRIPTION"></a><h2>Description</h2>
@@ -243,1330 +243,1279 @@ typedef             <font>xmlSecQName2BitMaskInfoConstPtr</font>;
 <div class="REFSECT1">
 <a name="XMLSEC-XMLTREE.DETAILS"></a><h2>Details</h2>
 <div class="REFSECT2">
-<a name="XMLSECNODEGETNAME"></a><h3>xmlSecNodeGetName()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecNodeGetName(node)</pre>
-<p>Macro. Returns node's name.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN19442"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to node.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECGETNODENSHREF"></a><h3>xmlSecGetNodeNsHref ()</h3>
-<pre class="PROGRAMLISTING">const <font>xmlChar</font>*      xmlSecGetNodeNsHref                 (const <font>xmlNodePtr</font> cur);</pre>
-<p>Get's node's namespace href.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19457"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the pointer to node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19462"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> node's namespace href.</p></td>
-</tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECCHECKNODENAME"></a><h3>xmlSecCheckNodeName ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecCheckNodeName                 (const <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Checks that the node has a given name and a given namespace href.</p>
-<p></p>
+<a name="XMLSECADDCHILD"></a><h3>xmlSecAddChild ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecAddChild                      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Adds a child to the node <code class="PARAMETER">parent</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19479"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24192"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19484"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the name,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24197"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19489"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the namespace href.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24202"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19494"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if the node matches or 0 otherwise.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24207"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the new node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGETNEXTELEMENTNODE"></a><h3>xmlSecGetNextElementNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecGetNextElementNode            (<font>xmlNodePtr</font> cur);</pre>
-<p>Seraches for the next element node.</p>
-<p></p>
+<a name="XMLSECADDCHILDNODE"></a><h3>xmlSecAddChildNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecAddChildNode                  (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> child</code>);</pre>
+<p>Adds <code class="PARAMETER">child</code> node to the <code class="PARAMETER">parent</code> node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19509"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24229"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19514"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to next element node or NULL if it is not found.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24234"><span style="white-space: nowrap"><code class="PARAMETER">child</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN24239"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the new node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECFINDCHILD"></a><h3>xmlSecFindChild ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecFindChild                     (const <font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Searches a direct child of the <code class="PARAMETER">parent</code> node having given name and 
-namespace href.</p>
-<p></p>
+<a name="XMLSECADDIDS"></a><h3>xmlSecAddIDs ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecAddIDs                        (<code class="PARAMETER"><gtkdoclink href="XMLDOC"><span class="TYPE">xmlDocPtr</span></gtkdoclink> doc</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> **ids</code>);</pre>
+<p>Walks thru all children of the <code class="PARAMETER">cur</code> node and adds all attributes
+from the <code class="PARAMETER">ids</code> list to the <code class="PARAMETER">doc</code> document IDs attributes hash.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19532"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24265"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML document.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19537"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24270"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19542"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the namespace href (may be NULL).</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19547"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the found node or NULL if an error occurs or 
-node is not found.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24275"><span style="white-space: nowrap"><code class="PARAMETER">ids</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to a NULL terminated list of ID attributes.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECFINDPARENT"></a><h3>xmlSecFindParent ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecFindParent                    (const <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Searches the ancestors axis of the <code class="PARAMETER">cur</code> node for a node having given name 
-and namespace href.</p>
-<p></p>
+<a name="XMLSECADDNEXTSIBLING"></a><h3>xmlSecAddNextSibling ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecAddNextSibling                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Adds next sibling to the node <code class="PARAMETER">node</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19565"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24301"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19570"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24306"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19575"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the namespace href (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24311"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19580"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the found node or NULL if an error occurs or 
-node is not found.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24316"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the new node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECFINDNODE"></a><h3>xmlSecFindNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecFindNode                      (const <font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Searches all children of the <code class="PARAMETER">parent</code> node having given name and 
-namespace href.</p>
-<p></p>
+<a name="XMLSECADDPREVSIBLING"></a><h3>xmlSecAddPrevSibling ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecAddPrevSibling                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Adds prev sibling to the node <code class="PARAMETER">node</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19598"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24342"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19603"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24347"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19608"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the namespace href (may be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24352"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19613"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the pointer to the found node or NULL if an error occurs or 
-node is not found.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24357"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the new node or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECADDCHILD"></a><h3>xmlSecAddChild ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecAddChild                      (<font>xmlNodePtr</font> parent,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Adds a child to the node <code class="PARAMETER">parent</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
-<p></p>
+<a name="XMLSECBITMASK"></a><h3>xmlSecBitMask</h3>
+<pre class="PROGRAMLISTING">typedef unsigned int                                    xmlSecBitMask;</pre>
+<p>Bitmask datatype.</p>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECCHECKNODENAME"></a><h3>xmlSecCheckNodeName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecCheckNodeName                 (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Checks that the node has a given name and a given namespace href.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19633"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24386"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19638"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24391"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name,</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19643"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24396"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the namespace href.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19648"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the new node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24401"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if the node matches or 0 otherwise.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECADDCHILDNODE"></a><h3>xmlSecAddChildNode ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecAddChildNode                  (<font>xmlNodePtr</font> parent,
-                                                         <font>xmlNodePtr</font> child);</pre>
-<p>Adds <code class="PARAMETER">child</code> node to the <code class="PARAMETER">parent</code> node.</p>
-<p></p>
+<a name="XMLSECCREATETREE"></a><h3>xmlSecCreateTree ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLDOC"><span class="RETURNVALUE">xmlDocPtr</span></gtkdoclink>           xmlSecCreateTree                    (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *rootNodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *rootNodeNs</code>);</pre>
+<p>Creates a new XML tree with one root node <code class="PARAMETER">rootNodeName</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19666"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24422"><span style="white-space: nowrap"><code class="PARAMETER">rootNodeName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the root node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19671"><span style="white-space: nowrap"><code class="PARAMETER">child</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24427"><span style="white-space: nowrap"><code class="PARAMETER">rootNodeNs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the root node namespace (otpional).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19676"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the new node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24432"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the newly created tree or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECADDNEXTSIBLING"></a><h3>xmlSecAddNextSibling ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecAddNextSibling                (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Adds next sibling to the node <code class="PARAMETER">node</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
-<p></p>
+<a name="XMLSECFINDCHILD"></a><h3>xmlSecFindChild ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecFindChild                     (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Searches a direct child of the <code class="PARAMETER">parent</code> node having given name and
+namespace href.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19696"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24456"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19701"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24461"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19706"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24466"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the namespace href (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19711"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the new node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24471"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the found node or NULL if an error occurs or
+node is not found.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECADDPREVSIBLING"></a><h3>xmlSecAddPrevSibling ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlNodePtr</font>          xmlSecAddPrevSibling                (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *name,
-                                                         const <font>xmlChar</font> *ns);</pre>
-<p>Adds prev sibling to the node <code class="PARAMETER">node</code> with given <code class="PARAMETER">name</code> and namespace <code class="PARAMETER">ns</code>.</p>
-<p></p>
+<a name="XMLSECFINDNODE"></a><h3>xmlSecFindNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecFindNode                      (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> parent</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Searches all children of the <code class="PARAMETER">parent</code> node having given name and
+namespace href.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19731"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24495"><span style="white-space: nowrap"><code class="PARAMETER">parent</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19736"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24500"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19741"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24505"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the namespace href (may be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19746"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the new node or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24510"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the found node or NULL if an error occurs or
+node is not found.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACENODE"></a><h3>xmlSecReplaceNode ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceNode                   (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode);</pre>
-<p>Swaps the <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code> in the XML tree.</p>
-<p></p>
+<a name="XMLSECFINDPARENT"></a><h3>xmlSecFindParent ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecFindParent                    (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *ns</code>);</pre>
+<p>Searches the ancestors axis of the <code class="PARAMETER">cur</code> node for a node having given name
+and namespace href.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19764"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24534"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19769"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24539"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19774"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24544"><span style="white-space: nowrap"><code class="PARAMETER">ns</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the namespace href (may be NULL).</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN24549"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the found node or NULL if an error occurs or
+node is not found.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACENODEANDRETURN"></a><h3>xmlSecReplaceNodeAndReturn ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceNodeAndReturn          (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode,
-                                                         <font>xmlNodePtr</font> *replaced);</pre>
-<p>Swaps the <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code> in the XML tree.</p>
-<p></p>
+<a name="XMLSECGENERATEANDADDID"></a><h3>xmlSecGenerateAndAddID ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecGenerateAndAddID              (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);</pre>
+<p>Generates a unique ID in the format &lt;<code class="PARAMETER">prefix</code>&gt;base64-encoded(<code class="PARAMETER">len</code> random bytes)
+and puts it in the attribute <code class="PARAMETER">attrName</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19793"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24578"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node to ID attr to.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN24583"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the ID attr name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19798"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24588"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the prefix to add to the generated ID (can be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19803"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>   	the replaced node, or release it if NULL is given</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24593"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the length of ID.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19808"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24598"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACECONTENT"></a><h3>xmlSecReplaceContent ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceContent                (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode);</pre>
-<p>Swaps the content of <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code>.</p>
-<p></p>
+<a name="XMLSECGENERATEID"></a><h3>xmlSecGenerateID ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecGenerateID                    (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *prefix</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> len</code>);</pre>
+<p>Generates a unique ID in the format &lt;<code class="PARAMETER">prefix</code>&gt;base64-encoded(<code class="PARAMETER">len</code> random bytes).
+The caller is responsible for freeing returned string using <code class="PARAMETER">xmlFree</code> function.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19826"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24621"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the prefix to add to the generated ID (can be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19831"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24626"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the length of ID.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19836"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24631"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to generated ID string or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACECONTENTANDRETURN"></a><h3>xmlSecReplaceContentAndReturn ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceContentAndReturn       (<font>xmlNodePtr</font> node,
-                                                         <font>xmlNodePtr</font> newNode,
-                                                         <font>xmlNodePtr</font> *replaced);</pre>
-<p>Swaps the content of <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code>.</p>
+<a name="XMLSECGETHEX"></a><h3>xmlSecGetHex()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecGetHex(c)</pre>
+<p>Macro. Returns the hex value of the <code class="PARAMETER">c</code>.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN24644"><span style="white-space: nowrap"><code class="PARAMETER">c</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the character,</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGETNEXTELEMENTNODE"></a><h3>xmlSecGetNextElementNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLNODEPTR"><span class="RETURNVALUE">xmlNodePtr</span></gtkdoclink>          xmlSecGetNextElementNode            (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>);</pre>
+<p>Seraches for the next element node.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19855"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24661"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19860"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the new node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24666"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to next element node or NULL if it is not found.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECGETNODENSHREF"></a><h3>xmlSecGetNodeNsHref ()</h3>
+<pre class="PROGRAMLISTING">const <gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *     xmlSecGetNodeNsHref                 (<code class="PARAMETER">const <gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> cur</code>);</pre>
+<p>Get's node's namespace href.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19865"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>   	the replaced nodes, or release them if NULL is given</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24683"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19870"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24688"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>node's namespace href.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACENODEBUFFER"></a><h3>xmlSecReplaceNodeBuffer ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceNodeBuffer             (<font>xmlNodePtr</font> node,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size);</pre>
-<p>Swaps the <code class="PARAMETER">node</code> and the parsed XML data from the <code class="PARAMETER">buffer</code> in the XML tree.</p>
-<p></p>
+<a name="XMLSECGETQNAME"></a><h3>xmlSecGetQName ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecGetQName                      (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *href</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *local</code>);</pre>
+<p>Creates QName (prefix:local) from <code class="PARAMETER">href</code> and <code class="PARAMETER">local</code> in the context of the <code class="PARAMETER">node</code>.
+Caller is responsible for freeing returned string with xmlFree.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19889"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24714"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the context node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19894"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XML data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24719"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName href (can be NULL).</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19899"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XML data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24724"><span style="white-space: nowrap"><code class="PARAMETER">local</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName local part.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19904"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24729"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>qname or NULL if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECREPLACENODEBUFFERANDRETURN"></a><h3>xmlSecReplaceNodeBufferAndReturn ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecReplaceNodeBufferAndReturn    (<font>xmlNodePtr</font> node,
-                                                         const <a href="xmlsec-xmlsec.html#XMLSECBYTE">xmlSecByte</a> *buffer,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> size,
-                                                         <font>xmlNodePtr</font> *replaced);</pre>
-<p>Swaps the <code class="PARAMETER">node</code> and the parsed XML data from the <code class="PARAMETER">buffer</code> in the XML tree.</p>
-<p></p>
+<a name="XMLSECISEMPTYNODE"></a><h3>xmlSecIsEmptyNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecIsEmptyNode                   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>);</pre>
+<p>Checks whethere the <code class="PARAMETER">node</code> is empty (i.e. has only whitespaces children).</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19924"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the current node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN19929"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XML data.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24747"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the node to check</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19934"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the XML data size.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24752"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if <code class="PARAMETER">node</code> is empty, 0 otherwise or a negative value if an error occurs.</p></td>
 </tr>
+</tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECISEMPTYSTRING"></a><h3>xmlSecIsEmptyString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecIsEmptyString                 (<code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Checks whethere the <code class="PARAMETER">str</code> is empty (i.e. has only whitespaces children).</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19939"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the replaced nodes, or release them if NULL is given</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24771"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string to check</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19944"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24776"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>1 if <code class="PARAMETER">str</code> is empty, 0 otherwise or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
+<a name="XMLSECISHEX"></a><h3>xmlSecIsHex()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecIsHex(c)</pre>
+<p>Macro. Returns 1 if <code class="PARAMETER">c</code> is a hex digit or 0 other wise.</p>
+<p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN24790"><span style="white-space: nowrap"><code class="PARAMETER">c</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the character.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
 <a name="XMLSECNODEENCODEANDSETCONTENT"></a><h3>xmlSecNodeEncodeAndSetContent ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecNodeEncodeAndSetContent       (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *buffer);</pre>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecNodeEncodeAndSetContent       (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *buffer</code>);</pre>
 <p>Encodes "special" characters in the <code class="PARAMETER">buffer</code> and sets the result
 as the node content.</p>
 <p></p>
-<p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19961"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		    the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24811"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to an XML node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19966"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to the node content.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24816"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to the node content.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19971"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24821"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECADDIDS"></a><h3>xmlSecAddIDs ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecAddIDs                        (<font>xmlDocPtr</font> doc,
-                                                         <font>xmlNodePtr</font> cur,
-                                                         const <font>xmlChar</font> **ids);</pre>
-<p>Walks thru all children of the <code class="PARAMETER">cur</code> node and adds all attributes 
-from the <code class="PARAMETER">ids</code> list to the <code class="PARAMETER">doc</code> document IDs attributes hash.</p>
+<a name="XMLSECNODEGETNAME"></a><h3>xmlSecNodeGetName()</h3>
+<pre class="PROGRAMLISTING">#define             xmlSecNodeGetName(node)</pre>
+<p>Macro. Returns node's name.</p>
 <p></p>
+<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
+<td align="LEFT" valign="TOP"><a name="AEN24833"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
+</tr></tbody></table>
+</div>
+<hr>
+<div class="REFSECT2">
+<a name="XMLSECPRINTXMLSTRING"></a><h3>xmlSecPrintXmlString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecPrintXmlString                (<code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *fd</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *str</code>);</pre>
+<p>Encodes the <code class="PARAMETER">str</code> (e.g. replaces '&amp;' with '&amp;amp;') and writes it to <code class="PARAMETER">fd</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19991"><span style="white-space: nowrap"><code class="PARAMETER">doc</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML document.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24855"><span style="white-space: nowrap"><code class="PARAMETER">fd</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the file descriptor to write the XML string to</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN19996"><span style="white-space: nowrap"><code class="PARAMETER">cur</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to an XML node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24860"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the string</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20001"><span style="white-space: nowrap"><code class="PARAMETER">ids</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the pointer to a NULL terminated list of ID attributes.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24865"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>he number of bytes transmitted or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGENERATEANDADDID"></a><h3>xmlSecGenerateAndAddID ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecGenerateAndAddID              (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         const <font>xmlChar</font> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);</pre>
-<p>Generates a unique ID in the format &lt;<code class="PARAMETER">prefix</code>&gt;base64-encoded(<code class="PARAMETER">len</code> random bytes)
-and puts it in the attribute <code class="PARAMETER">attrName</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKDEBUGDUMP"></a><h3>xmlSecQName2BitMaskDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecQName2BitMaskDebugDump        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">mask</code> to <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20022"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the node to ID attr to.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20027"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the ID attr name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24893"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20032"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the prefix to add to the generated ID (can be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24898"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20037"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the length of ID.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24903"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the value name to print.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20042"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24908"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGENERATEID"></a><h3>xmlSecGenerateID ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecGenerateID                    (const <font>xmlChar</font> *prefix,
-                                                         <a href="xmlsec-xmlsec.html#XMLSECSIZE">xmlSecSize</a> len);</pre>
-<p>Generates a unique ID in the format &lt;<code class="PARAMETER">prefix</code>&gt;base64-encoded(<code class="PARAMETER">len</code> random bytes).
-The caller is responsible for freeing returned string using <code class="PARAMETER">xmlFree</code> function.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKDEBUGXMLDUMP"></a><h3>xmlSecQName2BitMaskDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecQName2BitMaskDebugXmlDump     (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints debug information about <code class="PARAMETER">mask</code> to <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20061"><span style="white-space: nowrap"><code class="PARAMETER">prefix</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the prefix to add to the generated ID (can be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24936"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20066"><span style="white-space: nowrap"><code class="PARAMETER">len</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>			the length of ID.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24941"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20071"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to generated ID string or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24946"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the value name to print.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN24951"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECCREATETREE"></a><h3>xmlSecCreateTree ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlDocPtr</font>           xmlSecCreateTree                    (const <font>xmlChar</font> *rootNodeName,
-                                                         const <font>xmlChar</font> *rootNodeNs);</pre>
-<p>Creates a new XML tree with one root node <code class="PARAMETER">rootNodeName</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKGETBITMASK"></a><h3>xmlSecQName2BitMaskGetBitMask ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2BitMaskGetBitMask       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameLocalPart</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameHref</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);</pre>
+<p>Converts <code class="PARAMETER">qnameLocalPart</code> to <code class="PARAMETER">mask</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20088"><span style="white-space: nowrap"><code class="PARAMETER">rootNodeName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the root node name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24979"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20093"><span style="white-space: nowrap"><code class="PARAMETER">rootNodeNs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the root node namespace (otpional).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24984"><span style="white-space: nowrap"><code class="PARAMETER">qnameLocalPart</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname LocalPart value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20098"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the newly created tree or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24989"><span style="white-space: nowrap"><code class="PARAMETER">qnameHref</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname Href value.</p></td>
 </tr>
-</tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECISEMPTYNODE"></a><h3>xmlSecIsEmptyNode ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecIsEmptyNode                   (<font>xmlNodePtr</font> node);</pre>
-<p>Checks whethere the <code class="PARAMETER">node</code> is empty (i.e. has only whitespaces children).</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20114"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the node to check</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24994"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result mask.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20119"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if <code class="PARAMETER">node</code> is empty, 0 otherwise or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN24999"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECISEMPTYSTRING"></a><h3>xmlSecIsEmptyString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecIsEmptyString                 (const <font>xmlChar</font> *str);</pre>
-<p>Checks whethere the <code class="PARAMETER">str</code> is empty (i.e. has only whitespaces children).</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKGETBITMASKFROMSTRING"></a><h3>xmlSecQName2BitMaskGetBitMaskFromString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2BitMaskGetBitMaskFromString
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qname</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);</pre>
+<p>Converts <code class="PARAMETER">qname</code> into integer in context of <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20136"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the string to check</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25027"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25032"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20141"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 1 if <code class="PARAMETER">str</code> is empty, 0 otherwise or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25037"><span style="white-space: nowrap"><code class="PARAMETER">qname</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname string.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25042"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result msk value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25047"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECGETQNAME"></a><h3>xmlSecGetQName ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font>*            xmlSecGetQName                      (<font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *href,
-                                                         const <font>xmlChar</font> *local);</pre>
-<p>Creates QName (prefix:local) from <code class="PARAMETER">href</code> and <code class="PARAMETER">local</code> in the context of the <code class="PARAMETER">node</code>.
-Caller is responsible for freeing returned string with xmlFree.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKGETINFO"></a><h3>xmlSecQName2BitMaskGetInfo ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="RETURNVALUE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> xmlSecQName2BitMaskGetInfo
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);</pre>
+<p>Converts <code class="PARAMETER">mask</code> to qname.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20162"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the context node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25068"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20167"><span style="white-space: nowrap"><code class="PARAMETER">href</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the QName href (can be NULL).</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25073"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20172"><span style="white-space: nowrap"><code class="PARAMETER">local</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the QName local part.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20177"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> qname or NULL if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25078"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to the qname info for <code class="PARAMETER">mask</code> or NULL if mask is unknown.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECPRINTXMLSTRING"></a><h3>xmlSecPrintXmlString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecPrintXmlString                (<font>FILE</font> *fd,
-                                                         const <font>xmlChar</font> *str);</pre>
-<p>Encodes the <code class="PARAMETER">str</code> (e.g. replaces '&amp;' with '&amp;amp;') and writes it to <code class="PARAMETER">fd</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKGETSTRINGFROMBITMASK"></a><h3>xmlSecQName2BitMaskGetStringFromBitMask ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecQName2BitMaskGetStringFromBitMask
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);</pre>
+<p>Creates qname string for <code class="PARAMETER">mask</code> in context of given <code class="PARAMETER">node</code>. Caller
+is responsible for freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20195"><span style="white-space: nowrap"><code class="PARAMETER">fd</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>                the file descriptor to write the XML string to</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25105"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25110"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20200"><span style="white-space: nowrap"><code class="PARAMETER">str</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the string</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25115"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mask.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20205"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> he number of bytes transmitted or a negative value if an error occurs.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25120"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated string on success or NULL if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECISHEX"></a><h3>xmlSecIsHex()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecIsHex(c)</pre>
-<p>Macro. Returns 1 if <code class="PARAMETER">c</code> is a hex digit or 0 other wise.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN20219"><span style="white-space: nowrap"><code class="PARAMETER">c</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the character.</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECGETHEX"></a><h3>xmlSecGetHex()</h3>
-<pre class="PROGRAMLISTING">#define             xmlSecGetHex(c)</pre>
-<p>Macro. Returns the hex value of the <code class="PARAMETER">c</code>.</p>
-<p></p>
-<p></p>
-<table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody><tr>
-<td align="LEFT" valign="TOP"><a name="AEN20233"><span style="white-space: nowrap"><code class="PARAMETER">c</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 			the character,</p></td>
-</tr></tbody></table>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERINFO"></a><h3>struct xmlSecQName2IntegerInfo</h3>
-<pre class="PROGRAMLISTING">struct xmlSecQName2IntegerInfo {
+<a name="XMLSECQNAME2BITMASKINFO"></a><h3>struct xmlSecQName2BitMaskInfo</h3>
+<pre class="PROGRAMLISTING">struct xmlSecQName2BitMaskInfo {
     const xmlChar*      qnameHref;
     const xmlChar*      qnameLocalPart;
-    int       		intValue;
+    xmlSecBitMask       mask;
 };</pre>
-<p>QName &lt;-&gt; Integer conversion definition.</p>
-<p></p>
+<p>QName &lt;-&gt; Bitmask conversion definition.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20246"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">qnameHref</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the QName href</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25132"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">qnameHref</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName href</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20252"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">qnameLocalPart</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the QName local</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25139"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">qnameLocalPart</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName local</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20258"><span style="white-space: nowrap"><font>int</font> <code class="STRUCTFIELD">intValue</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the integer value</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25146"><span style="white-space: nowrap"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> <code class="STRUCTFIELD">mask</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bitmask value</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERINFOCONSTPTR"></a><h3>xmlSecQName2IntegerInfoConstPtr</h3>
-<pre class="PROGRAMLISTING">typedef const xmlSecQName2IntegerInfo *		xmlSecQName2IntegerInfoConstPtr;</pre>
-<p>Pointer to constant QName &lt;-&gt; Integer conversion definition.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKINFOCONSTPTR"></a><h3>xmlSecQName2BitMaskInfoConstPtr</h3>
+<pre class="PROGRAMLISTING">typedef const xmlSecQName2BitMaskInfo*          xmlSecQName2BitMaskInfoConstPtr;</pre>
+<p>Pointer to constant QName &lt;-&gt; Bitmask conversion definition.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERGETINFO"></a><h3>xmlSecQName2IntegerGetInfo ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecQName2IntegerInfoConstPtr</font>  xmlSecQName2IntegerGetInfo
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue);</pre>
-<p>Maps integer <code class="PARAMETER">intValue</code> to a QName prefix.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKNODESREAD"></a><h3>xmlSecQName2BitMaskNodesRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2BitMaskNodesRead        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> stopOnUnknown</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> *mask</code>);</pre>
+<p>Reads &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elements and puts the result bit mask
+into <code class="PARAMETER">mask</code>. When function exits, <code class="PARAMETER">node</code> points to the first element node
+after all the &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elements.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20283"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25192"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20288"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25197"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the start.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20293"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> the QName info that is mapped to <code class="PARAMETER">intValue</code> or NULL if such value
-is not found.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25202"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mask nodes name.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25207"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mask nodes namespace.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25212"><span style="white-space: nowrap"><code class="PARAMETER">stopOnUnknown</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>if this flag is set then function exits if unknown
+value was found.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25217"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result mask.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25222"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERGETINTEGER"></a><h3>xmlSecQName2IntegerGetInteger ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerGetInteger       (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         const <font>xmlChar</font> *qnameHref,
-                                                         const <font>xmlChar</font> *qnameLocalPart,
-                                                         <font>int</font> *intValue);</pre>
-<p>Maps qname qname to an integer and returns it in <code class="PARAMETER">intValue</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2BITMASKNODESWRITE"></a><h3>xmlSecQName2BitMaskNodesWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2BitMaskNodesWrite       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2BITMASKINFOCONST"><span class="TYPE">xmlSecQName2BitMaskInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmltree.html#XMLSECBITMASK"><span class="TYPE">xmlSecBitMask</span></a> mask</code>);</pre>
+<p>Writes &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elemnts with values from <code class="PARAMETER">mask</code> to <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20313"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25255"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;bit mask mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20318"><span style="white-space: nowrap"><code class="PARAMETER">qnameHref</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>          the qname href value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25260"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the parent element for mask nodes.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20323"><span style="white-space: nowrap"><code class="PARAMETER">qnameLocalPart</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the qname local part value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25265"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mask nodes name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20328"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to result integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25270"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the mask nodes namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20333"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25275"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the bit mask.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25280"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERGETINTEGERFROMSTRING"></a><h3>xmlSecQName2IntegerGetIntegerFromString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerGetIntegerFromString
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *qname,
-                                                         <font>int</font> *intValue);</pre>
-<p>Converts <code class="PARAMETER">qname</code> into integer in context of <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERATTRIBUTEREAD"></a><h3>xmlSecQName2IntegerAttributeRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerAttributeRead    (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);</pre>
+<p>Gets the value of <code class="PARAMETER">attrName</code> atrtibute from <code class="PARAMETER">node</code> and converts it to integer
+according to <code class="PARAMETER">info</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20353"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25309"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20358"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25314"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the element node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20363"><span style="white-space: nowrap"><code class="PARAMETER">qname</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the qname string.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25319"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the attribute name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20368"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to result integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25324"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20373"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25329"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERGETSTRINGFROMINTEGER"></a><h3>xmlSecQName2IntegerGetStringFromInteger ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font> *           xmlSecQName2IntegerGetStringFromInteger
-                                                        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> intValue);</pre>
-<p>Creates qname string for <code class="PARAMETER">intValue</code> in context of given <code class="PARAMETER">node</code>. Caller
-is responsible for freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERATTRIBUTEWRITE"></a><h3>xmlSecQName2IntegerAttributeWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerAttributeWrite   (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *attrName</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);</pre>
+<p>Converts <code class="PARAMETER">intValue</code> to a qname and sets it to the value of
+attribute <code class="PARAMETER">attrName</code> in <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20393"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25358"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20398"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25363"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the parent node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20403"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25368"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the name of attribute.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20408"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated string on success or NULL if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25373"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25378"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERNODEREAD"></a><h3>xmlSecQName2IntegerNodeRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerNodeRead         (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <font>int</font> *intValue);</pre>
-<p>Reads the content of <code class="PARAMETER">node</code> and converts it to an integer using mapping 
-from <code class="PARAMETER">info</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERDEBUGDUMP"></a><h3>xmlSecQName2IntegerDebugDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecQName2IntegerDebugDump        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints <code class="PARAMETER">intValue</code> into <code class="PARAMETER">output</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20427"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25406"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20432"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25411"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20437"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to result integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25416"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the value name to print.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20442"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25421"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERNODEWRITE"></a><h3>xmlSecQName2IntegerNodeWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerNodeWrite        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <font>int</font> intValue);</pre>
-<p>Creates new child node in <code class="PARAMETER">node</code> and sets its value to <code class="PARAMETER">intValue</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERDEBUGXMLDUMP"></a><h3>xmlSecQName2IntegerDebugXmlDump ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="VOID"><span class="RETURNVALUE">void</span></gtkdoclink>                xmlSecQName2IntegerDebugXmlDump     (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *name</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="FILE:CAPS"><span class="TYPE">FILE</span></gtkdoclink> *output</code>);</pre>
+<p>Prints <code class="PARAMETER">intValue</code> into <code class="PARAMETER">output</code> in XML format.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20463"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20468"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the parent node.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20473"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the child node name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25449"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20478"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the child node namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25454"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20483"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25459"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the value name to print.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20488"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25464"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to output FILE.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERATTRIBUTEREAD"></a><h3>xmlSecQName2IntegerAttributeRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerAttributeRead    (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         <font>int</font> *intValue);</pre>
-<p>Gets the value of <code class="PARAMETER">attrName</code> atrtibute from <code class="PARAMETER">node</code> and converts it to integer
-according to <code class="PARAMETER">info</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERGETINFO"></a><h3>xmlSecQName2IntegerGetInfo ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="RETURNVALUE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> xmlSecQName2IntegerGetInfo
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);</pre>
+<p>Maps integer <code class="PARAMETER">intValue</code> to a QName prefix.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20509"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25485"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20514"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the element node. </p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25490"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20519"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the attribute name.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20524"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the pointer to result integer value.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20529"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25495"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName info that is mapped to <code class="PARAMETER">intValue</code> or NULL if such value
+is not found.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERATTRIBUTEWRITE"></a><h3>xmlSecQName2IntegerAttributeWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2IntegerAttributeWrite   (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *attrName,
-                                                         <font>int</font> intValue);</pre>
-<p>Converts <code class="PARAMETER">intValue</code> to a qname and sets it to the value of 
-attribute <code class="PARAMETER">attrName</code> in <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERGETINTEGER"></a><h3>xmlSecQName2IntegerGetInteger ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerGetInteger       (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameHref</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qnameLocalPart</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);</pre>
+<p>Maps qname qname to an integer and returns it in <code class="PARAMETER">intValue</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20550"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25523"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20555"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the parent node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25528"><span style="white-space: nowrap"><code class="PARAMETER">qnameHref</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname href value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20560"><span style="white-space: nowrap"><code class="PARAMETER">attrName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the name of attribute.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25533"><span style="white-space: nowrap"><code class="PARAMETER">qnameLocalPart</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname local part value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20565"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25538"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20570"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25543"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERDEBUGDUMP"></a><h3>xmlSecQName2IntegerDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecQName2IntegerDebugDump        (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints <code class="PARAMETER">intValue</code> into <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERGETINTEGERFROMSTRING"></a><h3>xmlSecQName2IntegerGetIntegerFromString ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerGetIntegerFromString
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *qname</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);</pre>
+<p>Converts <code class="PARAMETER">qname</code> into integer in context of <code class="PARAMETER">node</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20590"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25571"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25576"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20595"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25581"><span style="white-space: nowrap"><code class="PARAMETER">qname</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname string.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20600"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the value name to print.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25586"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20605"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25591"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2INTEGERDEBUGXMLDUMP"></a><h3>xmlSecQName2IntegerDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecQName2IntegerDebugXmlDump     (<font>xmlSecQName2IntegerInfoConstPtr</font> info,
-                                                         <font>int</font> intValue,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints <code class="PARAMETER">intValue</code> into <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERGETSTRINGFROMINTEGER"></a><h3>xmlSecQName2IntegerGetStringFromInteger ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="XMLCHAR"><span class="RETURNVALUE">xmlChar</span></gtkdoclink> *           xmlSecQName2IntegerGetStringFromInteger
+                                                        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);</pre>
+<p>Creates qname string for <code class="PARAMETER">intValue</code> in context of given <code class="PARAMETER">node</code>. Caller
+is responsible for freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20625"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25617"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20630"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the integer value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25622"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20635"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the value name to print.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25627"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20640"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25632"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>pointer to newly allocated string on success or NULL if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECBITMASK"></a><h3>xmlSecBitMask</h3>
-<pre class="PROGRAMLISTING">typedef unsigned int                            	xmlSecBitMask;</pre>
-<p>Bitmask datatype.</p>
-<p></p>
-</div>
-<hr>
-<div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKINFO"></a><h3>struct xmlSecQName2BitMaskInfo</h3>
-<pre class="PROGRAMLISTING">struct xmlSecQName2BitMaskInfo {
+<a name="XMLSECQNAME2INTEGERINFO"></a><h3>struct xmlSecQName2IntegerInfo</h3>
+<pre class="PROGRAMLISTING">struct xmlSecQName2IntegerInfo {
     const xmlChar*      qnameHref;
     const xmlChar*      qnameLocalPart;
-    xmlSecBitMask       mask;
+    int                 intValue;
 };</pre>
-<p>QName &lt;-&gt; Bitmask conversion definition.</p>
-<p></p>
+<p>QName &lt;-&gt; Integer conversion definition.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20660"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">qnameHref</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the QName href</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25644"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">qnameHref</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName href</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20666"><span style="white-space: nowrap">const <font>xmlChar</font> *<code class="STRUCTFIELD">qnameLocalPart</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>	the QName local</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25651"><span style="white-space: nowrap">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *<code class="STRUCTFIELD">qnameLocalPart</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the QName local</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20672"><span style="white-space: nowrap"><a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> <code class="STRUCTFIELD">mask</code>;</span></a></td>
-<td align="LEFT" valign="TOP"><p>		the bitmask value</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25658"><span style="white-space: nowrap"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> <code class="STRUCTFIELD">intValue</code>;</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKINFOCONSTPTR"></a><h3>xmlSecQName2BitMaskInfoConstPtr</h3>
-<pre class="PROGRAMLISTING">typedef const xmlSecQName2BitMaskInfo*		xmlSecQName2BitMaskInfoConstPtr;</pre>
-<p>Pointer to constant QName &lt;-&gt; Bitmask conversion definition.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERINFOCONSTPTR"></a><h3>xmlSecQName2IntegerInfoConstPtr</h3>
+<pre class="PROGRAMLISTING">typedef const xmlSecQName2IntegerInfo *         xmlSecQName2IntegerInfoConstPtr;</pre>
+<p>Pointer to constant QName &lt;-&gt; Integer conversion definition.</p>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKGETINFO"></a><h3>xmlSecQName2BitMaskGetInfo ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlSecQName2BitMaskInfoConstPtr</font>  xmlSecQName2BitMaskGetInfo
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);</pre>
-<p>Converts <code class="PARAMETER">mask</code> to qname.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERNODEREAD"></a><h3>xmlSecQName2IntegerNodeRead ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerNodeRead         (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> *intValue</code>);</pre>
+<p>Reads the content of <code class="PARAMETER">node</code> and converts it to an integer using mapping
+from <code class="PARAMETER">info</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20697"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25691"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20702"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the bit mask.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25696"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20707"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to the qname info for <code class="PARAMETER">mask</code> or NULL if mask is unknown.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25701"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the pointer to result integer value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25706"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKGETBITMASK"></a><h3>xmlSecQName2BitMaskGetBitMask ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2BitMaskGetBitMask       (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         const <font>xmlChar</font> *qnameLocalPart,
-                                                         const <font>xmlChar</font> *qnameHref,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);</pre>
-<p>Converts <code class="PARAMETER">qnameLocalPart</code> to <code class="PARAMETER">mask</code>.</p>
-<p></p>
+<a name="XMLSECQNAME2INTEGERNODEWRITE"></a><h3>xmlSecQName2IntegerNodeWrite ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecQName2IntegerNodeWrite        (<code class="PARAMETER"><gtkdoclink href="XMLSECQNAME2INTEGERINFOCONST"><span class="TYPE">xmlSecQName2IntegerInfoConstPtr</span></gtkdoclink> info</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeName</code>,
+                                                         <code class="PARAMETER">const <gtkdoclink href="XMLCHAR"><span class="TYPE">xmlChar</span></gtkdoclink> *nodeNs</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="INT"><span class="TYPE">int</span></gtkdoclink> intValue</code>);</pre>
+<p>Creates new child node in <code class="PARAMETER">node</code> and sets its value to <code class="PARAMETER">intValue</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20728"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25737"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the qname&lt;-&gt;integer mapping information.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20733"><span style="white-space: nowrap"><code class="PARAMETER">qnameLocalPart</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>     the qname LocalPart value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25742"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the parent node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20738"><span style="white-space: nowrap"><code class="PARAMETER">qnameHref</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>          the qname Href value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25747"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the child node name.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20743"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to result mask.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25752"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the child node namespace.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20748"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25757"><span style="white-space: nowrap"><code class="PARAMETER">intValue</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the integer value.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25762"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs,</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKNODESREAD"></a><h3>xmlSecQName2BitMaskNodesRead ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2BitMaskNodesRead        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> *node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <font>int</font> stopOnUnknown,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);</pre>
-<p>Reads &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elements and puts the result bit mask
-into <code class="PARAMETER">mask</code>. When function exits, <code class="PARAMETER">node</code> points to the first element node
-after all the &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elements.</p>
-<p></p>
+<a name="XMLSECREPLACECONTENT"></a><h3>xmlSecReplaceContent ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceContent                (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>);</pre>
+<p>Swaps the content of <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20774"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20779"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the start.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25784"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20784"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the mask nodes name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25789"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20789"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the mask nodes namespace.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20794"><span style="white-space: nowrap"><code class="PARAMETER">stopOnUnknown</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>	if this flag is set then function exits if unknown
-		value was found.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20799"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to result mask.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20804"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25794"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKGETBITMASKFROMSTRING"></a><h3>xmlSecQName2BitMaskGetBitMaskFromString ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2BitMaskGetBitMaskFromString
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *qname,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> *mask);</pre>
-<p>Converts <code class="PARAMETER">qname</code> into integer in context of <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECREPLACECONTENTANDRETURN"></a><h3>xmlSecReplaceContentAndReturn ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceContentAndReturn       (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);</pre>
+<p>Swaps the content of <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code>.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20824"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20829"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25819"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20834"><span style="white-space: nowrap"><code class="PARAMETER">qname</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>              the qname string.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25824"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20839"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to result msk value.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25829"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the replaced nodes, or release them if NULL is given</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20844"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25834"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKGETSTRINGFROMBITMASK"></a><h3>xmlSecQName2BitMaskGetStringFromBitMask ()</h3>
-<pre class="PROGRAMLISTING"><font>xmlChar</font> *           xmlSecQName2BitMaskGetStringFromBitMask
-                                                        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);</pre>
-<p>Creates qname string for <code class="PARAMETER">mask</code> in context of given <code class="PARAMETER">node</code>. Caller
-is responsible for freeing returned string with <code class="PARAMETER">xmlFree</code>.</p>
-<p></p>
+<a name="XMLSECREPLACENODE"></a><h3>xmlSecReplaceNode ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceNode                   (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>);</pre>
+<p>Swaps the <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code> in the XML tree.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20864"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;integer mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25856"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20869"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the pointer to node.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25861"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20874"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the mask.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20879"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> pointer to newly allocated string on success or NULL if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25866"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKNODESWRITE"></a><h3>xmlSecQName2BitMaskNodesWrite ()</h3>
-<pre class="PROGRAMLISTING"><font>int</font>                 xmlSecQName2BitMaskNodesWrite       (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <font>xmlNodePtr</font> node,
-                                                         const <font>xmlChar</font> *nodeName,
-                                                         const <font>xmlChar</font> *nodeNs,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask);</pre>
-<p>Writes &lt;<code class="PARAMETER">nodeNs</code>:<code class="PARAMETER">nodeName</code>&gt; elemnts with values from <code class="PARAMETER">mask</code> to <code class="PARAMETER">node</code>.</p>
-<p></p>
+<a name="XMLSECREPLACENODEANDRETURN"></a><h3>xmlSecReplaceNodeAndReturn ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceNodeAndReturn          (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> newNode</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);</pre>
+<p>Swaps the <code class="PARAMETER">node</code> and <code class="PARAMETER">newNode</code> in the XML tree.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20902"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20907"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the parent element for mask nodes.</p></td>
-</tr>
-<tr>
-<td align="LEFT" valign="TOP"><a name="AEN20912"><span style="white-space: nowrap"><code class="PARAMETER">nodeName</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>           the mask nodes name.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25891"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20917"><span style="white-space: nowrap"><code class="PARAMETER">nodeNs</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the mask nodes namespace.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25896"><span style="white-space: nowrap"><code class="PARAMETER">newNode</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the new node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20922"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the bit mask.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25901"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the replaced node, or release it if NULL is given</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20927"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 0 on success or a negative value if an error occurs,</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25906"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKDEBUGDUMP"></a><h3>xmlSecQName2BitMaskDebugDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecQName2BitMaskDebugDump        (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">mask</code> to <code class="PARAMETER">output</code>.</p>
-<p></p>
+<a name="XMLSECREPLACENODEBUFFER"></a><h3>xmlSecReplaceNodeBuffer ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceNodeBuffer             (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>);</pre>
+<p>Swaps the <code class="PARAMETER">node</code> and the parsed XML data from the <code class="PARAMETER">buffer</code> in the XML tree.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20947"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25931"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20952"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the bit mask.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25936"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20957"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the value name to print.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25941"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20962"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25946"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
 <hr>
 <div class="REFSECT2">
-<a name="XMLSECQNAME2BITMASKDEBUGXMLDUMP"></a><h3>xmlSecQName2BitMaskDebugXmlDump ()</h3>
-<pre class="PROGRAMLISTING"><font>void</font>                xmlSecQName2BitMaskDebugXmlDump     (<font>xmlSecQName2BitMaskInfoConstPtr</font> info,
-                                                         <a href="xmlsec-xmltree.html#XMLSECBITMASK">xmlSecBitMask</a> mask,
-                                                         const <font>xmlChar</font> *name,
-                                                         <font>FILE</font> *output);</pre>
-<p>Prints debug information about <code class="PARAMETER">mask</code> to <code class="PARAMETER">output</code> in XML format.</p>
-<p></p>
+<a name="XMLSECREPLACENODEBUFFERANDRETURN"></a><h3>xmlSecReplaceNodeBufferAndReturn ()</h3>
+<pre class="PROGRAMLISTING"><gtkdoclink href="INT"><span class="RETURNVALUE">int</span></gtkdoclink>                 xmlSecReplaceNodeBufferAndReturn    (<code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> node</code>,
+                                                         <code class="PARAMETER">const <a href="xmlsec-xmlsec.html#XMLSECBYTE"><span class="TYPE">xmlSecByte</span></a> *buffer</code>,
+                                                         <code class="PARAMETER"><a href="xmlsec-xmlsec.html#XMLSECSIZE"><span class="TYPE">xmlSecSize</span></a> size</code>,
+                                                         <code class="PARAMETER"><gtkdoclink href="XMLNODE"><span class="TYPE">xmlNodePtr</span></gtkdoclink> *replaced</code>);</pre>
+<p>Swaps the <code class="PARAMETER">node</code> and the parsed XML data from the <code class="PARAMETER">buffer</code> in the XML tree.</p>
 <p></p>
 <table class="variablelist" border="0" cellspacing="0" cellpadding="4"><tbody>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20982"><span style="white-space: nowrap"><code class="PARAMETER">info</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the qname&lt;-&gt;bit mask mapping information.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25974"><span style="white-space: nowrap"><code class="PARAMETER">node</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the current node.</p></td>
+</tr>
+<tr>
+<td align="LEFT" valign="TOP"><a name="AEN25979"><span style="white-space: nowrap"><code class="PARAMETER">buffer</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20987"><span style="white-space: nowrap"><code class="PARAMETER">mask</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>               the bit mask.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25984"><span style="white-space: nowrap"><code class="PARAMETER">size</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the XML data size.</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20992"><span style="white-space: nowrap"><code class="PARAMETER">name</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p> 		the value name to print.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25989"><span style="white-space: nowrap"><code class="PARAMETER">replaced</code> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>the replaced nodes, or release them if NULL is given</p></td>
 </tr>
 <tr>
-<td align="LEFT" valign="TOP"><a name="AEN20997"><span style="white-space: nowrap"><code class="PARAMETER">output</code> :</span></a></td>
-<td align="LEFT" valign="TOP"><p>             the pointer to output FILE.</p></td>
+<td align="LEFT" valign="TOP"><a name="AEN25994"><span style="white-space: nowrap"><span class="emphasis"><i class="EMPHASIS">Returns</i></span> :</span></a></td>
+<td align="LEFT" valign="TOP"><p>0 on success or a negative value if an error occurs.</p></td>
 </tr>
 </tbody></table>
 </div>
diff --git a/docs/api/xmlsec.sgml b/docs/api/xmlsec.sgml
index 8cad2a2f..afdd9a71 100644
--- a/docs/api/xmlsec.sgml
+++ b/docs/api/xmlsec.sgml
@@ -48,6 +48,9 @@
 <!ENTITY xmlsec-gnutls-app 		SYSTEM "sgml/gnutls/app.sgml">
 <!ENTITY xmlsec-gnutls-crypto 		SYSTEM "sgml/gnutls/crypto.sgml">
 
+<!ENTITY xmlsec-gcrypt-app 		SYSTEM "sgml/gcrypt/app.sgml">
+<!ENTITY xmlsec-gcrypt-crypto 		SYSTEM "sgml/gcrypt/crypto.sgml">
+
 <!ENTITY xmlsec-nss-app 		SYSTEM "sgml/nss/app.sgml">
 <!ENTITY xmlsec-nss-bignum		SYSTEM "sgml/nss/bignum.sgml">
 <!ENTITY xmlsec-nss-crypto 		SYSTEM "sgml/nss/crypto.sgml">
@@ -143,14 +146,15 @@
 	<para>XML Security Library provides support for XML Digital Signature 
 	and XML Encryption. It is based on LibXML/LibXSLT and can use
 	practicaly any crypto library (currently there is "out of the box" 
-	support for OpenSSL, GnuTLS and NSS).
+	support for OpenSSL, MSCrypto, GnuTLS, GCrypt and NSS).
 	</para>
     </chapter>
     <chapter id="xmlsec-notes-structure">
 	<title>XML Security Library Structure.</title>
 	<para>In order to provide the an ability to use different crypto engines, 
 	the XML Security Library is splitted in two parts: core library (xmlsec)
-	and crypto library (xmlsec-openssl, xmlsec-gnutls, xmlsec-nss, ...). 
+	and crypto library (xmlsec-openssl, xmlsec-mscrypt, xmlsec-gnutls, 
+	xmlsec-gcrypt, xmlsec-nss, ...).
 	<figure>
 	    <title>The library structure and dependencies.</title>
 	    <graphic fileref="images/structure.png" align="center"></graphic>
@@ -254,6 +258,16 @@
     &xmlsec-gnutls-crypto;
     </chapter>
 
+    <chapter id="xmlsec-gcrypt-ref">
+    <title>XML Security Library for GCrypt API Reference.</title>
+    <para>This section contains the API reference for xmlsec-gcrypt. All
+    the public interfaces are documented here. This reference guide is
+    build by extracting comments from the code sources. </para>
+
+    &xmlsec-gcrypt-app;
+    &xmlsec-gcrypt-crypto;
+    </chapter>
+
     <chapter id="xmlsec-nss-ref">
     <title>XML Security Library for NSS API Reference.</title>
     <para>This section contains the API reference for xmlsec-nss. All
diff --git a/docs/download.html b/docs/download.html
index cf19ef3a..6598cbfd 100644
--- a/docs/download.html
+++ b/docs/download.html
@@ -47,10 +47,10 @@
       <h1>Download</h1>
       </div>
 <h2>Stable releases.</h2>
-<p>The latest stable XML Security Library version is <b>1.2.14</b>:</p>
+<p>The latest stable XML Security Library version is <b>1.2.19</b>:</p>
 <ul>
 <li>
-        <a href="http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.14.tar.gz">Sources 
+        <a href="http://www.aleksey.com/xmlsec/download/xmlsec1-1.2.19.tar.gz">Sources 
 	for latest version</a>.
     </li>
     <li>
@@ -85,8 +85,9 @@
         </li>
 	<li>
 <a href="http://www.gnu.org/software/gnutls/">GnuTLS</a>
-	and <a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a> - 
-	GNU SSL and cryptographic libraries.
+	</li>
+	<li>
+<a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a>
 	</li>
         <li>
 <a href="http://www.mozilla.org/projects/security/pki/nss/">NSS</a> -
diff --git a/docs/faq.html b/docs/faq.html
index 53c36eae..29361786 100644
--- a/docs/faq.html
+++ b/docs/faq.html
@@ -134,6 +134,23 @@ the application is not distributed.<br>
 </td>
                 </tr>
 <tr>
+<td style="vertical-align: top;">xmlsec-gcrypt (also
+requires
+xmlsec-core library) </td>
+                  <td style="vertical-align: top;">
+<a href="http://www.gnupg.org/">LibGCrypt</a><br>
+</td>
+                  <td style="vertical-align: top;">
+<a href="http://www.opensource.org/licenses/gpl-license.php">GPL</a><br>
+</td>
+                  <td style="vertical-align: top;">Yes, but only if
+the application is not distributed.<br>
+</td>
+                  <td style="vertical-align: top;">Yes.</td>
+                  <td style="vertical-align: top;">Yes.<br>
+</td>
+                </tr>
+<tr>
 <td style="vertical-align: top;">xmlsec-nss (also
 requires
 xmlsec-core library) </td>
@@ -196,11 +213,15 @@ xmlsec?</h4>
 <li> <a href="http://www.openssl.org/">OpenSSL</a>
 version
 0.9.7 (prefered or later) or version 0.9.6. </li>
-              <li>
+<li>
 <a href="http://www.gnu.org/software/gnutls/">GnuTLS</a>
-and <a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a>
-- GNU SSL and cryptographic libraries. </li>
-              <li>
+</li>
+
+<li>
+<a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a>
+</li>
+
+<li>
 <a href="http://www.mozilla.org/projects/security/pki/nss/">NSS</a> -
 Mozilla cryptographic library. </li>
             </ul>
diff --git a/docs/index.html b/docs/index.html
index 3ca9ed15..d043e7fa 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -43,76 +43,46 @@
 </table>
 </td>
 <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
-<div align="Center">                                          
-      <h1>XML Security Library</h1>
-            </div>
+<div align="center">
+<h1>XML Security Library</h1>
+</div>
 <p>
-             XML Security Library is a C library based on 
-	     <a href="http://xmlsoft.org/">LibXML2</a>.
-      The library  supports major XML security standards:                                        	    
-      </p>
+XML Security Library is a C library based on <a href="http://xmlsoft.org/">LibXML2</a>.
+The library  supports major XML security standards:
+</p>
 <ul>
+<li><a href="http://www.w3.org/TR/xmldsig-core">XML Signature</a></li>
+<li><a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption</a></li>
+<li>
+<a href="http://www.w3.org/TR/xml-c14n">Canonical XML</a> (part of the
+<a href="http://xmlsoft.org">LibXML2</a>)</li>
 <li>
-<a href="http://www.w3.org/TR/xmldsig-core">XML Signature</a>
- 	     </li>
-	     <li>
-<a href="http://www.w3.org/TR/xmlenc-core/">XML Encryption</a>
-	     </li>
-              <li>
-<a href="http://www.w3.org/TR/xml-c14n">Canonical XML</a>
- 	     (was included in <a href="http://xmlsoft.org">LibXML2</a>)</li>
-              <li>
 <a href="http://www.w3.org/TR/xml-exc-c14n">Exclusive Canonical XML</a>
- 	     (was included in <a href="http://xmlsoft.org">LibXML2</a>)</li>
-                                            	    
-      </ul>
+(part of the <a href="http://xmlsoft.org">LibXML2</a>)</li>
+</ul>
 <p>
-             XML Security Library is released under the  	    
-	     <a href="http://www.opensource.org/licenses/mit-license.html">MIT  Licence</a>
-     	    see the Copyright file in the distribution  for details.<br><br></p>
+XML Security Library is released under the
+<a href="http://www.opensource.org/licenses/mit-license.html">MIT  Licence</a>
+see the Copyright file in the distribution  for details.<br><br></p>
 <p><b>News</b></p>
 <ul>
-<li>December 5 2009<br>
-	Changes in <a href="download.html">XML Security Library 1.2.14</a> release:
-	<ul>
-<li>XMLSec library is switched from built-in LTDL library to the system 
-	LTDL library on Linux/Unix and native calls on Windows to fix 
-	<a href="https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-3736">security 
-	issue</a> in LTDL.</li>
-	<li>Fixed minor bugs (see <a href="http://git.gnome.org/cgit/xmlsec/log/">log</a> 
-	for complete list).</li>
-	</ul>
+<li>March 24 2013<br>
+        The <a href="download.html">XML Security Library 1.2.19</a> release adds support for DSA-SHA256, ECDSA-SHA1,
+        ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 and fixes a number of miscellaneous bugs.
 </li>
 
-<li>September 12 2009<br>
-	Changes in <a href="download.html">XML Security Library 1.2.13</a> release:
-	<ul>
-<li>
-	<a href="http://xmlsoft.org/">LibXML2</a> version 2.7.4 is now required</li>
-	<li>Implemented support for <a href="http://www.w3.org/TR/xml-c14n11/">C14N version 1.1</a>
-</li>
-	<li>Increase default minimum hmac size to 80 bits</li>
-	<li>Added support for --with-libxml-src and --with-libxslt-src ./configure options</li>
-	<li>Fixed XML dump output</li>
-	</ul>
+<li>May 11 2011<br>
+        The <a href="download.html">XML Security Library 1.2.18</a> release fixes
+        a serious crasher. All users are advised to upgraded as soon as possible.
 </li>
 
-<li>July 14 2009<br>
-	The new <a href="download.html">XML Security Library 1.2.12</a> release
-	includes the following changes (see ChangeLog for the complete list of changes):
-	<ul>
-<li>Fixed HMAC vulnerability with small values of HMAC length 
-	(<a href="http://www.kb.cert.org/vuls/id/466161">CERT VU #466161</a>).</li>
-	<li>Added support for the GOST implemented by Russian Crypto Pro CSP 
-	(patch from Dennis Prochko)</li>
-	<li>Added an option to return the replaced node (based on the patch from Frank Gross)</li>
-	<li>Added new function xmlSecNodeEncodeAndSetContent for encoding
-	special chars in the node content.</li>
-	<li>Added configurable Base64 line length.</li>
-	<li>Bug fixes.</li>
-	</ul>
+<li>March 31 2011<br>
+        Changes in <a href="download.html">XML Security Library 1.2.17</a> release:
+        <ul>
+<li>Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire).</li>
+        <li>Fixed a number of build configuration problems, pkcs12 file loading, and gcrypt init/shutdown.</li>
+        </ul>
 </li>
-
 </ul>
 </td></tr></table></td>
 </tr></table></body>
diff --git a/docs/news.html b/docs/news.html
index 63d032fc..0243d63d 100644
--- a/docs/news.html
+++ b/docs/news.html
@@ -43,10 +43,57 @@
 </table>
 </td>
 <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
-<div align="Center">                                   
-      <h1>XML Security Library News</h1>
-      </div>
+<div align="center">
+<h1>XML Security Library News</h1>
+</div>
 <ul>
+<li>March 24 2013<br>
+        The <a href="download.html">XML Security Library 1.2.19</a> release adds support for DSA-SHA256, ECDSA-SHA1,
+        ECDSA-SHA224, ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512 and fixes a number of miscellaneous bugs.
+</li>
+
+<li>May 11 2011<br>
+        The <a href="download.html">XML Security Library 1.2.18</a> release fixes
+        a serious crasher. All users are advised to upgraded as soon as possible.
+</li>
+
+<li>March 31 2011<br>
+        Changes in <a href="download.html">XML Security Library 1.2.17</a> release:
+        <ul>
+<li>Fixed security issue with libxslt (CVE-2011-1425, reported by Nicolas Gregoire).</li>
+        <li>Fixed a number of build configuration problems, pkcs12 file loading, and gcrypt init/shutdown.</li>
+        </ul>
+</li>
+
+<li>May 26  2010<br>
+	Changes in <a href="download.html">XML Security Library 1.2.16</a> release:
+	<ul>
+<li>New xmlsec-gcrypt library.</li>
+	<li>xmlsec-gcrypt: Added RSA with SHA1/SHA256/SHA384/SHA512/MD5/RIPEMD160,
+	    DSA with SHA1, AES/DES KW support.</li>
+	<li>xmlsec-gnutls: Added X509 support and converted the library to use
+	    xmlsec-gcrypt library for all crypto operations.</li>
+	<li>xmlsec-mscrypto: RSA/OAEP and AES/DES KW support.</li>
+	<li>Several minor bug fixes and code cleanups.</li>
+	</ul>
+</li>
+
+<li>April 29 2010<br>
+	Changes in <a href="download.html">XML Security Library 1.2.15</a> release:
+	<ul>
+<li>xmlsec-mscrypto: Added HMAC with MD5, SHA1, SHA256/384/512;
+	RSA with MD5, SHA256/384/512 support.</li>
+	<li>xmlsec-mscrypto: Converted to Unicode (the non-Unicode builds are still available as compile time option).</li>
+	<li>xmlsec-nss: Added MD5 and SHA256/384/512 support for digest, HMAC 
+	and RSA (the new minimum required version for NSS library is 3.9).</li>
+	<li>xmlsec-gnutls: Added SHA256/384/512 for digest and HMAC;
+	MD5 and RIPEMD160 digests support (the new minimum required version for
+	GnuTLS library is 2.8.0).</li>
+	<li>Fixed typo: "Copyrigth" should be "Copyright".</li>
+	<li>Several critical bug fixes and code cleanups.</li>
+	</ul>
+</li>
+
 <li>December 5 2009<br>
 	Changes in <a href="download.html">XML Security Library 1.2.14</a> release:
 	<ul>
@@ -71,7 +118,6 @@
 	<li>Fixed XML dump output</li>
 	</ul>
 </li>
-
 <li>July 14 2009<br>
 	The new <a href="download.html">XML Security Library 1.2.12</a> release
 	includes the following changes (see ChangeLog for the complete list of changes):
@@ -96,7 +142,7 @@
 	<li>Bug fixes.</li>
 	</ul>
 </li>
-<br><li>June 12 2006<br>
+<li>June 12 2006<br>
 	The new <a href="download.html">XML Security Library 1.2.10</a> release
 	includes the following changes:
 	<ul>
@@ -104,95 +150,86 @@
 	<li>Ability to disable system trusted certs in xmlsec-mscrypto 
 	(Dmitry Belyavsky)</li>
 	<li>New functions for adding X509IssuerName and X509SerialNumber 
-	nodes to the template (Dmitry Belyavsky)
-	</li>
-<li>Better packaging support for Fedora and Debian (Daniel Veillard, John Belmonte)</li>
+	nodes to the template (Dmitry Belyavsky)</li>
+	<li>Better packaging support for Fedora and Debian (Daniel Veillard, John Belmonte)</li>
 	<li>Cleanups from Coverity tool reports</li>
 	<li>Bug fixes</li>
 	</ul>
 </li>
-<br><li>July 12 2005<br>
+<li>July 12 2005<br>
 	The new <a href="download.html">XML Security Library 1.2.9</a> release
 	includes few bug fixes and adds support for the recently released 
 	<a href="http://www.openssl.org">OpenSSL 0.9.8</a> including several 
 	new algorithms for <a href="xmldsig.html">xmlsec-openssl</a>:
 	<ul>
 <li>SHA224/SHA256/SHA384/SHA512</li>
-	    <li>HMAC-SHA224/SHA256/SHA384/SHA512</li>
-	    <li>RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512</li>
+	<li>HMAC-SHA224/SHA256/SHA384/SHA512</li>
+	<li>RSA-MD5/RIPEMD160/SHA224/SHA256/SHA384/SHA512</li>
 	</ul>
 </li>
-<br><li>March 30 2005<br>
+<li>March 30 2005<br>
 	The new <a href="download.html">XML Security Library 1.2.8</a> release
 	merges OpenOffice.org changes to xmlsec-mscrypto and xmlsec-nss into
 	main xmlsec source tree.
 </li>
-<br><li>February 23 2005<br>
+<li>February 23 2005<br>
 	The new <a href="download.html">XML Security Library 1.2.7</a> release
 	includes several bug fixes and minor enchancements:
 	<ul>
 <li>(core) added xmlSecSimpleKeysStoreGetKeys() function;</li>
 	<li>(core) added functions to create &lt;X509Data/&gt; node children
-	     in the signature template;</li>
+	in the signature template;</li>
 	<li>(core) fixed xmlSecGenerateID() function;</li>
 	<li>(core) fixed dynamic linking initialization/shutdown when custom memory 
-	    allocation functions are used;</li>
+	allocation functions are used;</li>
 	<li>(core) fixed encrypted text parsing and xmlParseInNodeContext() function;</li>
 	<li>(openssl) fixed parsing quoted values in the certificate subject;</li>
 	<li>(mscrypto) negative numbers support in xmlSecBnFromString()/xmlSecBnToString() functions.</li>
 	</ul>
 </li>
-
-<br><li>August 25 2004<br>
+<li>August 25 2004<br>
 	The new <a href="download.html">XML Security Library 1.2.6</a> 
 	fixes several minor bugs and adds support for loading keys and
 	certificates from memory.
 </li>
-
-<br><li>July 27 2004<br>
+<li>July 27 2004<br>
 	Created a <a href="related.html#books">list of books</a> about
 	cryptography and security that covers most of the topics needed
 	for using XML Security Library.
 </li>
-
-<br><li>April 15 2004<br>
+<li>April 15 2004<br>
 	The new <a href="download.html">XML Security Library 1.2.5</a> 
 	includes a simple XKMS server implementation and fixes a nasty
 	bug with encrypting/decrypting nodes with an empty content.
 </li>
-
-<br><li>January 27 2004<br>
+<li>January 27 2004<br>
 	The new <a href="download.html">XML Security Library 1.2.4</a> 
 	release fixes many configuration and installation problems 
 	found by John.
 </li>
-
-<br><li>January 6 2004<br>
+<li>January 6 2004<br>
 	The new <a href="download.html">XML Security Library 1.2.3</a> 
 	release upgrades xmlsec-gnutls code to support latest gnutls
 	library version (1.0.4) and fixes several configuration and 
 	installation problems.
 </li>
-
-<br><li>November 11 2003<br>
+<li>November 11 2003<br>
 	The new <a href="download.html">XML Security Library 1.2.2</a> 
 	release includes several improvements in ./configure script
 	(Daniel, Roumen) and a bug fix for certificates serial number
 	processing in xmlsec-mscrypto.
 </li>
-
-<br><li>October 14 2003<br>
+<li>October 14 2003<br>
 	The new <a href="download.html">XML Security Library 1.2.1</a> 
 	release includes a special "hack" for supporting ID attributes
 	with invalid values in Visa 3D; fixed processing of root element 
 	node siblings (bug #124245); template functions for creating 
 	&lt;enc:KeyReference/&gt; and &lt;enc:DataReference/&amp;gt
-        nodes (Wouter); new "XMLSEC_DOCDIR" environment variable 
+	nodes (Wouter); new "XMLSEC_DOCDIR" environment variable 
 	for ./configure script; updated README files for xmlsec-crypto
 	libraries.
 </li>
-
-<br><li>September 30 2003<br>
+<li>September 30 2003<br>
 	The major change in the new <a href="download.html">XML Security Library 1.2.0</a> 
 	release is the MS Crypto API support implemented by Wouter. Other changes
 	include loading public keys from certificates and improved namespaces 
@@ -200,16 +237,14 @@
 	for xmlsec command line utility; updated online XML DSig Verifier;
 	updated docs and man pages.
 </li>
-
-<br><li>September 17 2003<br>
+<li>September 17 2003<br>
 	The new <a href="download.html">XML Security Library 1.1.2</a> release
 	introduces dynamical crypto engines loading based on ltdl library (including
 	tutorial, API reference and documentation updates); adds an ability to build 
 	multiple xmlsec-crypto libraries in one build on Windows; fixes minor problems
 	in test suite and multiple warnings when building on Sun Solaris.
 </li>
-
-<br><li>August 21 2003<br>
+<li>August 21 2003<br>
 	The new <a href="download.html">XML Security Library 1.1.1</a> release
 	adds &lt;X509Data/&gt; node templates support to xmlsec-nss (Tej);
 	includes new functions for reading keys and certificates from memory 
@@ -217,8 +252,7 @@
 	in xmlsec configuration files (Roumen) and a bug in URI attribute 
 	XInclude processing.
 </li>
-
-<br><li>August 5 2003<br>
+<li>August 5 2003<br>
 	A great patch from Tej that dramaticaly improves xmlsec-nss functionality
 	deserves a minor version number update :). In addition to that, the new 
 	<a href="download.html">XML Security Library 1.1.0</a> 
@@ -228,8 +262,7 @@
 	and some useful commands for xmlsec developers in a new "HACKING" 
 	file).
 </li>
-
-<br><li>July 15 2003<br>
+<li>July 15 2003<br>
 	There were several minor patches during last month and it's time to do 
 	a new <a href="download.html">XML Security Library 1.0.4</a> 
 	release to pick up them: x509 certificates names comparison function
@@ -239,13 +272,12 @@
 	<a href="http://oreillynet.com/oscon2003/">OSCON 2003</a> last week. 
 	You can download slides <a href="http://www.aleksey.com/xmlsec/extra/xmlsec_oscon_2003.ppt">here</a>.
 </li>
-
-<br><li>June 17 2003<br>
+<li>June 17 2003<br>
 	The <a href="download.html">XML Security Library 1.0.3</a> 
 	release adds PKCS#8 support for xmlsec-openssl (Tej) and fixes several 
 	configuration and portability problems.
 </li>
-<br><li>June 03 2003<br>
+<li>June 03 2003<br>
 	The <a href="download.html">XML Security Library 1.0.2</a> 
 	release includes several fixes in xmlsec-nss configuration and
 	linking options (Tej), PKCS21 files reading improvements,
@@ -254,7 +286,7 @@
 	right now and not configured in by default. Please, don't
 	use or even compile it in.
 </li>
-<br><li>April 28 2003<br>
+<li>April 28 2003<br>
 	The <a href="download.html">XML Security Library 1.0.1</a> 
 	release is a maintanance release. It fixes several compilation 
 	problems found in 1.0.0 release on the following platforms: 
@@ -264,7 +296,7 @@
 	LibXML2/LibXSLT/XMLSec libraries).If you don't
 	use one of these platforms then you'll see no difference.
 </li>
-<br><li>April 17 2003<br>
+<li>April 17 2003<br>
 	The <a href="download.html">XML Security Library 1.0.0</a> 
 	release is the major upgrade from 0.0.X version.
 	The new version includes multiple crypto engines support
@@ -274,7 +306,7 @@
 	new or updated documentation (tutorial, API reference manual and 
 	examples).
 </li>
-<br><li>April 10 2003<br>
+<li>April 10 2003<br>
 	The final release candidate <a href="download.html">XML Security 
 	Library 1.0.0rc1</a> is available for download. This release includes 
 	minor API polishing, 
@@ -286,7 +318,7 @@
 	If no major problems will be found then the 1.0.0 release should
 	happen in a week from now.
 	</li>
-<br><li>April 8 2003<br>
+<li>April 8 2003<br>
 	The new <a href="download.html">XML Security Library 0.0.15</a> 
 	release is a preparation for the upcomming 1.0.0 release and
 	provides an ability to have both versions installed together 
@@ -295,20 +327,7 @@
 	the regression test suite and a fix for minor bug in reading binary 
 	keys on Windows.
 	</li>
-<br><li>April 6 2003<br><table><tr>
-<td>
-	<a href="http://conferences.oreilly.com/oscon/"><img border="0" src="http://conferences.oreillynet.com/images/os2003/banners/130x40.gif" alt="O'Reilly Open Source Convent3Dion"></a>	
-	</td>
-<td width="10"></td>
-<td valign="top">It seems that I'll be giving a 
-	<a href="http://conferences.oreillynet.com/cs/os2003/view/e_sess/3838">presentation</a>
-	at the <a href="http://conferences.oreilly.com/oscon/">O'Reilly Open Source Convention 2003</a>
-	about XML Security and XML Security Library. Stop by to say "Hello!".
-	</td>
-</tr></table>
-</li>
-
-<br><li>March 26 2003<br><a href="download.html">XML Security Library 0.1.1</a>
+<li>March 26 2003<br><a href="download.html">XML Security Library 0.1.1</a>
 	release is the first release candidate for the new stable 
 	version of XML Security Library. A lot of internal changes 
 	including enchanced processing controls, performance improvements
@@ -319,13 +338,13 @@
 	release candidate and it's very important for me to get your
 	feedback about it. Also if you are missing some features
 	in the library it's the best time to ask!
-	</li>
-<br><li>March 19 2003<br><a href="download.html">XML Security Library 0.0.14</a> release
+</li>
+<li>March 19 2003<br><a href="download.html">XML Security Library 0.0.14</a> release
 	includes several minor bugfixes in references URI
 	processing, binary transforms processing and xmlsec 
 	command line utility.
-	</li>
-<br><li>March 5 2003<br>
+</li>
+<li>March 5 2003<br>
 	The <a href="download.html">XML Security Library 0.1.0</a> release
 	creates a framework for integrating XML Security Library
 	with almost any crypto engine and even combining multiple crypto
@@ -337,187 +356,200 @@
 	However, if you plan to use XML Security Library with a new crypto
 	engine and plan to write some code then you can start now. 
 	The "backend" API is pretty stable and I do not expect major
-	changes. 
-	</li>
-<br><li>February 21 2003<br><a href="download.html">XML Security Library 0.0.13</a> release
+	changes.
+</li>
+<li>February 21 2003<br><a href="download.html">XML Security Library 0.0.13</a> release
 	fixes incorrect processing of signatures with more than 3 binary 
 	transforms in a row, improved pkcs12 files support and minor
 	documentation update.
-	</li>
-<br><li>January 26 2003<br>
+</li>
+<li>January 26 2003<br>
 	Two major fixes in <a href="http://www.aleksey.com/pipermail/xmlsec/2003/000507.html">HMAC</a> and 
 	<a href="http://www.aleksey.com/pipermail/xmlsec/2003/000516.html">DES/AES</a> 
 	algorithms are the reason for the new <a href="download.html">XML Security Library 0.0.12</a> release.
 	Also there are few other minor features and bug fixes (see Changelog in the 
 	distribution for more details).
-	</li>
-<br><li>December 3 2002<br>
+</li>
+<li>December 3 2002<br>
 	New <a href="download.html">XML Security Library 0.0.11</a> release
 	fixes a <a href="http://www.aleksey.com/pipermail/xmlsec/2002/000368.html">major 
 	problem</a> in Reference URI attribute processing. This release
 	also includes several Win32 build process fixes from Igor.	
-	</li>
-<br><li>October 20 2002<br>
+</li>
+<li>October 20 2002<br>
 	Almost two months from previous release and a lot of minor 
 	enchancements are good reasons for the new
-	<a href="download.html">XML Security Library 0.0.10</a> release:<br>
-	- added a way to specify "current time" to verify certificates
-	expiration against it;<br>
-	- implemented XML results output format for the xmlsec command
-	line utility;<br>
-	- fixed XMLDSig examples and added a new one (thanks to Devin 
-	Heitmueller);<br>
-	- resolved static link issue and a bunch of other improvements 
-	for Win32 platform builds (Igor Zlatkovic);<br>
-	- added dynamic linking option for xmlsec command line utility
-	to help Debian port (John Belmonte);<br>
-	- minor bug fixes.
-	</li>
-<br><li>August 26 2002<br>
+	<a href="download.html">XML Security Library 0.0.10</a> release:
+	<ul>
+<li>Added a way to specify "current time" to verify certificates
+	expiration against it;</li>
+	<li>Implemented XML results output format for the xmlsec command
+	line utility;</li>
+	<li>Fixed XMLDSig examples and added a new one (thanks to Devin 
+	Heitmueller);</li>
+	<li>Resolved static link issue and a bunch of other improvements 
+	for Win32 platform builds (Igor Zlatkovic);</li>
+	<li>Added dynamic linking option for xmlsec command line utility
+	to help Debian port (John Belmonte);</li>
+	<li>Minor bug fixes.</li>
+	</ul>
+</li>
+<li>August 26 2002<br>
 	I've completelly screwed up. The release 0.0.8 was totally broken 
 	(I've simply packaged files from wrong CVS :) )
 	and I am doing a new <a href="download.html">0.0.9 release</a>
-	to fix all the problems. Please upgrade to the new version 
+	to fix all the problems. Please upgrade to the new version
 	if you use any of previous XML Security Library releases.<br>
-	I am really sorry for my stupid mistakes and I promise to never 
-	do releases on Friday :( <br>
-	And special thanks to Ferrell Moultrie for pointing this out.	
-	</li>
-<br><li>August 23 2002<br><a href="download.html">XML Security Library 0.0.8</a> is released:<br>
-	- New errors reporting system is created and all the code is updated;<br>
-	- Added XPointer transform support;<br>
-	- Major enveloped and XPath transforms performance improvements;<br>
-	- Updated XPath 2 Filter implementation to reflect latest W3C specifications;<br>
-	- <a href="xmlsec-man.html">Man page</a> for xmlsec utility is written;<br>
-	- Automatically generated <a href="documentation.html">API Reference 
-	Manual</a> (more than 370 symbols) is created;<br> 
-	- Minor Win32 bug fixes from Igor;<br>
-	- Debian port from John Belmonte.<br>
-</li>
-<br><li>July 11 2002<br>
+	I am really sorry for my stupid mistakes and I promise to never
+	do releases on Friday :(<br>
+	And special thanks to Ferrell Moultrie for pointing this out.
+</li>
+<li>August 23 2002<br><a href="download.html">XML Security Library 0.0.8</a> is released:
+	<ul>
+<li>New errors reporting system is created and all the code is updated;</li>
+	<li>Added XPointer transform support;</li>
+	<li>Major enveloped and XPath transforms performance improvements;</li>
+	<li>Updated XPath 2 Filter implementation to reflect latest W3C specifications;</li>
+	<li>
+<a href="xmlsec-man.html">Man page</a> for xmlsec utility is written;</li>
+	<li>Automatically generated <a href="documentation.html">API Reference</a>
+</li>
+	<li>Manual (more than 370 symbols) is created;</li>
+	<li>Minor Win32 bug fixes from Igor;</li>
+	<li>Debian port from John Belmonte.</li>
+	</ul>
+</li>
+<li>July 11 2002<br>
 	XML Security Library <a href="documentation.html">documentation</a> 
 	created.
-	</li>
-<br><li>July 10 2002<br>
+</li>
+<li>July 10 2002<br>
 	A new <a href="download.html">XML Security Library 0.0.7</a> release
 	includes all small bug fixes for last month and a new LibXML2 library
 	with improved canonicalization.
-	</li>
-<br><li>May 28 2002<br> 
+</li>
+<li>May 28 2002<br> 
 	New LibXML 2.4.22 is <a href="http://xmlsoft.org/news.html">released</a>
 	and new <a href="download.html">XML Security Library 0.0.6</a> is 
-	released:<br>
-	- Win32 port is added: the idea and most of the configuration scripts
+	released:
+	<ul>
+<li>Win32 port is added: the idea and most of the configuration scripts
 	code was taken from LibXML2 (written by Igor Zlatkovic). I modified
-	original files so all errors are mine, not Igor's.<br>
-	- Many different performance optimizations (especially for RSA/DSA
-	algorithms and enveloped signatures).<br>
-	- <a href="http://www.w3.org/TR/xmldsig-filter2/">XPath Filter 2</a>
+	original files so all errors are mine, not Igor's.</li>
+	<li>Many different performance optimizations (especially for RSA/DSA
+	algorithms and enveloped signatures).</li>
+	<li>
+<a href="http://www.w3.org/TR/xmldsig-filter2/">XPath Filter 2</a>
 	and <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0001.html">Alternative 
 	XPath Filter</a> (not compiled by default, use --enable-altxpath configuration
-	switch if you need this transform) support is added. <br>
-	- Custom network protocol handler support is added. It is similar
-	to custom protocol handlers in LibXML2 but applied to binary files.<br>
-	- Separated XML Security Library RPM into xmlsec and xmlsec-devel
-	(suggested by Devin Heitmueller).<br>
+	switch if you need this transform) support is added. </li>
+	<li>Custom network protocol handler support is added. It is similar
+	to custom protocol handlers in LibXML2 but applied to binary files.</li>
+	<li>Separated XML Security Library RPM into xmlsec and xmlsec-devel
+	(suggested by Devin Heitmueller).</li>
+	</ul>
 </li>
-	<br><li>May 14 2002<br>
+<li>May 14 2002<br>
 	I've checked in new code for plugging in custom input handlers
 	(similar to ones that exist in LibXML2). The downside is that
 	you have to use <a href="ftp://xmlsoft.org/cvs-snapshot.tar.gz">daily 
 	LibXML2 snapshot</a> to compile daily XML Security Library snapshot.
-	</li>
-	<br><li>April 28 2002<br><a href="download.html">XMLSec 0.0.5</a> released: <br>
-        - Big external and internal cleanup. Now the API looks much more consistent
+</li>
+<li>April 28 2002<br><a href="download.html">XMLSec 0.0.5</a> released:
+	<ul>
+<li>Big external and internal cleanup. Now the API looks much more consistent
 	and I hope simple. I hope to declare API frozen in the next couple weeks.
-	Meantime, all comments and suggestions are welcome!<br>
-	- Added <a href="http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap">
-	symmetric key wrap</a> (aes, des) support.<br>
-	- Added RIPEMD-160 support.<br>
-</li>
-	<br><li>April 19 2002<br>
-	 Minor release <a href="download.html">XMLSec 0.0.4</a> with main
-	 goal to fix broken RPM:<br>
-	 - The RPM is recompiled using OpenSSL 0.9.6. The previous 
-	 version was compiled with OpenSSL 0.9.7 but I got few complains
-	 that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are
-	 some functionality limitations for XML Encryption (no AES support,
-	 incorrect padding mode for DES, etc.). If you want to use
-	 XML Encryption it is better to compile the library from sources
-	 and use OpenSSL 0.9.7<br>
-	 - The testDSig, testEnc and testKeys scripts merged into standalone
-	 "xmlsec" application.<br>
-	 - A couple minor bugs fixed.<br>
-</li>
-	<br><li>April 17 2002<br>
+	Meantime, all comments and suggestions are welcome!</li>
+	<li>Added <a href="http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap">
+	symmetric key wrap</a> (aes, des) support.</li>
+	<li>Added RIPEMD-160 support.</li>
+	</ul>
+</li>
+<li>April 19 2002<br>
+	Minor release <a href="download.html">XMLSec 0.0.4</a> with main
+	goal to fix broken RPM:
+	<ul>
+<li>The RPM is recompiled using OpenSSL 0.9.6. The previous 
+	version was compiled with OpenSSL 0.9.7 but I got few complains
+	that there are no RPMs for 0.9.7 yet. The downsides of using 0.9.6 are
+	some functionality limitations for XML Encryption (no AES support,
+	incorrect padding mode for DES, etc.). If you want to use
+	XML Encryption it is better to compile the library from sources
+	and use OpenSSL 0.9.7</li>
+	<li>The testDSig, testEnc and testKeys scripts merged into standalone
+	"xmlsec" application.</li>
+	<li>A couple minor bugs fixed.</li>
+	</ul>
+</li>
+<li>April 17 2002<br>
 	Installed <a href="http://www.aleksey.com/pipermail/xmlsec">
-	xmlsec mailing list.</a><br>
-</li>
-	<br><li>April 16 2002<br>
-	 A lot of changes and time for new release <a href="download.html">XMLSec 0.0.3</a>:<br>
-	 - The first release that includes <a href="xmlenc.html">XML Encryption support</a>! 
-	 The bad news is that most of new features require <a href="download.html">OpenSSL 0.9.7</a> which is 
-	 not officially released yet.<br>
-	 - Options to enable/disable support for particular algorithms were
-	 added to the <code>./configure</code> script.<br>
-	 - All transforms header files were consolidated in transforms.h
-         <br>
-</li>
-	 <br><li>April 6 2002<br>
-	 The <a href="download.html">RPM packages</a> are now available.<br><br>
-</li>
-          <li>April 5 2002<br>
- Test suite updates and new minor release <a href="download.html">XML Security Library 0.0.2a.</a>
-          <br>
- New <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0017.html">
- interoperability tests</a>
-  were provided by Merlin Hughes. XML Security Library successfully passed 
-          <b>all tests </b>after small test program tweaking and adding workaround 
-for <a href="http://groups.google.com/groups?hl=en&amp;threadm=96uofi%2417gh%241%40FreeBSD.csie.NCTU.edu.tw&amp;rnum=2&amp;prev=/groups%3Fq%3DX509_STORE_add_crl%26hl%3Den%26selm%3D96uofi%252417gh%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D2">
- OpenSSL CRL problem.</a>
- These new tests are included into the distribution and previous Merlin's
-test suites  are removed. Because of these changes I decided to generate
-a new package that also will include the <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">
-Online XML  Digital Signature Verifier</a>
- code.<br><br>
-</li>
-         <li>April 3 2002<br>
-  The <a href="http://www%2Caleksey.com/xmlsec/xmldsig-verifier.html">Online XML Digital Signature Verifier</a>
-   is available! You can use this tool to verify your XML Digital Signatures
- from online Web form or using a simple Perl script. The idea was stolen
-from           <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0006.html">
-  Manoj K. Srivastava.</a><br><br>
-</li>
-          <li>March 31 2002<br>
-   Some major changes and a time for new release: <a href="download.html">
- XML Security Library 0.0.2</a>
- . Now XML Security Library supports <b>all</b> MUST/SHOULD/MAY <a href="xmldsig-interop.html">
-   features</a>
-   from XMLDSig standard!<br>
-    - Added X509 certificates and certificate chains support<br>
-    - The detailed signature generation/verification results are made available 
- to the application<br>
-   - RetrievalMethod, Manifests and <a href="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">
-   additional algorithms</a>
-   are added<br>
-   - The Transforms and KeyInfo code was significantly re-writen with a goal 
- to separate it from XMLDSig logic for better re-usability (in XML Encryption,
- etc.)<br><br>
-</li>
-            <li>March 18 2002<br>
-      - Fixed wrong way shift of the DSA digest result bug found by Philipp 
- Gühring.  This bug is critical and I have to do a <a href="download/xmlsec-0.0.1a.tar.gz">
-      new build.</a>
-             <br>
-      - Added "--with-pedantic" configuration option and fixed all but "unused
-   variable" warnings (bug reported by Daniel Veillard).<br><br>
-</li>
-             <li>March 17 2002<br>
-      The <a href="download.html">XML Security Library 0.0.1</a>
-       is released and available for download! Please try it out and send 
-me  your comments/suggestions. </li>
-                                       
-      </ul>
+	xmlsec mailing list.</a>
+</li>
+<li>April 16 2002<br>
+	A lot of changes and time for new release <a href="download.html">XMLSec 0.0.3</a>:
+	<ul>
+<li>The first release that includes <a href="xmlenc.html">XML Encryption support</a>! 
+	The bad news is that most of new features require <a href="download.html">OpenSSL 0.9.7</a> which is 
+	not officially released yet.</li>
+	<li>Options to enable/disable support for particular algorithms were
+	added to the <code>./configure</code> script.</li>
+	<li>All transforms header files were consolidated in "transforms.h".</li>
+	</ul>
+</li>
+<li>April 6 2002<br>
+	The <a href="download.html">RPM packages</a> are now available.
+</li>
+<li>April 5 2002<br>
+	Test suite updates and new minor release <a href="download.html">XML 
+	Security Library 0.0.2a.</a><br>
+	New <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0017.html">
+	interoperability tests</a>
+	were provided by Merlin Hughes. XML Security Library successfully passed
+	<b>all tests </b>after small test program tweaking and adding workaround
+	for <a href="http://groups.google.com/groups?hl=en&amp;threadm=96uofi%2417gh%241%40FreeBSD.csie.NCTU.edu.tw&amp;rnum=2&amp;prev=/groups%3Fq%3DX509_STORE_add_crl%26hl%3Den%26selm%3D96uofi%252417gh%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D2">
+	OpenSSL CRL problem.</a>
+	These new tests are included into the distribution and previous Merlin's
+	test suites  are removed. Because of these changes I decided to generate
+	a new package that also will include the <a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online 
+	XML Digital Signature Verifier</a> code.
+</li>
+<li>April 3 2002<br>
+	The <a href="http://www%2Caleksey.com/xmlsec/xmldsig-verifier.html">Online XML
+	Digital Signature Verifier</a> is available! You can use this tool to 
+	verify your XML Digital Signatures from online Web form or using a simple
+	Perl script. The idea was stolen from <a href="http://lists.w3.org/Archives/Public/w3c-ietf-xmldsig/2002AprJun/0006.html">Manoj K. 
+	Srivastava.</a>
+</li>
+<li>March 31 2002<br>
+	Some major changes and a time for new release: <a href="download.html">XML Security 
+	Library 0.0.2</a>. Now XML Security Library supports <b>all</b> MUST/SHOULD/MAY 
+	<a href="xmldsig-interop.html">features</a> from XMLDSig standard!
+	<ul>
+<li>Added X509 certificates and certificate chains support</li>
+	<li>The detailed signature generation/verification results are made available 
+	to the application</li>
+	<li>RetrievalMethod, Manifests and <a href="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt">additional
+	algorithms</a> are added</li>
+	<li>The Transforms and KeyInfo code was significantly re-writen with a goal 
+	to separate it from XMLDSig logic for better re-usability (in XML Encryption,
+	etc.)</li>
+	</ul>
+</li>
+<li>March 18 2002<br><ul>
+<li>Fixed wrong way shift of the DSA digest result bug found by Philipp 
+	Gühring.  This bug is critical and I have to do a <a href="download/xmlsec-0.0.1a.tar.gz">new
+	build.</a>
+</li>
+	<li>Added "--with-pedantic" configuration option and fixed all but "unused
+	variable" warnings (bug reported by Daniel Veillard).</li>
+	</ul>
+</li>
+<li>March 17 2002<br>
+	The <a href="download.html">XML Security Library 0.0.1</a> is released
+	and available for download! Please try it out and send 
+	me your comments/suggestions.
+</li>
+</ul>
 </td></tr></table></td>
 </tr></table></body>
 </html>
diff --git a/docs/related.html b/docs/related.html
index c9ac05e9..fe895c45 100644
--- a/docs/related.html
+++ b/docs/related.html
@@ -86,8 +86,10 @@ GNOME <a href="http://www.w3.org/TR/xslt">XSLT</a> / <a href="http://www.exslt.o
               <li> <a href="http://www.openssl.org">OpenSSL</a> - <a href="http://www.netscape.com/eng/ssl3/">SSL</a> / <a href="http://www.consensus.com/ietf-tls/ietf-tls-home.html">TLS</a>
 implementation.</li>
               <li> <a href="http://www.gnu.org/software/gnutls/">GnuTLS</a>
-and <a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a>
-- GNU SSL and cryptographic libraries.</li>
+</li>
+              <li>
+<a href="http://www.gnu.org/directory/security/libgcrypt.html">Libgcrypt</a>
+              </li>
               <li> <a href="http://www.mozilla.org/projects/security/pki/nss/">NSS</a> -
 Mozilla cryptographic library. </li>
             </ul>
diff --git a/docs/xmldsig.html b/docs/xmldsig.html
index 25f90129..4e008862 100644
--- a/docs/xmldsig.html
+++ b/docs/xmldsig.html
@@ -68,833 +68,567 @@ and get detailed report on what and how was signed. </p>
 <div align="center">
             <table style="width: 85%;" border="1" cellpadding="2" cellspacing="2"><tbody>
 <tr>
-<td style="width: 40%;" align="left" valign="top"><b>Features
-and
-algorithms<br></b></td>
-                  <td align="left" valign="top"> <b>XMLSec with
-OpenSSL </b> </td>
-                  <td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td>
-                  <td style="vertical-align: top;"> <b>XMLSec with NSS</b>
-                  </td>
-                  <td style="vertical-align: top;"> <b>XMLSec with
-MSCrypto</b> </td>
-                </tr>
-<tr>
-<td style="width: 40%;" align="left" valign="top"> <span class="link-def">Detached</span>
-Signature<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms</b></td>
+                  <td valign="top"><b>XMLSec with OpenSSL</b></td>
+                  <td valign="top"><b>XMLSec with GnuTLS</b></td>
+                  <td valign="top"><b>XMLSec with GCrypt</b></td>
+                  <td valign="top"><b>XMLSec with NSS</b></td>
+                  <td valign="top"><b>XMLSec with MSCrypto</b></td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top"> <span class="link-def">Enveloping</span>
-Signature: same document reference with fragment
-(URI="#Object1")<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Detached Signature</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top"> <span class="link-def">Enveloped</span>
-Signature: same document reference (URI="") with Enveloped Signature
-Transform .<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Enveloping Signature: 
+same document reference with fragment (URI="#Object1")</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">SignatureValue
-generation/validation<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Enveloped Signature: 
+same document reference (URI="") with Enveloped Signature Transform</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Manifest
-DigestValue
-generation/valdiation<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">SignatureValue 
+generation/validation</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Feature:
-laxly schema
-valid
-Signature element generation<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Manifest DigestValue 
+generation/valdiation</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XPointers
-'#xpointer(/)'<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Laxly schema valid Signature 
+element generation</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XPointers
-'#xpointer(id("<em>ID</em>"))'<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(/)'</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XPointers:
-full suppport </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XPointers '#xpointer(id("<em>ID</em>"))'</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XPath
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XPointers: full suppport</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">the
-dsig XPath 'here()'
-function (can be used to implement enveloped signature)<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XPath</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XSLT
-(note, the child <code>
-XSLT</code>
-element of Transform has been deprecated.)<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">the dsig XPath 'here()' 
+function (can be used to implement enveloped signature)</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">XSLT transform</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">RetrievalMethod
-(e.g.,
-X509Data)<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+(e.g. X509Data)</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">SHA1
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">SHA1</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Base64
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Base64</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">HMAC-SHA1
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">HMAC-SHA1</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">DSAwithSHA1<br>
-(DSS) <br>
-</td>
-                  <td align="left" valign="top">Y<a href="#dsa-sha1"><sup>(1)</sup></a>
-                  <br>
-</td>
-                  <td style="vertical-align: top;">N<br>
+<td style="width: 40%;" align="left" valign="top">DSA with SHA1 (DSS) <a href="#dsa-sha1"><sup>(1)</sup></a>
 </td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">RSAwithSHA1
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">RSA with SHA1</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top">X509 support<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" valign="top">X509 support</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Minimal
-C14N (deprecated)<br>
-</td>
-                  <td align="left" valign="top">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" valign="top">X509 CRL support</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">Minimal C14N (deprecated)</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
 <a href="http://www.w3.org/TR/xml-c14n">Canonical XML 1.0</a>
 </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
 <a href="http://www.w3.org/TR/xml-exc-c14n">Exlusive Canonical XML 1.0</a>
 </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
 <a href="http://www.w3.org/TR/xml-c14n11/">Canonical XML 1.1</a>
 </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Enveloped
-Signature <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;"><br></td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Enveloped Signature</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 </tbody></table>
 <div align="left"> <br><h4 style="text-align: center;">Additional XML Security
 Algorithms (<a href="http://www.ietf.org/rfc/rfc4051.txt">RFC 4051</a>)</h4>
             <table style="width: 85%; text-align: left; margin-left: auto; margin-right: auto;" border="1" cellpadding="2" cellspacing="2"><tbody>
 <tr>
-<td style="width: 40%;" align="left" valign="top"><b>Features
-and
-algorithms<br></b></td>
-                  <td align="left" valign="top"> <b>XMLSec with
-OpenSSL </b> </td>
-                  <td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td>
-                  <td style="vertical-align: top;"> <b>XMLSec with NSS</b>
-                  </td>
-                  <td style="vertical-align: top;"> <b>XMLSec with
-MSCrypto</b> </td>
-                </tr>
-<tr>
-<td style="vertical-align: top; width: 40%;">MD5<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms<br></b></td>
+                  <td valign="top"><b>XMLSec with OpenSSL</b></td>
+                  <td valign="top"><b>XMLSec with GnuTLS</b></td>
+                  <td valign="top"><b>XMLSec with GCrypt</b></td>
+                  <td valign="top"><b>XMLSec with NSS</b></td>
+                  <td valign="top"><b>XMLSec with MSCrypto</b></td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">SHA224<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">MD5</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">SHA256<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">SHA224</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">SHA384<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">SHA256</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">SHA512<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">SHA384</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">HMAC-MD5<br>
-</td>
-                  <td align="left" valign="top">Y <br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">SHA512</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">HMAC-SHA224<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">HMAC-MD5</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="vertical-align: top; width: 40%;">HMAC-SHA224</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">HMAC-SHA256</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">HMAC-SHA384</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">HMAC-SHA512</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top">HMAC-RIPEMD160<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" valign="top">HMAC-RIPEMD160</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">RSA-MD5<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">RSA-MD5</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">RSA-SHA224<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">RSA-SHA224</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">RSA-SHA256<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">RSA-SHA256</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">RSA-SHA384<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">RSA-SHA384</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">RSA-SHA512<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">RSA-SHA512</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">RSA-RIPEMD160</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">ECDSA-SHA1<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">ECDSA-SHA1</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">ECDSA-SHA224<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">ECDSA-SHA224</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ECDSA-SHA256</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ECDSA-SHA384</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ECDSA-SHA512</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">ESIGN-SHA1<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">ESIGN-SHA1</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ESIGN-SHA224</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ESIGN-SHA256</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ESIGN-SHA384</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">ESIGN-SHA512</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Minimal
-C14N (deprecated) </td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Minimal C14N (deprecated)</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">XPointer
-transform<br>
-</td>
-                  <td align="left" valign="top">Y <br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XPointer transform</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+                  <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">ARCFOUR
-Encryption<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">ARCFOUR Encryption</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Block
-Encryption 128<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 128</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Block
-Encryption 192</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 192</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Block
-Encryption 256<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Camellia Block Encryption 256</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Key Wrap 128<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 128</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
 <td style="vertical-align: top; width: 40%;">Camellia
 Key Wrap 192</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">Camellia
-Key Wrap 256<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">Camellia Key Wrap 256</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">PSEC-KEM<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="vertical-align: top; width: 40%;">PSEC-KEM</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+</tr>
 </tbody></table>
-<div align="left"> <br><h4 style="text-align: center;">Other algorithms</h4>
+<div align="left">
+<h4 style="text-align: center;">Other algorithms</h4>
             <table style="width: 85%; text-align: left; margin-left: auto; margin-right: auto;" border="1" cellpadding="2" cellspacing="2"><tbody>
 <tr>
-<td style="width: 40%;" align="left" valign="top"><b>Features
-and
-algorithms<br></b></td>
-                  <td align="left" valign="top"> <b>XMLSec with
-OpenSSL </b> </td>
-                  <td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td>
-                  <td style="vertical-align: top;"> <b>XMLSec with NSS</b>
-                  </td>
-                  <td style="vertical-align: top;"> <b>XMLSec with
-MSCrypto</b> </td>
-                </tr>
-<tr>
-<td style="vertical-align: top; width: 40%;">GOST94 digests<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">Y<a href="#gost-mscrypto"><sup>(2)</sup></a><br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms</b></td>
+                  <td valign="top"><b>XMLSec with OpenSSL</b></td>
+                  <td valign="top"><b>XMLSec with GnuTLS</b></td>
+                  <td valign="top"><b>XMLSec with GCrypt</b></td>
+                  <td valign="top"><b>XMLSec with NSS</b></td>
+                  <td valign="top">
+<b>XMLSec with MSCrypto</b> </td>
+</tr>
 <tr>
-<td style="vertical-align: top; width: 40%;">GOST2001 signatures<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
+<td style="vertical-align: top; width: 40%;">GOST94 digests</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
 </td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">Y<a href="#gost-mscrypto"><sup>(2)</sup></a><br>
+</tr>
+<tr>
+<td style="vertical-align: top; width: 40%;">GOST2001 signatures</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">N</td>
+                  <td valign="top">Y<a href="#gost-mscrypto"><sup>(2)</sup></a>
 </td>
-                </tr>
+</tr>
 </tbody></table>
 <br><br><a name="dsa-sha1"></a><sup>(1)</sup> Defining <a href="http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue"> DSA key</a>
 with Seed and PgenCounter is not supported.
diff --git a/docs/xmlenc.html b/docs/xmlenc.html
index fe0ddc71..415e110f 100644
--- a/docs/xmlenc.html
+++ b/docs/xmlenc.html
@@ -60,510 +60,395 @@ data (including XML document). </div>
             <p> </p>
             <table style="width: 85%;" border="1" cellpadding="2" cellspacing="2"><tbody>
 <tr>
-<td style="width: 40%;" align="left" valign="top"><b>Features
-and
-algorithms<br></b></td>
-                  <td align="left" valign="top"> <b>XMLSec with OpenSSL</b>
-                  </td>
-                  <td style="vertical-align: top;"><b>XMLSec with GnuTLS</b></td>
-                  <td style="vertical-align: top;"> <b>XMLSec with NSS</b>
-                  </td>
-                  <td style="vertical-align: top;"> <b>XMLSec with
-MSCrypto</b> </td>
-                </tr>
-<tr>
-<td style="width: 40%;" align="left" valign="top">Laxly
-valid
-schema generation of EncryptedData
-/EncryptedKey <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><b>Features and algorithms</b></td>
+    <td valign="top"><b>XMLSec with OpenSSL</b></td>
+    <td valign="top"><b>XMLSec with GnuTLS</b></td>
+    <td valign="top"><b>XMLSec with GCrypt</b></td>
+    <td valign="top"><b>XMLSec with NSS</b></td>
+    <td valign="top"><b>XMLSec with MSCrypto</b></td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">Laxly valid schema 
+    generation of EncryptedData/EncryptedKey</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> Normalized Form C generations. </li>
-                  </ul>
+    <ul><li>Normalized Form C generations.</li></ul>
 </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
-<tr>
-<td style="width: 40%;" align="left" valign="top">Type,
-MimeType,
-and Encoding <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">Type, MimeType, and Encoding</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">CipherReference
-URI derefencing <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    URI derefencing</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> Transforms </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
+    <ul><li>Transforms </li></ul>
 </td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">ds:KeyInfo
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
+<td style="width: 40%;" align="left" valign="top">
+    <ul><li>ds:KeyInfo</li></ul>
 </td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> enc:DHKeyValue </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">N<br>
+    <ul><li>enc:DHKeyValue</li></ul>
 </td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> ds:KeyName </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
+    <ul><li>ds:KeyName</li></ul>
 </td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> ds:RetrievalMethod </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
+    <ul><li>ds:RetrievalMethod</li></ul>
 </td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">ReferenceList
-                  <br>
-</td>
-                  <td align="left" valign="top">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">ReferenceList</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">EncryptionProperties
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">EncryptionProperties</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Satisfactory
-Performance<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
-<tr>
-<td style="width: 40%;" align="left" valign="top">Required
-Type
-support: Element and Content. <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Satisfactory Performance</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">Encryption
-                  <br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Required Type
+    support: Element and Content.</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">Encryption</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> Serialization of XML Element and Content.
-                      <ol>
-<li> NFC conversion from non-Unicode encodings.
-                        </li>
-                      </ol>
-</li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <ul><li>Serialization of XML Element and Content
+    (NFC conversion from non-Unicode encodings).
+    </li></ul>
+</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> Encryptor returns EncryptedData structure. </li>
-                  </ul>
+    <ul><li>Encryptor returns EncryptedData structure. </li></ul>
 </td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> Encryptor replaces EncryptedData into source
-document (when Type is Element or Content). </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <ul><li> Encryptor replaces EncryptedData into source
+    document (when Type is Element or Content).</li></ul>
+</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> Decryption <br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Decryption</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> The decryptor returns the data and its Type to
-the application (be
-it an octet sequence or key value). </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <ul><li>The decryptor returns the data and its Type to
+    the application (be it an octet sequence or key value).</li></ul>
+</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> If data is Element or Content the decryptor
-return the UTF-8 encoding XML character data. </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <ul><li>If data is Element or Content the decryptor
+    return the UTF-8 encoding XML character data.</li></ul>
+</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-                  <ul>
-<li> If data is Element or Content the decryptor
-replaces the EncryptedData in the source document with the decrypted
-data. </li>
-                  </ul>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+    <ul><li>If data is Element or Content the decryptor
+    replaces the EncryptedData in the source document with the decrypted
+    data.</li></ul>
+</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">TRIPLEDES<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">TRIPLEDES</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">AES-128<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-128</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">AES-256<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-256</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> AES-192<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
-<tr>
-<td style="width: 40%;" align="left" valign="top">RSA-v1.5
-(192 bit keys
-for AES or DES)<br>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-192</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> RSA-OAEP (128
-and 256 bit keys for
-AES)<br>
-</td>
-                  <td valign="top">Y<a href="#rsa-oaep"><sup>(1)</sup></a>
-                  <br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">RSA-v1.5 (192 bit keys for AES or DES)</td>
+    <td valign="top">Y</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> Diffie-Hellman
-Key Agreement<br>
-</td>
-                  <td valign="top">N<br>
+<td style="width: 40%;" align="left" valign="top">RSA-OAEP (128 and 256 bit keys for AES)</td>
+    <td valign="top">Y<a href="#rsa-oaep"><sup>(1)</sup></a>
 </td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> TRIPLEDES Key
-Wrap<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Diffie-Hellman Key Agreement</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> AES-128 Key
-Wrap (128 bit keys)<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">TRIPLEDES Key Wrap</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> AES-256 Key
-Wrap (256 bit keys)<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-128 Key Wrap (128 bit keys)</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> AES-192 Key Wrap<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-192 Key Wrap</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> SHA1<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">AES-256 Key Wrap (256 bit keys)</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> SHA256<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">SHA1</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> SHA512<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">SHA256</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> RIPEMD-160<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                  <td style="vertical-align: top;">N<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">SHA512</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> XML Digital
-Signature <br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">RIPEMD-160</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top"> Decryption
-Transform<br>
-</td>
-                  <td valign="top">N<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">XML Digital Signature</td>
+    <td valign="top">Y </td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top">
-<ul>
-<li>XPointer support in <code>Except URI</code>
-</li>
-</ul>
-</td>
-                  <td valign="top">N<br>
-</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                  <td style="vertical-align: top;">N</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top">Decryption Transform</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
 <td style="width: 40%;" align="left" valign="top">
-<a href="http://www.w3.org/TR/xml-c14n">Canonical XML 1.0</a>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+    <ul><li>XPointer support in <code>Except URI</code>
+</li></ul>
+</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+    <td valign="top">N</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">
-<a href="http://www.w3.org/TR/xml-exc-c14n">Exlusive Canonical XML 1.0</a>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><a href="http://www.w3.org/TR/xml-c14n">Canonical XML 1.0</a></td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" align="left" valign="top">
-<a href="http://www.w3.org/TR/xml-c14n11/">Canonical XML 1.1</a>
-</td>
-                  <td align="left" valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y<br>
-</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><a href="http://www.w3.org/TR/xml-exc-c14n">Exlusive Canonical XML 1.0</a></td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 <tr>
-<td style="width: 40%;" valign="top">Base64 Encoding<br>
-</td>
-                  <td valign="top">Y<br>
-</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                  <td style="vertical-align: top;">Y</td>
-                </tr>
+<td style="width: 40%;" align="left" valign="top"><a href="http://www.w3.org/TR/xml-c14n11/">Canonical XML 1.1</a></td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
+<tr>
+<td style="width: 40%;" align="left" valign="top">Base64 Encoding</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+    <td valign="top">Y</td>
+</tr>
 </tbody></table>
 <div align="left"> <br><a name="rsa-oaep"></a> <sup>(1)</sup> OpenSSL (and XML
 Security Library) supports only SHA1 as the digest in the RSA-OAEP key
diff --git a/docs/xmlsec-man.html b/docs/xmlsec-man.html
index 39b6ab63..7bd93a70 100644
--- a/docs/xmlsec-man.html
+++ b/docs/xmlsec-man.html
@@ -45,9 +45,9 @@
 <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
 <h1>XMLSEC1</h1>
 <br><br><a href="#index">Index</a><a href="/cgi-bin/man/man2html">Return to Main Contents</a><hr>
-<a name="lbAB"> </a><h2>NAME</h2>
-<a name="lbAC"> </a><h2>SYNOPSIS</h2>
-<b>xmlsec</b><i>&lt;command&gt; </i><i>&lt;options&gt;</i><i>&lt;files&gt;</i><a name="lbAD"> </a><h2>DESCRIPTION</h2>
+<a name="lbAB"> </a><h2>NAME</h2>
+<a name="lbAC"> </a><h2>SYNOPSIS</h2>
+<b>xmlsec</b><i>&lt;command&gt; </i><i>&lt;options&gt;</i><i>&lt;files&gt;</i><a name="lbAD"> </a><h2>DESCRIPTION</h2>
 <dl compact>
 <dt><b>--help</b></dt>
 <dd> display this help information and exit </dd>
@@ -71,7 +71,7 @@
 <dt><b>--decrypt</b></dt>
 <dd> decrypt data from XML document </dd>
 </dl>
-<a name="lbAE"> </a><h2>OPTIONS</h2>
+<a name="lbAE"> </a><h2>OPTIONS</h2>
 <dl compact>
 <dt> <b>--ignore-manifests</b> <dt></dt>
 </dt>
@@ -239,7 +239,7 @@
 </dd>
 <dt> <b>--crypto</b> &lt;name&gt; <dt></dt>
 </dt>
-<dd> <dd>the name of the crypto engine to use from the following list: openssl, gnutls, nss, mscrypto (if no crypto engine is specified then the default one is used) </dd>
+<dd> <dd>the name of the crypto engine to use from the following list: openssl, mscrypto, nss, gnutls, gcrypt (if no crypto engine is specified then the default one is used) </dd>
 </dd>
 <dt> <b>--crypto-config</b> &lt;path&gt; <dt></dt>
 </dt>
@@ -262,12 +262,12 @@
 <dd> <dd>print help information about the command </dd>
 </dd>
 </dl>
-<a name="lbAF"> </a><h2>AUTHOR</h2>
-<a href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a><a name="lbAG"> </a><h2>REPORTING BUGS</h2>
-<a href="http://www.aleksey.com/xmlsec/bugs.html">http://www.aleksey.com/xmlsec/bugs.html</a><a name="lbAH"> </a><h2>COPYRIGHT</h2>
+<a name="lbAF"> </a><h2>AUTHOR</h2>
+<a href="mailto:aleksey@aleksey.com">aleksey@aleksey.com</a><a name="lbAG"> </a><h2>REPORTING BUGS</h2>
+<a href="http://www.aleksey.com/xmlsec/bugs.html">http://www.aleksey.com/xmlsec/bugs.html</a><a name="lbAH"> </a><h2>COPYRIGHT</h2>
 <br><p>  </p>
 <hr>
-<a name="index"> </a><h2>Index</h2>
+<a name="index"> </a><h2>Index</h2>
 <dl>
 <dt><a href="#lbAB">NAME</a></dt>
 <dd> </dd>
diff --git a/examples/Makefile b/examples/Makefile
index 5c87150f..a237b987 100644
--- a/examples/Makefile
+++ b/examples/Makefile
@@ -11,7 +11,7 @@ PROGRAMS = \
 
 CC	= gcc
 CFLAGS	+= -g $(shell xmlsec1-config --cflags) -DUNIX_SOCKETS
-LDFLAGS	+= -g $(shell xmlsec1-config --libs)
+LDLIBS	+= -g $(shell xmlsec1-config --libs)
 
 all: $(PROGRAMS)
 
diff --git a/examples/decrypt1.c b/examples/decrypt1.c
index bfc1dd03..39ad1039 100644
--- a/examples/decrypt1.c
+++ b/examples/decrypt1.c
@@ -4,11 +4,11 @@
  * Decrypts encrypted XML file using a single DES key from a binary file
  * 
  * Usage: 
- *	./decrypt1 <xml-enc> <des-key-file> 
+ *      ./decrypt1 <xml-enc> <des-key-file> 
  *
  * Example:
- *	./decrypt1 encrypt1-res.xml deskey.bin
- *	./decrypt1 encrypt2-res.xml deskey.bin
+ *      ./decrypt1 encrypt1-res.xml deskey.bin
+ *      ./decrypt1 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -25,6 +25,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -36,12 +37,16 @@ int decrypt_file(const char* enc_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <enc-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <enc-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -52,17 +57,30 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -72,27 +90,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(decrypt_file(argv[1], argv[2]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -115,8 +133,8 @@ main(int argc, char **argv) {
 
 /**
  * decrypt_file:
- * @enc_file:		the encrypted XML  file name.
- * @key_file:		the Triple DES key file.
+ * @enc_file:           the encrypted XML  file name.
+ * @key_file:           the Triple DES key file.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -136,55 +154,55 @@ decrypt_file(const char* enc_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key */
     encCtx->encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx->encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
     
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) < 0) || (encCtx->result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx->resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
-	if(xmlSecBufferGetData(encCtx->result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx->result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx->result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+        if(xmlSecBufferGetData(encCtx->result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx->result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx->result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -194,11 +212,11 @@ decrypt_file(const char* enc_file, const char* key_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/decrypt2.c b/examples/decrypt2.c
index 051cbf97..49513e12 100644
--- a/examples/decrypt2.c
+++ b/examples/decrypt2.c
@@ -5,11 +5,11 @@
  * DES key from a binary file
  * 
  * Usage: 
- *	./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]] 
+ *      ./decrypt2 <xml-enc> <des-key-file1> [<des-key-file2> [...]] 
  *
  * Example:
- *	./decrypt2 encrypt1-res.xml deskey.bin
- *	./decrypt2 encrypt2-res.xml deskey.bin
+ *      ./decrypt2 encrypt1-res.xml deskey.bin
+ *      ./decrypt2 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -26,6 +26,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -39,13 +40,16 @@ int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
 
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <enc-file> <key-file1> [<key-file2> [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <enc-file> <key-file1> [<key-file2> [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -56,17 +60,30 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -76,34 +93,34 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_des_keys(&(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(decrypt_file(mngr, argv[1]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -120,6 +137,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -129,8 +147,8 @@ main(int argc, char **argv) {
 
 /**
  * load_des_keys:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load DES keys from #files in it.
  * The caller is responsible for destroing returned keys manager using
@@ -154,43 +172,43 @@ load_des_keys(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i < files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load DES key */
-	key = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, files[i]);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load DES key */
+        key = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, files[i]);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
 
-	/* set key name to the file name, this is just an example! */
-	if(xmlSecKeySetName(key, BAD_CAST files[i]) < 0) {
-    	    fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
-	
-	/* add key to keys manager, from now on keys manager is responsible 
-	 * for destroying key 
-	 */
-	if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
-    	    fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* set key name to the file name, this is just an example! */
+        if(xmlSecKeySetName(key, BAD_CAST files[i]) < 0) {
+            fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
+        
+        /* add key to keys manager, from now on keys manager is responsible 
+         * for destroying key 
+         */
+        if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
+            fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -198,8 +216,8 @@ load_des_keys(char** files, int files_size) {
 
 /**
  * decrypt_file:
- * @mngr:		the pointer to keys manager.
- * @enc_file:		the encrypted XML  file name.
+ * @mngr:               the pointer to keys manager.
+ * @enc_file:           the encrypted XML  file name.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -219,42 +237,42 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) < 0) || (encCtx->result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx->resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
-	if(xmlSecBufferGetData(encCtx->result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx->result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx->result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+        if(xmlSecBufferGetData(encCtx->result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx->result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx->result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -264,11 +282,11 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/decrypt3.c b/examples/decrypt3.c
index eb0d581a..253920fb 100644
--- a/examples/decrypt3.c
+++ b/examples/decrypt3.c
@@ -6,11 +6,11 @@
  * key's file name in the current folder.
  * 
  * Usage: 
- *	./decrypt3 <xml-enc> 
+ *      ./decrypt3 <xml-enc> 
  *
  * Example:
- *	./decrypt3 encrypt1-res.xml
- *	./decrypt3 encrypt2-res.xml
+ *      ./decrypt3 encrypt1-res.xml
+ *      ./decrypt3 encrypt2-res.xml
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -28,6 +28,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -42,13 +43,16 @@ int decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file);
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */    
 
     assert(argv);
 
     if(argc != 2) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <enc-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <enc-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -59,17 +63,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -79,34 +95,34 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = create_files_keys_mngr();
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     if(decrypt_file(mngr, argv[1]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -123,6 +139,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -132,8 +149,8 @@ main(int argc, char **argv) {
 
 /**
  * decrypt_file:
- * @mngr:		the pointer to keys manager.
- * @enc_file:		the encrypted XML  file name.
+ * @mngr:               the pointer to keys manager.
+ * @enc_file:           the encrypted XML  file name.
  *
  * Decrypts the XML file #enc_file using DES key from #key_file and 
  * prints results to stdout.
@@ -153,42 +170,42 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
     /* load template */
     doc = xmlParseFile(enc_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", enc_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", enc_file);
+        goto done;      
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* decrypt the data */
     if((xmlSecEncCtxDecrypt(encCtx, node) < 0) || (encCtx->result == NULL)) {
         fprintf(stderr,"Error: decryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print decrypted data to stdout */
     if(encCtx->resultReplaced != 0) {
-	fprintf(stdout, "Decrypted XML data:\n");
-	xmlDocDump(stdout, doc);
+        fprintf(stdout, "Decrypted XML data:\n");
+        xmlDocDump(stdout, doc);
     } else {
-	fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
-	if(xmlSecBufferGetData(encCtx->result) != NULL) {
-	    fwrite(xmlSecBufferGetData(encCtx->result), 
-	          1, 
-	          xmlSecBufferGetSize(encCtx->result),
-	          stdout);
-	}
+        fprintf(stdout, "Decrypted binary data (%d bytes):\n", xmlSecBufferGetSize(encCtx->result));
+        if(xmlSecBufferGetData(encCtx->result) != NULL) {
+            fwrite(xmlSecBufferGetData(encCtx->result), 
+                  1, 
+                  xmlSecBufferGetSize(encCtx->result),
+                  stdout);
+        }
     }
     fprintf(stdout, "\n");
         
@@ -198,11 +215,11 @@ decrypt_file(xmlSecKeysMngrPtr mngr, const char* enc_file) {
 done:    
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
@@ -223,31 +240,31 @@ create_files_keys_mngr(void) {
     /* create files based keys store */
     keysStore = xmlSecKeyStoreCreate(files_keys_store_get_klass());
     if(keysStore == NULL) {
-	fprintf(stderr, "Error: failed to create keys store.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys store.\n");
+        return(NULL);
     }
     
     /* create keys manager */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	xmlSecKeyStoreDestroy(keysStore);
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        xmlSecKeyStoreDestroy(keysStore);
+        return(NULL);
     }
 
     /* add store to keys manager, from now on keys manager destroys the store if needed */
     if(xmlSecKeysMngrAdoptKeysStore(mngr, keysStore) < 0) {
-	fprintf(stderr, "Error: failed to add keys store to keys manager.\n");
-	xmlSecKeyStoreDestroy(keysStore);
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to add keys store to keys manager.\n");
+        xmlSecKeyStoreDestroy(keysStore);
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
     
     /* initialize crypto library specific data in keys manager */
     if(xmlSecCryptoKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize crypto data in keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
 
     /* set the get key callback */
@@ -263,20 +280,20 @@ create_files_keys_mngr(void) {
  * Attention: this probably not a good solution for high traffic systems.
  * 
  ***************************************************************************/
-static xmlSecKeyPtr		files_keys_store_find_key	(xmlSecKeyStorePtr store,
-								 const xmlChar* name,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyPtr             files_keys_store_find_key       (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 static xmlSecKeyStoreKlass files_keys_store_klass = {
     sizeof(xmlSecKeyStoreKlass),
     sizeof(xmlSecKeyStore),
-    BAD_CAST "files-based-keys-store",	/* const xmlChar* name; */         
-    NULL,				/* xmlSecKeyStoreInitializeMethod initialize; */
-    NULL,				/* xmlSecKeyStoreFinalizeMethod finalize; */
-    files_keys_store_find_key,		/* xmlSecKeyStoreFindKeyMethod findKey; */
+    BAD_CAST "files-based-keys-store",  /* const xmlChar* name; */         
+    NULL,                               /* xmlSecKeyStoreInitializeMethod initialize; */
+    NULL,                               /* xmlSecKeyStoreFinalizeMethod finalize; */
+    files_keys_store_find_key,          /* xmlSecKeyStoreFindKeyMethod findKey; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
 /**
@@ -294,9 +311,9 @@ files_keys_store_get_klass(void) {
 
 /**
  * files_keys_store_find_key:
- * @store:		the pointer to simple keys store.
- * @name:		the desired key name.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> node processing context.
+ * @store:              the pointer to simple keys store.
+ * @name:               the desired key name.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> node processing context.
  *  
  * Lookups key in the @store. The caller is responsible for destroying
  * returned key with #xmlSecKeyDestroy function.
@@ -314,7 +331,7 @@ files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKe
     /* it's possible to do not have the key name or desired key type 
      * but we could do nothing in this case */
     if((name == NULL) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataIdUnknown)){
-	return(NULL);
+        return(NULL);
     }
     
     /* we don't want to open files in a folder other than "current";
@@ -322,32 +339,32 @@ files_keys_store_find_key(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKe
      * '.', '-' or '_'.
      */
     for(p = name; (*p) != '\0'; ++p) {
-	if(!isalnum((*p)) && ((*p) != '.') && ((*p) != '-') && ((*p) != '_')) {
-	    return(NULL);
-	}
+        if(!isalnum((*p)) && ((*p) != '.') && ((*p) != '-') && ((*p) != '_')) {
+            return(NULL);
+        }
     }
     
     if((keyInfoCtx->keyReq.keyId == xmlSecKeyDataDsaId) || (keyInfoCtx->keyReq.keyId == xmlSecKeyDataRsaId)) {
-	/* load key from a pem file, if key is not found then it's an error (is it?) */
-	key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
-	    return(NULL);
-	}
+        /* load key from a pem file, if key is not found then it's an error (is it?) */
+        key = xmlSecCryptoAppKeyLoad(name, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", name);
+            return(NULL);
+        }
     } else {
-	/* otherwise it's a binary key, if key is not found then it's an error (is it?) */
-	key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, name);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
-	    return(NULL);
-	}
+        /* otherwise it's a binary key, if key is not found then it's an error (is it?) */
+        key = xmlSecKeyReadBinaryFile(keyInfoCtx->keyReq.keyId, name);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load key from binary file \"%s\"\n", name);
+            return(NULL);
+        }
     }
 
     /* set key name */
     if(xmlSecKeySetName(key, name) < 0) {
         fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", name);
         xmlSecKeyDestroy(key);
-        return(NULL);	
+        return(NULL);   
     }
 
     return(key);
diff --git a/examples/encrypt1.c b/examples/encrypt1.c
index bdd16b14..fb4d103f 100644
--- a/examples/encrypt1.c
+++ b/examples/encrypt1.c
@@ -4,13 +4,13 @@
  * Encrypts binary data using a template file and a DES key from a binary file
  * 
  * Usage: 
- *	./encrypt1 <xml-tmpl> <des-key-file> 
+ *      ./encrypt1 <xml-tmpl> <des-key-file> 
  *
  * Example:
- *	./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml
+ *      ./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml
  *
  * The result could be decrypted with decrypt1 example:
- *	./decrypt1 encrypt1-res.xml deskey.bin
+ *      ./decrypt1 encrypt1-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -27,6 +27,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -35,17 +36,20 @@
 #include <xmlsec/crypto.h>
 
 int encrypt_file(const char* tmpl_file, const char* key_file, 
-		 const unsigned char* data, size_t dataSize);
+                 const unsigned char* data, size_t dataSize);
 int 
 main(int argc, char **argv) {
     static const char secret_data[] = "Big secret";
-    
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <tmpl-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <tmpl-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -56,17 +60,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -76,27 +92,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(encrypt_file(argv[1], argv[2], secret_data, strlen(secret_data)) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -110,6 +126,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -119,10 +136,10 @@ main(int argc, char **argv) {
 
 /**
  * encrypt_file:
- * @tmpl_file:		the encryption template file name.
- * @key_file:		the Triple DES key file.
- * @data:		the binary data to encrypt.
- * @dataSize:		the binary data size.
+ * @tmpl_file:          the encryption template file name.
+ * @key_file:           the Triple DES key file.
+ * @data:               the binary data to encrypt.
+ * @dataSize:           the binary data size.
  *
  * Encrypts binary #data using template from #tmpl_file and DES key from
  * #key_file.
@@ -131,7 +148,7 @@ main(int argc, char **argv) {
  */
 int 
 encrypt_file(const char* tmpl_file, const char* key_file, 
-	     const unsigned char* data, size_t dataSize) {
+             const unsigned char* data, size_t dataSize) {
     xmlDocPtr doc = NULL;
     xmlNodePtr node = NULL;
     xmlSecEncCtxPtr encCtx = NULL;
@@ -144,41 +161,41 @@ encrypt_file(const char* tmpl_file, const char* key_file,
     /* load template */
     doc = xmlParseFile(tmpl_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
+        goto done;      
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key, assuming that there is not password */
     encCtx->encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx->encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxBinaryEncrypt(encCtx, node, data, dataSize) < 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
         
     /* print encrypted data with document to stdout */
@@ -191,11 +208,11 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/encrypt2.c b/examples/encrypt2.c
index 9bbd52ff..4f1ad588 100644
--- a/examples/encrypt2.c
+++ b/examples/encrypt2.c
@@ -5,13 +5,13 @@
  * from a binary file
  * 
  * Usage: 
- *	./encrypt2 <xml-doc> <des-key-file> 
+ *      ./encrypt2 <xml-doc> <des-key-file> 
  *
  * Example:
- *	./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml
+ *      ./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml
  *
  * The result could be decrypted with decrypt1 example:
- *	./decrypt1 encrypt2-res.xml deskey.bin
+ *      ./decrypt1 encrypt2-res.xml deskey.bin
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -28,6 +28,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -40,12 +41,16 @@ int encrypt_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -56,17 +61,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -76,27 +93,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(encrypt_file(argv[1], argv[2]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -110,6 +127,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -119,8 +137,8 @@ main(int argc, char **argv) {
 
 /**
  * encrypt_file:
- * @xml_file:		the encryption template file name.
- * @key_file:		the Triple DES key file.
+ * @xml_file:           the encryption template file name.
+ * @key_file:           the Triple DES key file.
  *
  * Encrypts #xml_file using a dynamicaly created template and DES key from
  * #key_file.
@@ -141,61 +159,61 @@ encrypt_file(const char* xml_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create encryption template to encrypt XML file and replace 
      * its content with encryption result */
     encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
-				NULL, xmlSecTypeEncElement, NULL, NULL);
+                                NULL, xmlSecTypeEncElement, NULL, NULL);
     if(encDataNode == NULL) {
-	fprintf(stderr, "Error: failed to create encryption template\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to create encryption template\n");
+        goto done;   
     }
 
     /* we want to put encrypted data in the <enc:CipherValue/> node */
     if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
     keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create encryption context, we don't need keys manager in this example */
     encCtx = xmlSecEncCtxCreate(NULL);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* load DES key, assuming that there is not password */
     encCtx->encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
     if(encCtx->encKey == NULL) {
         fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(encCtx->encKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, xmlDocGetRootElement(doc)) < 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
     
     /* we template is inserted in the doc */
@@ -211,15 +229,15 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
 
     if(encDataNode != NULL) {
-	xmlFreeNode(encDataNode);
+        xmlFreeNode(encDataNode);
     }
         
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/encrypt3.c b/examples/encrypt3.c
index 788c964e..aa9465a2 100644
--- a/examples/encrypt3.c
+++ b/examples/encrypt3.c
@@ -5,13 +5,13 @@
  * DES key (encrypted with an RSA key).
  * 
  * Usage: 
- *	./encrypt3 <xml-doc> <rsa-pem-key-file> 
+ *      ./encrypt3 <xml-doc> <rsa-pem-key-file> 
  *
  * Example:
- *	./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml
+ *      ./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml
  *
  * The result could be decrypted with decrypt3 example:
- *	./decrypt3 encrypt3-res.xml
+ *      ./decrypt3 encrypt3-res.xml
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -28,6 +28,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -42,13 +43,16 @@ int encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_n
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -59,17 +63,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -79,35 +95,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_rsa_keys(argv[2]);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
 
     /* we use key filename as key name here */
     if(encrypt_file(mngr, argv[1], argv[2]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);
+        return(-1);
     }    
 
     /* destroy keys manager */
@@ -124,6 +140,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -133,7 +150,7 @@ main(int argc, char **argv) {
 
 /**
  * load_rsa_keys:
- * @key_file:		the key filename.
+ * @key_file:           the key filename.
  *
  * Creates simple keys manager and load RSA key from #key_file in it.
  * The caller is responsible for destroing returned keys manager using
@@ -155,13 +172,13 @@ load_rsa_keys(char* key_file) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     /* load private RSA key */
@@ -175,11 +192,11 @@ load_rsa_keys(char* key_file) {
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(key, BAD_CAST key_file) < 0) {
         fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-        xmlSecKeyDestroy(key);	
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        xmlSecKeyDestroy(key);  
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }
-	
+        
     /* add key to keys manager, from now on keys manager is responsible 
      * for destroying key 
      */
@@ -195,9 +212,9 @@ load_rsa_keys(char* key_file) {
 
 /**
  * encrypt_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the encryption template file name.
- * @key_name:		the RSA key name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the encryption template file name.
+ * @key_name:           the RSA key name.
  *
  * Encrypts #xml_file using a dynamicaly created template, a session DES key 
  * and an RSA key from keys manager.
@@ -221,78 +238,78 @@ encrypt_file(xmlSecKeysMngrPtr mngr, const char* xml_file, const char* key_name)
     /* load template */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create encryption template to encrypt XML file and replace 
      * its content with encryption result */
     encDataNode = xmlSecTmplEncDataCreate(doc, xmlSecTransformDes3CbcId,
-				NULL, xmlSecTypeEncElement, NULL, NULL);
+                                NULL, xmlSecTypeEncElement, NULL, NULL);
     if(encDataNode == NULL) {
-	fprintf(stderr, "Error: failed to create encryption template\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to create encryption template\n");
+        goto done;   
     }
 
     /* we want to put encrypted data in the <enc:CipherValue/> node */
     if(xmlSecTmplEncDataEnsureCipherValue(encDataNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add <dsig:KeyInfo/> */
     keyInfoNode = xmlSecTmplEncDataEnsureKeyInfo(encDataNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     /* add <enc:EncryptedKey/> to store the encrypted session key */
     encKeyNode = xmlSecTmplKeyInfoAddEncryptedKey(keyInfoNode, 
-				    xmlSecTransformRsaPkcs1Id, 
-				    NULL, NULL, NULL);
+                                    xmlSecTransformRsaPkcs1Id, 
+                                    NULL, NULL, NULL);
     if(encKeyNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     /* we want to put encrypted key in the <enc:CipherValue/> node */
     if(xmlSecTmplEncDataEnsureCipherValue(encKeyNode) == NULL) {
-	fprintf(stderr, "Error: failed to add CipherValue node\n");
-	goto done;   
+        fprintf(stderr, "Error: failed to add CipherValue node\n");
+        goto done;   
     }
 
     /* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to <enc:EncryptedKey/> */
     keyInfoNode2 = xmlSecTmplEncDataEnsureKeyInfo(encKeyNode, NULL);
     if(keyInfoNode2 == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
     
     /* set key name so we can lookup key when needed */
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode2, key_name) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create encryption context */
     encCtx = xmlSecEncCtxCreate(mngr);
     if(encCtx == NULL) {
         fprintf(stderr,"Error: failed to create encryption context\n");
-	goto done;
+        goto done;
     }
 
     /* generate a Triple DES key */
     encCtx->encKey = xmlSecKeyGenerate(xmlSecKeyDataDesId, 192, xmlSecKeyDataTypeSession);
     if(encCtx->encKey == NULL) {
         fprintf(stderr,"Error: failed to generate session des key\n");
-	goto done;
+        goto done;
     }
 
     /* encrypt the data */
     if(xmlSecEncCtxXmlEncrypt(encCtx, encDataNode, xmlDocGetRootElement(doc)) < 0) {
         fprintf(stderr,"Error: encryption failed\n");
-	goto done;
+        goto done;
     }
     
     /* we template is inserted in the doc */
@@ -308,15 +325,15 @@ done:
 
     /* cleanup */
     if(encCtx != NULL) {
-	xmlSecEncCtxDestroy(encCtx);
+        xmlSecEncCtxDestroy(encCtx);
     }
 
     if(encDataNode != NULL) {
-	xmlFreeNode(encDataNode);
+        xmlFreeNode(encDataNode);
     }
         
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/mywin32make.bat b/examples/mywin32make.bat
index 84c5777e..a7d22803 100644
--- a/examples/mywin32make.bat
+++ b/examples/mywin32make.bat
@@ -8,7 +8,7 @@ REM
 REM Aleksey Sanin <aleksey@aleksey.com>
 REM 
 
-SET XMLSEC_PREFIX=d:\sdk
+SET XMLSEC_PREFIX=C:\cygwin\home\local
 SET XMLSEC_INCLUDE=%XMLSEC_PREFIX%\include
 SET XMLSEC_LIB=%XMLSEC_PREFIX%\lib
 
diff --git a/examples/sign1.c b/examples/sign1.c
index f17bf96f..e545843f 100644
--- a/examples/sign1.c
+++ b/examples/sign1.c
@@ -4,13 +4,13 @@
  * Signs a template file using a key from PEM file
  * 
  * Usage: 
- *	./sign1 <xml-tmpl> <pem-key> 
+ *      ./sign1 <xml-tmpl> <pem-key> 
  *
  * Example:
- *	./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml
+ *      ./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml
  *
  * The result signature could be validated using verify1 example:
- *	./verify1 sign1-res.xml rsapub.pem
+ *      ./verify1 sign1-res.xml rsapub.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -27,6 +27,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -38,12 +39,16 @@ int sign_file(const char* tmpl_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <tmpl-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <tmpl-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -54,17 +59,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */                
+
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -74,27 +91,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -108,7 +125,8 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
-    xsltCleanupGlobals();            
+    xsltFreeSecurityPrefs(xsltSecPrefs);
+    xsltCleanupGlobals();
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
     
@@ -117,8 +135,8 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @tmpl_file:		the signature template file name.
- * @key_file:		the PEM private key file name.
+ * @tmpl_file:          the signature template file name.
+ * @key_file:           the PEM private key file name.
  *
  * Signs the #tmpl_file using private key from #key_file.
  *
@@ -137,41 +155,41 @@ sign_file(const char* tmpl_file, const char* key_file) {
     /* load template */
     doc = xmlParseFile(tmpl_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
+        goto done;      
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx->signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, node) < 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -183,11 +201,11 @@ sign_file(const char* tmpl_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/sign2.c b/examples/sign2.c
index 3bb858ce..146bbbaa 100644
--- a/examples/sign2.c
+++ b/examples/sign2.c
@@ -6,13 +6,13 @@
  * the whole document except the <dsig:Signature/> node itself.
  * 
  * Usage: 
- *	sign2 <xml-doc> <pem-key> 
+ *      sign2 <xml-doc> <pem-key> 
  *
  * Example:
- *	./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml
+ *      ./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml
  *
  * The result signature could be validated using verify1 example:
- *	./verify1 sign2-res.xml rsapub.pem
+ *      ./verify1 sign2-res.xml rsapub.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -29,6 +29,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -41,12 +42,16 @@ int sign_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -57,17 +62,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -77,27 +94,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -111,6 +128,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -120,8 +138,8 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @xml_file:		the XML file name.
- * @key_file:		the PEM private key file name.
+ * @xml_file:           the XML file name.
+ * @key_file:           the PEM private key file name.
  *
  * Signs the #xml_file using private key from #key_file and dynamicaly
  * created enveloped signature template.
@@ -143,16 +161,16 @@ sign_file(const char* xml_file, const char* key_file) {
     /* load doc file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create signature template for RSA-SHA1 enveloped signature */
     signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
-				         xmlSecTransformRsaSha1Id, NULL);
+                                         xmlSecTransformRsaSha1Id, NULL);
     if(signNode == NULL) {
-	fprintf(stderr, "Error: failed to create signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to create signature template\n");
+        goto done;              
     }
 
     /* add <dsig:Signature/> node to the doc */
@@ -160,54 +178,54 @@ sign_file(const char* xml_file, const char* key_file) {
     
     /* add reference */
     refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
-					NULL, NULL, NULL);
+                                        NULL, NULL, NULL);
     if(refNode == NULL) {
-	fprintf(stderr, "Error: failed to add reference to signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add reference to signature template\n");
+        goto done;              
     }
 
     /* add enveloped transform */
     if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
-	fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
+        goto done;              
     }
     
     /* add <dsig:KeyInfo/> and <dsig:KeyName/> nodes to put key name in the signed document */
     keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
 
     if(xmlSecTmplKeyInfoAddKeyName(keyInfoNode, NULL) == NULL) {
-	fprintf(stderr, "Error: failed to add key name\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key name\n");
+        goto done;              
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx->signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, signNode) < 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -219,11 +237,11 @@ sign_file(const char* xml_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/sign3.c b/examples/sign3.c
index 8a367083..9d16cf72 100644
--- a/examples/sign3.c
+++ b/examples/sign3.c
@@ -10,13 +10,13 @@
  * certificates management policies for another crypto library may break it.
  * 
  * Usage: 
- *	sign3 <xml-doc> <pem-key> 
+ *      sign3 <xml-doc> <pem-key> 
  *
  * Example:
- *	./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
+ *      ./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml
  *
  * The result signature could be validated using verify3 example:
- *	./verify3 sign3-res.xml rootcert.pem
+ *      ./verify3 sign3-res.xml rootcert.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -33,6 +33,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -45,12 +46,16 @@ int sign_file(const char* xml_file, const char* key_file, const char* cert_file)
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 4) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file> <cert-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file> <cert-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -61,17 +66,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -81,27 +98,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(sign_file(argv[1], argv[2], argv[3]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -115,6 +132,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -124,9 +142,9 @@ main(int argc, char **argv) {
 
 /** 
  * sign_file:
- * @xml_file:		the XML file name.
- * @key_file:		the PEM private key file name.
- * @cert_file:		the x509 certificate PEM file.
+ * @xml_file:           the XML file name.
+ * @key_file:           the PEM private key file name.
+ * @cert_file:          the x509 certificate PEM file.
  *
  * Signs the @xml_file using private key from @key_file and dynamicaly
  * created enveloped signature template. The certificate from @cert_file
@@ -150,16 +168,16 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
     /* load doc file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* create signature template for RSA-SHA1 enveloped signature */
     signNode = xmlSecTmplSignatureCreate(doc, xmlSecTransformExclC14NId,
-				         xmlSecTransformRsaSha1Id, NULL);
+                                         xmlSecTransformRsaSha1Id, NULL);
     if(signNode == NULL) {
-	fprintf(stderr, "Error: failed to create signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to create signature template\n");
+        goto done;              
     }
 
     /* add <dsig:Signature/> node to the doc */
@@ -167,60 +185,60 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
     
     /* add reference */
     refNode = xmlSecTmplSignatureAddReference(signNode, xmlSecTransformSha1Id,
-					NULL, NULL, NULL);
+                                        NULL, NULL, NULL);
     if(refNode == NULL) {
-	fprintf(stderr, "Error: failed to add reference to signature template\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add reference to signature template\n");
+        goto done;              
     }
 
     /* add enveloped transform */
     if(xmlSecTmplReferenceAddTransform(refNode, xmlSecTransformEnvelopedId) == NULL) {
-	fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add enveloped transform to reference\n");
+        goto done;              
     }
     
     /* add <dsig:KeyInfo/> and <dsig:X509Data/> */
     keyInfoNode = xmlSecTmplSignatureEnsureKeyInfo(signNode, NULL);
     if(keyInfoNode == NULL) {
-	fprintf(stderr, "Error: failed to add key info\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add key info\n");
+        goto done;              
     }
     
     if(xmlSecTmplKeyInfoAddX509Data(keyInfoNode) == NULL) {
-	fprintf(stderr, "Error: failed to add X509Data node\n");
-	goto done;		
+        fprintf(stderr, "Error: failed to add X509Data node\n");
+        goto done;              
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load private key, assuming that there is not password */
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx->signKey == NULL) {
         fprintf(stderr,"Error: failed to load private pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
     
     /* load certificate and add to the key */
     if(xmlSecCryptoAppKeyCertLoad(dsigCtx->signKey, cert_file, xmlSecKeyDataFormatPem) < 0) {
         fprintf(stderr,"Error: failed to load pem certificate \"%s\"\n", cert_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* sign the template */
     if(xmlSecDSigCtxSign(dsigCtx, signNode) < 0) {
         fprintf(stderr,"Error: signature failed\n");
-	goto done;
+        goto done;
     }
         
     /* print signed document to stdout */
@@ -232,11 +250,11 @@ sign_file(const char* xml_file, const char* key_file, const char* cert_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/verify1.c b/examples/verify1.c
index 9f2eff5b..04917e5a 100644
--- a/examples/verify1.c
+++ b/examples/verify1.c
@@ -4,11 +4,11 @@
  * Verifies a file using a key from PEM file.
  * 
  * Usage: 
- *	verify1 <signed-file> <pem-key> 
+ *      verify1 <signed-file> <pem-key> 
  *
  * Example:
- *	./verify1 sign1-res.xml rsapub.pem
- *	./verify1 sign2-res.xml rsapub.pem
+ *      ./verify1 sign1-res.xml rsapub.pem
+ *      ./verify1 sign2-res.xml rsapub.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -25,6 +25,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -36,12 +37,16 @@ int verify_file(const char* xml_file, const char* key_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     assert(argv);
 
     if(argc != 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file>\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -52,17 +57,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -72,27 +89,27 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     if(verify_file(argv[1], argv[2]) < 0) {
-	return(-1);
+        return(-1);
     }    
     
     /* Shutdown xmlsec-crypto library */
@@ -106,6 +123,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -115,8 +133,8 @@ main(int argc, char **argv) {
 
 /** 
  * verify_file:
- * @xml_file:		the signed XML file name.
- * @key_file:		the PEM public key file name.
+ * @xml_file:           the signed XML file name.
+ * @key_file:           the PEM public key file name.
  *
  * Verifies XML signature in #xml_file using public key from #key_file.
  *
@@ -135,48 +153,48 @@ verify_file(const char* xml_file, const char* key_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context, we don't need keys manager in this example */
     dsigCtx = xmlSecDSigCtxCreate(NULL);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* load public key */
     dsigCtx->signKey = xmlSecCryptoAppKeyLoad(key_file, xmlSecKeyDataFormatPem, NULL, NULL, NULL);
     if(dsigCtx->signKey == NULL) {
         fprintf(stderr,"Error: failed to load public pem key from \"%s\"\n", key_file);
-	goto done;
+        goto done;
     }
 
     /* set key name to the file name, this is just an example! */
     if(xmlSecKeySetName(dsigCtx->signKey, key_file) < 0) {
-    	fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
-	goto done;
+        fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -185,11 +203,11 @@ verify_file(const char* xml_file, const char* key_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/verify2.c b/examples/verify2.c
index a56bb551..36fde2d3 100644
--- a/examples/verify2.c
+++ b/examples/verify2.c
@@ -4,11 +4,11 @@
  * Verifies a file using keys manager
  * 
  * Usage: 
- *	verify2 <signed-file> <public-pem-key1> [<public-pem-key2> [...]]
+ *      verify2 <signed-file> <public-pem-key1> [<public-pem-key2> [...]]
  *
  * Example:
- *	./verify2 sign1-res.xml rsapub.pem
- *	./verify2 sign2-res.xml rsapub.pem
+ *      ./verify2 sign1-res.xml rsapub.pem
+ *      ./verify2 sign2-res.xml rsapub.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -25,6 +25,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -37,14 +38,18 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc < 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <key-file1> [<key-file2> [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <key-file1> [<key-file2> [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -55,17 +60,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -75,35 +92,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load keys */
     mngr = load_keys(&(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -120,6 +137,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -129,8 +147,8 @@ main(int argc, char **argv) {
 
 /**
  * load_keys:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load PEM keys from #files in it.
  * The caller is responsible for destroing returned keys manager using
@@ -154,43 +172,43 @@ load_keys(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i < files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load key */
-	key = xmlSecCryptoAppKeyLoad(files[i], xmlSecKeyDataFormatPem, NULL, NULL, NULL);
-	if(key == NULL) {
-    	    fprintf(stderr,"Error: failed to load pem key from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load key */
+        key = xmlSecCryptoAppKeyLoad(files[i], xmlSecKeyDataFormatPem, NULL, NULL, NULL);
+        if(key == NULL) {
+            fprintf(stderr,"Error: failed to load pem key from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
 
-	/* set key name to the file name, this is just an example! */
-	if(xmlSecKeySetName(key, BAD_CAST files[i]) < 0) {
-    	    fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
-	
-	/* add key to keys manager, from now on keys manager is responsible 
-	 * for destroying key 
-	 */
-	if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
-    	    fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
-	    xmlSecKeyDestroy(key);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* set key name to the file name, this is just an example! */
+        if(xmlSecKeySetName(key, BAD_CAST files[i]) < 0) {
+            fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
+        
+        /* add key to keys manager, from now on keys manager is responsible 
+         * for destroying key 
+         */
+        if(xmlSecCryptoAppDefaultKeysMngrAdoptKey(mngr, key) < 0) {
+            fprintf(stderr,"Error: failed to add key from \"%s\" to keys manager\n", files[i]);
+            xmlSecKeyDestroy(key);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -198,8 +216,8 @@ load_keys(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -218,35 +236,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -255,11 +273,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/verify3.c b/examples/verify3.c
index b7746a0d..5f0666bb 100644
--- a/examples/verify3.c
+++ b/examples/verify3.c
@@ -7,10 +7,10 @@
  * certificates management policies for another crypto library may break it.
  *
  * Usage: 
- *	verify3 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
+ *      verify3 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
  *
  * Example:
- *	./verify3 sign3-res.xml rootcert.pem
+ *      ./verify3 sign3-res.xml rootcert.pem
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -27,6 +27,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -39,14 +40,17 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc < 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <cert-file1> [<cert-file2> [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <cert-file1> [<cert-file2> [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -57,17 +61,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -77,35 +93,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load trusted certificates */
     mngr = load_trusted_certs(&(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -122,6 +138,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -131,8 +148,8 @@ main(int argc, char **argv) {
 
 /**
  * load_trusted_certs:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load trusted certificates from PEM #files.
  * The caller is responsible for destroing returned keys manager using
@@ -155,24 +172,24 @@ load_trusted_certs(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i < files_size; ++i) {
-	assert(files[i]);
-
-	/* load trusted cert */
-	if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
-    	    fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        assert(files[i]);
+
+        /* load trusted cert */
+        if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
+            fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -180,8 +197,8 @@ load_trusted_certs(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -200,35 +217,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -237,11 +254,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/verify4.c b/examples/verify4.c
index 3d82af69..f55f58c5 100644
--- a/examples/verify4.c
+++ b/examples/verify4.c
@@ -10,15 +10,15 @@
  * certificates management policies for another crypto library may break it.
  *
  * Usage: 
- *	verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
+ *      verify4 <signed-file> <trusted-cert-pem-file1> [<trusted-cert-pem-file2> [...]]
  *
  * Example (sucecess):
- *	./verify4 verify4-res.xml rootcert.pem
+ *      ./verify4 verify4-res.xml rootcert.pem
  *
  * Example (failure):
- *	./verify4 verify4-bad-res.xml rootcert.pem
+ *      ./verify4 verify4-bad-res.xml rootcert.pem
  * In the same time, verify3 example successfuly verifies this signature:
- *	./verify3 verify4-bad-res.xml rootcert.pem
+ *      ./verify3 verify4-bad-res.xml rootcert.pem
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -35,6 +35,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -47,14 +48,17 @@ int verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file);
 
 int 
 main(int argc, char **argv) {
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     xmlSecKeysMngrPtr mngr;
     
     assert(argv);
 
     if(argc < 3) {
-	fprintf(stderr, "Error: wrong number of arguments.\n");
-	fprintf(stderr, "Usage: %s <xml-file> <cert-file1> [<cert-file2> [...]]\n", argv[0]);
-	return(1);
+        fprintf(stderr, "Error: wrong number of arguments.\n");
+        fprintf(stderr, "Usage: %s <xml-file> <cert-file1> [<cert-file2> [...]]\n", argv[0]);
+        return(1);
     }
 
     /* Init libxml and libxslt libraries */
@@ -65,17 +69,29 @@ main(int argc, char **argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stderr, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -85,35 +101,35 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stderr, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stderr, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager and load trusted certificates */
     mngr = load_trusted_certs(&(argv[2]), argc - 2);
     if(mngr == NULL) {
-	return(-1);
+        return(-1);
     }
     
     /* verify file */
     if(verify_file(mngr, argv[1]) < 0) {
-	xmlSecKeysMngrDestroy(mngr);	
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);    
+        return(-1);
     }    
     
     /* destroy keys manager */
@@ -130,6 +146,7 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -139,8 +156,8 @@ main(int argc, char **argv) {
 
 /**
  * load_trusted_certs:
- * @files:		the list of filenames.
- * @files_size:		the number of filenames in #files.
+ * @files:              the list of filenames.
+ * @files_size:         the number of filenames in #files.
  *
  * Creates simple keys manager and load trusted certificates from PEM #files.
  * The caller is responsible for destroing returned keys manager using
@@ -163,24 +180,24 @@ load_trusted_certs(char** files, int files_size) {
      */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error: failed to create keys manager.\n");
-	return(NULL);
+        fprintf(stderr, "Error: failed to create keys manager.\n");
+        return(NULL);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error: failed to initialize keys manager.\n");
-	xmlSecKeysMngrDestroy(mngr);
-	return(NULL);
+        fprintf(stderr, "Error: failed to initialize keys manager.\n");
+        xmlSecKeysMngrDestroy(mngr);
+        return(NULL);
     }    
     
     for(i = 0; i < files_size; ++i) {
-	assert(files[i]);
+        assert(files[i]);
 
-	/* load trusted cert */
-	if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
-    	    fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
-	    xmlSecKeysMngrDestroy(mngr);
-	    return(NULL);
-	}
+        /* load trusted cert */
+        if(xmlSecCryptoAppKeysMngrCertLoad(mngr, files[i], xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
+            fprintf(stderr,"Error: failed to load pem certificate from \"%s\"\n", files[i]);
+            xmlSecKeysMngrDestroy(mngr);
+            return(NULL);
+        }
     }
 
     return(mngr);
@@ -188,8 +205,8 @@ load_trusted_certs(char** files, int files_size) {
 
 /** 
  * verify_file:
- * @mngr:		the pointer to keys manager.
- * @xml_file:		the signed XML file name.
+ * @mngr:               the pointer to keys manager.
+ * @xml_file:           the signed XML file name.
  *
  * Verifies XML signature in #xml_file.
  *
@@ -208,35 +225,35 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
     /* load file */
     doc = xmlParseFile(xml_file);
     if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
-	fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: unable to parse file \"%s\"\n", xml_file);
+        goto done;      
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
-	goto done;	
+        fprintf(stderr, "Error: start node not found in \"%s\"\n", xml_file);
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stderr,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
 
     /* limit the Reference URI attributes to empty or NULL */
     dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeEmpty;
     
-    /* limit allowed transforms for siganture and reference processing */
+    /* limit allowed transforms for signature and reference processing */
     if((xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformExclC14NId) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformSha1Id) < 0) ||
        (xmlSecDSigCtxEnableSignatureTransform(dsigCtx, xmlSecTransformRsaSha1Id) < 0)) {
 
-        fprintf(stderr,"Error: failed to limit allowed siganture transforms\n");
-	goto done;
+        fprintf(stderr,"Error: failed to limit allowed signature transforms\n");
+        goto done;
     }
     if((xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformInclC14NId) < 0) ||
        (xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformExclC14NId) < 0) ||
@@ -244,34 +261,34 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
        (xmlSecDSigCtxEnableReferenceTransform(dsigCtx, xmlSecTransformEnvelopedId) < 0)) {
 
         fprintf(stderr,"Error: failed to limit allowed reference transforms\n");
-	goto done;
+        goto done;
     }
 
     /* in addition, limit possible key data to valid X509 certificates only */
     if(xmlSecPtrListAdd(&(dsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecKeyDataX509Id) < 0) {
         fprintf(stderr,"Error: failed to limit allowed key data\n");
-	goto done;
+        goto done;
     }
     
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
         fprintf(stderr,"Error: signature verify\n");
-	goto done;
+        goto done;
     }
 
     /* check that we have only one Reference */
     if((dsigCtx->status == xmlSecDSigStatusSucceeded) && 
         (xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) != 1)) {
-	
+        
         fprintf(stderr,"Error: only one reference is allowed\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "Signature is OK\n");
+        fprintf(stdout, "Signature is OK\n");
     } else {
-	fprintf(stdout, "Signature is INVALID\n");
+        fprintf(stdout, "Signature is INVALID\n");
     }    
 
     /* success */
@@ -280,11 +297,11 @@ verify_file(xmlSecKeysMngrPtr mngr, const char* xml_file) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     return(res);
 }
diff --git a/examples/xkms-server.c b/examples/xkms-server.c
index 1021b182..188d5c73 100644
--- a/examples/xkms-server.c
+++ b/examples/xkms-server.c
@@ -4,10 +4,10 @@
  * Starts XKMS server on specified port.
  * 
  * Usage:
- * 	./xkms-server [--port <port>] [--format plain|soap-1.1|soap-1.2] <keys-file>
+ *      ./xkms-server [--port <port>] [--format plain|soap-1.1|soap-1.2] <keys-file>
  *
  * Example:
- *	./xkms-server --port 8080 --format soap-1.1 keys.xml
+ *      ./xkms-server --port 8080 --format soap-1.1 keys.xml
  * 
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
@@ -23,8 +23,8 @@
 #ifdef XMLSEC_NO_XKMS
 
 int main(int argc, char** argv) {
-	fprintf(stderr, "ERROR: XKMS is disabled.\n");
-	return 1;
+        fprintf(stderr, "ERROR: XKMS is disabled.\n");
+        return 1;
 }
 
 #else /* XMLSEC_NO_XKMS */
@@ -35,6 +35,7 @@ int main(int argc, char** argv) {
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -64,13 +65,13 @@ int main(int argc, char** argv) {
 #endif /* WIN32_SOCKETS */ 
 #endif /* UNIX_SOCKETS */
 
-#define DEFAULT_PORT 			1234
-#define PENDING_QUEUE_SIZE		100
+#define DEFAULT_PORT                    1234
+#define PENDING_QUEUE_SIZE              100
 
-#define LOG_LEVEL_SILENT		0
-#define LOG_LEVEL_INFO			1
-#define LOG_LEVEL_DATA			2
-#define LOG_LEVEL_DEBUG			3
+#define LOG_LEVEL_SILENT                0
+#define LOG_LEVEL_INFO                  1
+#define LOG_LEVEL_DATA                  2
+#define LOG_LEVEL_DEBUG                 3
 
 #ifdef UNIX_SOCKETS
 static int  sockfd    = -1; 
@@ -91,7 +92,7 @@ static const xmlChar* my_strnstr(const xmlChar* str, xmlSecSize strLen, const xm
 static int  handle_connection(int fd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFormat format);
 static int  read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer);
 static int  send_response(int fd, const char* in_ip, int resp_code, 
-			const char* body, int body_size);
+                        const char* body, int body_size);
 
 static char usage[] = "[--port <port>] [--format plain|soap-1.1|soap-1.2] <keys-file>";
 static char http_header[] = 
@@ -105,6 +106,9 @@ static char http_503[] =
 int main(int argc, char** argv) {
     int argpos;
     unsigned short port = DEFAULT_PORT;
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
     xmlSecKeysMngrPtr mngr = NULL;
     xmlSecXkmsServerCtxPtr xkmsCtx = NULL;
     xmlSecXkmsServerFormat format = xmlSecXkmsServerFormatPlain;
@@ -120,17 +124,29 @@ int main(int argc, char** argv) {
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1; 
 #endif /* XMLSEC_NO_XSLT */
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stderr, "Error %d: xmlsec initialization failed.\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: xmlsec initialization failed.\n", errno);
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stderr, "Error %d: loaded xmlsec library version is not compatible.\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: loaded xmlsec library version is not compatible.\n", errno);
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -140,115 +156,115 @@ int main(int argc, char** argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stderr, "Error %d: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n", errno);
-	return(-1);	
+        fprintf(stderr, "Error %d: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n", errno);
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(NULL) < 0) {
-	fprintf(stderr, "Error %d: crypto initialization failed.\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: crypto initialization failed.\n", errno);
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stderr, "Error %d: xmlsec-crypto initialization failed.\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: xmlsec-crypto initialization failed.\n", errno);
+        return(-1);
     }
     
     /* Create and initialize keys manager */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stderr, "Error %d: failed to create keys manager.\n", errno);
-	goto done;
+        fprintf(stderr, "Error %d: failed to create keys manager.\n", errno);
+        goto done;
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stderr, "Error %d: failed to initialize keys manager.\n", errno);
-	goto done;
+        fprintf(stderr, "Error %d: failed to initialize keys manager.\n", errno);
+        goto done;
     }    
 
     /* Create XKMS server context */
     xkmsCtx = xmlSecXkmsServerCtxCreate(mngr);
     if(xkmsCtx == NULL) {
-	fprintf(stderr, "Error %d: XKMS server context initialization failed\n", errno);
-	goto done;
+        fprintf(stderr, "Error %d: XKMS server context initialization failed\n", errno);
+        goto done;
     }
 
     /* Process input parameters */
     for(argpos = 1; (argpos < argc) && (argv[argpos][0] == '-'); argpos++) {
-	if((strcmp(argv[argpos], "--port") == 0) || (strcmp(argv[argpos], "-p") == 0)) {
-	    argpos++;
-	    port = atoi(argv[argpos]);
-	    if(port == 0) {
-		fprintf(stderr, "Error %d: invalid port number \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
-		goto done;
-	    }
-	} else if((strcmp(argv[argpos], "--format") == 0) || (strcmp(argv[argpos], "-f") == 0)) {
-	    argpos++;
-	    format = xmlSecXkmsServerFormatFromString(BAD_CAST argv[argpos]);
-	    if(format == xmlSecXkmsServerFormatUnknown) {
-		fprintf(stderr, "Error %d: invalid format \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
-		goto done;
-	    }
-	} else if((strcmp(argv[argpos], "--log-level") == 0) || (strcmp(argv[argpos], "-l") == 0)) {
-	    argpos++;
-	    log_level = atoi(argv[argpos]);
-	} else {
-	    fprintf(stderr, "Error %d: unknown parameter \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
-	    goto done;
-	}
+        if((strcmp(argv[argpos], "--port") == 0) || (strcmp(argv[argpos], "-p") == 0)) {
+            argpos++;
+            port = atoi(argv[argpos]);
+            if(port == 0) {
+                fprintf(stderr, "Error %d: invalid port number \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
+                goto done;
+            }
+        } else if((strcmp(argv[argpos], "--format") == 0) || (strcmp(argv[argpos], "-f") == 0)) {
+            argpos++;
+            format = xmlSecXkmsServerFormatFromString(BAD_CAST argv[argpos]);
+            if(format == xmlSecXkmsServerFormatUnknown) {
+                fprintf(stderr, "Error %d: invalid format \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
+                goto done;
+            }
+        } else if((strcmp(argv[argpos], "--log-level") == 0) || (strcmp(argv[argpos], "-l") == 0)) {
+            argpos++;
+            log_level = atoi(argv[argpos]);
+        } else {
+            fprintf(stderr, "Error %d: unknown parameter \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
+            goto done;
+        }
     }
     if(argpos >= argc) {
-	fprintf(stderr, "Error %d: keys file is not specified.\nUsage: %s %s\n", errno, argv[0], usage);
-	goto done;
+        fprintf(stderr, "Error %d: keys file is not specified.\nUsage: %s %s\n", errno, argv[0], usage);
+        goto done;
     }
     
     /* Load keys */
     for(; argpos < argc; argpos++) {
         if(xmlSecCryptoAppDefaultKeysMngrLoad(mngr, argv[argpos]) < 0) {
-	    fprintf(stderr, "Error %d: failed to load xml keys file \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
-	    goto done;
-	}   
-	if(log_level >= LOG_LEVEL_INFO) {
-	    fprintf(stdout, "Log: loaded keys from \"%s\"\n", argv[argpos]); 
-	}
+            fprintf(stderr, "Error %d: failed to load xml keys file \"%s\".\nUsage: %s %s\n", errno, argv[argpos], argv[0], usage);
+            goto done;
+        }   
+        if(log_level >= LOG_LEVEL_INFO) {
+            fprintf(stdout, "Log: loaded keys from \"%s\"\n", argv[argpos]); 
+        }
     }
     
     /* Startup TCP server */
     if(init_server(port) < 0) {
-	fprintf(stderr, "Error, errno: server initialization failed\n", errno);
-	goto done;
+        fprintf(stderr, "Error, errno: server initialization failed\n", errno);
+        goto done;
     }
     assert(sockfd != -1);
     
     /* main loop: accept connections and process requests */
     while(finished == 0) {
-	fd_set fds;
+        fd_set fds;
         struct timeval timeout;
-	
-	/* Set up polling using select() */
-	FD_ZERO(&fds);
-	FD_SET(sockfd, &fds);
-	memset(&timeout, 0, sizeof(timeout));
-	timeout.tv_sec = 1;
-	ret = select(sockfd + 1, &fds, NULL, NULL, &timeout);
-	if((ret <= 0) || !FD_ISSET(sockfd, &fds)) {
-	    /* error, timed out or not our socket: try again */
-	    continue;
-	}
-
-	if(handle_connection(sockfd, xkmsCtx, format) < 0) {
-	    fprintf(stderr, "Error %d: unable to accept incomming connection\n");
-	    goto done;
-	}
+        
+        /* Set up polling using select() */
+        FD_ZERO(&fds);
+        FD_SET(sockfd, &fds);
+        memset(&timeout, 0, sizeof(timeout));
+        timeout.tv_sec = 1;
+        ret = select(sockfd + 1, &fds, NULL, NULL, &timeout);
+        if((ret <= 0) || !FD_ISSET(sockfd, &fds)) {
+            /* error, timed out or not our socket: try again */
+            continue;
+        }
+
+        if(handle_connection(sockfd, xkmsCtx, format) < 0) {
+            fprintf(stderr, "Error %d: unable to accept incomming connection\n");
+            goto done;
+        }
     }
         
 done:
     if(log_level >= LOG_LEVEL_INFO) {
-	fprintf(stdout, "Log: server is shutting down\n");
+        fprintf(stdout, "Log: server is shutting down\n");
     }
     
     /* Shutdown TCP server */
@@ -256,14 +272,14 @@ done:
 
     /* Destroy xkms server context */
     if(xkmsCtx != NULL) {
-	xmlSecXkmsServerCtxDestroy(xkmsCtx);
-	xkmsCtx = NULL;
+        xmlSecXkmsServerCtxDestroy(xkmsCtx);
+        xkmsCtx = NULL;
     }
     
     /* Destroy keys manager */
     if(mngr != NULL) {
         xmlSecKeysMngrDestroy(mngr);
-	mngr = NULL;
+        mngr = NULL;
     }
     
     /* Shutdown xmlsec-crypto library */
@@ -277,6 +293,7 @@ done:
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
     xmlCleanupParser();
@@ -287,7 +304,7 @@ done:
 
 /**
  * init_server:
- * @port:		the server'xmlSecBufferGetData(buffer) TCP port number.
+ * @port:               the server'xmlSecBufferGetData(buffer) TCP port number.
  *
  * Starts up a TCP server listening on given @port.
  *
@@ -303,8 +320,8 @@ init_server(unsigned short port) {
     
 #ifdef WIN32_SOCKETS
     if(WSAStartup(MAKEWORD(1,1), &data)) {
-	fprintf(stderr, "Error %d: WSAStartup() failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: WSAStartup() failed\n", errno);
+        return(-1);
     }
 #endif /* WIN32_SOCKETS */
 
@@ -318,44 +335,44 @@ init_server(unsigned short port) {
     if(sockfd == INVALID_SOCKET) {
 #endif /* WIN32_SOCKETS */
 
-	fprintf(stderr, "Error %d: socket() failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: socket() failed\n", errno);
+        return(-1);
     }
 
     /* enable reuse of address */
     flags = 1;
     if(setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, (char *)&flags, sizeof(flags)) != 0) {
-	fprintf(stderr, "Error %d: setsockopt(SO_REUSEADDR) failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: setsockopt(SO_REUSEADDR) failed\n", errno);
+        return(-1);
     }
 
 #ifdef UNIX_SOCKETS
     /* set non-blocking */
     flags = fcntl(sockfd, F_GETFL);
     if(flags < 0) {
-	fprintf(stderr, "Error %d: fcntl(F_GETFL) failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: fcntl(F_GETFL) failed\n", errno);
+        return(-1);
     }
     if(fcntl(sockfd, F_SETFL, flags | O_NONBLOCK) < 0) {
-	fprintf(stderr, "Error %d: fcntl(F_SETFL) failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: fcntl(F_SETFL) failed\n", errno);
+        return(-1);
     }
 #endif /* UNIX_SOCKETS */
     
     /* preset socket structure for socket binding */
     memset(&saddr, 0, sizeof(saddr));
-    saddr.sin_family 		= AF_INET;
-    saddr.sin_port 		= htons(port);
-    saddr.sin_addr.s_addr	= INADDR_ANY;
+    saddr.sin_family            = AF_INET;
+    saddr.sin_port              = htons(port);
+    saddr.sin_addr.s_addr       = INADDR_ANY;
     if(bind(sockfd, (struct sockaddr *)&saddr, sizeof(struct sockaddr)) != 0) {
-	fprintf(stderr, "Error %d: bind() failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: bind() failed\n", errno);
+        return(-1);
     }
     
     /* prepare for listening */
     if(listen(sockfd, PENDING_QUEUE_SIZE) != 0) {
-	fprintf(stderr, "Error %d: listen() failed\n", errno);
-	return(-1);	
+        fprintf(stderr, "Error %d: listen() failed\n", errno);
+        return(-1);     
     }
 
 #ifdef UNIX_SOCKETS
@@ -386,8 +403,8 @@ stop_server() {
 
 #ifdef WIN32_SOCKETS
     if(sockfd != -1) {
-    	close(sockfd);
-	sockfd = -1;
+        close(sockfd);
+        sockfd = -1;
     }
 #endif /* WIN32_SOCKETS */ 
     if(log_level >= LOG_LEVEL_INFO) {
@@ -397,7 +414,7 @@ stop_server() {
 
 /**
  * int_signal_handler:
- * @sig_num:		the signal number.
+ * @sig_num:            the signal number.
  *
  * Unix's Ctrl-C signal handler that stops the server.
  */
@@ -411,9 +428,9 @@ int_signal_handler(int sig_num) {
 
 /**
  * handle_connection:
- * @sockfd:		the server's socket.
- * @xkmsCtx:		the template XKMS server context.
- * @format:		the expected format of XKMS requests.
+ * @sockfd:             the server's socket.
+ * @xkmsCtx:            the template XKMS server context.
+ * @format:             the expected format of XKMS requests.
  *
  * Establishs a connection, forks a child process (onUnix), reads the request, 
  * processes it and writes back the response.
@@ -457,8 +474,8 @@ handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFo
     if(sockfd == INVALID_SOCKET) {
 #endif /* WIN32_SOCKETS */
 
-	fprintf(stderr, "Error %d: accept() failed\n", errno);
-	return(-1);
+        fprintf(stderr, "Error %d: accept() failed\n", errno);
+        return(-1);
     }
     if(log_level >= LOG_LEVEL_INFO) {
         fprintf(stdout, "Log [%s]: got connection\n", inet_ntoa(saddr.sin_addr));
@@ -467,19 +484,19 @@ handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFo
     /* Create a copy of XKMS server context */
     xkmsCtx2 = xmlSecXkmsServerCtxCreate(NULL);
     if(xkmsCtx2 == NULL) {
-	fprintf(stderr, "Error %d [%s]: a copy of XKMS server context initialization failed\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;
+        fprintf(stderr, "Error %d [%s]: a copy of XKMS server context initialization failed\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;
     }
     if(xmlSecXkmsServerCtxCopyUserPref(xkmsCtx2, xkmsCtx) < 0) {
-	fprintf(stderr, "Error %d [%s]: XKMS server context copy failed\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;
+        fprintf(stderr, "Error %d [%s]: XKMS server context copy failed\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;
     }
 
 #ifdef UNIX_SOCKETS
     /* on Unix we use child process to process requests */
     if(fork()) {
-	/* parent process */
-	return(0);
+        /* parent process */
+        return(0);
     }
     
     /* child process */
@@ -489,36 +506,36 @@ handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFo
 
     buffer = xmlSecBufferCreate(0);
     if(buffer == NULL) {
-	fprintf(stderr, "Error %d [%s]: xmlSecBufferCreate() failed\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;	
+        fprintf(stderr, "Error %d [%s]: xmlSecBufferCreate() failed\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;      
     }
 
     /* read input request */
     ret = read_request(fd, inet_ntoa(saddr.sin_addr), buffer);
     if(ret < 0) {
-	fprintf(stderr, "Error %d [%s]: read_request() failed\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;	
+        fprintf(stderr, "Error %d [%s]: read_request() failed\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;      
     }
 
     /* parse request */
     inDoc = xmlParseMemory(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer) );
     if((inDoc == NULL) || (xmlDocGetRootElement(inDoc) == NULL)) {
-	fprintf(stderr, "Error %d [%s]: failed to parse request\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;	
+        fprintf(stderr, "Error %d [%s]: failed to parse request\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;      
     }
     xmlSecBufferEmpty(buffer);
     
     /* prepare result document */
     outDoc = xmlNewDoc(BAD_CAST "1.0");
     if(outDoc == NULL) {
-	fprintf(stderr, "Error %d [%s]: failed to create result doc\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;
+        fprintf(stderr, "Error %d [%s]: failed to create result doc\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;
     }
     
     result = xmlSecXkmsServerCtxProcess(xkmsCtx2, xmlDocGetRootElement(inDoc), format, outDoc);
     if(result == NULL) {
-	fprintf(stderr, "Error %d [%s]: failed to process xkms server request\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;
+        fprintf(stderr, "Error %d [%s]: failed to process xkms server request\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;
     }
 
     /* apppend returned result node to the output document */
@@ -527,8 +544,8 @@ handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFo
     /* create LibXML2 output buffer */    
     output = xmlSecBufferCreateOutputBuffer(buffer);
     if(output == NULL) {
-	fprintf(stderr, "Error %d [%s]: xmlSecBufferCreateOutputBuffer() failed\n", errno, inet_ntoa(saddr.sin_addr));
-	goto done;
+        fprintf(stderr, "Error %d [%s]: xmlSecBufferCreateOutputBuffer() failed\n", errno, inet_ntoa(saddr.sin_addr));
+        goto done;
     }
     xmlNodeDumpOutput(output, result->doc, result, 0, 0, NULL);
     
@@ -537,72 +554,72 @@ handle_connection(int sockfd, xmlSecXkmsServerCtxPtr xkmsCtx, xmlSecXkmsServerFo
 done:
     /* send back response */
     if((resp_ready == 1) && (xmlSecBufferGetData(buffer) != NULL)) {
-	ret = send_response(fd, inet_ntoa(saddr.sin_addr), 200, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer));
-	if(log_level >= LOG_LEVEL_INFO) {
-	    fprintf(stdout, "Log [%s]: processed request\n", inet_ntoa(saddr.sin_addr));
-	}
+        ret = send_response(fd, inet_ntoa(saddr.sin_addr), 200, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer));
+        if(log_level >= LOG_LEVEL_INFO) {
+            fprintf(stdout, "Log [%s]: processed request\n", inet_ntoa(saddr.sin_addr));
+        }
     } else if(fd >= 0) {
-    	ret = send_response(fd, inet_ntoa(saddr.sin_addr), 503, http_503, strlen(http_503));
+        ret = send_response(fd, inet_ntoa(saddr.sin_addr), 503, http_503, strlen(http_503));
         if(log_level >= LOG_LEVEL_INFO) {
-	    fprintf(stdout, "Log [%s]: failed to process request\n", inet_ntoa(saddr.sin_addr));
-	}
+            fprintf(stdout, "Log [%s]: failed to process request\n", inet_ntoa(saddr.sin_addr));
+        }
     } else {
-	ret = -1;
+        ret = -1;
     }
     if(ret < 0) {
-	fprintf(stderr, "Error %d [%s]: send_response() failed\n", errno, inet_ntoa(saddr.sin_addr));
+        fprintf(stderr, "Error %d [%s]: send_response() failed\n", errno, inet_ntoa(saddr.sin_addr));
     }
     
     /* cleanup */
     if(output != NULL) {
-	xmlOutputBufferClose(output);
-	output = NULL;
+        xmlOutputBufferClose(output);
+        output = NULL;
     }
     
     if(outDoc != NULL) {
-	xmlFreeDoc(outDoc);
-	outDoc = NULL;
+        xmlFreeDoc(outDoc);
+        outDoc = NULL;
     }
     
     if(inDoc != NULL) {
-	xmlFreeDoc(inDoc);
-	inDoc = NULL;
+        xmlFreeDoc(inDoc);
+        inDoc = NULL;
     }
 
     if(buffer != NULL) {
-	xmlSecBufferDestroy(buffer);
-	buffer = NULL;
+        xmlSecBufferDestroy(buffer);
+        buffer = NULL;
     }
 
     if(xkmsCtx2 != NULL) {
-	xmlSecXkmsServerCtxDestroy(xkmsCtx2);
-	xkmsCtx2 = NULL;
+        xmlSecXkmsServerCtxDestroy(xkmsCtx2);
+        xkmsCtx2 = NULL;
     }
     
     if(fd >= 0) {
 #ifdef UNIX_SOCKETS
-	shutdown(fd, SHUT_RDWR);
-	close(fd);
+        shutdown(fd, SHUT_RDWR);
+        close(fd);
 #endif /* UNIX_SCOKETS */
 
 #ifdef WIN32_SOCKETS
-	close(fd);
+        close(fd);
 #endif /* WIN32_SCOKETS */
 
-	fd = -1;
+        fd = -1;
     }
 
     if(in_child_process) {
-	exit(0);
+        exit(0);
     }    
     return(0);
 }
 
 /**
  * read_request:
- * @fd:			the request's socket.
- * @in_ip:		the request's IP address (for logging).
- * @buffer:		the output buffer.
+ * @fd:                 the request's socket.
+ * @in_ip:              the request's IP address (for logging).
+ * @buffer:             the output buffer.
  *
  * Reads the request from socket @fd and stores it in the @buffer.
  *
@@ -625,16 +642,16 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
     /* first read the http headers */
     counter = 5;
     while(my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n\r\n", 4) == NULL) {
-	    nread = recv(fd, buf, sizeof(buf), 0);
-	    if(nread < 0) {
-	        fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
-	        return(-1);
-	    }
+            nread = recv(fd, buf, sizeof(buf), 0);
+            if(nread < 0) {
+                fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
+                return(-1);
+            }
 
-	    if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
-	        fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
-	        return(-1);
-	    }
+            if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
+                fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
+                return(-1);
+            }
 
         if(nread < sizeof(buffer)) {
             counter--;
@@ -646,13 +663,13 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
     
     if(xmlSecBufferGetData(buffer) == NULL) {
         fprintf(stderr, "Error %d [%s]: no bytes read\n", errno, in_ip);
-	    return(-1);
+            return(-1);
     }
 
     if(log_level >= LOG_LEVEL_DEBUG) {
-	    xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
+            xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
         fprintf(stdout, "Debug [%s]: request headers:\n%s\n", in_ip, xmlSecBufferGetData(buffer));
-	    xmlSecBufferRemoveTail(buffer, 1);
+            xmlSecBufferRemoveTail(buffer, 1);
     }
     
     /* Parse the request and extract the body. We expect the request to look
@@ -660,37 +677,37 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
      *    POST <path> HTTP/1.x\r\n
      *    <header1>\r\n
      *    <header2>\r\n
-     *	  ...
+     *    ...
      *    <headerN>\r\n
-     * 	  \r\n
-     *	  <body>
+     *    \r\n
+     *    <body>
      */
      
     /* analyze the first line */
     p = my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n", 2);
     if(p == NULL) {
-	    fprintf(stderr, "Error %d [%s]: there is no HTTP header\n", errno, in_ip);
-	    return(-1);
+            fprintf(stderr, "Error %d [%s]: there is no HTTP header\n", errno, in_ip);
+            return(-1);
     }
     if(xmlStrncasecmp(xmlSecBufferGetData(buffer), BAD_CAST "POST ", 5) != 0) {
-	    fprintf(stderr, "Error %d [%s]: not a POST request\n", errno, in_ip);
-	    return(-1);
+            fprintf(stderr, "Error %d [%s]: not a POST request\n", errno, in_ip);
+            return(-1);
     }
     /* "POST " + " HTTP/1.x" == 14 */
     s = xmlSecBufferGetData(buffer);
     if(p - s <= 14) {
-	    fprintf(stderr, "Error %d [%s]: first line has bad length\n", errno, in_ip);
-	    return(-1);
+            fprintf(stderr, "Error %d [%s]: first line has bad length\n", errno, in_ip);
+            return(-1);
     }
     if((xmlStrncasecmp(p - 9, BAD_CAST " HTTP/1.0", 9) != 0) && 
        (xmlStrncasecmp(p - 9, BAD_CAST " HTTP/1.1", 9) != 0)) {
-	    
+            
         fprintf(stderr, "Error %d [%s]: first line does not end with \" HTTP/1.x\"\n", errno, in_ip);
-	    return(-1);
+            return(-1);
     }
     if(xmlSecBufferRemoveHead(buffer, p - xmlSecBufferGetData(buffer) + 2) < 0) {
-	    fprintf(stderr, "Error %d [%s]: failed to skip first line\n", errno, in_ip);
-	    return(-1);
+            fprintf(stderr, "Error %d [%s]: failed to skip first line\n", errno, in_ip);
+            return(-1);
     }
     
     /* now skip all the headers (i.e. everything until empty line) */
@@ -699,19 +716,19 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
         p = my_strnstr(xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), BAD_CAST "\r\n", 2);
         if(p == NULL) {
             fprintf(stderr, "Error %d [%s]: there is no HTTP body\n", errno, in_ip);
-	        return(-1);
-	    }
-	
-	    if(p == xmlSecBufferGetData(buffer)) {
-	        found = 1;
-	    } else if(xmlStrncasecmp(xmlSecBufferGetData(buffer), BAD_CAST "Content-length: ", 16) == 0) {
-	        length = atoi(xmlSecBufferGetData(buffer) + 16);
-	    }
-	
-	    if(xmlSecBufferRemoveHead(buffer, p - xmlSecBufferGetData(buffer) + 2) < 0) {
-	        fprintf(stderr, "Error %d [%s]: failed to skip header line\n", errno, in_ip);
-	        return(-1);
-	    }
+                return(-1);
+            }
+        
+            if(p == xmlSecBufferGetData(buffer)) {
+                found = 1;
+            } else if(xmlStrncasecmp(xmlSecBufferGetData(buffer), BAD_CAST "Content-length: ", 16) == 0) {
+                length = atoi(xmlSecBufferGetData(buffer) + 16);
+            }
+        
+            if(xmlSecBufferRemoveHead(buffer, p - xmlSecBufferGetData(buffer) + 2) < 0) {
+                fprintf(stderr, "Error %d [%s]: failed to skip header line\n", errno, in_ip);
+                return(-1);
+            }
     }
     
     /* remove the trailing \0 we added */
@@ -720,16 +737,16 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
     /* now read the body */
     counter = 5;
     while(xmlSecBufferGetSize(buffer) < length) {
-	    nread = recv(fd, buf, sizeof(buf), 0);
-	    if(nread < 0) {
-	        fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
-	        return(-1);
-	    }
-
-	    if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
-	        fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
-	        return(-1);
-	    }
+            nread = recv(fd, buf, sizeof(buf), 0);
+            if(nread < 0) {
+                fprintf(stderr, "Error %d [%s]: read() failed\n", errno, in_ip);
+                return(-1);
+            }
+
+            if((nread > 0) && (xmlSecBufferAppend(buffer, buf, nread) < 0)) {
+                fprintf(stderr, "Error %d [%s]: xmlSecBufferAppend(%d) failed\n", errno, in_ip, nread);
+                return(-1);
+            }
         if(nread < sizeof(buffer)) {
             counter--;
             if(counter <= 0) {
@@ -738,23 +755,23 @@ read_request(int fd, const char* in_ip, xmlSecBufferPtr buffer) {
         }
     }
     if(log_level >= LOG_LEVEL_INFO) {
-	    fprintf(stdout, "Log [%s]: body size is %d bytes\n", in_ip, xmlSecBufferGetSize(buffer));
+            fprintf(stdout, "Log [%s]: body size is %d bytes\n", in_ip, xmlSecBufferGetSize(buffer));
     }
     if(log_level >= LOG_LEVEL_DATA) {
-	    xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
+            xmlSecBufferAppend(buffer, BAD_CAST "\0", 1);
         fprintf(stdout, "Log [%s]: request body:\n%s\n", in_ip, xmlSecBufferGetData(buffer));
-	    xmlSecBufferRemoveTail(buffer, 1);
+            xmlSecBufferRemoveTail(buffer, 1);
     }
     return(0);
 }
 
 /**
  * send_response:
- * @fd:			the request's socket.
- * @in_ip:		the request's IP address (for logging).
- * @resp_code:		the HTTP response code.
- * @body:		the response body.
- * @body_len:		the response body length.
+ * @fd:                 the request's socket.
+ * @in_ip:              the request's IP address (for logging).
+ * @resp_code:          the HTTP response code.
+ * @body:               the response body.
+ * @body_len:           the response body length.
  *
  * Writes HTTP response headers and @body to the @socket.
  *
@@ -772,20 +789,20 @@ send_response(int fd, const char* in_ip, int resp_code, const char* body, int bo
     /* prepare and send http header */
     sprintf(header, http_header, resp_code, body_size);
     if(send(fd, header, strlen(header), 0) == -1) {
-	fprintf(stderr, "Error %d [%s]: send(header) failed\n", errno, in_ip);
-	return(-1);
+        fprintf(stderr, "Error %d [%s]: send(header) failed\n", errno, in_ip);
+        return(-1);
     }
 
     if(log_level >= LOG_LEVEL_DATA) {
-	xmlChar* tmp = xmlStrndup(body, body_size);
+        xmlChar* tmp = xmlStrndup(body, body_size);
         fprintf(stdout, "Log [%s]: response is\n%s\n", in_ip, tmp);
-	xmlFree(tmp);
+        xmlFree(tmp);
     }
 
     /* send body */
     if(send(fd, body, body_size, 0) == -1) {
-	fprintf(stderr, "Error %d [%s]: send(body) failed\n", errno, in_ip);
-	return(-1);
+        fprintf(stderr, "Error %d [%s]: send(body) failed\n", errno, in_ip);
+        return(-1);
     }
     
     return(0);
diff --git a/examples/xmldsigverify.c b/examples/xmldsigverify.c
index a4c9f532..f4c376ea 100644
--- a/examples/xmldsigverify.c
+++ b/examples/xmldsigverify.c
@@ -17,6 +17,7 @@
 
 #ifndef XMLSEC_NO_XSLT
 #include <libxslt/xslt.h>
+#include <libxslt/security.h>
 #endif /* XMLSEC_NO_XSLT */
 
 #include <xmlsec/xmlsec.h>
@@ -24,9 +25,9 @@
 #include <xmlsec/xmldsig.h>
 #include <xmlsec/crypto.h>
 
-/* #define XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER	"/etc/httpd/conf/ssl.crt" */
-#define XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER	"/var/www/cgi-bin/keys-certs.def"
-#define XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER 		"/var/www/cgi-bin/keys-certs"
+/* #define XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER   "/etc/httpd/conf/ssl.crt" */
+#define XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER      "/var/www/cgi-bin/keys-certs.def"
+#define XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER              "/var/www/cgi-bin/keys-certs"
 
 
 int load_keys(xmlSecKeysMngrPtr mngr, const char* path, int report_loaded_keys);
@@ -37,7 +38,10 @@ int url_decode(char *buf, size_t size);
 int 
 main(int argc, char **argv) {
     xmlSecKeysMngrPtr mngr;
-    
+#ifndef XMLSEC_NO_XSLT
+    xsltSecurityPrefsPtr xsltSecPrefs = NULL;
+#endif /* XMLSEC_NO_XSLT */
+        
     /* start response */
     fprintf(stdout, "Content-type: text/plain\n");
     fprintf(stdout, "\n");
@@ -53,17 +57,29 @@ main(int argc, char **argv) {
     
     /* make sure that we print out everything to stdout */
     xmlGenericErrorContext = stdout;
-        	
+
+    /* Init libxslt */
+#ifndef XMLSEC_NO_XSLT
+    /* disable everything */
+    xsltSecPrefs = xsltNewSecurityPrefs(); 
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(xsltSecPrefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+    xsltSetDefaultSecurityPrefs(xsltSecPrefs); 
+#endif /* XMLSEC_NO_XSLT */
+                
     /* Init xmlsec library */
     if(xmlSecInit() < 0) {
-	fprintf(stdout, "Error: xmlsec initialization failed.\n");
-	return(-1);
+        fprintf(stdout, "Error: xmlsec initialization failed.\n");
+        return(-1);
     }
 
     /* Check loaded library version */
     if(xmlSecCheckVersion() != 1) {
-	fprintf(stdout, "Error: loaded xmlsec library version is not compatible.\n");
-	return(-1);
+        fprintf(stdout, "Error: loaded xmlsec library version is not compatible.\n");
+        return(-1);
     }
 
     /* Load default crypto engine if we are supporting dynamic
@@ -73,49 +89,49 @@ main(int argc, char **argv) {
      */
 #ifdef XMLSEC_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLLoadLibrary(BAD_CAST XMLSEC_CRYPTO) < 0) {
-	fprintf(stdout, "Error: unable to load default xmlsec-crypto library. Make sure\n"
-			"that you have it installed and check shared libraries path\n"
-			"(LD_LIBRARY_PATH) envornment variable.\n");
-	return(-1);	
+        fprintf(stdout, "Error: unable to load default xmlsec-crypto library. Make sure\n"
+                        "that you have it installed and check shared libraries path\n"
+                        "(LD_LIBRARY_PATH) envornment variable.\n");
+        return(-1);     
     }
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
     /* Init crypto library */
     if(xmlSecCryptoAppInit(XMLDSIGVERIFY_DEFAULT_TRUSTED_CERTS_FOLDER) < 0) {
-	fprintf(stdout, "Error: crypto initialization failed.\n");
-	return(-1);
+        fprintf(stdout, "Error: crypto initialization failed.\n");
+        return(-1);
     }
 
     /* Init xmlsec-crypto library */
     if(xmlSecCryptoInit() < 0) {
-	fprintf(stdout, "Error: xmlsec-crypto initialization failed.\n");
-	return(-1);
+        fprintf(stdout, "Error: xmlsec-crypto initialization failed.\n");
+        return(-1);
     }
 
     /* create keys manager */
     mngr = xmlSecKeysMngrCreate();
     if(mngr == NULL) {
-	fprintf(stdout, "Error: failed to create keys manager.\n");
-	return(-1);
+        fprintf(stdout, "Error: failed to create keys manager.\n");
+        return(-1);
     }
     if(xmlSecCryptoAppDefaultKeysMngrInit(mngr) < 0) {
-	fprintf(stdout, "Error: failed to initialize keys manager.\n");
-	return(-1);
+        fprintf(stdout, "Error: failed to initialize keys manager.\n");
+        return(-1);
     }    
 
     if(load_keys(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) {
-	xmlSecKeysMngrDestroy(mngr);
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);
+        return(-1);
     }
     
     if(load_trusted_certs(mngr, XMLDSIGVERIFY_KEY_AND_CERTS_FOLDER, 0) < 0) {
-	xmlSecKeysMngrDestroy(mngr);
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);
+        return(-1);
     }
 
     if(verify_request(mngr) < 0) {
-	xmlSecKeysMngrDestroy(mngr);
-	return(-1);
+        xmlSecKeysMngrDestroy(mngr);
+        return(-1);
     }    
 
     /* Destroy keys manager */
@@ -132,8 +148,10 @@ main(int argc, char **argv) {
 
     /* Shutdown libxslt/libxml */
 #ifndef XMLSEC_NO_XSLT
+    xsltFreeSecurityPrefs(xsltSecPrefs);
     xsltCleanupGlobals();            
 #endif /* XMLSEC_NO_XSLT */
+
     xmlCleanupParser();
     
     return(0);
@@ -141,8 +159,8 @@ main(int argc, char **argv) {
 
 /**
  * load_trusted_certs:
- * @mngr:	the keys manager.
- * @path: 	the path to a folder that contains trusted certificates.
+ * @mngr:       the keys manager.
+ * @path:       the path to a folder that contains trusted certificates.
  * 
  * Loads trusted certificates from @path.
  *
@@ -159,33 +177,33 @@ int load_trusted_certs(xmlSecKeysMngrPtr mngr, const char* path, int report_load
     
     dir = opendir(path);
     if(dir == NULL) {
-	fprintf(stdout, "Error: failed to open folder \"%s\".\n", path);
-	return(-1);
+        fprintf(stdout, "Error: failed to open folder \"%s\".\n", path);
+        return(-1);
     }    
     while((entry = readdir(dir)) != NULL) {
-	assert(entry->d_name);
-	len = strlen(entry->d_name);
-	if((len > 4) && (strcmp(entry->d_name + len - 4, ".pem") == 0)) {
-	    snprintf(filename, sizeof(filename), "%s/%s", path, entry->d_name);
-	    if(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
-    		fprintf(stdout,"Error: failed to load pem certificate from \"%s\"\n", filename);
-		closedir(dir);
-		return(-1);
-	    }
-	    if(report_loaded_certs) {		    	    
-    		fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
-	    }
-	} else if((len > 4) && (strcmp(entry->d_name + len - 4, ".der") == 0)) {
-	    snprintf(filename, sizeof(filename), "%s/%s", path, entry->d_name);
-	    if(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, xmlSecKeyDataFormatDer, xmlSecKeyDataTypeTrusted) < 0) {
-    		fprintf(stdout,"Error: failed to load der certificate from \"%s\"\n", filename);
-		closedir(dir);
-		return(-1);
-	    }
-	    if(report_loaded_certs) {		    	    
-    		fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
-	    }
-	}
+        assert(entry->d_name);
+        len = strlen(entry->d_name);
+        if((len > 4) && (strcmp(entry->d_name + len - 4, ".pem") == 0)) {
+            snprintf(filename, sizeof(filename), "%s/%s", path, entry->d_name);
+            if(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, xmlSecKeyDataFormatPem, xmlSecKeyDataTypeTrusted) < 0) {
+                fprintf(stdout,"Error: failed to load pem certificate from \"%s\"\n", filename);
+                closedir(dir);
+                return(-1);
+            }
+            if(report_loaded_certs) {                       
+                fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
+            }
+        } else if((len > 4) && (strcmp(entry->d_name + len - 4, ".der") == 0)) {
+            snprintf(filename, sizeof(filename), "%s/%s", path, entry->d_name);
+            if(xmlSecCryptoAppKeysMngrCertLoad(mngr, filename, xmlSecKeyDataFormatDer, xmlSecKeyDataTypeTrusted) < 0) {
+                fprintf(stdout,"Error: failed to load der certificate from \"%s\"\n", filename);
+                closedir(dir);
+                return(-1);
+            }
+            if(report_loaded_certs) {                       
+                fprintf(stdout, "Loaded trusted certificate from \"%s\"...\n", filename);
+            }
+        }
     }
     closedir(dir);
     return(0);
@@ -198,8 +216,8 @@ int load_keys(xmlSecKeysMngrPtr mngr, const char* path, int report_loaded_keys)
 
     snprintf(filename, sizeof(filename), "%s/keys.xml", path);
     if(xmlSecCryptoAppDefaultKeysMngrLoad(mngr, filename) < 0) {
-    	fprintf(stdout,"Error: failed to load keys from \"%s\"\n", filename);
-	return(-1);
+        fprintf(stdout,"Error: failed to load keys from \"%s\"\n", filename);
+        return(-1);
     }
     
     if(report_loaded_keys) {
@@ -211,7 +229,7 @@ int load_keys(xmlSecKeysMngrPtr mngr, const char* path, int report_loaded_keys)
 
 /** 
  * verify_request:
- * @mng:		the keys manager
+ * @mng:                the keys manager
  *
  * Verifies XML signature in the request (stdin).
  *
@@ -232,35 +250,35 @@ verify_request(xmlSecKeysMngrPtr mngr) {
     /* load request in the buffer */    
     buffer = xmlBufferCreate();
     if(buffer == NULL) {
-    	fprintf(stdout,"Error: failed to create buffer\n");
-	goto done; 	
+        fprintf(stdout,"Error: failed to create buffer\n");
+        goto done;      
     }
     
     while(!feof(stdin)) {
-	ret = fread(buf, 1, sizeof(buf), stdin);
-	if(ret < 0) {
-	    fprintf(stdout,"Error: read failed\n");
-	    goto done; 	
-	}
-	xmlBufferAdd(buffer, buf, ret);
+        ret = fread(buf, 1, sizeof(buf), stdin);
+        if(ret < 0) {
+            fprintf(stdout,"Error: read failed\n");
+            goto done;  
+        }
+        xmlBufferAdd(buffer, buf, ret);
     }
 
     /* is the document subbmitted from the form? */
     if(strncmp((char*)xmlBufferContent(buffer), "_xmldoc=", 8) == 0) {
-	xmlBufferShrink(buffer, 8);
-	buffer->use = url_decode((char*)xmlBufferContent(buffer), xmlBufferLength(buffer)); 
+        xmlBufferShrink(buffer, 8);
+        buffer->use = url_decode((char*)xmlBufferContent(buffer), xmlBufferLength(buffer)); 
     }
         
     /** 
      * Load doc 
      */
     doc = xmlReadMemory(xmlBufferContent(buffer), xmlBufferLength(buffer),
-			NULL, NULL,
-			XML_PARSE_NOENT | XML_PARSE_NOCDATA | 
-			XML_PARSE_PEDANTIC | XML_PARSE_NOCDATA);
+                        NULL, NULL,
+                        XML_PARSE_NOENT | XML_PARSE_NOCDATA | 
+                        XML_PARSE_PEDANTIC | XML_PARSE_NOCDATA);
     if (doc == NULL) {
-	fprintf(stdout, "Error: unable to parse xml document (syntax error)\n");
-	goto done;
+        fprintf(stdout, "Error: unable to parse xml document (syntax error)\n");
+        goto done;
     }
     
     /*
@@ -268,41 +286,41 @@ verify_request(xmlSecKeysMngrPtr mngr) {
      */    
     if(xmlDocGetRootElement(doc) == NULL) {
         fprintf(stdout,"Error: empty document\n");
-	goto done;
+        goto done;
     }
     
     /* find start node */
     node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	fprintf(stdout, "Error: start <dsig:Signature/> node not found\n");
-	goto done;	
+        fprintf(stdout, "Error: start <dsig:Signature/> node not found\n");
+        goto done;      
     }
 
     /* create signature context */
     dsigCtx = xmlSecDSigCtxCreate(mngr);
     if(dsigCtx == NULL) {
         fprintf(stdout,"Error: failed to create signature context\n");
-	goto done;
+        goto done;
     }
     
     /* we would like to store and print out everything */
     /* actually we would not because it opens a security hole
     dsigCtx->flags = XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES |
-		     XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES |
-		     XMLSEC_DSIG_FLAGS_STORE_SIGNATURE;
+                     XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES |
+                     XMLSEC_DSIG_FLAGS_STORE_SIGNATURE;
     */
 
     /* Verify signature */
     if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
         fprintf(stdout,"Error: signature verification failed\n");
-	goto done;
+        goto done;
     }
         
     /* print verification result to stdout */
     if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
-	fprintf(stdout, "RESULT: Signature is OK\n");
+        fprintf(stdout, "RESULT: Signature is OK\n");
     } else {
-	fprintf(stdout, "RESULT: Signature is INVALID\n");
+        fprintf(stdout, "RESULT: Signature is INVALID\n");
     }    
     fprintf(stdout, "---------------------------------------------------\n");
     xmlSecDSigCtxDebugDump(dsigCtx, stdout);
@@ -313,30 +331,30 @@ verify_request(xmlSecKeysMngrPtr mngr) {
 done:    
     /* cleanup */
     if(dsigCtx != NULL) {
-	xmlSecDSigCtxDestroy(dsigCtx);
+        xmlSecDSigCtxDestroy(dsigCtx);
     }
     
     if(doc != NULL) {
-	xmlFreeDoc(doc); 
+        xmlFreeDoc(doc); 
     }
     
     if(buffer != NULL) {
-	xmlBufferFree(buffer);
+        xmlBufferFree(buffer);
     }
     return(res);
 }
 
 /* not the best way to do it */
 #define toHex(c) ( ( ('0' <= (c)) && ((c) <= '9') ) ? (c) - '0' : \
-		 ( ( ('A' <= (c)) && ((c) <= 'F') ) ? (c) - 'A' + 10 : 0 ) )        
+                 ( ( ('A' <= (c)) && ((c) <= 'F') ) ? (c) - 'A' + 10 : 0 ) )        
 
 /**
  * url_decode:
- * @buf:	the input buffer.
- * @size:	the input buffer size.
+ * @buf:        the input buffer.
+ * @size:       the input buffer size.
  *
  * Does url decoding in-place.
- *		 
+ *               
  * Returns length of the decoded result on success or 
  * a negative value if an error occurs.
  */
@@ -347,15 +365,15 @@ int url_decode(char *buf, size_t size) {
     
     p1 = p2 = buf;
     while(p1 - buf < size) {
-	if(((*p1) == '%') && ((p1 - buf) <= (size - 3))) {
-	    *(p2++) = (char)(toHex(p1[1]) * 16 + toHex(p1[2]));
-	    p1 += 3;	    
-	} else if((*p1) == '+') {
-	    *(p2++) = ' ';
-	    p1++;	    
-	} else {
-	    *(p2++) = *(p1++);
-	}
+        if(((*p1) == '%') && ((p1 - buf) <= (size - 3))) {
+            *(p2++) = (char)(toHex(p1[1]) * 16 + toHex(p1[2]));
+            p1 += 3;        
+        } else if((*p1) == '+') {
+            *(p2++) = ' ';
+            p1++;           
+        } else {
+            *(p2++) = *(p1++);
+        }
     }
     return(p2 - buf);
 }
diff --git a/include/Makefile.in b/include/Makefile.in
index 9ab448b9..431ccc1a 100644
--- a/include/Makefile.in
+++ b/include/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -36,13 +36,22 @@ host_triplet = @host@
 subdir = include
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@@ -88,6 +97,7 @@ am__relativize = \
   reldir="$$dir2"
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -102,6 +112,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -110,6 +121,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -140,6 +155,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -171,8 +187,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -180,7 +198,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -199,6 +216,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -208,6 +227,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -243,6 +263,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -275,7 +296,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -339,7 +359,7 @@ clean-libtool:
 #     (which will cause the Makefiles to be regenerated when you run `make');
 # (2) otherwise, pass the desired values on the `make' command line.
 $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -364,7 +384,7 @@ $(RECURSIVE_TARGETS):
 	fi; test -z "$$fail"
 
 $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -540,10 +560,15 @@ install-am: all-am
 
 installcheck: installcheck-recursive
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/Makefile.in b/include/xmlsec/Makefile.in
index 3e9f0d9e..f6783245 100644
--- a/include/xmlsec/Makefile.in
+++ b/include/xmlsec/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(srcdir)/version.h.in $(xmlsecinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES = version.h
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@@ -75,6 +84,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecincdir)"
 HEADERS = $(xmlsecinc_HEADERS)
 RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
@@ -113,6 +128,7 @@ am__relativize = \
   reldir="$$dir2"
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -127,6 +143,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -135,6 +152,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -165,6 +186,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -196,8 +218,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -205,7 +229,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -224,6 +247,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -233,6 +258,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -268,6 +294,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -300,7 +327,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -410,9 +436,7 @@ uninstall-xmlsecincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecinc_HEADERS)'; test -n "$(xmlsecincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecincdir)'; $(am__uninstall_files_from_dir)
 
 # This directory's subdirectories are mostly independent; you can cd
 # into them and run `make' without going through this Makefile.
@@ -421,7 +445,7 @@ uninstall-xmlsecincHEADERS:
 #     (which will cause the Makefiles to be regenerated when you run `make');
 # (2) otherwise, pass the desired values on the `make' command line.
 $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -446,7 +470,7 @@ $(RECURSIVE_TARGETS):
 	fi; test -z "$$fail"
 
 $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -625,10 +649,15 @@ install-am: all-am
 
 installcheck: installcheck-recursive
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/app.h b/include/xmlsec/app.h
index d9583923..5fe572a0 100644
--- a/include/xmlsec/app.h
+++ b/include/xmlsec/app.h
@@ -1,14 +1,14 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_APP_H__
-#define __XMLSEC_APP_H__    
+#define __XMLSEC_APP_H__
 
 #ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
 
@@ -18,7 +18,7 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <libxml/xmlIO.h>
@@ -35,9 +35,9 @@ extern "C" {
  * Crypto Init/shutdown
  *
  *********************************************************************/
-XMLSEC_EXPORT int 				xmlSecCryptoInit		(void);
-XMLSEC_EXPORT int 				xmlSecCryptoShutdown		(void);
-XMLSEC_EXPORT int				xmlSecCryptoKeysMngrInit	(xmlSecKeysMngrPtr mngr);
+XMLSEC_EXPORT int                               xmlSecCryptoInit                (void);
+XMLSEC_EXPORT int                               xmlSecCryptoShutdown            (void);
+XMLSEC_EXPORT int                               xmlSecCryptoKeysMngrInit        (xmlSecKeysMngrPtr mngr);
 
 /*********************************************************************
  *
@@ -46,60 +46,67 @@ XMLSEC_EXPORT int				xmlSecCryptoKeysMngrInit	(xmlSecKeysMngrPtr mngr);
  ********************************************************************/
 /**
  * xmlSecKeyDataAesId:
- * 
+ *
  * The AES key klass.
  */
-#define xmlSecKeyDataAesId			xmlSecKeyDataAesGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataAesGetKlass	(void);	
+#define xmlSecKeyDataAesId                      xmlSecKeyDataAesGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataAesGetKlass        (void);
 /**
  * xmlSecKeyDataDesId:
- * 
+ *
  * The DES key klass.
  */
-#define xmlSecKeyDataDesId			xmlSecKeyDataDesGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataDesGetKlass	(void);	
+#define xmlSecKeyDataDesId                      xmlSecKeyDataDesGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataDesGetKlass        (void);
 /**
  * xmlSecKeyDataDsaId:
- * 
+ *
  * The DSA key klass.
  */
-#define xmlSecKeyDataDsaId			xmlSecKeyDataDsaGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataDsaGetKlass	(void);		
-/** 
+#define xmlSecKeyDataDsaId                      xmlSecKeyDataDsaGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataDsaGetKlass        (void);
+/**
+ * xmlSecKeyDataEcdsaId:
+ *
+ * The ECDSA key klass.
+ */
+#define xmlSecKeyDataEcdsaId                    xmlSecKeyDataEcdsaGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataEcdsaGetKlass      (void);
+/**
  * xmlSecKeyDataGost2001Id:
- * 
+ *
  * The GOST2001 key klass.
  */
-#define xmlSecKeyDataGost2001Id			xmlSecKeyDataGost2001GetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataGost2001GetKlass	(void);		
-/** 
+#define xmlSecKeyDataGost2001Id                 xmlSecKeyDataGost2001GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataGost2001GetKlass   (void);
+/**
  * xmlSecKeyDataHmacId:
- * 
+ *
  * The DHMAC key klass.
  */
-#define xmlSecKeyDataHmacId			xmlSecKeyDataHmacGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataHmacGetKlass	(void);		
+#define xmlSecKeyDataHmacId                     xmlSecKeyDataHmacGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataHmacGetKlass       (void);
 /**
  * xmlSecKeyDataRsaId:
- * 
+ *
  * The RSA key klass.
  */
-#define xmlSecKeyDataRsaId			xmlSecKeyDataRsaGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataRsaGetKlass	(void);		
+#define xmlSecKeyDataRsaId                      xmlSecKeyDataRsaGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataRsaGetKlass        (void);
 /**
  * xmlSecKeyDataX509Id:
- * 
+ *
  * The X509 data klass.
  */
-#define xmlSecKeyDataX509Id			xmlSecKeyDataX509GetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataX509GetKlass	(void);		
+#define xmlSecKeyDataX509Id                     xmlSecKeyDataX509GetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataX509GetKlass       (void);
 /**
  * xmlSecKeyDataRawX509CertId:
- * 
+ *
  * The  raw X509 certificate klass.
  */
-#define xmlSecKeyDataRawX509CertId		xmlSecKeyDataRawX509CertGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataRawX509CertGetKlass(void);		
+#define xmlSecKeyDataRawX509CertId              xmlSecKeyDataRawX509CertGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId                   xmlSecKeyDataRawX509CertGetKlass(void);
 
 /*********************************************************************
  *
@@ -108,11 +115,11 @@ XMLSEC_EXPORT xmlSecKeyDataId			xmlSecKeyDataRawX509CertGetKlass(void);
  ********************************************************************/
 /**
  * xmlSecX509StoreId:
- * 
+ *
  * The  X509 store klass.
  */
-#define xmlSecX509StoreId			xmlSecX509StoreGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataStoreId		xmlSecX509StoreGetKlass		(void);	
+#define xmlSecX509StoreId                       xmlSecX509StoreGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataStoreId              xmlSecX509StoreGetKlass         (void);
 
 /*********************************************************************
  *
@@ -121,298 +128,340 @@ XMLSEC_EXPORT xmlSecKeyDataStoreId		xmlSecX509StoreGetKlass		(void);
  ********************************************************************/
 /**
  * xmlSecTransformAes128CbcId:
- * 
+ *
  * The AES128 CBC cipher transform klass.
  */
-#define xmlSecTransformAes128CbcId		xmlSecTransformAes128CbcGetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformAes128CbcGetKlass(void);
+#define xmlSecTransformAes128CbcId              xmlSecTransformAes128CbcGetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformAes128CbcGetKlass(void);
 /**
  * xmlSecTransformAes192CbcId:
- * 
+ *
  * The AES192 CBC cipher transform klass.
  */
-#define xmlSecTransformAes192CbcId		xmlSecTransformAes192CbcGetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformAes192CbcGetKlass(void);
+#define xmlSecTransformAes192CbcId              xmlSecTransformAes192CbcGetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformAes192CbcGetKlass(void);
 /**
  * xmlSecTransformAes256CbcId:
- * 
+ *
  * The AES256 CBC cipher transform klass.
  */
-#define xmlSecTransformAes256CbcId		xmlSecTransformAes256CbcGetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformAes256CbcGetKlass(void);
+#define xmlSecTransformAes256CbcId              xmlSecTransformAes256CbcGetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformAes256CbcGetKlass(void);
 /**
  * xmlSecTransformKWAes128Id:
- * 
+ *
  * The AES 128 key wrap transform klass.
  */
-#define xmlSecTransformKWAes128Id		xmlSecTransformKWAes128GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformKWAes128GetKlass	(void);	
+#define xmlSecTransformKWAes128Id               xmlSecTransformKWAes128GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformKWAes128GetKlass (void);
 /**
  * xmlSecTransformKWAes192Id:
- * 
+ *
  * The AES 192 key wrap transform klass.
  */
-#define xmlSecTransformKWAes192Id		xmlSecTransformKWAes192GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformKWAes192GetKlass	(void);	
+#define xmlSecTransformKWAes192Id               xmlSecTransformKWAes192GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformKWAes192GetKlass (void);
 /**
  * xmlSecTransformKWAes256Id:
- * 
+ *
  * The AES 256 key wrap transform klass.
  */
-#define xmlSecTransformKWAes256Id		xmlSecTransformKWAes256GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformKWAes256GetKlass	(void);	
+#define xmlSecTransformKWAes256Id               xmlSecTransformKWAes256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformKWAes256GetKlass (void);
 /**
  * xmlSecTransformDes3CbcId:
- * 
+ *
  * The Triple DES encryption transform klass.
  */
-#define xmlSecTransformDes3CbcId		xmlSecTransformDes3CbcGetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformDes3CbcGetKlass	(void);	
+#define xmlSecTransformDes3CbcId                xmlSecTransformDes3CbcGetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformDes3CbcGetKlass  (void);
 /**
  * xmlSecTransformKWDes3Id:
- * 
+ *
  * The DES3 CBC cipher transform klass.
  */
-#define xmlSecTransformKWDes3Id			xmlSecTransformKWDes3GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformKWDes3GetKlass	(void);
+#define xmlSecTransformKWDes3Id                 xmlSecTransformKWDes3GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformKWDes3GetKlass   (void);
 /**
  * xmlSecTransformDsaSha1Id:
- * 
+ *
  * The DSA-SHA1 signature transform klass.
  */
-#define xmlSecTransformDsaSha1Id		xmlSecTransformDsaSha1GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformDsaSha1GetKlass	(void);	
+#define xmlSecTransformDsaSha1Id                xmlSecTransformDsaSha1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformDsaSha1GetKlass  (void);
+/**
+ * xmlSecTransformDsaSha256Id:
+ *
+ * The DSA-SHA256 signature transform klass.
+ */
+#define xmlSecTransformDsaSha256Id              xmlSecTransformDsaSha256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformDsaSha256GetKlass  (void);
+/**
+ * xmlSecTransformEcdsaSha1Id:
+ *
+ * The ECDSA-SHA1 signature transform klass.
+ */
+#define xmlSecTransformEcdsaSha1Id              xmlSecTransformEcdsaSha1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha1GetKlass  (void);
+/**
+ * xmlSecTransformEcdsaSha224Id:
+ *
+ * The ECDSA-SHA224 signature transform klass.
+ */
+#define xmlSecTransformEcdsaSha224Id            xmlSecTransformEcdsaSha224GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha224GetKlass  (void);
+/**
+ * xmlSecTransformEcdsaSha256Id:
+ *
+ * The ECDSA-SHA256 signature transform klass.
+ */
+#define xmlSecTransformEcdsaSha256Id            xmlSecTransformEcdsaSha256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha256GetKlass  (void);
+/**
+ * xmlSecTransformEcdsaSha384Id:
+ *
+ * The ECDS-SHA384 signature transform klass.
+ */
+#define xmlSecTransformEcdsaSha384Id            xmlSecTransformEcdsaSha384GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha384GetKlass  (void);
+/**
+ * xmlSecTransformEcdsaSha512Id:
+ *
+ * The ECDSA-SHA512 signature transform klass.
+ */
+#define xmlSecTransformEcdsaSha512Id            xmlSecTransformEcdsaSha512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformEcdsaSha512GetKlass  (void);
 
 /**
  * xmlSecTransformGost2001GostR3411_94Id:
- * 
+ *
  * The GOST2001-GOSTR3411_94 signature transform klass.
  */
-#define xmlSecTransformGost2001GostR3411_94Id		xmlSecTransformGost2001GostR3411_94GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformGost2001GostR3411_94GetKlass	(void);	
+#define xmlSecTransformGost2001GostR3411_94Id           xmlSecTransformGost2001GostR3411_94GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGost2001GostR3411_94GetKlass     (void);
 
 /**
  * xmlSecTransformHmacMd5Id:
- * 
+ *
  * The HMAC with MD5 signature transform klass.
  */
-#define xmlSecTransformHmacMd5Id		xmlSecTransformHmacMd5GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacMd5GetKlass	(void);	
+#define xmlSecTransformHmacMd5Id                xmlSecTransformHmacMd5GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacMd5GetKlass  (void);
 /**
  * xmlSecTransformHmacRipemd160Id:
- * 
+ *
  * The HMAC with RipeMD160 signature transform klass.
  */
-#define xmlSecTransformHmacRipemd160Id		xmlSecTransformHmacRipemd160GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacRipemd160GetKlass(void);
+#define xmlSecTransformHmacRipemd160Id          xmlSecTransformHmacRipemd160GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacRipemd160GetKlass(void);
 /**
  * xmlSecTransformHmacSha1Id:
- * 
+ *
  * The HMAC with SHA1 signature transform klass.
  */
-#define xmlSecTransformHmacSha1Id		xmlSecTransformHmacSha1GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacSha1GetKlass	(void);	
+#define xmlSecTransformHmacSha1Id               xmlSecTransformHmacSha1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacSha1GetKlass (void);
 /**
  * xmlSecTransformHmacSha224Id:
- * 
+ *
  * The HMAC with SHA224 signature transform klass.
  */
-#define xmlSecTransformHmacSha224Id		xmlSecTransformHmacSha224GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacSha224GetKlass	(void);	
+#define xmlSecTransformHmacSha224Id             xmlSecTransformHmacSha224GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacSha224GetKlass       (void);
 /**
  * xmlSecTransformHmacSha256Id:
- * 
+ *
  * The HMAC with SHA256 signature transform klass.
  */
-#define xmlSecTransformHmacSha256Id		xmlSecTransformHmacSha256GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacSha256GetKlass	(void);	
+#define xmlSecTransformHmacSha256Id             xmlSecTransformHmacSha256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacSha256GetKlass       (void);
 /**
  * xmlSecTransformHmacSha384Id:
- * 
+ *
  * The HMAC with SHA384 signature transform klass.
  */
-#define xmlSecTransformHmacSha384Id		xmlSecTransformHmacSha384GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacSha384GetKlass	(void);	
+#define xmlSecTransformHmacSha384Id             xmlSecTransformHmacSha384GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacSha384GetKlass       (void);
 /**
  * xmlSecTransformHmacSha512Id:
- * 
+ *
  * The HMAC with SHA512 signature transform klass.
  */
-#define xmlSecTransformHmacSha512Id		xmlSecTransformHmacSha512GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformHmacSha512GetKlass	(void);	
+#define xmlSecTransformHmacSha512Id             xmlSecTransformHmacSha512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformHmacSha512GetKlass       (void);
 /**
  * xmlSecTransformMd5Id:
- * 
+ *
  * The MD5 digest transform klass.
  */
-#define xmlSecTransformMd5Id			xmlSecTransformMd5GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformMd5GetKlass(void);
+#define xmlSecTransformMd5Id                    xmlSecTransformMd5GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformMd5GetKlass(void);
 /**
  * xmlSecTransformRipemd160Id:
- * 
+ *
  * The RIPEMD160 digest transform klass.
  */
-#define xmlSecTransformRipemd160Id		xmlSecTransformRipemd160GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRipemd160GetKlass(void);
+#define xmlSecTransformRipemd160Id              xmlSecTransformRipemd160GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRipemd160GetKlass(void);
 /**
  * xmlSecTransformRsaMd5Id:
- * 
+ *
  * The RSA-MD5 signature transform klass.
  */
-#define xmlSecTransformRsaMd5Id			xmlSecTransformRsaMd5GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaMd5GetKlass	(void);	
+#define xmlSecTransformRsaMd5Id                 xmlSecTransformRsaMd5GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaMd5GetKlass   (void);
 /**
  * xmlSecTransformRsaRipemd160Id:
- * 
+ *
  * The RSA-RIPEMD160 signature transform klass.
  */
-#define xmlSecTransformRsaRipemd160Id		xmlSecTransformRsaRipemd160GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaRipemd160GetKlass	(void);	
+#define xmlSecTransformRsaRipemd160Id           xmlSecTransformRsaRipemd160GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaRipemd160GetKlass     (void);
 /**
  * xmlSecTransformRsaSha1Id:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  */
-#define xmlSecTransformRsaSha1Id		xmlSecTransformRsaSha1GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaSha1GetKlass	(void);	
+#define xmlSecTransformRsaSha1Id                xmlSecTransformRsaSha1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaSha1GetKlass  (void);
 /**
  * xmlSecTransformRsaSha224Id:
- * 
+ *
  * The RSA-SHA224 signature transform klass.
  */
-#define xmlSecTransformRsaSha224Id		xmlSecTransformRsaSha224GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaSha224GetKlass	(void);	
+#define xmlSecTransformRsaSha224Id              xmlSecTransformRsaSha224GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaSha224GetKlass        (void);
 /**
  * xmlSecTransformRsaSha256Id:
- * 
+ *
  * The RSA-SHA256 signature transform klass.
  */
-#define xmlSecTransformRsaSha256Id		xmlSecTransformRsaSha256GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaSha256GetKlass	(void);	
+#define xmlSecTransformRsaSha256Id              xmlSecTransformRsaSha256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaSha256GetKlass        (void);
 /**
  * xmlSecTransformRsaSha384Id:
- * 
+ *
  * The RSA-SHA384 signature transform klass.
  */
-#define xmlSecTransformRsaSha384Id		xmlSecTransformRsaSha384GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaSha384GetKlass	(void);	
+#define xmlSecTransformRsaSha384Id              xmlSecTransformRsaSha384GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaSha384GetKlass        (void);
 /**
  * xmlSecTransformRsaSha512Id:
- * 
+ *
  * The RSA-SHA512 signature transform klass.
  */
-#define xmlSecTransformRsaSha512Id		xmlSecTransformRsaSha512GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaSha512GetKlass	(void);	
+#define xmlSecTransformRsaSha512Id              xmlSecTransformRsaSha512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaSha512GetKlass        (void);
 
 /**
  * xmlSecTransformRsaPkcs1Id:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
-#define xmlSecTransformRsaPkcs1Id		xmlSecTransformRsaPkcs1GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaPkcs1GetKlass	(void);	
+#define xmlSecTransformRsaPkcs1Id               xmlSecTransformRsaPkcs1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaPkcs1GetKlass (void);
 /**
  * xmlSecTransformRsaOaepId:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
-#define xmlSecTransformRsaOaepId		xmlSecTransformRsaOaepGetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformRsaOaepGetKlass	(void);	
+#define xmlSecTransformRsaOaepId                xmlSecTransformRsaOaepGetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformRsaOaepGetKlass  (void);
 /**
  * xmlSecTransformGostR3411_94Id:
- * 
+ *
  * The GOSTR3411_94 digest transform klass.
  */
-#define xmlSecTransformGostR3411_94Id			xmlSecTransformGostR3411_94GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformGostR3411_94GetKlass	(void);
+#define xmlSecTransformGostR3411_94Id                   xmlSecTransformGostR3411_94GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformGostR3411_94GetKlass     (void);
 /**
  * xmlSecTransformSha1Id:
- * 
+ *
  * The SHA1 digest transform klass.
  */
-#define xmlSecTransformSha1Id			xmlSecTransformSha1GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformSha1GetKlass	(void);
+#define xmlSecTransformSha1Id                   xmlSecTransformSha1GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformSha1GetKlass     (void);
 /**
  * xmlSecTransformSha224Id:
- * 
+ *
  * The SHA224 digest transform klass.
  */
-#define xmlSecTransformSha224Id			xmlSecTransformSha224GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformSha224GetKlass	(void);
+#define xmlSecTransformSha224Id                 xmlSecTransformSha224GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformSha224GetKlass   (void);
 /**
  * xmlSecTransformSha256Id:
- * 
+ *
  * The SHA256 digest transform klass.
  */
-#define xmlSecTransformSha256Id			xmlSecTransformSha256GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformSha256GetKlass	(void);
+#define xmlSecTransformSha256Id                 xmlSecTransformSha256GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformSha256GetKlass   (void);
 /**
  * xmlSecTransformSha384Id:
- * 
+ *
  * The SHA384 digest transform klass.
  */
-#define xmlSecTransformSha384Id			xmlSecTransformSha384GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformSha384GetKlass	(void);
+#define xmlSecTransformSha384Id                 xmlSecTransformSha384GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformSha384GetKlass   (void);
 /**
  * xmlSecTransformSha512Id:
- * 
+ *
  * The SHA512 digest transform klass.
  */
-#define xmlSecTransformSha512Id			xmlSecTransformSha512GetKlass()
-XMLSEC_EXPORT xmlSecTransformId			xmlSecTransformSha512GetKlass	(void);
+#define xmlSecTransformSha512Id                 xmlSecTransformSha512GetKlass()
+XMLSEC_EXPORT xmlSecTransformId                 xmlSecTransformSha512GetKlass   (void);
 
 /*********************************************************************
  *
  * High level routines form xmlsec command line utility
  *
- ********************************************************************/ 
-XMLSEC_EXPORT int				xmlSecCryptoAppInit		(const char* config);
-XMLSEC_EXPORT int				xmlSecCryptoAppShutdown		(void);
-XMLSEC_EXPORT int				xmlSecCryptoAppDefaultKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_EXPORT int				xmlSecCryptoAppDefaultKeysMngrAdoptKey	(xmlSecKeysMngrPtr mngr,
-											 xmlSecKeyPtr key);
-XMLSEC_EXPORT int				xmlSecCryptoAppDefaultKeysMngrLoad	(xmlSecKeysMngrPtr mngr,
-											 const char* uri);
-XMLSEC_EXPORT int				xmlSecCryptoAppDefaultKeysMngrSave	(xmlSecKeysMngrPtr mngr,
-											 const char* filename,
-											 xmlSecKeyDataType type);
-XMLSEC_EXPORT int				xmlSecCryptoAppKeysMngrCertLoad	(xmlSecKeysMngrPtr mngr,
-										 const char *filename, 
-										 xmlSecKeyDataFormat format,
-										 xmlSecKeyDataType type);
-XMLSEC_EXPORT int				xmlSecCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
-										 const xmlSecByte* data,
-										 xmlSecSize dataSize,
-										 xmlSecKeyDataFormat format,
-										 xmlSecKeyDataType type);
-XMLSEC_EXPORT xmlSecKeyPtr			xmlSecCryptoAppKeyLoad		(const char *filename, 
-										 xmlSecKeyDataFormat format,
-										 const char *pwd,
-										 void* pwdCallback,
-										 void* pwdCallbackCtx);
-XMLSEC_EXPORT xmlSecKeyPtr			xmlSecCryptoAppKeyLoadMemory	(const xmlSecByte* data,
-										 xmlSecSize dataSize,
-										 xmlSecKeyDataFormat format,
-										 const char *pwd,
-										 void* pwdCallback,
-										 void* pwdCallbackCtx);
-XMLSEC_EXPORT xmlSecKeyPtr			xmlSecCryptoAppPkcs12Load	(const char* filename, 
-										 const char* pwd,
-										 void* pwdCallback, 
-										 void* pwdCallbackCtx);	
-XMLSEC_EXPORT xmlSecKeyPtr			xmlSecCryptoAppPkcs12LoadMemory	(const xmlSecByte* data,
-										 xmlSecSize dataSize,
-										 const char *pwd,
-										 void* pwdCallback,
-										 void* pwdCallbackCtx);
-XMLSEC_EXPORT int				xmlSecCryptoAppKeyCertLoad	(xmlSecKeyPtr key,
-										 const char* filename,
-										 xmlSecKeyDataFormat format);
-XMLSEC_EXPORT int				xmlSecCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key,
-										 const xmlSecByte* data,
-										 xmlSecSize dataSize,
-										 xmlSecKeyDataFormat format);
-XMLSEC_EXPORT void*				xmlSecCryptoAppGetDefaultPwdCallback(void);
+ ********************************************************************/
+XMLSEC_EXPORT int                               xmlSecCryptoAppInit             (const char* config);
+XMLSEC_EXPORT int                               xmlSecCryptoAppShutdown         (void);
+XMLSEC_EXPORT int                               xmlSecCryptoAppDefaultKeysMngrInit      (xmlSecKeysMngrPtr mngr);
+XMLSEC_EXPORT int                               xmlSecCryptoAppDefaultKeysMngrAdoptKey  (xmlSecKeysMngrPtr mngr,
+                                                                                         xmlSecKeyPtr key);
+XMLSEC_EXPORT int                               xmlSecCryptoAppDefaultKeysMngrLoad      (xmlSecKeysMngrPtr mngr,
+                                                                                         const char* uri);
+XMLSEC_EXPORT int                               xmlSecCryptoAppDefaultKeysMngrSave      (xmlSecKeysMngrPtr mngr,
+                                                                                         const char* filename,
+                                                                                         xmlSecKeyDataType type);
+XMLSEC_EXPORT int                               xmlSecCryptoAppKeysMngrCertLoad (xmlSecKeysMngrPtr mngr,
+                                                                                 const char *filename,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 xmlSecKeyDataType type);
+XMLSEC_EXPORT int                               xmlSecCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
+                                                                                 const xmlSecByte* data,
+                                                                                 xmlSecSize dataSize,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 xmlSecKeyDataType type);
+XMLSEC_EXPORT xmlSecKeyPtr                      xmlSecCryptoAppKeyLoad          (const char *filename,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 const char *pwd,
+                                                                                 void* pwdCallback,
+                                                                                 void* pwdCallbackCtx);
+XMLSEC_EXPORT xmlSecKeyPtr                      xmlSecCryptoAppKeyLoadMemory    (const xmlSecByte* data,
+                                                                                 xmlSecSize dataSize,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 const char *pwd,
+                                                                                 void* pwdCallback,
+                                                                                 void* pwdCallbackCtx);
+XMLSEC_EXPORT xmlSecKeyPtr                      xmlSecCryptoAppPkcs12Load       (const char* filename,
+                                                                                 const char* pwd,
+                                                                                 void* pwdCallback,
+                                                                                 void* pwdCallbackCtx);
+XMLSEC_EXPORT xmlSecKeyPtr                      xmlSecCryptoAppPkcs12LoadMemory (const xmlSecByte* data,
+                                                                                 xmlSecSize dataSize,
+                                                                                 const char *pwd,
+                                                                                 void* pwdCallback,
+                                                                                 void* pwdCallbackCtx);
+XMLSEC_EXPORT int                               xmlSecCryptoAppKeyCertLoad      (xmlSecKeyPtr key,
+                                                                                 const char* filename,
+                                                                                 xmlSecKeyDataFormat format);
+XMLSEC_EXPORT int                               xmlSecCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key,
+                                                                                 const xmlSecByte* data,
+                                                                                 xmlSecSize dataSize,
+                                                                                 xmlSecKeyDataFormat format);
+XMLSEC_EXPORT void*                             xmlSecCryptoAppGetDefaultPwdCallback(void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/base64.h b/include/xmlsec/base64.h
index 93c472a8..28d8fbc4 100644
--- a/include/xmlsec/base64.h
+++ b/include/xmlsec/base64.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Base64 encode/decode transform and utility functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_BASE64_H__
-#define __XMLSEC_BASE64_H__    
+#define __XMLSEC_BASE64_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -25,39 +25,39 @@ extern "C" {
  *
  * The default maximum base64 encoded line size.
  */
-#define XMLSEC_BASE64_LINESIZE				64
+#define XMLSEC_BASE64_LINESIZE                          64
 
-XMLSEC_EXPORT int		xmlSecBase64GetDefaultLineSize	(void);
-XMLSEC_EXPORT void		xmlSecBase64SetDefaultLineSize	(int columns);
+XMLSEC_EXPORT int               xmlSecBase64GetDefaultLineSize  (void);
+XMLSEC_EXPORT void              xmlSecBase64SetDefaultLineSize  (int columns);
 
 
 /* Base64 Context */
-typedef struct _xmlSecBase64Ctx 				xmlSecBase64Ctx, 
-								*xmlSecBase64CtxPtr;
+typedef struct _xmlSecBase64Ctx                                 xmlSecBase64Ctx,
+                                                                *xmlSecBase64CtxPtr;
 
-XMLSEC_EXPORT xmlSecBase64CtxPtr xmlSecBase64CtxCreate		(int encode, 
-								 int columns);
-XMLSEC_EXPORT void		xmlSecBase64CtxDestroy		(xmlSecBase64CtxPtr ctx);
-XMLSEC_EXPORT int		xmlSecBase64CtxInitialize	(xmlSecBase64CtxPtr ctx,
-								 int encode, 
-								 int columns);
-XMLSEC_EXPORT void		xmlSecBase64CtxFinalize		(xmlSecBase64CtxPtr ctx);
-XMLSEC_EXPORT int 		xmlSecBase64CtxUpdate		(xmlSecBase64CtxPtr ctx,
-								 const xmlSecByte *in, 
-						    		 xmlSecSize inSize, 
-								 xmlSecByte *out,
-								 xmlSecSize outSize);
-XMLSEC_EXPORT int		xmlSecBase64CtxFinal		(xmlSecBase64CtxPtr ctx,
-								 xmlSecByte *out,
-								 xmlSecSize outSize);
+XMLSEC_EXPORT xmlSecBase64CtxPtr xmlSecBase64CtxCreate          (int encode,
+                                                                 int columns);
+XMLSEC_EXPORT void              xmlSecBase64CtxDestroy          (xmlSecBase64CtxPtr ctx);
+XMLSEC_EXPORT int               xmlSecBase64CtxInitialize       (xmlSecBase64CtxPtr ctx,
+                                                                 int encode,
+                                                                 int columns);
+XMLSEC_EXPORT void              xmlSecBase64CtxFinalize         (xmlSecBase64CtxPtr ctx);
+XMLSEC_EXPORT int               xmlSecBase64CtxUpdate           (xmlSecBase64CtxPtr ctx,
+                                                                 const xmlSecByte *in,
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte *out,
+                                                                 xmlSecSize outSize);
+XMLSEC_EXPORT int               xmlSecBase64CtxFinal            (xmlSecBase64CtxPtr ctx,
+                                                                 xmlSecByte *out,
+                                                                 xmlSecSize outSize);
 
 /* Standalone routines to do base64 encode/decode "at once" */
-XMLSEC_EXPORT xmlChar*		xmlSecBase64Encode		(const xmlSecByte *buf,
-								 xmlSecSize len,
-								 int columns);
-XMLSEC_EXPORT int		xmlSecBase64Decode		(const xmlChar* str,
-								 xmlSecByte *buf,
-								 xmlSecSize len);
+XMLSEC_EXPORT xmlChar*          xmlSecBase64Encode              (const xmlSecByte *buf,
+                                                                 xmlSecSize len,
+                                                                 int columns);
+XMLSEC_EXPORT int               xmlSecBase64Decode              (const xmlChar* str,
+                                                                 xmlSecByte *buf,
+                                                                 xmlSecSize len);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/bn.h b/include/xmlsec/bn.h
index 418dc1fe..65138ed4 100644
--- a/include/xmlsec/bn.h
+++ b/include/xmlsec/bn.h
@@ -1,32 +1,32 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Simple Big Numbers processing.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_BN_H__
-#define __XMLSEC_BN_H__    
+#define __XMLSEC_BN_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
 
-typedef xmlSecBuffer						xmlSecBn,
-								*xmlSecBnPtr;
+typedef xmlSecBuffer                                            xmlSecBn,
+                                                                *xmlSecBnPtr;
 
 /**
  * xmlSecBnFormat:
- * @xmlSecBnBase64:		the base64 decoded binary blob.
- * @xmlSecBnHex:		the hex number.
- * @xmlSecBnDec:		the decimal number.
+ * @xmlSecBnBase64:             the base64 decoded binary blob.
+ * @xmlSecBnHex:                the hex number.
+ * @xmlSecBnDec:                the decimal number.
  *
  * The big numbers formats.
  */
@@ -36,60 +36,60 @@ typedef enum {
     xmlSecBnDec
 } xmlSecBnFormat;
 
-XMLSEC_EXPORT xmlSecBnPtr	xmlSecBnCreate			(xmlSecSize size);
-XMLSEC_EXPORT void		xmlSecBnDestroy			(xmlSecBnPtr bn);
-XMLSEC_EXPORT int		xmlSecBnInitialize		(xmlSecBnPtr bn,
-								 xmlSecSize size);
-XMLSEC_EXPORT void		xmlSecBnFinalize		(xmlSecBnPtr bn);
-XMLSEC_EXPORT xmlSecByte*	xmlSecBnGetData			(xmlSecBnPtr bn);
-XMLSEC_EXPORT int		xmlSecBnSetData			(xmlSecBnPtr bn,
-								 const xmlSecByte* data,
-								 xmlSecSize size);
-XMLSEC_EXPORT xmlSecSize	xmlSecBnGetSize			(xmlSecBnPtr bn);
-XMLSEC_EXPORT void		xmlSecBnZero			(xmlSecBnPtr bn);
+XMLSEC_EXPORT xmlSecBnPtr       xmlSecBnCreate                  (xmlSecSize size);
+XMLSEC_EXPORT void              xmlSecBnDestroy                 (xmlSecBnPtr bn);
+XMLSEC_EXPORT int               xmlSecBnInitialize              (xmlSecBnPtr bn,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT void              xmlSecBnFinalize                (xmlSecBnPtr bn);
+XMLSEC_EXPORT xmlSecByte*       xmlSecBnGetData                 (xmlSecBnPtr bn);
+XMLSEC_EXPORT int               xmlSecBnSetData                 (xmlSecBnPtr bn,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT xmlSecSize        xmlSecBnGetSize                 (xmlSecBnPtr bn);
+XMLSEC_EXPORT void              xmlSecBnZero                    (xmlSecBnPtr bn);
 
-XMLSEC_EXPORT int		xmlSecBnFromString		(xmlSecBnPtr bn,
-								 const xmlChar* str,
-								 xmlSecSize base);
-XMLSEC_EXPORT xmlChar*		xmlSecBnToString		(xmlSecBnPtr bn,
-								 xmlSecSize base);
-XMLSEC_EXPORT int		xmlSecBnFromHexString		(xmlSecBnPtr bn,
-								 const xmlChar* str);
-XMLSEC_EXPORT xmlChar*		xmlSecBnToHexString		(xmlSecBnPtr bn);
+XMLSEC_EXPORT int               xmlSecBnFromString              (xmlSecBnPtr bn,
+                                                                 const xmlChar* str,
+                                                                 xmlSecSize base);
+XMLSEC_EXPORT xmlChar*          xmlSecBnToString                (xmlSecBnPtr bn,
+                                                                 xmlSecSize base);
+XMLSEC_EXPORT int               xmlSecBnFromHexString           (xmlSecBnPtr bn,
+                                                                 const xmlChar* str);
+XMLSEC_EXPORT xmlChar*          xmlSecBnToHexString             (xmlSecBnPtr bn);
 
-XMLSEC_EXPORT int		xmlSecBnFromDecString		(xmlSecBnPtr bn,
-								 const xmlChar* str);
-XMLSEC_EXPORT xmlChar*		xmlSecBnToDecString		(xmlSecBnPtr bn);
+XMLSEC_EXPORT int               xmlSecBnFromDecString           (xmlSecBnPtr bn,
+                                                                 const xmlChar* str);
+XMLSEC_EXPORT xmlChar*          xmlSecBnToDecString             (xmlSecBnPtr bn);
 
-XMLSEC_EXPORT int		xmlSecBnMul			(xmlSecBnPtr bn,
-								 int multiplier);
-XMLSEC_EXPORT int		xmlSecBnDiv			(xmlSecBnPtr bn,
-								 int divider,
-								 int* mod);
-XMLSEC_EXPORT int		xmlSecBnAdd			(xmlSecBnPtr bn, 
-								 int delta); 
-XMLSEC_EXPORT int		xmlSecBnReverse			(xmlSecBnPtr bn);
-XMLSEC_EXPORT int		xmlSecBnCompare			(xmlSecBnPtr bn,
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize);
-XMLSEC_EXPORT int		xmlSecBnCompareReverse		(xmlSecBnPtr bn,
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize);
-XMLSEC_EXPORT int		xmlSecBnGetNodeValue		(xmlSecBnPtr bn, 
-								 xmlNodePtr cur,
-								 xmlSecBnFormat format,
-								 int reverse);
-XMLSEC_EXPORT int 		xmlSecBnSetNodeValue		(xmlSecBnPtr bn, 
-								 xmlNodePtr cur, 
-								 xmlSecBnFormat format,
-								 int reverse,
-								 int addLineBreaks);
-XMLSEC_EXPORT int 		xmlSecBnBlobSetNodeValue	(const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlNodePtr cur, 
-								 xmlSecBnFormat format,
-								 int reverse,
-								 int addLineBreaks);
+XMLSEC_EXPORT int               xmlSecBnMul                     (xmlSecBnPtr bn,
+                                                                 int multiplier);
+XMLSEC_EXPORT int               xmlSecBnDiv                     (xmlSecBnPtr bn,
+                                                                 int divider,
+                                                                 int* mod);
+XMLSEC_EXPORT int               xmlSecBnAdd                     (xmlSecBnPtr bn,
+                                                                 int delta);
+XMLSEC_EXPORT int               xmlSecBnReverse                 (xmlSecBnPtr bn);
+XMLSEC_EXPORT int               xmlSecBnCompare                 (xmlSecBnPtr bn,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize);
+XMLSEC_EXPORT int               xmlSecBnCompareReverse          (xmlSecBnPtr bn,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize);
+XMLSEC_EXPORT int               xmlSecBnGetNodeValue            (xmlSecBnPtr bn,
+                                                                 xmlNodePtr cur,
+                                                                 xmlSecBnFormat format,
+                                                                 int reverse);
+XMLSEC_EXPORT int               xmlSecBnSetNodeValue            (xmlSecBnPtr bn,
+                                                                 xmlNodePtr cur,
+                                                                 xmlSecBnFormat format,
+                                                                 int reverse,
+                                                                 int addLineBreaks);
+XMLSEC_EXPORT int               xmlSecBnBlobSetNodeValue        (const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlNodePtr cur,
+                                                                 xmlSecBnFormat format,
+                                                                 int reverse,
+                                                                 int addLineBreaks);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/buffer.h b/include/xmlsec/buffer.h
index 8495903a..2791a97b 100644
--- a/include/xmlsec/buffer.h
+++ b/include/xmlsec/buffer.h
@@ -1,33 +1,33 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Memory buffer.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_BUFFER_H__
-#define __XMLSEC_BUFFER_H__    
+#define __XMLSEC_BUFFER_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <xmlsec/xmlsec.h>
 
-typedef struct _xmlSecBuffer					xmlSecBuffer, 
-								*xmlSecBufferPtr;
+typedef struct _xmlSecBuffer                                    xmlSecBuffer,
+                                                                *xmlSecBufferPtr;
 
 
-/** 
+/**
  * xmlSecAllocMode:
- * @xmlSecAllocModeExact: 	the memory allocation mode that minimizes total 
- *				allocated memory size.
- * @xmlSecAllocModeDouble:	the memory allocation mode that tries to minimize
- *				the number of malloc calls.
+ * @xmlSecAllocModeExact:       the memory allocation mode that minimizes total
+ *                              allocated memory size.
+ * @xmlSecAllocModeDouble:      the memory allocation mode that tries to minimize
+ *                              the number of malloc calls.
  *
  * The memory allocation mode (used by @xmlSecBuffer and @xmlSecList).
  */
@@ -42,7 +42,7 @@ typedef enum {
  *
  ****************************************************************************/
 
-/** 
+/**
  * xmlSecBuffer:
  * @data: the pointer to buffer data.
  * @size: the current data size.
@@ -52,52 +52,52 @@ typedef enum {
  * Binary data buffer.
  */
 struct _xmlSecBuffer {
-    xmlSecByte* 	data;
-    xmlSecSize 		size;
-    xmlSecSize		maxSize;
-    xmlSecAllocMode 	allocMode;
+    xmlSecByte*         data;
+    xmlSecSize          size;
+    xmlSecSize          maxSize;
+    xmlSecAllocMode     allocMode;
 };
 
-XMLSEC_EXPORT void		xmlSecBufferSetDefaultAllocMode	(xmlSecAllocMode defAllocMode,
-								 xmlSecSize defInitialSize);
-
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecBufferCreate		(xmlSecSize size);
-XMLSEC_EXPORT void		xmlSecBufferDestroy		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT int		xmlSecBufferInitialize		(xmlSecBufferPtr buf,
-								 xmlSecSize size);
-XMLSEC_EXPORT void		xmlSecBufferFinalize		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT xmlSecByte*	xmlSecBufferGetData		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT int		xmlSecBufferSetData		(xmlSecBufferPtr buf,
-								 const xmlSecByte* data,
-								 xmlSecSize size);
-XMLSEC_EXPORT xmlSecSize	xmlSecBufferGetSize		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT int		xmlSecBufferSetSize		(xmlSecBufferPtr buf,
-								 xmlSecSize size);
-XMLSEC_EXPORT xmlSecSize	xmlSecBufferGetMaxSize		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT int		xmlSecBufferSetMaxSize		(xmlSecBufferPtr buf,
-								 xmlSecSize size);
-XMLSEC_EXPORT void		xmlSecBufferEmpty		(xmlSecBufferPtr buf);
-XMLSEC_EXPORT int		xmlSecBufferAppend		(xmlSecBufferPtr buf,
-								 const xmlSecByte* data,
-								 xmlSecSize size);
-XMLSEC_EXPORT int		xmlSecBufferPrepend		(xmlSecBufferPtr buf,
-								 const xmlSecByte* data,
-								 xmlSecSize size);
-XMLSEC_EXPORT int		xmlSecBufferRemoveHead		(xmlSecBufferPtr buf,
-								 xmlSecSize size);
-XMLSEC_EXPORT int		xmlSecBufferRemoveTail		(xmlSecBufferPtr buf,
-								 xmlSecSize size);
-
-XMLSEC_EXPORT int		xmlSecBufferReadFile		(xmlSecBufferPtr buf,
-								 const char* filename);
-
-XMLSEC_EXPORT int		xmlSecBufferBase64NodeContentRead(xmlSecBufferPtr buf,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int		xmlSecBufferBase64NodeContentWrite(xmlSecBufferPtr buf,
-								 xmlNodePtr node,
-								 int columns);
-
-XMLSEC_EXPORT xmlOutputBufferPtr xmlSecBufferCreateOutputBuffer	(xmlSecBufferPtr buf);
+XMLSEC_EXPORT void              xmlSecBufferSetDefaultAllocMode (xmlSecAllocMode defAllocMode,
+                                                                 xmlSecSize defInitialSize);
+
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecBufferCreate              (xmlSecSize size);
+XMLSEC_EXPORT void              xmlSecBufferDestroy             (xmlSecBufferPtr buf);
+XMLSEC_EXPORT int               xmlSecBufferInitialize          (xmlSecBufferPtr buf,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT void              xmlSecBufferFinalize            (xmlSecBufferPtr buf);
+XMLSEC_EXPORT xmlSecByte*       xmlSecBufferGetData             (xmlSecBufferPtr buf);
+XMLSEC_EXPORT int               xmlSecBufferSetData             (xmlSecBufferPtr buf,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT xmlSecSize        xmlSecBufferGetSize             (xmlSecBufferPtr buf);
+XMLSEC_EXPORT int               xmlSecBufferSetSize             (xmlSecBufferPtr buf,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT xmlSecSize        xmlSecBufferGetMaxSize          (xmlSecBufferPtr buf);
+XMLSEC_EXPORT int               xmlSecBufferSetMaxSize          (xmlSecBufferPtr buf,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT void              xmlSecBufferEmpty               (xmlSecBufferPtr buf);
+XMLSEC_EXPORT int               xmlSecBufferAppend              (xmlSecBufferPtr buf,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT int               xmlSecBufferPrepend             (xmlSecBufferPtr buf,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT int               xmlSecBufferRemoveHead          (xmlSecBufferPtr buf,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT int               xmlSecBufferRemoveTail          (xmlSecBufferPtr buf,
+                                                                 xmlSecSize size);
+
+XMLSEC_EXPORT int               xmlSecBufferReadFile            (xmlSecBufferPtr buf,
+                                                                 const char* filename);
+
+XMLSEC_EXPORT int               xmlSecBufferBase64NodeContentRead(xmlSecBufferPtr buf,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecBufferBase64NodeContentWrite(xmlSecBufferPtr buf,
+                                                                 xmlNodePtr node,
+                                                                 int columns);
+
+XMLSEC_EXPORT xmlOutputBufferPtr xmlSecBufferCreateOutputBuffer (xmlSecBufferPtr buf);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/crypto.h b/include/xmlsec/crypto.h
index 57e9067e..f388aa1e 100644
--- a/include/xmlsec/crypto.h
+++ b/include/xmlsec/crypto.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Crypto engine selection.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_CRYPTO_H__
-#define __XMLSEC_CRYPTO_H__    
+#define __XMLSEC_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 
@@ -34,11 +34,6 @@ extern "C" {
 #include <xmlsec/openssl/x509.h>
 #include <xmlsec/openssl/symbols.h>
 #else /* XMLSEC_CRYPTO_OPENSSL */
-#ifdef XMLSEC_CRYPTO_GNUTLS
-#include <xmlsec/gnutls/app.h>
-#include <xmlsec/gnutls/crypto.h>
-#include <xmlsec/gnutls/symbols.h>
-#else /* XMLSEC_CRYPTO_GNUTLS */
 #ifdef XMLSEC_CRYPTO_MSCRYPTO
 #include <xmlsec/mscrypto/app.h>
 #include <xmlsec/mscrypto/crypto.h>
@@ -51,10 +46,21 @@ extern "C" {
 #include <xmlsec/nss/x509.h>
 #include <xmlsec/nss/symbols.h>
 #else /* XMLSEC_CRYPTO_NSS */
+#ifdef XMLSEC_CRYPTO_GNUTLS
+#include <xmlsec/gnutls/app.h>
+#include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/symbols.h>
+#else /* XMLSEC_CRYPTO_GNUTLS */
+#ifdef XMLSEC_CRYPTO_GCRYPT
+#include <xmlsec/gcrypt/app.h>
+#include <xmlsec/gcrypt/crypto.h>
+#include <xmlsec/gcrypt/symbols.h>
+#else /* XMLSEC_CRYPTO_GCRYPT */
 #error No crypto library defined
+#endif /* XMLSEC_CRYPTO_GCRYPT */
 #endif /* XMLSEC_CRYPTO_GNUTLS */
-#endif /* XMLSEC_CRYPTO_MSCRYPTO */
 #endif /* XMLSEC_CRYPTO_NSS */
+#endif /* XMLSEC_CRYPTO_MSCRYPTO */
 #endif /* XMLSEC_CRYPTO_OPENSSL */
 #endif /* XMLSEC_CRYPTO_DYNAMIC_LOADING */
 
diff --git a/include/xmlsec/dl.h b/include/xmlsec/dl.h
index 9dce850a..86391a78 100644
--- a/include/xmlsec/dl.h
+++ b/include/xmlsec/dl.h
@@ -1,25 +1,25 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_DL_H__
-#define __XMLSEC_DL_H__    
+#define __XMLSEC_DL_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-typedef struct _xmlSecCryptoDLFunctions 	xmlSecCryptoDLFunctions,
-						*xmlSecCryptoDLFunctionsPtr;
+typedef struct _xmlSecCryptoDLFunctions         xmlSecCryptoDLFunctions,
+                                                *xmlSecCryptoDLFunctionsPtr;
+
+XMLSEC_EXPORT int                               xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms
+                                                                            (xmlSecCryptoDLFunctionsPtr functions);
 
-XMLSEC_EXPORT int 				xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms
-									    (xmlSecCryptoDLFunctionsPtr functions);
-										
 #ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
 
 #include <libxml/tree.h>
@@ -31,19 +31,21 @@ XMLSEC_EXPORT int 				xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/transforms.h>
 
-/**
+/****************************************************************************
+ *
  * Dynamic load functions
- */
-XMLSEC_EXPORT int				xmlSecCryptoDLInit		(void);
-XMLSEC_EXPORT int				xmlSecCryptoDLShutdown		(void);
+ *
+ ****************************************************************************/
+XMLSEC_EXPORT int                               xmlSecCryptoDLInit              (void);
+XMLSEC_EXPORT int                               xmlSecCryptoDLShutdown          (void);
+
+XMLSEC_EXPORT int                               xmlSecCryptoDLLoadLibrary       (const xmlChar* crypto);
+XMLSEC_EXPORT xmlSecCryptoDLFunctionsPtr        xmlSecCryptoDLGetLibraryFunctions(const xmlChar* crypto);
+XMLSEC_EXPORT int                               xmlSecCryptoDLUnloadLibrary     (const xmlChar* crypto);
 
-XMLSEC_EXPORT int				xmlSecCryptoDLLoadLibrary	(const xmlChar* crypto);
-XMLSEC_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoDLGetLibraryFunctions(const xmlChar* crypto);
-XMLSEC_EXPORT int				xmlSecCryptoDLUnloadLibrary	(const xmlChar* crypto);
+XMLSEC_EXPORT int                               xmlSecCryptoDLSetFunctions      (xmlSecCryptoDLFunctionsPtr functions);
+XMLSEC_EXPORT xmlSecCryptoDLFunctionsPtr        xmlSecCryptoDLGetFunctions      (void);
 
-XMLSEC_EXPORT int 				xmlSecCryptoDLSetFunctions	(xmlSecCryptoDLFunctionsPtr functions);
-XMLSEC_EXPORT xmlSecCryptoDLFunctionsPtr 	xmlSecCryptoDLGetFunctions	(void);
-					
 #endif /* XMLSEC_NO_CRYPTO_DYNAMIC_LOADING */
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/errors.h b/include/xmlsec/errors.h
index 42c6306c..6e23620c 100644
--- a/include/xmlsec/errors.h
+++ b/include/xmlsec/errors.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Error codes and error reporting functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_ERRORS_H__
-#define __XMLSEC_ERRORS_H__    
+#define __XMLSEC_ERRORS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 /***************************************************************
  *
@@ -25,49 +25,49 @@ extern "C" {
  *
  * An XMLSec function failed (error subject is the failed function).
  */
-#define XMLSEC_ERRORS_R_XMLSEC_FAILED		 	1
+#define XMLSEC_ERRORS_R_XMLSEC_FAILED                   1
 
 /**
  * XMLSEC_ERRORS_R_MALLOC_FAILED:
  *
  * Failed to allocate memory error.
  */
-#define XMLSEC_ERRORS_R_MALLOC_FAILED		 	2
+#define XMLSEC_ERRORS_R_MALLOC_FAILED                   2
 
 /**
  * XMLSEC_ERRORS_R_STRDUP_FAILED:
  *
  * Failed to duplicate string error.
  */
-#define XMLSEC_ERRORS_R_STRDUP_FAILED		 	3
+#define XMLSEC_ERRORS_R_STRDUP_FAILED                   3
 
 /**
  * XMLSEC_ERRORS_R_CRYPTO_FAILED:
  *
- * Crypto (OpenSSL) function failed (error subject is the failed function). 
+ * Crypto (OpenSSL) function failed (error subject is the failed function).
  */
-#define XMLSEC_ERRORS_R_CRYPTO_FAILED		 	4
+#define XMLSEC_ERRORS_R_CRYPTO_FAILED                   4
 
 /**
  * XMLSEC_ERRORS_R_XML_FAILED:
  *
  * LibXML function failed (error subject is the failed function).
  */
-#define XMLSEC_ERRORS_R_XML_FAILED		 	5
+#define XMLSEC_ERRORS_R_XML_FAILED                      5
 
 /**
  * XMLSEC_ERRORS_R_XSLT_FAILED:
- * 
+ *
  * LibXSLT function failed (error subject is the failed function).
  */
-#define XMLSEC_ERRORS_R_XSLT_FAILED		 	6
+#define XMLSEC_ERRORS_R_XSLT_FAILED                     6
 
 /**
  * XMLSEC_ERRORS_R_IO_FAILED:
  *
  * IO operation failed.
  */
-#define XMLSEC_ERRORS_R_IO_FAILED		 	7
+#define XMLSEC_ERRORS_R_IO_FAILED                       7
 
 /**
  * XMLSEC_ERRORS_R_DISABLED:
@@ -76,288 +76,288 @@ extern "C" {
  * Check './configure --help' for details on how to
  * enable it.
  */
-#define XMLSEC_ERRORS_R_DISABLED		 	8
+#define XMLSEC_ERRORS_R_DISABLED                        8
 
 /**
  * XMLSEC_ERRORS_R_NOT_IMPLEMENTED:
  *
  * Feature is not implemented.
  */
-#define XMLSEC_ERRORS_R_NOT_IMPLEMENTED		 	9
+#define XMLSEC_ERRORS_R_NOT_IMPLEMENTED                 9
 
 /**
  * XMLSEC_ERRORS_R_INVALID_SIZE:
  *
  * Invalid size.
  */
-#define XMLSEC_ERRORS_R_INVALID_SIZE		 	11
+#define XMLSEC_ERRORS_R_INVALID_SIZE                    11
 
 /**
  * XMLSEC_ERRORS_R_INVALID_DATA:
  *
  * Invalid data.
  */
-#define XMLSEC_ERRORS_R_INVALID_DATA		 	12
+#define XMLSEC_ERRORS_R_INVALID_DATA                    12
 
 /**
  * XMLSEC_ERRORS_R_INVALID_RESULT:
  *
  * Invalid result.
  */
-#define XMLSEC_ERRORS_R_INVALID_RESULT		 	13
+#define XMLSEC_ERRORS_R_INVALID_RESULT                  13
 
 /**
  * XMLSEC_ERRORS_R_INVALID_TYPE:
- * 
+ *
  * Invalid type.
  */
-#define XMLSEC_ERRORS_R_INVALID_TYPE		 	14
+#define XMLSEC_ERRORS_R_INVALID_TYPE                    14
 
 /**
  * XMLSEC_ERRORS_R_INVALID_OPERATION:
- * 
+ *
  * Invalid operation.
  */
-#define XMLSEC_ERRORS_R_INVALID_OPERATION	 	15
+#define XMLSEC_ERRORS_R_INVALID_OPERATION               15
 
 /**
  * XMLSEC_ERRORS_R_INVALID_STATUS:
  *
  * Invalid status.
  */
-#define XMLSEC_ERRORS_R_INVALID_STATUS 			16
+#define XMLSEC_ERRORS_R_INVALID_STATUS                  16
 
 /**
  * XMLSEC_ERRORS_R_INVALID_FORMAT:
  *
  * Invalid format.
  */
-#define XMLSEC_ERRORS_R_INVALID_FORMAT 			17
+#define XMLSEC_ERRORS_R_INVALID_FORMAT                  17
 
 /**
  * XMLSEC_ERRORS_R_DATA_NOT_MATCH:
  *
  * The data do not match our expectation.
  */
-#define XMLSEC_ERRORS_R_DATA_NOT_MATCH		 	18
+#define XMLSEC_ERRORS_R_DATA_NOT_MATCH                  18
 
 /**
  * XMLSEC_ERRORS_R_INVALID_NODE:
- * 
+ *
  * Invalid node (error subject is the node name).
  */
-#define XMLSEC_ERRORS_R_INVALID_NODE	 	 	21
+#define XMLSEC_ERRORS_R_INVALID_NODE                    21
 
 /**
  * XMLSEC_ERRORS_R_INVALID_NODE_CONTENT:
  *
  * Invalid node content (error subject is the node name).
  */
-#define XMLSEC_ERRORS_R_INVALID_NODE_CONTENT	 	22
+#define XMLSEC_ERRORS_R_INVALID_NODE_CONTENT            22
 
 /**
  * XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE:
  *
  * Invalid node attribute (error subject is the node name).
  */
-#define XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE	 	23
+#define XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE          23
 
 /**
  * XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE:
  *
  * Missing node attribute (error subject is the node name).
  */
-#define XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE	 	25
+#define XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE          25
 
 /**
  * XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT:
  *
  * Node already present,
  */
-#define XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT	 	26
+#define XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT            26
 
 /**
  * XMLSEC_ERRORS_R_UNEXPECTED_NODE:
- * 
+ *
  * Unexpected node (error subject is the node name).
  */
-#define XMLSEC_ERRORS_R_UNEXPECTED_NODE	 	 	27
+#define XMLSEC_ERRORS_R_UNEXPECTED_NODE                 27
 
 /**
  * XMLSEC_ERRORS_R_NODE_NOT_FOUND:
  *
  * Node not found (error subject is the required node name).
  */
-#define XMLSEC_ERRORS_R_NODE_NOT_FOUND 	 	 	28
+#define XMLSEC_ERRORS_R_NODE_NOT_FOUND                  28
 
 /**
  * XMLSEC_ERRORS_R_INVALID_TRANSFORM:
- * 
+ *
  * This transform is invlaid here.
  */
-#define XMLSEC_ERRORS_R_INVALID_TRANSFORM	 	31
+#define XMLSEC_ERRORS_R_INVALID_TRANSFORM               31
 
 /**
  * XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY:
- * 
+ *
  * Key is invalid for this transform.
  */
-#define XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY		32
+#define XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY           32
 
 /**
  * XMLSEC_ERRORS_R_INVALID_URI_TYPE:
- * 
+ *
  * Invalid URI type.
  */
-#define XMLSEC_ERRORS_R_INVALID_URI_TYPE 	 	33
+#define XMLSEC_ERRORS_R_INVALID_URI_TYPE                33
 
 /**
  * XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED:
  *
  * The transform requires the input document to be the same as context.
  */
-#define XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED 	34
+#define XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED        34
 
 /**
  * XMLSEC_ERRORS_R_TRANSFORM_DISABLED:
  *
  * The transform is disabled.
  */
-#define XMLSEC_ERRORS_R_TRANSFORM_DISABLED		35
+#define XMLSEC_ERRORS_R_TRANSFORM_DISABLED              35
 
 /**
  * XMLSEC_ERRORS_R_INVALID_KEY_DATA:
  *
  * Key data is invalid.
  */
-#define XMLSEC_ERRORS_R_INVALID_KEY_DATA	 	41
+#define XMLSEC_ERRORS_R_INVALID_KEY_DATA                41
 
 /**
  * XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND:
  *
  * Data is not found (error subject is the data name).
  */
-#define XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND		42
+#define XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND              42
 
 /**
  * XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST:
  *
  * The key data is already exist.
  */
-#define XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST	 	43
+#define XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST          43
 
 /**
  * XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE:
  *
  * Invalid key size.
  */
-#define XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE	 	44
+#define XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE           44
 
 /**
  * XMLSEC_ERRORS_R_KEY_NOT_FOUND:
- * 
+ *
  * Key not found.
  */
-#define XMLSEC_ERRORS_R_KEY_NOT_FOUND		 	45
+#define XMLSEC_ERRORS_R_KEY_NOT_FOUND                   45
 
-/** 
+/**
  * XMLSEC_ERRORS_R_KEYDATA_DISABLED:
  *
  * The key data type disabled.
  */
-#define XMLSEC_ERRORS_R_KEYDATA_DISABLED		46
+#define XMLSEC_ERRORS_R_KEYDATA_DISABLED                46
 
 /**
  * XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL:
  *
  * Max allowed retrievals level reached.
  */
-#define XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL	 	51
+#define XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL            51
 
 /**
  * XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH:
  *
- * The retrieved key data type does not match the one specified 
+ * The retrieved key data type does not match the one specified
  * in the <dsig:RetrievalMethod/> node.
  */
-#define XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH	52
+#define XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH     52
 
 /**
  * XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL:
  *
  * Max EncryptedKey level reached.
  */
-#define XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL	 	61
+#define XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL                61
 
 /**
  * XMLSEC_ERRORS_R_CERT_VERIFY_FAILED:
  *
  * Certificate verification failed.
  */
-#define XMLSEC_ERRORS_R_CERT_VERIFY_FAILED	 	71
+#define XMLSEC_ERRORS_R_CERT_VERIFY_FAILED              71
 
 /**
  * XMLSEC_ERRORS_R_CERT_NOT_FOUND:
  *
  * Requested certificate is not found.
  */
-#define XMLSEC_ERRORS_R_CERT_NOT_FOUND		 	72
+#define XMLSEC_ERRORS_R_CERT_NOT_FOUND                  72
 
 /**
  * XMLSEC_ERRORS_R_CERT_REVOKED:
- * 
+ *
  * The certificate is revoked.
  */
-#define XMLSEC_ERRORS_R_CERT_REVOKED		 	73
+#define XMLSEC_ERRORS_R_CERT_REVOKED                    73
 
 /**
  * XMLSEC_ERRORS_R_CERT_ISSUER_FAILED:
  *
  * Failed to get certificate issuer.
  */
-#define XMLSEC_ERRORS_R_CERT_ISSUER_FAILED	 	74
+#define XMLSEC_ERRORS_R_CERT_ISSUER_FAILED              74
 
 /**
  * XMLSEC_ERRORS_R_CERT_NOT_YET_VALID:
  *
  * "Not valid before" verification failed.
  */
-#define XMLSEC_ERRORS_R_CERT_NOT_YET_VALID	 	75
+#define XMLSEC_ERRORS_R_CERT_NOT_YET_VALID              75
 
 /**
  * XMLSEC_ERRORS_R_CERT_HAS_EXPIRED:
  *
  * "Not valid after" verification failed.
  */
-#define XMLSEC_ERRORS_R_CERT_HAS_EXPIRED	 	76
+#define XMLSEC_ERRORS_R_CERT_HAS_EXPIRED                76
 
 /**
  * XMLSEC_ERRORS_R_DSIG_NO_REFERENCES:
  *
  * The <dsig:Reference> nodes not found.
  */
-#define XMLSEC_ERRORS_R_DSIG_NO_REFERENCES 	 	81
+#define XMLSEC_ERRORS_R_DSIG_NO_REFERENCES              81
 
 /**
  * XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE:
  *
  * The <dsig:Reference> validation failed.
  */
-#define XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE 	 	82
+#define XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE          82
 
 /**
  * XMLSEC_ERRORS_R_ASSERTION:
  *
  * Invalid assertion.
  */
-#define XMLSEC_ERRORS_R_ASSERTION		 	100
+#define XMLSEC_ERRORS_R_ASSERTION                       100
 
 /**
  * XMLSEC_ERRORS_MAX_NUMBER:
- * 
+ *
  * The maximum xmlsec errors number.
  */
-#define XMLSEC_ERRORS_MAX_NUMBER			256
+#define XMLSEC_ERRORS_MAX_NUMBER                        256
 
 
 
@@ -365,48 +365,48 @@ extern "C" {
  *
  * Error functions
  *
- *******************************************************************/ 
+ *******************************************************************/
 /**
  * xmlSecErrorsCallback:
- * @file:		the error location file name (__FILE__ macro).
- * @line:		the error location line number (__LINE__ macro).
- * @func:		the error location function name (__FUNCTION__ macro).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject.
- * @reason:		the error code.
- * @msg:		the additional error message.
+ * @file:               the error location file name (__FILE__ macro).
+ * @line:               the error location line number (__LINE__ macro).
+ * @func:               the error location function name (__FUNCTION__ macro).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the additional error message.
  *
  * The errors reporting callback function.
  */
-typedef void (*xmlSecErrorsCallback) 				(const char* file, 
-						    		 int line, 
-				    				 const char* func,
-								 const char* errorObject,
-								 const char* errorSubject,
-								 int reason, 
-								 const char* msg);
+typedef void (*xmlSecErrorsCallback)                            (const char* file,
+                                                                 int line,
+                                                                 const char* func,
+                                                                 const char* errorObject,
+                                                                 const char* errorSubject,
+                                                                 int reason,
+                                                                 const char* msg);
 
 
-XMLSEC_EXPORT void 		xmlSecErrorsInit		(void);
-XMLSEC_EXPORT void 		xmlSecErrorsShutdown		(void);
-XMLSEC_EXPORT void 		xmlSecErrorsSetCallback		(xmlSecErrorsCallback callback);
-XMLSEC_EXPORT void 		xmlSecErrorsDefaultCallback	(const char* file, 
-								 int line, 
-				    				 const char* func,
-								 const char* errorObject,
-								 const char* errorSubject,
-								 int reason, 
-								 const char* msg);
-XMLSEC_EXPORT void 		xmlSecErrorsDefaultCallbackEnableOutput
-								(int enabled);
+XMLSEC_EXPORT void              xmlSecErrorsInit                (void);
+XMLSEC_EXPORT void              xmlSecErrorsShutdown            (void);
+XMLSEC_EXPORT void              xmlSecErrorsSetCallback         (xmlSecErrorsCallback callback);
+XMLSEC_EXPORT void              xmlSecErrorsDefaultCallback     (const char* file,
+                                                                 int line,
+                                                                 const char* func,
+                                                                 const char* errorObject,
+                                                                 const char* errorSubject,
+                                                                 int reason,
+                                                                 const char* msg);
+XMLSEC_EXPORT void              xmlSecErrorsDefaultCallbackEnableOutput
+                                                                (int enabled);
 
-XMLSEC_EXPORT int 		xmlSecErrorsGetCode		(xmlSecSize pos);
-XMLSEC_EXPORT const char* 	xmlSecErrorsGetMsg		(xmlSecSize pos);
+XMLSEC_EXPORT int               xmlSecErrorsGetCode             (xmlSecSize pos);
+XMLSEC_EXPORT const char*       xmlSecErrorsGetMsg              (xmlSecSize pos);
 
 
 
 /* __FUNCTION__ is defined for MSC compiler < MS VS .NET 2003 */
-#if defined(_MSC_VER) && (_MSC_VER >= 1300) 
+#if defined(_MSC_VER) && (_MSC_VER >= 1300)
 #define __XMLSEC_FUNCTION__  __FUNCTION__
 #endif /* _MSC_VER */
 
@@ -414,46 +414,46 @@ XMLSEC_EXPORT const char* 	xmlSecErrorsGetMsg		(xmlSecSize pos);
 #if !defined(__XMLSEC_FUNCTION__)
 #define __XMLSEC_FUNCTION__  ""
 #endif /*!defined(__XMLSEC_FUNCTION__) */
- 
-/** 
+
+/**
  * XMLSEC_ERRORS_HERE:
  *
  * The macro that specifies the location (file, line and function)
  * for the xmlSecError() function.
  */
-#define XMLSEC_ERRORS_HERE			__FILE__,__LINE__,__XMLSEC_FUNCTION__
+#define XMLSEC_ERRORS_HERE                      __FILE__,__LINE__,__XMLSEC_FUNCTION__
 #ifdef __GNUC__
-#define XMLSEC_ERRORS_PRINTF_ATTRIBUTE 		__attribute__ ((format (printf, 7, 8)))
+#define XMLSEC_ERRORS_PRINTF_ATTRIBUTE          __attribute__ ((format (printf, 7, 8)))
 #else /* __GNUC__ */
-#define XMLSEC_ERRORS_PRINTF_ATTRIBUTE 		
+#define XMLSEC_ERRORS_PRINTF_ATTRIBUTE
 #endif /* __GNUC__ */
 
 /**
  * xmlSecErrorsSafeString:
- * @str:		the string.
- * 
+ * @str:                the string.
+ *
  * Macro. Returns @str if it is not NULL or pointer to "NULL" otherwise.
  */
 #define xmlSecErrorsSafeString(str) \
-	(((str) != NULL) ? ((char*)(str)) : (char*)"NULL")
+        (((str) != NULL) ? ((char*)(str)) : (char*)"NULL")
 
-/** 
+/**
  * XMLSEC_ERRORS_NO_MESSAGE:
- * 
+ *
  * Empty error message " ".
  */
-#define XMLSEC_ERRORS_NO_MESSAGE 		" "
+#define XMLSEC_ERRORS_NO_MESSAGE                " "
+
+
+XMLSEC_EXPORT void xmlSecError                          (const char* file,
+                                                         int line,
+                                                         const char* func,
+                                                         const char* errorObject,
+                                                         const char* errorSubject,
+                                                         int reason,
+                                                         const char* msg, ...) XMLSEC_ERRORS_PRINTF_ATTRIBUTE;
 
 
-XMLSEC_EXPORT void xmlSecError				(const char* file, 
-							 int line, 
-							 const char* func,
-							 const char* errorObject,
-							 const char* errorSubject,
-							 int reason,
-							 const char* msg, ...) XMLSEC_ERRORS_PRINTF_ATTRIBUTE;
-						 
-						
 
 /**********************************************************************
  *
@@ -467,14 +467,14 @@ XMLSEC_EXPORT void xmlSecError				(const char* file,
  * Macro. Verifies that @p is true and calls return() otherwise.
  */
 #define xmlSecAssert( p ) \
-	if(!( p ) ) { \
-	    xmlSecError(XMLSEC_ERRORS_HERE, \
-			NULL, \
-			#p, \
-			XMLSEC_ERRORS_R_ASSERTION, \
-			XMLSEC_ERRORS_NO_MESSAGE); \
-	    return; \
-	} 
+        if(!( p ) ) { \
+            xmlSecError(XMLSEC_ERRORS_HERE, \
+                        NULL, \
+                        #p, \
+                        XMLSEC_ERRORS_R_ASSERTION, \
+                        XMLSEC_ERRORS_NO_MESSAGE); \
+            return; \
+        }
 
 /**
  * xmlSecAssert2:
@@ -484,14 +484,14 @@ XMLSEC_EXPORT void xmlSecError				(const char* file,
  * Macro. Verifies that @p is true and calls return(@ret) otherwise.
  */
 #define xmlSecAssert2( p, ret ) \
-	if(!( p ) ) { \
-	    xmlSecError(XMLSEC_ERRORS_HERE, \
-			NULL, \
-			#p, \
-			XMLSEC_ERRORS_R_ASSERTION, \
-			XMLSEC_ERRORS_NO_MESSAGE); \
-	    return(ret); \
-	} 
+        if(!( p ) ) { \
+            xmlSecError(XMLSEC_ERRORS_HERE, \
+                        NULL, \
+                        #p, \
+                        XMLSEC_ERRORS_R_ASSERTION, \
+                        XMLSEC_ERRORS_NO_MESSAGE); \
+            return(ret); \
+        }
 
 
 
diff --git a/include/xmlsec/exports.h b/include/xmlsec/exports.h
index 41d0a7e7..61678c2b 100644
--- a/include/xmlsec/exports.h
+++ b/include/xmlsec/exports.h
@@ -1,21 +1,21 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Export macro declarations for Win32 platform.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_EXPORTS_H__
-#define __XMLSEC_EXPORTS_H__    
+#define __XMLSEC_EXPORTS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/* Now, the export orgy begins. The following we must do for the 
+/* Now, the export orgy begins. The following we must do for the
    Windows platform with MSVC compiler. */
 
 #if !defined XMLSEC_EXPORT
@@ -23,7 +23,7 @@ extern "C" {
      /* if we compile libxmlsec itself: */
 #    if defined(IN_XMLSEC)
 #      if !defined(XMLSEC_STATIC)
-#        define XMLSEC_EXPORT __declspec(dllexport) 
+#        define XMLSEC_EXPORT __declspec(dllexport)
 #      else
 #        define XMLSEC_EXPORT extern
 #      endif
@@ -38,9 +38,9 @@ extern "C" {
 #      define XMLSEC_EXPORT
 #else
 #      if !defined(XMLSEC_STATIC)
-#        define XMLSEC_EXPORT __declspec(dllimport) 
+#        define XMLSEC_EXPORT __declspec(dllimport)
 #      else
-#        define XMLSEC_EXPORT 
+#        define XMLSEC_EXPORT
 #      endif
 #endif
 #    endif
@@ -56,16 +56,16 @@ extern "C" {
      /* if we compile libxmlsec itself: */
 #    if defined(IN_XMLSEC_CRYPTO)
 #      if !defined(XMLSEC_STATIC)
-#        define XMLSEC_CRYPTO_EXPORT __declspec(dllexport) 
+#        define XMLSEC_CRYPTO_EXPORT __declspec(dllexport)
 #      else
 #        define XMLSEC_CRYPTO_EXPORT extern
 #      endif
      /* if a client program includes this file: */
 #    else
 #      if !defined(XMLSEC_STATIC)
-#        define XMLSEC_CRYPTO_EXPORT __declspec(dllimport) 
+#        define XMLSEC_CRYPTO_EXPORT __declspec(dllimport)
 #      else
-#        define XMLSEC_CRYPTO_EXPORT 
+#        define XMLSEC_CRYPTO_EXPORT
 #      endif
 #    endif
    /* This holds on all other platforms/compilers, which are easier to
diff --git a/include/xmlsec/gcrypt/Makefile.am b/include/xmlsec/gcrypt/Makefile.am
new file mode 100644
index 00000000..82f4f90a
--- /dev/null
+++ b/include/xmlsec/gcrypt/Makefile.am
@@ -0,0 +1,13 @@
+NULL =
+
+xmlsecgcryptincdir = $(includedir)/xmlsec1/xmlsec/gcrypt
+
+xmlsecgcryptinc_HEADERS = \
+app.h \
+crypto.h \
+symbols.h \
+$(NULL)
+
+install-exec-hook:
+	$(mkinstalldirs) $(DESTDIR)$(xmlsecgcryptincdir)
+
diff --git a/include/xmlsec/gcrypt/Makefile.in b/include/xmlsec/gcrypt/Makefile.in
new file mode 100644
index 00000000..776941cd
--- /dev/null
+++ b/include/xmlsec/gcrypt/Makefile.in
@@ -0,0 +1,581 @@
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = include/xmlsec/gcrypt
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
+	$(xmlsecgcryptinc_HEADERS)
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+SOURCES =
+DIST_SOURCES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(xmlsecgcryptincdir)"
+HEADERS = $(xmlsecgcryptinc_HEADERS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL = 
+xmlsecgcryptincdir = $(includedir)/xmlsec1/xmlsec/gcrypt
+xmlsecgcryptinc_HEADERS = \
+app.h \
+crypto.h \
+symbols.h \
+$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu include/xmlsec/gcrypt/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --gnu include/xmlsec/gcrypt/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+install-xmlsecgcryptincHEADERS: $(xmlsecgcryptinc_HEADERS)
+	@$(NORMAL_INSTALL)
+	test -z "$(xmlsecgcryptincdir)" || $(MKDIR_P) "$(DESTDIR)$(xmlsecgcryptincdir)"
+	@list='$(xmlsecgcryptinc_HEADERS)'; test -n "$(xmlsecgcryptincdir)" || list=; \
+	for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  echo "$$d$$p"; \
+	done | $(am__base_list) | \
+	while read files; do \
+	  echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(xmlsecgcryptincdir)'"; \
+	  $(INSTALL_HEADER) $$files "$(DESTDIR)$(xmlsecgcryptincdir)" || exit $$?; \
+	done
+
+uninstall-xmlsecgcryptincHEADERS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(xmlsecgcryptinc_HEADERS)'; test -n "$(xmlsecgcryptincdir)" || list=; \
+	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
+	dir='$(DESTDIR)$(xmlsecgcryptincdir)'; $(am__uninstall_files_from_dir)
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	mkid -fID $$unique
+tags: TAGS
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	set x; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: CTAGS
+CTAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(HEADERS)
+installdirs:
+	for dir in "$(DESTDIR)$(xmlsecgcryptincdir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool mostlyclean-am
+
+distclean: distclean-am
+	-rm -f Makefile
+distclean-am: clean-am distclean-generic distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-xmlsecgcryptincHEADERS
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+	@$(NORMAL_INSTALL)
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-generic mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-xmlsecgcryptincHEADERS
+
+.MAKE: install-am install-exec-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+	clean-libtool ctags distclean distclean-generic \
+	distclean-libtool distclean-tags distdir dvi dvi-am html \
+	html-am info info-am install install-am install-data \
+	install-data-am install-dvi install-dvi-am install-exec \
+	install-exec-am install-exec-hook install-html install-html-am \
+	install-info install-info-am install-man install-pdf \
+	install-pdf-am install-ps install-ps-am install-strip \
+	install-xmlsecgcryptincHEADERS installcheck installcheck-am \
+	installdirs maintainer-clean maintainer-clean-generic \
+	mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
+	ps ps-am tags uninstall uninstall-am \
+	uninstall-xmlsecgcryptincHEADERS
+
+
+install-exec-hook:
+	$(mkinstalldirs) $(DESTDIR)$(xmlsecgcryptincdir)
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/include/xmlsec/gcrypt/app.h b/include/xmlsec/gcrypt/app.h
new file mode 100644
index 00000000..a0759d25
--- /dev/null
+++ b/include/xmlsec/gcrypt/app.h
@@ -0,0 +1,96 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GCRYPT_APP_H__
+#define __XMLSEC_GCRYPT_APP_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/transforms.h>
+
+/********************************************************************
+ *
+ * Init/shutdown
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppInit                     (const char* config);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppShutdown                 (void);
+
+/********************************************************************
+ *
+ * Keys Manager
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppDefaultKeysMngrInit      (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppDefaultKeysMngrAdoptKey  (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppDefaultKeysMngrLoad      (xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppDefaultKeysMngrSave      (xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
+#ifndef XMLSEC_NO_X509
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppKeysMngrCertLoad         (xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppKeysMngrCertLoadMemory   (xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+#endif /* XMLSEC_NO_X509 */
+
+
+/********************************************************************
+ *
+ * Keys
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGCryptAppKeyLoad                (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGCryptAppKeyLoadMemory          (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+#ifndef XMLSEC_NO_X509
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGCryptAppPkcs12Load             (const char *filename,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGCryptAppPkcs12LoadMemory       (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppKeyCertLoad              (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGCryptAppKeyCertLoadMemory        (xmlSecKeyPtr key,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
+#endif /* XMLSEC_NO_X509 */
+XMLSEC_CRYPTO_EXPORT void*      xmlSecGCryptAppGetDefaultPwdCallback    (void);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_GCRYPT_APP_H__ */
+
diff --git a/include/xmlsec/gcrypt/crypto.h b/include/xmlsec/gcrypt/crypto.h
new file mode 100644
index 00000000..e576d8fb
--- /dev/null
+++ b/include/xmlsec/gcrypt/crypto.h
@@ -0,0 +1,460 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GCRYPT_CRYPTO_H__
+#define __XMLSEC_GCRYPT_CRYPTO_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/dl.h>
+
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_gcrypt(void);
+
+/********************************************************************
+ *
+ * Init shutdown
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptInit                (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptShutdown            (void);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeysMngrInit        (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptGenerateRandom      (xmlSecBufferPtr buffer,
+                                                                         xmlSecSize size);
+
+
+/********************************************************************
+ *
+ * AES transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_AES
+/**
+ * xmlSecGCryptKeyDataAesId:
+ *
+ * The AES key data klass.
+ */
+#define xmlSecGCryptKeyDataAesId \
+        xmlSecGCryptKeyDataAesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGCryptKeyDataAesGetKlass  (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataAesSet       (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+/**
+ * xmlSecGCryptTransformAes128CbcId:
+ *
+ * The AES128 CBC cipher transform klass.
+ */
+#define xmlSecGCryptTransformAes128CbcId \
+        xmlSecGCryptTransformAes128CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformAes128CbcGetKlass(void);
+
+/**
+ * xmlSecGCryptTransformAes192CbcId:
+ *
+ * The AES192 CBC cipher transform klass.
+ */
+#define xmlSecGCryptTransformAes192CbcId \
+        xmlSecGCryptTransformAes192CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformAes192CbcGetKlass(void);
+
+/**
+ * xmlSecGCryptTransformAes256CbcId:
+ *
+ * The AES256 CBC cipher transform klass.
+ */
+#define xmlSecGCryptTransformAes256CbcId \
+        xmlSecGCryptTransformAes256CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformAes256CbcGetKlass(void);
+
+/**
+ * xmlSecGCryptTransformKWAes128Id:
+ *
+ * The AES 128 key wrap transform klass.
+ */
+#define xmlSecGCryptTransformKWAes128Id \
+        xmlSecGCryptTransformKWAes128GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformKWAes128GetKlass(void);
+
+/**
+ * xmlSecGCryptTransformKWAes192Id:
+ *
+ * The AES 192 key wrap transform klass.
+ */
+#define xmlSecGCryptTransformKWAes192Id \
+        xmlSecGCryptTransformKWAes192GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformKWAes192GetKlass(void);
+
+/**
+ * xmlSecGCryptTransformKWAes256Id:
+ *
+ * The AES 256 key wrap transform klass.
+ */
+#define xmlSecGCryptTransformKWAes256Id \
+        xmlSecGCryptTransformKWAes256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGCryptTransformKWAes256GetKlass(void);
+
+
+#endif /* XMLSEC_NO_AES */
+
+/********************************************************************
+ *
+ * DES transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_DES
+/**
+ * xmlSecGCryptKeyDataDesId:
+ *
+ * The DES key data klass.
+ */
+#define xmlSecGCryptKeyDataDesId \
+        xmlSecGCryptKeyDataDesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGCryptKeyDataDesGetKlass  (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataDesSet       (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+
+/**
+ * xmlSecGCryptTransformDes3CbcId:
+ *
+ * The DES3 CBC cipher transform klass.
+ */
+#define xmlSecGCryptTransformDes3CbcId \
+        xmlSecGCryptTransformDes3CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformDes3CbcGetKlass(void);
+
+/**
+ * xmlSecGCryptTransformKWDes3Id:
+ *
+ * The DES3 KW transform klass.
+ */
+#define xmlSecGCryptTransformKWDes3Id \
+        xmlSecGCryptTransformKWDes3GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformKWDes3GetKlass(void);
+
+#endif /* XMLSEC_NO_DES */
+
+/********************************************************************
+ *
+ * DSA transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_DSA
+#include <gcrypt.h>
+
+/**
+ * xmlSecGCryptKeyDataDsaId:
+ *
+ * The DSA key klass.
+ */
+#define xmlSecGCryptKeyDataDsaId \
+        xmlSecGCryptKeyDataDsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGCryptKeyDataDsaGetKlass          (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataDsaAdoptKey          (xmlSecKeyDataPtr data,
+                                                                                 gcry_sexp_t dsa_key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataDsaAdoptKeyPair      (xmlSecKeyDataPtr data,
+                                                                                 gcry_sexp_t pub_key,
+                                                                                 gcry_sexp_t priv_key);
+XMLSEC_CRYPTO_EXPORT gcry_sexp_t        xmlSecGCryptKeyDataDsaGetPublicKey      (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT gcry_sexp_t        xmlSecGCryptKeyDataDsaGetPrivateKey     (xmlSecKeyDataPtr data);
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGCryptTransformDsaSha1Id:
+ *
+ * The DSA SHA1 signature transform klass.
+ */
+#define xmlSecGCryptTransformDsaSha1Id \
+        xmlSecGCryptTransformDsaSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformDsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+
+
+/********************************************************************
+ *
+ * HMAC transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_HMAC
+
+XMLSEC_CRYPTO_EXPORT int               xmlSecGCryptHmacGetMinOutputLength(void);
+XMLSEC_CRYPTO_EXPORT void              xmlSecGCryptHmacSetMinOutputLength(int min_length);
+
+/**
+ * xmlSecGCryptKeyDataHmacId:
+ *
+ * The HMAC key klass.
+ */
+#define xmlSecGCryptKeyDataHmacId \
+        xmlSecGCryptKeyDataHmacGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGCryptKeyDataHmacGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataHmacSet      (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecGCryptTransformHmacMd5Id:
+ *
+ * The HMAC with MD5 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacMd5Id \
+        xmlSecGCryptTransformHmacMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacMd5GetKlass(void);
+
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGCryptTransformHmacRipemd160Id:
+ *
+ * The HMAC with RipeMD160 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacRipemd160Id \
+        xmlSecGCryptTransformHmacRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGCryptTransformHmacSha1Id:
+ *
+ * The HMAC with SHA1 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacSha1Id \
+        xmlSecGCryptTransformHmacSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGCryptTransformHmacSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacSha256Id \
+        xmlSecGCryptTransformHmacSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGCryptTransformHmacSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacSha384Id \
+        xmlSecGCryptTransformHmacSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGCryptTransformHmacSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecGCryptTransformHmacSha512Id \
+        xmlSecGCryptTransformHmacSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformHmacSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_HMAC */
+
+/********************************************************************
+ *
+ * RSA transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_RSA
+#include <gcrypt.h>
+
+/**
+ * xmlSecGCryptKeyDataRsaId:
+ *
+ * The RSA key klass.
+ */
+#define xmlSecGCryptKeyDataRsaId \
+        xmlSecGCryptKeyDataRsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGCryptKeyDataRsaGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataRsaAdoptKey          (xmlSecKeyDataPtr data,
+                                                                                 gcry_sexp_t rsa_key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGCryptKeyDataRsaAdoptKeyPair      (xmlSecKeyDataPtr data,
+                                                                                 gcry_sexp_t pub_key,
+                                                                                 gcry_sexp_t priv_key);
+XMLSEC_CRYPTO_EXPORT gcry_sexp_t        xmlSecGCryptKeyDataRsaGetPublicKey      (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT gcry_sexp_t        xmlSecGCryptKeyDataRsaGetPrivateKey     (xmlSecKeyDataPtr data);
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecGCryptTransformRsaMd5Id:
+ *
+ * The RSA-MD5 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaMd5Id  \
+        xmlSecGCryptTransformRsaMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGCryptTransformRsaRipemd160Id:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaRipemd160Id    \
+        xmlSecGCryptTransformRsaRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGCryptTransformRsaSha1Id:
+ *
+ * The RSA-SHA1 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaSha1Id \
+        xmlSecGCryptTransformRsaSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGCryptTransformRsaSha256Id:
+ *
+ * The RSA-SHA256 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaSha256Id       \
+        xmlSecGCryptTransformRsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGCryptTransformRsaSha384Id:
+ *
+ * The RSA-SHA384 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaSha384Id       \
+        xmlSecGCryptTransformRsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGCryptTransformRsaSha512Id:
+ *
+ * The RSA-SHA512 signature transform klass.
+ */
+#define xmlSecGCryptTransformRsaSha512Id       \
+        xmlSecGCryptTransformRsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+
+/********************************************************************
+ *
+ * SHA transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGCryptTransformSha1Id:
+ *
+ * The HMAC with SHA1 signature transform klass.
+ */
+#define xmlSecGCryptTransformSha1Id \
+        xmlSecGCryptTransformSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGCryptTransformSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecGCryptTransformSha256Id \
+        xmlSecGCryptTransformSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGCryptTransformSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecGCryptTransformSha384Id \
+        xmlSecGCryptTransformSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGCryptTransformSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecGCryptTransformSha512Id \
+        xmlSecGCryptTransformSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+/********************************************************************
+ *
+ * Md5 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecGCryptTransformMd5Id:
+ *
+ * The MD5 digest transform klass.
+ */
+#define xmlSecGCryptTransformMd5Id \
+        xmlSecGCryptTransformMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+
+/********************************************************************
+ *
+ * RipeMD160 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGCryptTransformRipemd160Id:
+ *
+ * The RIPEMD160 digest transform klass.
+ */
+#define xmlSecGCryptTransformRipemd160Id \
+        xmlSecGCryptTransformRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGCryptTransformRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_GCRYPT_CRYPTO_H__ */
+
+#define __XMLSEC_GCRYPT_CRYPTO_H__
diff --git a/include/xmlsec/gcrypt/symbols.h b/include/xmlsec/gcrypt/symbols.h
new file mode 100644
index 00000000..db6c6e98
--- /dev/null
+++ b/include/xmlsec/gcrypt/symbols.h
@@ -0,0 +1,104 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GCRYPT_SYMBOLS_H__
+#define __XMLSEC_GCRYPT_SYMBOLS_H__
+
+#if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
+#error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
+#endif /* !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING) */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#ifdef XMLSEC_CRYPTO_GCRYPT
+
+/********************************************************************
+ *
+ * Crypto Init/shutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecGCryptInit
+#define xmlSecCryptoShutdown                    xmlSecGCryptShutdown
+
+#define xmlSecCryptoKeysMngrInit                xmlSecGCryptKeysMngrInit
+
+/********************************************************************
+ *
+ * Key data ids
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecGCryptKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecGCryptKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecGCryptKeyDataDsaId
+#define xmlSecKeyDataHmacId                     xmlSecGCryptKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecGCryptKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecGCryptKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecGCryptKeyDataRawX509CertId
+
+/********************************************************************
+ *
+ * Key data store ids
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecGCryptX509StoreId
+
+/********************************************************************
+ *
+ * Crypto transforms ids
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecGCryptTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecGCryptTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecGCryptTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecGCryptTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecGCryptTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecGCryptTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecGCryptTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecGCryptTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecGCryptTransformDsaSha1Id
+#define xmlSecTransformHmacMd5Id                xmlSecGCryptTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecGCryptTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecGCryptTransformHmacSha1Id
+#define xmlSecTransformRipemd160Id              xmlSecGCryptTransformRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecGCryptTransformRsaSha1Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecGCryptTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecGCryptTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecGCryptTransformSha1Id
+
+/********************************************************************
+ *
+ * High level routines form xmlsec command line utility
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecGCryptAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecGCryptAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecGCryptAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecGCryptAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecGCryptAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecGCryptAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecGCryptAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecGCryptAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecGCryptAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecGCryptAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecGCryptAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecGCryptAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecGCryptAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecGCryptAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecGCryptAppGetDefaultPwdCallback
+
+#endif /* XMLSEC_CRYPTO_GCRYPT */
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_GCRYPT_CRYPTO_H__ */
+
+#define __XMLSEC_GCRYPT_CRYPTO_H__
diff --git a/include/xmlsec/gnutls/Makefile.am b/include/xmlsec/gnutls/Makefile.am
index 45b03d6a..78235c4c 100644
--- a/include/xmlsec/gnutls/Makefile.am
+++ b/include/xmlsec/gnutls/Makefile.am
@@ -6,6 +6,7 @@ xmlsecgnutlsinc_HEADERS = \
 app.h \
 crypto.h \
 symbols.h \
+x509.h \
 $(NULL)
 
 install-exec-hook:
diff --git a/include/xmlsec/gnutls/Makefile.in b/include/xmlsec/gnutls/Makefile.in
index e3cd79c9..ffdf19ab 100644
--- a/include/xmlsec/gnutls/Makefile.in
+++ b/include/xmlsec/gnutls/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec/gnutls
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(xmlsecgnutlsinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -68,6 +77,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecgnutlsincdir)"
 HEADERS = $(xmlsecgnutlsinc_HEADERS)
 ETAGS = etags
@@ -75,6 +90,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -89,6 +105,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -97,6 +114,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -127,6 +148,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -158,8 +180,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -167,7 +191,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -186,6 +209,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -195,6 +220,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -230,6 +256,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -262,7 +289,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -284,6 +310,7 @@ xmlsecgnutlsinc_HEADERS = \
 app.h \
 crypto.h \
 symbols.h \
+x509.h \
 $(NULL)
 
 all: all-am
@@ -342,9 +369,7 @@ uninstall-xmlsecgnutlsincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecgnutlsinc_HEADERS)'; test -n "$(xmlsecgnutlsincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecgnutlsincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecgnutlsincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecgnutlsincdir)'; $(am__uninstall_files_from_dir)
 
 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -445,10 +470,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/gnutls/app.h b/include/xmlsec/gnutls/app.h
index 50ee97d8..4a2f3e1b 100644
--- a/include/xmlsec/gnutls/app.h
+++ b/include/xmlsec/gnutls/app.h
@@ -1,86 +1,92 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GNUTLS_APP_H__
-#define __XMLSEC_GNUTLS_APP_H__    
+#define __XMLSEC_GNUTLS_APP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/transforms.h>
 
-/**
+/********************************************************************
+ *
  * Init/shutdown
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppInit			(const char* config);
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppShutdown			(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppInit                     (const char* config);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppShutdown                 (void);
 
-/** 
+/********************************************************************
+ *
  * Keys Manager
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppDefaultKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecGnuTLSAppDefaultKeysMngrAdoptKey	(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecGnuTLSAppDefaultKeysMngrLoad	(xmlSecKeysMngrPtr mngr,
-									 const char* uri);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecGnuTLSAppDefaultKeysMngrSave	(xmlSecKeysMngrPtr mngr,
-									 const char* filename,
-									 xmlSecKeyDataType type);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppDefaultKeysMngrInit      (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppDefaultKeysMngrAdoptKey  (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppDefaultKeysMngrLoad      (xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppDefaultKeysMngrSave      (xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppKeysMngrCertLoad		(xmlSecKeysMngrPtr mngr, 
-									 const char *filename, 
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppKeysMngrCertLoadMemory	(xmlSecKeysMngrPtr mngr,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format,
-									 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppKeysMngrCertLoad         (xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppKeysMngrCertLoadMemory   (xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
 #endif /* XMLSEC_NO_X509 */
 
 
-/** 
+/********************************************************************
+ *
  * Keys
- */
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppKeyLoad		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppKeyLoadMemory		(const xmlSecByte* data,
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppKeyLoad                (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppKeyLoadMemory          (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppPkcs12Load		(const char *filename, 
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppPkcs12LoadMemory	(const xmlSecByte* data,
-									 xmlSecSize dataSize,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppKeyCertLoad		(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int	xmlSecGnuTLSAppKeyCertLoadMemory	(xmlSecKeyPtr key,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppPkcs12Load             (const char *filename,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecGnuTLSAppPkcs12LoadMemory       (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppKeyCertLoad              (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int        xmlSecGnuTLSAppKeyCertLoadMemory        (xmlSecKeyPtr key,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
-XMLSEC_CRYPTO_EXPORT void*	xmlSecGnuTLSAppGetDefaultPwdCallback	(void);
+XMLSEC_CRYPTO_EXPORT void*      xmlSecGnuTLSAppGetDefaultPwdCallback    (void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/gnutls/crypto.h b/include/xmlsec/gnutls/crypto.h
index 7570831c..09ac5b41 100644
--- a/include/xmlsec/gnutls/crypto.h
+++ b/include/xmlsec/gnutls/crypto.h
@@ -1,34 +1,36 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GNUTLS_CRYPTO_H__
-#define __XMLSEC_GNUTLS_CRYPTO_H__    
+#define __XMLSEC_GNUTLS_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
 #include <xmlsec/dl.h>
 
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoGetFunctions_gnutls(void);
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_gnutls(void);
 
-/**
+/********************************************************************
+ *
  * Init shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSInit		(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSShutdown		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSInit                (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSShutdown            (void);
 
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSGenerateRandom	(xmlSecBufferPtr buffer,
-									 xmlSecSize size);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeysMngrInit        (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSGenerateRandom      (xmlSecBufferPtr buffer,
+                                                                         xmlSecSize size);
 
 
 /********************************************************************
@@ -39,41 +41,69 @@ XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSGenerateRandom	(xmlSecBufferPtr buffer,
 #ifndef XMLSEC_NO_AES
 /**
  * xmlSecGnuTLSKeyDataAesId:
- * 
+ *
  * The AES key data klass.
  */
 #define xmlSecGnuTLSKeyDataAesId \
-	xmlSecGnuTLSKeyDataAesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecGnuTLSKeyDataAesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSKeyDataAesSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecGnuTLSKeyDataAesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataAesGetKlass  (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataAesSet       (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 /**
  * xmlSecGnuTLSTransformAes128CbcId:
- * 
+ *
  * The AES128 CBC cipher transform klass.
  */
 #define xmlSecGnuTLSTransformAes128CbcId \
-	xmlSecGnuTLSTransformAes128CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecGnuTLSTransformAes128CbcGetKlass(void);
+        xmlSecGnuTLSTransformAes128CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformAes128CbcGetKlass(void);
 
 /**
  * xmlSecGnuTLSTransformAes192CbcId:
- * 
+ *
  * The AES192 CBC cipher transform klass.
  */
 #define xmlSecGnuTLSTransformAes192CbcId \
-	xmlSecGnuTLSTransformAes192CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecGnuTLSTransformAes192CbcGetKlass(void);
+        xmlSecGnuTLSTransformAes192CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformAes192CbcGetKlass(void);
 
 /**
  * xmlSecGnuTLSTransformAes256CbcId:
- * 
+ *
  * The AES256 CBC cipher transform klass.
  */
 #define xmlSecGnuTLSTransformAes256CbcId \
-	xmlSecGnuTLSTransformAes256CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecGnuTLSTransformAes256CbcGetKlass(void);
+        xmlSecGnuTLSTransformAes256CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformAes256CbcGetKlass(void);
+
+/**
+ * xmlSecGnuTLSTransformKWAes128Id:
+ *
+ * The AES 128 key wrap transform klass.
+ */
+#define xmlSecGnuTLSTransformKWAes128Id \
+        xmlSecGnuTLSTransformKWAes128GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformKWAes128GetKlass(void);
+
+/**
+ * xmlSecGnuTLSTransformKWAes192Id:
+ *
+ * The AES 192 key wrap transform klass.
+ */
+#define xmlSecGnuTLSTransformKWAes192Id \
+        xmlSecGnuTLSTransformKWAes192GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformKWAes192GetKlass(void);
+
+/**
+ * xmlSecGnuTLSTransformKWAes256Id:
+ *
+ * The AES 256 key wrap transform klass.
+ */
+#define xmlSecGnuTLSTransformKWAes256Id \
+        xmlSecGnuTLSTransformKWAes256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecGnuTLSTransformKWAes256GetKlass(void);
+
 
 #endif /* XMLSEC_NO_AES */
 
@@ -85,27 +115,76 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecGnuTLSTransformAes256CbcGetKlass(vo
 #ifndef XMLSEC_NO_DES
 /**
  * xmlSecGnuTLSKeyDataDesId:
- * 
+ *
  * The DES key data klass.
  */
 #define xmlSecGnuTLSKeyDataDesId \
-	xmlSecGnuTLSKeyDataDesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecGnuTLSKeyDataDesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSKeyDataDesSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecGnuTLSKeyDataDesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataDesGetKlass  (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataDesSet       (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 
 /**
  * xmlSecGnuTLSTransformDes3CbcId:
- * 
+ *
  * The DES3 CBC cipher transform klass.
  */
 #define xmlSecGnuTLSTransformDes3CbcId \
-	xmlSecGnuTLSTransformDes3CbcGetKlass()
+        xmlSecGnuTLSTransformDes3CbcGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformDes3CbcGetKlass(void);
 
+/**
+ * xmlSecGnuTLSTransformKWDes3Id:
+ *
+ * The DES3 KW transform klass.
+ */
+#define xmlSecGnuTLSTransformKWDes3Id \
+        xmlSecGnuTLSTransformKWDes3GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformKWDes3GetKlass(void);
+
 #endif /* XMLSEC_NO_DES */
 
+/********************************************************************
+ *
+ * DSA transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_DSA
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/**
+ * xmlSecGnuTLSKeyDataDsaId:
+ *
+ * The DSA key klass.
+ */
+#define xmlSecGnuTLSKeyDataDsaId \
+        xmlSecGnuTLSKeyDataDsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataDsaGetKlass          (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataDsaAdoptPrivateKey   (xmlSecKeyDataPtr data,
+                                                                                 gnutls_x509_privkey_t dsa_key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataDsaAdoptPublicKey    (xmlSecKeyDataPtr data,
+                                                                                 gnutls_datum_t * p,
+                                                                                 gnutls_datum_t * q,
+                                                                                 gnutls_datum_t * g,
+                                                                                 gnutls_datum_t * y);
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformDsaSha1Id:
+ *
+ * The DSA SHA1 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformDsaSha1Id \
+        xmlSecGnuTLSTransformDsaSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformDsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+
 
 /********************************************************************
  *
@@ -117,67 +196,267 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformDes3CbcGetKlass(void
 XMLSEC_CRYPTO_EXPORT int               xmlSecGnuTLSHmacGetMinOutputLength(void);
 XMLSEC_CRYPTO_EXPORT void              xmlSecGnuTLSHmacSetMinOutputLength(int min_length);
 
-/** 
+/**
  * xmlSecGnuTLSKeyDataHmacId:
- * 
+ *
  * The HMAC key klass.
  */
 #define xmlSecGnuTLSKeyDataHmacId \
-	xmlSecGnuTLSKeyDataHmacGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId	xmlSecGnuTLSKeyDataHmacGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecGnuTLSKeyDataHmacSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecGnuTLSKeyDataHmacGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataHmacGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataHmacSet      (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+
+#ifndef XMLSEC_NO_MD5
 /**
  * xmlSecGnuTLSTransformHmacMd5Id:
- * 
+ *
  * The HMAC with MD5 signature transform klass.
  */
 #define xmlSecGnuTLSTransformHmacMd5Id \
-	xmlSecGnuTLSTransformHmacMd5GetKlass()
+        xmlSecGnuTLSTransformHmacMd5GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacMd5GetKlass(void);
-#endif /* XMLSEC_NO_HMAC */
 
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
 /**
  * xmlSecGnuTLSTransformHmacRipemd160Id:
- * 
+ *
  * The HMAC with RipeMD160 signature transform klass.
  */
 #define xmlSecGnuTLSTransformHmacRipemd160Id \
-	xmlSecGnuTLSTransformHmacRipemd160GetKlass()
+        xmlSecGnuTLSTransformHmacRipemd160GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
 
+#ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecGnuTLSTransformHmacSha1Id:
- * 
+ *
  * The HMAC with SHA1 signature transform klass.
  */
 #define xmlSecGnuTLSTransformHmacSha1Id \
-	xmlSecGnuTLSTransformHmacSha1GetKlass()
+        xmlSecGnuTLSTransformHmacSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGnuTLSTransformHmacSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformHmacSha256Id \
+        xmlSecGnuTLSTransformHmacSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
 
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGnuTLSTransformHmacSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformHmacSha384Id \
+        xmlSecGnuTLSTransformHmacSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformHmacSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformHmacSha512Id \
+        xmlSecGnuTLSTransformHmacSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformHmacSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_HMAC */
 
 /********************************************************************
  *
- * SHA1 transform
+ * RSA transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_RSA
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+/**
+ * xmlSecGnuTLSKeyDataRsaId:
+ *
+ * The RSA key klass.
+ */
+#define xmlSecGnuTLSKeyDataRsaId \
+        xmlSecGnuTLSKeyDataRsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataRsaGetKlass          (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataRsaAdoptPrivateKey   (xmlSecKeyDataPtr data,
+                                                                                 gnutls_x509_privkey_t rsa_key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataRsaAdoptPublicKey    (xmlSecKeyDataPtr data,
+                                                                                 gnutls_datum_t * m,
+                                                                                 gnutls_datum_t * e);
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecGnuTLSTransformRsaMd5Id:
+ *
+ * The RSA-MD5 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaMd5Id  \
+        xmlSecGnuTLSTransformRsaMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGnuTLSTransformRsaRipemd160Id:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaRipemd160Id    \
+        xmlSecGnuTLSTransformRsaRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformRsaSha1Id:
+ *
+ * The RSA-SHA1 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaSha1Id \
+        xmlSecGnuTLSTransformRsaSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGnuTLSTransformRsaSha256Id:
+ *
+ * The RSA-SHA256 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaSha256Id       \
+        xmlSecGnuTLSTransformRsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGnuTLSTransformRsaSha384Id:
+ *
+ * The RSA-SHA384 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaSha384Id       \
+        xmlSecGnuTLSTransformRsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformRsaSha512Id:
+ *
+ * The RSA-SHA512 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformRsaSha512Id       \
+        xmlSecGnuTLSTransformRsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+
+/********************************************************************
+ *
+ * SHA transforms
  *
  *******************************************************************/
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecGnuTLSTransformSha1Id:
- * 
- * The SHA1 digest transform klass.
+ *
+ * The HMAC with SHA1 signature transform klass.
  */
 #define xmlSecGnuTLSTransformSha1Id \
-	xmlSecGnuTLSTransformSha1GetKlass()
+        xmlSecGnuTLSTransformSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGnuTLSTransformSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformSha256Id \
+        xmlSecGnuTLSTransformSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGnuTLSTransformSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformSha384Id \
+        xmlSecGnuTLSTransformSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecGnuTLSTransformSha512Id \
+        xmlSecGnuTLSTransformSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+/********************************************************************
+ *
+ * Md5 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecGnuTLSTransformMd5Id:
+ *
+ * The MD5 digest transform klass.
+ */
+#define xmlSecGnuTLSTransformMd5Id \
+        xmlSecGnuTLSTransformMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+
+/********************************************************************
+ *
+ * RipeMD160 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGnuTLSTransformRipemd160Id:
+ *
+ * The RIPEMD160 digest transform klass.
+ */
+#define xmlSecGnuTLSTransformRipemd160Id \
+        xmlSecGnuTLSTransformRipemd160GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecGnuTLSTransformRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
 
 #endif /* __XMLSEC_GNUTLS_CRYPTO_H__ */
 
-#define __XMLSEC_GNUTLS_CRYPTO_H__    
+#define __XMLSEC_GNUTLS_CRYPTO_H__
diff --git a/include/xmlsec/gnutls/symbols.h b/include/xmlsec/gnutls/symbols.h
index 0fcd861a..818035d6 100644
--- a/include/xmlsec/gnutls/symbols.h
+++ b/include/xmlsec/gnutls/symbols.h
@@ -1,13 +1,13 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GNUTLS_SYMBOLS_H__
-#define __XMLSEC_GNUTLS_SYMBOLS_H__    
+#define __XMLSEC_GNUTLS_SYMBOLS_H__
 
 #if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 #error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
@@ -15,76 +15,83 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/**
- * Defines for writing simple code
- */
 #ifdef XMLSEC_CRYPTO_GNUTLS
 
-/**  
+/********************************************************************
+ *
  * Crypto Init/shutdown
- */
-#define xmlSecCryptoInit			xmlSecGnuTLSInit
-#define xmlSecCryptoShutdown			xmlSecGnuTLSShutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecGnuTLSInit
+#define xmlSecCryptoShutdown                    xmlSecGnuTLSShutdown
 
-#define xmlSecCryptoKeysMngrInit		xmlSecGnuTLSKeysMngrInit
+#define xmlSecCryptoKeysMngrInit                xmlSecGnuTLSKeysMngrInit
 
-/**
+/********************************************************************
+ *
  * Key data ids
- */
-#define xmlSecKeyDataAesId			xmlSecGnuTLSKeyDataAesId
-#define xmlSecKeyDataDesId			xmlSecGnuTLSKeyDataDesId
-#define xmlSecKeyDataDsaId			xmlSecGnuTLSKeyDataDsaId
-#define xmlSecKeyDataHmacId			xmlSecGnuTLSKeyDataHmacId
-#define xmlSecKeyDataRsaId			xmlSecGnuTLSKeyDataRsaId
-#define xmlSecKeyDataX509Id			xmlSecGnuTLSKeyDataX509Id
-#define xmlSecKeyDataRawX509CertId		xmlSecGnuTLSKeyDataRawX509CertId
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecGnuTLSKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecGnuTLSKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecGnuTLSKeyDataDsaId
+#define xmlSecKeyDataHmacId                     xmlSecGnuTLSKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecGnuTLSKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecGnuTLSKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecGnuTLSKeyDataRawX509CertId
 
-/**
+/********************************************************************
+ *
  * Key data store ids
- */
-#define xmlSecX509StoreId			xmlSecGnuTLSX509StoreId
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecGnuTLSX509StoreId
 
-/**
+/********************************************************************
+ *
  * Crypto transforms ids
- */
-#define xmlSecTransformAes128CbcId		xmlSecGnuTLSTransformAes128CbcId
-#define xmlSecTransformAes192CbcId		xmlSecGnuTLSTransformAes192CbcId
-#define xmlSecTransformAes256CbcId		xmlSecGnuTLSTransformAes256CbcId
-#define xmlSecTransformKWAes128Id		xmlSecGnuTLSTransformKWAes128Id
-#define xmlSecTransformKWAes192Id		xmlSecGnuTLSTransformKWAes192Id
-#define xmlSecTransformKWAes256Id		xmlSecGnuTLSTransformKWAes256Id
-#define xmlSecTransformDes3CbcId		xmlSecGnuTLSTransformDes3CbcId
-#define xmlSecTransformKWDes3Id			xmlSecGnuTLSTransformKWDes3Id
-#define xmlSecTransformDsaSha1Id		xmlSecGnuTLSTransformDsaSha1Id
-#define xmlSecTransformHmacMd5Id		xmlSecGnuTLSTransformHmacMd5Id
-#define xmlSecTransformHmacRipemd160Id		xmlSecGnuTLSTransformHmacRipemd160Id
-#define xmlSecTransformHmacSha1Id		xmlSecGnuTLSTransformHmacSha1Id
-#define xmlSecTransformRipemd160Id		xmlSecGnuTLSTransformRipemd160Id
-#define xmlSecTransformRsaSha1Id		xmlSecGnuTLSTransformRsaSha1Id
-#define xmlSecTransformRsaPkcs1Id		xmlSecGnuTLSTransformRsaPkcs1Id
-#define xmlSecTransformRsaOaepId		xmlSecGnuTLSTransformRsaOaepId
-#define xmlSecTransformSha1Id			xmlSecGnuTLSTransformSha1Id
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecGnuTLSTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecGnuTLSTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecGnuTLSTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecGnuTLSTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecGnuTLSTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecGnuTLSTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecGnuTLSTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecGnuTLSTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecGnuTLSTransformDsaSha1Id
+#define xmlSecTransformHmacMd5Id                xmlSecGnuTLSTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecGnuTLSTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecGnuTLSTransformHmacSha1Id
+#define xmlSecTransformRipemd160Id              xmlSecGnuTLSTransformRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecGnuTLSTransformRsaSha1Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecGnuTLSTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecGnuTLSTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecGnuTLSTransformSha1Id
 
-/**
+/********************************************************************
+ *
  * High level routines form xmlsec command line utility
- */ 
-#define xmlSecCryptoAppInit			xmlSecGnuTLSAppInit
-#define xmlSecCryptoAppShutdown			xmlSecGnuTLSAppShutdown
-#define xmlSecCryptoAppDefaultKeysMngrInit	xmlSecGnuTLSAppDefaultKeysMngrInit
-#define xmlSecCryptoAppDefaultKeysMngrAdoptKey	xmlSecGnuTLSAppDefaultKeysMngrAdoptKey
-#define xmlSecCryptoAppDefaultKeysMngrLoad	xmlSecGnuTLSAppDefaultKeysMngrLoad
-#define xmlSecCryptoAppDefaultKeysMngrSave	xmlSecGnuTLSAppDefaultKeysMngrSave
-#define xmlSecCryptoAppKeysMngrCertLoad		xmlSecGnuTLSAppKeysMngrCertLoad
-#define xmlSecCryptoAppKeysMngrCertLoadMemory	xmlSecGnuTLSAppKeysMngrCertLoadMemory
-#define xmlSecCryptoAppKeyLoad			xmlSecGnuTLSAppKeyLoad
-#define xmlSecCryptoAppPkcs12Load		xmlSecGnuTLSAppPkcs12Load
-#define xmlSecCryptoAppKeyCertLoad		xmlSecGnuTLSAppKeyCertLoad
-#define xmlSecCryptoAppKeyLoadMemory		xmlSecGnuTLSAppKeyLoadMemory
-#define xmlSecCryptoAppPkcs12LoadMemory		xmlSecGnuTLSAppPkcs12LoadMemory
-#define xmlSecCryptoAppKeyCertLoadMemory	xmlSecGnuTLSAppKeyCertLoadMemory
-#define xmlSecCryptoAppGetDefaultPwdCallback	xmlSecGnuTLSAppGetDefaultPwdCallback
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecGnuTLSAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecGnuTLSAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecGnuTLSAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecGnuTLSAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecGnuTLSAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecGnuTLSAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecGnuTLSAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecGnuTLSAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecGnuTLSAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecGnuTLSAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecGnuTLSAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecGnuTLSAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecGnuTLSAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecGnuTLSAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecGnuTLSAppGetDefaultPwdCallback
 
 #endif /* XMLSEC_CRYPTO_GNUTLS */
 
@@ -94,4 +101,4 @@ extern "C" {
 
 #endif /* __XMLSEC_GNUTLS_CRYPTO_H__ */
 
-#define __XMLSEC_GNUTLS_CRYPTO_H__    
+#define __XMLSEC_GNUTLS_CRYPTO_H__
diff --git a/include/xmlsec/gnutls/x509.h b/include/xmlsec/gnutls/x509.h
new file mode 100644
index 00000000..c5c811ad
--- /dev/null
+++ b/include/xmlsec/gnutls/x509.h
@@ -0,0 +1,110 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GNUTLS_X509_H__
+#define __XMLSEC_GNUTLS_X509_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#ifndef XMLSEC_NO_X509
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+
+
+/**************************************************************************
+ *
+ * X509 Key Data
+ *
+ *****************************************************************************/
+/**
+ * xmlSecGnuTLSKeyDataX509Id:
+ *
+ * The GnuTLS X509 data klass.
+ */
+#define xmlSecGnuTLSKeyDataX509Id \
+        xmlSecGnuTLSKeyDataX509GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataX509GetKlass         (void);
+
+
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t  xmlSecGnuTLSKeyDataX509GetKeyCert       (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataX509AdoptKeyCert     (xmlSecKeyDataPtr data,
+                                                                                 gnutls_x509_crt_t cert);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataX509AdoptCert        (xmlSecKeyDataPtr data,
+                                                                                 gnutls_x509_crt_t cert);
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t  xmlSecGnuTLSKeyDataX509GetCert          (xmlSecKeyDataPtr data,
+                                                                                 xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecGnuTLSKeyDataX509GetCertsSize     (xmlSecKeyDataPtr data);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSKeyDataX509AdoptCrl         (xmlSecKeyDataPtr data,
+                                                                                 gnutls_x509_crl_t crl);
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crl_t  xmlSecGnuTLSKeyDataX509GetCrl           (xmlSecKeyDataPtr data,
+                                                                                 xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecGnuTLSKeyDataX509GetCrlsSize      (xmlSecKeyDataPtr data);
+
+
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecGnuTLSX509CertGetKey              (gnutls_x509_crt_t cert);
+
+/**************************************************************************
+ *
+ * X509 raw cert
+ *
+ *****************************************************************************/
+/**
+ * xmlSecGnuTLSKeyDataRawX509CertId:
+ *
+ * The GnuTLS raw X509 certificate klass.
+ */
+#define xmlSecGnuTLSKeyDataRawX509CertId \
+        xmlSecGnuTLSKeyDataRawX509CertGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecGnuTLSKeyDataRawX509CertGetKlass  (void);
+
+/**************************************************************************
+ *
+ * X509 certs store
+ *
+ *****************************************************************************/
+/**
+ * xmlSecGnuTLSX509StoreId:
+ *
+ * The GnuTLS X509 store klass.
+ */
+#define xmlSecGnuTLSX509StoreId \
+        xmlSecGnuTLSX509StoreGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataStoreId xmlSecGnuTLSX509StoreGetKlass (void);
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t  xmlSecGnuTLSX509StoreFindCert   (const xmlSecKeyDataStorePtr store,
+                                                                         const xmlChar *subjectName,
+                                                                         const xmlChar *issuerName,
+                                                                         const xmlChar *issuerSerial,
+                                                                         const xmlChar *ski,
+                                                                         const xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT gnutls_x509_crt_t  xmlSecGnuTLSX509StoreVerify     (xmlSecKeyDataStorePtr store,
+                                                                         xmlSecPtrListPtr certs,
+                                                                         xmlSecPtrListPtr crls,
+                                                                         const xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT int                xmlSecGnuTLSX509StoreAdoptCert  (xmlSecKeyDataStorePtr store,
+                                                                         gnutls_x509_crt_t cert,
+                                                                         xmlSecKeyDataType type);
+
+
+
+
+#endif /* XMLSEC_NO_X509 */
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_GNUTLS_X509_H__ */
diff --git a/include/xmlsec/io.h b/include/xmlsec/io.h
index 9267573a..d5a41c11 100644
--- a/include/xmlsec/io.h
+++ b/include/xmlsec/io.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Input uri transform and utility functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_IO_H__
-#define __XMLSEC_IO_H__    
+#define __XMLSEC_IO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <libxml/xmlIO.h>
@@ -21,30 +21,30 @@ extern "C" {
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/transforms.h>
 
-XMLSEC_EXPORT int	xmlSecIOInit				(void);
-XMLSEC_EXPORT void	xmlSecIOShutdown			(void);
-XMLSEC_EXPORT void	xmlSecIOCleanupCallbacks		(void);
-XMLSEC_EXPORT int	xmlSecIORegisterDefaultCallbacks 	(void);
-XMLSEC_EXPORT int     	xmlSecIORegisterCallbacks		(xmlInputMatchCallback matchFunc,
-								 xmlInputOpenCallback openFunc,
-								 xmlInputReadCallback readFunc,
-								 xmlInputCloseCallback closeFunc);
+XMLSEC_EXPORT int       xmlSecIOInit                            (void);
+XMLSEC_EXPORT void      xmlSecIOShutdown                        (void);
+XMLSEC_EXPORT void      xmlSecIOCleanupCallbacks                (void);
+XMLSEC_EXPORT int       xmlSecIORegisterDefaultCallbacks        (void);
+XMLSEC_EXPORT int       xmlSecIORegisterCallbacks               (xmlInputMatchCallback matchFunc,
+                                                                 xmlInputOpenCallback openFunc,
+                                                                 xmlInputReadCallback readFunc,
+                                                                 xmlInputCloseCallback closeFunc);
 
 /********************************************************************
  *
- * Input URI transform 
+ * Input URI transform
  *
  *******************************************************************/
 /**
  * xmlSecTransformInputURIId:
- * 
+ *
  * The Input URI transform id.
  */
 #define xmlSecTransformInputURIId \
-	xmlSecTransformInputURIGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformInputURIGetKlass	(void);
-XMLSEC_EXPORT int 	xmlSecTransformInputURIOpen		(xmlSecTransformPtr transform,
-								 const xmlChar* uri);
+        xmlSecTransformInputURIGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInputURIGetKlass (void);
+XMLSEC_EXPORT int       xmlSecTransformInputURIOpen             (xmlSecTransformPtr transform,
+                                                                 const xmlChar* uri);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/keyinfo.h b/include/xmlsec/keyinfo.h
index dbea0e56..5d7cf0e0 100644
--- a/include/xmlsec/keyinfo.h
+++ b/include/xmlsec/keyinfo.h
@@ -1,20 +1,20 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
- * <dsig:KeyInfo> element processing 
+ * <dsig:KeyInfo> element processing
  * (http://www.w3.org/TR/xmlSec-core/#sec-KeyInfo:
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_KEYINFO_H__
-#define __XMLSEC_KEYINFO_H__    
+#define __XMLSEC_KEYINFO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <time.h>
 
@@ -26,17 +26,19 @@ extern "C" {
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
 
+/****************************************************************************
+ *
+ * High-level functions
+ *
+ ****************************************************************************/
+XMLSEC_EXPORT int               xmlSecKeyInfoNodeRead           (xmlNodePtr keyInfoNode,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyInfoNodeWrite          (xmlNodePtr keyInfoNode,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+
 /**
- * Hi level functions
- */
-XMLSEC_EXPORT int	 	xmlSecKeyInfoNodeRead		(xmlNodePtr keyInfoNode,
-								 xmlSecKeyPtr key,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int 		xmlSecKeyInfoNodeWrite		(xmlNodePtr keyInfoNode,
-								 xmlSecKeyPtr key,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-
-/** 
  * xmlSecKeyInfoMode:
  * @xmlSecKeyInfoModeRead: read <dsig:KeyInfo /> element.
  * @xmlSecKeyInfoModeWrite: write <dsig:KeyInfo /> element.
@@ -51,85 +53,85 @@ typedef enum {
 /**
  * XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND:
  *
- * If flag is set then we will continue reading <dsig:KeyInfo /> 
+ * If flag is set then we will continue reading <dsig:KeyInfo />
  * element even when key is already found.
  */
-#define XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND		0x00000001
+#define XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND             0x00000001
 
 /**
  * XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD:
  *
- * If flag is set then we abort if an unknown <dsig:KeyInfo /> 
+ * If flag is set then we abort if an unknown <dsig:KeyInfo />
  * child is found.
  */
-#define XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD		0x00000002
+#define XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD              0x00000002
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN:
  *
- * If flags is set then we abort if an unknown key name 
+ * If flags is set then we abort if an unknown key name
  * (content of <dsig:KeyName /> element) is found.
  */
-#define XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN		0x00000004
+#define XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN            0x00000004
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD:
  *
- * If flags is set then we abort if an unknown <dsig:KeyValue /> 
+ * If flags is set then we abort if an unknown <dsig:KeyValue />
  * child is found.
  */
-#define XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD	0x00000008
+#define XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD     0x00000008
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF:
  *
  * If flag is set then we abort if an unknown href attribute
  * of <dsig:RetrievalMethod /> element is found.
  */
-#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF	0x00000010
+#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF    0x00000010
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF:
  *
- * If flag is set then we abort if an href attribute <dsig:RetrievalMethod /> 
+ * If flag is set then we abort if an href attribute <dsig:RetrievalMethod />
  * element does not match the real key data type.
  */
-#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF	0x00000020
+#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF   0x00000020
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD:
  *
- * If flags is set then we abort if an unknown <dsig:X509Data /> 
+ * If flags is set then we abort if an unknown <dsig:X509Data />
  * child is found.
  */
-#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD	0x00000100
+#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD     0x00000100
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS:
- * 
+ *
  * If flag is set then we'll load certificates from <dsig:X509Data />
  * element without verification.
  */
-#define XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS		0x00000200
+#define XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS         0x00000200
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT:
- * 
+ *
  * If flag is set then we'll stop when we could not resolve reference
- * to certificate from <dsig:X509IssuerSerial />, <dsig:X509SKI /> or 
+ * to certificate from <dsig:X509IssuerSerial />, <dsig:X509SKI /> or
  * <dsig:X509SubjectName /> elements.
  */
-#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT	0x00000400
+#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT      0x00000400
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT:
  *
  * If the flag is set then we'll stop when <dsig:X509Data /> element
  * processing does not return a verified certificate.
  */
-#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT	0x00000800
+#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT      0x00000800
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION:
  *
  * If the flag is set then we'll stop when <enc:EncryptedKey /> element
@@ -137,133 +139,133 @@ typedef enum {
  */
 #define XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION 0x00001000
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE:
  *
  * If the flag is set then we'll stop when we found an empty node.
  * Otherwise we just ignore it.
  */
-#define XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE			0x00002000
+#define XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE                 0x00002000
 
-/** 
+/**
  * XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS:
  *
  * If the flag is set then we'll skip strict checking of certs and CRLs
  */
-#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS	0x00004000
+#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS        0x00004000
 
-/**		
+/**
  * xmlSecKeyInfoCtx:
- * @userData:		the pointer to user data (xmlsec and xmlsec-crypto 
- *			never touch this).
- * @flags: 		the bit mask for flags that control processin.
- * @flags2: 		reserved for future.
- * @mode: 		do we read or write <dsig:KeyInfo /> element.
- * @keysMngr:		the pointer to current keys manager.
- * @enabledKeyData: 	the list of enabled @xmlSecKeyDataId (if list is 
- *			empty then all data ids are enabled).
- * @base64LineSize:	the max columns size for base64 encoding.
+ * @userData:           the pointer to user data (xmlsec and xmlsec-crypto
+ *                      never touch this).
+ * @flags:              the bit mask for flags that control processin.
+ * @flags2:             reserved for future.
+ * @mode:               do we read or write <dsig:KeyInfo /> element.
+ * @keysMngr:           the pointer to current keys manager.
+ * @enabledKeyData:     the list of enabled @xmlSecKeyDataId (if list is
+ *                      empty then all data ids are enabled).
+ * @base64LineSize:     the max columns size for base64 encoding.
  * @retrievalMethodCtx: the transforms context for <dsig:RetrievalMethod />
- * 			element processing.
+ *                      element processing.
  * @maxRetrievalMethodLevel: the max recursion level when processing
- *			<dsig:RetrievalMethod /> element; default level is 1 
- *			(see also @curRetrievalMethodLevel).
- * @encCtx:		the encryption context for <dsig:EncryptedKey /> element
- *			processing.
- * @maxEncryptedKeyLevel: the max recursion level when processing 
- *			<enc:EncryptedKey /> element; default level is 1 
- *			(see @curEncryptedKeyLevel).
+ *                      <dsig:RetrievalMethod /> element; default level is 1
+ *                      (see also @curRetrievalMethodLevel).
+ * @encCtx:             the encryption context for <dsig:EncryptedKey /> element
+ *                      processing.
+ * @maxEncryptedKeyLevel: the max recursion level when processing
+ *                      <enc:EncryptedKey /> element; default level is 1
+ *                      (see @curEncryptedKeyLevel).
  * @certsVerificationTime: the time to use for X509 certificates verification
- *			("not valid before" and "not valid after" checks);
- *			if @certsVerificationTime is equal to 0 (default) 
- *			then we verify certificates against the system's 
- *			clock "now".
+ *                      ("not valid before" and "not valid after" checks);
+ *                      if @certsVerificationTime is equal to 0 (default)
+ *                      then we verify certificates against the system's
+ *                      clock "now".
  * @certsVerificationDepth: the max certifications chain length (default is 9).
- * @pgpReserved:	reserved for PGP.
- * @curRetrievalMethodLevel: the current <dsig:RetrievalMethod /> element 
- *			processing level (see @maxRetrievalMethodLevel).
+ * @pgpReserved:        reserved for PGP.
+ * @curRetrievalMethodLevel: the current <dsig:RetrievalMethod /> element
+ *                      processing level (see @maxRetrievalMethodLevel).
  * @curEncryptedKeyLevel: the current <enc:EncryptedKey /> element
- *			processing level (see @maxEncryptedKeyLevel).
- * @keyReq:		the current key requirements.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ *                      processing level (see @maxEncryptedKeyLevel).
+ * @keyReq:             the current key requirements.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The <dsig:KeyInfo /> reading or writing context.
  */
 struct _xmlSecKeyInfoCtx {
-    void*				userData;
-    unsigned int			flags;
-    unsigned int			flags2;
-    xmlSecKeysMngrPtr			keysMngr;
-    xmlSecKeyInfoMode			mode;
-    xmlSecPtrList			enabledKeyData;
-    int					base64LineSize;
-        
+    void*                               userData;
+    unsigned int                        flags;
+    unsigned int                        flags2;
+    xmlSecKeysMngrPtr                   keysMngr;
+    xmlSecKeyInfoMode                   mode;
+    xmlSecPtrList                       enabledKeyData;
+    int                                 base64LineSize;
+
     /* RetrievalMethod */
-    xmlSecTransformCtx			retrievalMethodCtx;
-    int 				maxRetrievalMethodLevel;
+    xmlSecTransformCtx                  retrievalMethodCtx;
+    int                                 maxRetrievalMethodLevel;
 
 #ifndef XMLSEC_NO_XMLENC
     /* EncryptedKey */
-    xmlSecEncCtxPtr			encCtx;
-    int					maxEncryptedKeyLevel; 
+    xmlSecEncCtxPtr                     encCtx;
+    int                                 maxEncryptedKeyLevel;
 #endif /* XMLSEC_NO_XMLENC */
-	    
+
 #ifndef XMLSEC_NO_X509
     /* x509 certificates */
-    time_t				certsVerificationTime;
-    int					certsVerificationDepth;
+    time_t                              certsVerificationTime;
+    int                                 certsVerificationDepth;
 #endif /* XMLSEC_NO_X509 */
 
     /* PGP */
-    void*				pgpReserved;	/* TODO */
-        
+    void*                               pgpReserved;    /* TODO */
+
     /* internal data */
-    int 				curRetrievalMethodLevel;
-    int					curEncryptedKeyLevel;                
-    xmlSecKeyReq			keyReq;
+    int                                 curRetrievalMethodLevel;
+    int                                 curEncryptedKeyLevel;
+    xmlSecKeyReq                        keyReq;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
-XMLSEC_EXPORT xmlSecKeyInfoCtxPtr 	xmlSecKeyInfoCtxCreate		(xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void			xmlSecKeyInfoCtxDestroy		(xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int			xmlSecKeyInfoCtxInitialize	(xmlSecKeyInfoCtxPtr keyInfoCtx,
-									 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void			xmlSecKeyInfoCtxFinalize	(xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT void			xmlSecKeyInfoCtxReset		(xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int			xmlSecKeyInfoCtxCopyUserPref	(xmlSecKeyInfoCtxPtr dst,
-									 xmlSecKeyInfoCtxPtr src);
-XMLSEC_EXPORT int 			xmlSecKeyInfoCtxCreateEncCtx	(xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT void			xmlSecKeyInfoCtxDebugDump	(xmlSecKeyInfoCtxPtr keyInfoCtx,
-									 FILE* output);
-XMLSEC_EXPORT void			xmlSecKeyInfoCtxDebugXmlDump	(xmlSecKeyInfoCtxPtr keyInfoCtx,
-									 FILE* output);
+XMLSEC_EXPORT xmlSecKeyInfoCtxPtr       xmlSecKeyInfoCtxCreate          (xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void                      xmlSecKeyInfoCtxDestroy         (xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int                       xmlSecKeyInfoCtxInitialize      (xmlSecKeyInfoCtxPtr keyInfoCtx,
+                                                                         xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void                      xmlSecKeyInfoCtxFinalize        (xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT void                      xmlSecKeyInfoCtxReset           (xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int                       xmlSecKeyInfoCtxCopyUserPref    (xmlSecKeyInfoCtxPtr dst,
+                                                                         xmlSecKeyInfoCtxPtr src);
+XMLSEC_EXPORT int                       xmlSecKeyInfoCtxCreateEncCtx    (xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT void                      xmlSecKeyInfoCtxDebugDump       (xmlSecKeyInfoCtxPtr keyInfoCtx,
+                                                                         FILE* output);
+XMLSEC_EXPORT void                      xmlSecKeyInfoCtxDebugXmlDump    (xmlSecKeyInfoCtxPtr keyInfoCtx,
+                                                                         FILE* output);
 /**
  * xmlSecKeyDataNameId
  *
  * The <dsig:KeyName> processing class.
  */
-#define xmlSecKeyDataNameId 		xmlSecKeyDataNameGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId 		xmlSecKeyDataNameGetKlass	(void);
+#define xmlSecKeyDataNameId             xmlSecKeyDataNameGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId           xmlSecKeyDataNameGetKlass       (void);
 
 /**
  * xmlSecKeyDataValueId
  *
  * The <dsig:KeyValue> processing class.
  */
-#define xmlSecKeyDataValueId		xmlSecKeyDataValueGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId		xmlSecKeyDataValueGetKlass	(void);
+#define xmlSecKeyDataValueId            xmlSecKeyDataValueGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId           xmlSecKeyDataValueGetKlass      (void);
 
 /**
  * xmlSecKeyDataRetrievalMethodId
  *
  * The <dsig:RetrievalMethod> processing class.
  */
-#define xmlSecKeyDataRetrievalMethodId	xmlSecKeyDataRetrievalMethodGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId		xmlSecKeyDataRetrievalMethodGetKlass(void);
+#define xmlSecKeyDataRetrievalMethodId  xmlSecKeyDataRetrievalMethodGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId           xmlSecKeyDataRetrievalMethodGetKlass(void);
 
 #ifndef XMLSEC_NO_XMLENC
 /**
@@ -271,8 +273,8 @@ XMLSEC_EXPORT xmlSecKeyDataId		xmlSecKeyDataRetrievalMethodGetKlass(void);
  *
  * The <enc:EncryptedKey> processing class.
  */
-#define xmlSecKeyDataEncryptedKeyId	xmlSecKeyDataEncryptedKeyGetKlass()
-XMLSEC_EXPORT xmlSecKeyDataId		xmlSecKeyDataEncryptedKeyGetKlass(void);
+#define xmlSecKeyDataEncryptedKeyId     xmlSecKeyDataEncryptedKeyGetKlass()
+XMLSEC_EXPORT xmlSecKeyDataId           xmlSecKeyDataEncryptedKeyGetKlass(void);
 #endif /* XMLSEC_NO_XMLENC */
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/keys.h b/include/xmlsec/keys.h
index ba7dcd87..620ad492 100644
--- a/include/xmlsec/keys.h
+++ b/include/xmlsec/keys.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Keys.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_KEYS_H__
-#define __XMLSEC_KEYS_H__    
+#define __XMLSEC_KEYS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <time.h>
 
@@ -27,50 +27,50 @@ extern "C" {
  *
  * The key usage.
  */
-typedef unsigned int 			xmlSecKeyUsage;
+typedef unsigned int                    xmlSecKeyUsage;
 
 /**
  * xmlSecKeyUsageSign:
- * 
+ *
  * Key can be used in any way.
 
  */
-#define	xmlSecKeyUsageSign		0x00000001
+#define xmlSecKeyUsageSign              0x00000001
 
 /**
  * xmlSecKeyUsageVerify:
  *
  * Key for signing.
  */
-#define	xmlSecKeyUsageVerify		0x00000002
+#define xmlSecKeyUsageVerify            0x00000002
 
 /**
  * xmlSecKeyUsageEncrypt:
  *
  * Key for signature verification.
  */
-#define	xmlSecKeyUsageEncrypt		0x00000004
+#define xmlSecKeyUsageEncrypt           0x00000004
 
 /**
  * xmlSecKeyUsageDecrypt:
  *
  * An encryption key.
  */
-#define	xmlSecKeyUsageDecrypt		0x00000008
+#define xmlSecKeyUsageDecrypt           0x00000008
 
 /**
  * xmlSecKeyUsageKeyExchange:
  *
  * The key is used for key exchange.
  */
-#define	xmlSecKeyUsageKeyExchange	0x00000010
+#define xmlSecKeyUsageKeyExchange       0x00000010
 
 /**
  * xmlSecKeyUsageAny:
  *
  * A decryption key.
  */
-#define	xmlSecKeyUsageAny		0xFFFFFFFF
+#define xmlSecKeyUsageAny               0xFFFFFFFF
 
 
 /**************************************************************************
@@ -78,30 +78,30 @@ typedef unsigned int 			xmlSecKeyUsage;
  * xmlSecKeyUseWith
  *
  *************************************************************************/
-typedef struct _xmlSecKeyUseWith		xmlSecKeyUseWith, *xmlSecKeyUseWithPtr; 
-XMLSEC_EXPORT int	xmlSecKeyUseWithInitialize		(xmlSecKeyUseWithPtr keyUseWith);
-XMLSEC_EXPORT void	xmlSecKeyUseWithFinalize		(xmlSecKeyUseWithPtr keyUseWith);
-XMLSEC_EXPORT void	xmlSecKeyUseWithReset			(xmlSecKeyUseWithPtr keyUseWith);
-XMLSEC_EXPORT int	xmlSecKeyUseWithCopy			(xmlSecKeyUseWithPtr dst,
-								 xmlSecKeyUseWithPtr src);
-XMLSEC_EXPORT xmlSecKeyUseWithPtr xmlSecKeyUseWithCreate	(const xmlChar* application,
+typedef struct _xmlSecKeyUseWith                xmlSecKeyUseWith, *xmlSecKeyUseWithPtr;
+XMLSEC_EXPORT int       xmlSecKeyUseWithInitialize              (xmlSecKeyUseWithPtr keyUseWith);
+XMLSEC_EXPORT void      xmlSecKeyUseWithFinalize                (xmlSecKeyUseWithPtr keyUseWith);
+XMLSEC_EXPORT void      xmlSecKeyUseWithReset                   (xmlSecKeyUseWithPtr keyUseWith);
+XMLSEC_EXPORT int       xmlSecKeyUseWithCopy                    (xmlSecKeyUseWithPtr dst,
+                                                                 xmlSecKeyUseWithPtr src);
+XMLSEC_EXPORT xmlSecKeyUseWithPtr xmlSecKeyUseWithCreate        (const xmlChar* application,
                                                                  const xmlChar* identifier);
-XMLSEC_EXPORT xmlSecKeyUseWithPtr xmlSecKeyUseWithDuplicate	(xmlSecKeyUseWithPtr keyUseWith);
-XMLSEC_EXPORT void	xmlSecKeyUseWithDestroy			(xmlSecKeyUseWithPtr keyUseWith);
-XMLSEC_EXPORT int	xmlSecKeyUseWithSet			(xmlSecKeyUseWithPtr keyUseWith,
-								 const xmlChar* application,
+XMLSEC_EXPORT xmlSecKeyUseWithPtr xmlSecKeyUseWithDuplicate     (xmlSecKeyUseWithPtr keyUseWith);
+XMLSEC_EXPORT void      xmlSecKeyUseWithDestroy                 (xmlSecKeyUseWithPtr keyUseWith);
+XMLSEC_EXPORT int       xmlSecKeyUseWithSet                     (xmlSecKeyUseWithPtr keyUseWith,
+                                                                 const xmlChar* application,
                                                                  const xmlChar* identifier);
-XMLSEC_EXPORT void	xmlSecKeyUseWithDebugDump		(xmlSecKeyUseWithPtr keyUseWith,
-								 FILE* output);
-XMLSEC_EXPORT void	xmlSecKeyUseWithDebugXmlDump		(xmlSecKeyUseWithPtr keyUseWith,
-								 FILE* output);
+XMLSEC_EXPORT void      xmlSecKeyUseWithDebugDump               (xmlSecKeyUseWithPtr keyUseWith,
+                                                                 FILE* output);
+XMLSEC_EXPORT void      xmlSecKeyUseWithDebugXmlDump            (xmlSecKeyUseWithPtr keyUseWith,
+                                                                 FILE* output);
 
 /**
  * xmlSecKeyUseWith:
  * @application:        the application.
  * @identifier:         the identifier.
- * @reserved1:		reserved for future use.
- * @reserved2:		reserved for future use.
+ * @reserved1:          reserved for future use.
+ * @reserved2:          reserved for future use.
  *
  * Information about application and user of the key.
  */
@@ -113,138 +113,138 @@ struct _xmlSecKeyUseWith {
     void*                       reserved2;
 };
 
-/** 
+/**
  * xmlSecKeyUseWithPtrListId:
- * 
+ *
  * The keys list klass.
  */
-#define xmlSecKeyUseWithPtrListId	xmlSecKeyUseWithPtrListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyUseWithPtrListGetKlass	(void);
+#define xmlSecKeyUseWithPtrListId       xmlSecKeyUseWithPtrListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecKeyUseWithPtrListGetKlass (void);
 
 /**************************************************************************
  *
  * xmlSecKeyReq - what key are we looking for?
  *
  *************************************************************************/
-typedef struct _xmlSecKeyReq 			xmlSecKeyReq, *xmlSecKeyReqPtr; 
+typedef struct _xmlSecKeyReq                    xmlSecKeyReq, *xmlSecKeyReqPtr;
 
 /**
  * xmlSecKeyReq:
- * @keyId:		the desired key value klass.
- * @keyType:		the desired key type.
- * @keyUsage:		the desired key usage.
- * @keyBitsSize:	the desired key size (in bits!).
+ * @keyId:              the desired key value klass.
+ * @keyType:            the desired key type.
+ * @keyUsage:           the desired key usage.
+ * @keyBitsSize:        the desired key size (in bits!).
  * @keyUseWithList:     the desired key use with application/identifier information.
- * @reserved1:		reserved for future use.
- * @reserved2:		reserved for future use.
+ * @reserved1:          reserved for future use.
+ * @reserved2:          reserved for future use.
  *
  * The key requirements information.
  */
 struct _xmlSecKeyReq {
-    xmlSecKeyDataId	        keyId;
-    xmlSecKeyDataType		keyType;
-    xmlSecKeyUsage		keyUsage;
-    xmlSecSize			keyBitsSize;
-    xmlSecPtrList               keyUseWithList;    
+    xmlSecKeyDataId             keyId;
+    xmlSecKeyDataType           keyType;
+    xmlSecKeyUsage              keyUsage;
+    xmlSecSize                  keyBitsSize;
+    xmlSecPtrList               keyUseWithList;
 
     void*                       reserved1;
     void*                       reserved2;
 };
 
-XMLSEC_EXPORT int	xmlSecKeyReqInitialize			(xmlSecKeyReqPtr keyReq);
-XMLSEC_EXPORT void	xmlSecKeyReqFinalize			(xmlSecKeyReqPtr keyReq);
-XMLSEC_EXPORT void	xmlSecKeyReqReset			(xmlSecKeyReqPtr keyReq);
-XMLSEC_EXPORT int	xmlSecKeyReqCopy			(xmlSecKeyReqPtr dst,
-								 xmlSecKeyReqPtr src);
-XMLSEC_EXPORT int	xmlSecKeyReqMatchKey			(xmlSecKeyReqPtr keyReq,
-								 xmlSecKeyPtr key);
-XMLSEC_EXPORT int	xmlSecKeyReqMatchKeyValue		(xmlSecKeyReqPtr keyReq,
-								 xmlSecKeyDataPtr value);
-XMLSEC_EXPORT void	xmlSecKeyReqDebugDump		        (xmlSecKeyReqPtr keyReq,
-								 FILE* output);
-XMLSEC_EXPORT void	xmlSecKeyReqDebugXmlDump	        (xmlSecKeyReqPtr keyReq,
-								 FILE* output);
+XMLSEC_EXPORT int       xmlSecKeyReqInitialize                  (xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT void      xmlSecKeyReqFinalize                    (xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT void      xmlSecKeyReqReset                       (xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT int       xmlSecKeyReqCopy                        (xmlSecKeyReqPtr dst,
+                                                                 xmlSecKeyReqPtr src);
+XMLSEC_EXPORT int       xmlSecKeyReqMatchKey                    (xmlSecKeyReqPtr keyReq,
+                                                                 xmlSecKeyPtr key);
+XMLSEC_EXPORT int       xmlSecKeyReqMatchKeyValue               (xmlSecKeyReqPtr keyReq,
+                                                                 xmlSecKeyDataPtr value);
+XMLSEC_EXPORT void      xmlSecKeyReqDebugDump                   (xmlSecKeyReqPtr keyReq,
+                                                                 FILE* output);
+XMLSEC_EXPORT void      xmlSecKeyReqDebugXmlDump                (xmlSecKeyReqPtr keyReq,
+                                                                 FILE* output);
 
 /**
  * xmlSecKey:
- * @name: 		the key name.
- * @value:		the key value.
- * @dataList:		the key data list.
- * @usage:		the key usage.
- * @notValidBefore:	the start key validity interval.
- * @notValidAfter:	the end key validity interval.
+ * @name:               the key name.
+ * @value:              the key value.
+ * @dataList:           the key data list.
+ * @usage:              the key usage.
+ * @notValidBefore:     the start key validity interval.
+ * @notValidAfter:      the end key validity interval.
  *
  * The key.
  */
 struct _xmlSecKey {
-    xmlChar*				name;
-    xmlSecKeyDataPtr			value;
-    xmlSecPtrListPtr			dataList;
-    xmlSecKeyUsage			usage;
-    time_t				notValidBefore;
-    time_t				notValidAfter;    
+    xmlChar*                            name;
+    xmlSecKeyDataPtr                    value;
+    xmlSecPtrListPtr                    dataList;
+    xmlSecKeyUsage                      usage;
+    time_t                              notValidBefore;
+    time_t                              notValidAfter;
 };
 
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyCreate		(void);
-XMLSEC_EXPORT void		xmlSecKeyDestroy	(xmlSecKeyPtr key);
-XMLSEC_EXPORT void		xmlSecKeyEmpty		(xmlSecKeyPtr key);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyDuplicate	(xmlSecKeyPtr key);
-XMLSEC_EXPORT int		xmlSecKeyCopy		(xmlSecKeyPtr keyDst,
-							 xmlSecKeyPtr keySrc);
-
-XMLSEC_EXPORT const xmlChar*	xmlSecKeyGetName	(xmlSecKeyPtr key);
-XMLSEC_EXPORT int		xmlSecKeySetName	(xmlSecKeyPtr key,
-							 const xmlChar* name);
-
-XMLSEC_EXPORT xmlSecKeyDataType	xmlSecKeyGetType	(xmlSecKeyPtr key);
-
-XMLSEC_EXPORT xmlSecKeyDataPtr	xmlSecKeyGetValue	(xmlSecKeyPtr key);
-XMLSEC_EXPORT int		xmlSecKeySetValue	(xmlSecKeyPtr key,
-							 xmlSecKeyDataPtr value);
-
-XMLSEC_EXPORT xmlSecKeyDataPtr 	xmlSecKeyGetData	(xmlSecKeyPtr key, 
-							 xmlSecKeyDataId dataId);
-XMLSEC_EXPORT xmlSecKeyDataPtr 	xmlSecKeyEnsureData	(xmlSecKeyPtr key, 
-							 xmlSecKeyDataId dataId);
-XMLSEC_EXPORT int		xmlSecKeyAdoptData	(xmlSecKeyPtr key,
-							 xmlSecKeyDataPtr data);
-
-XMLSEC_EXPORT void		xmlSecKeyDebugDump	(xmlSecKeyPtr key,
-							 FILE *output);
-XMLSEC_EXPORT void		xmlSecKeyDebugXmlDump	(xmlSecKeyPtr key,
-							 FILE *output);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyGenerate	(xmlSecKeyDataId dataId,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyGenerateByName (const xmlChar* name,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-
-
-XMLSEC_EXPORT int		xmlSecKeyMatch		(xmlSecKeyPtr key, 
-							 const xmlChar *name,
-							 xmlSecKeyReqPtr keyReq);
-
-XMLSEC_EXPORT xmlSecKeyPtr  	xmlSecKeyReadBuffer	(xmlSecKeyDataId dataId,
-                            				 xmlSecBuffer* buffer);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyReadBinaryFile	(xmlSecKeyDataId dataId,
-							 const char* filename);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyReadMemory	(xmlSecKeyDataId dataId,
-							 const xmlSecByte* data,
-							 xmlSecSize dataSize);
-
-							 
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyCreate         (void);
+XMLSEC_EXPORT void              xmlSecKeyDestroy        (xmlSecKeyPtr key);
+XMLSEC_EXPORT void              xmlSecKeyEmpty          (xmlSecKeyPtr key);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyDuplicate      (xmlSecKeyPtr key);
+XMLSEC_EXPORT int               xmlSecKeyCopy           (xmlSecKeyPtr keyDst,
+                                                         xmlSecKeyPtr keySrc);
+
+XMLSEC_EXPORT const xmlChar*    xmlSecKeyGetName        (xmlSecKeyPtr key);
+XMLSEC_EXPORT int               xmlSecKeySetName        (xmlSecKeyPtr key,
+                                                         const xmlChar* name);
+
+XMLSEC_EXPORT xmlSecKeyDataType xmlSecKeyGetType        (xmlSecKeyPtr key);
+
+XMLSEC_EXPORT xmlSecKeyDataPtr  xmlSecKeyGetValue       (xmlSecKeyPtr key);
+XMLSEC_EXPORT int               xmlSecKeySetValue       (xmlSecKeyPtr key,
+                                                         xmlSecKeyDataPtr value);
+
+XMLSEC_EXPORT xmlSecKeyDataPtr  xmlSecKeyGetData        (xmlSecKeyPtr key,
+                                                         xmlSecKeyDataId dataId);
+XMLSEC_EXPORT xmlSecKeyDataPtr  xmlSecKeyEnsureData     (xmlSecKeyPtr key,
+                                                         xmlSecKeyDataId dataId);
+XMLSEC_EXPORT int               xmlSecKeyAdoptData      (xmlSecKeyPtr key,
+                                                         xmlSecKeyDataPtr data);
+
+XMLSEC_EXPORT void              xmlSecKeyDebugDump      (xmlSecKeyPtr key,
+                                                         FILE *output);
+XMLSEC_EXPORT void              xmlSecKeyDebugXmlDump   (xmlSecKeyPtr key,
+                                                         FILE *output);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyGenerate       (xmlSecKeyDataId dataId,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyGenerateByName (const xmlChar* name,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+
+
+XMLSEC_EXPORT int               xmlSecKeyMatch          (xmlSecKeyPtr key,
+                                                         const xmlChar *name,
+                                                         xmlSecKeyReqPtr keyReq);
+
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyReadBuffer     (xmlSecKeyDataId dataId,
+                                                         xmlSecBuffer* buffer);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyReadBinaryFile (xmlSecKeyDataId dataId,
+                                                         const char* filename);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyReadMemory     (xmlSecKeyDataId dataId,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize);
+
+
 /**
  * xmlSecKeyIsValid:
  * @key: the pointer to key.
  *
  * Macro. Returns 1 if @key is not NULL and @key->id is not NULL
  * or 0 otherwise.
- */ 
+ */
 #define xmlSecKeyIsValid(key) \
-	((( key ) != NULL) && \
-	 (( key )->value != NULL) && \
-	 ((( key )->value->id) != NULL))
+        ((( key ) != NULL) && \
+         (( key )->value != NULL) && \
+         ((( key )->value->id) != NULL))
 /**
  * xmlSecKeyCheckId:
  * @key: the pointer to key.
@@ -253,8 +253,8 @@ XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyReadMemory	(xmlSecKeyDataId dataId,
  * Macro. Returns 1 if @key is valid and @key's id is equal to @keyId.
  */
 #define xmlSecKeyCheckId(key, keyId) \
- 	(xmlSecKeyIsValid(( key )) && \
-	((( key )->value->id) == ( keyId )))
+        (xmlSecKeyIsValid(( key )) && \
+        ((( key )->value->id) == ( keyId )))
 
 
 /***********************************************************************
@@ -262,13 +262,13 @@ XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyReadMemory	(xmlSecKeyDataId dataId,
  * Keys list
  *
  **********************************************************************/
-/** 
+/**
  * xmlSecKeyPtrListId:
- * 
+ *
  * The keys list klass.
  */
-#define xmlSecKeyPtrListId	xmlSecKeyPtrListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyPtrListGetKlass		(void);
+#define xmlSecKeyPtrListId      xmlSecKeyPtrListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecKeyPtrListGetKlass                (void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/keysdata.h b/include/xmlsec/keysdata.h
index 85974c95..f7554ca4 100644
--- a/include/xmlsec/keysdata.h
+++ b/include/xmlsec/keysdata.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Key data.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_KEYSDATA_H__
-#define __XMLSEC_KEYSDATA_H__    
+#define __XMLSEC_KEYSDATA_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -21,15 +21,17 @@ extern "C" {
 #include <xmlsec/buffer.h>
 #include <xmlsec/list.h>
 
-/**
+/****************************************************************************
+ *
  * Forward declarations
- */
-typedef const struct _xmlSecKeyDataKlass 		xmlSecKeyDataKlass, 
-							*xmlSecKeyDataId; 
-typedef const struct _xmlSecKeyDataStoreKlass 		xmlSecKeyDataStoreKlass, 
-							*xmlSecKeyDataStoreId; 
-typedef struct _xmlSecKeyDataList 			xmlSecKeyDataList, 
-							*xmlSecKeyDataListPtr; 
+ *
+ ****************************************************************************/
+typedef const struct _xmlSecKeyDataKlass                xmlSecKeyDataKlass,
+                                                        *xmlSecKeyDataId;
+typedef const struct _xmlSecKeyDataStoreKlass           xmlSecKeyDataStoreKlass,
+                                                        *xmlSecKeyDataStoreId;
+typedef struct _xmlSecKeyDataList                       xmlSecKeyDataList,
+                                                        *xmlSecKeyDataListPtr;
 
 
 /**************************************************************************
@@ -37,47 +39,47 @@ typedef struct _xmlSecKeyDataList 			xmlSecKeyDataList,
  * xmlSecKeyDataUsage
  *
  *************************************************************************/
-/** 
+/**
  * xmlSecKeyDataUsage:
  *
  * The bits mask that determines possible keys data usage.
  */
-typedef unsigned int					xmlSecKeyDataUsage;
+typedef unsigned int                                    xmlSecKeyDataUsage;
 
 /**
  * xmlSecKeyDataUsageUnknown:
  *
  * The key data usage is unknown.
  */
-#define xmlSecKeyDataUsageUnknown			0x00000
+#define xmlSecKeyDataUsageUnknown                       0x00000
 
 /**
  * xmlSecKeyDataUsageKeyInfoNodeRead:
  *
  * The key data could be read from a <dsig:KeyInfo/> child.
  */
-#define xmlSecKeyDataUsageKeyInfoNodeRead		0x00001
+#define xmlSecKeyDataUsageKeyInfoNodeRead               0x00001
 
 /**
  * xmlSecKeyDataUsageKeyInfoNodeWrite:
  *
  * The key data could be written to a <dsig:KeyInfo /> child.
  */
-#define xmlSecKeyDataUsageKeyInfoNodeWrite		0x00002
+#define xmlSecKeyDataUsageKeyInfoNodeWrite              0x00002
 
 /**
  * xmlSecKeyDataUsageKeyValueNodeRead:
  *
  * The key data could be read from a <dsig:KeyValue /> child.
  */
-#define xmlSecKeyDataUsageKeyValueNodeRead		0x00004
+#define xmlSecKeyDataUsageKeyValueNodeRead              0x00004
 
 /**
  * xmlSecKeyDataUsageKeyValueNodeWrite:
  *
  * The key data could be written to a <dsig:KeyValue /> child.
  */
-#define xmlSecKeyDataUsageKeyValueNodeWrite		0x00008
+#define xmlSecKeyDataUsageKeyValueNodeWrite             0x00008
 
 /**
  * xmlSecKeyDataUsageRetrievalMethodNodeXml:
@@ -85,7 +87,7 @@ typedef unsigned int					xmlSecKeyDataUsage;
  * The key data could be retrieved using <dsig:RetrievalMethod /> node
  * in XML format.
  */
-#define xmlSecKeyDataUsageRetrievalMethodNodeXml	0x00010
+#define xmlSecKeyDataUsageRetrievalMethodNodeXml        0x00010
 
 /**
  * xmlSecKeyDataUsageRetrievalMethodNodeBin:
@@ -93,30 +95,30 @@ typedef unsigned int					xmlSecKeyDataUsage;
  * The key data could be retrieved using <dsig:RetrievalMethod /> node
  * in binary format.
  */
-#define xmlSecKeyDataUsageRetrievalMethodNodeBin	0x00020
+#define xmlSecKeyDataUsageRetrievalMethodNodeBin        0x00020
 
 /**
  * xmlSecKeyDataUsageAny:
  *
  * Any key data usage.
  */
-#define xmlSecKeyDataUsageAny				0xFFFFF
+#define xmlSecKeyDataUsageAny                           0xFFFFF
 
 /**
  * xmlSecKeyDataUsageKeyInfoNode:
  *
  * The key data could be read and written from/to a <dsig:KeyInfo /> child.
  */
-#define xmlSecKeyDataUsageKeyInfoNode			\
-	(xmlSecKeyDataUsageKeyInfoNodeRead | xmlSecKeyDataUsageKeyInfoNodeWrite)
+#define xmlSecKeyDataUsageKeyInfoNode                   \
+        (xmlSecKeyDataUsageKeyInfoNodeRead | xmlSecKeyDataUsageKeyInfoNodeWrite)
 
 /**
  * xmlSecKeyDataUsageKeyValueNode:
  *
  * The key data could be read and written from/to a <dsig:KeyValue /> child.
  */
-#define xmlSecKeyDataUsageKeyValueNode			\
-	(xmlSecKeyDataUsageKeyValueNodeRead | xmlSecKeyDataUsageKeyValueNodeWrite)
+#define xmlSecKeyDataUsageKeyValueNode                  \
+        (xmlSecKeyDataUsageKeyValueNodeRead | xmlSecKeyDataUsageKeyValueNodeWrite)
 
 /**
  * xmlSecKeyDataUsageRetrievalMethodNode:
@@ -124,8 +126,8 @@ typedef unsigned int					xmlSecKeyDataUsage;
  * The key data could be retrieved using <dsig:RetrievalMethod /> node
  * in any format.
  */
-#define xmlSecKeyDataUsageRetrievalMethodNode		\
-	(xmlSecKeyDataUsageRetrievalMethodNodeXml | xmlSecKeyDataUsageRetrievalMethodNodeBin)
+#define xmlSecKeyDataUsageRetrievalMethodNode           \
+        (xmlSecKeyDataUsageRetrievalMethodNodeXml | xmlSecKeyDataUsageRetrievalMethodNodeBin)
 
 /**************************************************************************
  *
@@ -137,70 +139,70 @@ typedef unsigned int					xmlSecKeyDataUsage;
  *
  * The key data type (public/private, session/permanet, etc.).
  */
-typedef unsigned int				xmlSecKeyDataType;
+typedef unsigned int                            xmlSecKeyDataType;
 
 /**
  * xmlSecKeyDataTypeUnknown:
  *
  * The key data type is unknown (same as #xmlSecKeyDataTypeNone).
  */
-#define xmlSecKeyDataTypeUnknown			0x0000
+#define xmlSecKeyDataTypeUnknown                        0x0000
 
 /**
  * xmlSecKeyDataTypeNone:
  *
  * The key data type is unknown (same as #xmlSecKeyDataTypeUnknown).
  */
-#define xmlSecKeyDataTypeNone				xmlSecKeyDataTypeUnknown
+#define xmlSecKeyDataTypeNone                           xmlSecKeyDataTypeUnknown
 
 /**
  * xmlSecKeyDataTypePublic:
  *
  * The key data contain a public key.
  */
-#define xmlSecKeyDataTypePublic				0x0001
+#define xmlSecKeyDataTypePublic                         0x0001
 
 /**
  * xmlSecKeyDataTypePrivate:
  *
  * The key data contain a private key.
  */
-#define xmlSecKeyDataTypePrivate			0x0002
+#define xmlSecKeyDataTypePrivate                        0x0002
 
 /**
  * xmlSecKeyDataTypeSymmetric:
  *
  * The key data contain a symmetric key.
  */
-#define xmlSecKeyDataTypeSymmetric			0x0004
+#define xmlSecKeyDataTypeSymmetric                      0x0004
 
 /**
  * xmlSecKeyDataTypeSession:
  *
  * The key data contain session key (one time key, not stored in keys manager).
  */
-#define xmlSecKeyDataTypeSession			0x0008
+#define xmlSecKeyDataTypeSession                        0x0008
 
 /**
  * xmlSecKeyDataTypePermanent:
  *
  * The key data contain permanent key (stored in keys manager).
  */
-#define xmlSecKeyDataTypePermanent			0x0010
+#define xmlSecKeyDataTypePermanent                      0x0010
 
 /**
  * xmlSecKeyDataTypeTrusted:
  *
  * The key data is trusted.
  */
-#define xmlSecKeyDataTypeTrusted			0x0100
+#define xmlSecKeyDataTypeTrusted                        0x0100
 
 /**
  * xmlSecKeyDataTypeAny:
  *
  * Any key data.
  */
-#define xmlSecKeyDataTypeAny				0xFFFF
+#define xmlSecKeyDataTypeAny                            0xFFFF
 
 /**************************************************************************
  *
@@ -209,15 +211,15 @@ typedef unsigned int				xmlSecKeyDataType;
  *************************************************************************/
 /**
  * xmlSecKeyDataFormat:
- * @xmlSecKeyDataFormatUnknown:		the key data format is unknown.
- * @xmlSecKeyDataFormatBinary:		the binary key data.
- * @xmlSecKeyDataFormatPem:		the PEM key data (cert or public/private key).
- * @xmlSecKeyDataFormatDer:		the DER key data (cert or public/private key).
- * @xmlSecKeyDataFormatPkcs8Pem:	the PKCS8 PEM private key.
- * @xmlSecKeyDataFormatPkcs8Der:	the PKCS8 DER private key. 
- * @xmlSecKeyDataFormatPkcs12:		the PKCS12 format (bag of keys and certs)
- * @xmlSecKeyDataFormatCertPem:		the PEM cert.
- * @xmlSecKeyDataFormatCertDer:		the DER cert.
+ * @xmlSecKeyDataFormatUnknown:         the key data format is unknown.
+ * @xmlSecKeyDataFormatBinary:          the binary key data.
+ * @xmlSecKeyDataFormatPem:             the PEM key data (cert or public/private key).
+ * @xmlSecKeyDataFormatDer:             the DER key data (cert or public/private key).
+ * @xmlSecKeyDataFormatPkcs8Pem:        the PKCS8 PEM private key.
+ * @xmlSecKeyDataFormatPkcs8Der:        the PKCS8 DER private key.
+ * @xmlSecKeyDataFormatPkcs12:          the PKCS12 format (bag of keys and certs)
+ * @xmlSecKeyDataFormatCertPem:         the PEM cert.
+ * @xmlSecKeyDataFormatCertDer:         the DER cert.
  *
  * The key data format (binary, der, pem, etc.).
  */
@@ -238,12 +240,12 @@ typedef enum {
  * Global xmlSecKeyDataIds methods
  *
  *************************************************************************/
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecKeyDataIdsGet		(void);
-XMLSEC_EXPORT int		xmlSecKeyDataIdsInit		(void);
-XMLSEC_EXPORT void		xmlSecKeyDataIdsShutdown	(void);
-XMLSEC_EXPORT int 		xmlSecKeyDataIdsRegisterDefault	(void);
-XMLSEC_EXPORT int 		xmlSecKeyDataIdsRegister	(xmlSecKeyDataId id);
-	
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecKeyDataIdsGet             (void);
+XMLSEC_EXPORT int               xmlSecKeyDataIdsInit            (void);
+XMLSEC_EXPORT void              xmlSecKeyDataIdsShutdown        (void);
+XMLSEC_EXPORT int               xmlSecKeyDataIdsRegisterDefault (void);
+XMLSEC_EXPORT int               xmlSecKeyDataIdsRegister        (xmlSecKeyDataId id);
+
 /**************************************************************************
  *
  * xmlSecKeyData
@@ -251,105 +253,105 @@ XMLSEC_EXPORT int 		xmlSecKeyDataIdsRegister	(xmlSecKeyDataId id);
  *************************************************************************/
 /**
  * xmlSecKeyData:
- * @id: 		the data id (#xmlSecKeyDataId).
- * @reserved0: 		reserved for the future.
- * @reserved1: 		reserved for the future.
+ * @id:                 the data id (#xmlSecKeyDataId).
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
- * The key data: key value (crypto material), x509 data, pgp data, etc.  
+ * The key data: key value (crypto material), x509 data, pgp data, etc.
  */
 struct _xmlSecKeyData {
-    xmlSecKeyDataId			id;
-    void*				reserved0;
-    void*				reserved1;
+    xmlSecKeyDataId                     id;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
-XMLSEC_EXPORT xmlSecKeyDataPtr	xmlSecKeyDataCreate		(xmlSecKeyDataId id);
-XMLSEC_EXPORT xmlSecKeyDataPtr	xmlSecKeyDataDuplicate		(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT void		xmlSecKeyDataDestroy		(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int		xmlSecKeyDataGenerate		(xmlSecKeyDataPtr data,
-								 xmlSecSize sizeBits,
-								 xmlSecKeyDataType type);
-XMLSEC_EXPORT xmlSecKeyDataType	xmlSecKeyDataGetType		(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT xmlSecSize	xmlSecKeyDataGetSize		(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT const xmlChar*	xmlSecKeyDataGetIdentifier	(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT void		xmlSecKeyDataDebugDump		(xmlSecKeyDataPtr data,
-								 FILE *output);
-XMLSEC_EXPORT void		xmlSecKeyDataDebugXmlDump	(xmlSecKeyDataPtr data,
-								 FILE *output);
-XMLSEC_EXPORT int		xmlSecKeyDataXmlRead		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataXmlWrite		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataBinRead		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 const xmlSecByte* buf,
-								 xmlSecSize bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataBinWrite		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlSecByte** buf,
-								 xmlSecSize* bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT xmlSecKeyDataPtr  xmlSecKeyDataCreate             (xmlSecKeyDataId id);
+XMLSEC_EXPORT xmlSecKeyDataPtr  xmlSecKeyDataDuplicate          (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT void              xmlSecKeyDataDestroy            (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int               xmlSecKeyDataGenerate           (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
+XMLSEC_EXPORT xmlSecKeyDataType xmlSecKeyDataGetType            (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT xmlSecSize        xmlSecKeyDataGetSize            (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT const xmlChar*    xmlSecKeyDataGetIdentifier      (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT void              xmlSecKeyDataDebugDump          (xmlSecKeyDataPtr data,
+                                                                 FILE *output);
+XMLSEC_EXPORT void              xmlSecKeyDataDebugXmlDump       (xmlSecKeyDataPtr data,
+                                                                 FILE *output);
+XMLSEC_EXPORT int               xmlSecKeyDataXmlRead            (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataXmlWrite           (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataBinRead            (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataBinWrite           (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlSecByte** buf,
+                                                                 xmlSecSize* bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 /**
  * xmlSecKeyDataGetName:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Macro. Returns the key data name.
  */
 #define xmlSecKeyDataGetName(data) \
-	((xmlSecKeyDataIsValid((data))) ? \
-	  xmlSecKeyDataKlassGetName((data)->id) : NULL)
+        ((xmlSecKeyDataIsValid((data))) ? \
+          xmlSecKeyDataKlassGetName((data)->id) : NULL)
 
 /**
  * xmlSecKeyDataIsValid:
- * @data: 		the pointer to data.
+ * @data:               the pointer to data.
  *
  * Macro. Returns 1 if @data is not NULL and @data->id is not NULL
  * or 0 otherwise.
- */ 
+ */
 #define xmlSecKeyDataIsValid(data) \
-	((( data ) != NULL) && \
-	 (( data )->id != NULL) && \
-	 (( data )->id->klassSize >= sizeof(xmlSecKeyDataKlass)) && \
-	 (( data )->id->objSize >= sizeof(xmlSecKeyData)) && \
-	 (( data )->id->name != NULL))
+        ((( data ) != NULL) && \
+         (( data )->id != NULL) && \
+         (( data )->id->klassSize >= sizeof(xmlSecKeyDataKlass)) && \
+         (( data )->id->objSize >= sizeof(xmlSecKeyData)) && \
+         (( data )->id->name != NULL))
 /**
  * xmlSecKeyDataCheckId:
- * @data: 		the pointer to data.
- * @dataId: 		the data Id.
+ * @data:               the pointer to data.
+ * @dataId:             the data Id.
  *
  * Macro. Returns 1 if @data is valid and @data's id is equal to @dataId.
  */
 #define xmlSecKeyDataCheckId(data, dataId) \
- 	(xmlSecKeyDataIsValid(( data )) && \
-	((( data )->id) == ( dataId )))
+        (xmlSecKeyDataIsValid(( data )) && \
+        ((( data )->id) == ( dataId )))
 
 /**
  * xmlSecKeyDataCheckUsage:
- * @data: 		the pointer to data.
- * @usg: 		the data usage.
+ * @data:               the pointer to data.
+ * @usg:                the data usage.
  *
  * Macro. Returns 1 if @data is valid and could be used for @usg.
  */
 #define xmlSecKeyDataCheckUsage(data, usg) \
- 	(xmlSecKeyDataIsValid(( data )) && \
-	(((( data )->id->usage) & ( usg )) != 0))
+        (xmlSecKeyDataIsValid(( data )) && \
+        (((( data )->id->usage) & ( usg )) != 0))
 
 /**
  * xmlSecKeyDataCheckSize:
- * @data: 		the pointer to data.
- * @size: 		the expected size.
+ * @data:               the pointer to data.
+ * @size:               the expected size.
  *
  * Macro. Returns 1 if @data is valid and @data's object has at least @size bytes.
  */
 #define xmlSecKeyDataCheckSize(data, size) \
- 	(xmlSecKeyDataIsValid(( data )) && \
-	 (( data )->id->objSize >= size))
+        (xmlSecKeyDataIsValid(( data )) && \
+         (( data )->id->objSize >= size))
 
 /**************************************************************************
  *
@@ -361,231 +363,231 @@ XMLSEC_EXPORT int		xmlSecKeyDataBinWrite		(xmlSecKeyDataId id,
  *
  * The "unknown" id.
  */
-#define xmlSecKeyDataIdUnknown 			((xmlSecKeyDataId)NULL)
+#define xmlSecKeyDataIdUnknown                  ((xmlSecKeyDataId)NULL)
 
-/** 
+/**
  * xmlSecKeyDataInitMethod:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Key data specific initialization method.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataInitMethod)	(xmlSecKeyDataPtr data);
+typedef int                     (*xmlSecKeyDataInitMethod)      (xmlSecKeyDataPtr data);
 
-/** 
+/**
  * xmlSecKeyDataDuplicateMethod:
- * @dst: 		the pointer to destination key data.
- * @src: 		the poiniter to source key data.
+ * @dst:                the pointer to destination key data.
+ * @src:                the poiniter to source key data.
  *
  * Key data specific duplication (copy) method.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataDuplicateMethod)	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
+typedef int                     (*xmlSecKeyDataDuplicateMethod) (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
 
-/** 
+/**
  * xmlSecKeyDataFinalizeMethod:
- * @data: 		the data.
+ * @data:               the data.
  *
  * Key data specific finalization method. All the objects and resources allocated
  * by the key data object must be freed inside this method.
  */
-typedef void			(*xmlSecKeyDataFinalizeMethod)	(xmlSecKeyDataPtr data);
+typedef void                    (*xmlSecKeyDataFinalizeMethod)  (xmlSecKeyDataPtr data);
 
-/** 
+/**
  * xmlSecKeyDataXmlReadMethod:
- * @id: 		the data id.
- * @key: 		the key.
- * @node: 		the pointer to data's value XML node.
- * @keyInfoCtx: 	the <dsig:KeyInfo/> node processing context.
+ * @id:                 the data id.
+ * @key:                the key.
+ * @node:               the pointer to data's value XML node.
+ * @keyInfoCtx:         the <dsig:KeyInfo/> node processing context.
+ *
+ * Key data specific method for reading XML node.
  *
- * Key data specific method for reading XML node. 
- * 
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataXmlReadMethod)	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-/** 
+typedef int                     (*xmlSecKeyDataXmlReadMethod)   (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+/**
  * xmlSecKeyDataXmlWriteMethod:
- * @id: 		the data id.
- * @key: 		the key.
- * @node: 		the pointer to data's value XML node.
- * @keyInfoCtx: 	the <dsig:KeyInfo> node processing context.
+ * @id:                 the data id.
+ * @key:                the key.
+ * @node:               the pointer to data's value XML node.
+ * @keyInfoCtx:         the <dsig:KeyInfo> node processing context.
  *
  * Key data specific method for writing XML node.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataXmlWriteMethod)	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-/** 
+typedef int                     (*xmlSecKeyDataXmlWriteMethod)  (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+/**
  * xmlSecKeyDataBinReadMethod:
- * @id: 		the data id.
- * @key: 		the key.
- * @buf: 		the input buffer.
- * @bufSize:		the buffer size.
- * @keyInfoCtx: 	the <dsig:KeyInfo/> node processing context.
+ * @id:                 the data id.
+ * @key:                the key.
+ * @buf:                the input buffer.
+ * @bufSize:            the buffer size.
+ * @keyInfoCtx:         the <dsig:KeyInfo/> node processing context.
  *
  * Key data specific method for reading binary buffer.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataBinReadMethod)	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 const xmlSecByte* buf,
-								 xmlSecSize bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-/** 
+typedef int                     (*xmlSecKeyDataBinReadMethod)   (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+/**
  * xmlSecKeyDataBinWriteMethod:
- * @id: 		the data id.
- * @key: 		the key.
- * @buf: 		the output buffer.
- * @bufSize: 		the buffer size.
- * @keyInfoCtx: 	the <dsig:KeyInfo/> node processing context.
- *
- * Key data specific method for reading binary buffer. 
- * 
+ * @id:                 the data id.
+ * @key:                the key.
+ * @buf:                the output buffer.
+ * @bufSize:            the buffer size.
+ * @keyInfoCtx:         the <dsig:KeyInfo/> node processing context.
+ *
+ * Key data specific method for reading binary buffer.
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataBinWriteMethod)	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlSecByte** buf,
-								 xmlSecSize* bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+typedef int                     (*xmlSecKeyDataBinWriteMethod)  (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlSecByte** buf,
+                                                                 xmlSecSize* bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
-/** 
+/**
  * xmlSecKeyDataGenerateMethod:
- * @data: 		the pointer to key data.
- * @sizeBits: 		the key data specific size.
- * @type:		the required key type (session/permanent, etc.)
+ * @data:               the pointer to key data.
+ * @sizeBits:           the key data specific size.
+ * @type:               the required key type (session/permanent, etc.)
  *
  * Key data specific method for generating new key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataGenerateMethod)	(xmlSecKeyDataPtr data,
-								 xmlSecSize sizeBits,
-								 xmlSecKeyDataType type);
+typedef int                     (*xmlSecKeyDataGenerateMethod)  (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
 
-/** 
+/**
  * xmlSecKeyDataGetTypeMethod:
- * @data:		 the data.
+ * @data:                the data.
  *
  * Key data specific method to get the key type.
  *
  * Returns: the key type.
  */
-typedef xmlSecKeyDataType	(*xmlSecKeyDataGetTypeMethod)	(xmlSecKeyDataPtr data);
+typedef xmlSecKeyDataType       (*xmlSecKeyDataGetTypeMethod)   (xmlSecKeyDataPtr data);
 
-/** 
+/**
  * xmlSecKeyDataGetSizeMethod:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Key data specific method to get the key size.
  *
  * Returns: the key size in bits.
  */
-typedef xmlSecSize		(*xmlSecKeyDataGetSizeMethod)	(xmlSecKeyDataPtr data);
+typedef xmlSecSize              (*xmlSecKeyDataGetSizeMethod)   (xmlSecKeyDataPtr data);
 
-/** 
+/**
  * xmlSecKeyDataGetIdentifierMethod:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Key data specific method to get the key data identifier string (for example,
  * X509 data identifier is the subject of the verified cert).
  *
  * Returns: the identifier string or NULL if an error occurs.
  */
-typedef const xmlChar*		(*xmlSecKeyDataGetIdentifierMethod) (xmlSecKeyDataPtr data);
+typedef const xmlChar*          (*xmlSecKeyDataGetIdentifierMethod) (xmlSecKeyDataPtr data);
 
-/** 
+/**
  * xmlSecKeyDataDebugDumpMethod:
- * @data: 		the data.
- * @output: 		the FILE to print debug info (should be open for writing).
+ * @data:               the data.
+ * @output:             the FILE to print debug info (should be open for writing).
  *
  * Key data specific method for printing debug info.
  */
-typedef void			(*xmlSecKeyDataDebugDumpMethod)	(xmlSecKeyDataPtr data,
-								 FILE* output);
+typedef void                    (*xmlSecKeyDataDebugDumpMethod) (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
 
 /**
  * xmlSecKeyDataKlass:
- * @klassSize:		the klass size.
- * @objSize:		the object size.
- * @name:		the object name.
- * @usage:		the allowed data usage.
- * @href:		the identification string (href).
- * @dataNodeName:	the data's XML node name.
- * @dataNodeNs:		the data's XML node namespace.
- * @initialize:		the initialization method.  
- * @duplicate:		the duplicate (copy) method.
- * @finalize:		the finalization (destroy) method.
- * @generate:		the new data generation method.
- * @getType:		the method to access data's type information.
- * @getSize:		the method to access data's size.
- * @getIdentifier:	the method to access data's string identifier.
- * @xmlRead:		the method for reading data from XML node.
- * @xmlWrite:		the method for writing data to XML node.
- * @binRead:		the method for reading data from a binary buffer.
- * @binWrite:		the method for writing data to binary buffer.
- * @debugDump: 		the method for printing debug data information.
- * @debugXmlDump:	the method for printing debug data information in XML format.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @klassSize:          the klass size.
+ * @objSize:            the object size.
+ * @name:               the object name.
+ * @usage:              the allowed data usage.
+ * @href:               the identification string (href).
+ * @dataNodeName:       the data's XML node name.
+ * @dataNodeNs:         the data's XML node namespace.
+ * @initialize:         the initialization method.
+ * @duplicate:          the duplicate (copy) method.
+ * @finalize:           the finalization (destroy) method.
+ * @generate:           the new data generation method.
+ * @getType:            the method to access data's type information.
+ * @getSize:            the method to access data's size.
+ * @getIdentifier:      the method to access data's string identifier.
+ * @xmlRead:            the method for reading data from XML node.
+ * @xmlWrite:           the method for writing data to XML node.
+ * @binRead:            the method for reading data from a binary buffer.
+ * @binWrite:           the method for writing data to binary buffer.
+ * @debugDump:          the method for printing debug data information.
+ * @debugXmlDump:       the method for printing debug data information in XML format.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The data id (klass).
  */
 struct _xmlSecKeyDataKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
 
     /* data */
-    const xmlChar*			name;    
-    xmlSecKeyDataUsage			usage;
-    const xmlChar*			href;
-    const xmlChar*			dataNodeName;
-    const xmlChar*			dataNodeNs;
-    
+    const xmlChar*                      name;
+    xmlSecKeyDataUsage                  usage;
+    const xmlChar*                      href;
+    const xmlChar*                      dataNodeName;
+    const xmlChar*                      dataNodeNs;
+
     /* constructors/destructor */
-    xmlSecKeyDataInitMethod		initialize;
-    xmlSecKeyDataDuplicateMethod	duplicate;
-    xmlSecKeyDataFinalizeMethod		finalize;
-    xmlSecKeyDataGenerateMethod		generate;
-    
+    xmlSecKeyDataInitMethod             initialize;
+    xmlSecKeyDataDuplicateMethod        duplicate;
+    xmlSecKeyDataFinalizeMethod         finalize;
+    xmlSecKeyDataGenerateMethod         generate;
+
     /* get info */
-    xmlSecKeyDataGetTypeMethod		getType;
-    xmlSecKeyDataGetSizeMethod		getSize;
-    xmlSecKeyDataGetIdentifierMethod	getIdentifier;
+    xmlSecKeyDataGetTypeMethod          getType;
+    xmlSecKeyDataGetSizeMethod          getSize;
+    xmlSecKeyDataGetIdentifierMethod    getIdentifier;
 
     /* read/write */
-    xmlSecKeyDataXmlReadMethod		xmlRead;
-    xmlSecKeyDataXmlWriteMethod		xmlWrite;
-    xmlSecKeyDataBinReadMethod		binRead;
-    xmlSecKeyDataBinWriteMethod		binWrite;
+    xmlSecKeyDataXmlReadMethod          xmlRead;
+    xmlSecKeyDataXmlWriteMethod         xmlWrite;
+    xmlSecKeyDataBinReadMethod          binRead;
+    xmlSecKeyDataBinWriteMethod         binWrite;
 
     /* debug */
-    xmlSecKeyDataDebugDumpMethod	debugDump;
-    xmlSecKeyDataDebugDumpMethod	debugXmlDump;
+    xmlSecKeyDataDebugDumpMethod        debugDump;
+    xmlSecKeyDataDebugDumpMethod        debugXmlDump;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
 /**
  * xmlSecKeyDataKlassGetName:
- * @klass: 		the data klass.
+ * @klass:              the data klass.
  *
  * Macro. Returns data klass name.
  */
 #define xmlSecKeyDataKlassGetName(klass) \
-	(((klass)) ? ((klass)->name) : NULL)
+        (((klass)) ? ((klass)->name) : NULL)
 
 /***********************************************************************
  *
@@ -598,8 +600,8 @@ struct _xmlSecKeyDataKlass {
  *
  * The key data klasses list klass id.
  */
-#define xmlSecKeyDataListId	xmlSecKeyDataListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyDataListGetKlass	(void);
+#define xmlSecKeyDataListId     xmlSecKeyDataListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecKeyDataListGetKlass       (void);
 
 /***********************************************************************
  *
@@ -612,29 +614,29 @@ XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyDataListGetKlass	(void);
  *
  * The key data list klass id.
  */
-#define xmlSecKeyDataIdListId	xmlSecKeyDataIdListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyDataIdListGetKlass	(void);
-XMLSEC_EXPORT int		xmlSecKeyDataIdListFind		(xmlSecPtrListPtr list,
-								 xmlSecKeyDataId dataId);
-XMLSEC_EXPORT xmlSecKeyDataId	xmlSecKeyDataIdListFindByNode	(xmlSecPtrListPtr list,
-								 const xmlChar* nodeName,
-								 const xmlChar* nodeNs,
-								 xmlSecKeyDataUsage usage);
-XMLSEC_EXPORT xmlSecKeyDataId	xmlSecKeyDataIdListFindByHref	(xmlSecPtrListPtr list,
-								 const xmlChar* href,
-								 xmlSecKeyDataUsage usage);
-XMLSEC_EXPORT xmlSecKeyDataId	xmlSecKeyDataIdListFindByName	(xmlSecPtrListPtr list,
-								 const xmlChar* name,
-								 xmlSecKeyDataUsage usage);
-XMLSEC_EXPORT void		xmlSecKeyDataIdListDebugDump	(xmlSecPtrListPtr list,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecKeyDataIdListDebugXmlDump	(xmlSecPtrListPtr list,
-								 FILE* output);
+#define xmlSecKeyDataIdListId   xmlSecKeyDataIdListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecKeyDataIdListGetKlass     (void);
+XMLSEC_EXPORT int               xmlSecKeyDataIdListFind         (xmlSecPtrListPtr list,
+                                                                 xmlSecKeyDataId dataId);
+XMLSEC_EXPORT xmlSecKeyDataId   xmlSecKeyDataIdListFindByNode   (xmlSecPtrListPtr list,
+                                                                 const xmlChar* nodeName,
+                                                                 const xmlChar* nodeNs,
+                                                                 xmlSecKeyDataUsage usage);
+XMLSEC_EXPORT xmlSecKeyDataId   xmlSecKeyDataIdListFindByHref   (xmlSecPtrListPtr list,
+                                                                 const xmlChar* href,
+                                                                 xmlSecKeyDataUsage usage);
+XMLSEC_EXPORT xmlSecKeyDataId   xmlSecKeyDataIdListFindByName   (xmlSecPtrListPtr list,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyDataUsage usage);
+XMLSEC_EXPORT void              xmlSecKeyDataIdListDebugDump    (xmlSecPtrListPtr list,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecKeyDataIdListDebugXmlDump (xmlSecPtrListPtr list,
+                                                                 FILE* output);
 
 /**************************************************************************
  *
  * xmlSecKeyDataBinary
- * 
+ *
  * key (xmlSecBuffer) is located after xmlSecKeyData structure
  *
  *************************************************************************/
@@ -643,41 +645,41 @@ XMLSEC_EXPORT void		xmlSecKeyDataIdListDebugXmlDump	(xmlSecPtrListPtr list,
  *
  * The binary key data object size.
  */
-#define xmlSecKeyDataBinarySize	\
+#define xmlSecKeyDataBinarySize \
     (sizeof(xmlSecKeyData) + sizeof(xmlSecBuffer))
- 
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueInitialize	(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueDuplicate	(xmlSecKeyDataPtr dst,
-									xmlSecKeyDataPtr src);
-XMLSEC_EXPORT void		xmlSecKeyDataBinaryValueFinalize	(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueXmlRead		(xmlSecKeyDataId id,
-								         xmlSecKeyPtr key,
-									 xmlNodePtr node,
-								         xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueXmlWrite	(xmlSecKeyDataId id,
-									 xmlSecKeyPtr key,
-									 xmlNodePtr node,
-									 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueBinRead		(xmlSecKeyDataId id,
-									 xmlSecKeyPtr key,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize,
-									 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueBinWrite	(xmlSecKeyDataId id,
-									 xmlSecKeyPtr key,
-									 xmlSecByte** buf,
-									 xmlSecSize* bufSize,
-									 xmlSecKeyInfoCtxPtr keyInfoCtx);
-XMLSEC_EXPORT void		xmlSecKeyDataBinaryValueDebugDump	(xmlSecKeyDataPtr data,
-									FILE* output);
-XMLSEC_EXPORT void		xmlSecKeyDataBinaryValueDebugXmlDump	(xmlSecKeyDataPtr data,
-									 FILE* output);
-
-XMLSEC_EXPORT xmlSecSize	xmlSecKeyDataBinaryValueGetSize		(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecKeyDataBinaryValueGetBuffer	(xmlSecKeyDataPtr data);
-XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueSetBuffer	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueInitialize      (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueDuplicate       (xmlSecKeyDataPtr dst,
+                                                                        xmlSecKeyDataPtr src);
+XMLSEC_EXPORT void              xmlSecKeyDataBinaryValueFinalize        (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueXmlRead         (xmlSecKeyDataId id,
+                                                                         xmlSecKeyPtr key,
+                                                                         xmlNodePtr node,
+                                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueXmlWrite        (xmlSecKeyDataId id,
+                                                                         xmlSecKeyPtr key,
+                                                                         xmlNodePtr node,
+                                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueBinRead         (xmlSecKeyDataId id,
+                                                                         xmlSecKeyPtr key,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize,
+                                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueBinWrite        (xmlSecKeyDataId id,
+                                                                         xmlSecKeyPtr key,
+                                                                         xmlSecByte** buf,
+                                                                         xmlSecSize* bufSize,
+                                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT void              xmlSecKeyDataBinaryValueDebugDump       (xmlSecKeyDataPtr data,
+                                                                        FILE* output);
+XMLSEC_EXPORT void              xmlSecKeyDataBinaryValueDebugXmlDump    (xmlSecKeyDataPtr data,
+                                                                         FILE* output);
+
+XMLSEC_EXPORT xmlSecSize        xmlSecKeyDataBinaryValueGetSize         (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecKeyDataBinaryValueGetBuffer       (xmlSecKeyDataPtr data);
+XMLSEC_EXPORT int               xmlSecKeyDataBinaryValueSetBuffer       (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 
 /**************************************************************************
  *
@@ -686,28 +688,28 @@ XMLSEC_EXPORT int		xmlSecKeyDataBinaryValueSetBuffer	(xmlSecKeyDataPtr data,
  *************************************************************************/
 /**
  * xmlSecKeyDataStore:
- * @id: 		the store id (#xmlSecKeyDataStoreId).
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @id:                 the store id (#xmlSecKeyDataStoreId).
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The key data store. Key data store holds common key data specific information
- * required for key data processing. For example, X509 data store may hold 
+ * required for key data processing. For example, X509 data store may hold
  * information about trusted (root) certificates.
  */
 struct _xmlSecKeyDataStore {
-    xmlSecKeyDataStoreId		id;
+    xmlSecKeyDataStoreId                id;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
-XMLSEC_EXPORT xmlSecKeyDataStorePtr xmlSecKeyDataStoreCreate	(xmlSecKeyDataStoreId id);
-XMLSEC_EXPORT void		xmlSecKeyDataStoreDestroy	(xmlSecKeyDataStorePtr store);
+XMLSEC_EXPORT xmlSecKeyDataStorePtr xmlSecKeyDataStoreCreate    (xmlSecKeyDataStoreId id);
+XMLSEC_EXPORT void              xmlSecKeyDataStoreDestroy       (xmlSecKeyDataStorePtr store);
 
 /**
  * xmlSecKeyDataStoreGetName:
- * @store: 		the pointer to store.
+ * @store:              the pointer to store.
  *
  * Macro. Returns key data store name.
  */
@@ -717,34 +719,34 @@ XMLSEC_EXPORT void		xmlSecKeyDataStoreDestroy	(xmlSecKeyDataStorePtr store);
 
 /**
  * xmlSecKeyDataStoreIsValid:
- * @store: 		the pointer to store.
+ * @store:              the pointer to store.
  *
  * Macro. Returns 1 if @store is not NULL and @store->id is not NULL
  * or 0 otherwise.
- */ 
+ */
 #define xmlSecKeyDataStoreIsValid(store) \
-	((( store ) != NULL) && ((( store )->id) != NULL))
+        ((( store ) != NULL) && ((( store )->id) != NULL))
 /**
  * xmlSecKeyDataStoreCheckId:
- * @store: 		the pointer to store.
- * @storeId: 		the store Id.
+ * @store:              the pointer to store.
+ * @storeId:            the store Id.
  *
  * Macro. Returns 1 if @store is valid and @store's id is equal to @storeId.
  */
 #define xmlSecKeyDataStoreCheckId(store, storeId) \
- 	(xmlSecKeyDataStoreIsValid(( store )) && \
-	((( store )->id) == ( storeId )))
+        (xmlSecKeyDataStoreIsValid(( store )) && \
+        ((( store )->id) == ( storeId )))
 
 /**
  * xmlSecKeyDataStoreCheckSize:
- * @store: 		the pointer to store.
- * @size: 		the expected size.
+ * @store:              the pointer to store.
+ * @size:               the expected size.
  *
  * Macro. Returns 1 if @data is valid and @stores's object has at least @size bytes.
  */
 #define xmlSecKeyDataStoreCheckSize(store, size) \
- 	(xmlSecKeyDataStoreIsValid(( store )) && \
-	 (( store )->id->objSize >= size))
+        (xmlSecKeyDataStoreIsValid(( store )) && \
+         (( store )->id->objSize >= size))
 
 
 /**************************************************************************
@@ -757,62 +759,62 @@ XMLSEC_EXPORT void		xmlSecKeyDataStoreDestroy	(xmlSecKeyDataStorePtr store);
  *
  * The "unknown" id.
  */
-#define xmlSecKeyDataStoreIdUnknown 			NULL
+#define xmlSecKeyDataStoreIdUnknown                     NULL
 
-/** 
+/**
  * xmlSecKeyDataStoreInitializeMethod:
- * @store: 		the data store.
+ * @store:              the data store.
  *
  * Key data store specific initialization method.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyDataStoreInitializeMethod)	(xmlSecKeyDataStorePtr store);
+typedef int                     (*xmlSecKeyDataStoreInitializeMethod)   (xmlSecKeyDataStorePtr store);
 
-/** 
+/**
  * xmlSecKeyDataStoreFinalizeMethod:
- * @store: 		the data store.
+ * @store:              the data store.
  *
  * Key data store specific finalization (destroy) method.
  */
-typedef void			(*xmlSecKeyDataStoreFinalizeMethod)	(xmlSecKeyDataStorePtr store);
+typedef void                    (*xmlSecKeyDataStoreFinalizeMethod)     (xmlSecKeyDataStorePtr store);
 
 /**
  * xmlSecKeyDataStoreKlass:
- * @klassSize:		the data store klass size.
- * @objSize:		the data store obj size.
- * @name:		the store's name.
- * @initialize:		the store's initialization method.
- * @finalize:		the store's finalization (destroy) method.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @klassSize:          the data store klass size.
+ * @objSize:            the data store obj size.
+ * @name:               the store's name.
+ * @initialize:         the store's initialization method.
+ * @finalize:           the store's finalization (destroy) method.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The data store id (klass).
  */
 struct _xmlSecKeyDataStoreKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
 
     /* data */
-    const xmlChar*			name;    
-        
+    const xmlChar*                      name;
+
     /* constructors/destructor */
-    xmlSecKeyDataStoreInitializeMethod	initialize;
-    xmlSecKeyDataStoreFinalizeMethod	finalize;
+    xmlSecKeyDataStoreInitializeMethod  initialize;
+    xmlSecKeyDataStoreFinalizeMethod    finalize;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
 /**
  * xmlSecKeyDataStoreKlassGetName:
- * @klass:		the pointer to store klass.
- * 
+ * @klass:              the pointer to store klass.
+ *
  * Macro. Returns store klass name.
  */
 #define xmlSecKeyDataStoreKlassGetName(klass) \
-	(((klass)) ? ((klass)->name) : NULL)
+        (((klass)) ? ((klass)->name) : NULL)
 
 /***********************************************************************
  *
@@ -824,8 +826,8 @@ struct _xmlSecKeyDataStoreKlass {
  *
  * The data store list id (klass).
  */
-#define xmlSecKeyDataStorePtrListId	xmlSecKeyDataStorePtrListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecKeyDataStorePtrListGetKlass	(void);
+#define xmlSecKeyDataStorePtrListId     xmlSecKeyDataStorePtrListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecKeyDataStorePtrListGetKlass       (void);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/keysmngr.h b/include/xmlsec/keysmngr.h
index 3a999324..289da4c1 100644
--- a/include/xmlsec/keysmngr.h
+++ b/include/xmlsec/keysmngr.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Keys Manager
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_KEYSMGMR_H__
-#define __XMLSEC_KEYSMGMR_H__    
+#define __XMLSEC_KEYSMGMR_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/list.h>
@@ -21,10 +21,10 @@ extern "C" {
 #include <xmlsec/keysdata.h>
 #include <xmlsec/keyinfo.h>
 
-typedef const struct _xmlSecKeyKlass 			xmlSecKeyKlass, 
-							*xmlSecKeyId; 
-typedef const struct _xmlSecKeyStoreKlass 		xmlSecKeyStoreKlass, 
-							*xmlSecKeyStoreId; 
+typedef const struct _xmlSecKeyKlass                    xmlSecKeyKlass,
+                                                        *xmlSecKeyId;
+typedef const struct _xmlSecKeyStoreKlass               xmlSecKeyStoreKlass,
+                                                        *xmlSecKeyStoreId;
 
 
 /****************************************************************************
@@ -32,52 +32,52 @@ typedef const struct _xmlSecKeyStoreKlass 		xmlSecKeyStoreKlass,
  * Keys Manager
  *
  ***************************************************************************/
-XMLSEC_EXPORT xmlSecKeysMngrPtr 	xmlSecKeysMngrCreate		(void);
-XMLSEC_EXPORT void			xmlSecKeysMngrDestroy		(xmlSecKeysMngrPtr mngr);
+XMLSEC_EXPORT xmlSecKeysMngrPtr         xmlSecKeysMngrCreate            (void);
+XMLSEC_EXPORT void                      xmlSecKeysMngrDestroy           (xmlSecKeysMngrPtr mngr);
 
-XMLSEC_EXPORT xmlSecKeyPtr		xmlSecKeysMngrFindKey		(xmlSecKeysMngrPtr mngr,
-									 const xmlChar* name,
-									 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT xmlSecKeyPtr              xmlSecKeysMngrFindKey           (xmlSecKeysMngrPtr mngr,
+                                                                         const xmlChar* name,
+                                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
 
-XMLSEC_EXPORT int			xmlSecKeysMngrAdoptKeysStore	(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyStorePtr store);
-XMLSEC_EXPORT xmlSecKeyStorePtr		xmlSecKeysMngrGetKeysStore	(xmlSecKeysMngrPtr mngr);
+XMLSEC_EXPORT int                       xmlSecKeysMngrAdoptKeysStore    (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyStorePtr store);
+XMLSEC_EXPORT xmlSecKeyStorePtr         xmlSecKeysMngrGetKeysStore      (xmlSecKeysMngrPtr mngr);
 
-XMLSEC_EXPORT int			xmlSecKeysMngrAdoptDataStore	(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyDataStorePtr store);
-XMLSEC_EXPORT xmlSecKeyDataStorePtr	xmlSecKeysMngrGetDataStore	(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyDataStoreId id);
+XMLSEC_EXPORT int                       xmlSecKeysMngrAdoptDataStore    (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyDataStorePtr store);
+XMLSEC_EXPORT xmlSecKeyDataStorePtr     xmlSecKeysMngrGetDataStore      (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyDataStoreId id);
 
 /**
  * xmlSecGetKeyCallback:
- * @keyInfoNode: 		the pointer to <dsig:KeyInfo/> node.
- * @keyInfoCtx:			the pointer to <dsig:KeyInfo/> node processing context.
+ * @keyInfoNode:                the pointer to <dsig:KeyInfo/> node.
+ * @keyInfoCtx:                 the pointer to <dsig:KeyInfo/> node processing context.
  *
  * Reads the <dsig:KeyInfo/> node @keyInfoNode and extracts the key.
  *
- * Returns: the pointer to key or NULL if the key is not found or 
+ * Returns: the pointer to key or NULL if the key is not found or
  * an error occurs.
  */
-typedef xmlSecKeyPtr 	(*xmlSecGetKeyCallback)		(xmlNodePtr keyInfoNode,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
+typedef xmlSecKeyPtr    (*xmlSecGetKeyCallback)         (xmlNodePtr keyInfoNode,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 /**
  * xmlSecKeysMngr:
- * @keysStore:			the key store (list of keys known to keys manager).
- * @storesList:			the list of key data stores known to keys manager.
- * @getKey: 			the callback used to read <dsig:KeyInfo/> node.
+ * @keysStore:                  the key store (list of keys known to keys manager).
+ * @storesList:                 the list of key data stores known to keys manager.
+ * @getKey:                     the callback used to read <dsig:KeyInfo/> node.
  *
  * The keys manager structure.
  */
-struct _xmlSecKeysMngr {	
-    xmlSecKeyStorePtr		keysStore;	
-    xmlSecPtrList		storesList;	
-    xmlSecGetKeyCallback	getKey;		
+struct _xmlSecKeysMngr {
+    xmlSecKeyStorePtr           keysStore;
+    xmlSecPtrList               storesList;
+    xmlSecGetKeyCallback        getKey;
 };
 
 
-XMLSEC_EXPORT xmlSecKeyPtr 	xmlSecKeysMngrGetKey	(xmlNodePtr keyInfoNode,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeysMngrGetKey    (xmlNodePtr keyInfoNode,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 
 /**************************************************************************
@@ -87,28 +87,28 @@ XMLSEC_EXPORT xmlSecKeyPtr 	xmlSecKeysMngrGetKey	(xmlNodePtr keyInfoNode,
  *************************************************************************/
 /**
  * xmlSecKeyStore:
- * @id: 		the store id (#xmlSecKeyStoreId).
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @id:                 the store id (#xmlSecKeyStoreId).
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
- * The keys store. 
+ * The keys store.
  */
 struct _xmlSecKeyStore {
-    xmlSecKeyStoreId			id;
+    xmlSecKeyStoreId                    id;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
-XMLSEC_EXPORT xmlSecKeyStorePtr xmlSecKeyStoreCreate		(xmlSecKeyStoreId id);
-XMLSEC_EXPORT void		xmlSecKeyStoreDestroy		(xmlSecKeyStorePtr store);
-XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyStoreFindKey		(xmlSecKeyStorePtr store,
-								 const xmlChar* name,
- 								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+XMLSEC_EXPORT xmlSecKeyStorePtr xmlSecKeyStoreCreate            (xmlSecKeyStoreId id);
+XMLSEC_EXPORT void              xmlSecKeyStoreDestroy           (xmlSecKeyStorePtr store);
+XMLSEC_EXPORT xmlSecKeyPtr      xmlSecKeyStoreFindKey           (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 /**
  * xmlSecKeyStoreGetName:
- * @store: 		the pointer to store.
+ * @store:              the pointer to store.
  *
  * Macro. Returns key store name.
  */
@@ -118,34 +118,34 @@ XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyStoreFindKey		(xmlSecKeyStorePtr store,
 
 /**
  * xmlSecKeyStoreIsValid:
- * @store: 		the pointer to store.
+ * @store:              the pointer to store.
  *
  * Macro. Returns 1 if @store is not NULL and @store->id is not NULL
  * or 0 otherwise.
- */ 
+ */
 #define xmlSecKeyStoreIsValid(store) \
-	((( store ) != NULL) && ((( store )->id) != NULL))
+        ((( store ) != NULL) && ((( store )->id) != NULL))
 /**
  * xmlSecKeyStoreCheckId:
- * @store: 		the pointer to store.
- * @storeId: 		the store Id.
+ * @store:              the pointer to store.
+ * @storeId:            the store Id.
  *
  * Macro. Returns 1 if @store is valid and @store's id is equal to @storeId.
  */
 #define xmlSecKeyStoreCheckId(store, storeId) \
- 	(xmlSecKeyStoreIsValid(( store )) && \
-	((( store )->id) == ( storeId )))
+        (xmlSecKeyStoreIsValid(( store )) && \
+        ((( store )->id) == ( storeId )))
 
 /**
  * xmlSecKeyStoreCheckSize:
- * @store: 		the pointer to store.
- * @size: 		the expected size.
+ * @store:              the pointer to store.
+ * @size:               the expected size.
  *
  * Macro. Returns 1 if @store is valid and @stores's object has at least @size bytes.
  */
 #define xmlSecKeyStoreCheckSize(store, size) \
- 	(xmlSecKeyStoreIsValid(( store )) && \
-	 (( store )->id->objSize >= size))
+        (xmlSecKeyStoreIsValid(( store )) && \
+         (( store )->id->objSize >= size))
 
 
 /**************************************************************************
@@ -158,79 +158,79 @@ XMLSEC_EXPORT xmlSecKeyPtr	xmlSecKeyStoreFindKey		(xmlSecKeyStorePtr store,
  *
  * The "unknown" id.
  */
-#define xmlSecKeyStoreIdUnknown 			((xmlSecKeyDataStoreId)NULL)
+#define xmlSecKeyStoreIdUnknown                         ((xmlSecKeyDataStoreId)NULL)
 
-/** 
+/**
  * xmlSecKeyStoreInitializeMethod:
- * @store: 		the store.
+ * @store:              the store.
  *
  * Keys store specific initialization method.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-typedef int			(*xmlSecKeyStoreInitializeMethod)	(xmlSecKeyStorePtr store);
+typedef int                     (*xmlSecKeyStoreInitializeMethod)       (xmlSecKeyStorePtr store);
 
-/** 
+/**
  * xmlSecKeyStoreFinalizeMethod:
- * @store: 		the store.
+ * @store:              the store.
  *
  * Keys store specific finalization (destroy) method.
  */
-typedef void			(*xmlSecKeyStoreFinalizeMethod)		(xmlSecKeyStorePtr store);
+typedef void                    (*xmlSecKeyStoreFinalizeMethod)         (xmlSecKeyStorePtr store);
 
-/** 
+/**
  * xmlSecKeyStoreFindKeyMethod:
- * @store: 		the store.
- * @name:		the desired key name.
- * @keyInfoCtx: 	the pointer to key info context.
+ * @store:              the store.
+ * @name:               the desired key name.
+ * @keyInfoCtx:         the pointer to key info context.
  *
- * Keys store specific find method. The caller is responsible for destroying 
+ * Keys store specific find method. The caller is responsible for destroying
  * the returned key using #xmlSecKeyDestroy method.
  *
  * Returns: the pointer to a key or NULL if key is not found or an error occurs.
  */
-typedef xmlSecKeyPtr		(*xmlSecKeyStoreFindKeyMethod)	(xmlSecKeyStorePtr store,
-								 const xmlChar* name,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+typedef xmlSecKeyPtr            (*xmlSecKeyStoreFindKeyMethod)  (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 /**
  * xmlSecKeyStoreKlass:
- * @klassSize:		the store klass size.
- * @objSize:		the store obj size.
- * @name:		the store's name.
- * @initialize:		the store's initialization method.
- * @finalize:		the store's finalization (destroy) method.
- * @findKey:		the store's find method.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @klassSize:          the store klass size.
+ * @objSize:            the store obj size.
+ * @name:               the store's name.
+ * @initialize:         the store's initialization method.
+ * @finalize:           the store's finalization (destroy) method.
+ * @findKey:            the store's find method.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The keys store id (klass).
  */
 struct _xmlSecKeyStoreKlass {
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
 
     /* data */
-    const xmlChar*			name;    
-        
+    const xmlChar*                      name;
+
     /* constructors/destructor */
-    xmlSecKeyStoreInitializeMethod	initialize;
-    xmlSecKeyStoreFinalizeMethod	finalize;
-    xmlSecKeyStoreFindKeyMethod		findKey;
+    xmlSecKeyStoreInitializeMethod      initialize;
+    xmlSecKeyStoreFinalizeMethod        finalize;
+    xmlSecKeyStoreFindKeyMethod         findKey;
 
     /* for the future */
-    void*				reserved0;
-    void*				reserved1;
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
 /**
  * xmlSecKeyStoreKlassGetName:
- * @klass:		the pointer to store klass.
- * 
+ * @klass:              the pointer to store klass.
+ *
  * Macro. Returns store klass name.
  */
 #define xmlSecKeyStoreKlassGetName(klass) \
-	(((klass)) ? ((klass)->name) : NULL)
+        (((klass)) ? ((klass)->name) : NULL)
 
 
 /****************************************************************************
@@ -243,17 +243,17 @@ struct _xmlSecKeyStoreKlass {
  *
  * A simple keys store klass id.
  */
-#define xmlSecSimpleKeysStoreId		xmlSecSimpleKeysStoreGetKlass()
-XMLSEC_EXPORT xmlSecKeyStoreId		xmlSecSimpleKeysStoreGetKlass	(void);
-XMLSEC_EXPORT int			xmlSecSimpleKeysStoreAdoptKey	(xmlSecKeyStorePtr store,
-									 xmlSecKeyPtr key);
-XMLSEC_EXPORT int			xmlSecSimpleKeysStoreLoad 	(xmlSecKeyStorePtr store,
-									 const char *uri,
-									 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT int			xmlSecSimpleKeysStoreSave	(xmlSecKeyStorePtr store, 
-									 const char *filename,
-									 xmlSecKeyDataType type);
-XMLSEC_EXPORT xmlSecPtrListPtr		xmlSecSimpleKeysStoreGetKeys	(xmlSecKeyStorePtr store);
+#define xmlSecSimpleKeysStoreId         xmlSecSimpleKeysStoreGetKlass()
+XMLSEC_EXPORT xmlSecKeyStoreId          xmlSecSimpleKeysStoreGetKlass   (void);
+XMLSEC_EXPORT int                       xmlSecSimpleKeysStoreAdoptKey   (xmlSecKeyStorePtr store,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_EXPORT int                       xmlSecSimpleKeysStoreLoad       (xmlSecKeyStorePtr store,
+                                                                         const char *uri,
+                                                                         xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT int                       xmlSecSimpleKeysStoreSave       (xmlSecKeyStorePtr store,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_EXPORT xmlSecPtrListPtr          xmlSecSimpleKeysStoreGetKeys    (xmlSecKeyStorePtr store);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/list.h b/include/xmlsec/list.h
index 47fa6d8d..fed98706 100644
--- a/include/xmlsec/list.h
+++ b/include/xmlsec/list.h
@@ -1,105 +1,107 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * List of pointers.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_LIST_H__
-#define __XMLSEC_LIST_H__    
+#define __XMLSEC_LIST_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
 
-typedef const struct _xmlSecPtrListKlass			xmlSecPtrListKlass, 
-								*xmlSecPtrListId;
-typedef struct _xmlSecPtrList 					xmlSecPtrList, 
-								*xmlSecPtrListPtr;
+typedef const struct _xmlSecPtrListKlass                        xmlSecPtrListKlass,
+                                                                *xmlSecPtrListId;
+typedef struct _xmlSecPtrList                                   xmlSecPtrList,
+                                                                *xmlSecPtrListPtr;
 
 /**
  * xmlSecPtrList:
- * @id:				the list items description.
- * @data:			the list data.
- * @use:			the current list size.
- * @max:			the max (allocated) list size.
- * @allocMode:			the memory allocation mode.
- * 
+ * @id:                         the list items description.
+ * @data:                       the list data.
+ * @use:                        the current list size.
+ * @max:                        the max (allocated) list size.
+ * @allocMode:                  the memory allocation mode.
+ *
  * The pointers list.
  */
 struct _xmlSecPtrList {
-    xmlSecPtrListId		id;        
+    xmlSecPtrListId             id;
 
-    xmlSecPtr*			data;
-    xmlSecSize			use;
-    xmlSecSize			max;
-    xmlSecAllocMode 		allocMode;
+    xmlSecPtr*                  data;
+    xmlSecSize                  use;
+    xmlSecSize                  max;
+    xmlSecAllocMode             allocMode;
 };
 
-XMLSEC_EXPORT void		xmlSecPtrListSetDefaultAllocMode(xmlSecAllocMode defAllocMode,
-								 xmlSecSize defInitialSize);
-
-
-XMLSEC_EXPORT int		xmlSecPtrListInitialize		(xmlSecPtrListPtr list,
-								 xmlSecPtrListId id);
-XMLSEC_EXPORT void		xmlSecPtrListFinalize		(xmlSecPtrListPtr list);
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecPtrListCreate		(xmlSecPtrListId id);
-XMLSEC_EXPORT void		xmlSecPtrListDestroy		(xmlSecPtrListPtr list);
-XMLSEC_EXPORT void		xmlSecPtrListEmpty		(xmlSecPtrListPtr list);
-
-XMLSEC_EXPORT int		xmlSecPtrListCopy		(xmlSecPtrListPtr dst,
-								 xmlSecPtrListPtr src);
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecPtrListDuplicate		(xmlSecPtrListPtr list);
-
-XMLSEC_EXPORT xmlSecSize	xmlSecPtrListGetSize		(xmlSecPtrListPtr list);
-XMLSEC_EXPORT xmlSecPtr		xmlSecPtrListGetItem		(xmlSecPtrListPtr list,
-							         xmlSecSize pos);
-XMLSEC_EXPORT int		xmlSecPtrListAdd		(xmlSecPtrListPtr list,
-								 xmlSecPtr item);
-XMLSEC_EXPORT int		xmlSecPtrListSet		(xmlSecPtrListPtr list,
-								 xmlSecPtr item,
-								 xmlSecSize pos);
-XMLSEC_EXPORT int		xmlSecPtrListRemove		(xmlSecPtrListPtr list,
-							    	 xmlSecSize pos);
-XMLSEC_EXPORT void		xmlSecPtrListDebugDump		(xmlSecPtrListPtr list,
-    								 FILE* output);
-XMLSEC_EXPORT void		xmlSecPtrListDebugXmlDump	(xmlSecPtrListPtr list,
- 								 FILE* output);
+XMLSEC_EXPORT void              xmlSecPtrListSetDefaultAllocMode(xmlSecAllocMode defAllocMode,
+                                                                 xmlSecSize defInitialSize);
+
+
+XMLSEC_EXPORT int               xmlSecPtrListInitialize         (xmlSecPtrListPtr list,
+                                                                 xmlSecPtrListId id);
+XMLSEC_EXPORT void              xmlSecPtrListFinalize           (xmlSecPtrListPtr list);
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecPtrListCreate             (xmlSecPtrListId id);
+XMLSEC_EXPORT void              xmlSecPtrListDestroy            (xmlSecPtrListPtr list);
+XMLSEC_EXPORT void              xmlSecPtrListEmpty              (xmlSecPtrListPtr list);
+
+XMLSEC_EXPORT int               xmlSecPtrListCopy               (xmlSecPtrListPtr dst,
+                                                                 xmlSecPtrListPtr src);
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecPtrListDuplicate          (xmlSecPtrListPtr list);
+
+XMLSEC_EXPORT xmlSecSize        xmlSecPtrListGetSize            (xmlSecPtrListPtr list);
+XMLSEC_EXPORT xmlSecPtr         xmlSecPtrListGetItem            (xmlSecPtrListPtr list,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT int               xmlSecPtrListAdd                (xmlSecPtrListPtr list,
+                                                                 xmlSecPtr item);
+XMLSEC_EXPORT int               xmlSecPtrListSet                (xmlSecPtrListPtr list,
+                                                                 xmlSecPtr item,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT int               xmlSecPtrListRemove             (xmlSecPtrListPtr list,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT xmlSecPtr         xmlSecPtrListRemoveAndReturn    (xmlSecPtrListPtr list,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT void              xmlSecPtrListDebugDump          (xmlSecPtrListPtr list,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecPtrListDebugXmlDump       (xmlSecPtrListPtr list,
+                                                                 FILE* output);
 
 /**
  * xmlSecPtrListGetName:
- * @list: 		the ponter to list.
- * 
+ * @list:               the ponter to list.
+ *
  * Macro. Returns lists's name.
  */
 #define xmlSecPtrListGetName(list) \
-	(((list) != NULL) ? xmlSecPtrListKlassGetName((list)->id) : NULL)
+        (((list) != NULL) ? xmlSecPtrListKlassGetName((list)->id) : NULL)
 
 /**
  * xmlSecPtrListIsValid:
- * @list: 		the pointer to list.
+ * @list:               the pointer to list.
  *
  * Macro. Returns 1 if @list is not NULL and @list->id is not NULL
  * or 0 otherwise.
- */ 
+ */
 #define xmlSecPtrListIsValid(list) \
-	((( list ) != NULL) && ((( list )->id) != NULL))
+        ((( list ) != NULL) && ((( list )->id) != NULL))
 /**
  * xmlSecPtrListCheckId:
- * @list: 		the pointer to list.
- * @dataId: 		the list Id.
+ * @list:               the pointer to list.
+ * @dataId:             the list Id.
  *
  * Macro. Returns 1 if @list is valid and @list's id is equal to @dataId.
  */
 #define xmlSecPtrListCheckId(list, dataId) \
- 	(xmlSecPtrListIsValid(( list )) && \
-	((( list )->id) == ( dataId )))
+        (xmlSecPtrListIsValid(( list )) && \
+        ((( list )->id) == ( dataId )))
 
 
 /**************************************************************************
@@ -112,63 +114,63 @@ XMLSEC_EXPORT void		xmlSecPtrListDebugXmlDump	(xmlSecPtrListPtr list,
  *
  * The "unknown" id.
  */
-#define xmlSecPtrListIdUnknown 			NULL
+#define xmlSecPtrListIdUnknown                  NULL
 
 /**
  * xmlSecPtrDuplicateItemMethod:
- * @ptr:		the poinetr to list item.
+ * @ptr:                the poinetr to list item.
  *
  * Duplicates item @ptr.
  *
  * Returns: pointer to new item copy or NULL if an error occurs.
  */
-typedef xmlSecPtr		(*xmlSecPtrDuplicateItemMethod)	(xmlSecPtr ptr);
+typedef xmlSecPtr               (*xmlSecPtrDuplicateItemMethod) (xmlSecPtr ptr);
 
 /**
  * xmlSecPtrDestroyItemMethod:
- * @ptr:		the poinetr to list item.
+ * @ptr:                the poinetr to list item.
  *
  * Destroys list item @ptr.
  */
-typedef void			(*xmlSecPtrDestroyItemMethod)	(xmlSecPtr ptr);
+typedef void                    (*xmlSecPtrDestroyItemMethod)   (xmlSecPtr ptr);
 
 /**
  * xmlSecPtrDebugDumpItemMethod:
- * @ptr:		the poinetr to list item.
- * @output:		the output FILE.
+ * @ptr:                the poinetr to list item.
+ * @output:             the output FILE.
  *
  * Prints debug information about @item to @output.
  */
-typedef void			(*xmlSecPtrDebugDumpItemMethod)	(xmlSecPtr ptr,
-								 FILE* output);
+typedef void                    (*xmlSecPtrDebugDumpItemMethod) (xmlSecPtr ptr,
+                                                                 FILE* output);
 
 /**
- * xmlSecPtrListKlass: 
- * @name:		the list klass name.
- * @duplicateItem:	the duplciate item method.
- * @destroyItem:	the destroy item method.
- * @debugDumpItem:	the debug dump item method.
- * @debugXmlDumpItem:	the debug dump item in xml format method.
+ * xmlSecPtrListKlass:
+ * @name:               the list klass name.
+ * @duplicateItem:      the duplciate item method.
+ * @destroyItem:        the destroy item method.
+ * @debugDumpItem:      the debug dump item method.
+ * @debugXmlDumpItem:   the debug dump item in xml format method.
  *
  * List klass.
  */
 struct _xmlSecPtrListKlass {
-    const xmlChar*			name;
-    xmlSecPtrDuplicateItemMethod	duplicateItem;
-    xmlSecPtrDestroyItemMethod		destroyItem;
-    xmlSecPtrDebugDumpItemMethod	debugDumpItem;
-    xmlSecPtrDebugDumpItemMethod	debugXmlDumpItem;
+    const xmlChar*                      name;
+    xmlSecPtrDuplicateItemMethod        duplicateItem;
+    xmlSecPtrDestroyItemMethod          destroyItem;
+    xmlSecPtrDebugDumpItemMethod        debugDumpItem;
+    xmlSecPtrDebugDumpItemMethod        debugXmlDumpItem;
 };
 
 /**
- * xmlSecPtrListKlassGetName: 
- * @klass:		the list klass.
+ * xmlSecPtrListKlassGetName:
+ * @klass:              the list klass.
  *2
- 
+
  * Macro. Returns the list klass name.
  */
 #define xmlSecPtrListKlassGetName(klass) \
-	(((klass) != NULL) ? ((klass)->name) : NULL)
+        (((klass) != NULL) ? ((klass)->name) : NULL)
 
 /**************************************************************************
  *
@@ -181,8 +183,8 @@ struct _xmlSecPtrListKlass {
  * Strings list klass.
  */
 #define xmlSecStringListId \
-	xmlSecStringListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecStringListGetKlass	(void);
+        xmlSecStringListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecStringListGetKlass        (void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/membuf.h b/include/xmlsec/membuf.h
index 4242f4fd..fbe6da41 100644
--- a/include/xmlsec/membuf.h
+++ b/include/xmlsec/membuf.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Memory buffer transform
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_MEMBUF_H__
-#define __XMLSEC_MEMBUF_H__    
+#define __XMLSEC_MEMBUF_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -23,18 +23,18 @@ extern "C" {
 
 /********************************************************************
  *
- * Memory Buffer transform 
+ * Memory Buffer transform
  *
  *******************************************************************/
 /**
  * xmlSecTransformMemBufId:
- * 
+ *
  * The Memory Buffer transform klass.
  */
 #define xmlSecTransformMemBufId \
-	xmlSecTransformMemBufGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformMemBufGetKlass		(void);
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecTransformMemBufGetBuffer		(xmlSecTransformPtr transform);
+        xmlSecTransformMemBufGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformMemBufGetKlass           (void);
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecTransformMemBufGetBuffer          (xmlSecTransformPtr transform);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/mscrypto/Makefile.in b/include/xmlsec/mscrypto/Makefile.in
index 1570c0f0..235bc0c8 100644
--- a/include/xmlsec/mscrypto/Makefile.in
+++ b/include/xmlsec/mscrypto/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec/mscrypto
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(xmlsecmscryptoinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -68,6 +77,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecmscryptoincdir)"
 HEADERS = $(xmlsecmscryptoinc_HEADERS)
 ETAGS = etags
@@ -75,6 +90,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -89,6 +105,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -97,6 +114,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -127,6 +148,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -158,8 +180,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -167,7 +191,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -186,6 +209,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -195,6 +220,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -230,6 +256,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -262,7 +289,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -345,9 +371,7 @@ uninstall-xmlsecmscryptoincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecmscryptoinc_HEADERS)'; test -n "$(xmlsecmscryptoincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecmscryptoincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecmscryptoincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecmscryptoincdir)'; $(am__uninstall_files_from_dir)
 
 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -448,10 +472,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/mscrypto/app.h b/include/xmlsec/mscrypto/app.h
index 964cffcf..3d23d0e5 100644
--- a/include/xmlsec/mscrypto/app.h
+++ b/include/xmlsec/mscrypto/app.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_APP_H__
-#define __XMLSEC_MSCRYPTO_APP_H__    
+#define __XMLSEC_MSCRYPTO_APP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
@@ -21,98 +21,92 @@ extern "C" {
 #include <windows.h>
 #include <wincrypt.h>
 
-/**
+/********************************************************************
+ *
  * Init/shutdown
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppInit				(const char* config);
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppShutdown			(void);
-XMLSEC_CRYPTO_EXPORT const char*xmlSecMSCryptoAppGetCertStoreName		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppInit                           (const char* config);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppShutdown                       (void);
+XMLSEC_CRYPTO_EXPORT LPCTSTR    xmlSecMSCryptoAppGetCertStoreName               (void);
 
-/** 
+/********************************************************************
+ *
  * Keys Manager
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppDefaultKeysMngrInit(
-                                    xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrAdoptKey(
-                                    xmlSecKeysMngrPtr mngr,
-                                    xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrLoad(
-                                    xmlSecKeysMngrPtr mngr,
-									const char* uri);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrSave(
-                                    xmlSecKeysMngrPtr mngr,
-									const char* filename,
-									xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad(

-                                    xmlSecKeysMngrPtr mngr,

-                                    HCRYPTKEY hKey);

-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad(

-                                    xmlSecKeysMngrPtr mngr,

-                                    HCRYPTKEY hKey);

-XMLSEC_CRYPTO_EXPORT int 	xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad(

-                                    xmlSecKeysMngrPtr mngr,

-                                    HCRYPTKEY hKey);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrInit            (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrAdoptKey        (xmlSecKeysMngrPtr mngr,
+                                                                                 xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrLoad            (xmlSecKeysMngrPtr mngr,
+                                                                                 const char* uri);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrSave            (xmlSecKeysMngrPtr mngr,
+                                                                                 const char* filename,
+                                                                                 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad  (xmlSecKeysMngrPtr mngr,
+                                                                                 HCRYPTKEY hKey);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad   (xmlSecKeysMngrPtr mngr,
+                                                                                 HCRYPTKEY hKey);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad      (xmlSecKeysMngrPtr mngr,
+                                                                                 HCRYPTKEY hKey);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT int    xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore(

-                                    xmlSecKeysMngrPtr mngr,

-                                    HCERTSTORE keyStore);

-

-XMLSEC_CRYPTO_EXPORT int    xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore(

-                                    xmlSecKeysMngrPtr mngr, 

-                                    HCERTSTORE trustedStore);

-

-XMLSEC_CRYPTO_EXPORT int    xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore(

-                                    xmlSecKeysMngrPtr mngr,

-                                    HCERTSTORE untrustedStore);

+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore   (xmlSecKeysMngrPtr mngr,
+                                                                                 HCERTSTORE keyStore);
+
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore(xmlSecKeysMngrPtr mngr,
+                                                                                 HCERTSTORE trustedStore);
+
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore(xmlSecKeysMngrPtr mngr,
+                                                                                 HCERTSTORE untrustedStore);
+
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppKeysMngrCertLoad               (xmlSecKeysMngrPtr mngr,
+                                                                                 const char *filename,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppKeysMngrCertLoadMemory         (xmlSecKeysMngrPtr mngr,
+                                                                                 const xmlSecByte* data,
+                                                                                 xmlSecSize dataSize,
+                                                                                 xmlSecKeyDataFormat format,
+                                                                                 xmlSecKeyDataType type);
 
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppKeysMngrCertLoad(
-                                    xmlSecKeysMngrPtr mngr, 
-									const char *filename, 
-									xmlSecKeyDataFormat format, 
-									xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppKeysMngrCertLoadMemory(
-                                    xmlSecKeysMngrPtr mngr, 
-									const xmlSecByte* data,
-									xmlSecSize dataSize, 
-									xmlSecKeyDataFormat format,
-									xmlSecKeyDataType type);
-

 #endif /* XMLSEC_NO_X509 */
 
 
-/** 
+/********************************************************************
+ *
  * Keys
- */
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppKeyLoad		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppKeyLoadMemory	(const xmlSecByte* data, 
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppKeyLoad              (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppKeyLoadMemory        (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppPkcs12Load		(const char *filename, 
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppPkcs12LoadMemory	(const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppKeyCertLoad		(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int	xmlSecMSCryptoAppKeyCertLoadMemory	(xmlSecKeyPtr key,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppPkcs12Load           (const char *filename,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecMSCryptoAppPkcs12LoadMemory     (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppKeyCertLoad            (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int        xmlSecMSCryptoAppKeyCertLoadMemory      (xmlSecKeyPtr key,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
-XMLSEC_CRYPTO_EXPORT void*	xmlSecMSCryptoAppGetDefaultPwdCallback	(void);
+XMLSEC_CRYPTO_EXPORT void*      xmlSecMSCryptoAppGetDefaultPwdCallback  (void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/mscrypto/certkeys.h b/include/xmlsec/mscrypto/certkeys.h
index 4ae85240..1f285656 100644
--- a/include/xmlsec/mscrypto/certkeys.h
+++ b/include/xmlsec/mscrypto/certkeys.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_CERTKEYS_H__
-#define __XMLSEC_MSCRYPTO_CERTKEYS_H__    
+#define __XMLSEC_MSCRYPTO_CERTKEYS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <windows.h>
 #include <wincrypt.h>
@@ -20,12 +20,18 @@ extern "C" {
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
 
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT 	xmlSecMSCryptoKeyDataGetCert	(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT HCRYPTKEY 		xmlSecMSCryptoKeyDataGetKey	(xmlSecKeyDataPtr data, 
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT HCRYPTKEY	xmlSecMSCryptoKeyDataGetDecryptKey(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT 	xmlSecMSCryptoCertDup		(PCCERT_CONTEXT pCert);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr 	xmlSecMSCryptoCertAdopt		(PCCERT_CONTEXT pCert, xmlSecKeyDataType type);
+
+XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT     xmlSecMSCryptoKeyDataGetCert    (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT HCRYPTKEY          xmlSecMSCryptoKeyDataGetKey     (xmlSecKeyDataPtr data,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT HCRYPTKEY          xmlSecMSCryptoKeyDataGetDecryptKey(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT     xmlSecMSCryptoCertDup           (PCCERT_CONTEXT pCert);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecMSCryptoCertAdopt         (PCCERT_CONTEXT pCert, 
+                                                                         xmlSecKeyDataType type);
+
+XMLSEC_CRYPTO_EXPORT HCRYPTPROV         xmlSecMSCryptoKeyDataGetMSCryptoProvider(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT DWORD              xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(xmlSecKeyDataPtr data);
+
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/mscrypto/crypto.h b/include/xmlsec/mscrypto/crypto.h
index 28d792aa..5f3142fc 100644
--- a/include/xmlsec/mscrypto/crypto.h
+++ b/include/xmlsec/mscrypto/crypto.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_CRYPTO_H__
-#define __XMLSEC_MSCRYPTO_CRYPTO_H__    
+#define __XMLSEC_MSCRYPTO_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <windows.h>
 #include <wincrypt.h>
@@ -21,34 +21,43 @@ extern "C" {
 #include <xmlsec/transforms.h>
 #include <xmlsec/dl.h>
 
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoGetFunctions_mscrypto(void);
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_mscrypto(void);
 
-/**
+/********************************************************************
+ *
  * Init shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoInit		(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoShutdown		(void);
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoGenerateRandom	(xmlSecBufferPtr buffer,
-									 size_t size);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoInit              (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoShutdown          (void);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeysMngrInit      (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoGenerateRandom    (xmlSecBufferPtr buffer,
+                                                                         size_t size);
+
+XMLSEC_CRYPTO_EXPORT void               xmlSecMSCryptoErrorsDefaultCallback(const char* file,
+                                                                        int line,
+                                                                        const char* func,
+                                                                        const char* errorObject,
+                                                                        const char* errorSubject,
+                                                                        int reason,
+                                                                        const char* msg);
+
+/******************************************************************************
+ *
+ * String encoding conversion utils
+ *
+ ******************************************************************************/
+XMLSEC_CRYPTO_EXPORT LPWSTR             xmlSecMSCryptoConvertLocaleToUnicode(const char* str);
 
-XMLSEC_CRYPTO_EXPORT void		xmlSecMSCryptoErrorsDefaultCallback(const char* file, 
-									int line, 
-									const char* func,
-									const char* errorObject, 
-									const char* errorSubject,
-									int reason, 
-									const char* msg);
+XMLSEC_CRYPTO_EXPORT LPWSTR             xmlSecMSCryptoConvertUtf8ToUnicode  (const xmlChar* str);
+XMLSEC_CRYPTO_EXPORT xmlChar*           xmlSecMSCryptoConvertUnicodeToUtf8  (LPCWSTR str);
 
-/**
- * Utils
- */
-XMLSEC_CRYPTO_EXPORT BYTE*		xmlSecMSCryptoCertStrToName	(DWORD dwCertEncodingType, 
-									 LPCTSTR pszX500, 
-									 DWORD dwStrType,
-									 DWORD* len);
+XMLSEC_CRYPTO_EXPORT xmlChar*           xmlSecMSCryptoConvertLocaleToUtf8   (const char* str);
+XMLSEC_CRYPTO_EXPORT char*              xmlSecMSCryptoConvertUtf8ToLocale   (const xmlChar* str);
 
+XMLSEC_CRYPTO_EXPORT xmlChar*           xmlSecMSCryptoConvertTstrToUtf8     (LPCTSTR str);
+XMLSEC_CRYPTO_EXPORT LPTSTR             xmlSecMSCryptoConvertUtf8ToTstr     (const xmlChar*  str);
 
 
 /********************************************************************
@@ -60,20 +69,20 @@ XMLSEC_CRYPTO_EXPORT BYTE*		xmlSecMSCryptoCertStrToName	(DWORD dwCertEncodingTyp
 
 /**
  * xmlSecMSCryptoKeyDataDsaId:
- * 
+ *
  * The DSA key klass.
  */
 #define xmlSecMSCryptoKeyDataDsaId \
-	xmlSecMSCryptoKeyDataDsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataDsaGetKlass	(void);
+        xmlSecMSCryptoKeyDataDsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataDsaGetKlass        (void);
 
 /**
  * xmlSecMSCryptoTransformDsaSha1Id:
- * 
+ *
  * The DSA SHA1 signature transform klass.
  */
 #define xmlSecMSCryptoTransformDsaSha1Id \
-	xmlSecMSCryptoTransformDsaSha1GetKlass()
+        xmlSecMSCryptoTransformDsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformDsaSha1GetKlass(void);
 
 #endif /* XMLSEC_NO_DSA */
@@ -87,20 +96,20 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformDsaSha1GetKlass(vo
 
 /**
  * xmlSecMSCryptoKeyDataGost2001Id:
- * 
+ *
  * The GOST2001 key klass.
  */
 #define xmlSecMSCryptoKeyDataGost2001Id \
-	xmlSecMSCryptoKeyDataGost2001GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataGost2001GetKlass	(void);
+        xmlSecMSCryptoKeyDataGost2001GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataGost2001GetKlass   (void);
 
 /**
  * xmlSecMSCryptoTransformGost2001GostR3411_94Id:
- * 
+ *
  * The GOST2001 GOSTR3411_94 signature transform klass.
  */
 #define xmlSecMSCryptoTransformGost2001GostR3411_94Id \
-	xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass()
+        xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass(void);
 
 #endif /* XMLSEC_NO_GOST */
@@ -114,47 +123,117 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformGost2001GostR3411_
 
 /**
  * xmlSecMSCryptoKeyDataRsaId:
- * 
+ *
  * The RSA key klass.
  */
 #define xmlSecMSCryptoKeyDataRsaId \
-	xmlSecMSCryptoKeyDataRsaGetKlass()
+        xmlSecMSCryptoKeyDataRsaGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecMSCryptoKeyDataRsaGetKlass(void);
 
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecMSCryptoTransformRsaMd5Id:
+ *
+ * The RSA-MD5 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformRsaMd5Id        \
+        xmlSecMSCryptoTransformRsaMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
 
+#ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecMSCryptoTransformRsaSha1Id:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  */
-
-#define xmlSecMSCryptoTransformRsaSha1Id	\
-	xmlSecMSCryptoTransformRsaSha1GetKlass()
+#define xmlSecMSCryptoTransformRsaSha1Id        \
+        xmlSecMSCryptoTransformRsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecMSCryptoTransformRsaSha256Id:
+ *
+ * The RSA-SHA256 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformRsaSha256Id     \
+       xmlSecMSCryptoTransformRsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecMSCryptoTransformRsaSha384Id:
+ *
+ * The RSA-SHA384 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformRsaSha384Id     \
+       xmlSecMSCryptoTransformRsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecMSCryptoTransformRsaSha512Id:
+ *
+ * The RSA-SHA512 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformRsaSha512Id     \
+       xmlSecMSCryptoTransformRsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
 
 /**
  * xmlSecMSCryptoTransformRsaPkcs1Id:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
 #define xmlSecMSCryptoTransformRsaPkcs1Id \
-	xmlSecMSCryptoTransformRsaPkcs1GetKlass()
+        xmlSecMSCryptoTransformRsaPkcs1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaPkcs1GetKlass(void);
 
 /**
  * xmlSecMSCryptoTransformRsaOaepId:
- * 
+ *
+ * The RSA OAEP key transport transform klass.
+ */
+#define xmlSecMSCryptoTransformRsaOaepId \
+        xmlSecMSCryptoTransformRsaOaepGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaOaepGetKlass(void);
+
+/**
+ * xmlSecMSCryptoTransformRsaOaepId:
+ *
  * The RSA PKCS1 key transport transform klass.
  */
 /*
 #define xmlSecMSCryptoTransformRsaOaepId \
-	xmlSecMSCryptoTransformRsaOaepGetKlass()
+        xmlSecMSCryptoTransformRsaOaepGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaOaepGetKlass(void);
 */
 #endif /* XMLSEC_NO_RSA */
 
 /********************************************************************
  *
+ * Md5 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecMSCryptoTransformMd5Id:
+ *
+ * The MD5 digest transform klass.
+ */
+#define xmlSecMSCryptoTransformMd5Id \
+        xmlSecMSCryptoTransformMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+
+/********************************************************************
+ *
  * SHA1 transform
  *
  *******************************************************************/
@@ -162,16 +241,67 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformRsaOaepGetKlass(vo
 
 /**
  * xmlSecMSCryptoTransformSha1Id:
- * 
+ *
  * The SHA1 digest transform klass.
  */
 #define xmlSecMSCryptoTransformSha1Id \
-	xmlSecMSCryptoTransformSha1GetKlass()
+        xmlSecMSCryptoTransformSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
 /********************************************************************
  *
+ * SHA256 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA256
+
+/**
+ * xmlSecMSCryptoTransformSha256Id:
+ *
+ * The SHA256 digest transform klass.
+ */
+#define xmlSecMSCryptoTransformSha256Id \
+       xmlSecMSCryptoTransformSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+/********************************************************************
+ *
+ * SHA384 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA384
+
+/**
+ * xmlSecMSCryptoTransformSha384Id:
+ *
+ * The SHA384 digest transform klass.
+ */
+#define xmlSecMSCryptoTransformSha384Id \
+       xmlSecMSCryptoTransformSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+/********************************************************************
+ *
+ * SHA512 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA512
+
+/**
+ * xmlSecMSCryptoTransformSha512Id:
+ *
+ * The SHA512 digest transform klass.
+ */
+#define xmlSecMSCryptoTransformSha512Id \
+       xmlSecMSCryptoTransformSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+/********************************************************************
+ *
  * GOSTR3411_94 transform
  *
  *******************************************************************/
@@ -179,11 +309,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformSha1GetKlass(void)
 
 /**
  * xmlSecMSCryptoTransformGostR3411_94Id:
- * 
+ *
  * The GOSTR3411_94 digest transform klass.
  */
 #define xmlSecMSCryptoTransformGostR3411_94Id \
-	xmlSecMSCryptoTransformGostR3411_94GetKlass()
+        xmlSecMSCryptoTransformGostR3411_94GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformGostR3411_94GetKlass(void);
 #endif /* XMLSEC_NO_GOST */
 
@@ -195,41 +325,68 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformGostR3411_94GetKla
 #ifndef XMLSEC_NO_AES
 /**
  * xmlSecMSCryptoKeyDataAesId:
- * 
+ *
  * The AES key data klass.
  */
 #define xmlSecMSCryptoKeyDataAesId \
-	xmlSecMSCryptoKeyDataAesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataAesGetKlass(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeyDataAesSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecMSCryptoKeyDataAesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataAesGetKlass(void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeyDataAesSet     (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 /**
  * xmlSecMSCryptoTransformAes128CbcId:
- * 
+ *
  * The AES128 CBC cipher transform klass.
  */
 #define xmlSecMSCryptoTransformAes128CbcId \
-	xmlSecMSCryptoTransformAes128CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecMSCryptoTransformAes128CbcGetKlass(void);
+        xmlSecMSCryptoTransformAes128CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformAes128CbcGetKlass(void);
 
 /**
  * xmlSecMSCryptoTransformAes192CbcId:
- * 
+ *
  * The AES192 CBC cipher transform klass.
  */
 #define xmlSecMSCryptoTransformAes192CbcId \
-	xmlSecMSCryptoTransformAes192CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecMSCryptoTransformAes192CbcGetKlass(void);
+        xmlSecMSCryptoTransformAes192CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformAes192CbcGetKlass(void);
 
 /**
  * xmlSecMSCryptoTransformAes256CbcId:
- * 
+ *
  * The AES256 CBC cipher transform klass.
  */
 #define xmlSecMSCryptoTransformAes256CbcId \
-	xmlSecMSCryptoTransformAes256CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecMSCryptoTransformAes256CbcGetKlass(void);
+        xmlSecMSCryptoTransformAes256CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformAes256CbcGetKlass(void);
+
+/**
+ * xmlSecMSCryptoTransformKWAes128Id:
+ *
+ * The AES 128 key wrap transform klass.
+ */
+#define xmlSecMSCryptoTransformKWAes128Id \
+        xmlSecMSCryptoTransformKWAes128GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformKWAes128GetKlass(void);
+
+/**
+ * xmlSecMSCryptoTransformKWAes192Id:
+ *
+ * The AES 192 key wrap transform klass.
+ */
+#define xmlSecMSCryptoTransformKWAes192Id \
+        xmlSecMSCryptoTransformKWAes192GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformKWAes192GetKlass(void);
+
+/**
+ * xmlSecMSCryptoTransformKWAes256Id:
+ *
+ * The AES 256 key wrap transform klass.
+ */
+#define xmlSecMSCryptoTransformKWAes256Id \
+        xmlSecMSCryptoTransformKWAes256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecMSCryptoTransformKWAes256GetKlass(void);
 
 #endif /* XMLSEC_NO_AES */
 
@@ -243,30 +400,117 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecMSCryptoTransformAes256CbcGetKlass(
 
 /**
  * xmlSecMSCryptoKeyDataDesId:
- * 
+ *
  * The DES key data klass.
  */
 #define xmlSecMSCryptoKeyDataDesId \
-	xmlSecMSCryptoKeyDataDesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataDesGetKlass(void);
+        xmlSecMSCryptoKeyDataDesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataDesGetKlass(void);
 
 /**
  * xmlSecMSCryptoTransformDes3CbcId:
- * 
+ *
  * The DES3 CBC cipher transform klass.
  */
 #define xmlSecMSCryptoTransformDes3CbcId \
-	xmlSecMSCryptoTransformDes3CbcGetKlass()
+        xmlSecMSCryptoTransformDes3CbcGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformDes3CbcGetKlass(void);
 
-
+/**
+ * xmlSecMSCryptoTransformKWDes3Id:
+ *
+ * The DES3 KW transform klass.
+ */
+#define xmlSecMSCryptoTransformKWDes3Id \
+        xmlSecMSCryptoTransformKWDes3GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformKWDes3GetKlass(void);
 
 #endif /* XMLSEC_NO_DES */
 
+
+/********************************************************************
+ *
+ * HMAC transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_HMAC
+
+XMLSEC_CRYPTO_EXPORT int               xmlSecMSCryptoHmacGetMinOutputLength(void);
+XMLSEC_CRYPTO_EXPORT void              xmlSecMSCryptoHmacSetMinOutputLength(int min_length);
+
+/**
+ * xmlSecMSCryptoKeyDataHmacId:
+ *
+ * The DHMAC key klass.
+ */
+#define xmlSecMSCryptoKeyDataHmacId \
+        xmlSecMSCryptoKeyDataHmacGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataHmacGetKlass(void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeyDataHmacSet     (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecMSCryptoTransformHmacMd5Id:
+ *
+ * The HMAC with MD5 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacMd5Id \
+        xmlSecMSCryptoTransformHmacMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecMSCryptoTransformHmacSha1Id:
+ *
+ * The HMAC with SHA1 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacSha1Id \
+        xmlSecMSCryptoTransformHmacSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecMSCryptoTransformHmacSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacSha256Id \
+        xmlSecMSCryptoTransformHmacSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecMSCryptoTransformHmacSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacSha384Id \
+        xmlSecMSCryptoTransformHmacSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecMSCryptoTransformHmacSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecMSCryptoTransformHmacSha512Id \
+        xmlSecMSCryptoTransformHmacSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecMSCryptoTransformHmacSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_HMAC */
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
 
 #endif /* __XMLSEC_MSCRYPTO_CRYPTO_H__ */
 
-#define __XMLSEC_MSCRYPTO_CRYPTO_H__    
+#define __XMLSEC_MSCRYPTO_CRYPTO_H__
diff --git a/include/xmlsec/mscrypto/keysstore.h b/include/xmlsec/mscrypto/keysstore.h
index ab66547f..afaf6a95 100644
--- a/include/xmlsec/mscrypto/keysstore.h
+++ b/include/xmlsec/mscrypto/keysstore.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * MSCrypto keys store
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_KEYSSTORE_H__
-#define __XMLSEC_MSCRYPTO_KEYSSTORE_H__    
+#define __XMLSEC_MSCRYPTO_KEYSSTORE_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 
@@ -27,16 +27,18 @@ extern "C" {
  *
  * A MSCrypto keys store klass id.
  */
-#define xmlSecMSCryptoKeysStoreId	xmlSecMSCryptoKeysStoreGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyStoreId	xmlSecMSCryptoKeysStoreGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeysStoreAdoptKey	(xmlSecKeyStorePtr store,
-									 xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeysStoreLoad 	(xmlSecKeyStorePtr store,
-									 const char *uri,
-									 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeysStoreSave	(xmlSecKeyStorePtr store, 
-									 const char *filename,
-									 xmlSecKeyDataType type);
+#define xmlSecMSCryptoKeysStoreId       xmlSecMSCryptoKeysStoreGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyStoreId   xmlSecMSCryptoKeysStoreGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeysStoreAdoptKey (xmlSecKeyStorePtr store,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeysStoreLoad     (xmlSecKeyStorePtr store,
+                                                                         const char *uri,
+                                                                         xmlSecKeysMngrPtr keysMngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeysStoreSave     (xmlSecKeyStorePtr store,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataType type);
+
+
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/mscrypto/symbols.h b/include/xmlsec/mscrypto/symbols.h
index 2f8ceb43..17000ccf 100644
--- a/include/xmlsec/mscrypto/symbols.h
+++ b/include/xmlsec/mscrypto/symbols.h
@@ -1,13 +1,13 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_SYMBOLS_H__
-#define __XMLSEC_MSCRYPTO_SYMBOLS_H__    
+#define __XMLSEC_MSCRYPTO_SYMBOLS_H__
 
 #if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 #error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
@@ -15,80 +15,92 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/**
- * Defines for writing simple code
- */
 #ifdef XMLSEC_CRYPTO_MSCRYPTO
 
-/**  
+/********************************************************************
+ *
  * Crypto Init/shutdown
- */
-#define xmlSecCryptoInit			xmlSecMSCryptoInit
-#define xmlSecCryptoShutdown			xmlSecMSCryptoShutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecMSCryptoInit
+#define xmlSecCryptoShutdown                    xmlSecMSCryptoShutdown
 
-#define xmlSecCryptoKeysMngrInit		xmlSecMSCryptoKeysMngrInit
+#define xmlSecCryptoKeysMngrInit                xmlSecMSCryptoKeysMngrInit
 
-/**
+/********************************************************************
+ *
  * Key data ids
- */
-#define xmlSecKeyDataAesId			xmlSecMSCryptoKeyDataAesId
-#define xmlSecKeyDataDesId			xmlSecMSCryptoKeyDataDesId
-#define xmlSecKeyDataDsaId			xmlSecMSCryptoKeyDataDsaId
-#define xmlSecKeyDataGost2001Id     xmlSecMSCryptoKeyDataGost2001Id
-#define xmlSecKeyDataHmacId			xmlSecMSCryptoKeyDataHmacId
-#define xmlSecKeyDataRsaId			xmlSecMSCryptoKeyDataRsaId
-#define xmlSecKeyDataX509Id			xmlSecMSCryptoKeyDataX509Id
-#define xmlSecKeyDataRawX509CertId  xmlSecMSCryptoKeyDataRawX509CertId
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecMSCryptoKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecMSCryptoKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecMSCryptoKeyDataDsaId
+#define xmlSecKeyDataGost2001Id                 xmlSecMSCryptoKeyDataGost2001Id
+#define xmlSecKeyDataHmacId                     xmlSecMSCryptoKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecMSCryptoKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecMSCryptoKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecMSCryptoKeyDataRawX509CertId
 
-/**
+/********************************************************************
+ *
  * Key data store ids
- */
-#define xmlSecX509StoreId			xmlSecMSCryptoX509StoreId
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecMSCryptoX509StoreId
 
-/**
+/********************************************************************
+ *
  * Crypto transforms ids
- */
-#define xmlSecTransformAes128CbcId		xmlSecMSCryptoTransformAes128CbcId
-#define xmlSecTransformAes192CbcId		xmlSecMSCryptoTransformAes192CbcId
-#define xmlSecTransformAes256CbcId		xmlSecMSCryptoTransformAes256CbcId
-#define xmlSecTransformKWAes128Id		xmlSecMSCryptoTransformKWAes128Id
-#define xmlSecTransformKWAes192Id		xmlSecMSCryptoTransformKWAes192Id
-#define xmlSecTransformKWAes256Id		xmlSecMSCryptoTransformKWAes256Id
-#define xmlSecTransformDes3CbcId		xmlSecMSCryptoTransformDes3CbcId
-#define xmlSecTransformKWDes3Id			xmlSecMSCryptoTransformKWDes3Id
-#define xmlSecTransformDsaSha1Id		xmlSecMSCryptoTransformDsaSha1Id
-#define xmlSecTransformGost2001GostR3411_94Id		xmlSecMSCryptoTransformGost2001GostR3411_94Id
-#define xmlSecTransformHmacMd5Id		xmlSecMSCryptoTransformHmacMd5Id
-#define xmlSecTransformHmacRipemd160Id		xmlSecMSCryptoTransformHmacRipemd160Id
-#define xmlSecTransformHmacSha1Id		xmlSecMSCryptoTransformHmacSha1Id
-#define xmlSecTransformRipemd160Id		xmlSecMSCryptoTransformRipemd160Id
-#define xmlSecTransformRsaSha1Id		xmlSecMSCryptoTransformRsaSha1Id
-#define xmlSecTransformRsaPkcs1Id		xmlSecMSCryptoTransformRsaPkcs1Id
-#define xmlSecTransformRsaOaepId		xmlSecMSCryptoTransformRsaOaepId
-#define xmlSecTransformSha1Id			xmlSecMSCryptoTransformSha1Id
-#define xmlSecTransformGostR3411_94Id			xmlSecMSCryptoTransformGostR3411_94Id
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecMSCryptoTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecMSCryptoTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecMSCryptoTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecMSCryptoTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecMSCryptoTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecMSCryptoTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecMSCryptoTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecMSCryptoTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecMSCryptoTransformDsaSha1Id
+#define xmlSecTransformGost2001GostR3411_94Id   xmlSecMSCryptoTransformGost2001GostR3411_94Id
+#define xmlSecTransformHmacMd5Id                xmlSecMSCryptoTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecMSCryptoTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecMSCryptoTransformHmacSha1Id
+#define xmlSecTransformRipemd160Id              xmlSecMSCryptoTransformRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecMSCryptoTransformRsaSha1Id
+#define xmlSecTransformRsaSha256Id              xmlSecMSCryptoTransformRsaSha256Id
+#define xmlSecTransformRsaSha384Id              xmlSecMSCryptoTransformRsaSha384Id
+#define xmlSecTransformRsaSha512Id              xmlSecMSCryptoTransformRsaSha512Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecMSCryptoTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecMSCryptoTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecMSCryptoTransformSha1Id
+#define xmlSecTransformSha256Id                 xmlSecMSCryptoTransformSha256Id
+#define xmlSecTransformSha384Id                 xmlSecMSCryptoTransformSha384Id
+#define xmlSecTransformSha512Id                 xmlSecMSCryptoTransformSha512Id
+#define xmlSecTransformGostR3411_94Id           xmlSecMSCryptoTransformGostR3411_94Id
 
-/**
+/********************************************************************
+ *
  * High level routines form xmlsec command line utility
- */ 
-
-#define xmlSecCryptoAppInit			xmlSecMSCryptoAppInit
-#define xmlSecCryptoAppShutdown			xmlSecMSCryptoAppShutdown
-#define xmlSecCryptoAppDefaultKeysMngrInit	xmlSecMSCryptoAppDefaultKeysMngrInit
-#define xmlSecCryptoAppDefaultKeysMngrAdoptKey	xmlSecMSCryptoAppDefaultKeysMngrAdoptKey
-#define xmlSecCryptoAppDefaultKeysMngrLoad	xmlSecMSCryptoAppDefaultKeysMngrLoad
-#define xmlSecCryptoAppDefaultKeysMngrSave	xmlSecMSCryptoAppDefaultKeysMngrSave
-#define xmlSecCryptoAppKeysMngrCertLoad		xmlSecMSCryptoAppKeysMngrCertLoad
-#define xmlSecCryptoAppKeysMngrCertLoadMemory	xmlSecMSCryptoAppKeysMngrCertLoadMemory
-#define xmlSecCryptoAppKeyLoad			xmlSecMSCryptoAppKeyLoad
-#define xmlSecCryptoAppPkcs12Load		xmlSecMSCryptoAppPkcs12Load
-#define xmlSecCryptoAppKeyCertLoad		xmlSecMSCryptoAppKeyCertLoad
-#define xmlSecCryptoAppKeyLoadMemory		xmlSecMSCryptoAppKeyLoadMemory
-#define xmlSecCryptoAppPkcs12LoadMemory		xmlSecMSCryptoAppPkcs12LoadMemory
-#define xmlSecCryptoAppKeyCertLoadMemory	xmlSecMSCryptoAppKeyCertLoadMemory
-#define xmlSecCryptoAppGetDefaultPwdCallback	xmlSecMSCryptoAppGetDefaultPwdCallback
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecMSCryptoAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecMSCryptoAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecMSCryptoAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecMSCryptoAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecMSCryptoAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecMSCryptoAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecMSCryptoAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecMSCryptoAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecMSCryptoAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecMSCryptoAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecMSCryptoAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecMSCryptoAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecMSCryptoAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecMSCryptoAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecMSCryptoAppGetDefaultPwdCallback
 
 #endif /* XMLSEC_CRYPTO_MSCRYPTO */
 
@@ -98,5 +110,5 @@ extern "C" {
 
 #endif /* __XMLSEC_MSCRYPTO_CRYPTO_H__ */
 
-#define __XMLSEC_MSCRYPTO_CRYPTO_H__    
+#define __XMLSEC_MSCRYPTO_CRYPTO_H__
 
diff --git a/include/xmlsec/mscrypto/x509.h b/include/xmlsec/mscrypto/x509.h
index 4dd72d0c..60066bda 100644
--- a/include/xmlsec/mscrypto/x509.h
+++ b/include/xmlsec/mscrypto/x509.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_MSCRYPTO_X509_H__
-#define __XMLSEC_MSCRYPTO_X509_H__    
+#define __XMLSEC_MSCRYPTO_X509_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #ifndef XMLSEC_NO_X509
 
@@ -24,81 +24,64 @@ extern "C" {
 
 /**
  * xmlSecMSCryptoKeyDataX509Id:
- * 
+ *
  * The MSCrypto X509 data klass.
  */
 #define xmlSecMSCryptoKeyDataX509Id \
-	xmlSecMSCryptoKeyDataX509GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataX509GetKlass(void);
+        xmlSecMSCryptoKeyDataX509GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataX509GetKlass(void);
 
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT	xmlSecMSCryptoKeyDataX509GetKeyCert	(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoKeyDataX509AdoptKeyCert	(xmlSecKeyDataPtr data, 
-									        PCCERT_CONTEXT cert);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecMSCryptoKeyDataX509AdoptCert	(xmlSecKeyDataPtr data,
-										 PCCERT_CONTEXT cert);
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT	xmlSecMSCryptoKeyDataX509GetCert    	(xmlSecKeyDataPtr data,
-									         xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecMSCryptoKeyDataX509GetCertsSize	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT     xmlSecMSCryptoKeyDataX509GetKeyCert     (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeyDataX509AdoptKeyCert   (xmlSecKeyDataPtr data,
+                                                                                PCCERT_CONTEXT cert);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeyDataX509AdoptCert      (xmlSecKeyDataPtr data,
+                                                                                 PCCERT_CONTEXT cert);
+XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT     xmlSecMSCryptoKeyDataX509GetCert        (xmlSecKeyDataPtr data,
+                                                                                 xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecMSCryptoKeyDataX509GetCertsSize   (xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecMSCryptoKeyDataX509AdoptCrl	(xmlSecKeyDataPtr data,
-										 PCCRL_CONTEXT crl);
-XMLSEC_CRYPTO_EXPORT PCCRL_CONTEXT	xmlSecMSCryptoKeyDataX509GetCrl		(xmlSecKeyDataPtr data,
-										 xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecMSCryptoKeyDataX509GetCrlsSize	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoKeyDataX509AdoptCrl       (xmlSecKeyDataPtr data,
+                                                                                 PCCRL_CONTEXT crl);
+XMLSEC_CRYPTO_EXPORT PCCRL_CONTEXT      xmlSecMSCryptoKeyDataX509GetCrl         (xmlSecKeyDataPtr data,
+                                                                                 xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecMSCryptoKeyDataX509GetCrlsSize    (xmlSecKeyDataPtr data);
 
 
 /**
  * xmlSecMSCryptoKeyDataRawX509CertId:
- * 
+ *
  * The MSCrypto raw X509 certificate klass.
  */
 #define xmlSecMSCryptoKeyDataRawX509CertId \
-	xmlSecMSCryptoKeyDataRawX509CertGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecMSCryptoKeyDataRawX509CertGetKlass(void);
+        xmlSecMSCryptoKeyDataRawX509CertGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecMSCryptoKeyDataRawX509CertGetKlass(void);
 
 /**
  * xmlSecMSCryptoX509StoreId:
- * 
+ *
  * The MSCrypto X509 store klass.
  */
 #define xmlSecMSCryptoX509StoreId \
-	xmlSecMSCryptoX509StoreGetKlass()
+        xmlSecMSCryptoX509StoreGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecKeyDataStoreId xmlSecMSCryptoX509StoreGetKlass(void);
 
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT 	xmlSecMSCryptoX509StoreFindCert		(xmlSecKeyDataStorePtr store,
-									 	 xmlChar *subjectName,
-									 	 xmlChar *issuerName, 
-									 	 xmlChar *issuerSerial,
-									 	 xmlChar *ski,
-									 	 xmlSecKeyInfoCtx* keyInfoCtx);
-
-
-XMLSEC_CRYPTO_EXPORT PCCERT_CONTEXT 	xmlSecMSCryptoX509StoreVerify		(xmlSecKeyDataStorePtr store,
-									 	 HCERTSTORE certs,
-									 	 xmlSecKeyInfoCtx* keyInfoCtx);
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoX509StoreAdoptCert 	(xmlSecKeyDataStorePtr store,
-										 PCCERT_CONTEXT cert,
-										 xmlSecKeyDataType type);
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoX509StoreAdoptKeyStore (
-										xmlSecKeyDataStorePtr store,
-										HCERTSTORE keyStore
-								) ;
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoX509StoreAdoptTrustedStore (
-										xmlSecKeyDataStorePtr store,
-										HCERTSTORE trustedStore
-								) ;
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecMSCryptoX509StoreAdoptUntrustedStore (
-										xmlSecKeyDataStorePtr store,
-										HCERTSTORE untrustedStore
-								) ;
-
-XMLSEC_CRYPTO_EXPORT void       xmlSecMSCryptoX509StoreEnableSystemTrustedCerts (
-                                        xmlSecKeyDataStorePtr store, 
-                                        int val
-                                ) ;
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoX509StoreAdoptCert        (xmlSecKeyDataStorePtr store,
+                                                                                 PCCERT_CONTEXT cert,
+                                                                                 xmlSecKeyDataType type);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoX509StoreAdoptKeyStore    (xmlSecKeyDataStorePtr store,
+                                                                                 HCERTSTORE keyStore);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoX509StoreAdoptTrustedStore(xmlSecKeyDataStorePtr store,
+                                                                                 HCERTSTORE trustedStore);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecMSCryptoX509StoreAdoptUntrustedStore(xmlSecKeyDataStorePtr store,
+                                                                                 HCERTSTORE untrustedStore);
+
+XMLSEC_CRYPTO_EXPORT void               xmlSecMSCryptoX509StoreEnableSystemTrustedCerts(xmlSecKeyDataStorePtr store,
+                                                                                 int val);
+
+
 
 #endif /* XMLSEC_NO_X509 */
 
diff --git a/include/xmlsec/nodeset.h b/include/xmlsec/nodeset.h
index 76304670..104e04fa 100644
--- a/include/xmlsec/nodeset.h
+++ b/include/xmlsec/nodeset.h
@@ -1,48 +1,48 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Enchanced nodes Set
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_NODESET_H__
-#define __XMLSEC_NODESET_H__    
+#define __XMLSEC_NODESET_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <libxml/xpath.h>
 
 #include <xmlsec/xmlsec.h>
 
-typedef struct _xmlSecNodeSet 	xmlSecNodeSet, *xmlSecNodeSetPtr;
+typedef struct _xmlSecNodeSet   xmlSecNodeSet, *xmlSecNodeSetPtr;
 
-/** 
+/**
  * xmlSecNodeSetType:
- * @xmlSecNodeSetNormal: 	nodes set = nodes in the list.
- * @xmlSecNodeSetInvert:  	nodes set = all document nodes minus nodes in the list.
- * @xmlSecNodeSetTree: 		nodes set = nodes in the list and all their subtress.
- * @xmlSecNodeSetTreeWithoutComments: 		nodes set = nodes in the list and 
- *				all their subtress but no comment nodes.
- * @xmlSecNodeSetTreeInvert: 	nodes set = all document nodes minus nodes in the 
- * 				list and all their subtress.
- * @xmlSecNodeSetTreeWithoutCommentsInvert: 	nodes set = all document nodes 
- * 				minus (nodes in the list and all their subtress 
- *				plus all comment nodes).
- * @xmlSecNodeSetList: 		nodes set = all nodes in the chidren list of nodes sets.
- * 
+ * @xmlSecNodeSetNormal:        nodes set = nodes in the list.
+ * @xmlSecNodeSetInvert:        nodes set = all document nodes minus nodes in the list.
+ * @xmlSecNodeSetTree:          nodes set = nodes in the list and all their subtress.
+ * @xmlSecNodeSetTreeWithoutComments:           nodes set = nodes in the list and
+ *                              all their subtress but no comment nodes.
+ * @xmlSecNodeSetTreeInvert:    nodes set = all document nodes minus nodes in the
+ *                              list and all their subtress.
+ * @xmlSecNodeSetTreeWithoutCommentsInvert:     nodes set = all document nodes
+ *                              minus (nodes in the list and all their subtress
+ *                              plus all comment nodes).
+ * @xmlSecNodeSetList:          nodes set = all nodes in the chidren list of nodes sets.
+ *
  * The basic nodes sets types.
  */
 typedef enum {
     xmlSecNodeSetNormal = 0,
     xmlSecNodeSetInvert,
     xmlSecNodeSetTree,
-    xmlSecNodeSetTreeWithoutComments, 
+    xmlSecNodeSetTreeWithoutComments,
     xmlSecNodeSetTreeInvert,
     xmlSecNodeSetTreeWithoutCommentsInvert,
     xmlSecNodeSetList
@@ -50,10 +50,10 @@ typedef enum {
 
 /**
  * xmlSecNodeSetOp:
- * @xmlSecNodeSetIntersection: 	intersection.
- * @xmlSecNodeSetSubtraction: 	subtraction.
- * @xmlSecNodeSetUnion: 	union.
- * 
+ * @xmlSecNodeSetIntersection:  intersection.
+ * @xmlSecNodeSetSubtraction:   subtraction.
+ * @xmlSecNodeSetUnion:         union.
+ *
  * The simple nodes sets operations.
  */
 typedef enum {
@@ -64,73 +64,73 @@ typedef enum {
 
 /**
  * xmlSecNodeSet:
- * @nodes: 			the nodes list.
- * @doc: 			the parent XML document.
- * @destroyDoc:			the flag: if set to 1 then @doc will
- *				be destroyed when node set is destroyed.
- * @type: 			the nodes set type.
- * @op: 			the operation type.
- * @next: 			the next nodes set.
- * @prev: 			the previous nodes set.
- * @children: 			the children list (valid only if type 
- *				equal to #xmlSecNodeSetList).
+ * @nodes:                      the nodes list.
+ * @doc:                        the parent XML document.
+ * @destroyDoc:                 the flag: if set to 1 then @doc will
+ *                              be destroyed when node set is destroyed.
+ * @type:                       the nodes set type.
+ * @op:                         the operation type.
+ * @next:                       the next nodes set.
+ * @prev:                       the previous nodes set.
+ * @children:                   the children list (valid only if type
+ *                              equal to #xmlSecNodeSetList).
  *
  * The enchanced nodes set.
  */
 struct _xmlSecNodeSet {
-    xmlNodeSetPtr	nodes;
-    xmlDocPtr		doc;
-    int			destroyDoc;
-    xmlSecNodeSetType	type;
-    xmlSecNodeSetOp	op;
-    xmlSecNodeSetPtr	next;
-    xmlSecNodeSetPtr	prev;
-    xmlSecNodeSetPtr	children;
+    xmlNodeSetPtr       nodes;
+    xmlDocPtr           doc;
+    int                 destroyDoc;
+    xmlSecNodeSetType   type;
+    xmlSecNodeSetOp     op;
+    xmlSecNodeSetPtr    next;
+    xmlSecNodeSetPtr    prev;
+    xmlSecNodeSetPtr    children;
 };
 
 /**
  * xmlSecNodeSetWalkCallback:
- * @nset: 			the pointer to #xmlSecNodeSet structure.
- * @cur: 			the pointer current XML node.
- * @parent: 			the pointer to the @cur parent node.
- * @data: 			the pointer to application specific data.
+ * @nset:                       the pointer to #xmlSecNodeSet structure.
+ * @cur:                        the pointer current XML node.
+ * @parent:                     the pointer to the @cur parent node.
+ * @data:                       the pointer to application specific data.
  *
  * The callback function called once per each node in the nodes set.
  *
  * Returns: 0 on success or a negative value if an error occurs
  * an walk procedure should be interrupted.
  */
-typedef int (*xmlSecNodeSetWalkCallback)		(xmlSecNodeSetPtr nset,
-							 xmlNodePtr cur,
-							 xmlNodePtr parent,
-							 void* data);
+typedef int (*xmlSecNodeSetWalkCallback)                (xmlSecNodeSetPtr nset,
+                                                         xmlNodePtr cur,
+                                                         xmlNodePtr parent,
+                                                         void* data);
+
+XMLSEC_EXPORT xmlSecNodeSetPtr  xmlSecNodeSetCreate     (xmlDocPtr doc,
+                                                         xmlNodeSetPtr nodes,
+                                                         xmlSecNodeSetType type);
+XMLSEC_EXPORT void              xmlSecNodeSetDestroy    (xmlSecNodeSetPtr nset);
+XMLSEC_EXPORT void              xmlSecNodeSetDocDestroy (xmlSecNodeSetPtr nset);
+XMLSEC_EXPORT int               xmlSecNodeSetContains   (xmlSecNodeSetPtr nset,
+                                                         xmlNodePtr node,
+                                                         xmlNodePtr parent);
+XMLSEC_EXPORT xmlSecNodeSetPtr  xmlSecNodeSetAdd        (xmlSecNodeSetPtr nset,
+                                                         xmlSecNodeSetPtr newNSet,
+                                                         xmlSecNodeSetOp op);
+XMLSEC_EXPORT xmlSecNodeSetPtr  xmlSecNodeSetAddList    (xmlSecNodeSetPtr nset,
+                                                         xmlSecNodeSetPtr newNSet,
+                                                         xmlSecNodeSetOp op);
+XMLSEC_EXPORT xmlSecNodeSetPtr  xmlSecNodeSetGetChildren(xmlDocPtr doc,
+                                                         const xmlNodePtr parent,
+                                                         int withComments,
+                                                         int invert);
+XMLSEC_EXPORT int               xmlSecNodeSetWalk       (xmlSecNodeSetPtr nset,
+                                                         xmlSecNodeSetWalkCallback walkFunc,
+                                                         void* data);
+XMLSEC_EXPORT int               xmlSecNodeSetDumpTextNodes(xmlSecNodeSetPtr nset,
+                                                        xmlOutputBufferPtr out);
+XMLSEC_EXPORT void              xmlSecNodeSetDebugDump  (xmlSecNodeSetPtr nset,
+                                                         FILE *output);
 
-XMLSEC_EXPORT xmlSecNodeSetPtr	xmlSecNodeSetCreate	(xmlDocPtr doc,
-							 xmlNodeSetPtr nodes,
-							 xmlSecNodeSetType type);
-XMLSEC_EXPORT void		xmlSecNodeSetDestroy	(xmlSecNodeSetPtr nset);
-XMLSEC_EXPORT void		xmlSecNodeSetDocDestroy	(xmlSecNodeSetPtr nset);
-XMLSEC_EXPORT int		xmlSecNodeSetContains	(xmlSecNodeSetPtr nset,
-							 xmlNodePtr node,
-							 xmlNodePtr parent);
-XMLSEC_EXPORT xmlSecNodeSetPtr	xmlSecNodeSetAdd	(xmlSecNodeSetPtr nset,
-							 xmlSecNodeSetPtr newNSet,
-							 xmlSecNodeSetOp op);
-XMLSEC_EXPORT xmlSecNodeSetPtr	xmlSecNodeSetAddList	(xmlSecNodeSetPtr nset,
-							 xmlSecNodeSetPtr newNSet,
-							 xmlSecNodeSetOp op);
-XMLSEC_EXPORT xmlSecNodeSetPtr	xmlSecNodeSetGetChildren(xmlDocPtr doc,
-							 const xmlNodePtr parent,
-							 int withComments,
-							 int invert);
-XMLSEC_EXPORT int		xmlSecNodeSetWalk	(xmlSecNodeSetPtr nset,
-							 xmlSecNodeSetWalkCallback walkFunc,
-							 void* data);
-XMLSEC_EXPORT int		xmlSecNodeSetDumpTextNodes(xmlSecNodeSetPtr nset,
-							xmlOutputBufferPtr out);
-XMLSEC_EXPORT void		xmlSecNodeSetDebugDump	(xmlSecNodeSetPtr nset,
-							 FILE *output);
-							 
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
diff --git a/include/xmlsec/nss/Makefile.in b/include/xmlsec/nss/Makefile.in
index cd99f9db..8f7952d3 100644
--- a/include/xmlsec/nss/Makefile.in
+++ b/include/xmlsec/nss/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec/nss
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(xmlsecnssinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -68,6 +77,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecnssincdir)"
 HEADERS = $(xmlsecnssinc_HEADERS)
 ETAGS = etags
@@ -75,6 +90,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -89,6 +105,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -97,6 +114,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -127,6 +148,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -158,8 +180,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -167,7 +191,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -186,6 +209,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -195,6 +220,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -230,6 +256,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -262,7 +289,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -346,9 +372,7 @@ uninstall-xmlsecnssincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecnssinc_HEADERS)'; test -n "$(xmlsecnssincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecnssincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecnssincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecnssincdir)'; $(am__uninstall_files_from_dir)
 
 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -449,10 +473,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/nss/app.h b/include/xmlsec/nss/app.h
index b78492ff..387d34ec 100644
--- a/include/xmlsec/nss/app.h
+++ b/include/xmlsec/nss/app.h
@@ -1,18 +1,18 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_APP_H__
-#define __XMLSEC_NSS_APP_H__    
+#define __XMLSEC_NSS_APP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <nspr.h>
 #include <nss.h>
@@ -22,87 +22,93 @@ extern "C" {
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/transforms.h>
 
-/**
+/********************************************************************
+ *
  * Init/shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppInit		(const char* config);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppShutdown		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppInit                (const char* config);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppShutdown            (void);
 
-/** 
+/********************************************************************
+ *
  * Keys Manager
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppDefaultKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecNssAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
-									    xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecNssAppDefaultKeysMngrLoad	(xmlSecKeysMngrPtr mngr,
-									 const char* uri);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecNssAppDefaultKeysMngrSave	(xmlSecKeysMngrPtr mngr,
-									 const char* filename,
-									 xmlSecKeyDataType type);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppDefaultKeysMngrInit (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
+                                                                            xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppDefaultKeysMngrLoad (xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppDefaultKeysMngrSave (xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeysMngrCertLoad	(xmlSecKeysMngrPtr mngr, 
-									 const char *filename, 
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, 
-									 const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, 
-									 SECItem* secItem,
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeysMngrCertLoad    (xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr,
+                                                                         SECItem* secItem,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
 #endif /* XMLSEC_NO_X509 */
 
 
-/** 
+/********************************************************************
+ *
  * Keys
- */
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppKeyLoad		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppKeyLoadMemory	(const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppKeyLoadSECItem	(SECItem* secItem,
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppKeyLoad             (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppKeyLoadMemory       (const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppKeyLoadSECItem      (SECItem* secItem,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppPkcs12Load		(const char *filename, 
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppPkcs12LoadMemory	(const xmlSecByte *data, 
-									 xmlSecSize dataSize, 
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppPkcs12LoadSECItem	(SECItem* secItem,
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeyCertLoad		(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeyCertLoadMemory	(xmlSecKeyPtr key,
-									 const xmlSecByte *data, 
-									 xmlSecSize dataSize, 									 
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssAppKeyCertLoadSECItem	(xmlSecKeyPtr key,
-									 SECItem* secItem,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem,
-									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppPkcs12Load          (const char *filename,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppPkcs12LoadMemory    (const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppPkcs12LoadSECItem   (SECItem* secItem,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeyCertLoad         (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeyCertLoadMemory   (xmlSecKeyPtr key,
+                                                                         const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssAppKeyCertLoadSECItem  (xmlSecKeyPtr key,
+                                                                         SECItem* secItem,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem,
+                                                                         xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
-XMLSEC_CRYPTO_EXPORT void*		xmlSecNssAppGetDefaultPwdCallback(void);
+XMLSEC_CRYPTO_EXPORT void*              xmlSecNssAppGetDefaultPwdCallback(void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/nss/bignum.h b/include/xmlsec/nss/bignum.h
index b5d98bc0..6147d20a 100644
--- a/include/xmlsec/nss/bignum.h
+++ b/include/xmlsec/nss/bignum.h
@@ -1,33 +1,33 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Reading/writing BIGNUM values
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_BIGNUM_H__
-#define __XMLSEC_NSS_BIGNUM_H__    
+#define __XMLSEC_NSS_BIGNUM_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <nspr.h>
 #include <nss.h>
 
 #include <xmlsec/xmlsec.h>
 
-XMLSEC_CRYPTO_EXPORT SECItem*	xmlSecNssNodeGetBigNumValue	(PRArenaPool *arena, 
-								 const xmlNodePtr cur, 
-								 SECItem *a);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecNssNodeSetBigNumValue	(xmlNodePtr cur,
-								 const SECItem *a, 
-								 int addLineBreaks);
+XMLSEC_CRYPTO_EXPORT SECItem*   xmlSecNssNodeGetBigNumValue     (PRArenaPool *arena,
+                                                                 const xmlNodePtr cur,
+                                                                 SECItem *a);
+XMLSEC_CRYPTO_EXPORT int        xmlSecNssNodeSetBigNumValue     (xmlNodePtr cur,
+                                                                 const SECItem *a,
+                                                                 int addLineBreaks);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
index 42ba6ca9..a1c11948 100644
--- a/include/xmlsec/nss/crypto.h
+++ b/include/xmlsec/nss/crypto.h
@@ -1,18 +1,18 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_CRYPTO_H__
-#define __XMLSEC_NSS_CRYPTO_H__    
+#define __XMLSEC_NSS_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <nspr.h>
 #include <nss.h>
@@ -23,25 +23,27 @@ extern "C" {
 #include <xmlsec/transforms.h>
 #include <xmlsec/dl.h>
 
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoGetFunctions_nss(void);
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_nss(void);
 
-/**
+/********************************************************************
+ *
  * Init shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssInit			(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssShutdown		(void);
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeysMngrInit		(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssGenerateRandom		(xmlSecBufferPtr buffer,
-									 xmlSecSize size);
-
-XMLSEC_CRYPTO_EXPORT void		xmlSecNssErrorsDefaultCallback	(const char* file, 
-									int line, 
-									const char* func,
-									const char* errorObject, 
-									const char* errorSubject,
-									int reason, 
-									const char* msg);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssInit                   (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssShutdown               (void);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeysMngrInit           (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssGenerateRandom         (xmlSecBufferPtr buffer,
+                                                                         xmlSecSize size);
+
+XMLSEC_CRYPTO_EXPORT void               xmlSecNssErrorsDefaultCallback  (const char* file,
+                                                                        int line,
+                                                                        const char* func,
+                                                                        const char* errorObject,
+                                                                        const char* errorSubject,
+                                                                        int reason,
+                                                                        const char* msg);
 
 XMLSEC_CRYPTO_EXPORT PK11SlotInfo * xmlSecNssGetInternalKeySlot(void);
 
@@ -53,68 +55,68 @@ XMLSEC_CRYPTO_EXPORT PK11SlotInfo * xmlSecNssGetInternalKeySlot(void);
 #ifndef XMLSEC_NO_AES
 /**
  * xmlSecNssKeyDataAesId:
- * 
+ *
  * The AES key data klass.
  */
 #define xmlSecNssKeyDataAesId \
-	xmlSecNssKeyDataAesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataAesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeyDataAesSet		(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecNssKeyDataAesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataAesGetKlass     (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataAesSet          (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 /**
  * xmlSecNssTransformAes128CbcId:
- * 
+ *
  * The AES128 CBC cipher transform klass.
  */
 #define xmlSecNssTransformAes128CbcId \
-	xmlSecNssTransformAes128CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformAes128CbcGetKlass(void);
+        xmlSecNssTransformAes128CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformAes128CbcGetKlass(void);
 
 /**
  * xmlSecNssTransformAes192CbcId:
- * 
+ *
  * The AES192 CBC cipher transform klass.
  */
 #define xmlSecNssTransformAes192CbcId \
-	xmlSecNssTransformAes192CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformAes192CbcGetKlass(void);
+        xmlSecNssTransformAes192CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformAes192CbcGetKlass(void);
 
 /**
  * xmlSecNssTransformAes256CbcId:
- * 
+ *
  * The AES256 CBC cipher transform klass.
  */
 #define xmlSecNssTransformAes256CbcId \
-	xmlSecNssTransformAes256CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformAes256CbcGetKlass(void);
+        xmlSecNssTransformAes256CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformAes256CbcGetKlass(void);
 
 /**
  * xmlSecNssTransformKWAes128Id:
- * 
+ *
  * The AES 128 key wrap transform klass.
  */
 #define xmlSecNssTransformKWAes128Id \
-	xmlSecNssTransformKWAes128GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformKWAes128GetKlass(void);
+        xmlSecNssTransformKWAes128GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformKWAes128GetKlass(void);
 
 /**
  * xmlSecNssTransformKWAes192Id:
- * 
+ *
  * The AES 192 key wrap transform klass.
  */
 #define xmlSecNssTransformKWAes192Id \
-	xmlSecNssTransformKWAes192GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformKWAes192GetKlass(void);
+        xmlSecNssTransformKWAes192GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformKWAes192GetKlass(void);
 
 /**
  * xmlSecNssTransformKWAes256Id:
- * 
+ *
  * The AES 256 key wrap transform klass.
  */
 #define xmlSecNssTransformKWAes256Id \
-	xmlSecNssTransformKWAes256GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformKWAes256GetKlass(void);
+        xmlSecNssTransformKWAes256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecNssTransformKWAes256GetKlass(void);
 
 #endif /* XMLSEC_NO_AES */
 
@@ -126,32 +128,32 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecNssTransformKWAes256GetKlass(void);
 #ifndef XMLSEC_NO_DES
 /**
  * xmlSecNssKeyDataDesId:
- * 
+ *
  * The DES key data klass.
  */
 #define xmlSecNssKeyDataDesId \
-	xmlSecNssKeyDataDesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataDesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeyDataDesSet		(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecNssKeyDataDesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataDesGetKlass     (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataDesSet          (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 
 /**
  * xmlSecNssTransformDes3CbcId:
- * 
+ *
  * The Triple DES CBC cipher transform klass.
  */
 #define xmlSecNssTransformDes3CbcId \
-	xmlSecNssTransformDes3CbcGetKlass()
+        xmlSecNssTransformDes3CbcGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformDes3CbcGetKlass(void);
 
 /**
 * xmlSecNssTransformKWDes3Id:
-* 
-* The DES3 CBC cipher transform klass.
-*/ 
+*
+* The DES3 KW transform klass.
+*/
 #define xmlSecNssTransformKWDes3Id \
-	xmlSecNssTransformKWDes3GetKlass()
+        xmlSecNssTransformKWDes3GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformKWDes3GetKlass(void);
 
 
@@ -166,20 +168,20 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformKWDes3GetKlass(void);
 
 /**
  * xmlSecNssKeyDataDsaId:
- * 
+ *
  * The DSA key klass.
  */
 #define xmlSecNssKeyDataDsaId \
-	xmlSecNssKeyDataDsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataDsaGetKlass	(void);
+        xmlSecNssKeyDataDsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataDsaGetKlass     (void);
 
 /**
  * xmlSecNssTransformDsaSha1Id:
- * 
+ *
  * The DSA SHA1 signature transform klass.
  */
 #define xmlSecNssTransformDsaSha1Id \
-	xmlSecNssTransformDsaSha1GetKlass()
+        xmlSecNssTransformDsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformDsaSha1GetKlass(void);
 
 #endif /* XMLSEC_NO_DSA */
@@ -195,43 +197,82 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformDsaSha1GetKlass(void);
 XMLSEC_CRYPTO_EXPORT int               xmlSecNssHmacGetMinOutputLength(void);
 XMLSEC_CRYPTO_EXPORT void              xmlSecNssHmacSetMinOutputLength(int min_length);
 
-/** 
+/**
  * xmlSecNssKeyDataHmacId:
- * 
+ *
  * The DHMAC key data klass.
  */
 #define xmlSecNssKeyDataHmacId \
-	xmlSecNssKeyDataHmacGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId	xmlSecNssKeyDataHmacGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeyDataHmacSet		(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecNssKeyDataHmacGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataHmacGetKlass    (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataHmacSet         (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
+#ifndef XMLSEC_NO_MD5
 /**
  * xmlSecNssTransformHmacMd5Id:
- * 
+ *
  * The HMAC with MD5 signature transform klass.
  */
 #define xmlSecNssTransformHmacMd5Id \
-	xmlSecNssTransformHmacMd5GetKlass()
+        xmlSecNssTransformHmacMd5GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
 
+#ifndef XMLSEC_NO_RIPEMD160
 /**
  * xmlSecNssTransformHmacRipemd160Id:
- * 
+ *
  * The HMAC with RipeMD160 signature transform klass.
  */
 #define xmlSecNssTransformHmacRipemd160Id \
-	xmlSecNssTransformHmacRipemd160GetKlass()
+        xmlSecNssTransformHmacRipemd160GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacRipemd160GetKlass(void);
+#endif /* XMLSEC_NO_RIPEMD160 */
 
+#ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecNssTransformHmacSha1Id:
- * 
+ *
  * The HMAC with SHA1 signature transform klass.
  */
 #define xmlSecNssTransformHmacSha1Id \
-	xmlSecNssTransformHmacSha1GetKlass()
+        xmlSecNssTransformHmacSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformHmacSha256Id:
+ *
+ * The HMAC with SHA256 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha256Id \
+        xmlSecNssTransformHmacSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformHmacSha384Id:
+ *
+ * The HMAC with SHA384 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha384Id \
+        xmlSecNssTransformHmacSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformHmacSha512Id:
+ *
+ * The HMAC with SHA512 signature transform klass.
+ */
+#define xmlSecNssTransformHmacSha512Id \
+        xmlSecNssTransformHmacSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
 
 
 #endif /* XMLSEC_NO_HMAC */
@@ -246,44 +287,92 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformHmacSha1GetKlass(void);
 
 /**
  * xmlSecNssKeyDataRsaId:
- * 
+ *
  * The RSA key klass.
  */
 #define xmlSecNssKeyDataRsaId \
-	xmlSecNssKeyDataRsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataRsaGetKlass	(void);
+        xmlSecNssKeyDataRsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataRsaGetKlass     (void);
+
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecNssTransformRsaMd5Id:
+ *
+ * The RSA-MD5 signature transform klass.
+ */
+#define xmlSecNssTransformRsaMd5Id  \
+        xmlSecNssTransformRsaMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
 
+#ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecNssTransformRsaSha1Id:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  */
-#define xmlSecNssTransformRsaSha1Id	\
-	xmlSecNssTransformRsaSha1GetKlass()
+#define xmlSecNssTransformRsaSha1Id     \
+        xmlSecNssTransformRsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformRsaSha256Id:
+ *
+ * The RSA-SHA256 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha256Id       \
+        xmlSecNssTransformRsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformRsaSha384Id:
+ *
+ * The RSA-SHA384 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha384Id       \
+        xmlSecNssTransformRsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformRsaSha512Id:
+ *
+ * The RSA-SHA512 signature transform klass.
+ */
+#define xmlSecNssTransformRsaSha512Id       \
+        xmlSecNssTransformRsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
 
 /**
  * xmlSecNssTransformRsaPkcs1Id:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
 #define xmlSecNssTransformRsaPkcs1Id \
         xmlSecNssTransformRsaPkcs1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaPkcs1GetKlass(void);
 
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+   it doesn't implement the SHA1 OAEP PKCS we need
 
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO

-/**

- * xmlSecNssTransformRsaOaepId:

- * 

- * The RSA OAEP key transport transform klass.

- */

-

-#define xmlSecNssTransformRsaOaepId \

-        xmlSecNssTransformRsaOaepGetKlass()

+   https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+/**
+ * xmlSecNssTransformRsaOaepId:
+ *
+ * The RSA OAEP key transport transform klass.
+ */
+#define xmlSecNssTransformRsaOaepId \
+        xmlSecNssTransformRsaOaepGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
 
 #endif /* XMLSEC_NO_RSA */
 
@@ -296,18 +385,85 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecNssTransformSha1Id:
- * 
+ *
  * The SHA1 digest transform klass.
  */
 #define xmlSecNssTransformSha1Id \
-	xmlSecNssTransformSha1GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha1GetKlass	(void);
+        xmlSecNssTransformSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha1GetKlass   (void);
 #endif /* XMLSEC_NO_SHA1 */
 
+/********************************************************************
+ *
+ * SHA256 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecNssTransformSha256Id:
+ *
+ * The SHA256 digest transform klass.
+ */
+#define xmlSecNssTransformSha256Id \
+        xmlSecNssTransformSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+/********************************************************************
+ *
+ * SHA384 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecNssTransformSha384Id:
+ *
+ * The SHA384 digest transform klass.
+ */
+#define xmlSecNssTransformSha384Id \
+        xmlSecNssTransformSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+/********************************************************************
+ *
+ * SHA512 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecNssTransformSha512Id:
+ *
+ * The SHA512 digest transform klass.
+ */
+#define xmlSecNssTransformSha512Id \
+        xmlSecNssTransformSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+/********************************************************************
+ *
+ * MD5 transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_MD5
+/**
+ * xmlSecNssTransformMd5Id:
+ *
+ * The MD5 digest transform klass.
+ */
+#define xmlSecNssTransformMd5Id \
+        xmlSecNssTransformMd5GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformMd5GetKlass(void);
+#endif /* XMLSEC_NO_MD5 */
+
+
+
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
 
 #endif /* __XMLSEC_NSS_CRYPTO_H__ */
 
-#define __XMLSEC_NSS_CRYPTO_H__    
+#define __XMLSEC_NSS_CRYPTO_H__
diff --git a/include/xmlsec/nss/keysstore.h b/include/xmlsec/nss/keysstore.h
index 10e6bb38..a2cc289b 100644
--- a/include/xmlsec/nss/keysstore.h
+++ b/include/xmlsec/nss/keysstore.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Nss keys store
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc. All rights reserved
  */
 #ifndef __XMLSEC_NSS_KEYSSTORE_H__
-#define __XMLSEC_NSS_KEYSSTORE_H__    
+#define __XMLSEC_NSS_KEYSSTORE_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 
@@ -27,16 +27,16 @@ extern "C" {
  *
  * A Nss keys store klass id.
  */
-#define xmlSecNssKeysStoreId		xmlSecNssKeysStoreGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyStoreId	xmlSecNssKeysStoreGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeysStoreAdoptKey	(xmlSecKeyStorePtr store,
-									 xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeysStoreLoad 	(xmlSecKeyStorePtr store,
-								 const char *uri,
-								 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeysStoreSave	(xmlSecKeyStorePtr store, 
-								 const char *filename,
-								 xmlSecKeyDataType type);
+#define xmlSecNssKeysStoreId            xmlSecNssKeysStoreGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyStoreId   xmlSecNssKeysStoreGetKlass      (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeysStoreAdoptKey      (xmlSecKeyStorePtr store,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeysStoreLoad  (xmlSecKeyStorePtr store,
+                                                                 const char *uri,
+                                                                 xmlSecKeysMngrPtr keysMngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeysStoreSave  (xmlSecKeyStorePtr store,
+                                                                 const char *filename,
+                                                                 xmlSecKeyDataType type);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/nss/pkikeys.h b/include/xmlsec/nss/pkikeys.h
index fd4a6e8a..cb498482 100644
--- a/include/xmlsec/nss/pkikeys.h
+++ b/include/xmlsec/nss/pkikeys.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_PKIKEYS_H__
-#define __XMLSEC_NSS_PKIKEYS_H__    
+#define __XMLSEC_NSS_PKIKEYS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <nspr.h>
 #include <nss.h>
@@ -21,17 +21,17 @@ extern "C" {
 #include <xmlsec/transforms.h>
 
 
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr 	xmlSecNssPKIAdoptKey           (SECKEYPrivateKey *privkey,
-									SECKEYPublicKey  *pubkey);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecNssPKIAdoptKey           (SECKEYPrivateKey *privkey,
+                                                                        SECKEYPublicKey  *pubkey);
 
-XMLSEC_CRYPTO_EXPORT SECKEYPublicKey*   xmlSecNssPKIKeyDataGetPubKey	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT SECKEYPublicKey*   xmlSecNssPKIKeyDataGetPubKey    (xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT SECKEYPrivateKey*  xmlSecNssPKIKeyDataGetPrivKey	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT SECKEYPrivateKey*  xmlSecNssPKIKeyDataGetPrivKey   (xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT KeyType  		xmlSecNssPKIKeyDataGetKeyType	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT KeyType            xmlSecNssPKIKeyDataGetKeyType   (xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT int              	xmlSecNssPKIKeyDataDuplicate    (xmlSecKeyDataPtr dst,
-		                                                         xmlSecKeyDataPtr src);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssPKIKeyDataDuplicate    (xmlSecKeyDataPtr dst,
+                                                                         xmlSecKeyDataPtr src);
 
 
 
diff --git a/include/xmlsec/nss/symbols.h b/include/xmlsec/nss/symbols.h
index b01a1fa1..9520cb83 100644
--- a/include/xmlsec/nss/symbols.h
+++ b/include/xmlsec/nss/symbols.h
@@ -1,14 +1,14 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_SYMBOLS_H__
-#define __XMLSEC_NSS_SYMBOLS_H__    
+#define __XMLSEC_NSS_SYMBOLS_H__
 
 #if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 #error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
@@ -17,76 +17,83 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/**
- * Defines for writing simple code
- */
 #ifdef XMLSEC_CRYPTO_NSS
 
-/**  
+/********************************************************************
+ *
  * Crypto Init/shutdown
- */
-#define xmlSecCryptoInit			xmlSecNssInit
-#define xmlSecCryptoShutdown			xmlSecNssShutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecNssInit
+#define xmlSecCryptoShutdown                    xmlSecNssShutdown
 
-#define xmlSecCryptoKeysMngrInit		xmlSecNssKeysMngrInit
+#define xmlSecCryptoKeysMngrInit                xmlSecNssKeysMngrInit
 
-/**
+/********************************************************************
+ *
  * Key data ids
- */
-#define xmlSecKeyDataAesId			xmlSecNssKeyDataAesId
-#define xmlSecKeyDataDesId			xmlSecNssKeyDataDesId
-#define xmlSecKeyDataDsaId			xmlSecNssKeyDataDsaId
-#define xmlSecKeyDataHmacId			xmlSecNssKeyDataHmacId
-#define xmlSecKeyDataRsaId			xmlSecNssKeyDataRsaId
-#define xmlSecKeyDataX509Id			xmlSecNssKeyDataX509Id
-#define xmlSecKeyDataRawX509CertId		xmlSecNssKeyDataRawX509CertId
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecNssKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecNssKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecNssKeyDataDsaId
+#define xmlSecKeyDataHmacId                     xmlSecNssKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecNssKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecNssKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecNssKeyDataRawX509CertId
 
-/**
+/********************************************************************
+ *
  * Key data store ids
- */
-#define xmlSecX509StoreId			xmlSecNssX509StoreId
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecNssX509StoreId
 
-/**
+/********************************************************************
+ *
  * Crypto transforms ids
- */
-#define xmlSecTransformAes128CbcId		xmlSecNssTransformAes128CbcId
-#define xmlSecTransformAes192CbcId		xmlSecNssTransformAes192CbcId
-#define xmlSecTransformAes256CbcId		xmlSecNssTransformAes256CbcId
-#define xmlSecTransformKWAes128Id		xmlSecNssTransformKWAes128Id
-#define xmlSecTransformKWAes192Id		xmlSecNssTransformKWAes192Id
-#define xmlSecTransformKWAes256Id		xmlSecNssTransformKWAes256Id
-#define xmlSecTransformDes3CbcId		xmlSecNssTransformDes3CbcId
-#define xmlSecTransformKWDes3Id			xmlSecNssTransformKWDes3Id
-#define xmlSecTransformDsaSha1Id		xmlSecNssTransformDsaSha1Id
-#define xmlSecTransformHmacMd5Id		xmlSecNssTransformHmacMd5Id
-#define xmlSecTransformHmacRipemd160Id		xmlSecNssTransformHmacRipemd160Id
-#define xmlSecTransformHmacSha1Id		xmlSecNssTransformHmacSha1Id
-#define xmlSecTransformRipemd160Id		xmlSecNssTransformRipemd160Id
-#define xmlSecTransformRsaSha1Id		xmlSecNssTransformRsaSha1Id
-#define xmlSecTransformRsaPkcs1Id		xmlSecNssTransformRsaPkcs1Id
-#define xmlSecTransformRsaOaepId		xmlSecNssTransformRsaOaepId
-#define xmlSecTransformSha1Id			xmlSecNssTransformSha1Id
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecNssTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecNssTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecNssTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecNssTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecNssTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecNssTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecNssTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecNssTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecNssTransformDsaSha1Id
+#define xmlSecTransformHmacMd5Id                xmlSecNssTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecNssTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecNssTransformHmacSha1Id
+#define xmlSecTransformRipemd160Id              xmlSecNssTransformRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecNssTransformRsaSha1Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecNssTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecNssTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecNssTransformSha1Id
 
-/**
+/********************************************************************
+ *
  * High level routines form xmlsec command line utility
- */ 
-#define xmlSecCryptoAppInit			xmlSecNssAppInit
-#define xmlSecCryptoAppShutdown			xmlSecNssAppShutdown
-#define xmlSecCryptoAppDefaultKeysMngrInit	xmlSecNssAppDefaultKeysMngrInit
-#define xmlSecCryptoAppDefaultKeysMngrAdoptKey	xmlSecNssAppDefaultKeysMngrAdoptKey
-#define xmlSecCryptoAppDefaultKeysMngrLoad	xmlSecNssAppDefaultKeysMngrLoad
-#define xmlSecCryptoAppDefaultKeysMngrSave	xmlSecNssAppDefaultKeysMngrSave
-#define xmlSecCryptoAppKeysMngrCertLoad		xmlSecNssAppKeysMngrCertLoad
-#define xmlSecCryptoAppKeysMngrCertLoadMemory	xmlSecNssAppKeysMngrCertLoadMemory
-#define xmlSecCryptoAppKeyLoad			xmlSecNssAppKeyLoad
-#define xmlSecCryptoAppPkcs12Load		xmlSecNssAppPkcs12Load
-#define xmlSecCryptoAppKeyCertLoad		xmlSecNssAppKeyCertLoad
-#define xmlSecCryptoAppKeyLoadMemory		xmlSecNssAppKeyLoadMemory
-#define xmlSecCryptoAppPkcs12LoadMemory		xmlSecNssAppPkcs12LoadMemory
-#define xmlSecCryptoAppKeyCertLoadMemory	xmlSecNssAppKeyCertLoadMemory
-#define xmlSecCryptoAppGetDefaultPwdCallback	xmlSecNssAppGetDefaultPwdCallback
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecNssAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecNssAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecNssAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecNssAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecNssAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecNssAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecNssAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecNssAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecNssAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecNssAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecNssAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecNssAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecNssAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecNssAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecNssAppGetDefaultPwdCallback
 
 #endif /* XMLSEC_CRYPTO_NSS */
 
@@ -96,4 +103,4 @@ extern "C" {
 
 #endif /* __XMLSEC_NSS_CRYPTO_H__ */
 
-#define __XMLSEC_NSS_CRYPTO_H__    
+#define __XMLSEC_NSS_CRYPTO_H__
diff --git a/include/xmlsec/nss/x509.h b/include/xmlsec/nss/x509.h
index 1e3ba5e7..fe5ceb4a 100644
--- a/include/xmlsec/nss/x509.h
+++ b/include/xmlsec/nss/x509.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #ifndef __XMLSEC_NSS_X509_H__
-#define __XMLSEC_NSS_X509_H__    
+#define __XMLSEC_NSS_X509_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #ifndef XMLSEC_NO_X509
 
@@ -25,60 +25,60 @@ extern "C" {
 
 /**
  * xmlSecNssKeyDataX509Id:
- * 
+ *
  * The NSS X509 data klass.
  */
 #define xmlSecNssKeyDataX509Id \
-	xmlSecNssKeyDataX509GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataX509GetKlass(void);
+        xmlSecNssKeyDataX509GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataX509GetKlass(void);
 
-XMLSEC_CRYPTO_EXPORT CERTCertificate*	xmlSecNssKeyDataX509GetKeyCert(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT int		xmlSecNssKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, 
-									 CERTCertificate* cert);
+XMLSEC_CRYPTO_EXPORT CERTCertificate*   xmlSecNssKeyDataX509GetKeyCert(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data,
+                                                                         CERTCertificate* cert);
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecNssKeyDataX509AdoptCert(xmlSecKeyDataPtr data,
-									 CERTCertificate* cert);
-XMLSEC_CRYPTO_EXPORT CERTCertificate*	xmlSecNssKeyDataX509GetCert	(xmlSecKeyDataPtr data,
-									 xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecNssKeyDataX509GetCertsSize(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataX509AdoptCert(xmlSecKeyDataPtr data,
+                                                                         CERTCertificate* cert);
+XMLSEC_CRYPTO_EXPORT CERTCertificate*   xmlSecNssKeyDataX509GetCert     (xmlSecKeyDataPtr data,
+                                                                         xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecNssKeyDataX509GetCertsSize(xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecNssKeyDataX509AdoptCrl(xmlSecKeyDataPtr data,
-									 CERTSignedCrl* crl);
-XMLSEC_CRYPTO_EXPORT CERTSignedCrl*	xmlSecNssKeyDataX509GetCrl	(xmlSecKeyDataPtr data,
-									 xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecNssKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr	xmlSecNssX509CertGetKey		(CERTCertificate* cert);
+XMLSEC_CRYPTO_EXPORT int                xmlSecNssKeyDataX509AdoptCrl(xmlSecKeyDataPtr data,
+                                                                         CERTSignedCrl* crl);
+XMLSEC_CRYPTO_EXPORT CERTSignedCrl*     xmlSecNssKeyDataX509GetCrl      (xmlSecKeyDataPtr data,
+                                                                         xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecNssKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecNssX509CertGetKey         (CERTCertificate* cert);
 
 
 /**
  * xmlSecNssKeyDataRawX509CertId:
- * 
+ *
  * The NSS raw X509 certificate klass.
  */
 #define xmlSecNssKeyDataRawX509CertId \
-	xmlSecNssKeyDataRawX509CertGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecNssKeyDataRawX509CertGetKlass(void);
+        xmlSecNssKeyDataRawX509CertGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecNssKeyDataRawX509CertGetKlass(void);
 
 /**
  * xmlSecNssX509StoreId:
- * 
+ *
  * The NSS X509 store klass.
  */
 #define xmlSecNssX509StoreId \
-	xmlSecNssX509StoreGetKlass()
+        xmlSecNssX509StoreGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecKeyDataStoreId xmlSecNssX509StoreGetKlass(void);
-XMLSEC_CRYPTO_EXPORT CERTCertificate* 		xmlSecNssX509StoreFindCert	(xmlSecKeyDataStorePtr store,
-									 	 xmlChar *subjectName,
-									 	 xmlChar *issuerName, 
-									 	 xmlChar *issuerSerial,
-									 	 xmlChar *ski,
-									 	 xmlSecKeyInfoCtx* keyInfoCtx);
-
-XMLSEC_CRYPTO_EXPORT CERTCertificate* 		xmlSecNssX509StoreVerify	(xmlSecKeyDataStorePtr store,
-									 	 CERTCertList* certs,
-									 	 xmlSecKeyInfoCtx* keyInfoCtx);
-XMLSEC_CRYPTO_EXPORT int                	xmlSecNssX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
-									     CERTCertificate* cert,
+XMLSEC_CRYPTO_EXPORT CERTCertificate*           xmlSecNssX509StoreFindCert      (xmlSecKeyDataStorePtr store,
+                                                                                 xmlChar *subjectName,
+                                                                                 xmlChar *issuerName,
+                                                                                 xmlChar *issuerSerial,
+                                                                                 xmlChar *ski,
+                                                                                 xmlSecKeyInfoCtx* keyInfoCtx);
+
+XMLSEC_CRYPTO_EXPORT CERTCertificate*           xmlSecNssX509StoreVerify        (xmlSecKeyDataStorePtr store,
+                                                                                 CERTCertList* certs,
+                                                                                 xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT int                        xmlSecNssX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
+                                                                             CERTCertificate* cert,
                                                                              xmlSecKeyDataType type);
 
 
diff --git a/include/xmlsec/openssl/Makefile.in b/include/xmlsec/openssl/Makefile.in
index 6530e925..e8bfe4cc 100644
--- a/include/xmlsec/openssl/Makefile.in
+++ b/include/xmlsec/openssl/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec/openssl
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(xmlsecopensslinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -68,6 +77,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecopensslincdir)"
 HEADERS = $(xmlsecopensslinc_HEADERS)
 ETAGS = etags
@@ -75,6 +90,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -89,6 +105,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -97,6 +114,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -127,6 +148,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -158,8 +180,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -167,7 +191,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -186,6 +209,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -195,6 +220,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -230,6 +256,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -262,7 +289,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -345,9 +371,7 @@ uninstall-xmlsecopensslincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecopensslinc_HEADERS)'; test -n "$(xmlsecopensslincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecopensslincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecopensslincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecopensslincdir)'; $(am__uninstall_files_from_dir)
 
 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -448,10 +472,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/openssl/app.h b/include/xmlsec/openssl/app.h
index d781af2b..2fd70e8e 100644
--- a/include/xmlsec/openssl/app.h
+++ b/include/xmlsec/openssl/app.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_OPENSSL_APP_H__
-#define __XMLSEC_OPENSSL_APP_H__    
+#define __XMLSEC_OPENSSL_APP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <openssl/pem.h>
 #include <openssl/bio.h>
@@ -21,96 +21,102 @@ extern "C" {
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/transforms.h>
 
-/**
+/********************************************************************
+ *
  * Init/shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppInit		(const char* config);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppShutdown	(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppInit            (const char* config);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppShutdown        (void);
 
-/** 
+/********************************************************************
+ *
  * Keys Manager
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr,
-									 const char* uri);
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr,
-									 const char* filename,
-									 xmlSecKeyDataType type);
+ *
+ *******************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, 
-									 const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, 
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format,
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, 
-									 BIO* bio,
-									 xmlSecKeyDataFormat format,
-									 xmlSecKeyDataType type);
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeysMngrAddCertsPath(xmlSecKeysMngrPtr mngr, 
-									 const char *path);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr,
+                                                                         BIO* bio,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeysMngrAddCertsPath(xmlSecKeysMngrPtr mngr,
+                                                                         const char *path);
 XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeysMngrAddCertsFile(xmlSecKeysMngrPtr mngr,
                                                                          const char *file);
 
 #endif /* XMLSEC_NO_X509 */
 
 
-/** 
+/********************************************************************
+ *
  * Keys
- */
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoad		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoadMemory	(const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppKeyLoadBIO	(BIO* bio,
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppKeyLoad         (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppKeyLoadMemory   (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppKeyLoadBIO      (BIO* bio,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12Load	(const char* filename, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr	xmlSecOpenSSLAppPkcs12LoadBIO	(BIO* bio, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoad	(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLAppKeyCertLoadBIO	(xmlSecKeyPtr key,
-									 BIO* bio,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr 	xmlSecOpenSSLAppKeyFromCertLoadBIO(BIO* bio, 
-									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppPkcs12Load      (const char* filename,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppPkcs12LoadBIO   (BIO* bio,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeyCertLoad     (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLAppKeyCertLoadBIO  (xmlSecKeyPtr key,
+                                                                         BIO* bio,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr       xmlSecOpenSSLAppKeyFromCertLoadBIO(BIO* bio,
+                                                                         xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
 
-XMLSEC_CRYPTO_EXPORT void*		xmlSecOpenSSLAppGetDefaultPwdCallback(void);
+XMLSEC_CRYPTO_EXPORT void*              xmlSecOpenSSLAppGetDefaultPwdCallback(void);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/openssl/bn.h b/include/xmlsec/openssl/bn.h
index b6ec4615..bdb9c7cb 100644
--- a/include/xmlsec/openssl/bn.h
+++ b/include/xmlsec/openssl/bn.h
@@ -1,31 +1,31 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Reading/writing BIGNUM values
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_BN_H__
-#define __XMLSEC_BN_H__    
+#define __XMLSEC_BN_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <openssl/bn.h>
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
 
-XMLSEC_CRYPTO_EXPORT BIGNUM*	xmlSecOpenSSLNodeGetBNValue	(const xmlNodePtr cur,
-								 BIGNUM **a);
-XMLSEC_CRYPTO_EXPORT int	xmlSecOpenSSLNodeSetBNValue	(xmlNodePtr cur, 
-								 const BIGNUM *a,
-								 int addLineBreaks);
+XMLSEC_CRYPTO_EXPORT BIGNUM*    xmlSecOpenSSLNodeGetBNValue     (const xmlNodePtr cur,
+                                                                 BIGNUM **a);
+XMLSEC_CRYPTO_EXPORT int        xmlSecOpenSSLNodeSetBNValue     (xmlNodePtr cur,
+                                                                 const BIGNUM *a,
+                                                                 int addLineBreaks);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/openssl/crypto.h b/include/xmlsec/openssl/crypto.h
index 4fe0ca7f..aec5fb31 100644
--- a/include/xmlsec/openssl/crypto.h
+++ b/include/xmlsec/openssl/crypto.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_OPENSSL_CRYPTO_H__
-#define __XMLSEC_OPENSSL_CRYPTO_H__    
+#define __XMLSEC_OPENSSL_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
@@ -20,33 +20,22 @@ extern "C" {
 
 #include <openssl/err.h>
 
-/* OpenSSL 0.9.6 and 0.9.7 do not have SHA 224/256/384/512 */
-#if defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097)
-#define XMLSEC_NO_SHA224 1
-#define XMLSEC_NO_SHA256 1
-#define XMLSEC_NO_SHA384 1
-#define XMLSEC_NO_SHA512 1
-#endif /* defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097) */
-
-/* OpenSSL 0.9.6 does not have AES */
-#if defined(XMLSEC_OPENSSL_096)
-#define XMLSEC_NO_AES	 1
-#endif /* XMLSEC_OPENSSL_096 */
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_openssl(void);
 
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoGetFunctions_openssl(void);
-
-/**
+/********************************************************************
+ *
  * Init shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLInit		(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLShutdown		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLInit               (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLShutdown           (void);
 
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLGenerateRandom	(xmlSecBufferPtr buffer,
-									 xmlSecSize size);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeysMngrInit       (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLGenerateRandom     (xmlSecBufferPtr buffer,
+                                                                         xmlSecSize size);
 
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLSetDefaultTrustedCertsFolder(const xmlChar* path);
-XMLSEC_CRYPTO_EXPORT const xmlChar*	xmlSecOpenSSLGetDefaultTrustedCertsFolder(void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLSetDefaultTrustedCertsFolder(const xmlChar* path);
+XMLSEC_CRYPTO_EXPORT const xmlChar*     xmlSecOpenSSLGetDefaultTrustedCertsFolder(void);
 
 /********************************************************************
  *
@@ -56,68 +45,68 @@ XMLSEC_CRYPTO_EXPORT const xmlChar*	xmlSecOpenSSLGetDefaultTrustedCertsFolder(vo
 #ifndef XMLSEC_NO_AES
 /**
  * xmlSecOpenSSLKeyDataAesId:
- * 
+ *
  * The AES key klass.
  */
 #define xmlSecOpenSSLKeyDataAesId \
-	xmlSecOpenSSLKeyDataAesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecOpenSSLKeyDataAesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataAesSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecOpenSSLKeyDataAesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataAesGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataAesSet      (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 /**
  * xmlSecOpenSSLTransformAes128CbcId:
- * 
+ *
  * The AES128 CBC cipher transform klass.
  */
 #define xmlSecOpenSSLTransformAes128CbcId \
-	xmlSecOpenSSLTransformAes128CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformAes128CbcGetKlass(void);
+        xmlSecOpenSSLTransformAes128CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformAes128CbcGetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformAes192CbcId:
- * 
+ *
  * The AES192 CBC cipher transform klass.
  */
 #define xmlSecOpenSSLTransformAes192CbcId \
-	xmlSecOpenSSLTransformAes192CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformAes192CbcGetKlass(void);
+        xmlSecOpenSSLTransformAes192CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformAes192CbcGetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformAes256CbcId:
- * 
+ *
  * The AES256 CBC cipher transform klass.
  */
 #define xmlSecOpenSSLTransformAes256CbcId \
-	xmlSecOpenSSLTransformAes256CbcGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformAes256CbcGetKlass(void);
+        xmlSecOpenSSLTransformAes256CbcGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformAes256CbcGetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformKWAes128Id:
- * 
+ *
  * The AES 128 key wrap transform klass.
  */
 #define xmlSecOpenSSLTransformKWAes128Id \
-	xmlSecOpenSSLTransformKWAes128GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformKWAes128GetKlass(void);
+        xmlSecOpenSSLTransformKWAes128GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformKWAes128GetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformKWAes192Id:
- * 
+ *
  * The AES 192 key wrap transform klass.
  */
 #define xmlSecOpenSSLTransformKWAes192Id \
-	xmlSecOpenSSLTransformKWAes192GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformKWAes192GetKlass(void);
+        xmlSecOpenSSLTransformKWAes192GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformKWAes192GetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformKWAes256Id:
- * 
+ *
  * The AES 256 key wrap transform klass.
  */
 #define xmlSecOpenSSLTransformKWAes256Id \
-	xmlSecOpenSSLTransformKWAes256GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformKWAes256GetKlass(void);
+        xmlSecOpenSSLTransformKWAes256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId  xmlSecOpenSSLTransformKWAes256GetKlass(void);
 
 #endif /* XMLSEC_NO_AES */
 
@@ -129,32 +118,33 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId	xmlSecOpenSSLTransformKWAes256GetKlass(vo
 #ifndef XMLSEC_NO_DES
 /**
  * xmlSecOpenSSLKeyDataDesId:
- * 
+ *
  * The DES key klass.
  */
 #define xmlSecOpenSSLKeyDataDesId \
-	xmlSecOpenSSLKeyDataDesGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId	xmlSecOpenSSLKeyDataDesGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataDesSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecOpenSSLKeyDataDesGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataDesGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataDesSet      (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 /**
  * xmlSecOpenSSLTransformDes3CbcId:
- * 
+ *
  * The DES3 CBC cipher transform klass.
  */
 #define xmlSecOpenSSLTransformDes3CbcId \
-	xmlSecOpenSSLTransformDes3CbcGetKlass()
+        xmlSecOpenSSLTransformDes3CbcGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformDes3CbcGetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformKWDes3Id:
- * 
- * The DES3 CBC cipher transform klass.
+ *
+ * The DES3 KW transform klass.
  */
 #define xmlSecOpenSSLTransformKWDes3Id \
-	xmlSecOpenSSLTransformKWDes3GetKlass()
+        xmlSecOpenSSLTransformKWDes3GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformKWDes3GetKlass(void);
+
 #endif /* XMLSEC_NO_DES */
 
 /********************************************************************
@@ -168,34 +158,163 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformKWDes3GetKlass(void
 
 /**
  * xmlSecOpenSSLKeyDataDsaId:
- * 
+ *
  * The DSA key klass.
  */
 #define xmlSecOpenSSLKeyDataDsaId \
-	xmlSecOpenSSLKeyDataDsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecOpenSSLKeyDataDsaGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataDsaAdoptDsa	(xmlSecKeyDataPtr data,
-									 DSA* dsa);
-XMLSEC_CRYPTO_EXPORT DSA*		xmlSecOpenSSLKeyDataDsaGetDsa	(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataDsaAdoptEvp	(xmlSecKeyDataPtr data,
-									 EVP_PKEY* pKey);
-XMLSEC_CRYPTO_EXPORT EVP_PKEY*		xmlSecOpenSSLKeyDataDsaGetEvp	(xmlSecKeyDataPtr data);
+        xmlSecOpenSSLKeyDataDsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataDsaGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataDsaAdoptDsa (xmlSecKeyDataPtr data,
+                                                                         DSA* dsa);
+XMLSEC_CRYPTO_EXPORT DSA*               xmlSecOpenSSLKeyDataDsaGetDsa   (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataDsaAdoptEvp (xmlSecKeyDataPtr data,
+                                                                         EVP_PKEY* pKey);
+XMLSEC_CRYPTO_EXPORT EVP_PKEY*          xmlSecOpenSSLKeyDataDsaGetEvp   (xmlSecKeyDataPtr data);
 
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecOpenSSLTransformDsaSha1Id:
- * 
+ *
  * The DSA SHA1 signature transform klass.
  */
 #define xmlSecOpenSSLTransformDsaSha1Id \
-	xmlSecOpenSSLTransformDsaSha1GetKlass()
+        xmlSecOpenSSLTransformDsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformDsaSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecOpenSSLTransformDsaSha256Id:
+ *
+ * The DSA SHA256 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformDsaSha256Id \
+        xmlSecOpenSSLTransformDsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformDsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
 /********************************************************************
  *
+ * ECDSA transforms
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_ECDSA
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaId:
+ *
+ * The ECDSA key klass.
+ */
+#define xmlSecOpenSSLKeyDataEcdsaId \
+        xmlSecOpenSSLKeyDataEcdsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataEcdsaGetKlass   (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa (xmlSecKeyDataPtr data,
+                                                                             EC_KEY* ecdsa);
+XMLSEC_CRYPTO_EXPORT EC_KEY*            xmlSecOpenSSLKeyDataEcdsaGetEcdsa   (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataEcdsaAdoptEvp   (xmlSecKeyDataPtr data,
+                                                                             EVP_PKEY* pKey);
+XMLSEC_CRYPTO_EXPORT EVP_PKEY*          xmlSecOpenSSLKeyDataEcdsaGetEvp     (xmlSecKeyDataPtr data);
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecOpenSSLTransformEcdsaSha1Id:
+ *
+ * The ECDSA-SHA1 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformEcdsaSha1Id \
+        xmlSecOpenSSLTransformEcdsaSha1GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha1GetKlass(void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+/**
+ * xmlSecOpenSSLTransformEcdsaSha224Id:
+ *
+ * The ECDSA-SHA224 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformEcdsaSha224Id \
+        xmlSecOpenSSLTransformEcdsaSha224GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha224GetKlass(void);
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecOpenSSLTransformEcdsaSha256Id:
+ *
+ * The ECDSA-SHA256 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformEcdsaSha256Id \
+        xmlSecOpenSSLTransformEcdsaSha256GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha256GetKlass(void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecOpenSSLTransformEcdsaSha384Id:
+ *
+ * The ECDSA-SHA384 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformEcdsaSha384Id \
+        xmlSecOpenSSLTransformEcdsaSha384GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha384GetKlass(void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecOpenSSLTransformEcdsaSha512Id:
+ *
+ * The ECDSA-SHA512 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformEcdsaSha512Id \
+        xmlSecOpenSSLTransformEcdsaSha512GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformEcdsaSha512GetKlass(void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
+/********************************************************************
+ *
+ * GOST2001 transform
+ *
+ *******************************************************************/
+#ifndef XMLSEC_NO_GOST
+
+/**
+ * xmlSecOpenSSLKeyDataGost2001Id:
+ *
+ * The GOST2001 key klass.
+ */
+#define xmlSecOpenSSLKeyDataGost2001Id \
+        xmlSecOpenSSLKeyDataGost2001GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataGost2001GetKlass   (void);
+
+/**
+ * xmlSecOpenSSLTransformGost2001GostR3411_94Id:
+ *
+ * The GOST2001 GOSTR3411_94 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGost2001GostR3411_94Id \
+        xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void);
+
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_94Id:
+ *
+ * The GOSTR3411_94 signature transform klass.
+ */
+#define xmlSecOpenSSLTransformGostR3411_94Id \
+	xmlSecOpenSSLTransformGostR3411_94GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformGostR3411_94GetKlass(void);
+
+#endif /* XMLSEC_NO_GOST */
+
+/********************************************************************
+ *
  * HMAC transforms
  *
  *******************************************************************/
@@ -204,92 +323,92 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformDsaSha1GetKlass(voi
 XMLSEC_CRYPTO_EXPORT int               xmlSecOpenSSLHmacGetMinOutputLength(void);
 XMLSEC_CRYPTO_EXPORT void              xmlSecOpenSSLHmacSetMinOutputLength(int min_length);
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataHmacId:
- * 
+ *
  * The DHMAC key klass.
  */
 #define xmlSecOpenSSLKeyDataHmacId \
-	xmlSecOpenSSLKeyDataHmacGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId	xmlSecOpenSSLKeyDataHmacGetKlass(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataHmacSet	(xmlSecKeyDataPtr data,
-									 const xmlSecByte* buf,
-									 xmlSecSize bufSize);
+        xmlSecOpenSSLKeyDataHmacGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataHmacGetKlass(void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataHmacSet     (xmlSecKeyDataPtr data,
+                                                                         const xmlSecByte* buf,
+                                                                         xmlSecSize bufSize);
 
-#ifndef XMLSEC_NO_MD5									 
+#ifndef XMLSEC_NO_MD5
 /**
  * xmlSecOpenSSLTransformHmacMd5Id:
- * 
+ *
  * The HMAC with MD5 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacMd5Id \
-	xmlSecOpenSSLTransformHmacMd5GetKlass()
+        xmlSecOpenSSLTransformHmacMd5GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacMd5GetKlass(void);
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
 /**
  * xmlSecOpenSSLTransformHmacRipemd160Id:
- * 
+ *
  * The HMAC with RipeMD160 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacRipemd160Id \
-	xmlSecOpenSSLTransformHmacRipemd160GetKlass()
+        xmlSecOpenSSLTransformHmacRipemd160GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacRipemd160GetKlass(void);
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecOpenSSLTransformHmacSha1Id:
- * 
+ *
  * The HMAC with SHA1 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacSha1Id \
-	xmlSecOpenSSLTransformHmacSha1GetKlass()
+        xmlSecOpenSSLTransformHmacSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
 /**
  * xmlSecOpenSSLTransformHmacSha224Id:
- * 
+ *
  * The HMAC with SHA224 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacSha224Id \
-	xmlSecOpenSSLTransformHmacSha224GetKlass()
+        xmlSecOpenSSLTransformHmacSha224GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha224GetKlass(void);
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
 /**
  * xmlSecOpenSSLTransformHmacSha256Id:
- * 
+ *
  * The HMAC with SHA256 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacSha256Id \
-	xmlSecOpenSSLTransformHmacSha256GetKlass()
+        xmlSecOpenSSLTransformHmacSha256GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha256GetKlass(void);
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
 /**
  * xmlSecOpenSSLTransformHmacSha384Id:
- * 
+ *
  * The HMAC with SHA384 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacSha384Id \
-	xmlSecOpenSSLTransformHmacSha384GetKlass()
+        xmlSecOpenSSLTransformHmacSha384GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha384GetKlass(void);
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
 /**
  * xmlSecOpenSSLTransformHmacSha512Id:
- * 
+ *
  * The HMAC with SHA512 signature transform klass.
  */
 #define xmlSecOpenSSLTransformHmacSha512Id \
-	xmlSecOpenSSLTransformHmacSha512GetKlass()
+        xmlSecOpenSSLTransformHmacSha512GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha512GetKlass(void);
 #endif /* XMLSEC_NO_SHA512 */
 
@@ -303,11 +422,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformHmacSha512GetKlass(
 #ifndef XMLSEC_NO_MD5
 /**
  * xmlSecOpenSSLTransformMd5Id:
- * 
+ *
  * The MD5 digest transform klass.
  */
 #define xmlSecOpenSSLTransformMd5Id \
-	xmlSecOpenSSLTransformMd5GetKlass()
+        xmlSecOpenSSLTransformMd5GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformMd5GetKlass(void);
 #endif /* XMLSEC_NO_MD5 */
 
@@ -320,11 +439,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformMd5GetKlass(void);
 #ifndef XMLSEC_NO_RIPEMD160
 /**
  * xmlSecOpenSSLTransformRipemd160Id:
- * 
+ *
  * The RIPEMD160 digest transform klass.
  */
 #define xmlSecOpenSSLTransformRipemd160Id \
-	xmlSecOpenSSLTransformRipemd160GetKlass()
+        xmlSecOpenSSLTransformRipemd160GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRipemd160GetKlass(void);
 #endif /* XMLSEC_NO_RIPEMD160 */
 
@@ -339,112 +458,112 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRipemd160GetKlass(v
 
 /**
  * xmlSecOpenSSLKeyDataRsaId:
- * 
+ *
  * The RSA key klass.
  */
 #define xmlSecOpenSSLKeyDataRsaId \
-	xmlSecOpenSSLKeyDataRsaGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecOpenSSLKeyDataRsaGetKlass	(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataRsaAdoptRsa	(xmlSecKeyDataPtr data,
-									 RSA* rsa);
-XMLSEC_CRYPTO_EXPORT RSA*		xmlSecOpenSSLKeyDataRsaGetRsa	(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataRsaAdoptEvp	(xmlSecKeyDataPtr data,
-									 EVP_PKEY* pKey);
-XMLSEC_CRYPTO_EXPORT EVP_PKEY*		xmlSecOpenSSLKeyDataRsaGetEvp	(xmlSecKeyDataPtr data);
+        xmlSecOpenSSLKeyDataRsaGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataRsaGetKlass (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataRsaAdoptRsa (xmlSecKeyDataPtr data,
+                                                                         RSA* rsa);
+XMLSEC_CRYPTO_EXPORT RSA*               xmlSecOpenSSLKeyDataRsaGetRsa   (xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataRsaAdoptEvp (xmlSecKeyDataPtr data,
+                                                                         EVP_PKEY* pKey);
+XMLSEC_CRYPTO_EXPORT EVP_PKEY*          xmlSecOpenSSLKeyDataRsaGetEvp   (xmlSecKeyDataPtr data);
 
 #ifndef XMLSEC_NO_MD5
 /**
  * xmlSecOpenSSLTransformRsaMd5Id:
- * 
+ *
  * The RSA-MD5 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaMd5Id	\
-	xmlSecOpenSSLTransformRsaMd5GetKlass()
+#define xmlSecOpenSSLTransformRsaMd5Id  \
+        xmlSecOpenSSLTransformRsaMd5GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaMd5GetKlass(void);
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
 /**
  * xmlSecOpenSSLTransformRsaRipemd160Id:
- * 
+ *
  * The RSA-RIPEMD160 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaRipemd160Id	\
-	xmlSecOpenSSLTransformRsaRipemd160GetKlass()
+#define xmlSecOpenSSLTransformRsaRipemd160Id    \
+        xmlSecOpenSSLTransformRsaRipemd160GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaRipemd160GetKlass(void);
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecOpenSSLTransformRsaSha1Id:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaSha1Id	\
-	xmlSecOpenSSLTransformRsaSha1GetKlass()
+#define xmlSecOpenSSLTransformRsaSha1Id \
+        xmlSecOpenSSLTransformRsaSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
 /**
  * xmlSecOpenSSLTransformRsaSha224Id:
- * 
+ *
  * The RSA-SHA224 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaSha224Id	\
-	xmlSecOpenSSLTransformRsaSha224GetKlass()
+#define xmlSecOpenSSLTransformRsaSha224Id       \
+        xmlSecOpenSSLTransformRsaSha224GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaSha224GetKlass(void);
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
 /**
  * xmlSecOpenSSLTransformRsaSha256Id:
- * 
+ *
  * The RSA-SHA256 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaSha256Id	\
-	xmlSecOpenSSLTransformRsaSha256GetKlass()
+#define xmlSecOpenSSLTransformRsaSha256Id       \
+        xmlSecOpenSSLTransformRsaSha256GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaSha256GetKlass(void);
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
 /**
  * xmlSecOpenSSLTransformRsaSha384Id:
- * 
+ *
  * The RSA-SHA384 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaSha384Id	\
-	xmlSecOpenSSLTransformRsaSha384GetKlass()
+#define xmlSecOpenSSLTransformRsaSha384Id       \
+        xmlSecOpenSSLTransformRsaSha384GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaSha384GetKlass(void);
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
 /**
  * xmlSecOpenSSLTransformRsaSha512Id:
- * 
+ *
  * The RSA-SHA512 signature transform klass.
  */
-#define xmlSecOpenSSLTransformRsaSha512Id	\
-	xmlSecOpenSSLTransformRsaSha512GetKlass()
+#define xmlSecOpenSSLTransformRsaSha512Id       \
+        xmlSecOpenSSLTransformRsaSha512GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaSha512GetKlass(void);
 #endif /* XMLSEC_NO_SHA512 */
 
 /**
  * xmlSecOpenSSLTransformRsaPkcs1Id:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
 #define xmlSecOpenSSLTransformRsaPkcs1Id \
-	xmlSecOpenSSLTransformRsaPkcs1GetKlass()
+        xmlSecOpenSSLTransformRsaPkcs1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaPkcs1GetKlass(void);
 
 /**
  * xmlSecOpenSSLTransformRsaOaepId:
- * 
+ *
  * The RSA PKCS1 key transport transform klass.
  */
 #define xmlSecOpenSSLTransformRsaOaepId \
-	xmlSecOpenSSLTransformRsaOaepGetKlass()
+        xmlSecOpenSSLTransformRsaOaepGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaOaepGetKlass(void);
 
 #endif /* XMLSEC_NO_RSA */
@@ -458,11 +577,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformRsaOaepGetKlass(voi
 #ifndef XMLSEC_NO_SHA1
 /**
  * xmlSecOpenSSLTransformSha1Id:
- * 
+ *
  * The SHA1 digest transform klass.
  */
 #define xmlSecOpenSSLTransformSha1Id \
-	xmlSecOpenSSLTransformSha1GetKlass()
+        xmlSecOpenSSLTransformSha1GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha1GetKlass(void);
 #endif /* XMLSEC_NO_SHA1 */
 
@@ -475,11 +594,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha1GetKlass(void);
 #ifndef XMLSEC_NO_SHA224
 /**
  * xmlSecOpenSSLTransformSha224Id:
- * 
+ *
  * The SHA224 digest transform klass.
  */
 #define xmlSecOpenSSLTransformSha224Id \
-	xmlSecOpenSSLTransformSha224GetKlass()
+        xmlSecOpenSSLTransformSha224GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha224GetKlass(void);
 #endif /* XMLSEC_NO_SHA224 */
 
@@ -492,11 +611,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha224GetKlass(void
 #ifndef XMLSEC_NO_SHA256
 /**
  * xmlSecOpenSSLTransformSha256Id:
- * 
+ *
  * The SHA256 digest transform klass.
  */
 #define xmlSecOpenSSLTransformSha256Id \
-	xmlSecOpenSSLTransformSha256GetKlass()
+        xmlSecOpenSSLTransformSha256GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha256GetKlass(void);
 #endif /* XMLSEC_NO_SHA256 */
 
@@ -508,11 +627,11 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha256GetKlass(void
 #ifndef XMLSEC_NO_SHA384
 /**
  * xmlSecOpenSSLTransformSha384Id:
- * 
+ *
  * The SHA384 digest transform klass.
  */
 #define xmlSecOpenSSLTransformSha384Id \
-	xmlSecOpenSSLTransformSha384GetKlass()
+        xmlSecOpenSSLTransformSha384GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha384GetKlass(void);
 #endif /* XMLSEC_NO_SHA384 */
 
@@ -524,20 +643,19 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha384GetKlass(void
 #ifndef XMLSEC_NO_SHA512
 /**
  * xmlSecOpenSSLTransformSha512Id:
- * 
+ *
  * The SHA512 digest transform klass.
  */
 #define xmlSecOpenSSLTransformSha512Id \
-	xmlSecOpenSSLTransformSha512GetKlass()
+        xmlSecOpenSSLTransformSha512GetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha512GetKlass(void);
 #endif /* XMLSEC_NO_SHA512 */
 
 
 
-
 /**************************************************************
  *
- * Error constants for OpenSSL 
+ * Error constants for OpenSSL
  *
  *************************************************************/
 /**
@@ -545,22 +663,22 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecOpenSSLTransformSha512GetKlass(void
  *
  * Macro. The XMLSec library klass for OpenSSL errors reporting functions.
  */
-#define XMLSEC_OPENSSL_ERRORS_LIB			(ERR_LIB_USER + 57)
+#define XMLSEC_OPENSSL_ERRORS_LIB                       (ERR_LIB_USER + 57)
 
 /**
  * XMLSEC_OPENSSL_ERRORS_FUNCTION:
  *
  * Macro. The XMLSec library functions OpenSSL errors reporting functions.
  */
-#define XMLSEC_OPENSSL_ERRORS_FUNCTION			0
+#define XMLSEC_OPENSSL_ERRORS_FUNCTION                  0
 
-XMLSEC_CRYPTO_EXPORT void 	xmlSecOpenSSLErrorsDefaultCallback	(const char* file, 
-									 int line, 
-									 const char* func,
-									 const char* errorObject,
-									 const char* errorSubject,
-									 int reason, 
-									 const char* msg);
+XMLSEC_CRYPTO_EXPORT void       xmlSecOpenSSLErrorsDefaultCallback      (const char* file,
+                                                                         int line,
+                                                                         const char* func,
+                                                                         const char* errorObject,
+                                                                         const char* errorSubject,
+                                                                         int reason,
+                                                                         const char* msg);
 
 #ifdef __cplusplus
 }
@@ -568,4 +686,4 @@ XMLSEC_CRYPTO_EXPORT void 	xmlSecOpenSSLErrorsDefaultCallback	(const char* file,
 
 #endif /* __XMLSEC_OPENSSL_CRYPTO_H__ */
 
-#define __XMLSEC_OPENSSL_CRYPTO_H__    
+#define __XMLSEC_OPENSSL_CRYPTO_H__
diff --git a/include/xmlsec/openssl/evp.h b/include/xmlsec/openssl/evp.h
index 4270bf0f..30db8f43 100644
--- a/include/xmlsec/openssl/evp.h
+++ b/include/xmlsec/openssl/evp.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_OPENSSL_EVP_H__
-#define __XMLSEC_OPENSSL_EVP_H__    
+#define __XMLSEC_OPENSSL_EVP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <openssl/evp.h>
 
@@ -22,17 +22,17 @@ extern "C" {
 #include <xmlsec/openssl/crypto.h>
 
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLEvpKeyDataAdoptEvp	(xmlSecKeyDataPtr data, 
-									 EVP_PKEY* pKey);
-XMLSEC_CRYPTO_EXPORT EVP_PKEY* 		xmlSecOpenSSLEvpKeyDataGetEvp	(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLEvpKeyDataAdoptEvp (xmlSecKeyDataPtr data,
+                                                                         EVP_PKEY* pKey);
+XMLSEC_CRYPTO_EXPORT EVP_PKEY*          xmlSecOpenSSLEvpKeyDataGetEvp   (xmlSecKeyDataPtr data);
 
 /******************************************************************************
  *
  * EVP helper functions
  *
  *****************************************************************************/
-XMLSEC_CRYPTO_EXPORT EVP_PKEY*		xmlSecOpenSSLEvpKeyDup		(EVP_PKEY* pKey);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr 	xmlSecOpenSSLEvpKeyAdopt	(EVP_PKEY *pKey);
+XMLSEC_CRYPTO_EXPORT EVP_PKEY*          xmlSecOpenSSLEvpKeyDup          (EVP_PKEY* pKey);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecOpenSSLEvpKeyAdopt        (EVP_PKEY *pKey);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/openssl/symbols.h b/include/xmlsec/openssl/symbols.h
index 295c2342..15ae9b96 100644
--- a/include/xmlsec/openssl/symbols.h
+++ b/include/xmlsec/openssl/symbols.h
@@ -1,13 +1,13 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_OPENSSL_SYMBOLS_H__
-#define __XMLSEC_OPENSSL_SYMBOLS_H__    
+#define __XMLSEC_OPENSSL_SYMBOLS_H__
 
 #if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 #error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
@@ -15,95 +15,112 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/**
- * Defines for writing simple code
- */
 #ifdef XMLSEC_CRYPTO_OPENSSL
 
-/**  
+/********************************************************************
+ *
  * Crypto Init/shutdown
- */
-#define xmlSecCryptoInit			xmlSecOpenSSLInit
-#define xmlSecCryptoShutdown			xmlSecOpenSSLShutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecOpenSSLInit
+#define xmlSecCryptoShutdown                    xmlSecOpenSSLShutdown
 
-#define xmlSecCryptoKeysMngrInit		xmlSecOpenSSLKeysMngrInit
+#define xmlSecCryptoKeysMngrInit                xmlSecOpenSSLKeysMngrInit
 
-/**
+/********************************************************************
+ *
  * Key data ids
- */
-#define xmlSecKeyDataAesId			xmlSecOpenSSLKeyDataAesId
-#define xmlSecKeyDataDesId			xmlSecOpenSSLKeyDataDesId
-#define xmlSecKeyDataDsaId			xmlSecOpenSSLKeyDataDsaId
-#define xmlSecKeyDataHmacId			xmlSecOpenSSLKeyDataHmacId
-#define xmlSecKeyDataRsaId			xmlSecOpenSSLKeyDataRsaId
-#define xmlSecKeyDataX509Id			xmlSecOpenSSLKeyDataX509Id
-#define xmlSecKeyDataRawX509CertId		xmlSecOpenSSLKeyDataRawX509CertId
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecOpenSSLKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecOpenSSLKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecOpenSSLKeyDataDsaId
+#define xmlSecKeyDataEcdsaId                    xmlSecOpenSSLKeyDataEcdsaId
+#define xmlSecKeyDataHmacId                     xmlSecOpenSSLKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecOpenSSLKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecOpenSSLKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecOpenSSLKeyDataRawX509CertId
 
-/**
+/********************************************************************
+ *
  * Key data store ids
- */
-#define xmlSecX509StoreId			xmlSecOpenSSLX509StoreId
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecOpenSSLX509StoreId
 
-/**
+/********************************************************************
+ *
  * Crypto transforms ids
- */
-#define xmlSecTransformAes128CbcId		xmlSecOpenSSLTransformAes128CbcId
-#define xmlSecTransformAes192CbcId		xmlSecOpenSSLTransformAes192CbcId
-#define xmlSecTransformAes256CbcId		xmlSecOpenSSLTransformAes256CbcId
-#define xmlSecTransformKWAes128Id		xmlSecOpenSSLTransformKWAes128Id
-#define xmlSecTransformKWAes192Id		xmlSecOpenSSLTransformKWAes192Id
-#define xmlSecTransformKWAes256Id		xmlSecOpenSSLTransformKWAes256Id
-#define xmlSecTransformDes3CbcId		xmlSecOpenSSLTransformDes3CbcId
-#define xmlSecTransformKWDes3Id			xmlSecOpenSSLTransformKWDes3Id
-#define xmlSecTransformDsaSha1Id		xmlSecOpenSSLTransformDsaSha1Id
-#define xmlSecTransformHmacMd5Id		xmlSecOpenSSLTransformHmacMd5Id
-#define xmlSecTransformHmacRipemd160Id		xmlSecOpenSSLTransformHmacRipemd160Id
-#define xmlSecTransformHmacSha1Id		xmlSecOpenSSLTransformHmacSha1Id
-#define xmlSecTransformHmacSha224Id		xmlSecOpenSSLTransformHmacSha224Id
-#define xmlSecTransformHmacSha256Id		xmlSecOpenSSLTransformHmacSha256Id
-#define xmlSecTransformHmacSha384Id		xmlSecOpenSSLTransformHmacSha384Id
-#define xmlSecTransformHmacSha512Id		xmlSecOpenSSLTransformHmacSha512Id
-#define xmlSecTransformMd5Id			xmlSecOpenSSLTransformMd5Id
-#define xmlSecTransformRipemd160Id		xmlSecOpenSSLTransformRipemd160Id
-#define xmlSecTransformRsaMd5Id			xmlSecOpenSSLTransformRsaMd5Id
-#define xmlSecTransformRsaRipemd160Id		xmlSecOpenSSLTransformRsaRipemd160Id
-#define xmlSecTransformRsaSha1Id		xmlSecOpenSSLTransformRsaSha1Id
-#define xmlSecTransformRsaSha224Id		xmlSecOpenSSLTransformRsaSha224Id
-#define xmlSecTransformRsaSha256Id		xmlSecOpenSSLTransformRsaSha256Id
-#define xmlSecTransformRsaSha384Id		xmlSecOpenSSLTransformRsaSha384Id
-#define xmlSecTransformRsaSha512Id		xmlSecOpenSSLTransformRsaSha512Id
-#define xmlSecTransformRsaPkcs1Id		xmlSecOpenSSLTransformRsaPkcs1Id
-#define xmlSecTransformRsaOaepId		xmlSecOpenSSLTransformRsaOaepId
-#define xmlSecTransformSha1Id			xmlSecOpenSSLTransformSha1Id
-#define xmlSecTransformSha224Id			xmlSecOpenSSLTransformSha224Id
-#define xmlSecTransformSha256Id			xmlSecOpenSSLTransformSha256Id
-#define xmlSecTransformSha384Id			xmlSecOpenSSLTransformSha384Id
-#define xmlSecTransformSha512Id			xmlSecOpenSSLTransformSha512Id
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecOpenSSLTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecOpenSSLTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecOpenSSLTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecOpenSSLTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecOpenSSLTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecOpenSSLTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecOpenSSLTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecOpenSSLTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecOpenSSLTransformDsaSha1Id
+#define xmlSecTransformDsaSha256Id              xmlSecOpenSSLTransformDsaSha256Id
+#define xmlSecTransformEcdsaSha1Id              xmlSecOpenSSLTransformEcdsaSha1Id
+#define xmlSecTransformEcdsaSha224Id            xmlSecOpenSSLTransformEcdsaSha224Id
+#define xmlSecTransformEcdsaSha256Id            xmlSecOpenSSLTransformEcdsaSha256Id
+#define xmlSecTransformEcdsaSha384Id            xmlSecOpenSSLTransformEcdsaSha384Id
+#define xmlSecTransformEcdsaSha512Id            xmlSecOpenSSLTransformEcdsaSha512Id
+#define xmlSecTransformHmacMd5Id                xmlSecOpenSSLTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecOpenSSLTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecOpenSSLTransformHmacSha1Id
+#define xmlSecTransformHmacSha224Id             xmlSecOpenSSLTransformHmacSha224Id
+#define xmlSecTransformHmacSha256Id             xmlSecOpenSSLTransformHmacSha256Id
+#define xmlSecTransformHmacSha384Id             xmlSecOpenSSLTransformHmacSha384Id
+#define xmlSecTransformHmacSha512Id             xmlSecOpenSSLTransformHmacSha512Id
+#define xmlSecTransformMd5Id                    xmlSecOpenSSLTransformMd5Id
+#define xmlSecTransformRipemd160Id              xmlSecOpenSSLTransformRipemd160Id
+#define xmlSecTransformRsaMd5Id                 xmlSecOpenSSLTransformRsaMd5Id
+#define xmlSecTransformRsaRipemd160Id           xmlSecOpenSSLTransformRsaRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecOpenSSLTransformRsaSha1Id
+#define xmlSecTransformRsaSha224Id              xmlSecOpenSSLTransformRsaSha224Id
+#define xmlSecTransformRsaSha256Id              xmlSecOpenSSLTransformRsaSha256Id
+#define xmlSecTransformRsaSha384Id              xmlSecOpenSSLTransformRsaSha384Id
+#define xmlSecTransformRsaSha512Id              xmlSecOpenSSLTransformRsaSha512Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecOpenSSLTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecOpenSSLTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecOpenSSLTransformSha1Id
+#define xmlSecTransformSha224Id                 xmlSecOpenSSLTransformSha224Id
+#define xmlSecTransformSha256Id                 xmlSecOpenSSLTransformSha256Id
+#define xmlSecTransformSha384Id                 xmlSecOpenSSLTransformSha384Id
+#define xmlSecTransformSha512Id                 xmlSecOpenSSLTransformSha512Id
+#define xmlSecTransformGost2001GostR3411_94Id   xmlSecOpenSSLTransformGost2001GostR3411_94Id
+#define xmlSecTransformGostR3411_94Id           xmlSecOpenSSLTransformGostR3411_94Id
 
-/**
+
+/********************************************************************
+ *
  * High level routines form xmlsec command line utility
- */ 
-#define xmlSecCryptoAppInit			xmlSecOpenSSLAppInit
-#define xmlSecCryptoAppShutdown			xmlSecOpenSSLAppShutdown
-#define xmlSecCryptoAppDefaultKeysMngrInit	xmlSecOpenSSLAppDefaultKeysMngrInit
-#define xmlSecCryptoAppDefaultKeysMngrAdoptKey	xmlSecOpenSSLAppDefaultKeysMngrAdoptKey
-#define xmlSecCryptoAppDefaultKeysMngrLoad	xmlSecOpenSSLAppDefaultKeysMngrLoad
-#define xmlSecCryptoAppDefaultKeysMngrSave	xmlSecOpenSSLAppDefaultKeysMngrSave
-#define xmlSecCryptoAppKeysMngrCertLoad		xmlSecOpenSSLAppKeysMngrCertLoad
-#define xmlSecCryptoAppKeysMngrCertLoadMemory	xmlSecOpenSSLAppKeysMngrCertLoadMemory
-#define xmlSecCryptoAppKeyLoad			xmlSecOpenSSLAppKeyLoad
-#define xmlSecCryptoAppPkcs12Load		xmlSecOpenSSLAppPkcs12Load
-#define xmlSecCryptoAppKeyCertLoad		xmlSecOpenSSLAppKeyCertLoad
-#define xmlSecCryptoAppKeyLoadMemory		xmlSecOpenSSLAppKeyLoadMemory
-#define xmlSecCryptoAppPkcs12LoadMemory		xmlSecOpenSSLAppPkcs12LoadMemory
-#define xmlSecCryptoAppKeyCertLoadMemory	xmlSecOpenSSLAppKeyCertLoadMemory
-#define xmlSecCryptoAppGetDefaultPwdCallback	xmlSecOpenSSLAppGetDefaultPwdCallback
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecOpenSSLAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecOpenSSLAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecOpenSSLAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecOpenSSLAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecOpenSSLAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecOpenSSLAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecOpenSSLAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecOpenSSLAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecOpenSSLAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecOpenSSLAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecOpenSSLAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecOpenSSLAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecOpenSSLAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecOpenSSLAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecOpenSSLAppGetDefaultPwdCallback
 
 
 /* todo: this should go away on next API refresh */
-#define xmlSecCryptoAppKeysMngrAddCertsPath	xmlSecOpenSSLAppKeysMngrAddCertsPath
+#define xmlSecCryptoAppKeysMngrAddCertsPath     xmlSecOpenSSLAppKeysMngrAddCertsPath
 
 #endif /* XMLSEC_CRYPTO_OPENSSL */
 
@@ -113,4 +130,4 @@ extern "C" {
 
 #endif /* __XMLSEC_OPENSSL_CRYPTO_H__ */
 
-#define __XMLSEC_OPENSSL_CRYPTO_H__    
+#define __XMLSEC_OPENSSL_CRYPTO_H__
diff --git a/include/xmlsec/openssl/x509.h b/include/xmlsec/openssl/x509.h
index ce0b4d08..6da3281a 100644
--- a/include/xmlsec/openssl/x509.h
+++ b/include/xmlsec/openssl/x509.h
@@ -1,17 +1,17 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_OPENSSL_X509_H__
-#define __XMLSEC_OPENSSL_X509_H__    
+#define __XMLSEC_OPENSSL_X509_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #ifndef XMLSEC_NO_X509
 
@@ -26,77 +26,77 @@ extern "C" {
  *
  * Macro. To make docbook happy.
  */
-#define XMLSEC_STACK_OF_X509		STACK_OF(X509)
+#define XMLSEC_STACK_OF_X509            STACK_OF(X509)
 
 /**
  * XMLSEC_STACK_OF_X509_CRL:
  *
  * Macro. To make docbook happy.
  */
-#define XMLSEC_STACK_OF_X509_CRL	STACK_OF(X509_CRL)
+#define XMLSEC_STACK_OF_X509_CRL        STACK_OF(X509_CRL)
 
 /**
  * xmlSecOpenSSLKeyDataX509Id:
- * 
+ *
  * The OpenSSL X509 data klass.
  */
 #define xmlSecOpenSSLKeyDataX509Id \
-	xmlSecOpenSSLKeyDataX509GetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecOpenSSLKeyDataX509GetKlass(void);
+        xmlSecOpenSSLKeyDataX509GetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataX509GetKlass(void);
 
-XMLSEC_CRYPTO_EXPORT X509* 		xmlSecOpenSSLKeyDataX509GetKeyCert(xmlSecKeyDataPtr data);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, 
-									 X509* cert);
+XMLSEC_CRYPTO_EXPORT X509*              xmlSecOpenSSLKeyDataX509GetKeyCert(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data,
+                                                                         X509* cert);
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLKeyDataX509AdoptCert(xmlSecKeyDataPtr data,
-									 X509* cert);
-XMLSEC_CRYPTO_EXPORT X509* 		xmlSecOpenSSLKeyDataX509GetCert	(xmlSecKeyDataPtr data,
-									 xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataX509AdoptCert(xmlSecKeyDataPtr data,
+                                                                         X509* cert);
+XMLSEC_CRYPTO_EXPORT X509*              xmlSecOpenSSLKeyDataX509GetCert (xmlSecKeyDataPtr data,
+                                                                         xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT int 		xmlSecOpenSSLKeyDataX509AdoptCrl(xmlSecKeyDataPtr data,
-									 X509_CRL* crl);
-XMLSEC_CRYPTO_EXPORT X509_CRL*		xmlSecOpenSSLKeyDataX509GetCrl	(xmlSecKeyDataPtr data,
-									 xmlSecSize pos);
-XMLSEC_CRYPTO_EXPORT xmlSecSize		xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLKeyDataX509AdoptCrl(xmlSecKeyDataPtr data,
+                                                                         X509_CRL* crl);
+XMLSEC_CRYPTO_EXPORT X509_CRL*          xmlSecOpenSSLKeyDataX509GetCrl  (xmlSecKeyDataPtr data,
+                                                                         xmlSecSize pos);
+XMLSEC_CRYPTO_EXPORT xmlSecSize         xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data);
 
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr	xmlSecOpenSSLX509CertGetKey	(X509* cert);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataPtr   xmlSecOpenSSLX509CertGetKey     (X509* cert);
 
 
 /**
  * xmlSecOpenSSLKeyDataRawX509CertId:
- * 
+ *
  * The OpenSSL raw X509 certificate klass.
  */
 #define xmlSecOpenSSLKeyDataRawX509CertId \
-	xmlSecOpenSSLKeyDataRawX509CertGetKlass()
-XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId 	xmlSecOpenSSLKeyDataRawX509CertGetKlass(void);
+        xmlSecOpenSSLKeyDataRawX509CertGetKlass()
+XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId    xmlSecOpenSSLKeyDataRawX509CertGetKlass(void);
 
 /**
  * xmlSecOpenSSLX509StoreId:
- * 
+ *
  * The OpenSSL X509 store klass.
  */
 #define xmlSecOpenSSLX509StoreId \
-	xmlSecOpenSSLX509StoreGetKlass()
+        xmlSecOpenSSLX509StoreGetKlass()
 XMLSEC_CRYPTO_EXPORT xmlSecKeyDataStoreId xmlSecOpenSSLX509StoreGetKlass(void);
-XMLSEC_CRYPTO_EXPORT X509* 		xmlSecOpenSSLX509StoreFindCert	(xmlSecKeyDataStorePtr store,
-									 xmlChar *subjectName,
-									 xmlChar *issuerName, 
-									 xmlChar *issuerSerial,
-									 xmlChar *ski,
-									 xmlSecKeyInfoCtx* keyInfoCtx);
-XMLSEC_CRYPTO_EXPORT X509* 		xmlSecOpenSSLX509StoreVerify	(xmlSecKeyDataStorePtr store,
-									 XMLSEC_STACK_OF_X509* certs,
-									 XMLSEC_STACK_OF_X509_CRL* crls,
-									 xmlSecKeyInfoCtx* keyInfoCtx);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLX509StoreAdoptCert	(xmlSecKeyDataStorePtr store,
-									 X509* cert,
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLX509StoreAdoptCrl	(xmlSecKeyDataStorePtr store,
-									 X509_CRL* crl);
-XMLSEC_CRYPTO_EXPORT int		xmlSecOpenSSLX509StoreAddCertsPath(xmlSecKeyDataStorePtr store,
-									 const char* path);
+XMLSEC_CRYPTO_EXPORT X509*              xmlSecOpenSSLX509StoreFindCert  (xmlSecKeyDataStorePtr store,
+                                                                         xmlChar *subjectName,
+                                                                         xmlChar *issuerName,
+                                                                         xmlChar *issuerSerial,
+                                                                         xmlChar *ski,
+                                                                         xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT X509*              xmlSecOpenSSLX509StoreVerify    (xmlSecKeyDataStorePtr store,
+                                                                         XMLSEC_STACK_OF_X509* certs,
+                                                                         XMLSEC_STACK_OF_X509_CRL* crls,
+                                                                         xmlSecKeyInfoCtx* keyInfoCtx);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLX509StoreAdoptCert (xmlSecKeyDataStorePtr store,
+                                                                         X509* cert,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLX509StoreAdoptCrl  (xmlSecKeyDataStorePtr store,
+                                                                         X509_CRL* crl);
+XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLX509StoreAddCertsPath(xmlSecKeyDataStorePtr store,
+                                                                         const char* path);
 XMLSEC_CRYPTO_EXPORT int                xmlSecOpenSSLX509StoreAddCertsFile(xmlSecKeyDataStorePtr store,
                                                                          const char* file);
 
diff --git a/include/xmlsec/parser.h b/include/xmlsec/parser.h
index 754c9072..182f2951 100644
--- a/include/xmlsec/parser.h
+++ b/include/xmlsec/parser.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * XML Parser transform and utility functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_PARSER_H__
-#define __XMLSEC_PARSER_H__    
+#define __XMLSEC_PARSER_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -21,26 +21,26 @@ extern "C" {
 #include <xmlsec/transforms.h>
 
 
-XMLSEC_EXPORT xmlDocPtr		xmlSecParseFile		(const char *filename);
-XMLSEC_EXPORT xmlDocPtr		xmlSecParseMemory	(const xmlSecByte *buffer, 
-							 xmlSecSize size,
-							 int recovery);
-XMLSEC_EXPORT xmlDocPtr		xmlSecParseMemoryExt	(const xmlSecByte *prefix, 
-							 xmlSecSize prefixSize,
-							 const xmlSecByte *buffer, 
-							 xmlSecSize bufferSize, 
-							 const xmlSecByte *postfix, 
-							 xmlSecSize postfixSize);
+XMLSEC_EXPORT xmlDocPtr         xmlSecParseFile         (const char *filename);
+XMLSEC_EXPORT xmlDocPtr         xmlSecParseMemory       (const xmlSecByte *buffer,
+                                                         xmlSecSize size,
+                                                         int recovery);
+XMLSEC_EXPORT xmlDocPtr         xmlSecParseMemoryExt    (const xmlSecByte *prefix,
+                                                         xmlSecSize prefixSize,
+                                                         const xmlSecByte *buffer,
+                                                         xmlSecSize bufferSize,
+                                                         const xmlSecByte *postfix,
+                                                         xmlSecSize postfixSize);
 
 
 /**
  * xmlSecTransformXmlParserId:
- * 
+ *
  * The XML Parser transform klass.
  */
 #define xmlSecTransformXmlParserId \
-	xmlSecTransformXmlParserGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformXmlParserGetKlass	(void);
+        xmlSecTransformXmlParserGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXmlParserGetKlass        (void);
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/private.h b/include/xmlsec/private.h
index 5d5fc77f..74e6de1a 100644
--- a/include/xmlsec/private.h
+++ b/include/xmlsec/private.h
@@ -1,16 +1,16 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * These are internal private declarations. You don't want to use this file
- * unless you are building xmlsec or xmlsec-<crypto> library
+ * unless you are building xmlsec or xmlsec-<crypto> library.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_PRIVATE_H__
-#define __XMLSEC_PRIVATE_H__    
+#define __XMLSEC_PRIVATE_H__
 
 #ifndef XMLSEC_PRIVATE
 #error "xmlsec/private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
@@ -18,7 +18,7 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <libxml/xmlIO.h>
@@ -38,28 +38,28 @@ extern "C" {
 /**
  * xmlSecCryptoInitMethod:
  *
- * xmlsec-crypto libraryinitialization method. 
+ * xmlsec-crypto libraryinitialization method.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int 			(*xmlSecCryptoInitMethod)		(void);
+typedef int                     (*xmlSecCryptoInitMethod)               (void);
 /**
  * xmlSecCryptoShutdownMethod:
- * 
- * xmlsec-crypto library shutdown method. 
+ *
+ * xmlsec-crypto library shutdown method.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int 			(*xmlSecCryptoShutdownMethod)		(void);
+typedef int                     (*xmlSecCryptoShutdownMethod)           (void);
 /**
  * xmlSecCryptoKeysMngrInitMethod:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with xmlsec-crypto library specific data.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-typedef int			(*xmlSecCryptoKeysMngrInitMethod)	(xmlSecKeysMngrPtr mngr);
+ */
+typedef int                     (*xmlSecCryptoKeysMngrInitMethod)       (xmlSecKeysMngrPtr mngr);
 
 /*****************************************************************************
  *
@@ -71,11 +71,11 @@ typedef int			(*xmlSecCryptoKeysMngrInitMethod)	(xmlSecKeysMngrPtr mngr);
  *
  * Gets the key data klass.
  *
- * Returns: pointer to key data klass or NULL if an error occurs 
+ * Returns: pointer to key data klass or NULL if an error occurs
  * (the xmlsec-crypto library is not loaded or this key data klass is not
  * implemented).
- */ 
-typedef xmlSecKeyDataId		(*xmlSecCryptoKeyDataGetKlassMethod)	(void);	
+ */
+typedef xmlSecKeyDataId         (*xmlSecCryptoKeyDataGetKlassMethod)    (void);
 
 /*****************************************************************************
  *
@@ -87,11 +87,11 @@ typedef xmlSecKeyDataId		(*xmlSecCryptoKeyDataGetKlassMethod)	(void);
  *
  * Gets the key data store klass.
  *
- * Returns: pointer to key data store klass or NULL if an error occurs 
+ * Returns: pointer to key data store klass or NULL if an error occurs
  * (the xmlsec-crypto library is not loaded or this key data store klass is not
  * implemented).
- */ 
-typedef xmlSecKeyDataStoreId	(*xmlSecCryptoKeyDataStoreGetKlassMethod)(void);	
+ */
+typedef xmlSecKeyDataStoreId    (*xmlSecCryptoKeyDataStoreGetKlassMethod)(void);
 
 /*****************************************************************************
  *
@@ -103,170 +103,170 @@ typedef xmlSecKeyDataStoreId	(*xmlSecCryptoKeyDataStoreGetKlassMethod)(void);
  *
  * Gets the transform klass.
  *
- * Returns: pointer to transform klass or NULL if an error occurs 
+ * Returns: pointer to transform klass or NULL if an error occurs
  * (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
- */ 
-typedef xmlSecTransformId	(*xmlSecCryptoTransformGetKlassMethod)	(void);
-    
+ */
+typedef xmlSecTransformId       (*xmlSecCryptoTransformGetKlassMethod)  (void);
+
 /*****************************************************************************
  *
  * High level routines form xmlsec command line utility
  *
- ****************************************************************************/ 
+ ****************************************************************************/
 /**
  * xmlSecCryptoAppInitMethod:
- * @config:		the path to crypto library configuration.
+ * @config:             the path to crypto library configuration.
  *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppInitMethod)		(const char* config);
+typedef int                     (*xmlSecCryptoAppInitMethod)            (const char* config);
 /**
  * xmlSecCryptoAppShutdownMethod:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppShutdownMethod)	(void);
+typedef int                     (*xmlSecCryptoAppShutdownMethod)        (void);
 /**
  * xmlSecCryptoAppDefaultKeysMngrInitMethod:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-typedef int			(*xmlSecCryptoAppDefaultKeysMngrInitMethod)	
-									(xmlSecKeysMngrPtr mngr);
+ */
+typedef int                     (*xmlSecCryptoAppDefaultKeysMngrInitMethod)
+                                                                        (xmlSecKeysMngrPtr mngr);
 /**
  * xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecCryptoAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-typedef int			(*xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod)	
-									(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyPtr key);
+ */
+typedef int                     (*xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod)
+                                                                        (xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyPtr key);
 /**
  * xmlSecCryptoAppDefaultKeysMngrLoadMethod:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecCryptoAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-typedef int			(*xmlSecCryptoAppDefaultKeysMngrLoadMethod)
-									(xmlSecKeysMngrPtr mngr,
-    									 const char* uri);
+ */
+typedef int                     (*xmlSecCryptoAppDefaultKeysMngrLoadMethod)
+                                                                        (xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
 /**
  * xmlSecCryptoAppDefaultKeysMngrSaveMethod:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-typedef int			(*xmlSecCryptoAppDefaultKeysMngrSaveMethod)
-									(xmlSecKeysMngrPtr mngr,
-    									 const char* filename,
-    									 xmlSecKeyDataType type);
+ */
+typedef int                     (*xmlSecCryptoAppDefaultKeysMngrSaveMethod)
+                                                                        (xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
 /**
  * xmlSecCryptoAppKeysMngrCertLoadMethod:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppKeysMngrCertLoadMethod)(xmlSecKeysMngrPtr mngr,
-    									 const char *filename, 
-    									 xmlSecKeyDataFormat format,
-    									 xmlSecKeyDataType type);
+typedef int                     (*xmlSecCryptoAppKeysMngrCertLoadMethod)(xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
 /**
  * xmlSecCryptoAppKeysMngrCertLoadMemoryMethod:
- * @mngr: 		the keys manager.
- * @data:		the key data.
- * @dataSize:		the key data size.
- * @format:		the certificate format.
- * @type: 		the flag that indicates is the certificate in @data
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @data:               the key data.
+ * @dataSize:           the key data size.
+ * @format:             the certificate format.
+ * @type:               the flag that indicates is the certificate in @data
+ *                      trusted or not.
+ *
  * Reads cert from @data and adds to the list of trusted or known
  * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppKeysMngrCertLoadMemoryMethod)(xmlSecKeysMngrPtr mngr,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format,
-    									 xmlSecKeyDataType type);
+typedef int                     (*xmlSecCryptoAppKeysMngrCertLoadMemoryMethod)(xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
 /**
  * xmlSecCryptoAppKeyLoadMethod:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-typedef xmlSecKeyPtr		(*xmlSecCryptoAppKeyLoadMethod)		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
+typedef xmlSecKeyPtr            (*xmlSecCryptoAppKeyLoadMethod)         (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 
 /**
  * xmlSecCryptoAppKeyLoadMemoryMethod:
- * @data:		the key data.
- * @dataSize:		the key data size.
- * @format:		the key data format.
- * @pwd:		the key data password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key data.
+ * @dataSize:           the key data size.
+ * @format:             the key data format.
+ * @pwd:                the key data password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the binary data buffer.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-typedef xmlSecKeyPtr		(*xmlSecCryptoAppKeyLoadMemoryMethod)	(const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void* pwdCallback,
-									 void* pwdCallbackCtx);
+typedef xmlSecKeyPtr            (*xmlSecCryptoAppKeyLoadMemoryMethod)   (const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 
 
 /**
  * xmlSecCryptoAppPkcs12LoadMethod:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file.
  * For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
@@ -274,17 +274,17 @@ typedef xmlSecKeyPtr		(*xmlSecCryptoAppKeyLoadMemoryMethod)	(const xmlSecByte* d
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-typedef xmlSecKeyPtr		(*xmlSecCryptoAppPkcs12LoadMethod)	(const char* filename, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);	
+typedef xmlSecKeyPtr            (*xmlSecCryptoAppPkcs12LoadMethod)      (const char* filename,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 /**
  * xmlSecCryptoAppPkcs12LoadMemoryMethod:
- * @data:		the pkcs12 data.
- * @dataSize:		the pkcs12 data size.
- * @pwd:		the PKCS12 data password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the pkcs12 data.
+ * @dataSize:           the pkcs12 data size.
+ * @pwd:                the PKCS12 data password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 binary data.
  * For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
@@ -292,187 +292,191 @@ typedef xmlSecKeyPtr		(*xmlSecCryptoAppPkcs12LoadMethod)	(const char* filename,
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-typedef xmlSecKeyPtr		(*xmlSecCryptoAppPkcs12LoadMemoryMethod)(const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 const char* pwd,
-									 void* pwdCallback, 
-									 void* pwdCallbackCtx);
+typedef xmlSecKeyPtr            (*xmlSecCryptoAppPkcs12LoadMemoryMethod)(const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char* pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
 /**
  * xmlSecCryptoAppKeyCertLoadMethod:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@filename and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppKeyCertLoadMethod)	(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
+typedef int                     (*xmlSecCryptoAppKeyCertLoadMethod)     (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
 
 /**
  * xmlSecCryptoAppKeyCertLoadMemoryMethod:
- * @key:		the pointer to key.
- * @data:		the cert data.
- * @dataSize:		the cert data size.
- * @format:		the certificate data format.
+ * @key:                the pointer to key.
+ * @data:               the cert data.
+ * @dataSize:           the cert data size.
+ * @format:             the certificate data format.
  *
  * Reads the certificate from binary @data buffer and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int			(*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSecKeyPtr key,
-									 const xmlSecByte* data,
-									 xmlSecSize dataSize, 
-									 xmlSecKeyDataFormat format);
-/** 
+typedef int                     (*xmlSecCryptoAppKeyCertLoadMemoryMethod)(xmlSecKeyPtr key,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
+/**
  * xmlSecCryptoDLFunctions:
- * @cryptoInit:			the xmlsec-crypto library initialization method.
- * @cryptoShutdown:		the xmlsec-crypto library shutdown method.
- * @cryptoKeysMngrInit:		the xmlsec-crypto library keys manager init method.
- * @keyDataAesGetKlass:		the method to get pointer to AES key data klass.
- * @keyDataDesGetKlass:		the method to get pointer to DES key data klass.
- * @keyDataDsaGetKlass:		the method to get pointer to DSA key data klass.
- * @keyDataGost2001GetKlass:	the method to get pointer to GOST 2001 key data klass.
- * @keyDataHmacGetKlass:	the method to get pointer to HMAC key data klass.
- * @keyDataRsaGetKlass:		the method to get pointer to RSA key data klass.
- * @keyDataX509GetKlass:	the method to get pointer to X509 key data klass.
- * @keyDataRawX509CertGetKlass:	the method to get pointer to raw X509 cert key data klass.
- * @x509StoreGetKlass:		the method to get pointer to X509 key data store.
- * @transformAes128CbcGetKlass:	the method to get pointer to AES 128 encryption transform.
- * @transformAes192CbcGetKlass:	the method to get pointer to AES 192 encryption transform.
- * @transformAes256CbcGetKlass:	the method to get pointer to AES 256 encryption transform.
- * @transformKWAes128GetKlass:	the method to get pointer to AES 128 key wrapper transform.
- * @transformKWAes192GetKlass:	the method to get pointer to AES 192 key wrapper transform.
- * @transformKWAes256GetKlass:	the method to get pointer to AES 256 key wrapper transform.
- * @transformDes3CbcGetKlass:	the method to get pointer to Triple DES encryption transform.
- * @transformKWDes3GetKlass:	the method to get pointer to Triple DES key wrapper transform.
- * @transformDsaSha1GetKlass:	the method to get pointer to DSA-SHA1 signature transform.
+ * @cryptoInit:                 the xmlsec-crypto library initialization method.
+ * @cryptoShutdown:             the xmlsec-crypto library shutdown method.
+ * @cryptoKeysMngrInit:         the xmlsec-crypto library keys manager init method.
+ * @keyDataAesGetKlass:         the method to get pointer to AES key data klass.
+ * @keyDataDesGetKlass:         the method to get pointer to DES key data klass.
+ * @keyDataDsaGetKlass:         the method to get pointer to DSA key data klass.
+ * @keyDataEcdsaGetKlass:       the method to get pointer to ECDSA key data klass.
+ * @keyDataGost2001GetKlass:    the method to get pointer to GOST 2001 key data klass.
+ * @keyDataHmacGetKlass:        the method to get pointer to HMAC key data klass.
+ * @keyDataRsaGetKlass:         the method to get pointer to RSA key data klass.
+ * @keyDataX509GetKlass:        the method to get pointer to X509 key data klass.
+ * @keyDataRawX509CertGetKlass: the method to get pointer to raw X509 cert key data klass.
+ * @x509StoreGetKlass:          the method to get pointer to X509 key data store.
+ * @transformAes128CbcGetKlass: the method to get pointer to AES 128 encryption transform.
+ * @transformAes192CbcGetKlass: the method to get pointer to AES 192 encryption transform.
+ * @transformAes256CbcGetKlass: the method to get pointer to AES 256 encryption transform.
+ * @transformKWAes128GetKlass:  the method to get pointer to AES 128 key wrapper transform.
+ * @transformKWAes192GetKlass:  the method to get pointer to AES 192 key wrapper transform.
+ * @transformKWAes256GetKlass:  the method to get pointer to AES 256 key wrapper transform.
+ * @transformDes3CbcGetKlass:   the method to get pointer to Triple DES encryption transform.
+ * @transformKWDes3GetKlass:    the method to get pointer to Triple DES key wrapper transform.
+ * @transformDsaSha1GetKlass:   the method to get pointer to DSA-SHA1 signature transform.
+ * @transformDsaSha256GetKlass: the method to get pointer to DSA-SHA256 signature transform.
+ * @transformEcdsaSha1GetKlass: the method to get pointer to ECDSA-SHA1 signature transform.
+ * @transformEcdsaSha224GetKlass: the method to get pointer to ECDSA-SHA224 signature transform.
+ * @transformEcdsaSha256GetKlass: the method to get pointer to ECDSA-SHA256 signature transform.
+ * @transformEcdsaSha384GetKlass: the method to get pointer to ECDSA-SHA384 signature transform.
+ * @transformEcdsaSha512GetKlass: the method to get pointer to ECDSA-SHA512 signature transform.
  * @transformGost2001GostR3411_94GetKlass: the method to get pointer to GOST2001 transform.
- * @transformHmacMd5GetKlass:	the method to get pointer to HMAC-MD5 transform.
+ * @transformHmacMd5GetKlass:   the method to get pointer to HMAC-MD5 transform.
  * @transformHmacRipemd160GetKlass: the method to get pointer to HMAC-RIPEMD160 transform.
- * @transformHmacSha1GetKlass:	the method to get pointer to HMAC-SHA1 transform.
+ * @transformHmacSha1GetKlass:  the method to get pointer to HMAC-SHA1 transform.
  * @transformHmacSha224GetKlass: the method to get pointer to HMAC-SHA224 transform.
  * @transformHmacSha256GetKlass: the method to get pointer to HMAC-SHA256 transform.
  * @transformHmacSha384GetKlass: the method to get pointer to HMAC-SHA384 transform.
  * @transformHmacSha512GetKlass: the method to get pointer to HMAC-SHA512 transform.
- * @transformMd5GetKlass:	the method to get pointer to MD5 digest transform.
- * @transformRipemd160GetKlass:	the method to get pointer to RIPEMD160 digest transform.
- * @transformRsaMd5GetKlass:	the method to get pointer to RSA-MD5 signature transform.
+ * @transformMd5GetKlass:       the method to get pointer to MD5 digest transform.
+ * @transformRipemd160GetKlass: the method to get pointer to RIPEMD160 digest transform.
+ * @transformRsaMd5GetKlass:    the method to get pointer to RSA-MD5 signature transform.
  * @transformRsaRipemd160GetKlass: the method to get pointer to RSA-RIPEMD160 signature transform.
- * @transformRsaSha1GetKlass:	the method to get pointer to RSA-SHA1 signature transform.
- * @transformRsaSha224GetKlass:	the method to get pointer to RSA-SHA224 signature transform.
- * @transformRsaSha256GetKlass:	the method to get pointer to RSA-SHA256 signature transform.
- * @transformRsaSha384GetKlass:	the method to get pointer to RSA-SHA384 signature transform.
- * @transformRsaSha512GetKlass:	the method to get pointer to RSA-SHA512 signature transform.
- * @transformRsaPkcs1GetKlass:	the method to get pointer to RSA-PKCS1_5 key transport transform.
- * @transformRsaOaepGetKlass:	the method to get pointer to RSA-OAEP key transport transform.
+ * @transformRsaSha1GetKlass:   the method to get pointer to RSA-SHA1 signature transform.
+ * @transformRsaSha224GetKlass: the method to get pointer to RSA-SHA224 signature transform.
+ * @transformRsaSha256GetKlass: the method to get pointer to RSA-SHA256 signature transform.
+ * @transformRsaSha384GetKlass: the method to get pointer to RSA-SHA384 signature transform.
+ * @transformRsaSha512GetKlass: the method to get pointer to RSA-SHA512 signature transform.
+ * @transformRsaPkcs1GetKlass:  the method to get pointer to RSA-PKCS1_5 key transport transform.
+ * @transformRsaOaepGetKlass:   the method to get pointer to RSA-OAEP key transport transform.
  * @transformGostR3411_94GetKlass: the method to get pointer to GOST R3411 transform.
- * @transformSha1GetKlass:	the method to get pointer to SHA1 digest transform.
- * @transformSha224GetKlass:	the method to get pointer to SHA224 digest transform.
- * @transformSha256GetKlass:	the method to get pointer to SHA256 digest transform.
- * @transformSha384GetKlass:	the method to get pointer to SHA384 digest transform.
- * @transformSha512GetKlass:	the method to get pointer to SHA512 digest transform.
- * @cryptoAppInit:		the default crypto engine initialization method.
- * @cryptoAppShutdown:		the default crypto engine shutdown method.
- * @cryptoAppDefaultKeysMngrInit: 	the default keys manager init method.
- * @cryptoAppDefaultKeysMngrAdoptKey:	the default keys manager adopt key method.
- * @cryptoAppDefaultKeysMngrLoad:	the default keys manager load method.
- * @cryptoAppDefaultKeysMngrSave:	the default keys manager save method.
- * @cryptoAppKeysMngrCertLoad:		the default keys manager file cert load method.
- * @cryptoAppKeysMngrCertLoadMemory:	the default keys manager memory cert load method.
- * @cryptoAppKeyLoad:		the key file load method.
- * @cryptoAppKeyLoadMemory:	the meory key load method.
- * @cryptoAppPkcs12Load:	the pkcs12 file load method.
- * @cryptoAppPkcs12LoadMemory:	the memory pkcs12 load method.
- * @cryptoAppKeyCertLoad:	the cert file load method.
- * @cryptoAppKeyCertLoadMemory:	the memory cert load method.
+ * @transformSha1GetKlass:      the method to get pointer to SHA1 digest transform.
+ * @transformSha224GetKlass:    the method to get pointer to SHA224 digest transform.
+ * @transformSha256GetKlass:    the method to get pointer to SHA256 digest transform.
+ * @transformSha384GetKlass:    the method to get pointer to SHA384 digest transform.
+ * @transformSha512GetKlass:    the method to get pointer to SHA512 digest transform.
+ * @cryptoAppInit:              the default crypto engine initialization method.
+ * @cryptoAppShutdown:          the default crypto engine shutdown method.
+ * @cryptoAppDefaultKeysMngrInit:       the default keys manager init method.
+ * @cryptoAppDefaultKeysMngrAdoptKey:   the default keys manager adopt key method.
+ * @cryptoAppDefaultKeysMngrLoad:       the default keys manager load method.
+ * @cryptoAppDefaultKeysMngrSave:       the default keys manager save method.
+ * @cryptoAppKeysMngrCertLoad:          the default keys manager file cert load method.
+ * @cryptoAppKeysMngrCertLoadMemory:    the default keys manager memory cert load method.
+ * @cryptoAppKeyLoad:           the key file load method.
+ * @cryptoAppKeyLoadMemory:     the meory key load method.
+ * @cryptoAppPkcs12Load:        the pkcs12 file load method.
+ * @cryptoAppPkcs12LoadMemory:  the memory pkcs12 load method.
+ * @cryptoAppKeyCertLoad:       the cert file load method.
+ * @cryptoAppKeyCertLoadMemory: the memory cert load method.
  * @cryptoAppDefaultPwdCallback:the default password callback.
- * 
+ *
  * The list of crypto engine functions, key data and transform classes.
  */
 struct _xmlSecCryptoDLFunctions {
-    /**  
-     * Crypto Init/shutdown
-     */
-    xmlSecCryptoInitMethod			 cryptoInit;
-    xmlSecCryptoShutdownMethod			 cryptoShutdown;
-    xmlSecCryptoKeysMngrInitMethod		 cryptoKeysMngrInit;
+    /* Crypto Init/shutdown */
+    xmlSecCryptoInitMethod                       cryptoInit;
+    xmlSecCryptoShutdownMethod                   cryptoShutdown;
+    xmlSecCryptoKeysMngrInitMethod               cryptoKeysMngrInit;
+
+    /* Key data ids */
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataAesGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataDesGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataDsaGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataEcdsaGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataGost2001GetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataHmacGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataRsaGetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataX509GetKlass;
+    xmlSecCryptoKeyDataGetKlassMethod            keyDataRawX509CertGetKlass;
 
-    /**
-     * Key data ids
-     */
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataAesGetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataDesGetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataDsaGetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataGost2001GetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataHmacGetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataRsaGetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataX509GetKlass;
-    xmlSecCryptoKeyDataGetKlassMethod		 keyDataRawX509CertGetKlass;
+    /* Key data store ids */
+    xmlSecCryptoKeyDataStoreGetKlassMethod       x509StoreGetKlass;
 
-    /**
-     * Key data store ids
-     */
-    xmlSecCryptoKeyDataStoreGetKlassMethod	 x509StoreGetKlass;
+    /* Crypto transforms ids */
+    xmlSecCryptoTransformGetKlassMethod          transformAes128CbcGetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformAes192CbcGetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformAes256CbcGetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformKWAes128GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformKWAes192GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformKWAes256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformDes3CbcGetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformKWDes3GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformDsaSha1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformDsaSha256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha224GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha384GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformEcdsaSha512GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGost2001GostR3411_94GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacMd5GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacRipemd160GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacSha1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacSha224GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacSha256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacSha384GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformHmacSha512GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformMd5GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRipemd160GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaMd5GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaRipemd160GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaSha1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaSha224GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaSha256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaSha384GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaSha512GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaPkcs1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformRsaOaepGetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformGostR3411_94GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformSha1GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformSha224GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformSha256GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformSha384GetKlass;
+    xmlSecCryptoTransformGetKlassMethod          transformSha512GetKlass;
 
-    /**
-     * Crypto transforms ids
-     */
-    xmlSecCryptoTransformGetKlassMethod		 transformAes128CbcGetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformAes192CbcGetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformAes256CbcGetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformKWAes128GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformKWAes192GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformKWAes256GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformDes3CbcGetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformKWDes3GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformDsaSha1GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformGost2001GostR3411_94GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacMd5GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacRipemd160GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacSha1GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacSha224GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacSha256GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacSha384GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformHmacSha512GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformMd5GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRipemd160GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaMd5GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaRipemd160GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaSha1GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaSha224GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaSha256GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaSha384GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaSha512GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaPkcs1GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformRsaOaepGetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformGostR3411_94GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformSha1GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformSha224GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformSha256GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformSha384GetKlass;
-    xmlSecCryptoTransformGetKlassMethod		 transformSha512GetKlass;
-    
-    /**
-     * High level routines form xmlsec command line utility
-     */ 
-    xmlSecCryptoAppInitMethod			 cryptoAppInit;
-    xmlSecCryptoAppShutdownMethod		 cryptoAppShutdown;
-    xmlSecCryptoAppDefaultKeysMngrInitMethod	 cryptoAppDefaultKeysMngrInit;
+    /* High level routines form xmlsec command line utility */
+    xmlSecCryptoAppInitMethod                    cryptoAppInit;
+    xmlSecCryptoAppShutdownMethod                cryptoAppShutdown;
+    xmlSecCryptoAppDefaultKeysMngrInitMethod     cryptoAppDefaultKeysMngrInit;
     xmlSecCryptoAppDefaultKeysMngrAdoptKeyMethod cryptoAppDefaultKeysMngrAdoptKey;
-    xmlSecCryptoAppDefaultKeysMngrLoadMethod	 cryptoAppDefaultKeysMngrLoad;
-    xmlSecCryptoAppDefaultKeysMngrSaveMethod	 cryptoAppDefaultKeysMngrSave;
-    xmlSecCryptoAppKeysMngrCertLoadMethod	 cryptoAppKeysMngrCertLoad;
-    xmlSecCryptoAppKeysMngrCertLoadMemoryMethod	 cryptoAppKeysMngrCertLoadMemory;
-    xmlSecCryptoAppKeyLoadMethod		 cryptoAppKeyLoad;
-    xmlSecCryptoAppKeyLoadMemoryMethod		 cryptoAppKeyLoadMemory;
-    xmlSecCryptoAppPkcs12LoadMethod		 cryptoAppPkcs12Load;
-    xmlSecCryptoAppPkcs12LoadMemoryMethod	 cryptoAppPkcs12LoadMemory;
-    xmlSecCryptoAppKeyCertLoadMethod		 cryptoAppKeyCertLoad;
-    xmlSecCryptoAppKeyCertLoadMemoryMethod	 cryptoAppKeyCertLoadMemory;
-    void*					 cryptoAppDefaultPwdCallback;
+    xmlSecCryptoAppDefaultKeysMngrLoadMethod     cryptoAppDefaultKeysMngrLoad;
+    xmlSecCryptoAppDefaultKeysMngrSaveMethod     cryptoAppDefaultKeysMngrSave;
+    xmlSecCryptoAppKeysMngrCertLoadMethod        cryptoAppKeysMngrCertLoad;
+    xmlSecCryptoAppKeysMngrCertLoadMemoryMethod  cryptoAppKeysMngrCertLoadMemory;
+    xmlSecCryptoAppKeyLoadMethod                 cryptoAppKeyLoad;
+    xmlSecCryptoAppKeyLoadMemoryMethod           cryptoAppKeyLoadMemory;
+    xmlSecCryptoAppPkcs12LoadMethod              cryptoAppPkcs12Load;
+    xmlSecCryptoAppPkcs12LoadMemoryMethod        cryptoAppPkcs12LoadMemory;
+    xmlSecCryptoAppKeyCertLoadMethod             cryptoAppKeyCertLoad;
+    xmlSecCryptoAppKeyCertLoadMemoryMethod       cryptoAppKeyCertLoadMemory;
+    void*                                        cryptoAppDefaultPwdCallback;
 };
 
 #include <libxml/xmlstring.h>
@@ -482,14 +486,14 @@ struct _xmlSecCryptoDLFunctions {
  *
  * Prints a string (see @xmlStrPrintf).
  */
-#define xmlSecStrPrintf 	xmlStrPrintf
+#define xmlSecStrPrintf         xmlStrPrintf
 
 /**
  * xmlSecStrVPrintf:
  *
  * Prints a string (see @xmlStrVPrintf).
  */
-#define xmlSecStrVPrintf 	xmlStrVPrintf
+#define xmlSecStrVPrintf        xmlStrVPrintf
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/private/Makefile.am b/include/xmlsec/private/Makefile.am
index aab78c82..74de46a8 100644
--- a/include/xmlsec/private/Makefile.am
+++ b/include/xmlsec/private/Makefile.am
@@ -3,6 +3,7 @@ NULL =
 xmlsecprivateincdir = $(includedir)/xmlsec1/xmlsec/private
 
 xmlsecprivateinc_HEADERS = \
+xslt.h \
 xkms.h \
 $(NULL)
 
diff --git a/include/xmlsec/private/Makefile.in b/include/xmlsec/private/Makefile.in
index 7bf66598..9b8edfdc 100644
--- a/include/xmlsec/private/Makefile.in
+++ b/include/xmlsec/private/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,13 +38,22 @@ subdir = include/xmlsec/private
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(xmlsecprivateinc_HEADERS)
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -68,6 +77,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(xmlsecprivateincdir)"
 HEADERS = $(xmlsecprivateinc_HEADERS)
 ETAGS = etags
@@ -75,6 +90,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -89,6 +105,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -97,6 +114,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -127,6 +148,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -158,8 +180,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -167,7 +191,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -186,6 +209,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -195,6 +220,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -230,6 +256,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -262,7 +289,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -281,6 +307,7 @@ top_srcdir = @top_srcdir@
 NULL = 
 xmlsecprivateincdir = $(includedir)/xmlsec1/xmlsec/private
 xmlsecprivateinc_HEADERS = \
+xslt.h \
 xkms.h \
 $(NULL)
 
@@ -340,9 +367,7 @@ uninstall-xmlsecprivateincHEADERS:
 	@$(NORMAL_UNINSTALL)
 	@list='$(xmlsecprivateinc_HEADERS)'; test -n "$(xmlsecprivateincdir)" || list=; \
 	files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
-	test -n "$$files" || exit 0; \
-	echo " ( cd '$(DESTDIR)$(xmlsecprivateincdir)' && rm -f" $$files ")"; \
-	cd "$(DESTDIR)$(xmlsecprivateincdir)" && rm -f $$files
+	dir='$(DESTDIR)$(xmlsecprivateincdir)'; $(am__uninstall_files_from_dir)
 
 ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@@ -443,10 +468,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/include/xmlsec/private/xkms.h b/include/xmlsec/private/xkms.h
index 5ba3a6ee..0c606641 100644
--- a/include/xmlsec/private/xkms.h
+++ b/include/xmlsec/private/xkms.h
@@ -1,30 +1,30 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Key Management Specification v 2.0" implementation
  *  http://www.w3.org/TR/xkms2/
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_PRIVATE_XKMS_H__
-#define __XMLSEC_PRIVATE_XKMS_H__    
+#define __XMLSEC_PRIVATE_XKMS_H__
 
 #ifndef XMLSEC_PRIVATE
 #error "xmlsec/private/xkms.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
 #endif /* XMLSEC_PRIVATE */
 
 #ifndef XMLSEC_NO_XKMS
-	
+
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
-#include <stdio.h>		
+#endif /* __cplusplus */
+#include <stdio.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -39,71 +39,71 @@ extern "C" {
  *
  * XKMS RespondWith Klass
  *
- ************************************************************************/ 
-typedef int  		(*xmlSecXkmsRespondWithNodeReadMethod)	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-typedef int  		(*xmlSecXkmsRespondWithNodeWriteMethod)	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+ ************************************************************************/
+typedef int             (*xmlSecXkmsRespondWithNodeReadMethod)  (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+typedef int             (*xmlSecXkmsRespondWithNodeWriteMethod) (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 struct _xmlSecXkmsRespondWithKlass {
-    const xmlChar*				valueName;
-    const xmlChar*				valueNs;
-    
-    const xmlChar*				nodeName;
-    const xmlChar*				nodeNs;
-    
-    xmlSecXkmsRespondWithNodeReadMethod		readNode;
-    xmlSecXkmsRespondWithNodeWriteMethod	writeNode;
-
-    void*					reserved1;
-    void*					reserved2;
+    const xmlChar*                              valueName;
+    const xmlChar*                              valueNs;
+
+    const xmlChar*                              nodeName;
+    const xmlChar*                              nodeNs;
+
+    xmlSecXkmsRespondWithNodeReadMethod         readNode;
+    xmlSecXkmsRespondWithNodeWriteMethod        writeNode;
+
+    void*                                       reserved1;
+    void*                                       reserved2;
 };
 
 #define xmlSecXkmsRespondWithKlassGetName(id) \
-	((((id) != NULL) && ((id)->valueName != NULL)) ? (id)->valueName : NULL)
+        ((((id) != NULL) && ((id)->valueName != NULL)) ? (id)->valueName : NULL)
 
 /************************************************************************
  *
  * XKMS ServerRequest Klass
  *
- ************************************************************************/ 
-typedef int  			(*xmlSecXkmsServerRequestNodeReadMethod)
-								(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-typedef int  			(*xmlSecXkmsServerRequestExecuteMethod)
-								(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx);
-typedef int  			(*xmlSecXkmsServerRequestNodeWriteMethod)
-								(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+ ************************************************************************/
+typedef int                     (*xmlSecXkmsServerRequestNodeReadMethod)
+                                                                (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+typedef int                     (*xmlSecXkmsServerRequestExecuteMethod)
+                                                                (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx);
+typedef int                     (*xmlSecXkmsServerRequestNodeWriteMethod)
+                                                                (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 struct _xmlSecXkmsServerRequestKlass {
-    const xmlChar*				name;
-    const xmlChar*				requestNodeName;
-    const xmlChar*				requestNodeNs;
-    const xmlChar*				resultNodeName;
-    const xmlChar*				resultNodeNs;
-    xmlSecBitMask				flags;
-    
-    xmlSecXkmsServerRequestNodeReadMethod	readNode;
-    xmlSecXkmsServerRequestNodeWriteMethod	writeNode;
-    xmlSecXkmsServerRequestExecuteMethod	execute;
-    
-    void*					reserved1;
-    void*					reserved2;
+    const xmlChar*                              name;
+    const xmlChar*                              requestNodeName;
+    const xmlChar*                              requestNodeNs;
+    const xmlChar*                              resultNodeName;
+    const xmlChar*                              resultNodeNs;
+    xmlSecBitMask                               flags;
+
+    xmlSecXkmsServerRequestNodeReadMethod       readNode;
+    xmlSecXkmsServerRequestNodeWriteMethod      writeNode;
+    xmlSecXkmsServerRequestExecuteMethod        execute;
+
+    void*                                       reserved1;
+    void*                                       reserved2;
 };
 
 #define xmlSecXkmsServerRequestKlassGetName(id) \
-	((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL)
+        ((((id) != NULL) && ((id)->name != NULL)) ? (id)->name : NULL)
 
 
 /************************************************************************
  *
  * XKMS ServerRequest Klass flags
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND:
  *
diff --git a/include/xmlsec/private/xslt.h b/include/xmlsec/private/xslt.h
new file mode 100644
index 00000000..e9ba6977
--- /dev/null
+++ b/include/xmlsec/private/xslt.h
@@ -0,0 +1,34 @@
+/**
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * XSLT helper functions
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_PRIVATE_XSLT_H__
+#define __XMLSEC_PRIVATE_XSLT_H__
+
+#ifndef XMLSEC_PRIVATE
+#error "xmlsec/private/xslt.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#ifndef XMLSEC_NO_XSLT
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+void xmlSecTransformXsltInitialize                          (void);
+void xmlSecTransformXsltShutdown                            (void);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* XMLSEC_NO_XSLT */
+
+#endif /* __XMLSEC_PRIVATE_XSLT_H__ */
+
diff --git a/include/xmlsec/skeleton/app.h b/include/xmlsec/skeleton/app.h
index 33c29697..0429f7ba 100644
--- a/include/xmlsec/skeleton/app.h
+++ b/include/xmlsec/skeleton/app.h
@@ -1,87 +1,93 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_SKELETON_APP_H__
-#define __XMLSEC_SKELETON_APP_H__    
+#define __XMLSEC_SKELETON_APP_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/keysmngr.h>
 #include <xmlsec/transforms.h>
 
-/**
+/********************************************************************
+ *
  * Init/shutdown
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppInit			(const char* config);
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppShutdown		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppInit                   (const char* config);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppShutdown               (void);
 
-/** 
+/********************************************************************
+ *
  * Keys Manager
- */
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppDefaultKeysMngrInit	(xmlSecKeysMngrPtr mngr);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecSkeletonAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
-									 xmlSecKeyPtr key);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecSkeletonAppDefaultKeysMngrLoad	(xmlSecKeysMngrPtr mngr,
-									 const char* uri);
-XMLSEC_CRYPTO_EXPORT int 	xmlSecSkeletonAppDefaultKeysMngrSave	(xmlSecKeysMngrPtr mngr,
-									 const char* filename,
-									 xmlSecKeyDataType type);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppDefaultKeysMngrInit    (xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr,
+                                                                         xmlSecKeyPtr key);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppDefaultKeysMngrLoad    (xmlSecKeysMngrPtr mngr,
+                                                                         const char* uri);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppDefaultKeysMngrSave    (xmlSecKeysMngrPtr mngr,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataType type);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppKeysMngrCertLoad	(xmlSecKeysMngrPtr mngr, 
-									 const char *filename, 
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppKeysMngrCertLoadMemory	(xmlSecKeysMngrPtr mngr, 
-									 const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format, 
-									 xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppKeysMngrCertLoad       (xmlSecKeysMngrPtr mngr,
+                                                                         const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppKeysMngrCertLoadMemory (xmlSecKeysMngrPtr mngr,
+                                                                         const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         xmlSecKeyDataType type);
 #endif /* XMLSEC_NO_X509 */
 
 
-/** 
+/********************************************************************
+ *
  * Keys
- */
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppKeyLoad		(const char *filename, 
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppKeyLoadMemory	(const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format,
-									 const char *pwd,
-									 void *pwdCallback,
-									 void* pwdCallbackCtx);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppKeyLoad              (const char *filename,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppKeyLoadMemory        (const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format,
+                                                                         const char *pwd,
+                                                                         void *pwdCallback,
+                                                                         void* pwdCallbackCtx);
 #ifndef XMLSEC_NO_X509
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppPkcs12Load		(const char *filename, 
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppPkcs12LoadMemory	(const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 const char *pwd,
-		    							 void* pwdCallback, 
-									 void* pwdCallbackCtx);
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppKeyCertLoad		(xmlSecKeyPtr key,
-									 const char* filename,
-									 xmlSecKeyDataFormat format);
-XMLSEC_CRYPTO_EXPORT int	xmlSecSkeletonAppKeyCertLoadMemory	(xmlSecKeyPtr key,
-									 const xmlSecByte *data, 
-									 xmlSecSize dataSize,
-									 xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppPkcs12Load           (const char *filename,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT xmlSecKeyPtr xmlSecSkeletonAppPkcs12LoadMemory     (const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         const char *pwd,
+                                                                         void* pwdCallback,
+                                                                         void* pwdCallbackCtx);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppKeyCertLoad            (xmlSecKeyPtr key,
+                                                                         const char* filename,
+                                                                         xmlSecKeyDataFormat format);
+XMLSEC_CRYPTO_EXPORT int        xmlSecSkeletonAppKeyCertLoadMemory      (xmlSecKeyPtr key,
+                                                                         const xmlSecByte *data,
+                                                                         xmlSecSize dataSize,
+                                                                         xmlSecKeyDataFormat format);
 #endif /* XMLSEC_NO_X509 */
 
-XMLSEC_CRYPTO_EXPORT void*	xmlSecSkeletonAppGetDefaultPwdCallback	(void);
+XMLSEC_CRYPTO_EXPORT void*      xmlSecSkeletonAppGetDefaultPwdCallback  (void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/skeleton/crypto.h b/include/xmlsec/skeleton/crypto.h
index 3b32c237..30346669 100644
--- a/include/xmlsec/skeleton/crypto.h
+++ b/include/xmlsec/skeleton/crypto.h
@@ -1,32 +1,34 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_SKELETON_CRYPTO_H__
-#define __XMLSEC_SKELETON_CRYPTO_H__    
+#define __XMLSEC_SKELETON_CRYPTO_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
 #include <xmlsec/dl.h>
 
-XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr	xmlSecCryptoGetFunctions_skeleton(void);
+XMLSEC_CRYPTO_EXPORT xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctions_skeleton(void);
 
-/**
+/********************************************************************
+ *
  * Init shutdown
- */
-XMLSEC_CRYPTO_EXPORT int		xmlSecSkeletonInit		(void);
-XMLSEC_CRYPTO_EXPORT int		xmlSecSkeletonShutdown		(void);
+ *
+ ********************************************************************/
+XMLSEC_CRYPTO_EXPORT int                xmlSecSkeletonInit              (void);
+XMLSEC_CRYPTO_EXPORT int                xmlSecSkeletonShutdown          (void);
 
-XMLSEC_CRYPTO_EXPORT int		xmlSecSkeletonKeysMngrInit	(xmlSecKeysMngrPtr mngr);
+XMLSEC_CRYPTO_EXPORT int                xmlSecSkeletonKeysMngrInit      (xmlSecKeysMngrPtr mngr);
 
 
 #ifdef __cplusplus
@@ -35,4 +37,4 @@ XMLSEC_CRYPTO_EXPORT int		xmlSecSkeletonKeysMngrInit	(xmlSecKeysMngrPtr mngr);
 
 #endif /* __XMLSEC_SKELETON_CRYPTO_H__ */
 
-#define __XMLSEC_SKELETON_CRYPTO_H__    
+#define __XMLSEC_SKELETON_CRYPTO_H__
diff --git a/include/xmlsec/skeleton/symbols.h b/include/xmlsec/skeleton/symbols.h
index 1473f011..9902d3f7 100644
--- a/include/xmlsec/skeleton/symbols.h
+++ b/include/xmlsec/skeleton/symbols.h
@@ -1,13 +1,13 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_SKELETON_SYMBOLS_H__
-#define __XMLSEC_SKELETON_SYMBOLS_H__    
+#define __XMLSEC_SKELETON_SYMBOLS_H__
 
 #if !defined(IN_XMLSEC) && defined(XMLSEC_CRYPTO_DYNAMIC_LOADING)
 #error To disable dynamic loading of xmlsec-crypto libraries undefine XMLSEC_CRYPTO_DYNAMIC_LOADING
@@ -15,89 +15,103 @@
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
-/**
- * Defines for writing simple code
- */
 #ifdef XMLSEC_CRYPTO_SKELETON
 
-/**  
+/********************************************************************
+ *
  * Crypto Init/shutdown
- */
-#define xmlSecCryptoInit			xmlSecSkeletonInit
-#define xmlSecCryptoShutdown			xmlSecSkeletonShutdown
+ *
+ ********************************************************************/
+#define xmlSecCryptoInit                        xmlSecSkeletonInit
+#define xmlSecCryptoShutdown                    xmlSecSkeletonShutdown
 
-#define xmlSecCryptoKeysMngrInit		xmlSecSkeletonKeysMngrInit
+#define xmlSecCryptoKeysMngrInit                xmlSecSkeletonKeysMngrInit
 
-/**
+/********************************************************************
+ *
  * Key data ids
- */
-#define xmlSecKeyDataAesId			xmlSecSkeletonKeyDataAesId
-#define xmlSecKeyDataDesId			xmlSecSkeletonKeyDataDesId
-#define xmlSecKeyDataDsaId			xmlSecSkeletonKeyDataDsaId
-#define xmlSecKeyDataHmacId			xmlSecSkeletonKeyDataHmacId
-#define xmlSecKeyDataRsaId			xmlSecSkeletonKeyDataRsaId
-#define xmlSecKeyDataX509Id			xmlSecSkeletonKeyDataX509Id
-#define xmlSecKeyDataRawX509CertId		xmlSecSkeletonKeyDataRawX509CertId
+ *
+ ********************************************************************/
+#define xmlSecKeyDataAesId                      xmlSecSkeletonKeyDataAesId
+#define xmlSecKeyDataDesId                      xmlSecSkeletonKeyDataDesId
+#define xmlSecKeyDataDsaId                      xmlSecSkeletonKeyDataDsaId
+#define xmlSecKeyDataEcdsaId                    xmlSecSkeletonKeyDataEcdsaId
+#define xmlSecKeyDataHmacId                     xmlSecSkeletonKeyDataHmacId
+#define xmlSecKeyDataRsaId                      xmlSecSkeletonKeyDataRsaId
+#define xmlSecKeyDataX509Id                     xmlSecSkeletonKeyDataX509Id
+#define xmlSecKeyDataRawX509CertId              xmlSecSkeletonKeyDataRawX509CertId
 
-/**
+/********************************************************************
+ *
  * Key data store ids
- */
-#define xmlSecX509StoreId			xmlSecSkeletonX509StoreId
+ *
+ ********************************************************************/
+#define xmlSecX509StoreId                       xmlSecSkeletonX509StoreId
 
-/**
+/********************************************************************
+ *
  * Crypto transforms ids
- */
-#define xmlSecTransformAes128CbcId		xmlSecSkeletonTransformAes128CbcId
-#define xmlSecTransformAes192CbcId		xmlSecSkeletonTransformAes192CbcId
-#define xmlSecTransformAes256CbcId		xmlSecSkeletonTransformAes256CbcId
-#define xmlSecTransformKWAes128Id		xmlSecSkeletonTransformKWAes128Id
-#define xmlSecTransformKWAes192Id		xmlSecSkeletonTransformKWAes192Id
-#define xmlSecTransformKWAes256Id		xmlSecSkeletonTransformKWAes256Id
-#define xmlSecTransformDes3CbcId		xmlSecSkeletonTransformDes3CbcId
-#define xmlSecTransformKWDes3Id			xmlSecSkeletonTransformKWDes3Id
-#define xmlSecTransformDsaSha1Id		xmlSecSkeletonTransformDsaSha1Id
-#define xmlSecTransformHmacMd5Id		xmlSecSkeletonTransformHmacMd5Id
-#define xmlSecTransformHmacRipemd160Id		xmlSecSkeletonTransformHmacRipemd160Id
-#define xmlSecTransformHmacSha1Id		xmlSecSkeletonTransformHmacSha1Id
-#define xmlSecTransformHmacSha224Id		xmlSecSkeletonTransformHmacSha224Id
-#define xmlSecTransformHmacSha256Id		xmlSecSkeletonTransformHmacSha256Id
-#define xmlSecTransformHmacSha384Id		xmlSecSkeletonTransformHmacSha384Id
-#define xmlSecTransformHmacSha512Id		xmlSecSkeletonTransformHmacSha512Id
-#define xmlSecTransformMd5Id			xmlSecSkeletonTransformMd5Id
-#define xmlSecTransformRipemd160Id		xmlSecSkeletonTransformRipemd160Id
-#define xmlSecTransformRsaSha1Id		xmlSecSkeletonTransformRsaSha1Id
-#define xmlSecTransformRsaSha224Id		xmlSecSkeletonTransformRsaSha224Id
-#define xmlSecTransformRsaSha256Id		xmlSecSkeletonTransformRsaSha256Id
-#define xmlSecTransformRsaSha384Id		xmlSecSkeletonTransformRsaSha384Id
-#define xmlSecTransformRsaSha512Id		xmlSecSkeletonTransformRsaSha512Id
-#define xmlSecTransformRsaPkcs1Id		xmlSecSkeletonTransformRsaPkcs1Id
-#define xmlSecTransformRsaOaepId		xmlSecSkeletonTransformRsaOaepId
-#define xmlSecTransformSha1Id			xmlSecSkeletonTransformSha1Id
-#define xmlSecTransformSha224Id			xmlSecSkeletonTransformSha224Id
-#define xmlSecTransformSha256Id			xmlSecSkeletonTransformSha256Id
-#define xmlSecTransformSha384Id			xmlSecSkeletonTransformSha384Id
-#define xmlSecTransformSha512Id			xmlSecSkeletonTransformSha512Id
+ *
+ ********************************************************************/
+#define xmlSecTransformAes128CbcId              xmlSecSkeletonTransformAes128CbcId
+#define xmlSecTransformAes192CbcId              xmlSecSkeletonTransformAes192CbcId
+#define xmlSecTransformAes256CbcId              xmlSecSkeletonTransformAes256CbcId
+#define xmlSecTransformKWAes128Id               xmlSecSkeletonTransformKWAes128Id
+#define xmlSecTransformKWAes192Id               xmlSecSkeletonTransformKWAes192Id
+#define xmlSecTransformKWAes256Id               xmlSecSkeletonTransformKWAes256Id
+#define xmlSecTransformDes3CbcId                xmlSecSkeletonTransformDes3CbcId
+#define xmlSecTransformKWDes3Id                 xmlSecSkeletonTransformKWDes3Id
+#define xmlSecTransformDsaSha1Id                xmlSecSkeletonTransformDsaSha1Id
+#define xmlSecTransformDsaSha256Id              xmlSecSkeletonTransformDsaSha256Id
+#define xmlSecTransformEcdsaSha1Id              xmlSecSkeletonTransformEcdsaSha1Id
+#define xmlSecTransformEcdsaSha224Id            xmlSecSkeletonTransformEcdsaSha224Id
+#define xmlSecTransformEcdsaSha256Id            xmlSecSkeletonTransformEcdsaSha256Id
+#define xmlSecTransformEcdsaSha384Id            xmlSecSkeletonTransformEcdsaSha384Id
+#define xmlSecTransformEcdsaSha512Id            xmlSecSkeletonTransformEcdsaSha512Id
+#define xmlSecTransformHmacMd5Id                xmlSecSkeletonTransformHmacMd5Id
+#define xmlSecTransformHmacRipemd160Id          xmlSecSkeletonTransformHmacRipemd160Id
+#define xmlSecTransformHmacSha1Id               xmlSecSkeletonTransformHmacSha1Id
+#define xmlSecTransformHmacSha224Id             xmlSecSkeletonTransformHmacSha224Id
+#define xmlSecTransformHmacSha256Id             xmlSecSkeletonTransformHmacSha256Id
+#define xmlSecTransformHmacSha384Id             xmlSecSkeletonTransformHmacSha384Id
+#define xmlSecTransformHmacSha512Id             xmlSecSkeletonTransformHmacSha512Id
+#define xmlSecTransformMd5Id                    xmlSecSkeletonTransformMd5Id
+#define xmlSecTransformRipemd160Id              xmlSecSkeletonTransformRipemd160Id
+#define xmlSecTransformRsaSha1Id                xmlSecSkeletonTransformRsaSha1Id
+#define xmlSecTransformRsaSha224Id              xmlSecSkeletonTransformRsaSha224Id
+#define xmlSecTransformRsaSha256Id              xmlSecSkeletonTransformRsaSha256Id
+#define xmlSecTransformRsaSha384Id              xmlSecSkeletonTransformRsaSha384Id
+#define xmlSecTransformRsaSha512Id              xmlSecSkeletonTransformRsaSha512Id
+#define xmlSecTransformRsaPkcs1Id               xmlSecSkeletonTransformRsaPkcs1Id
+#define xmlSecTransformRsaOaepId                xmlSecSkeletonTransformRsaOaepId
+#define xmlSecTransformSha1Id                   xmlSecSkeletonTransformSha1Id
+#define xmlSecTransformSha224Id                 xmlSecSkeletonTransformSha224Id
+#define xmlSecTransformSha256Id                 xmlSecSkeletonTransformSha256Id
+#define xmlSecTransformSha384Id                 xmlSecSkeletonTransformSha384Id
+#define xmlSecTransformSha512Id                 xmlSecSkeletonTransformSha512Id
 
-/**
+/********************************************************************
+ *
  * High level routines form xmlsec command line utility
- */ 
-#define xmlSecCryptoAppInit			xmlSecSkeletonAppInit
-#define xmlSecCryptoAppShutdown			xmlSecSkeletonAppShutdown
-#define xmlSecCryptoAppDefaultKeysMngrInit	xmlSecSkeletonAppDefaultKeysMngrInit
-#define xmlSecCryptoAppDefaultKeysMngrAdoptKey	xmlSecSkeletonAppDefaultKeysMngrAdoptKey
-#define xmlSecCryptoAppDefaultKeysMngrLoad	xmlSecSkeletonAppDefaultKeysMngrLoad
-#define xmlSecCryptoAppDefaultKeysMngrSave	xmlSecSkeletonAppDefaultKeysMngrSave
-#define xmlSecCryptoAppKeysMngrCertLoad		xmlSecSkeletonAppKeysMngrCertLoad
-#define xmlSecCryptoAppKeysMngrCertLoadMemory	xmlSecSkeletonAppKeysMngrCertLoadMemory
-#define xmlSecCryptoAppKeyLoad			xmlSecSkeletonAppKeyLoad
-#define xmlSecCryptoAppPkcs12Load		xmlSecSkeletonAppPkcs12Load
-#define xmlSecCryptoAppKeyCertLoad		xmlSecSkeletonAppKeyCertLoad
-#define xmlSecCryptoAppKeyLoadMemory		xmlSecSkeletonAppKeyLoadMemory
-#define xmlSecCryptoAppPkcs12LoadMemory		xmlSecSkeletonAppPkcs12LoadMemory
-#define xmlSecCryptoAppKeyCertLoadMemory	xmlSecSkeletonAppKeyCertLoadMemory
-#define xmlSecCryptoAppGetDefaultPwdCallback	xmlSecSkeletonAppGetDefaultPwdCallback
+ *
+ ********************************************************************/
+#define xmlSecCryptoAppInit                     xmlSecSkeletonAppInit
+#define xmlSecCryptoAppShutdown                 xmlSecSkeletonAppShutdown
+#define xmlSecCryptoAppDefaultKeysMngrInit      xmlSecSkeletonAppDefaultKeysMngrInit
+#define xmlSecCryptoAppDefaultKeysMngrAdoptKey  xmlSecSkeletonAppDefaultKeysMngrAdoptKey
+#define xmlSecCryptoAppDefaultKeysMngrLoad      xmlSecSkeletonAppDefaultKeysMngrLoad
+#define xmlSecCryptoAppDefaultKeysMngrSave      xmlSecSkeletonAppDefaultKeysMngrSave
+#define xmlSecCryptoAppKeysMngrCertLoad         xmlSecSkeletonAppKeysMngrCertLoad
+#define xmlSecCryptoAppKeysMngrCertLoadMemory   xmlSecSkeletonAppKeysMngrCertLoadMemory
+#define xmlSecCryptoAppKeyLoad                  xmlSecSkeletonAppKeyLoad
+#define xmlSecCryptoAppPkcs12Load               xmlSecSkeletonAppPkcs12Load
+#define xmlSecCryptoAppKeyCertLoad              xmlSecSkeletonAppKeyCertLoad
+#define xmlSecCryptoAppKeyLoadMemory            xmlSecSkeletonAppKeyLoadMemory
+#define xmlSecCryptoAppPkcs12LoadMemory         xmlSecSkeletonAppPkcs12LoadMemory
+#define xmlSecCryptoAppKeyCertLoadMemory        xmlSecSkeletonAppKeyCertLoadMemory
+#define xmlSecCryptoAppGetDefaultPwdCallback    xmlSecSkeletonAppGetDefaultPwdCallback
 
 #endif /* XMLSEC_CRYPTO_SKELETON */
 
@@ -107,4 +121,4 @@ extern "C" {
 
 #endif /* __XMLSEC_SKELETON_CRYPTO_H__ */
 
-#define __XMLSEC_SKELETON_CRYPTO_H__    
+#define __XMLSEC_SKELETON_CRYPTO_H__
diff --git a/include/xmlsec/soap.h b/include/xmlsec/soap.h
index 4862a84b..c4efc00f 100644
--- a/include/xmlsec/soap.h
+++ b/include/xmlsec/soap.h
@@ -1,21 +1,21 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Simple SOAP messages parsing/creation.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_SOAP_H__
-#define __XMLSEC_SOAP_H__    
+#define __XMLSEC_SOAP_H__
 
 #ifndef XMLSEC_NO_SOAP
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <xmlsec/xmlsec.h>
@@ -23,64 +23,64 @@ extern "C" {
 
 /***********************************************************************
  *
- * SOAP 1.1 
+ * SOAP 1.1
  *
  **********************************************************************/
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11CreateEnvelope	(xmlDocPtr doc);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11EnsureHeader	(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11AddBodyEntry	(xmlNodePtr envNode,
-								 xmlNodePtr entryNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11AddFaultEntry	(xmlNodePtr envNode,
-								 const xmlChar* faultCodeHref,
-								 const xmlChar* faultCodeLocalPart,
-								 const xmlChar* faultString,
-								 const xmlChar* faultActor);
-XMLSEC_EXPORT int		xmlSecSoap11CheckEnvelope	(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11GetHeader		(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11GetBody		(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlSecSize	xmlSecSoap11GetBodyEntriesNumber(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11GetBodyEntry	(xmlNodePtr envNode,
-								 xmlSecSize pos);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap11GetFaultEntry	(xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11CreateEnvelope      (xmlDocPtr doc);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11EnsureHeader        (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11AddBodyEntry        (xmlNodePtr envNode,
+                                                                 xmlNodePtr entryNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11AddFaultEntry       (xmlNodePtr envNode,
+                                                                 const xmlChar* faultCodeHref,
+                                                                 const xmlChar* faultCodeLocalPart,
+                                                                 const xmlChar* faultString,
+                                                                 const xmlChar* faultActor);
+XMLSEC_EXPORT int               xmlSecSoap11CheckEnvelope       (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11GetHeader           (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11GetBody             (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlSecSize        xmlSecSoap11GetBodyEntriesNumber(xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11GetBodyEntry        (xmlNodePtr envNode,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap11GetFaultEntry       (xmlNodePtr envNode);
 
 
 /***********************************************************************
  *
- * SOAP 1.2 
+ * SOAP 1.2
  *
  **********************************************************************/
 /**
  * xmlSecSoap12FaultCode:
- * @xmlSecSoap12FaultCodeUnknown:		The fault code is not available.
- * @xmlSecSoap12FaultCodeVersionMismatch:	The faulting node found an 
- *						invalid element information 
- *						item instead of the expected 
- *						Envelope element information item. 
- * @xmlSecSoap12FaultCodeMustUnderstand:	An immediate child element 
- *						information item of the SOAP 
- *						Header element information item 
- *						targeted at the faulting node 
- *						that was not understood by the 
- *						faulting node contained a SOAP 
- *						mustUnderstand attribute 
- *						information item with a value of "true"
- * @xmlSecSoap12FaultCodeDataEncodingUnknown:	A SOAP header block or SOAP 
- *						body child element information 
- *						item targeted at the faulting 
- *						SOAP node is scoped with a data 
- *						encoding that the faulting node 
- *						does not support.
- * @xmlSecSoap12FaultCodeSender:		The message was incorrectly 
- *						formed or did not contain the 
- *						appropriate information in order 
- *						to succeed. 
- * @xmlSecSoap12FaultCodeReceiver:		The message could not be processed 
- *						for reasons attributable to the 
- *						processing of the message rather 
- *						than to the contents of the 
- *						message itself. 
- * 
- * The values of the <Value> child element information item of the 
+ * @xmlSecSoap12FaultCodeUnknown:               The fault code is not available.
+ * @xmlSecSoap12FaultCodeVersionMismatch:       The faulting node found an
+ *                                              invalid element information
+ *                                              item instead of the expected
+ *                                              Envelope element information item.
+ * @xmlSecSoap12FaultCodeMustUnderstand:        An immediate child element
+ *                                              information item of the SOAP
+ *                                              Header element information item
+ *                                              targeted at the faulting node
+ *                                              that was not understood by the
+ *                                              faulting node contained a SOAP
+ *                                              mustUnderstand attribute
+ *                                              information item with a value of "true"
+ * @xmlSecSoap12FaultCodeDataEncodingUnknown:   A SOAP header block or SOAP
+ *                                              body child element information
+ *                                              item targeted at the faulting
+ *                                              SOAP node is scoped with a data
+ *                                              encoding that the faulting node
+ *                                              does not support.
+ * @xmlSecSoap12FaultCodeSender:                The message was incorrectly
+ *                                              formed or did not contain the
+ *                                              appropriate information in order
+ *                                              to succeed.
+ * @xmlSecSoap12FaultCodeReceiver:              The message could not be processed
+ *                                              for reasons attributable to the
+ *                                              processing of the message rather
+ *                                              than to the contents of the
+ *                                              message itself.
+ *
+ * The values of the <Value> child element information item of the
  * <Code> element information item (http://www.w3.org/TR/2003/REC-soap12-part1-20030624/#faultcodes).
  */
 typedef enum {
@@ -90,35 +90,35 @@ typedef enum {
     xmlSecSoap12FaultCodeDataEncodingUnknown,
     xmlSecSoap12FaultCodeSender,
     xmlSecSoap12FaultCodeReceiver
-} xmlSecSoap12FaultCode; 
+} xmlSecSoap12FaultCode;
+
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12CreateEnvelope      (xmlDocPtr doc);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12EnsureHeader        (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12AddBodyEntry        (xmlNodePtr envNode,
+                                                                 xmlNodePtr entryNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12AddFaultEntry       (xmlNodePtr envNode,
+                                                                 xmlSecSoap12FaultCode faultCode,
+                                                                 const xmlChar* faultReasonText,
+                                                                 const xmlChar* faultReasonLang,
+                                                                 const xmlChar* faultNodeURI,
+                                                                 const xmlChar* faultRole);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12AddFaultSubcode     (xmlNodePtr faultNode,
+                                                                 const xmlChar* subCodeHref,
+                                                                 const xmlChar* subCodeName);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12AddFaultReasonText  (xmlNodePtr faultNode,
+                                                                 const xmlChar* faultReasonText,
+                                                                 const xmlChar* faultReasonLang);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12AddFaultDetailEntry (xmlNodePtr faultNode,
+                                                                 xmlNodePtr detailEntryNode);
+XMLSEC_EXPORT int               xmlSecSoap12CheckEnvelope       (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12GetHeader           (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12GetBody             (xmlNodePtr envNode);
+XMLSEC_EXPORT xmlSecSize        xmlSecSoap12GetBodyEntriesNumber(xmlNodePtr envNode);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12GetBodyEntry        (xmlNodePtr envNode,
+                                                                 xmlSecSize pos);
+XMLSEC_EXPORT xmlNodePtr        xmlSecSoap12GetFaultEntry       (xmlNodePtr envNode);
 
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12CreateEnvelope	(xmlDocPtr doc);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12EnsureHeader	(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12AddBodyEntry	(xmlNodePtr envNode,
-								 xmlNodePtr entryNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12AddFaultEntry	(xmlNodePtr envNode,
-								 xmlSecSoap12FaultCode faultCode,
-								 const xmlChar* faultReasonText,
-								 const xmlChar* faultReasonLang,
-								 const xmlChar* faultNodeURI,
-								 const xmlChar* faultRole);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12AddFaultSubcode	(xmlNodePtr faultNode,
-								 const xmlChar* subCodeHref,
-								 const xmlChar* subCodeName);								 
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12AddFaultReasonText	(xmlNodePtr faultNode,
-								 const xmlChar* faultReasonText,
-								 const xmlChar* faultReasonLang);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12AddFaultDetailEntry	(xmlNodePtr faultNode,
-								 xmlNodePtr detailEntryNode);
-XMLSEC_EXPORT int		xmlSecSoap12CheckEnvelope	(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12GetHeader		(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12GetBody		(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlSecSize	xmlSecSoap12GetBodyEntriesNumber(xmlNodePtr envNode);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12GetBodyEntry	(xmlNodePtr envNode,
-								 xmlSecSize pos);
-XMLSEC_EXPORT xmlNodePtr	xmlSecSoap12GetFaultEntry	(xmlNodePtr envNode);
 
-								 
 #endif /* XMLSEC_NO_SOAP */
 
 
diff --git a/include/xmlsec/strings.h b/include/xmlsec/strings.h
index 07afb9dd..5e3f6a1c 100644
--- a/include/xmlsec/strings.h
+++ b/include/xmlsec/strings.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * All the string constans.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_STRINGS_H__
-#define __XMLSEC_STRINGS_H__    
+#define __XMLSEC_STRINGS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -318,6 +318,43 @@ XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeDSAPgenCounter[];
 XMLSEC_EXPORT_VAR const xmlChar xmlSecNameDsaSha1[];
 XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefDsaSha1[];
 
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameDsaSha256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefDsaSha256[];
+
+/*************************************************************************
+ *
+ * ECDSA strings
+ *
+ ************************************************************************/
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameECDSAKeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAKeyValue[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefECDSAKeyValue[];
+
+/* XXX-MAK: More constants will be needed later. */
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAP[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAQ[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAG[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAJ[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAX[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAY[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSASeed[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNodeECDSAPgenCounter[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameEcdsaSha1[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefEcdsaSha1[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameEcdsaSha224[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefEcdsaSha224[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameEcdsaSha256[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefEcdsaSha256[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameEcdsaSha384[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefEcdsaSha384[];
+
+XMLSEC_EXPORT_VAR const xmlChar xmlSecNameEcdsaSha512[];
+XMLSEC_EXPORT_VAR const xmlChar xmlSecHrefEcdsaSha512[];
+
 /*************************************************************************
  *
  * GOST2001 strings
diff --git a/include/xmlsec/templates.h b/include/xmlsec/templates.h
index 11d1c2c4..815cddce 100644
--- a/include/xmlsec/templates.h
+++ b/include/xmlsec/templates.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * KeyInfo node processing
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_TEMPLATES_H__
-#define __XMLSEC_TEMPALTES_H__    
+#define __XMLSEC_TEMPALTES_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -25,134 +25,134 @@ extern "C" {
  * <dsig:Signature> node
  *
  **********************************************************************/
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureCreate		(xmlDocPtr doc,
-								 xmlSecTransformId c14nMethodId,
-								 xmlSecTransformId signMethodId,
-								 const xmlChar *id);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureCreate              (xmlDocPtr doc,
+                                                                 xmlSecTransformId c14nMethodId,
+                                                                 xmlSecTransformId signMethodId,
+                                                                 const xmlChar *id);
 XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureCreateNsPref       (xmlDocPtr doc,
                                                                 xmlSecTransformId c14nMethodId,
                                                                 xmlSecTransformId signMethodId,
                                                                 const xmlChar *id,
                                                                 const xmlChar *nsPrefix);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureEnsureKeyInfo	(xmlNodePtr signNode,
-								 const xmlChar *id);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureAddReference	(xmlNodePtr signNode,
-								 xmlSecTransformId digestMethodId,
-								 const xmlChar *id, 
-								 const xmlChar *uri,
-								 const xmlChar *type);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureAddObject		(xmlNodePtr signNode,
-								 const xmlChar *id,
-								 const xmlChar *mimeType,
-								 const xmlChar *encoding);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureGetSignMethodNode	(xmlNodePtr signNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureGetC14NMethodNode	(xmlNodePtr signNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureEnsureKeyInfo       (xmlNodePtr signNode,
+                                                                 const xmlChar *id);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureAddReference        (xmlNodePtr signNode,
+                                                                 xmlSecTransformId digestMethodId,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *uri,
+                                                                 const xmlChar *type);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureAddObject           (xmlNodePtr signNode,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *mimeType,
+                                                                 const xmlChar *encoding);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureGetSignMethodNode   (xmlNodePtr signNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplSignatureGetC14NMethodNode   (xmlNodePtr signNode);
 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplReferenceAddTransform	(xmlNodePtr referenceNode,
-								 xmlSecTransformId transformId);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplObjectAddSignProperties	(xmlNodePtr objectNode,
-								 const xmlChar *id,
-								 const xmlChar *target);							 							 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplObjectAddManifest		(xmlNodePtr objectNode,
-								 const xmlChar *id);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplManifestAddReference		(xmlNodePtr manifestNode,
-								 xmlSecTransformId digestMethodId,
-								 const xmlChar *id, 
-								 const xmlChar *uri,
-								 const xmlChar *type);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplReferenceAddTransform        (xmlNodePtr referenceNode,
+                                                                 xmlSecTransformId transformId);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplObjectAddSignProperties      (xmlNodePtr objectNode,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *target);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplObjectAddManifest            (xmlNodePtr objectNode,
+                                                                 const xmlChar *id);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplManifestAddReference         (xmlNodePtr manifestNode,
+                                                                 xmlSecTransformId digestMethodId,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *uri,
+                                                                 const xmlChar *type);
 
 /***********************************************************************
  *
  * <enc:EncryptedData> node
  *
- **********************************************************************/ 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataCreate		(xmlDocPtr doc,
-								 xmlSecTransformId encMethodId,
-								 const xmlChar *id,
-								 const xmlChar *type,
-								 const xmlChar *mimeType,
-								 const xmlChar *encoding);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureKeyInfo		(xmlNodePtr encNode,
-								 const xmlChar *id);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureEncProperties	(xmlNodePtr encNode,
-								 const xmlChar *id); 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataAddEncProperty	(xmlNodePtr encNode,
-								 const xmlChar *id,
-								 const xmlChar *target);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureCipherValue	(xmlNodePtr encNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureCipherReference	(xmlNodePtr encNode,
-								 const xmlChar *uri);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataGetEncMethodNode	(xmlNodePtr encNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplCipherReferenceAddTransform	(xmlNodePtr cipherReferenceNode,
-								 xmlSecTransformId transformId);
+ **********************************************************************/
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataCreate                (xmlDocPtr doc,
+                                                                 xmlSecTransformId encMethodId,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *type,
+                                                                 const xmlChar *mimeType,
+                                                                 const xmlChar *encoding);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureKeyInfo         (xmlNodePtr encNode,
+                                                                 const xmlChar *id);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureEncProperties   (xmlNodePtr encNode,
+                                                                 const xmlChar *id);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataAddEncProperty        (xmlNodePtr encNode,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *target);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureCipherValue     (xmlNodePtr encNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataEnsureCipherReference (xmlNodePtr encNode,
+                                                                 const xmlChar *uri);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplEncDataGetEncMethodNode      (xmlNodePtr encNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplCipherReferenceAddTransform  (xmlNodePtr cipherReferenceNode,
+                                                                 xmlSecTransformId transformId);
 
 /***********************************************************************
  *
  * <enc:EncryptedKey> node
  *
- **********************************************************************/ 
+ **********************************************************************/
 XMLSEC_EXPORT xmlNodePtr xmlSecTmplReferenceListAddDataReference(xmlNodePtr encNode,
                                                                  const xmlChar *uri);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplReferenceListAddKeyReference	(xmlNodePtr encNode,
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplReferenceListAddKeyReference (xmlNodePtr encNode,
                                                                  const xmlChar *uri);
 
 /***********************************************************************
  *
  * <dsig:KeyInfo> node
  *
- **********************************************************************/ 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddKeyName		(xmlNodePtr keyInfoNode,
-								 const xmlChar* name);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddKeyValue		(xmlNodePtr keyInfoNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddX509Data		(xmlNodePtr keyInfoNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddRetrievalMethod	(xmlNodePtr keyInfoNode,
-								 const xmlChar *uri,
-								 const xmlChar *type);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplRetrievalMethodAddTransform	(xmlNodePtr retrMethodNode,
-								 xmlSecTransformId transformId);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddEncryptedKey	(xmlNodePtr keyInfoNode,
-								 xmlSecTransformId encMethodId,
-								 const xmlChar *id,
-								 const xmlChar *type,
-								 const xmlChar *recipient);
+ **********************************************************************/
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddKeyName            (xmlNodePtr keyInfoNode,
+                                                                 const xmlChar* name);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddKeyValue           (xmlNodePtr keyInfoNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddX509Data           (xmlNodePtr keyInfoNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddRetrievalMethod    (xmlNodePtr keyInfoNode,
+                                                                 const xmlChar *uri,
+                                                                 const xmlChar *type);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplRetrievalMethodAddTransform  (xmlNodePtr retrMethodNode,
+                                                                 xmlSecTransformId transformId);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplKeyInfoAddEncryptedKey       (xmlNodePtr keyInfoNode,
+                                                                 xmlSecTransformId encMethodId,
+                                                                 const xmlChar *id,
+                                                                 const xmlChar *type,
+                                                                 const xmlChar *recipient);
 
 /***********************************************************************
  *
  * <dsig:X509Data> node
  *
- **********************************************************************/ 
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddIssuerSerial	(xmlNodePtr x509DataNode);
+ **********************************************************************/
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddIssuerSerial      (xmlNodePtr x509DataNode);
 XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509IssuerSerialAddIssuerName(xmlNodePtr x509IssuerSerialNode, const xmlChar* issuerName);
 XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509IssuerSerialAddSerialNumber(xmlNodePtr x509IssuerSerialNode, const xmlChar* serial);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddSubjectName	(xmlNodePtr x509DataNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddSKI		(xmlNodePtr x509DataNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddCertificate	(xmlNodePtr x509DataNode);
-XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddCRL		(xmlNodePtr x509DataNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddSubjectName       (xmlNodePtr x509DataNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddSKI               (xmlNodePtr x509DataNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddCertificate       (xmlNodePtr x509DataNode);
+XMLSEC_EXPORT xmlNodePtr xmlSecTmplX509DataAddCRL               (xmlNodePtr x509DataNode);
 
 /***********************************************************************
  *
  * <dsig:Transform> node
  *
- **********************************************************************/ 
-XMLSEC_EXPORT int	xmlSecTmplTransformAddHmacOutputLength	(xmlNodePtr transformNode,
-								 xmlSecSize bitsLen);
-XMLSEC_EXPORT int  	xmlSecTmplTransformAddRsaOaepParam	(xmlNodePtr transformNode,
-								 const xmlSecByte *buf,
-								 xmlSecSize size);
-XMLSEC_EXPORT int	xmlSecTmplTransformAddXsltStylesheet	(xmlNodePtr transformNode, 
-								 const xmlChar *xslt);
-XMLSEC_EXPORT int	xmlSecTmplTransformAddC14NInclNamespaces(xmlNodePtr transformNode,
-								 const xmlChar *prefixList);							 
-XMLSEC_EXPORT int 	xmlSecTmplTransformAddXPath		(xmlNodePtr transformNode, 
-								 const xmlChar *expression,
-								 const xmlChar **nsList);
-XMLSEC_EXPORT int 	xmlSecTmplTransformAddXPath2		(xmlNodePtr transformNode, 
-								 const xmlChar* type,
-								 const xmlChar *expression,
-								 const xmlChar **nsList);
-XMLSEC_EXPORT int 	xmlSecTmplTransformAddXPointer		(xmlNodePtr transformNode, 
-								 const xmlChar *expression,
-								 const xmlChar **nsList);
+ **********************************************************************/
+XMLSEC_EXPORT int       xmlSecTmplTransformAddHmacOutputLength  (xmlNodePtr transformNode,
+                                                                 xmlSecSize bitsLen);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddRsaOaepParam      (xmlNodePtr transformNode,
+                                                                 const xmlSecByte *buf,
+                                                                 xmlSecSize size);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddXsltStylesheet    (xmlNodePtr transformNode,
+                                                                 const xmlChar *xslt);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddC14NInclNamespaces(xmlNodePtr transformNode,
+                                                                 const xmlChar *prefixList);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddXPath             (xmlNodePtr transformNode,
+                                                                 const xmlChar *expression,
+                                                                 const xmlChar **nsList);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddXPath2            (xmlNodePtr transformNode,
+                                                                 const xmlChar* type,
+                                                                 const xmlChar *expression,
+                                                                 const xmlChar **nsList);
+XMLSEC_EXPORT int       xmlSecTmplTransformAddXPointer          (xmlNodePtr transformNode,
+                                                                 const xmlChar *expression,
+                                                                 const xmlChar **nsList);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/transforms.h b/include/xmlsec/transforms.h
index 4008caef..f0c70c91 100644
--- a/include/xmlsec/transforms.h
+++ b/include/xmlsec/transforms.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
- * The transforms engine 
+ * The transforms engine
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_TRANSFORMS_H__
-#define __XMLSEC_TRANSFORMS_H__    
+#define __XMLSEC_TRANSFORMS_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 #include <libxml/xpath.h>
@@ -24,35 +24,35 @@ extern "C" {
 #include <xmlsec/nodeset.h>
 #include <xmlsec/keys.h>
 
-typedef const struct _xmlSecTransformKlass		xmlSecTransformKlass, 
-							*xmlSecTransformId;
+typedef const struct _xmlSecTransformKlass              xmlSecTransformKlass,
+                                                        *xmlSecTransformId;
 
 /**
  * XMLSEC_TRANSFORM_BINARY_CHUNK:
  *
- * The binary data chunks size. XMLSec processes binary data one chunk 
+ * The binary data chunks size. XMLSec processes binary data one chunk
  * at a time. Changing this impacts xmlsec memory usage and performance.
  */
-#define XMLSEC_TRANSFORM_BINARY_CHUNK			64
+#define XMLSEC_TRANSFORM_BINARY_CHUNK                   64
 
 /**********************************************************************
  *
- * Hi-level functions
+ * High-level functions
  *
  *********************************************************************/
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecTransformIdsGet		(void);
-XMLSEC_EXPORT int 		xmlSecTransformIdsInit		(void);
-XMLSEC_EXPORT void 		xmlSecTransformIdsShutdown	(void);
-XMLSEC_EXPORT int 		xmlSecTransformIdsRegisterDefault(void);
-XMLSEC_EXPORT int		xmlSecTransformIdsRegister	(xmlSecTransformId id);
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecTransformIdsGet           (void);
+XMLSEC_EXPORT int               xmlSecTransformIdsInit          (void);
+XMLSEC_EXPORT void              xmlSecTransformIdsShutdown      (void);
+XMLSEC_EXPORT int               xmlSecTransformIdsRegisterDefault(void);
+XMLSEC_EXPORT int               xmlSecTransformIdsRegister      (xmlSecTransformId id);
 
 /**
  * xmlSecTransformStatus:
- * @xmlSecTransformStatusNone: 		the status unknown.
- * @xmlSecTransformStatusWorking: 	the transform is executed.
- * @xmlSecTransformStatusFinished: 	the transform finished
- * @xmlSecTransformStatusOk: 		the transform succeeded.
- * @xmlSecTransformStatusFail: 		the transform failed (an error occur).
+ * @xmlSecTransformStatusNone:          the status unknown.
+ * @xmlSecTransformStatusWorking:       the transform is executed.
+ * @xmlSecTransformStatusFinished:      the transform finished
+ * @xmlSecTransformStatusOk:            the transform succeeded.
+ * @xmlSecTransformStatusFail:          the transform failed (an error occur).
  *
  * The transform execution status.
  */
@@ -66,9 +66,9 @@ typedef enum  {
 
 /**
  * xmlSecTransformMode:
- * @xmlSecTransformModeNone: 		the mode is unknown.
- * @xmlSecTransformModePush: 		pushing data thru transform. 
- * @xmlSecTransformModePop: 		popping data from transform.
+ * @xmlSecTransformModeNone:            the mode is unknown.
+ * @xmlSecTransformModePush:            pushing data thru transform.
+ * @xmlSecTransformModePop:             popping data from transform.
  *
  * The transform operation mode
  */
@@ -80,14 +80,14 @@ typedef enum  {
 
 /**
  * xmlSecTransformOperation:
- * @xmlSecTransformOperationNone:	the operation is unknown.
- * @xmlSecTransformOperationEncode:	the encode operation (for base64 transform).	
- * @xmlSecTransformOperationDecode:	the decode operation (for base64 transform).
- * @xmlSecTransformOperationSign:	the sign or digest operation.
- * @xmlSecTransformOperationVerify:	the verification of signature or digest operation.
- * @xmlSecTransformOperationEncrypt:	the encryption operation.
- * @xmlSecTransformOperationDecrypt:	the decryption operation.
- * 
+ * @xmlSecTransformOperationNone:       the operation is unknown.
+ * @xmlSecTransformOperationEncode:     the encode operation (for base64 transform).
+ * @xmlSecTransformOperationDecode:     the decode operation (for base64 transform).
+ * @xmlSecTransformOperationSign:       the sign or digest operation.
+ * @xmlSecTransformOperationVerify:     the verification of signature or digest operation.
+ * @xmlSecTransformOperationEncrypt:    the encryption operation.
+ * @xmlSecTransformOperationDecrypt:    the decryption operation.
+ *
  * The transform operation.
  */
 typedef enum  {
@@ -110,52 +110,52 @@ typedef enum  {
  *
  * URI transform type bit mask.
  */
-typedef unsigned int				xmlSecTransformUriType;
+typedef unsigned int                            xmlSecTransformUriType;
 
 /**
  * xmlSecTransformUriTypeNone:
  *
  * The URI type is unknown or not set.
  */
-#define xmlSecTransformUriTypeNone		0x0000
+#define xmlSecTransformUriTypeNone              0x0000
 
 /**
  * xmlSecTransformUriTypeEmpty:
  *
  * The empty URI ("") type.
  */
-#define xmlSecTransformUriTypeEmpty		0x0001
+#define xmlSecTransformUriTypeEmpty             0x0001
 
 /**
  * xmlSecTransformUriTypeSameDocument:
  *
  * The smae document ("#...") but not empty ("") URI type.
  */
-#define xmlSecTransformUriTypeSameDocument	0x0002		
+#define xmlSecTransformUriTypeSameDocument      0x0002
 
 /**
  * xmlSecTransformUriTypeLocal:
  *
  * The local URI ("file:///....") type.
  */
-#define xmlSecTransformUriTypeLocal		0x0004
+#define xmlSecTransformUriTypeLocal             0x0004
 
 /**
  * xmlSecTransformUriTypeRemote:
  *
  * The remote URI type.
  */
-#define xmlSecTransformUriTypeRemote		0x0008
+#define xmlSecTransformUriTypeRemote            0x0008
 
 /**
  * xmlSecTransformUriTypeAny:
  *
  * Any URI type.
  */
-#define xmlSecTransformUriTypeAny		0xFFFF
+#define xmlSecTransformUriTypeAny               0xFFFF
 
-XMLSEC_EXPORT int 			xmlSecTransformUriTypeCheck	(xmlSecTransformUriType type,
-									 const xmlChar* uri);
+XMLSEC_EXPORT int                       xmlSecTransformUriTypeCheck     (xmlSecTransformUriType type,
+                                                                         const xmlChar* uri);
 /**************************************************************************
  *
  * xmlSecTransformDataType
@@ -163,31 +163,31 @@ XMLSEC_EXPORT int 			xmlSecTransformUriTypeCheck	(xmlSecTransformUriType type,
  *************************************************************************/
 /**
  * xmlSecTransformDataType:
- * 
+ *
  * Transform data type bit mask.
- */ 
-typedef xmlSecByte				xmlSecTransformDataType;
+ */
+typedef xmlSecByte                              xmlSecTransformDataType;
 
 /**
  * xmlSecTransformDataTypeUnknown:
  *
  * The transform data type is unknown or nor data expected.
  */
-#define xmlSecTransformDataTypeUnknown		0x0000
+#define xmlSecTransformDataTypeUnknown          0x0000
 
 /**
  * xmlSecTransformDataTypeBin:
  *
  * The binary transform data.
  */
-#define xmlSecTransformDataTypeBin		0x0001
+#define xmlSecTransformDataTypeBin              0x0001
 
 /**
  * xmlSecTransformDataTypeXml:
  *
  * The xml transform data.
  */
-#define xmlSecTransformDataTypeXml		0x0002
+#define xmlSecTransformDataTypeXml              0x0002
 
 /**************************************************************************
  *
@@ -199,56 +199,56 @@ typedef xmlSecByte				xmlSecTransformDataType;
  *
  * The transform usage bit mask.
  */
-typedef unsigned int				xmlSecTransformUsage;
+typedef unsigned int                            xmlSecTransformUsage;
 
 /**
  * xmlSecTransformUsageUnknown:
  *
  * Transforms usage is unknown or undefined.
  */
-#define xmlSecTransformUsageUnknown		0x0000
+#define xmlSecTransformUsageUnknown             0x0000
 
 /**
  * xmlSecTransformUsageDSigTransform:
  *
  * Transform could be used in <dsig:Transform>.
  */
-#define xmlSecTransformUsageDSigTransform	0x0001
+#define xmlSecTransformUsageDSigTransform       0x0001
 
 /**
  * xmlSecTransformUsageC14NMethod:
  *
  * Transform could be used in <dsig:CanonicalizationMethod>.
  */
-#define xmlSecTransformUsageC14NMethod		0x0002
+#define xmlSecTransformUsageC14NMethod          0x0002
 
 /**
  * xmlSecTransformUsageDigestMethod:
  *
  * Transform could be used in <dsig:DigestMethod>.
  */
-#define xmlSecTransformUsageDigestMethod	0x0004
+#define xmlSecTransformUsageDigestMethod        0x0004
 
-/** 
- * xmlSecTransformUsageSignatureMethod: 
+/**
+ * xmlSecTransformUsageSignatureMethod:
  *
  * Transform could be used in <dsig:SignatureMethod>.
  */
-#define xmlSecTransformUsageSignatureMethod	0x0008
+#define xmlSecTransformUsageSignatureMethod     0x0008
 
 /**
  * xmlSecTransformUsageEncryptionMethod:
  *
  * Transform could be used in <enc:EncryptionMethod>.
  */
-#define xmlSecTransformUsageEncryptionMethod	0x0010
+#define xmlSecTransformUsageEncryptionMethod    0x0010
 
 /**
  * xmlSecTransformUsageAny:
  *
  * Transform could be used for operation.
  */
-#define xmlSecTransformUsageAny			0xFFFF
+#define xmlSecTransformUsageAny                 0xFFFF
 
 /**************************************************************************
  *
@@ -257,7 +257,7 @@ typedef unsigned int				xmlSecTransformUsage;
  *************************************************************************/
 /**
  * xmlSecTransformCtxPreExecuteCallback:
- * @transformCtx:	the pointer to transform's context. 
+ * @transformCtx:       the pointer to transform's context.
  *
  * The callback called after creating transforms chain but before
  * starting data processing. Application can use this callback to
@@ -267,107 +267,107 @@ typedef unsigned int				xmlSecTransformUsage;
  * Returns: 0 on success and a negative value otherwise (in this case,
  * transforms chain will not be executed and xmlsec processing stops).
  */
-typedef int  		(*xmlSecTransformCtxPreExecuteCallback)		(xmlSecTransformCtxPtr transformCtx); 
+typedef int             (*xmlSecTransformCtxPreExecuteCallback)         (xmlSecTransformCtxPtr transformCtx);
 
 /**
  * XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK:
  *
  * If this flag is set then URI ID references are resolved directly
  * without using XPointers. This allows one to sign/verify Visa3D
- * documents that don't follow XML, XPointer and XML DSig specifications. 
+ * documents that don't follow XML, XPointer and XML DSig specifications.
  */
-#define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK		0x00000001
+#define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK               0x00000001
 
 /**
  * xmlSecTransformCtx:
- * @userData: 		the pointer to user data (xmlsec and xmlsec-crypto never 
- *			touch this).
- * @flags: 		the bit mask flags to control transforms execution 
- *			(reserved for the future).
- * @flags2: 		the bit mask flags to control transforms execution 
- * 			(reserved for the future).
- * @enabledUris: 	the allowed transform data source uri types.
- * @enabledTransforms: 	the list of enabled transforms; if list is empty (default)
- *			then all registered transforms are enabled.
- * @preExecCallback:	the callback called after preparing transform chain
- *			and right before actual data processing; application
- *			can use this callback to change transforms parameters,
- *			insert additional transforms in the chain or do
- *			additional validation (and abort transform execution 
- *			if needed).
- * @result:		the pointer to transforms result buffer.
- * @status:		the transforms chain processng status.
- * @uri:		the data source URI without xpointer expression.
- * @xptrExpr:		the xpointer expression from data source URI (if any).
- * @first:		the first transform in the chain.
- * @last:		the last transform in the chain.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @userData:           the pointer to user data (xmlsec and xmlsec-crypto never
+ *                      touch this).
+ * @flags:              the bit mask flags to control transforms execution
+ *                      (reserved for the future).
+ * @flags2:             the bit mask flags to control transforms execution
+ *                      (reserved for the future).
+ * @enabledUris:        the allowed transform data source uri types.
+ * @enabledTransforms:  the list of enabled transforms; if list is empty (default)
+ *                      then all registered transforms are enabled.
+ * @preExecCallback:    the callback called after preparing transform chain
+ *                      and right before actual data processing; application
+ *                      can use this callback to change transforms parameters,
+ *                      insert additional transforms in the chain or do
+ *                      additional validation (and abort transform execution
+ *                      if needed).
+ * @result:             the pointer to transforms result buffer.
+ * @status:             the transforms chain processng status.
+ * @uri:                the data source URI without xpointer expression.
+ * @xptrExpr:           the xpointer expression from data source URI (if any).
+ * @first:              the first transform in the chain.
+ * @last:               the last transform in the chain.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The transform execution context.
  */
 struct _xmlSecTransformCtx {
     /* user settings */
-    void*					userData;
-    unsigned int				flags;
-    unsigned int				flags2;
-    xmlSecTransformUriType			enabledUris;
-    xmlSecPtrList				enabledTransforms;
-    xmlSecTransformCtxPreExecuteCallback	preExecCallback;
-    
+    void*                                       userData;
+    unsigned int                                flags;
+    unsigned int                                flags2;
+    xmlSecTransformUriType                      enabledUris;
+    xmlSecPtrList                               enabledTransforms;
+    xmlSecTransformCtxPreExecuteCallback        preExecCallback;
+
     /* results */
-    xmlSecBufferPtr				result;
-    xmlSecTransformStatus			status;
-    xmlChar*					uri;
-    xmlChar*					xptrExpr;
-    xmlSecTransformPtr				first;
-    xmlSecTransformPtr				last;
+    xmlSecBufferPtr                             result;
+    xmlSecTransformStatus                       status;
+    xmlChar*                                    uri;
+    xmlChar*                                    xptrExpr;
+    xmlSecTransformPtr                          first;
+    xmlSecTransformPtr                          last;
 
     /* for the future */
-    void*					reserved0;
-    void*					reserved1;
+    void*                                       reserved0;
+    void*                                       reserved1;
 };
 
-XMLSEC_EXPORT xmlSecTransformCtxPtr	xmlSecTransformCtxCreate    	(void);
-XMLSEC_EXPORT void			xmlSecTransformCtxDestroy   	(xmlSecTransformCtxPtr ctx);
-XMLSEC_EXPORT int 			xmlSecTransformCtxInitialize	(xmlSecTransformCtxPtr ctx);
-XMLSEC_EXPORT void			xmlSecTransformCtxFinalize  	(xmlSecTransformCtxPtr ctx);
-XMLSEC_EXPORT void			xmlSecTransformCtxReset   	(xmlSecTransformCtxPtr ctx);
-XMLSEC_EXPORT int			xmlSecTransformCtxCopyUserPref	(xmlSecTransformCtxPtr dst,
-									 xmlSecTransformCtxPtr src);
-XMLSEC_EXPORT int			xmlSecTransformCtxSetUri	(xmlSecTransformCtxPtr ctx,
-									 const xmlChar* uri,
-									 xmlNodePtr hereNode);
-XMLSEC_EXPORT int 			xmlSecTransformCtxAppend    	(xmlSecTransformCtxPtr ctx,
-									 xmlSecTransformPtr transform);
-XMLSEC_EXPORT int 			xmlSecTransformCtxPrepend	(xmlSecTransformCtxPtr ctx,
-									 xmlSecTransformPtr transform);
-XMLSEC_EXPORT xmlSecTransformPtr	xmlSecTransformCtxCreateAndAppend(xmlSecTransformCtxPtr ctx,
-									 xmlSecTransformId id);
-XMLSEC_EXPORT xmlSecTransformPtr	xmlSecTransformCtxCreateAndPrepend(xmlSecTransformCtxPtr ctx,
-									 xmlSecTransformId id);
-XMLSEC_EXPORT xmlSecTransformPtr 	xmlSecTransformCtxNodeRead	(xmlSecTransformCtxPtr ctx,
-									 xmlNodePtr node,
-									 xmlSecTransformUsage usage);
-XMLSEC_EXPORT int			xmlSecTransformCtxNodesListRead	(xmlSecTransformCtxPtr ctx,
-									 xmlNodePtr node,
-									 xmlSecTransformUsage usage);
-XMLSEC_EXPORT int			xmlSecTransformCtxPrepare	(xmlSecTransformCtxPtr ctx,
-									 xmlSecTransformDataType inputDataType);
-XMLSEC_EXPORT int			xmlSecTransformCtxBinaryExecute	(xmlSecTransformCtxPtr ctx, 
-									 const xmlSecByte* data, 
-									 xmlSecSize dataSize);
-XMLSEC_EXPORT int 			xmlSecTransformCtxUriExecute	(xmlSecTransformCtxPtr ctx, 
-									 const xmlChar* uri);
-XMLSEC_EXPORT int			xmlSecTransformCtxXmlExecute	(xmlSecTransformCtxPtr ctx, 
-									 xmlSecNodeSetPtr nodes);
-XMLSEC_EXPORT int			xmlSecTransformCtxExecute	(xmlSecTransformCtxPtr ctx,
-									 xmlDocPtr doc);
-XMLSEC_EXPORT void			xmlSecTransformCtxDebugDump 	(xmlSecTransformCtxPtr ctx,
-								        FILE* output);
-XMLSEC_EXPORT void			xmlSecTransformCtxDebugXmlDump	(xmlSecTransformCtxPtr ctx,
-									 FILE* output);
-	
+XMLSEC_EXPORT xmlSecTransformCtxPtr     xmlSecTransformCtxCreate        (void);
+XMLSEC_EXPORT void                      xmlSecTransformCtxDestroy       (xmlSecTransformCtxPtr ctx);
+XMLSEC_EXPORT int                       xmlSecTransformCtxInitialize    (xmlSecTransformCtxPtr ctx);
+XMLSEC_EXPORT void                      xmlSecTransformCtxFinalize      (xmlSecTransformCtxPtr ctx);
+XMLSEC_EXPORT void                      xmlSecTransformCtxReset         (xmlSecTransformCtxPtr ctx);
+XMLSEC_EXPORT int                       xmlSecTransformCtxCopyUserPref  (xmlSecTransformCtxPtr dst,
+                                                                         xmlSecTransformCtxPtr src);
+XMLSEC_EXPORT int                       xmlSecTransformCtxSetUri        (xmlSecTransformCtxPtr ctx,
+                                                                         const xmlChar* uri,
+                                                                         xmlNodePtr hereNode);
+XMLSEC_EXPORT int                       xmlSecTransformCtxAppend        (xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecTransformPtr transform);
+XMLSEC_EXPORT int                       xmlSecTransformCtxPrepend       (xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecTransformPtr transform);
+XMLSEC_EXPORT xmlSecTransformPtr        xmlSecTransformCtxCreateAndAppend(xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecTransformId id);
+XMLSEC_EXPORT xmlSecTransformPtr        xmlSecTransformCtxCreateAndPrepend(xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecTransformId id);
+XMLSEC_EXPORT xmlSecTransformPtr        xmlSecTransformCtxNodeRead      (xmlSecTransformCtxPtr ctx,
+                                                                         xmlNodePtr node,
+                                                                         xmlSecTransformUsage usage);
+XMLSEC_EXPORT int                       xmlSecTransformCtxNodesListRead (xmlSecTransformCtxPtr ctx,
+                                                                         xmlNodePtr node,
+                                                                         xmlSecTransformUsage usage);
+XMLSEC_EXPORT int                       xmlSecTransformCtxPrepare       (xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecTransformDataType inputDataType);
+XMLSEC_EXPORT int                       xmlSecTransformCtxBinaryExecute (xmlSecTransformCtxPtr ctx,
+                                                                         const xmlSecByte* data,
+                                                                         xmlSecSize dataSize);
+XMLSEC_EXPORT int                       xmlSecTransformCtxUriExecute    (xmlSecTransformCtxPtr ctx,
+                                                                         const xmlChar* uri);
+XMLSEC_EXPORT int                       xmlSecTransformCtxXmlExecute    (xmlSecTransformCtxPtr ctx,
+                                                                         xmlSecNodeSetPtr nodes);
+XMLSEC_EXPORT int                       xmlSecTransformCtxExecute       (xmlSecTransformCtxPtr ctx,
+                                                                         xmlDocPtr doc);
+XMLSEC_EXPORT void                      xmlSecTransformCtxDebugDump     (xmlSecTransformCtxPtr ctx,
+                                                                        FILE* output);
+XMLSEC_EXPORT void                      xmlSecTransformCtxDebugXmlDump  (xmlSecTransformCtxPtr ctx,
+                                                                         FILE* output);
+
 /**************************************************************************
  *
  * xmlSecTransform
@@ -375,450 +375,438 @@ XMLSEC_EXPORT void			xmlSecTransformCtxDebugXmlDump	(xmlSecTransformCtxPtr ctx,
  *************************************************************************/
 /**
  * xmlSecTransform:
- * @id: 		the transform id (pointer to #xmlSecTransformId).
- * @operation:		the transform's opertaion.
- * @status: 		the current status.
- * @hereNode:		the pointer to transform's <dsig:Transform /> node.
- * @next:		the pointer to next transform in the chain.
- * @prev:		the pointer to previous transform in the chain.
- * @inBuf:		the input binary data buffer.
- * @outBuf:		the output binary data buffer.
- * @inNodes:		the input XML nodes.
- * @outNodes: 		the output XML nodes.
- * @reserved0:		reserved for the future.
- * @reserved1:		reserved for the future.
+ * @id:                 the transform id (pointer to #xmlSecTransformId).
+ * @operation:          the transform's opertaion.
+ * @status:             the current status.
+ * @hereNode:           the pointer to transform's <dsig:Transform /> node.
+ * @next:               the pointer to next transform in the chain.
+ * @prev:               the pointer to previous transform in the chain.
+ * @inBuf:              the input binary data buffer.
+ * @outBuf:             the output binary data buffer.
+ * @inNodes:            the input XML nodes.
+ * @outNodes:           the output XML nodes.
+ * @reserved0:          reserved for the future.
+ * @reserved1:          reserved for the future.
  *
  * The transform structure.
  */
 struct _xmlSecTransform {
-    xmlSecTransformId 			id; 
-    xmlSecTransformOperation		operation;
-    xmlSecTransformStatus		status;
-    xmlNodePtr				hereNode;
+    xmlSecTransformId                   id;
+    xmlSecTransformOperation            operation;
+    xmlSecTransformStatus               status;
+    xmlNodePtr                          hereNode;
 
     /* transforms chain */
-    xmlSecTransformPtr			next;
-    xmlSecTransformPtr			prev;
+    xmlSecTransformPtr                  next;
+    xmlSecTransformPtr                  prev;
 
     /* binary data */
-    xmlSecBuffer			inBuf;
-    xmlSecBuffer			outBuf;
-        
+    xmlSecBuffer                        inBuf;
+    xmlSecBuffer                        outBuf;
+
     /* xml data */
-    xmlSecNodeSetPtr			inNodes;
-    xmlSecNodeSetPtr			outNodes;
+    xmlSecNodeSetPtr                    inNodes;
+    xmlSecNodeSetPtr                    outNodes;
 
-    /* reserved for the future */    
-    void*				reserved0;
-    void*				reserved1;
+    /* reserved for the future */
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
-XMLSEC_EXPORT xmlSecTransformPtr	xmlSecTransformCreate	(xmlSecTransformId id);
-XMLSEC_EXPORT void			xmlSecTransformDestroy	(xmlSecTransformPtr transform);
-XMLSEC_EXPORT xmlSecTransformPtr	xmlSecTransformNodeRead	(xmlNodePtr node, 
-								 xmlSecTransformUsage usage,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformPump	(xmlSecTransformPtr left,
-								 xmlSecTransformPtr right,
-    								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int  			xmlSecTransformSetKey	(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-XMLSEC_EXPORT int  			xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-XMLSEC_EXPORT int  			xmlSecTransformVerify	(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int  			xmlSecTransformVerifyNodeContent(xmlSecTransformPtr transform, 
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT xmlSecTransformDataType	xmlSecTransformGetDataType(xmlSecTransformPtr transform,
-								 xmlSecTransformMode mode,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformPushBin	(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 int final,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformPopBin	(xmlSecTransformPtr transform, 
-								 xmlSecByte* data,
-								 xmlSecSize maxDataSize,
-								 xmlSecSize* dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformPushXml	(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr nodes,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformPopXml	(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr* nodes,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int 			xmlSecTransformExecute	(xmlSecTransformPtr transform, 
-								 int last, 
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT void			xmlSecTransformDebugDump(xmlSecTransformPtr transform,
-								 FILE* output);
-XMLSEC_EXPORT void			xmlSecTransformDebugXmlDump(xmlSecTransformPtr transform,
-								 FILE* output);
+XMLSEC_EXPORT xmlSecTransformPtr        xmlSecTransformCreate   (xmlSecTransformId id);
+XMLSEC_EXPORT void                      xmlSecTransformDestroy  (xmlSecTransformPtr transform);
+XMLSEC_EXPORT xmlSecTransformPtr        xmlSecTransformNodeRead (xmlNodePtr node,
+                                                                 xmlSecTransformUsage usage,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformPump     (xmlSecTransformPtr left,
+                                                                 xmlSecTransformPtr right,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformSetKey   (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+XMLSEC_EXPORT int                       xmlSecTransformSetKeyReq(xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+XMLSEC_EXPORT int                       xmlSecTransformVerify   (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformVerifyNodeContent(xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT xmlSecTransformDataType   xmlSecTransformGetDataType(xmlSecTransformPtr transform,
+                                                                 xmlSecTransformMode mode,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformPushBin  (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 int final,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformPopBin   (xmlSecTransformPtr transform,
+                                                                 xmlSecByte* data,
+                                                                 xmlSecSize maxDataSize,
+                                                                 xmlSecSize* dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformPushXml  (xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformPopXml   (xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr* nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformExecute  (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT void                      xmlSecTransformDebugDump(xmlSecTransformPtr transform,
+                                                                 FILE* output);
+XMLSEC_EXPORT void                      xmlSecTransformDebugXmlDump(xmlSecTransformPtr transform,
+                                                                 FILE* output);
 /**
  * xmlSecTransformGetName:
- * @transform:		the pointer to transform.
+ * @transform:          the pointer to transform.
  *
  * Macro. Returns transform name.
  */
 #define xmlSecTransformGetName(transform) \
-	((xmlSecTransformIsValid((transform))) ? \
-	  xmlSecTransformKlassGetName((transform)->id) : NULL)
+        ((xmlSecTransformIsValid((transform))) ? \
+          xmlSecTransformKlassGetName((transform)->id) : NULL)
 
 /**
  * xmlSecTransformIsValid:
- * @transform: 		the pointer to transform.
+ * @transform:          the pointer to transform.
  *
  * Macro. Returns 1 if the @transform is valid or 0 otherwise.
  */
 #define xmlSecTransformIsValid(transform) \
-	((( transform ) != NULL) && \
-	 (( transform )->id != NULL) && \
-	 (( transform )->id->klassSize >= sizeof(xmlSecTransformKlass)) && \
-	 (( transform )->id->objSize >= sizeof(xmlSecTransform)) && \
-	 (( transform )->id->name != NULL))
- 
-/**
- * xmlSecTransformCheckType:
- * @transform: 		the pointer to transform.
- * @t: 			the transform type.
- *
- * Macro. Returns 1 if the @transform is valid and has specified type @t 
- * or 0 otherwise.
- */
-#define xmlSecTransformCheckType(transform, t) \
- 	(xmlSecTransformIsValid(( transform )) && \
-	((( transform )->id->type) == ( t )))
+        ((( transform ) != NULL) && \
+         (( transform )->id != NULL) && \
+         (( transform )->id->klassSize >= sizeof(xmlSecTransformKlass)) && \
+         (( transform )->id->objSize >= sizeof(xmlSecTransform)) && \
+         (( transform )->id->name != NULL))
 
 /**
  * xmlSecTransformCheckId:
- * @transform:		the pointer to transform.
- * @i:			the transform id.
+ * @transform:          the pointer to transform.
+ * @i:                  the transform id.
  *
- * Macro. Returns 1 if the @transform is valid and has specified id @i 
+ * Macro. Returns 1 if the @transform is valid and has specified id @i
  * or 0 otherwise.
  */
 #define xmlSecTransformCheckId(transform, i) \
- 	(xmlSecTransformIsValid(( transform )) && \
-	((((const xmlSecTransformId) (( transform )->id))) == ( i )))
+        (xmlSecTransformIsValid(( transform )) && \
+        ((((const xmlSecTransformId) (( transform )->id))) == ( i )))
 
 /**
  * xmlSecTransformCheckSize:
- * @transform: 		the pointer to transform.
- * @size: 		the transform object size.
+ * @transform:          the pointer to transform.
+ * @size:               the transform object size.
  *
  * Macro. Returns 1 if the @transform is valid and has at least @size
  * bytes or 0 otherwise.
  */
 #define xmlSecTransformCheckSize(transform, size) \
- 	(xmlSecTransformIsValid(( transform )) && \
-	((( transform )->id->objSize) >= ( size )))
+        (xmlSecTransformIsValid(( transform )) && \
+        ((( transform )->id->objSize) >= ( size )))
 
 
 /************************************************************************
  *
  * Operations on transforms chain
  *
- ************************************************************************/ 
-XMLSEC_EXPORT int			xmlSecTransformConnect	(xmlSecTransformPtr left,
-								 xmlSecTransformPtr right,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT void			xmlSecTransformRemove	(xmlSecTransformPtr transform);
+ ************************************************************************/
+XMLSEC_EXPORT int                       xmlSecTransformConnect  (xmlSecTransformPtr left,
+                                                                 xmlSecTransformPtr right,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT void                      xmlSecTransformRemove   (xmlSecTransformPtr transform);
 
 /************************************************************************
  *
  * Default callbacks, most of the transforms can use them
  *
- ************************************************************************/ 
-XMLSEC_EXPORT xmlSecTransformDataType	xmlSecTransformDefaultGetDataType(xmlSecTransformPtr transform,
-								 xmlSecTransformMode mode,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformDefaultPushBin(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 int final,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform, 
-								 xmlSecByte* data,
-								 xmlSecSize maxDataSize,
-								 xmlSecSize* dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr nodes,
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT int			xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr* nodes,
-								 xmlSecTransformCtxPtr transformCtx);
+ ************************************************************************/
+XMLSEC_EXPORT xmlSecTransformDataType   xmlSecTransformDefaultGetDataType(xmlSecTransformPtr transform,
+                                                                 xmlSecTransformMode mode,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformDefaultPushBin(xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 int final,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform,
+                                                                 xmlSecByte* data,
+                                                                 xmlSecSize maxDataSize,
+                                                                 xmlSecSize* dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT int                       xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr* nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /************************************************************************
  *
  * IO buffers for transforms
  *
- ************************************************************************/ 
-XMLSEC_EXPORT xmlOutputBufferPtr 	xmlSecTransformCreateOutputBuffer(xmlSecTransformPtr transform, 
-								 xmlSecTransformCtxPtr transformCtx);
-XMLSEC_EXPORT xmlParserInputBufferPtr 	xmlSecTransformCreateInputBuffer(xmlSecTransformPtr transform, 
-								 xmlSecTransformCtxPtr transformCtx);
+ ************************************************************************/
+XMLSEC_EXPORT xmlOutputBufferPtr        xmlSecTransformCreateOutputBuffer(xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+XMLSEC_EXPORT xmlParserInputBufferPtr   xmlSecTransformCreateInputBuffer(xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /************************************************************************
  *
  * Transform Klass
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecTransformInitializeMethod:
- * @transform:			the pointer to transform object.
+ * @transform:                  the pointer to transform object.
  *
  * The transform specific initialization method.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int		(*xmlSecTransformInitializeMethod) 	(xmlSecTransformPtr transform);
+typedef int             (*xmlSecTransformInitializeMethod)      (xmlSecTransformPtr transform);
 
 /**
  * xmlSecTransformFinalizeMethod:
- * @transform:			the pointer to transform object.
+ * @transform:                  the pointer to transform object.
  *
  * The transform specific destroy method.
  */
-typedef void 		(*xmlSecTransformFinalizeMethod)	(xmlSecTransformPtr transform);
+typedef void            (*xmlSecTransformFinalizeMethod)        (xmlSecTransformPtr transform);
 
 /**
  * xmlSecTransformGetDataTypeMethod:
- * @transform:			the pointer to transform object.
- * @mode:			the mode.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @mode:                       the mode.
+ * @transformCtx:               the pointer to transform context object.
  *
  * The transform specific method to query information about transform
  * data type in specified mode @mode.
  *
  * Returns: transform data type.
  */
-typedef xmlSecTransformDataType	(*xmlSecTransformGetDataTypeMethod)(xmlSecTransformPtr transform,
-								 xmlSecTransformMode mode,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef xmlSecTransformDataType (*xmlSecTransformGetDataTypeMethod)(xmlSecTransformPtr transform,
+                                                                 xmlSecTransformMode mode,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /**
  * xmlSecTransformNodeReadMethod:
- * @transform:			the pointer to transform object.
- * @node:			the pointer to <dsig:Transform/> node.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @node:                       the pointer to <dsig:Transform/> node.
+ * @transformCtx:               the pointer to transform context object.
  *
- * The transform specific method to read the transform data from 
+ * The transform specific method to read the transform data from
  * the @node.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int 		(*xmlSecTransformNodeReadMethod)	(xmlSecTransformPtr transform,
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformNodeReadMethod)        (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /**
  * xmlSecTransformNodeWriteMethod:
- * @transform:			the pointer to transform object.
- * @node:			the pointer to <dsig:Transform/> node.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @node:                       the pointer to <dsig:Transform/> node.
+ * @transformCtx:               the pointer to transform context object.
  *
  * The transform specific method to write transform information to an XML node @node.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int 		(*xmlSecTransformNodeWriteMethod)	(xmlSecTransformPtr transform,
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformNodeWriteMethod)       (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /**
  * xmlSecTransformSetKeyRequirementsMethod:
- * @transform:			the pointer to transform object.
- * @keyReq:			the pointer to key requirements structure.
+ * @transform:                  the pointer to transform object.
+ * @keyReq:                     the pointer to key requirements structure.
  *
  * Transform specific method to set transform's key requirements.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int  		(*xmlSecTransformSetKeyRequirementsMethod)(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
+typedef int             (*xmlSecTransformSetKeyRequirementsMethod)(xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
 
 /**
  * xmlSecTransformSetKeyMethod:
- * @transform:			the pointer to transform object.
- * @key: 			the pointer to key.
+ * @transform:                  the pointer to transform object.
+ * @key:                        the pointer to key.
  *
  * The transform specific method to set the key for use.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int  		(*xmlSecTransformSetKeyMethod)		(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
+typedef int             (*xmlSecTransformSetKeyMethod)          (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
 
 /**
  * xmlSecTransformVerifyMethod:
- * @transform:			the pointer to transform object.
- * @data:			the input buffer.
- * @dataSize:			the size of input buffer @data.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @data:                       the input buffer.
+ * @dataSize:                   the size of input buffer @data.
+ * @transformCtx:               the pointer to transform context object.
  *
  * The transform specific method to verify transform processing results
  * (used by digest and signature transforms). This method sets @status
  * member of the #xmlSecTransform structure to either #xmlSecTransformStatusOk
  * if verification succeeded or #xmlSecTransformStatusFail otherwise.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int  		(*xmlSecTransformVerifyMethod)		(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformVerifyMethod)          (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 /**
  * xmlSecTransformPushBinMethod:
- * @transform:			the pointer to transform object.
- * @data:			the input binary data,
- * @dataSize:			the input data size.
- * @final:			the flag: if set to 1 then it's the last
- *				data chunk.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @data:                       the input binary data,
+ * @dataSize:                   the input data size.
+ * @final:                      the flag: if set to 1 then it's the last
+ *                              data chunk.
+ * @transformCtx:               the pointer to transform context object.
  *
  * The transform specific method to process data from @data and push
  * result to the next transform in the chain.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int		(*xmlSecTransformPushBinMethod)		(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 int final,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformPushBinMethod)         (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 int final,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 /**
  * xmlSecTransformPopBinMethod:
- * @transform:			the pointer to transform object.
- * @data:			the buffer to store result data.
- * @maxDataSize:		the size of the buffer @data.
- * @dataSize:			the pointer to returned data size.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @data:                       the buffer to store result data.
+ * @maxDataSize:                the size of the buffer @data.
+ * @dataSize:                   the pointer to returned data size.
+ * @transformCtx:               the pointer to transform context object.
  *
- * The transform specific method to pop data from previous transform 
+ * The transform specific method to pop data from previous transform
  * in the chain and return result in the @data buffer. The size of returned
  * data is placed in the @dataSize.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int		(*xmlSecTransformPopBinMethod)		(xmlSecTransformPtr transform, 
-								 xmlSecByte* data,
-								 xmlSecSize maxDataSize,
-								 xmlSecSize* dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformPopBinMethod)          (xmlSecTransformPtr transform,
+                                                                 xmlSecByte* data,
+                                                                 xmlSecSize maxDataSize,
+                                                                 xmlSecSize* dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 /**
  * xmlSecTransformPushXmlMethod:
- * @transform:			the pointer to transform object.
- * @nodes:			the input nodes.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @nodes:                      the input nodes.
+ * @transformCtx:               the pointer to transform context object.
  *
- * The transform specific method to process @nodes and push result to the next 
+ * The transform specific method to process @nodes and push result to the next
  * transform in the chain.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int		(*xmlSecTransformPushXmlMethod)		(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr nodes,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformPushXmlMethod)         (xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 /**
  * xmlSecTransformPopXmlMethod:
- * @transform:			the pointer to transform object.
- * @nodes:			the pointer to store popinter to result nodes.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @nodes:                      the pointer to store popinter to result nodes.
+ * @transformCtx:               the pointer to transform context object.
  *
  * The transform specific method to pop data from previous transform in the chain,
  * process the data and return result in @nodes.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int		(*xmlSecTransformPopXmlMethod)		(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr* nodes,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformPopXmlMethod)          (xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr* nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 /**
  * xmlSecTransformExecuteMethod:
- * @transform:			the pointer to transform object.
- * @last:			the flag: if set to 1 then it's the last data chunk.
- * @transformCtx:		the pointer to transform context object.
+ * @transform:                  the pointer to transform object.
+ * @last:                       the flag: if set to 1 then it's the last data chunk.
+ * @transformCtx:               the pointer to transform context object.
  *
  * Transform specific method to process a chunk of data.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-typedef int  		(*xmlSecTransformExecuteMethod)		(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
+typedef int             (*xmlSecTransformExecuteMethod)         (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 /**
  * xmlSecTransformKlass:
- * @klassSize:			the transform klass structure size.
- * @objSize:			the transform object size.
- * @name:			the transform's name.
- * @href:			the transform's identification string (href).
- * @usage:			the allowed transforms usages.
- * @initialize:			the initialization method.
- * @finalize:			the finmalization (destroy) function.
- * @readNode:			the XML node read method.
- * @writeNode:			the XML node write method.
- * @setKeyReq:			the set key requirements method.
- * @setKey:			the set key method.
- * @verify:			the verify method (for digest and signature transforms).
- * @getDataType:		the input/output data type query method.
- * @pushBin:			the binary data "push thru chain" processing method.
- * @popBin:			the binary data "pop from chain" procesing method.
- * @pushXml:			the XML data "push thru chain" processing method.
- * @popXml:			the XML data "pop from chain" procesing method.
- * @execute:			the low level data processing method used  by default
- *				implementations of @pushBin, @popBin, @pushXml and @popXml.
- * @reserved0:			reserved for the future.
- * @reserved1:			reserved for the future.
- * 
+ * @klassSize:                  the transform klass structure size.
+ * @objSize:                    the transform object size.
+ * @name:                       the transform's name.
+ * @href:                       the transform's identification string (href).
+ * @usage:                      the allowed transforms usages.
+ * @initialize:                 the initialization method.
+ * @finalize:                   the finmalization (destroy) function.
+ * @readNode:                   the XML node read method.
+ * @writeNode:                  the XML node write method.
+ * @setKeyReq:                  the set key requirements method.
+ * @setKey:                     the set key method.
+ * @verify:                     the verify method (for digest and signature transforms).
+ * @getDataType:                the input/output data type query method.
+ * @pushBin:                    the binary data "push thru chain" processing method.
+ * @popBin:                     the binary data "pop from chain" procesing method.
+ * @pushXml:                    the XML data "push thru chain" processing method.
+ * @popXml:                     the XML data "pop from chain" procesing method.
+ * @execute:                    the low level data processing method used  by default
+ *                              implementations of @pushBin, @popBin, @pushXml and @popXml.
+ * @reserved0:                  reserved for the future.
+ * @reserved1:                  reserved for the future.
+ *
  * The transform klass desccription structure.
  */
 struct _xmlSecTransformKlass {
     /* data */
-    xmlSecSize				klassSize;
-    xmlSecSize				objSize;
-    const xmlChar*			name;
-    const xmlChar*			href;
-    xmlSecTransformUsage		usage;
+    xmlSecSize                          klassSize;
+    xmlSecSize                          objSize;
+    const xmlChar*                      name;
+    const xmlChar*                      href;
+    xmlSecTransformUsage                usage;
 
     /* methods */
-    xmlSecTransformInitializeMethod	initialize;
-    xmlSecTransformFinalizeMethod	finalize;
-
-    xmlSecTransformNodeReadMethod	readNode;
-    xmlSecTransformNodeWriteMethod	writeNode;
-
-    xmlSecTransformSetKeyRequirementsMethod	setKeyReq;
-    xmlSecTransformSetKeyMethod		setKey;
-    xmlSecTransformVerifyMethod		verify;
-    xmlSecTransformGetDataTypeMethod	getDataType;
-
-    xmlSecTransformPushBinMethod	pushBin;
-    xmlSecTransformPopBinMethod		popBin;
-    xmlSecTransformPushXmlMethod	pushXml;
-    xmlSecTransformPopXmlMethod		popXml;
-    
+    xmlSecTransformInitializeMethod     initialize;
+    xmlSecTransformFinalizeMethod       finalize;
+
+    xmlSecTransformNodeReadMethod       readNode;
+    xmlSecTransformNodeWriteMethod      writeNode;
+
+    xmlSecTransformSetKeyRequirementsMethod     setKeyReq;
+    xmlSecTransformSetKeyMethod         setKey;
+    xmlSecTransformVerifyMethod         verify;
+    xmlSecTransformGetDataTypeMethod    getDataType;
+
+    xmlSecTransformPushBinMethod        pushBin;
+    xmlSecTransformPopBinMethod         popBin;
+    xmlSecTransformPushXmlMethod        pushXml;
+    xmlSecTransformPopXmlMethod         popXml;
+
     /* low level method */
-    xmlSecTransformExecuteMethod	execute;
+    xmlSecTransformExecuteMethod        execute;
 
-    /* reserved for future */ 
-    void* 				reserved0;
-    void* 				reserved1;
+    /* reserved for future */
+    void*                               reserved0;
+    void*                               reserved1;
 };
 
 /**
  * xmlSecTransformKlassGetName:
- * @klass: 		the transofrm's klass.
+ * @klass:              the transofrm's klass.
  *
  * Macro. Returns transform klass name.
  */
 #define xmlSecTransformKlassGetName(klass) \
-	(((klass)) ? ((klass)->name) : NULL)
+        (((klass)) ? ((klass)->name) : NULL)
 
 /***********************************************************************
  *
@@ -830,23 +818,23 @@ struct _xmlSecTransformKlass {
  *
  * Transform klasses list klass.
  */
-#define xmlSecTransformIdListId	xmlSecTransformIdListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecTransformIdListGetKlass	(void);
-XMLSEC_EXPORT int		xmlSecTransformIdListFind	(xmlSecPtrListPtr list,
-								 xmlSecTransformId transformId);
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformIdListFindByHref	(xmlSecPtrListPtr list,
-								 const xmlChar* href,
-								 xmlSecTransformUsage usage);
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformIdListFindByName	(xmlSecPtrListPtr list,
-								 const xmlChar* name,
-								 xmlSecTransformUsage usage);
-XMLSEC_EXPORT void		xmlSecTransformIdListDebugDump	(xmlSecPtrListPtr list,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list,
-								 FILE* output);
+#define xmlSecTransformIdListId xmlSecTransformIdListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecTransformIdListGetKlass   (void);
+XMLSEC_EXPORT int               xmlSecTransformIdListFind       (xmlSecPtrListPtr list,
+                                                                 xmlSecTransformId transformId);
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformIdListFindByHref (xmlSecPtrListPtr list,
+                                                                 const xmlChar* href,
+                                                                 xmlSecTransformUsage usage);
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformIdListFindByName (xmlSecPtrListPtr list,
+                                                                 const xmlChar* name,
+                                                                 xmlSecTransformUsage usage);
+XMLSEC_EXPORT void              xmlSecTransformIdListDebugDump  (xmlSecPtrListPtr list,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list,
+                                                                 FILE* output);
 
 
-/******************************************************************** 
+/********************************************************************
  *
  * XML Sec Library Transform Ids
  *
@@ -856,144 +844,147 @@ XMLSEC_EXPORT void		xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list,
  *
  * The "unknown" transform id (NULL).
  */
-#define xmlSecTransformIdUnknown			((xmlSecTransformId)NULL)
+#define xmlSecTransformIdUnknown                        ((xmlSecTransformId)NULL)
 
 /**
  * xmlSecTransformBase64Id:
  *
  * The base64 encode transform klass.
- */ 
+ */
 #define xmlSecTransformBase64Id \
-	xmlSecTransformBase64GetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformBase64GetKlass		(void);
-XMLSEC_EXPORT void 		xmlSecTransformBase64SetLineSize	(xmlSecTransformPtr transform,
-									 xmlSecSize lineSize);
+        xmlSecTransformBase64GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformBase64GetKlass           (void);
+XMLSEC_EXPORT void              xmlSecTransformBase64SetLineSize        (xmlSecTransformPtr transform,
+                                                                         xmlSecSize lineSize);
 /**
  * xmlSecTransformInclC14NId:
- * 
+ *
  * The regular (inclusive) C14N without comments transform klass.
  */
 #define xmlSecTransformInclC14NId \
-	xmlSecTransformInclC14NGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformInclC14NGetKlass		(void);
+        xmlSecTransformInclC14NGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14NGetKlass         (void);
 
 /**
  * xmlSecTransformInclC14NWithCommentsId:
- * 
+ *
  * The regular (inclusive) C14N with comments transform klass.
  */
 #define xmlSecTransformInclC14NWithCommentsId \
-	xmlSecTransformInclC14NWithCommentsGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformInclC14NWithCommentsGetKlass(void);
+        xmlSecTransformInclC14NWithCommentsGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14NWithCommentsGetKlass(void);
 
 /**
  * xmlSecTransformInclC14N11Id:
- * 
+ *
  * The regular (inclusive) C14N 1.1 without comments transform klass.
  */
 #define xmlSecTransformInclC14N11Id \
-	xmlSecTransformInclC14N11GetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformInclC14N11GetKlass	(void);
+        xmlSecTransformInclC14N11GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14N11GetKlass       (void);
 
 /**
  * xmlSecTransformInclC14N11WithCommentsId:
- * 
+ *
  * The regular (inclusive) C14N 1.1 with comments transform klass.
  */
 #define xmlSecTransformInclC14N11WithCommentsId \
-	xmlSecTransformInclC14N11WithCommentsGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformInclC14N11WithCommentsGetKlass(void);
+        xmlSecTransformInclC14N11WithCommentsGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformInclC14N11WithCommentsGetKlass(void);
 
 /**
  * xmlSecTransformExclC14NId
- * 
+ *
  * The exclusive C14N without comments transform klass.
  */
 #define xmlSecTransformExclC14NId \
-	xmlSecTransformExclC14NGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformExclC14NGetKlass		(void);
+        xmlSecTransformExclC14NGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformExclC14NGetKlass         (void);
 
 /**
  * xmlSecTransformExclC14NWithCommentsId:
- * 
+ *
  * The exclusive C14N with comments transform klass.
  */
 #define xmlSecTransformExclC14NWithCommentsId \
-	xmlSecTransformExclC14NWithCommentsGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformExclC14NWithCommentsGetKlass(void);
+        xmlSecTransformExclC14NWithCommentsGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformExclC14NWithCommentsGetKlass(void);
 
 /**
  * xmlSecTransformEnvelopedId:
- * 
+ *
  * The "enveloped" transform klass.
  */
 #define xmlSecTransformEnvelopedId \
-	xmlSecTransformEnvelopedGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformEnvelopedGetKlass	(void);
+        xmlSecTransformEnvelopedGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformEnvelopedGetKlass        (void);
 
 /**
  * xmlSecTransformXPathId:
- * 
+ *
  * The XPath transform klass.
  */
 #define xmlSecTransformXPathId \
-	xmlSecTransformXPathGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformXPathGetKlass		(void);
+        xmlSecTransformXPathGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPathGetKlass            (void);
 
 /**
  * xmlSecTransformXPath2Id:
- * 
+ *
  * The XPath2 transform klass.
  */
 #define xmlSecTransformXPath2Id \
-	xmlSecTransformXPath2GetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformXPath2GetKlass		(void);
+        xmlSecTransformXPath2GetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPath2GetKlass           (void);
 
 /**
  * xmlSecTransformXPointerId:
- * 
+ *
  * The XPointer transform klass.
  */
 #define xmlSecTransformXPointerId \
-	xmlSecTransformXPointerGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformXPointerGetKlass		(void);
-XMLSEC_EXPORT int		xmlSecTransformXPointerSetExpr		(xmlSecTransformPtr transform,
-									 const xmlChar* expr,
-									 xmlSecNodeSetType nodeSetType,
-									 xmlNodePtr hereNode);
+        xmlSecTransformXPointerGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXPointerGetKlass         (void);
+XMLSEC_EXPORT int               xmlSecTransformXPointerSetExpr          (xmlSecTransformPtr transform,
+                                                                         const xmlChar* expr,
+                                                                         xmlSecNodeSetType nodeSetType,
+                                                                         xmlNodePtr hereNode);
 #ifndef XMLSEC_NO_XSLT
+#include <libxslt/security.h>
+
 /**
  * xmlSecTransformXsltId:
- * 
+ *
  * The XSLT transform klass.
  */
 #define xmlSecTransformXsltId \
-	xmlSecTransformXsltGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformXsltGetKlass		(void);
+        xmlSecTransformXsltGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformXsltGetKlass             (void);
+XMLSEC_EXPORT void              xmlSecTransformXsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec);
 #endif /* XMLSEC_NO_XSLT */
 
 /**
  * xmlSecTransformRemoveXmlTagsC14NId:
- * 
+ *
  * The "remove all xml tags" transform klass (used before base64 transforms).
  */
 #define xmlSecTransformRemoveXmlTagsC14NId \
-	xmlSecTransformRemoveXmlTagsC14NGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformRemoveXmlTagsC14NGetKlass(void);
+        xmlSecTransformRemoveXmlTagsC14NGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformRemoveXmlTagsC14NGetKlass(void);
 
 /**
  * xmlSecTransformVisa3DHackId:
  *
- * Selects node subtree by given node id string. The only reason why we need this 
- * is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows 
- * invalid XPointer expressions in the URI attribute. Since we couldn't evaluate 
+ * Selects node subtree by given node id string. The only reason why we need this
+ * is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
+ * invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
  * such expressions thru XPath/XPointer engine, we need to have this hack here.
  */
 #define xmlSecTransformVisa3DHackId \
-	xmlSecTransformVisa3DHackGetKlass()
-XMLSEC_EXPORT xmlSecTransformId	xmlSecTransformVisa3DHackGetKlass	(void);
-XMLSEC_EXPORT int		xmlSecTransformVisa3DHackSetID		(xmlSecTransformPtr transform,
-									 const xmlChar* id);
+        xmlSecTransformVisa3DHackGetKlass()
+XMLSEC_EXPORT xmlSecTransformId xmlSecTransformVisa3DHackGetKlass       (void);
+XMLSEC_EXPORT int               xmlSecTransformVisa3DHackSetID          (xmlSecTransformPtr transform,
+                                                                         const xmlChar* id);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/version.h b/include/xmlsec/version.h
index 48c9b47b..f94a6c53 100644
--- a/include/xmlsec/version.h
+++ b/include/xmlsec/version.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Version information
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_VERSION_H__
-#define __XMLSEC_VERSION_H__    
+#define __XMLSEC_VERSION_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 /**
  * XMLSEC_VERSION:
@@ -21,7 +21,7 @@ extern "C" {
  * The library version string in the format
  * "<major-number>.<minor-number>.<sub-minor-number>".
  */
-#define XMLSEC_VERSION			"1.2.14"
+#define XMLSEC_VERSION			"1.2.19"
 
 /**
  * XMLSEC_VERSION_MAJOR:
@@ -42,7 +42,7 @@ extern "C" {
  *
  * The library sub-minor version number.
  */
-#define XMLSEC_VERSION_SUBMINOR		14
+#define XMLSEC_VERSION_SUBMINOR		19
 
 /**
  * XMLSEC_VERSION_INFO:
@@ -50,7 +50,7 @@ extern "C" {
  * The library version info string in the format
  * "<major-number>+<minor-number>:<sub-minor-number>:<minor-number>".
  */
-#define XMLSEC_VERSION_INFO		"3:14:2"
+#define XMLSEC_VERSION_INFO		"3:19:2"
 
 
 #ifdef __cplusplus
diff --git a/include/xmlsec/version.h.in b/include/xmlsec/version.h.in
index 28cc3189..16bbafa0 100644
--- a/include/xmlsec/version.h.in
+++ b/include/xmlsec/version.h.in
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Version information
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_VERSION_H__
-#define __XMLSEC_VERSION_H__    
+#define __XMLSEC_VERSION_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 /**
  * XMLSEC_VERSION:
diff --git a/include/xmlsec/x509.h b/include/xmlsec/x509.h
index b2114822..e58f37c0 100644
--- a/include/xmlsec/x509.h
+++ b/include/xmlsec/x509.h
@@ -1,23 +1,23 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_X509_H__
-#define __XMLSEC_X509_H__    
+#define __XMLSEC_X509_H__
 
 #ifndef XMLSEC_NO_X509
-	
+
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
-#include <stdio.h>		
+#endif /* __cplusplus */
+#include <stdio.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -32,43 +32,43 @@ extern "C" {
  *
  * <dsig:X509Certificate/> node found or would be written back.
  */
-#define XMLSEC_X509DATA_CERTIFICATE_NODE			0x00000001
+#define XMLSEC_X509DATA_CERTIFICATE_NODE                        0x00000001
 /**
  * XMLSEC_X509DATA_SUBJECTNAME_NODE:
  *
  * <dsig:X509SubjectName/> node found or would be written back.
  */
-#define XMLSEC_X509DATA_SUBJECTNAME_NODE			0x00000002
+#define XMLSEC_X509DATA_SUBJECTNAME_NODE                        0x00000002
 /**
  * XMLSEC_X509DATA_ISSUERSERIAL_NODE:
  *
  * <dsig:X509IssuerSerial/> node found or would be written back.
  */
-#define XMLSEC_X509DATA_ISSUERSERIAL_NODE			0x00000004
+#define XMLSEC_X509DATA_ISSUERSERIAL_NODE                       0x00000004
 /**
  * XMLSEC_X509DATA_SKI_NODE:
  *
  * <dsig:/X509SKI> node found or would be written back.
  */
-#define XMLSEC_X509DATA_SKI_NODE				0x00000008
+#define XMLSEC_X509DATA_SKI_NODE                                0x00000008
 /**
  * XMLSEC_X509DATA_CRL_NODE:
  *
  * <dsig:X509CRL/> node found or would be written back.
  */
-#define XMLSEC_X509DATA_CRL_NODE				0x00000010
+#define XMLSEC_X509DATA_CRL_NODE                                0x00000010
 /**
  * XMLSEC_X509DATA_DEFAULT:
  *
  * Default set of nodes to write in case of empty
  * <dsig:X509Data/> node template.
  */
-#define XMLSEC_X509DATA_DEFAULT	\
-	(XMLSEC_X509DATA_CERTIFICATE_NODE | XMLSEC_X509DATA_CRL_NODE)
-	    
-XMLSEC_EXPORT int		xmlSecX509DataGetNodeContent 	(xmlNodePtr node, 
-								 int deleteChildren,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+#define XMLSEC_X509DATA_DEFAULT \
+        (XMLSEC_X509DATA_CERTIFICATE_NODE | XMLSEC_X509DATA_CRL_NODE)
+
+XMLSEC_EXPORT int               xmlSecX509DataGetNodeContent    (xmlNodePtr node,
+                                                                 int deleteChildren,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/xkms.h b/include/xmlsec/xkms.h
index 5b196578..8035035e 100644
--- a/include/xmlsec/xkms.h
+++ b/include/xmlsec/xkms.h
@@ -1,26 +1,26 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Key Management Specification v 2.0" implementation
  *  http://www.w3.org/TR/xkms2/
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_XKMS_H__
-#define __XMLSEC_XKMS_H__    
+#define __XMLSEC_XKMS_H__
 
 #ifndef XMLSEC_NO_XKMS
-	
+
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
-#include <stdio.h>		
+#endif /* __cplusplus */
+#include <stdio.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -35,33 +35,33 @@ extern "C" {
  * Forward declarations. These internal xmlsec library structures are
  * declared in "xmlsec/private/xkms.h" file.
  *
- ************************************************************************/ 
-typedef struct _xmlSecXkmsRespondWithKlass	xmlSecXkmsRespondWithKlass, 
-						*xmlSecXkmsRespondWithId;
+ ************************************************************************/
+typedef struct _xmlSecXkmsRespondWithKlass      xmlSecXkmsRespondWithKlass,
+                                                *xmlSecXkmsRespondWithId;
 
-typedef struct _xmlSecXkmsServerRequestKlass	xmlSecXkmsServerRequestKlass, 
-						*xmlSecXkmsServerRequestId;
+typedef struct _xmlSecXkmsServerRequestKlass    xmlSecXkmsServerRequestKlass,
+                                                *xmlSecXkmsServerRequestId;
 
 
 /**
  * xmlSecXkmsResultMajor:
  * @xmlSecXkmsResultMajorSuccess:               The operation succeeded.
- * @xmlSecXkmsResultMajorVersionMismatch:       The service does not support 
- *                                              the protocol version specified 
+ * @xmlSecXkmsResultMajorVersionMismatch:       The service does not support
+ *                                              the protocol version specified
  *                                              in the request.
  * @xmlSecXkmsResultMajorSender:                An error occurred that was due
  *                                              to the message sent by the sender.
  * @xmlSecXkmsResultMajorReceiver:              An error occurred at the receiver.
- * @xmlSecXkmsResultMajorRepresent:             The service has not acted on the 
+ * @xmlSecXkmsResultMajorRepresent:             The service has not acted on the
  *                                              request. In order for the request
- *                                              to be acted upon the request MUST 
+ *                                              to be acted upon the request MUST
  *                                              be represented with the specified
  *                                              nonce in accordance with the two
  *                                              phase protocol.
- * @xmlSecXkmsResultMajorPending:               The request has been accepted 
- *                                              for processing and the service 
+ * @xmlSecXkmsResultMajorPending:               The request has been accepted
+ *                                              for processing and the service
  *                                              will return the result asynchronously.
- * 
+ *
  * The values for ResultMajor attribute.
  */
 typedef enum {
@@ -76,34 +76,34 @@ typedef enum {
 /**
  * xmlSecXkmsResultMinor:
  * @xmlSecXkmsResultMinorNone:                  No minor result code available.
- * @xmlSecXkmsResultMinorNoMatch:               No match was found for the search 
+ * @xmlSecXkmsResultMinorNoMatch:               No match was found for the search
  *                                              prototype provided.
- * @xmlSecXkmsResultMinorTooManyResponses:      The request resulted in the 
- *                                              number of responses that 
- *                                              exceeded either the ResponseLimit 
- *                                              value specified in the request or 
- *                                              some other limit determined by 
- *                                              the service. The service MAY 
- *                                              either return a subset of the 
+ * @xmlSecXkmsResultMinorTooManyResponses:      The request resulted in the
+ *                                              number of responses that
+ *                                              exceeded either the ResponseLimit
+ *                                              value specified in the request or
+ *                                              some other limit determined by
+ *                                              the service. The service MAY
+ *                                              either return a subset of the
  *                                              possible responses or none at all.
- * @xmlSecXkmsResultMinorIncomplete:            Only part of the information 
+ * @xmlSecXkmsResultMinorIncomplete:            Only part of the information
  *                                              requested could be provided.
- * @xmlSecXkmsResultMinorFailure:               The service attempted to perform 
- *                                              the request but the operation 
+ * @xmlSecXkmsResultMinorFailure:               The service attempted to perform
+ *                                              the request but the operation
  *                                              failed for unspecified reasons.
- * @xmlSecXkmsResultMinorRefused:               The operation was refused. The 
- *                                              service did not attempt to 
+ * @xmlSecXkmsResultMinorRefused:               The operation was refused. The
+ *                                              service did not attempt to
  *                                              perform the request.
- * @xmlSecXkmsResultMinorNoAuthentication:      The operation was refused 
- *                                              because the necessary authentication 
+ * @xmlSecXkmsResultMinorNoAuthentication:      The operation was refused
+ *                                              because the necessary authentication
  *                                              information was incorrect or missing.
- * @xmlSecXkmsResultMinorMessageNotSupported:   The receiver does not implement 
+ * @xmlSecXkmsResultMinorMessageNotSupported:   The receiver does not implement
  *                                              the specified operation.
- * @xmlSecXkmsResultMinorUnknownResponseId:     The ResponseId for which pending 
- *                                              status was requested is unknown to 
+ * @xmlSecXkmsResultMinorUnknownResponseId:     The ResponseId for which pending
+ *                                              status was requested is unknown to
  *                                              the service.
- * @xmlSecXkmsResultMinorSynchronous:           The receiver does not support 
- *                                              synchronous processing of this 
+ * @xmlSecXkmsResultMinorSynchronous:           The receiver does not support
+ *                                              synchronous processing of this
  *                                              type of request.
  *
  * The values for ResultMinor attribute.
@@ -121,7 +121,7 @@ typedef enum {
     xmlSecXkmsResultMinorSynchronous
 } xmlSecXkmsResultMinor;
 
-/** 
+/**
  * xmlSecXkmsKeyBindingStatus:
  * @xmlSecXkmsKeyBindingStatusNone:             The key status is not available.
  * @xmlSecXkmsKeyBindingStatusValid:            The key is valid.
@@ -129,7 +129,7 @@ typedef enum {
  * @xmlSecXkmsKeyBindingStatusIndeterminate:    Could not determine key status.
  *
  * The values for key binding StatusValue attribute.
- */ 
+ */
 typedef enum {
     xmlSecXkmsKeyBindingStatusNone,
     xmlSecXkmsKeyBindingStatusValid,
@@ -161,290 +161,290 @@ XMLSEC_EXPORT const xmlChar*     xmlSecXkmsServerFormatToString (xmlSecXkmsServe
  *
  * XKMS requests server side processing klass
  *
- ************************************************************************/ 
-/** 
+ ************************************************************************/
+/**
  * xmlSecXkmsServerCtx:
- * @userData:			the pointer to user data (xmlsec and xmlsec-crypto libraries
- *				never touches this).
- * @flags:			the XML Encryption processing flags.
- * @flags2:			the XML Encryption processing flags.
- * @keyInfoReadCtx:		the reading key context.
- * @keyInfoWriteCtx:		the writing key context (not used for signature verification).
- * @reserved0:			reserved for the future.
- * @reserved1:			reserved for the future.
- * 
+ * @userData:                   the pointer to user data (xmlsec and xmlsec-crypto libraries
+ *                              never touches this).
+ * @flags:                      the XML Encryption processing flags.
+ * @flags2:                     the XML Encryption processing flags.
+ * @keyInfoReadCtx:             the reading key context.
+ * @keyInfoWriteCtx:            the writing key context (not used for signature verification).
+ * @reserved0:                  reserved for the future.
+ * @reserved1:                  reserved for the future.
+ *
  * XKMS context.
  */
 struct _xmlSecXkmsServerCtx {
     /* these data user can set before performing the operation */
-    void*			userData;
-    xmlSecBitMask		flags;
-    xmlSecBitMask		flags2;    
-    xmlSecKeyInfoCtx		keyInfoReadCtx;
-    xmlSecKeyInfoCtx		keyInfoWriteCtx;
-    xmlSecPtrList		enabledRespondWithIds;
-    xmlSecPtrList		enabledServerRequestIds;
-    xmlChar* 			expectedService;
-    xmlChar*			idPrefix;
-    xmlSecSize			idLen;
-        
+    void*                       userData;
+    xmlSecBitMask               flags;
+    xmlSecBitMask               flags2;
+    xmlSecKeyInfoCtx            keyInfoReadCtx;
+    xmlSecKeyInfoCtx            keyInfoWriteCtx;
+    xmlSecPtrList               enabledRespondWithIds;
+    xmlSecPtrList               enabledServerRequestIds;
+    xmlChar*                    expectedService;
+    xmlChar*                    idPrefix;
+    xmlSecSize                  idLen;
+
     /* these data are returned */
-    xmlSecPtrList		keys;
-    xmlSecXkmsResultMajor	resultMajor;
-    xmlSecXkmsResultMinor	resultMinor;
-    xmlSecXkmsServerRequestId	requestId;
-    xmlChar*			id;    
-    xmlChar*			service;
-    xmlChar*			nonce;
-    xmlChar*			originalRequestId;
+    xmlSecPtrList               keys;
+    xmlSecXkmsResultMajor       resultMajor;
+    xmlSecXkmsResultMinor       resultMinor;
+    xmlSecXkmsServerRequestId   requestId;
+    xmlChar*                    id;
+    xmlChar*                    service;
+    xmlChar*                    nonce;
+    xmlChar*                    originalRequestId;
     xmlChar*                    pendingNotificationMechanism;
     xmlChar*                    pendingNotificationIdentifier;
-    int 			responseLimit;
-    xmlSecBitMask		responseMechanismMask;
-    xmlSecPtrListPtr		compoundRequestContexts;
+    int                         responseLimit;
+    xmlSecBitMask               responseMechanismMask;
+    xmlSecPtrListPtr            compoundRequestContexts;
 
     /* these are internal data, nobody should change that except us */
-    xmlNodePtr			requestNode;
-    xmlNodePtr			opaqueClientDataNode;
-    xmlNodePtr 			firtsMsgExtNode;
-    xmlNodePtr 			keyInfoNode;
-    xmlSecPtrList		respWithList;
-    
+    xmlNodePtr                  requestNode;
+    xmlNodePtr                  opaqueClientDataNode;
+    xmlNodePtr                  firtsMsgExtNode;
+    xmlNodePtr                  keyInfoNode;
+    xmlSecPtrList               respWithList;
+
     /* reserved for future */
-    void*			reserved0;
-    void*			reserved1;
+    void*                       reserved0;
+    void*                       reserved1;
 };
 
 XMLSEC_EXPORT xmlSecXkmsServerCtxPtr xmlSecXkmsServerCtxCreate  (xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void 		xmlSecXkmsServerCtxDestroy	(xmlSecXkmsServerCtxPtr ctx);
-XMLSEC_EXPORT int		xmlSecXkmsServerCtxInitialize	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void		xmlSecXkmsServerCtxFinalize	(xmlSecXkmsServerCtxPtr ctx);
-XMLSEC_EXPORT void		xmlSecXkmsServerCtxReset	(xmlSecXkmsServerCtxPtr ctx);
-XMLSEC_EXPORT int		xmlSecXkmsServerCtxCopyUserPref (xmlSecXkmsServerCtxPtr dst,
-								 xmlSecXkmsServerCtxPtr src);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerCtxProcess	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node,
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxDestroy      (xmlSecXkmsServerCtxPtr ctx);
+XMLSEC_EXPORT int               xmlSecXkmsServerCtxInitialize   (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxFinalize     (xmlSecXkmsServerCtxPtr ctx);
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxReset        (xmlSecXkmsServerCtxPtr ctx);
+XMLSEC_EXPORT int               xmlSecXkmsServerCtxCopyUserPref (xmlSecXkmsServerCtxPtr dst,
+                                                                 xmlSecXkmsServerCtxPtr src);
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerCtxProcess      (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
                                                                  xmlSecXkmsServerFormat format,
-			    					 xmlDocPtr doc);
-XMLSEC_EXPORT int		xmlSecXkmsServerCtxRequestRead	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx,
-			    					 xmlDocPtr doc);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node,
+                                                                 xmlDocPtr doc);
+XMLSEC_EXPORT int               xmlSecXkmsServerCtxRequestRead  (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlDocPtr doc);
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
                                                                  xmlSecXkmsServerFormat format);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerCtxResponseWrap (xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node,
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerCtxResponseWrap (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
                                                                  xmlSecXkmsServerFormat format,
                                                                  xmlDocPtr doc);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerCtxFatalErrorResponseCreate 
-								(xmlSecXkmsServerCtxPtr ctx,
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerCtxFatalErrorResponseCreate
+                                                                (xmlSecXkmsServerCtxPtr ctx,
                                                                  xmlSecXkmsServerFormat format,
                                                                  xmlDocPtr doc);
-XMLSEC_EXPORT void		xmlSecXkmsServerCtxSetResult	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlSecXkmsResultMajor resultMajor,
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxSetResult    (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlSecXkmsResultMajor resultMajor,
                                                                  xmlSecXkmsResultMinor resultMinor);
-XMLSEC_EXPORT void		xmlSecXkmsServerCtxDebugDump	(xmlSecXkmsServerCtxPtr ctx,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecXkmsServerCtxDebugXmlDump (xmlSecXkmsServerCtxPtr ctx,
-								 FILE* output);
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxDebugDump    (xmlSecXkmsServerCtxPtr ctx,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecXkmsServerCtxDebugXmlDump (xmlSecXkmsServerCtxPtr ctx,
+                                                                 FILE* output);
 
 /************************************************************************
  *
  * xmlSecXkmsServerCtxPtr list
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecXkmsServerCtxPtrListId:
  *
  * zmlSecXkmsServerCtx klasses list klass.
  */
-#define xmlSecXkmsServerCtxPtrListId	xmlSecXkmsServerCtxPtrListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecXkmsServerCtxPtrListGetKlass
+#define xmlSecXkmsServerCtxPtrListId    xmlSecXkmsServerCtxPtrListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecXkmsServerCtxPtrListGetKlass
                                                                 (void);
 
 /************************************************************************
  *
  * xmlSecXkmsServerCtxFlags
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM
  *
- * If flag is set then we abort if an unknown <xkms:ResponseMechanism/> 
+ * If flag is set then we abort if an unknown <xkms:ResponseMechanism/>
  * value is found.
  */
-#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM	0x00000001
+#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM     0x00000001
 
 /**
  * XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH
  *
- * If flag is set then we abort if an unknown <xkms:RespondWith/> 
+ * If flag is set then we abort if an unknown <xkms:RespondWith/>
  * value is found.
  */
-#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH		0x00000002
+#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH           0x00000002
 
 /**
  * XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE
  *
- * If flag is set then we abort if an unknown <xkms:KeyUsage/> 
+ * If flag is set then we abort if an unknown <xkms:KeyUsage/>
  * value is found.
  */
-#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE		0x00000004
+#define XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE              0x00000004
 
 /************************************************************************
  *
  * XKMS ResponseMechanism element values.
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT:
  *
- * XKMS ResponseMechanism element value. The requestor is prepared to 
- * accept a response that uses asynchronous processing, i.e. the service 
+ * XKMS ResponseMechanism element value. The requestor is prepared to
+ * accept a response that uses asynchronous processing, i.e. the service
  * MAY return the MajorResult code Pending.
  */
-#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING			0x00000001	
+#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING                     0x00000001
 
 /**
  * XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT:
  *
- * XKMS ResponseMechanism element value. The requestor is prepared to 
- * accept a response that uses the two phase protocol, i.e. the service 
+ * XKMS ResponseMechanism element value. The requestor is prepared to
+ * accept a response that uses the two phase protocol, i.e. the service
  * MAY return the MajorResult code Represent.
  */
-#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT			0x00000002
+#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT                   0x00000002
 
 /**
  * XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE:
  *
- * XKMS ResponseMechanism element value. The requestor is prepared to 
+ * XKMS ResponseMechanism element value. The requestor is prepared to
  * accept a response that carries a <RequestSignatureValue> element.
  */
-#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE	0x00000004
+#define XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE     0x00000004
 
 /************************************************************************
  *
  * XKMS ResponseLimit element values
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * XMLSEC_XKMS_NO_RESPONSE_LIMIT:
  *
  * The ResponseLimit is not specified.
  */
-#define XMLSEC_XKMS_NO_RESPONSE_LIMIT			        -1
+#define XMLSEC_XKMS_NO_RESPONSE_LIMIT                           -1
 
 
 /************************************************************************
  *
  * XKMS KeyBinding reason values
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * XMLSEC_XKMS_KEY_BINDING_REASON_MASK_ISSUER_TRAST:
  *
- * The issuer of the information on which the key binding is based is 
+ * The issuer of the information on which the key binding is based is
  * considered to be trustworthy by the XKMS service.
  *
  * X.509 Equivalents
- *   - Valid:	Certificate path anchored by trusted root successfully constructed.
- *   - Invalid:	Certificate path could not be constructed to a trusted root.
+ *   - Valid:   Certificate path anchored by trusted root successfully constructed.
+ *   - Invalid: Certificate path could not be constructed to a trusted root.
  */
-#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_ISSUER_TRAST	0x00000001
+#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_ISSUER_TRAST        0x00000001
 
 /**
  * XMLSEC_XKMS_KEY_BINDING_REASON_MASK_REVOCATION_STATUS:
  *
- * The XKMS service has affirmatively verified the status of the 
+ * The XKMS service has affirmatively verified the status of the
  * key binding with an authoritative source
  *
  * X.509 Equivalents
- *   - Valid:	Certificate status validated using CRL or OCSP.
- *   - Invalid:	Certificate status returned revoked or suspended.
+ *   - Valid:   Certificate status validated using CRL or OCSP.
+ *   - Invalid: Certificate status returned revoked or suspended.
  */
-#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_REVOCATION_STATUS	0x00000002
+#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_REVOCATION_STATUS   0x00000002
 
 /**
  * XMLSEC_XKMS_KEY_BINDING_REASON_MASK_VALIDITY_INTERVAL:
  *
- * The requested time instant was within the validity interval of 
+ * The requested time instant was within the validity interval of
  * the key binding
  *
  * X.509 Equivalents
- *   - Valid:	The certificate chain was valid at the requested time instant.
- *   - Invalid:	The requested time instant was before or after the certificate 
+ *   - Valid:   The certificate chain was valid at the requested time instant.
+ *   - Invalid: The requested time instant was before or after the certificate
  *              chain validity interval.
  */
-#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_VALIDITY_INTERVAL	 0x00000004
+#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_VALIDITY_INTERVAL    0x00000004
 
 /**
  * XMLSEC_XKMS_KEY_BINDING_REASON_MASK_SIGNATURE:
  *
- * Signature on signed data provided by the client in the <Keyinfo> element was 
+ * Signature on signed data provided by the client in the <Keyinfo> element was
  * successfully verified.
  *
  * X.509 Equivalents
- *   - Valid: 	Certificate Signature verified.
+ *   - Valid:   Certificate Signature verified.
  *   - Invalid: Certificate Signature verification failed.
  */
-#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_SIGNATURE		 0x00000008
+#define XMLSEC_XKMS_KEY_BINDING_REASON_MASK_SIGNATURE            0x00000008
 
 
 /************************************************************************
  *
  * XKMS RespondWith Klass
  *
- ************************************************************************/ 
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecXkmsRespondWithIdsGet	(void);
-XMLSEC_EXPORT int 		xmlSecXkmsRespondWithIdsInit	(void);
-XMLSEC_EXPORT void 		xmlSecXkmsRespondWithIdsShutdown(void);
-XMLSEC_EXPORT int 		xmlSecXkmsRespondWithIdsRegisterDefault
+ ************************************************************************/
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecXkmsRespondWithIdsGet     (void);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithIdsInit    (void);
+XMLSEC_EXPORT void              xmlSecXkmsRespondWithIdsShutdown(void);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithIdsRegisterDefault
                                                                 (void);
-XMLSEC_EXPORT int		xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id);
-XMLSEC_EXPORT int  		xmlSecXkmsRespondWithNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int  		xmlSecXkmsRespondWithNodeWrite	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT void		xmlSecXkmsRespondWithDebugDump	(xmlSecXkmsRespondWithId id,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecXkmsRespondWithDebugXmlDump
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithNodeRead   (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithNodeWrite  (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT void              xmlSecXkmsRespondWithDebugDump  (xmlSecXkmsRespondWithId id,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecXkmsRespondWithDebugXmlDump
                                                                 (xmlSecXkmsRespondWithId id,
-								 FILE* output);
-XMLSEC_EXPORT int  		xmlSecXkmsRespondWithDefaultNodeRead
+                                                                 FILE* output);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithDefaultNodeRead
                                                                 (xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int  		xmlSecXkmsRespondWithDefaultNodeWrite
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithDefaultNodeWrite
                                                                 (xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 /************************************************************************
  *
  * XKMS RespondWith Klass List
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecXkmsRespondWithIdListId:
  *
  * XKMS RespondWith  klasses list klass.
  */
-#define xmlSecXkmsRespondWithIdListId	xmlSecXkmsRespondWithIdListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecXkmsRespondWithIdListGetKlass
+#define xmlSecXkmsRespondWithIdListId   xmlSecXkmsRespondWithIdListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecXkmsRespondWithIdListGetKlass
                                                                 (void);
-XMLSEC_EXPORT int		xmlSecXkmsRespondWithIdListFind (xmlSecPtrListPtr list,
-								 xmlSecXkmsRespondWithId id);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithIdListFind (xmlSecPtrListPtr list,
+                                                                 xmlSecXkmsRespondWithId id);
 XMLSEC_EXPORT xmlSecXkmsRespondWithId xmlSecXkmsRespondWithIdListFindByNodeValue
-								(xmlSecPtrListPtr list,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int		xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+                                                                (xmlSecPtrListPtr list,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 
-/******************************************************************** 
+/********************************************************************
  *
  * XML Sec Library RespondWith Ids
  *
@@ -454,193 +454,193 @@ XMLSEC_EXPORT int		xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list,
  *
  * The "unknown" RespondWith id (NULL).
  */
-#define xmlSecXkmsRespondWithIdUnknown			NULL
+#define xmlSecXkmsRespondWithIdUnknown                  NULL
 
 /**
  * xmlSecXkmsRespondWithKeyNameId:
  *
  * The respond with KeyName klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithKeyNameId \
-	xmlSecXkmsRespondWithKeyNameGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithKeyNameGetKlass(void);
+        xmlSecXkmsRespondWithKeyNameGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithKeyNameGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithKeyValueId:
  *
  * The respond with KeyValue klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithKeyValueId \
-	xmlSecXkmsRespondWithKeyValueGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithKeyValueGetKlass(void);
+        xmlSecXkmsRespondWithKeyValueGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithKeyValueGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithPrivateKeyId:
  *
  * The respond with PrivateKey klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithPrivateKeyId \
-	xmlSecXkmsRespondWithPrivateKeyGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithPrivateKeyGetKlass(void);
+        xmlSecXkmsRespondWithPrivateKeyGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithPrivateKeyGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithRetrievalMethodId:
  *
  * The respond with RetrievalMethod klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithRetrievalMethodId \
-	xmlSecXkmsRespondWithRetrievalMethodGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithRetrievalMethodGetKlass(void);
+        xmlSecXkmsRespondWithRetrievalMethodGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithRetrievalMethodGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithX509CertId:
  *
  * The respond with X509Cert klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithX509CertId \
-	xmlSecXkmsRespondWithX509CertGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithX509CertGetKlass(void);
+        xmlSecXkmsRespondWithX509CertGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithX509CertGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithX509ChainId:
  *
  * The respond with X509Chain klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithX509ChainId \
-	xmlSecXkmsRespondWithX509ChainGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithX509ChainGetKlass(void);
+        xmlSecXkmsRespondWithX509ChainGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithX509ChainGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithX509CRLId:
  *
  * The respond with X509CRL klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithX509CRLId \
-	xmlSecXkmsRespondWithX509CRLGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithX509CRLGetKlass(void);
+        xmlSecXkmsRespondWithX509CRLGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithX509CRLGetKlass(void);
 
 
 /**
  * xmlSecXkmsRespondWithPGPId:
  *
  * The respond with PGP klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithPGPId \
-	xmlSecXkmsRespondWithPGPGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithPGPGetKlass(void);
+        xmlSecXkmsRespondWithPGPGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithPGPGetKlass(void);
 
 /**
  * xmlSecXkmsRespondWithSPKIId:
  *
  * The respond with SPKI klass.
- */ 
+ */
 #define xmlSecXkmsRespondWithSPKIId \
-	xmlSecXkmsRespondWithSPKIGetKlass()
-XMLSEC_EXPORT xmlSecXkmsRespondWithId	xmlSecXkmsRespondWithSPKIGetKlass(void);
+        xmlSecXkmsRespondWithSPKIGetKlass()
+XMLSEC_EXPORT xmlSecXkmsRespondWithId   xmlSecXkmsRespondWithSPKIGetKlass(void);
 
 
 /************************************************************************
  *
  * XKMS ServerRequest Klass
  *
- ************************************************************************/ 
-XMLSEC_EXPORT xmlSecPtrListPtr	xmlSecXkmsServerRequestIdsGet	(void);
-XMLSEC_EXPORT int 		xmlSecXkmsServerRequestIdsInit	(void);
-XMLSEC_EXPORT void 		xmlSecXkmsServerRequestIdsShutdown
-								(void);
-XMLSEC_EXPORT int 		xmlSecXkmsServerRequestIdsRegisterDefault
-								(void);
-XMLSEC_EXPORT int		xmlSecXkmsServerRequestIdsRegister	
-								(xmlSecXkmsServerRequestId id);
-XMLSEC_EXPORT int  		xmlSecXkmsServerRequestNodeRead	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int  		xmlSecXkmsServerRequestExecute	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx);
-XMLSEC_EXPORT xmlNodePtr	xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlDocPtr doc,
-								 xmlNodePtr node);
-XMLSEC_EXPORT void		xmlSecXkmsServerRequestDebugDump(xmlSecXkmsServerRequestId id,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecXkmsServerRequestDebugXmlDump
-								(xmlSecXkmsServerRequestId id,
-								 FILE* output);
+ ************************************************************************/
+XMLSEC_EXPORT xmlSecPtrListPtr  xmlSecXkmsServerRequestIdsGet   (void);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestIdsInit  (void);
+XMLSEC_EXPORT void              xmlSecXkmsServerRequestIdsShutdown
+                                                                (void);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestIdsRegisterDefault
+                                                                (void);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestIdsRegister
+                                                                (xmlSecXkmsServerRequestId id);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestNodeRead (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestExecute  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx);
+XMLSEC_EXPORT xmlNodePtr        xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlDocPtr doc,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT void              xmlSecXkmsServerRequestDebugDump(xmlSecXkmsServerRequestId id,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecXkmsServerRequestDebugXmlDump
+                                                                (xmlSecXkmsServerRequestId id,
+                                                                 FILE* output);
 
 /************************************************************************
  *
  * XKMS ServerRequest Klass List
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecXkmsServerRequestIdListId:
  *
  * XKMS ServerRequest  klasses list klass.
  */
-#define xmlSecXkmsServerRequestIdListId	xmlSecXkmsServerRequestIdListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecXkmsServerRequestIdListGetKlass
-								(void);
-XMLSEC_EXPORT int		xmlSecXkmsServerRequestIdListFind
-								(xmlSecPtrListPtr list,
-								 xmlSecXkmsServerRequestId id);
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestIdListFindByName
-								(xmlSecPtrListPtr list,
-								 const xmlChar* name);
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestIdListFindByNode
-								(xmlSecPtrListPtr list,
-								 xmlNodePtr node);
+#define xmlSecXkmsServerRequestIdListId xmlSecXkmsServerRequestIdListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecXkmsServerRequestIdListGetKlass
+                                                                (void);
+XMLSEC_EXPORT int               xmlSecXkmsServerRequestIdListFind
+                                                                (xmlSecPtrListPtr list,
+                                                                 xmlSecXkmsServerRequestId id);
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestIdListFindByName
+                                                                (xmlSecPtrListPtr list,
+                                                                 const xmlChar* name);
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestIdListFindByNode
+                                                                (xmlSecPtrListPtr list,
+                                                                 xmlNodePtr node);
 
 /**
  * xmlSecXkmsServerRequestIdUnknown:
  *
  * The "unknown" ServerRequest id (NULL).
  */
-#define xmlSecXkmsServerRequestIdUnknown			NULL
+#define xmlSecXkmsServerRequestIdUnknown                        NULL
 
 /**
  * xmlSecXkmsServerRequestResultId:
  *
  * The Result response klass.
- */ 
+ */
 #define xmlSecXkmsServerRequestResultId \
-	xmlSecXkmsServerRequestResultGetKlass()
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestResultGetKlass(void);
+        xmlSecXkmsServerRequestResultGetKlass()
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestResultGetKlass(void);
 
 /**
  * xmlSecXkmsServerRequestStatusId:
  *
  * The StatusRequest klass.
- */ 
+ */
 #define xmlSecXkmsServerRequestStatusId \
-	xmlSecXkmsServerRequestStatusGetKlass()
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestStatusGetKlass(void);
+        xmlSecXkmsServerRequestStatusGetKlass()
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestStatusGetKlass(void);
 
 /**
  * xmlSecXkmsServerRequestCompoundId:
  *
  * The CompoundRequest klass.
- */ 
+ */
 #define xmlSecXkmsServerRequestCompoundId \
-	xmlSecXkmsServerRequestCompoundGetKlass()
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestCompoundGetKlass(void);
+        xmlSecXkmsServerRequestCompoundGetKlass()
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestCompoundGetKlass(void);
 
 /**
  * xmlSecXkmsServerRequestLocateId:
  *
  * The LocateRequest klass.
- */ 
+ */
 #define xmlSecXkmsServerRequestLocateId \
-	xmlSecXkmsServerRequestLocateGetKlass()
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestLocateGetKlass(void);
+        xmlSecXkmsServerRequestLocateGetKlass()
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestLocateGetKlass(void);
 
 /**
  * xmlSecXkmsServerRequestValidateId:
  *
  * The ValidateRequest klass.
- */ 
+ */
 #define xmlSecXkmsServerRequestValidateId \
-	xmlSecXkmsServerRequestValidateGetKlass()
-XMLSEC_EXPORT xmlSecXkmsServerRequestId	xmlSecXkmsServerRequestValidateGetKlass(void);
+        xmlSecXkmsServerRequestValidateGetKlass()
+XMLSEC_EXPORT xmlSecXkmsServerRequestId xmlSecXkmsServerRequestValidateGetKlass(void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h
index b2620784..3cd311e6 100644
--- a/include/xmlsec/xmldsig.h
+++ b/include/xmlsec/xmldsig.h
@@ -1,26 +1,26 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Digital Signature" implementation
  *  http://www.w3.org/TR/xmldsig-core/
  *  http://www.w3.org/Signature/Overview.html
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_XMLDSIG_H__
-#define __XMLSEC_XMLDSIG_H__    
+#define __XMLSEC_XMLDSIG_H__
 
 #ifndef XMLSEC_NO_XMLDSIG
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 
 #include <xmlsec/xmlsec.h>
@@ -31,14 +31,14 @@ extern "C" {
 #include <xmlsec/keyinfo.h>
 #include <xmlsec/transforms.h>
 
-typedef struct _xmlSecDSigReferenceCtx		xmlSecDSigReferenceCtx,
-						*xmlSecDSigReferenceCtxPtr;
+typedef struct _xmlSecDSigReferenceCtx          xmlSecDSigReferenceCtx,
+                                                *xmlSecDSigReferenceCtxPtr;
 
 /**
  * xmlSecDSigStatus:
- * @xmlSecDSigStatusUnknown: 	the status is unknow.
- * @xmlSecDSigStatusSucceeded:	the processing succeeded.
- * @xmlSecDSigStatusInvalid:	the processing failed.
+ * @xmlSecDSigStatusUnknown:    the status is unknown.
+ * @xmlSecDSigStatusSucceeded:  the processing succeeded.
+ * @xmlSecDSigStatusInvalid:    the processing failed.
  *
  * XML Digital signature processing status.
  */
@@ -59,7 +59,7 @@ typedef enum {
  *
  * If this flag is set then <dsig:Manifests/> nodes will not be processed.
  */
-#define XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS			0x00000001
+#define XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS                      0x00000001
 
 /**
  * XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES:
@@ -67,7 +67,7 @@ typedef enum {
  * If this flag is set then pre-digest buffer for <dsig:Reference/> child
  * of <dsig:KeyInfo/> element will be stored in #xmlSecDSigCtx.
  */
-#define XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES		0x00000002
+#define XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES           0x00000002
 
 /**
  * XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES:
@@ -75,7 +75,7 @@ typedef enum {
  * If this flag is set then pre-digest buffer for <dsig:Reference/> child
  * of <dsig:Manifest/> element will be stored in #xmlSecDSigCtx.
  */
-#define XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES		0x00000004
+#define XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES             0x00000004
 
 /**
  * XMLSEC_DSIG_FLAGS_STORE_SIGNATURE:
@@ -83,103 +83,103 @@ typedef enum {
  * If this flag is set then pre-signature buffer for <dsig:SignedInfo/>
  * element processing will be stored in #xmlSecDSigCtx.
  */
-#define XMLSEC_DSIG_FLAGS_STORE_SIGNATURE			0x00000008
+#define XMLSEC_DSIG_FLAGS_STORE_SIGNATURE                       0x00000008
 
 /**
  * XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK:
  *
  * If this flag is set then URI ID references are resolved directly
  * without using XPointers. This allows one to sign/verify Visa3D
- * documents that don't follow XML, XPointer and XML DSig specifications. 
+ * documents that don't follow XML, XPointer and XML DSig specifications.
  */
-#define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK			0x00000010
+#define XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK                       0x00000010
 
 /**
  * xmlSecDSigCtx:
- * @userData:			the pointer to user data (xmlsec and xmlsec-crypto libraries
- *				never touches this).
- * @flags:			the XML Digital Signature processing flags.
- * @flags2:			the XML Digital Signature processing flags.
- * @keyInfoReadCtx:		the reading key context.
- * @keyInfoWriteCtx:		the writing key context (not used for signature verification).
- * @transformCtx:		the <dsig:SignedInfo/> node processing context.
- * @enabledReferenceUris:	the URI types allowed for <dsig:Reference/> node.
- * @enabledReferenceTransforms:	the list of transforms allowed in <dsig:Reference/> node.
+ * @userData:                   the pointer to user data (xmlsec and xmlsec-crypto libraries
+ *                              never touches this).
+ * @flags:                      the XML Digital Signature processing flags.
+ * @flags2:                     the XML Digital Signature processing flags.
+ * @keyInfoReadCtx:             the reading key context.
+ * @keyInfoWriteCtx:            the writing key context (not used for signature verification).
+ * @transformCtx:               the <dsig:SignedInfo/> node processing context.
+ * @enabledReferenceUris:       the URI types allowed for <dsig:Reference/> node.
+ * @enabledReferenceTransforms: the list of transforms allowed in <dsig:Reference/> node.
  * @referencePreExecuteCallback:the callback for <dsig:Reference/> node processing.
- * @defSignMethodId:		the default signing method klass.
- * @defC14NMethodId:		the default c14n method klass.
- * @defDigestMethodId:		the default digest method klass.
- * @signKey:			the signature key; application may set #signKey
- *				before calling #xmlSecDSigCtxSign or #xmlSecDSigCtxVerify
- *				functions.
- * @operation:			the operation: sign or verify.
- * @result:			the pointer to signature (not valid for signature verificaction).
- * @status:			the <dsig:Signatuire/> procesisng status.
- * @signMethod:			the pointer to signature transform.
- * @c14nMethod:			the pointer to c14n transform.
- * @preSignMemBufMethod:	the pointer to binary buffer right before signature
- *				(valid only if #XMLSEC_DSIG_FLAGS_STORE_SIGNATURE flag is set).
- * @signValueNode:		the pointer to <dsig:SignatureValue/> node.
- * @id:				the pointer to Id attribute of <dsig:Signature/> node.
- * @signedInfoReferences:	the list of references in <dsig:SignedInfo/> node.		
- * @manifestReferences:		the list of references in <dsig:Manifest/> nodes.
- * @reserved0:			reserved for the future.
- * @reserved1:			reserved for the future.
+ * @defSignMethodId:            the default signing method klass.
+ * @defC14NMethodId:            the default c14n method klass.
+ * @defDigestMethodId:          the default digest method klass.
+ * @signKey:                    the signature key; application may set #signKey
+ *                              before calling #xmlSecDSigCtxSign or #xmlSecDSigCtxVerify
+ *                              functions.
+ * @operation:                  the operation: sign or verify.
+ * @result:                     the pointer to signature (not valid for signature verification).
+ * @status:                     the <dsig:Signatuire/> processing status.
+ * @signMethod:                 the pointer to signature transform.
+ * @c14nMethod:                 the pointer to c14n transform.
+ * @preSignMemBufMethod:        the pointer to binary buffer right before signature
+ *                              (valid only if #XMLSEC_DSIG_FLAGS_STORE_SIGNATURE flag is set).
+ * @signValueNode:              the pointer to <dsig:SignatureValue/> node.
+ * @id:                         the pointer to Id attribute of <dsig:Signature/> node.
+ * @signedInfoReferences:       the list of references in <dsig:SignedInfo/> node.
+ * @manifestReferences:         the list of references in <dsig:Manifest/> nodes.
+ * @reserved0:                  reserved for the future.
+ * @reserved1:                  reserved for the future.
  *
- * XML DSig processing context. 
+ * XML DSig processing context.
  */
 struct _xmlSecDSigCtx {
     /* these data user can set before performing the operation */
-    void*			userData;
-    unsigned int		flags;
-    unsigned int		flags2;
-    xmlSecKeyInfoCtx		keyInfoReadCtx;
-    xmlSecKeyInfoCtx		keyInfoWriteCtx;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformUriType	enabledReferenceUris;
-    xmlSecPtrListPtr		enabledReferenceTransforms;
+    void*                       userData;
+    unsigned int                flags;
+    unsigned int                flags2;
+    xmlSecKeyInfoCtx            keyInfoReadCtx;
+    xmlSecKeyInfoCtx            keyInfoWriteCtx;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformUriType      enabledReferenceUris;
+    xmlSecPtrListPtr            enabledReferenceTransforms;
     xmlSecTransformCtxPreExecuteCallback referencePreExecuteCallback;
-    xmlSecTransformId		defSignMethodId;
-    xmlSecTransformId		defC14NMethodId;
-    xmlSecTransformId		defDigestMethodId;
-        
+    xmlSecTransformId           defSignMethodId;
+    xmlSecTransformId           defC14NMethodId;
+    xmlSecTransformId           defDigestMethodId;
+
     /* these data are returned */
-    xmlSecKeyPtr		signKey;
-    xmlSecTransformOperation	operation;
-    xmlSecBufferPtr		result;
-    xmlSecDSigStatus		status;
-    xmlSecTransformPtr		signMethod;
-    xmlSecTransformPtr		c14nMethod;
-    xmlSecTransformPtr		preSignMemBufMethod;
-    xmlNodePtr			signValueNode;
-    xmlChar*			id;    
-    xmlSecPtrList    		signedInfoReferences;
-    xmlSecPtrList		manifestReferences;
+    xmlSecKeyPtr                signKey;
+    xmlSecTransformOperation    operation;
+    xmlSecBufferPtr             result;
+    xmlSecDSigStatus            status;
+    xmlSecTransformPtr          signMethod;
+    xmlSecTransformPtr          c14nMethod;
+    xmlSecTransformPtr          preSignMemBufMethod;
+    xmlNodePtr                  signValueNode;
+    xmlChar*                    id;
+    xmlSecPtrList               signedInfoReferences;
+    xmlSecPtrList               manifestReferences;
 
     /* reserved for future */
-    void*			reserved0;
-    void*			reserved1;    
-};						
+    void*                       reserved0;
+    void*                       reserved1;
+};
 
 /* constructor/destructor */
-XMLSEC_EXPORT xmlSecDSigCtxPtr	xmlSecDSigCtxCreate		(xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void 		xmlSecDSigCtxDestroy		(xmlSecDSigCtxPtr dsigCtx);
-XMLSEC_EXPORT int		xmlSecDSigCtxInitialize		(xmlSecDSigCtxPtr dsigCtx,
-								 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void		xmlSecDSigCtxFinalize		(xmlSecDSigCtxPtr dsigCtx);
-XMLSEC_EXPORT int		xmlSecDSigCtxSign		(xmlSecDSigCtxPtr dsigCtx,
-								 xmlNodePtr tmpl);
-XMLSEC_EXPORT int		xmlSecDSigCtxVerify		(xmlSecDSigCtxPtr dsigCtx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int		xmlSecDSigCtxEnableReferenceTransform(xmlSecDSigCtxPtr dsigCtx,
-								xmlSecTransformId transformId);
-XMLSEC_EXPORT int		xmlSecDSigCtxEnableSignatureTransform(xmlSecDSigCtxPtr dsigCtx,
-								xmlSecTransformId transformId);
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecDSigCtxGetPreSignBuffer	(xmlSecDSigCtxPtr dsigCtx);
-XMLSEC_EXPORT void		xmlSecDSigCtxDebugDump		(xmlSecDSigCtxPtr dsigCtx,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecDSigCtxDebugXmlDump	(xmlSecDSigCtxPtr dsigCtx,
-								 FILE* output);
+XMLSEC_EXPORT xmlSecDSigCtxPtr  xmlSecDSigCtxCreate             (xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void              xmlSecDSigCtxDestroy            (xmlSecDSigCtxPtr dsigCtx);
+XMLSEC_EXPORT int               xmlSecDSigCtxInitialize         (xmlSecDSigCtxPtr dsigCtx,
+                                                                 xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void              xmlSecDSigCtxFinalize           (xmlSecDSigCtxPtr dsigCtx);
+XMLSEC_EXPORT int               xmlSecDSigCtxSign               (xmlSecDSigCtxPtr dsigCtx,
+                                                                 xmlNodePtr tmpl);
+XMLSEC_EXPORT int               xmlSecDSigCtxVerify             (xmlSecDSigCtxPtr dsigCtx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecDSigCtxEnableReferenceTransform(xmlSecDSigCtxPtr dsigCtx,
+                                                                xmlSecTransformId transformId);
+XMLSEC_EXPORT int               xmlSecDSigCtxEnableSignatureTransform(xmlSecDSigCtxPtr dsigCtx,
+                                                                xmlSecTransformId transformId);
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecDSigCtxGetPreSignBuffer   (xmlSecDSigCtxPtr dsigCtx);
+XMLSEC_EXPORT void              xmlSecDSigCtxDebugDump          (xmlSecDSigCtxPtr dsigCtx,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecDSigCtxDebugXmlDump       (xmlSecDSigCtxPtr dsigCtx,
+                                                                 FILE* output);
 
 
 /**************************************************************************
@@ -190,9 +190,9 @@ XMLSEC_EXPORT void		xmlSecDSigCtxDebugXmlDump	(xmlSecDSigCtxPtr dsigCtx,
 /**
  * xmlSecDSigReferenceOrigin:
  * @xmlSecDSigReferenceOriginSignedInfo:reference in <dsig:SignedInfo> node.
- * @xmlSecDSigReferenceOriginManifest: 	reference <dsig:Manifest> node.
- * 
- * The possible <dsig:Reference/> node locations: in the <dsig:SignedInfo/> 
+ * @xmlSecDSigReferenceOriginManifest:  reference <dsig:Manifest> node.
+ *
+ * The possible <dsig:Reference/> node locations: in the <dsig:SignedInfo/>
  * node or in the <dsig:Manifest/> node.
  */
 typedef enum  {
@@ -202,60 +202,60 @@ typedef enum  {
 
 /**
  * xmlSecDSigReferenceCtx:
- * @userData:			the pointer to user data (xmlsec and xmlsec-crypto libraries
- *				never touches this).
- * @dsigCtx:			the pointer to "parent" <dsig:Signature/> processing context.
- * @origin:			the signature origin (<dsig:SignedInfo/> or <dsig:Manifest/>).
- * @transformCtx:		the reference processing transforms context.
- * @digestMethod:		the pointer to digest transform.
- * @result:			the pointer to digest result.
- * @status:			the reference processing status.
- * @preDigestMemBufMethod:	the pointer to binary buffer right before digest
- *				(valid only if either
- *				#XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES or
- *				#XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES flags are set).
- * @id:				the <dsig:Reference/> node ID attribute. 
- * @uri:			the <dsig:Reference/> node URI attribute. 
- * @type:			the <dsig:Reference/> node Type attribute. 
- * @reserved0:			reserved for the future.
- * @reserved1:			reserved for the future.
+ * @userData:                   the pointer to user data (xmlsec and xmlsec-crypto libraries
+ *                              never touches this).
+ * @dsigCtx:                    the pointer to "parent" <dsig:Signature/> processing context.
+ * @origin:                     the signature origin (<dsig:SignedInfo/> or <dsig:Manifest/>).
+ * @transformCtx:               the reference processing transforms context.
+ * @digestMethod:               the pointer to digest transform.
+ * @result:                     the pointer to digest result.
+ * @status:                     the reference processing status.
+ * @preDigestMemBufMethod:      the pointer to binary buffer right before digest
+ *                              (valid only if either
+ *                              #XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES or
+ *                              #XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES flags are set).
+ * @id:                         the <dsig:Reference/> node ID attribute.
+ * @uri:                        the <dsig:Reference/> node URI attribute.
+ * @type:                       the <dsig:Reference/> node Type attribute.
+ * @reserved0:                  reserved for the future.
+ * @reserved1:                  reserved for the future.
  *
  * The <dsig:Reference/> processing context.
  */
 struct _xmlSecDSigReferenceCtx {
-    void*			userData;
-    xmlSecDSigCtxPtr		dsigCtx;
-    xmlSecDSigReferenceOrigin	origin;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformPtr		digestMethod;
+    void*                       userData;
+    xmlSecDSigCtxPtr            dsigCtx;
+    xmlSecDSigReferenceOrigin   origin;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformPtr          digestMethod;
+
+    xmlSecBufferPtr             result;
+    xmlSecDSigStatus            status;
+    xmlSecTransformPtr          preDigestMemBufMethod;
+    xmlChar*                    id;
+    xmlChar*                    uri;
+    xmlChar*                    type;
 
-    xmlSecBufferPtr		result;
-    xmlSecDSigStatus		status;
-    xmlSecTransformPtr		preDigestMemBufMethod;
-    xmlChar*			id;
-    xmlChar*			uri;
-    xmlChar*			type;
-    
      /* reserved for future */
-    void*			reserved0;
-    void*			reserved1;    
+    void*                       reserved0;
+    void*                       reserved1;
 };
 
-XMLSEC_EXPORT xmlSecDSigReferenceCtxPtr	xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx,
-								xmlSecDSigReferenceOrigin origin);
-XMLSEC_EXPORT void 		xmlSecDSigReferenceCtxDestroy	(xmlSecDSigReferenceCtxPtr dsigRefCtx);
-XMLSEC_EXPORT int		xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx,
-								xmlSecDSigCtxPtr dsigCtx,
-								xmlSecDSigReferenceOrigin origin); 
-XMLSEC_EXPORT void		xmlSecDSigReferenceCtxFinalize	(xmlSecDSigReferenceCtxPtr dsigRefCtx);
-XMLSEC_EXPORT int		xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, 
-								  xmlNodePtr node);
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecDSigReferenceCtxGetPreDigestBuffer
-								(xmlSecDSigReferenceCtxPtr dsigRefCtx);
-XMLSEC_EXPORT void		xmlSecDSigReferenceCtxDebugDump	(xmlSecDSigReferenceCtxPtr dsigRefCtx,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx,
-								 FILE* output);
+XMLSEC_EXPORT xmlSecDSigReferenceCtxPtr xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx,
+                                                                xmlSecDSigReferenceOrigin origin);
+XMLSEC_EXPORT void              xmlSecDSigReferenceCtxDestroy   (xmlSecDSigReferenceCtxPtr dsigRefCtx);
+XMLSEC_EXPORT int               xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx,
+                                                                xmlSecDSigCtxPtr dsigCtx,
+                                                                xmlSecDSigReferenceOrigin origin);
+XMLSEC_EXPORT void              xmlSecDSigReferenceCtxFinalize  (xmlSecDSigReferenceCtxPtr dsigRefCtx);
+XMLSEC_EXPORT int               xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx,
+                                                                  xmlNodePtr node);
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecDSigReferenceCtxGetPreDigestBuffer
+                                                                (xmlSecDSigReferenceCtxPtr dsigRefCtx);
+XMLSEC_EXPORT void              xmlSecDSigReferenceCtxDebugDump (xmlSecDSigReferenceCtxPtr dsigRefCtx,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx,
+                                                                 FILE* output);
 
 /**************************************************************************
  *
@@ -268,8 +268,8 @@ XMLSEC_EXPORT void		xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr
  * The references list klass.
  */
 #define xmlSecDSigReferenceCtxListId \
-	xmlSecDSigReferenceCtxListGetKlass()
-XMLSEC_EXPORT xmlSecPtrListId	xmlSecDSigReferenceCtxListGetKlass(void);
+        xmlSecDSigReferenceCtxListGetKlass()
+XMLSEC_EXPORT xmlSecPtrListId   xmlSecDSigReferenceCtxListGetKlass(void);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/xmlenc.h b/include/xmlsec/xmlenc.h
index dc6805a8..6725454d 100644
--- a/include/xmlsec/xmlenc.h
+++ b/include/xmlsec/xmlenc.h
@@ -1,26 +1,26 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Encryption" implementation
  *  http://www.w3.org/TR/xmlenc-core
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_XMLENC_H__
-#define __XMLSEC_XMLENC_H__    
+#define __XMLSEC_XMLENC_H__
 
 #ifndef XMLSEC_NO_XMLENC
-	
+
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
-#include <stdio.h>		
+#endif /* __cplusplus */
+#include <stdio.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -29,10 +29,10 @@ extern "C" {
 #include <xmlsec/keyinfo.h>
 #include <xmlsec/transforms.h>
 
-/** 
- * xmlEncCtxMode: 
- * @xmlEncCtxModeEncryptedData:	the <enc:EncryptedData/> element procesing.
- * @xmlEncCtxModeEncryptedKey:	the <enc:EncryptedKey/> element processing.
+/**
+ * xmlEncCtxMode:
+ * @xmlEncCtxModeEncryptedData: the <enc:EncryptedData/> element procesing.
+ * @xmlEncCtxModeEncryptedKey:  the <enc:EncryptedKey/> element processing.
  *
  * The #xmlSecEncCtx mode.
  */
@@ -47,111 +47,111 @@ typedef enum {
  *
  * If this flag is set, then the replaced node will be returned in the replacedNodeList
  */
-#define XMLSEC_ENC_RETURN_REPLACED_NODE			0x00000001
+#define XMLSEC_ENC_RETURN_REPLACED_NODE                 0x00000001
 
-/** 
+/**
  * xmlSecEncCtx:
- * @userData:			the pointer to user data (xmlsec and xmlsec-crypto libraries
- *				never touches this).
- * @flags:			the XML Encryption processing flags.
- * @flags2:			the XML Encryption processing flags.
- * @mode:			the mode.
- * @keyInfoReadCtx:		the reading key context.
- * @keyInfoWriteCtx:		the writing key context (not used for signature verification).
- * @transformCtx:		the transforms processing context.
- * @defEncMethodId:		the default encryption method (used if
- *				<enc:EncryptionMethod/> node is not present).
- * @encKey:			the signature key; application may set #encKey
- *				before calling encryption/decryption functions.
- * @operation:			the operation: encrypt or decrypt.
- * @result:			the pointer to signature (not valid for signature verificaction).
- * @resultBase64Encoded:	the flag: if set then result in #result is base64 encoded.
- * @resultReplaced:		the flag: if set then resulted <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node is added to the document.
- * @encMethod:			the pointer to encryption transform.
+ * @userData:                   the pointer to user data (xmlsec and xmlsec-crypto libraries
+ *                              never touches this).
+ * @flags:                      the XML Encryption processing flags.
+ * @flags2:                     the XML Encryption processing flags.
+ * @mode:                       the mode.
+ * @keyInfoReadCtx:             the reading key context.
+ * @keyInfoWriteCtx:            the writing key context (not used for signature verification).
+ * @transformCtx:               the transforms processing context.
+ * @defEncMethodId:             the default encryption method (used if
+ *                              <enc:EncryptionMethod/> node is not present).
+ * @encKey:                     the signature key; application may set #encKey
+ *                              before calling encryption/decryption functions.
+ * @operation:                  the operation: encrypt or decrypt.
+ * @result:                     the pointer to signature (not valid for signature verification).
+ * @resultBase64Encoded:        the flag: if set then result in #result is base64 encoded.
+ * @resultReplaced:             the flag: if set then resulted <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node is added to the document.
+ * @encMethod:                  the pointer to encryption transform.
  * @replacedNodeList: the first node of the list of replaced nodes depending on the nodeReplacementMode
- * @id:				the ID attribute of <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node.
- * @type:			the Type attribute of <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node.
- * @mimeType:			the MimeType attribute of <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node.
- * @encoding:			the Encoding attributeof <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node. 
- * @recipient:			the Recipient attribute of <enc:EncryptedKey/> node..
- * @carriedKeyName:		the CarriedKeyName attribute of <enc:EncryptedKey/> node.
- * @encDataNode:		the pointer to <enc:EncryptedData/>
- *				or <enc:EncryptedKey/> node.
- * @encMethodNode:		the pointer to <enc:EncryptionMethod/> node.
- * @keyInfoNode:		the pointer to <enc:KeyInfo/> node.
- * @cipherValueNode:		the pointer to <enc:CipherValue/> node.
- * @reserved1:			reserved for the future.
- * 
+ * @id:                         the ID attribute of <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node.
+ * @type:                       the Type attribute of <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node.
+ * @mimeType:                   the MimeType attribute of <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node.
+ * @encoding:                   the Encoding attributeof <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node.
+ * @recipient:                  the Recipient attribute of <enc:EncryptedKey/> node..
+ * @carriedKeyName:             the CarriedKeyName attribute of <enc:EncryptedKey/> node.
+ * @encDataNode:                the pointer to <enc:EncryptedData/>
+ *                              or <enc:EncryptedKey/> node.
+ * @encMethodNode:              the pointer to <enc:EncryptionMethod/> node.
+ * @keyInfoNode:                the pointer to <enc:KeyInfo/> node.
+ * @cipherValueNode:            the pointer to <enc:CipherValue/> node.
+ * @reserved1:                  reserved for the future.
+ *
  * XML Encrypiton context.
  */
 struct _xmlSecEncCtx {
     /* these data user can set before performing the operation */
-    void*			userData;
-    unsigned int		flags;
-    unsigned int		flags2;    
-    xmlEncCtxMode		mode;
-    xmlSecKeyInfoCtx		keyInfoReadCtx;
-    xmlSecKeyInfoCtx		keyInfoWriteCtx;
-    xmlSecTransformCtx		transformCtx;
-    xmlSecTransformId		defEncMethodId;
+    void*                       userData;
+    unsigned int                flags;
+    unsigned int                flags2;
+    xmlEncCtxMode               mode;
+    xmlSecKeyInfoCtx            keyInfoReadCtx;
+    xmlSecKeyInfoCtx            keyInfoWriteCtx;
+    xmlSecTransformCtx          transformCtx;
+    xmlSecTransformId           defEncMethodId;
 
     /* these data are returned */
-    xmlSecKeyPtr		encKey;
-    xmlSecTransformOperation	operation;
-    xmlSecBufferPtr		result;
-    int				resultBase64Encoded;
-    int				resultReplaced;
-    xmlSecTransformPtr		encMethod;
-		
-    /* attributes from EncryptedData or EncryptedKey */    
-    xmlChar*			id;
-    xmlChar*			type;
-    xmlChar*			mimeType;
-    xmlChar*			encoding;
-    xmlChar*			recipient;
-    xmlChar*			carriedKeyName;
+    xmlSecKeyPtr                encKey;
+    xmlSecTransformOperation    operation;
+    xmlSecBufferPtr             result;
+    int                         resultBase64Encoded;
+    int                         resultReplaced;
+    xmlSecTransformPtr          encMethod;
+
+    /* attributes from EncryptedData or EncryptedKey */
+    xmlChar*                    id;
+    xmlChar*                    type;
+    xmlChar*                    mimeType;
+    xmlChar*                    encoding;
+    xmlChar*                    recipient;
+    xmlChar*                    carriedKeyName;
 
     /* these are internal data, nobody should change that except us */
-    xmlNodePtr			encDataNode;
-    xmlNodePtr			encMethodNode;
-    xmlNodePtr			keyInfoNode;
-    xmlNodePtr			cipherValueNode;
-        
-    xmlNodePtr			replacedNodeList; /* the pointer to the replaced node */
-    void*			reserved1;	  /* reserved for future */
+    xmlNodePtr                  encDataNode;
+    xmlNodePtr                  encMethodNode;
+    xmlNodePtr                  keyInfoNode;
+    xmlNodePtr                  cipherValueNode;
+
+    xmlNodePtr                  replacedNodeList; /* the pointer to the replaced node */
+    void*                       reserved1;        /* reserved for future */
 };
 
-XMLSEC_EXPORT xmlSecEncCtxPtr	xmlSecEncCtxCreate		(xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void 		xmlSecEncCtxDestroy		(xmlSecEncCtxPtr encCtx);
-XMLSEC_EXPORT int		xmlSecEncCtxInitialize		(xmlSecEncCtxPtr encCtx,
-								 xmlSecKeysMngrPtr keysMngr);
-XMLSEC_EXPORT void		xmlSecEncCtxFinalize		(xmlSecEncCtxPtr encCtx);
-XMLSEC_EXPORT int		xmlSecEncCtxCopyUserPref	(xmlSecEncCtxPtr dst,
-								 xmlSecEncCtxPtr src);
-XMLSEC_EXPORT void		xmlSecEncCtxReset		(xmlSecEncCtxPtr encCtx);
-XMLSEC_EXPORT int		xmlSecEncCtxBinaryEncrypt	(xmlSecEncCtxPtr encCtx,
-								 xmlNodePtr tmpl,
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize);
-XMLSEC_EXPORT int		xmlSecEncCtxXmlEncrypt		(xmlSecEncCtxPtr encCtx,
-								 xmlNodePtr tmpl,
-								 xmlNodePtr node);
-XMLSEC_EXPORT int		xmlSecEncCtxUriEncrypt		(xmlSecEncCtxPtr encCtx,
-								 xmlNodePtr tmpl,
-								 const xmlChar *uri);
-XMLSEC_EXPORT int		xmlSecEncCtxDecrypt		(xmlSecEncCtxPtr encCtx,
-								 xmlNodePtr node);
-XMLSEC_EXPORT xmlSecBufferPtr	xmlSecEncCtxDecryptToBuffer	(xmlSecEncCtxPtr encCtx,
-								 xmlNodePtr node		);
-XMLSEC_EXPORT void		xmlSecEncCtxDebugDump		(xmlSecEncCtxPtr encCtx,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecEncCtxDebugXmlDump	(xmlSecEncCtxPtr encCtx,
-								 FILE* output);
+XMLSEC_EXPORT xmlSecEncCtxPtr   xmlSecEncCtxCreate              (xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void              xmlSecEncCtxDestroy             (xmlSecEncCtxPtr encCtx);
+XMLSEC_EXPORT int               xmlSecEncCtxInitialize          (xmlSecEncCtxPtr encCtx,
+                                                                 xmlSecKeysMngrPtr keysMngr);
+XMLSEC_EXPORT void              xmlSecEncCtxFinalize            (xmlSecEncCtxPtr encCtx);
+XMLSEC_EXPORT int               xmlSecEncCtxCopyUserPref        (xmlSecEncCtxPtr dst,
+                                                                 xmlSecEncCtxPtr src);
+XMLSEC_EXPORT void              xmlSecEncCtxReset               (xmlSecEncCtxPtr encCtx);
+XMLSEC_EXPORT int               xmlSecEncCtxBinaryEncrypt       (xmlSecEncCtxPtr encCtx,
+                                                                 xmlNodePtr tmpl,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize);
+XMLSEC_EXPORT int               xmlSecEncCtxXmlEncrypt          (xmlSecEncCtxPtr encCtx,
+                                                                 xmlNodePtr tmpl,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecEncCtxUriEncrypt          (xmlSecEncCtxPtr encCtx,
+                                                                 xmlNodePtr tmpl,
+                                                                 const xmlChar *uri);
+XMLSEC_EXPORT int               xmlSecEncCtxDecrypt             (xmlSecEncCtxPtr encCtx,
+                                                                 xmlNodePtr node);
+XMLSEC_EXPORT xmlSecBufferPtr   xmlSecEncCtxDecryptToBuffer     (xmlSecEncCtxPtr encCtx,
+                                                                 xmlNodePtr node                );
+XMLSEC_EXPORT void              xmlSecEncCtxDebugDump           (xmlSecEncCtxPtr encCtx,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecEncCtxDebugXmlDump        (xmlSecEncCtxPtr encCtx,
+                                                                 FILE* output);
 
 #ifdef __cplusplus
 }
diff --git a/include/xmlsec/xmlsec.h b/include/xmlsec/xmlsec.h
index f7c4a20d..ad44918b 100644
--- a/include/xmlsec/xmlsec.h
+++ b/include/xmlsec/xmlsec.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * General functions and forward declarations.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_H__
-#define __XMLSEC_H__    
+#define __XMLSEC_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <libxml/tree.h>
 
@@ -31,7 +31,7 @@ extern "C" {
  *
  * Void pointer.
  */
-typedef void*					xmlSecPtr;
+typedef void*                                   xmlSecPtr;
 
 /**
  * xmlSecSize:
@@ -40,47 +40,55 @@ typedef void*					xmlSecPtr;
  * but it will break ABI (todo).
  */
 #ifdef XMLSEC_NO_SIZE_T
-#define xmlSecSize				unsigned int
+#define xmlSecSize                              unsigned int
 #else  /* XMLSEC_NO_SIZE_T */
-#define xmlSecSize				size_t
+#define xmlSecSize                              size_t
 #endif /* XMLSEC_NO_SIZE_T */
 
 /**
+ * XMLSEC_SIZE_BAD_CAST:
+ * @val:        the value to cast
+ *
+ * Bad cast to xmlSecSize
+ */
+#define XMLSEC_SIZE_BAD_CAST(val)               ((xmlSecSize)(val))
+
+/**
  * xmlSecByte:
  *
  * One byte. Should be typedef instead of define
  * but it will break ABI (todo).
  */
-#define xmlSecByte				unsigned char
+#define xmlSecByte                              unsigned char
 
 /***********************************************************************
  *
  * Forward declarations
  *
  ***********************************************************************/
-typedef struct _xmlSecKeyData 			xmlSecKeyData, *xmlSecKeyDataPtr; 
-typedef struct _xmlSecKeyDataStore		xmlSecKeyDataStore, *xmlSecKeyDataStorePtr; 
-typedef struct _xmlSecKeyInfoCtx  		xmlSecKeyInfoCtx, *xmlSecKeyInfoCtxPtr; 
-typedef struct _xmlSecKey 			xmlSecKey, *xmlSecKeyPtr; 
-typedef struct _xmlSecKeyStore			xmlSecKeyStore, *xmlSecKeyStorePtr; 
-typedef struct _xmlSecKeysMngr  		xmlSecKeysMngr, *xmlSecKeysMngrPtr; 
-typedef struct _xmlSecTransform 		xmlSecTransform, *xmlSecTransformPtr; 
-typedef struct _xmlSecTransformCtx 		xmlSecTransformCtx, *xmlSecTransformCtxPtr; 
+typedef struct _xmlSecKeyData                   xmlSecKeyData, *xmlSecKeyDataPtr;
+typedef struct _xmlSecKeyDataStore              xmlSecKeyDataStore, *xmlSecKeyDataStorePtr;
+typedef struct _xmlSecKeyInfoCtx                xmlSecKeyInfoCtx, *xmlSecKeyInfoCtxPtr;
+typedef struct _xmlSecKey                       xmlSecKey, *xmlSecKeyPtr;
+typedef struct _xmlSecKeyStore                  xmlSecKeyStore, *xmlSecKeyStorePtr;
+typedef struct _xmlSecKeysMngr                  xmlSecKeysMngr, *xmlSecKeysMngrPtr;
+typedef struct _xmlSecTransform                 xmlSecTransform, *xmlSecTransformPtr;
+typedef struct _xmlSecTransformCtx              xmlSecTransformCtx, *xmlSecTransformCtxPtr;
 
 #ifndef XMLSEC_NO_XMLDSIG
-typedef struct _xmlSecDSigCtx 			xmlSecDSigCtx, *xmlSecDSigCtxPtr; 
+typedef struct _xmlSecDSigCtx                   xmlSecDSigCtx, *xmlSecDSigCtxPtr;
 #endif /* XMLSEC_NO_XMLDSIG */
 
 #ifndef XMLSEC_NO_XMLENC
-typedef struct _xmlSecEncCtx 			xmlSecEncCtx, *xmlSecEncCtxPtr; 
+typedef struct _xmlSecEncCtx                    xmlSecEncCtx, *xmlSecEncCtxPtr;
 #endif /* XMLSEC_NO_XMLENC */
 
 #ifndef XMLSEC_NO_XKMS
-typedef struct _xmlSecXkmsServerCtx		xmlSecXkmsServerCtx, *xmlSecXkmsServerCtxPtr; 
+typedef struct _xmlSecXkmsServerCtx             xmlSecXkmsServerCtx, *xmlSecXkmsServerCtxPtr;
 #endif /* XMLSEC_NO_XKMS */
 
-XMLSEC_EXPORT int	xmlSecInit		(void);
-XMLSEC_EXPORT int	xmlSecShutdown		(void);
+XMLSEC_EXPORT int       xmlSecInit              (void);
+XMLSEC_EXPORT int       xmlSecShutdown          (void);
 
 
 
@@ -89,30 +97,30 @@ XMLSEC_EXPORT int	xmlSecShutdown		(void);
  * Version checking
  *
  ***********************************************************************/
-/** 
+/**
  * xmlSecCheckVersionExact:
  *
- * Macro. Returns 1 if the loaded xmlsec library version exactly matches 
+ * Macro. Returns 1 if the loaded xmlsec library version exactly matches
  * the one used to compile the caller, 0 if it does not or a negative
  * value if an error occurs.
  */
-#define xmlSecCheckVersionExact()	\
+#define xmlSecCheckVersionExact()       \
     xmlSecCheckVersionExt(XMLSEC_VERSION_MAJOR, XMLSEC_VERSION_MINOR, XMLSEC_VERSION_SUBMINOR, xmlSecCheckVersionExactMatch)
 
-/** 
+/**
  * xmlSecCheckVersion:
  *
  * Macro. Returns 1 if the loaded xmlsec library version ABI compatible with
  * the one used to compile the caller, 0 if it does not or a negative
  * value if an error occurs.
  */
-#define xmlSecCheckVersion()	\
+#define xmlSecCheckVersion()    \
     xmlSecCheckVersionExt(XMLSEC_VERSION_MAJOR, XMLSEC_VERSION_MINOR, XMLSEC_VERSION_SUBMINOR, xmlSecCheckVersionABICompatible)
 
 /**
  * xmlSecCheckVersionMode:
- * @xmlSecCheckVersionExactMatch:	the version should match exactly.
- * @xmlSecCheckVersionABICompatible:	the version should be ABI compatible.
+ * @xmlSecCheckVersionExactMatch:       the version should match exactly.
+ * @xmlSecCheckVersionABICompatible:    the version should be ABI compatible.
  *
  * The xmlsec library version mode.
  */
@@ -121,10 +129,10 @@ typedef enum {
     xmlSecCheckVersionABICompatible
 } xmlSecCheckVersionMode;
 
-XMLSEC_EXPORT int	xmlSecCheckVersionExt	(int major, 
-						 int minor, 
-						 int subminor, 
-						 xmlSecCheckVersionMode mode);
+XMLSEC_EXPORT int       xmlSecCheckVersionExt   (int major,
+                                                 int minor,
+                                                 int subminor,
+                                                 xmlSecCheckVersionMode mode);
 
 /**
  * ATTRIBUTE_UNUSED:
@@ -142,6 +150,63 @@ XMLSEC_EXPORT int	xmlSecCheckVersionExt	(int major,
 #define ATTRIBUTE_UNUSED
 #endif
 
+/***********************************************************************
+ *
+ * Helpers to convert from void* to function pointer, this silence
+ * gcc warning
+ *
+ *     warning: ISO C forbids conversion of object pointer to function
+ *     pointer type
+ *
+ * The workaround is to declare a union that does the conversion. This is
+ * guaranteed (ISO/IEC 9899:1990 "C89"/"C90") to match exactly.
+ *
+ ***********************************************************************/
+
+/**
+ * XMLSEC_PTR_TO_FUNC_IMPL:
+ * @func_type:          the function type.
+ *
+ * Macro declares helper functions to convert between "void *" pointer and
+ * function pointer.
+ */
+#define XMLSEC_PTR_TO_FUNC_IMPL(func_type) \
+    union xmlSecPtrToFuncUnion_ ##func_type { \
+        void *ptr; \
+        func_type * func; \
+    } ; \
+    static func_type * xmlSecPtrToFunc_ ##func_type(void * ptr) { \
+         union xmlSecPtrToFuncUnion_ ##func_type x; \
+         x.ptr = ptr; \
+         return (x.func); \
+    } \
+    static void * xmlSecFuncToPtr_ ##func_type(func_type * func) { \
+         union xmlSecPtrToFuncUnion_ ##func_type x; \
+         x.func = func; \
+         return (x.ptr); \
+    }
+
+/**
+ * XMLSEC_PTR_TO_FUNC:
+ * @func_type:          the function type.
+ * @ptr:                the "void*" pointer to be converted.
+ *
+ * Macro converts from "void*" pointer to "func_type" function pointer.
+ */
+#define XMLSEC_PTR_TO_FUNC(func_type, ptr) \
+    xmlSecPtrToFunc_ ##func_type((ptr))
+
+/**
+ * XMLSEC_FUNC_TO_PTR:
+ * @func_type:          the function type.
+ * @func:               the "func_type" function pointer to be converted.
+ *
+ * Macro converts from "func_type" function pointer to "void*" pointer.
+ */
+#define XMLSEC_FUNC_TO_PTR(func_type, func) \
+    xmlSecFuncToPtr_ ##func_type((func))
+
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */
diff --git a/include/xmlsec/xmltree.h b/include/xmlsec/xmltree.h
index ffba25f8..c75e51eb 100644
--- a/include/xmlsec/xmltree.h
+++ b/include/xmlsec/xmltree.h
@@ -1,19 +1,19 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Common XML utility functions
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_TREE_H__
-#define __XMLSEC_TREE_H__    
+#define __XMLSEC_TREE_H__
 
 #ifdef __cplusplus
 extern "C" {
-#endif /* __cplusplus */ 
+#endif /* __cplusplus */
 
 #include <stdio.h>
 
@@ -23,79 +23,79 @@ extern "C" {
 
 /**
  * xmlSecNodeGetName:
- * @node:		the pointer to node.
+ * @node:               the pointer to node.
  *
  * Macro. Returns node's name.
  */
 #define xmlSecNodeGetName(node) \
     (((node)) ? ((const char*)((node)->name)) : NULL)
 
-XMLSEC_EXPORT const xmlChar* 	xmlSecGetNodeNsHref	(const xmlNodePtr cur);
-XMLSEC_EXPORT int		xmlSecCheckNodeName	(const xmlNodePtr cur, 
-							 const xmlChar *name, 
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecGetNextElementNode(xmlNodePtr cur);
-XMLSEC_EXPORT xmlNodePtr	xmlSecFindChild		(const xmlNodePtr parent,
-							 const xmlChar *name,
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecFindParent	(const xmlNodePtr cur, 
-							 const xmlChar *name, 
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecFindNode		(const xmlNodePtr parent,
-							 const xmlChar *name,
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecAddChild		(xmlNodePtr parent, 
-							 const xmlChar *name,
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecAddChildNode	(xmlNodePtr parent, 
-							 xmlNodePtr child);
-XMLSEC_EXPORT xmlNodePtr	xmlSecAddNextSibling	(xmlNodePtr node, 
-							 const xmlChar *name,
-							 const xmlChar *ns);
-XMLSEC_EXPORT xmlNodePtr	xmlSecAddPrevSibling	(xmlNodePtr node, 
-							 const xmlChar *name,
-							 const xmlChar *ns);
+XMLSEC_EXPORT const xmlChar*    xmlSecGetNodeNsHref     (const xmlNodePtr cur);
+XMLSEC_EXPORT int               xmlSecCheckNodeName     (const xmlNodePtr cur,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecGetNextElementNode(xmlNodePtr cur);
+XMLSEC_EXPORT xmlNodePtr        xmlSecFindChild         (const xmlNodePtr parent,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecFindParent        (const xmlNodePtr cur,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecFindNode          (const xmlNodePtr parent,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecAddChild          (xmlNodePtr parent,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecAddChildNode      (xmlNodePtr parent,
+                                                         xmlNodePtr child);
+XMLSEC_EXPORT xmlNodePtr        xmlSecAddNextSibling    (xmlNodePtr node,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
+XMLSEC_EXPORT xmlNodePtr        xmlSecAddPrevSibling    (xmlNodePtr node,
+                                                         const xmlChar *name,
+                                                         const xmlChar *ns);
 
-XMLSEC_EXPORT int		xmlSecReplaceNode	(xmlNodePtr node,
-						         xmlNodePtr newNode);
-XMLSEC_EXPORT int		xmlSecReplaceNodeAndReturn
-							(xmlNodePtr node,
-						         xmlNodePtr newNode,
-						         xmlNodePtr* replaced);
-XMLSEC_EXPORT int		xmlSecReplaceContent	(xmlNodePtr node,
-							 xmlNodePtr newNode);
-XMLSEC_EXPORT int		xmlSecReplaceContentAndReturn
-							(xmlNodePtr node,
-							 xmlNodePtr newNode,
-							 xmlNodePtr* replaced);
-XMLSEC_EXPORT int		xmlSecReplaceNodeBuffer	(xmlNodePtr node,
-							 const xmlSecByte *buffer, 
-							 xmlSecSize size);
-XMLSEC_EXPORT int		xmlSecReplaceNodeBufferAndReturn
-							(xmlNodePtr node,
-							 const xmlSecByte *buffer, 
-							 xmlSecSize size,
-							 xmlNodePtr* replaced);
-XMLSEC_EXPORT int		xmlSecNodeEncodeAndSetContent
-							(xmlNodePtr node,
-							 const xmlChar *buffer);
-XMLSEC_EXPORT void		xmlSecAddIDs		(xmlDocPtr doc,
-							 xmlNodePtr cur,
-							 const xmlChar** ids);
-XMLSEC_EXPORT int		xmlSecGenerateAndAddID	(xmlNodePtr node,
-							 const xmlChar* attrName,
-							 const xmlChar* prefix,
-							 xmlSecSize len);
-XMLSEC_EXPORT xmlChar*		xmlSecGenerateID	(const xmlChar* prefix,
-							 xmlSecSize len);
+XMLSEC_EXPORT int               xmlSecReplaceNode       (xmlNodePtr node,
+                                                         xmlNodePtr newNode);
+XMLSEC_EXPORT int               xmlSecReplaceNodeAndReturn
+                                                        (xmlNodePtr node,
+                                                         xmlNodePtr newNode,
+                                                         xmlNodePtr* replaced);
+XMLSEC_EXPORT int               xmlSecReplaceContent    (xmlNodePtr node,
+                                                         xmlNodePtr newNode);
+XMLSEC_EXPORT int               xmlSecReplaceContentAndReturn
+                                                        (xmlNodePtr node,
+                                                         xmlNodePtr newNode,
+                                                         xmlNodePtr* replaced);
+XMLSEC_EXPORT int               xmlSecReplaceNodeBuffer (xmlNodePtr node,
+                                                         const xmlSecByte *buffer,
+                                                         xmlSecSize size);
+XMLSEC_EXPORT int               xmlSecReplaceNodeBufferAndReturn
+                                                        (xmlNodePtr node,
+                                                         const xmlSecByte *buffer,
+                                                         xmlSecSize size,
+                                                         xmlNodePtr* replaced);
+XMLSEC_EXPORT int               xmlSecNodeEncodeAndSetContent
+                                                        (xmlNodePtr node,
+                                                         const xmlChar *buffer);
+XMLSEC_EXPORT void              xmlSecAddIDs            (xmlDocPtr doc,
+                                                         xmlNodePtr cur,
+                                                         const xmlChar** ids);
+XMLSEC_EXPORT int               xmlSecGenerateAndAddID  (xmlNodePtr node,
+                                                         const xmlChar* attrName,
+                                                         const xmlChar* prefix,
+                                                         xmlSecSize len);
+XMLSEC_EXPORT xmlChar*          xmlSecGenerateID        (const xmlChar* prefix,
+                                                         xmlSecSize len);
 
-XMLSEC_EXPORT xmlDocPtr		xmlSecCreateTree	(const xmlChar* rootNodeName,
-							 const xmlChar* rootNodeNs);
-XMLSEC_EXPORT int		xmlSecIsEmptyNode	(xmlNodePtr node);
-XMLSEC_EXPORT int		xmlSecIsEmptyString	(const xmlChar* str);
-XMLSEC_EXPORT xmlChar*		xmlSecGetQName		(xmlNodePtr node,
-							 const xmlChar* href,
-							 const xmlChar* local);
+XMLSEC_EXPORT xmlDocPtr         xmlSecCreateTree        (const xmlChar* rootNodeName,
+                                                         const xmlChar* rootNodeNs);
+XMLSEC_EXPORT int               xmlSecIsEmptyNode       (xmlNodePtr node);
+XMLSEC_EXPORT int               xmlSecIsEmptyString     (const xmlChar* str);
+XMLSEC_EXPORT xmlChar*          xmlSecGetQName          (xmlNodePtr node,
+                                                         const xmlChar* href,
+                                                         const xmlChar* local);
 
 
 XMLSEC_EXPORT int               xmlSecPrintXmlString    (FILE * fd,
@@ -103,8 +103,8 @@ XMLSEC_EXPORT int               xmlSecPrintXmlString    (FILE * fd,
 
 /**
  * xmlSecIsHex:
- * @c: 			the character.
- * 
+ * @c:                  the character.
+ *
  * Macro. Returns 1 if @c is a hex digit or 0 other wise.
  */
 #define xmlSecIsHex(c) \
@@ -114,7 +114,7 @@ XMLSEC_EXPORT int               xmlSecPrintXmlString    (FILE * fd,
 
 /**
  * xmlSecGetHex:
- * @c: 			the character,
+ * @c:                  the character,
  *
  * Macro. Returns the hex value of the @c.
  */
@@ -129,19 +129,19 @@ XMLSEC_EXPORT int               xmlSecPrintXmlString    (FILE * fd,
  *
  ************************************************************************/
 
-/** 
+/**
  * xmlSecQName2IntegerInfo:
- * @qnameHref:		the QName href
- * @qnameLocalPart:	the QName local
- * @intValue:		the integer value
- * 
+ * @qnameHref:          the QName href
+ * @qnameLocalPart:     the QName local
+ * @intValue:           the integer value
+ *
  * QName <-> Integer conversion definition.
  */
-typedef struct _xmlSecQName2IntegerInfo  	xmlSecQName2IntegerInfo, *xmlSecQName2IntegerInfoPtr;
+typedef struct _xmlSecQName2IntegerInfo         xmlSecQName2IntegerInfo, *xmlSecQName2IntegerInfoPtr;
 struct _xmlSecQName2IntegerInfo {
     const xmlChar*      qnameHref;
     const xmlChar*      qnameLocalPart;
-    int       		intValue;
+    int                 intValue;
 };
 
 /**
@@ -149,48 +149,48 @@ struct _xmlSecQName2IntegerInfo {
  *
  * Pointer to constant QName <-> Integer conversion definition.
  */
-typedef const xmlSecQName2IntegerInfo *		xmlSecQName2IntegerInfoConstPtr;
+typedef const xmlSecQName2IntegerInfo *         xmlSecQName2IntegerInfoConstPtr;
 
-XMLSEC_EXPORT xmlSecQName2IntegerInfoConstPtr xmlSecQName2IntegerGetInfo	
-								(xmlSecQName2IntegerInfoConstPtr info,
-								 int intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerGetInteger	(xmlSecQName2IntegerInfoConstPtr info,
-								 const xmlChar* qnameHref,
-								 const xmlChar* qnameLocalPart,
-								 int* intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerGetIntegerFromString	
-								(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* qname,
-								 int* intValue);
-XMLSEC_EXPORT xmlChar* 		xmlSecQName2IntegerGetStringFromInteger
-								(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 int intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerNodeRead	(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 int* intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerNodeWrite	(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* nodeName,
-								 const xmlChar* nodeNs,
-								 int intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerAttributeRead(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* attrName,
-								 int* intValue);
-XMLSEC_EXPORT int		xmlSecQName2IntegerAttributeWrite(xmlSecQName2IntegerInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* attrName,
-								 int intValue);
-XMLSEC_EXPORT void		xmlSecQName2IntegerDebugDump	(xmlSecQName2IntegerInfoConstPtr info,
-								 int intValue,
-								 const xmlChar* name,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecQName2IntegerDebugXmlDump(xmlSecQName2IntegerInfoConstPtr info,
-								 int intValue,
-								 const xmlChar* name,
-								 FILE* output);
+XMLSEC_EXPORT xmlSecQName2IntegerInfoConstPtr xmlSecQName2IntegerGetInfo
+                                                                (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 int intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerGetInteger   (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 const xmlChar* qnameHref,
+                                                                 const xmlChar* qnameLocalPart,
+                                                                 int* intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerGetIntegerFromString
+                                                                (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* qname,
+                                                                 int* intValue);
+XMLSEC_EXPORT xmlChar*          xmlSecQName2IntegerGetStringFromInteger
+                                                                (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 int intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerNodeRead     (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 int* intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerNodeWrite    (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* nodeName,
+                                                                 const xmlChar* nodeNs,
+                                                                 int intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerAttributeRead(xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* attrName,
+                                                                 int* intValue);
+XMLSEC_EXPORT int               xmlSecQName2IntegerAttributeWrite(xmlSecQName2IntegerInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* attrName,
+                                                                 int intValue);
+XMLSEC_EXPORT void              xmlSecQName2IntegerDebugDump    (xmlSecQName2IntegerInfoConstPtr info,
+                                                                 int intValue,
+                                                                 const xmlChar* name,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecQName2IntegerDebugXmlDump(xmlSecQName2IntegerInfoConstPtr info,
+                                                                 int intValue,
+                                                                 const xmlChar* name,
+                                                                 FILE* output);
 
 /*************************************************************************
  *
@@ -198,22 +198,22 @@ XMLSEC_EXPORT void		xmlSecQName2IntegerDebugXmlDump(xmlSecQName2IntegerInfoConst
  *
  ************************************************************************/
 
-/** 
+/**
  * xmlSecBitMask:
- * 
+ *
  * Bitmask datatype.
  */
-typedef unsigned int                            	xmlSecBitMask;
+typedef unsigned int                                    xmlSecBitMask;
 
-/** 
+/**
  * xmlSecQName2BitMaskInfo:
- * @qnameHref:		the QName href
- * @qnameLocalPart:	the QName local
- * @mask:		the bitmask value
- * 
+ * @qnameHref:          the QName href
+ * @qnameLocalPart:     the QName local
+ * @mask:               the bitmask value
+ *
  * QName <-> Bitmask conversion definition.
  */
-typedef struct _xmlSecQName2BitMaskInfo 	xmlSecQName2BitMaskInfo, *xmlSecQName2BitMaskInfoPtr;
+typedef struct _xmlSecQName2BitMaskInfo         xmlSecQName2BitMaskInfo, *xmlSecQName2BitMaskInfoPtr;
 
 struct _xmlSecQName2BitMaskInfo {
     const xmlChar*      qnameHref;
@@ -221,50 +221,50 @@ struct _xmlSecQName2BitMaskInfo {
     xmlSecBitMask       mask;
 };
 
-/** 
+/**
  * xmlSecQName2BitMaskInfoConstPtr:
- * 
+ *
  * Pointer to constant QName <-> Bitmask conversion definition.
  */
-typedef const xmlSecQName2BitMaskInfo*		xmlSecQName2BitMaskInfoConstPtr;
+typedef const xmlSecQName2BitMaskInfo*          xmlSecQName2BitMaskInfoConstPtr;
+
+XMLSEC_EXPORT xmlSecQName2BitMaskInfoConstPtr xmlSecQName2BitMaskGetInfo
+                                                                (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlSecBitMask mask);
+XMLSEC_EXPORT int               xmlSecQName2BitMaskGetBitMask   (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 const xmlChar* qnameLocalPart,
+                                                                 const xmlChar* qnameHref,
+                                                                 xmlSecBitMask* mask);
+XMLSEC_EXPORT int               xmlSecQName2BitMaskNodesRead    (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlNodePtr* node,
+                                                                 const xmlChar* nodeName,
+                                                                 const xmlChar* nodeNs,
+                                                                 int stopOnUnknown,
+                                                                 xmlSecBitMask* mask);
+XMLSEC_EXPORT int               xmlSecQName2BitMaskGetBitMaskFromString
+                                                                (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* qname,
+                                                                 xmlSecBitMask* mask);
+XMLSEC_EXPORT xmlChar*          xmlSecQName2BitMaskGetStringFromBitMask
+                                                                (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecBitMask mask);
+XMLSEC_EXPORT int               xmlSecQName2BitMaskNodesWrite   (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlNodePtr node,
+                                                                 const xmlChar* nodeName,
+                                                                 const xmlChar* nodeNs,
+                                                                 xmlSecBitMask mask);
+XMLSEC_EXPORT void              xmlSecQName2BitMaskDebugDump    (xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlSecBitMask mask,
+                                                                 const xmlChar* name,
+                                                                 FILE* output);
+XMLSEC_EXPORT void              xmlSecQName2BitMaskDebugXmlDump(xmlSecQName2BitMaskInfoConstPtr info,
+                                                                 xmlSecBitMask mask,
+                                                                 const xmlChar* name,
+                                                                 FILE* output);
 
-XMLSEC_EXPORT xmlSecQName2BitMaskInfoConstPtr xmlSecQName2BitMaskGetInfo	
-								(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlSecBitMask mask);
-XMLSEC_EXPORT int		xmlSecQName2BitMaskGetBitMask	(xmlSecQName2BitMaskInfoConstPtr info,
-								 const xmlChar* qnameLocalPart,
-								 const xmlChar* qnameHref,
-								 xmlSecBitMask* mask);
-XMLSEC_EXPORT int		xmlSecQName2BitMaskNodesRead	(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlNodePtr* node,
-								 const xmlChar* nodeName,
-								 const xmlChar* nodeNs,
-								 int stopOnUnknown,
-								 xmlSecBitMask* mask);
-XMLSEC_EXPORT int		xmlSecQName2BitMaskGetBitMaskFromString	
-								(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* qname,
-								 xmlSecBitMask* mask);
-XMLSEC_EXPORT xmlChar* 		xmlSecQName2BitMaskGetStringFromBitMask
-								(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlNodePtr node,
-								 xmlSecBitMask mask);
-XMLSEC_EXPORT int		xmlSecQName2BitMaskNodesWrite	(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlNodePtr node,
-								 const xmlChar* nodeName,
-								 const xmlChar* nodeNs,
-								 xmlSecBitMask mask);
-XMLSEC_EXPORT void		xmlSecQName2BitMaskDebugDump	(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlSecBitMask mask,
-								 const xmlChar* name,
-								 FILE* output);
-XMLSEC_EXPORT void		xmlSecQName2BitMaskDebugXmlDump(xmlSecQName2BitMaskInfoConstPtr info,
-								 xmlSecBitMask mask,
-								 const xmlChar* name,
-								 FILE* output);
 
-								 
 
 
 #ifdef __cplusplus
diff --git a/install-sh b/install-sh
index ebc66913..a9244eb0 100755
--- a/install-sh
+++ b/install-sh
@@ -1,250 +1,527 @@
-#! /bin/sh
-#
+#!/bin/sh
 # install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
+
+scriptversion=2011-01-19.21; # UTC
+
+# This originates from X11R5 (mit/util/scripts/install.sh), which was
+# later released in X11R6 (xc/config/util/install.sh) with the
+# following copyright and license.
+#
+# Copyright (C) 1994 X Consortium
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
+# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
+# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-# Copyright 1991 by the Massachusetts Institute of Technology
+# Except as contained in this notice, the name of the X Consortium shall not
+# be used in advertising or otherwise to promote the sale, use or other deal-
+# ings in this Software without prior written authorization from the X Consor-
+# tium.
 #
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission.  M.I.T. makes no representations about the
-# suitability of this software for any purpose.  It is provided "as is"
-# without express or implied warranty.
+#
+# FSF changes to this file are in the public domain.
 #
 # Calling this script install-sh is preferred over install.sh, to prevent
 # `make' implicit rules from creating a file called install from it
 # when there is no Makefile.
 #
 # This script is compatible with the BSD install script, but was written
-# from scratch.  It can only install one file at a time, a restriction
-# shared with many OS's install programs.
+# from scratch.
 
+nl='
+'
+IFS=" ""	$nl"
 
 # set DOITPROG to echo to test this script
 
 # Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
-    case $1 in
-	-c) instcmd="$cpprog"
-	    shift
-	    continue;;
-
-	-d) dir_arg=true
-	    shift
-	    continue;;
-
-	-m) chmodcmd="$chmodprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-o) chowncmd="$chownprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-g) chgrpcmd="$chgrpprog $2"
-	    shift
-	    shift
-	    continue;;
-
-	-s) stripcmd="$stripprog"
-	    shift
-	    continue;;
-
-	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
-	    shift
-	    continue;;
-
-	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
-	    shift
-	    continue;;
-
-	*)  if [ x"$src" = x ]
-	    then
-		src=$1
-	    else
-		# this colon is to work around a 386BSD /bin/sh bug
-		:
-		dst=$1
-	    fi
-	    shift
-	    continue;;
-    esac
-done
-
-if [ x"$src" = x ]
-then
-	echo "install:	no input file specified"
-	exit 1
+doit=${DOITPROG-}
+if test -z "$doit"; then
+  doit_exec=exec
 else
-	true
+  doit_exec=$doit
 fi
 
-if [ x"$dir_arg" != x ]; then
-	dst=$src
-	src=""
-	
-	if [ -d $dst ]; then
-		instcmd=:
-	else
-		instcmd=mkdir
-	fi
-else
+# Put in absolute file names if you don't have them in your path;
+# or use environment vars.
+
+chgrpprog=${CHGRPPROG-chgrp}
+chmodprog=${CHMODPROG-chmod}
+chownprog=${CHOWNPROG-chown}
+cmpprog=${CMPPROG-cmp}
+cpprog=${CPPROG-cp}
+mkdirprog=${MKDIRPROG-mkdir}
+mvprog=${MVPROG-mv}
+rmprog=${RMPROG-rm}
+stripprog=${STRIPPROG-strip}
+
+posix_glob='?'
+initialize_posix_glob='
+  test "$posix_glob" != "?" || {
+    if (set -f) 2>/dev/null; then
+      posix_glob=
+    else
+      posix_glob=:
+    fi
+  }
+'
 
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad 
-# if $src (and thus $dsttmp) contains '*'.
+posix_mkdir=
 
-	if [ -f $src -o -d $src ]
-	then
-		true
-	else
-		echo "install:  $src does not exist"
-		exit 1
-	fi
-	
-	if [ x"$dst" = x ]
-	then
-		echo "install:	no destination specified"
-		exit 1
-	else
-		true
-	fi
+# Desired mode of installed file.
+mode=0755
 
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
+chgrpcmd=
+chmodcmd=$chmodprog
+chowncmd=
+mvcmd=$mvprog
+rmcmd="$rmprog -f"
+stripcmd=
 
-	if [ -d $dst ]
-	then
-		dst="$dst"/`basename $src`
-	else
-		true
-	fi
-fi
+src=
+dst=
+dir_arg=
+dst_arg=
 
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+copy_on_change=false
+no_target_directory=
 
-# Make sure that the destination directory exists.
-#  this part is taken from Noah Friedman's mkinstalldirs script
+usage="\
+Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
+   or: $0 [OPTION]... SRCFILES... DIRECTORY
+   or: $0 [OPTION]... -t DIRECTORY SRCFILES...
+   or: $0 [OPTION]... -d DIRECTORIES...
 
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='	
-'
-IFS="${IFS-${defaultIFS}}"
+In the 1st form, copy SRCFILE to DSTFILE.
+In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
+In the 4th, create DIRECTORIES.
 
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
+Options:
+     --help     display this help and exit.
+     --version  display version info and exit.
 
-pathcomp=''
+  -c            (ignored)
+  -C            install only if different (preserve the last data modification time)
+  -d            create directories instead of installing files.
+  -g GROUP      $chgrpprog installed files to GROUP.
+  -m MODE       $chmodprog installed files to MODE.
+  -o USER       $chownprog installed files to USER.
+  -s            $stripprog installed files.
+  -t DIRECTORY  install into DIRECTORY.
+  -T            report an error if DSTFILE is a directory.
 
-while [ $# -ne 0 ] ; do
-	pathcomp="${pathcomp}${1}"
-	shift
+Environment variables override the default commands:
+  CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
+  RMPROG STRIPPROG
+"
 
-	if [ ! -d "${pathcomp}" ] ;
-        then
-		$mkdirprog "${pathcomp}"
-	else
-		true
-	fi
+while test $# -ne 0; do
+  case $1 in
+    -c) ;;
 
-	pathcomp="${pathcomp}/"
-done
-fi
+    -C) copy_on_change=true;;
 
-if [ x"$dir_arg" != x ]
-then
-	$doit $instcmd $dst &&
+    -d) dir_arg=true;;
 
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
+    -g) chgrpcmd="$chgrpprog $2"
+	shift;;
 
-# If we're going to rename the final executable, determine the name now.
+    --help) echo "$usage"; exit $?;;
 
-	if [ x"$transformarg" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		dstfile=`basename $dst $transformbasename | 
-			sed $transformarg`$transformbasename
-	fi
+    -m) mode=$2
+	case $mode in
+	  *' '* | *'	'* | *'
+'*	  | *'*'* | *'?'* | *'['*)
+	    echo "$0: invalid mode: $mode" >&2
+	    exit 1;;
+	esac
+	shift;;
 
-# don't allow the sed command to completely eliminate the filename
+    -o) chowncmd="$chownprog $2"
+	shift;;
 
-	if [ x"$dstfile" = x ] 
-	then
-		dstfile=`basename $dst`
-	else
-		true
-	fi
+    -s) stripcmd=$stripprog;;
 
-# Make a temp file name in the proper directory.
+    -t) dst_arg=$2
+	# Protect names problematic for `test' and other utilities.
+	case $dst_arg in
+	  -* | [=\(\)!]) dst_arg=./$dst_arg;;
+	esac
+	shift;;
 
-	dsttmp=$dstdir/#inst.$$#
+    -T) no_target_directory=true;;
 
-# Move or copy the file name to the temp name
+    --version) echo "$0 $scriptversion"; exit $?;;
 
-	$doit $instcmd $src $dsttmp &&
+    --)	shift
+	break;;
 
-	trap "rm -f ${dsttmp}" 0 &&
+    -*)	echo "$0: invalid option: $1" >&2
+	exit 1;;
 
-# and set any options; do chmod last to preserve setuid bits
+    *)  break;;
+  esac
+  shift
+done
 
-# If any of these fail, we abort the whole thing.  If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
+if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
+  # When -d is used, all remaining arguments are directories to create.
+  # When -t is used, the destination is already specified.
+  # Otherwise, the last argument is the destination.  Remove it from $@.
+  for arg
+  do
+    if test -n "$dst_arg"; then
+      # $@ is not empty: it contains at least $arg.
+      set fnord "$@" "$dst_arg"
+      shift # fnord
+    fi
+    shift # arg
+    dst_arg=$arg
+    # Protect names problematic for `test' and other utilities.
+    case $dst_arg in
+      -* | [=\(\)!]) dst_arg=./$dst_arg;;
+    esac
+  done
+fi
 
-	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
-	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
-	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
-	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+if test $# -eq 0; then
+  if test -z "$dir_arg"; then
+    echo "$0: no input file specified." >&2
+    exit 1
+  fi
+  # It's OK to call `install-sh -d' without argument.
+  # This can happen when creating conditional directories.
+  exit 0
+fi
 
-# Now rename the file to the real destination.
+if test -z "$dir_arg"; then
+  do_exit='(exit $ret); exit $ret'
+  trap "ret=129; $do_exit" 1
+  trap "ret=130; $do_exit" 2
+  trap "ret=141; $do_exit" 13
+  trap "ret=143; $do_exit" 15
+
+  # Set umask so as not to create temps with too-generous modes.
+  # However, 'strip' requires both read and write access to temps.
+  case $mode in
+    # Optimize common cases.
+    *644) cp_umask=133;;
+    *755) cp_umask=22;;
+
+    *[0-7])
+      if test -z "$stripcmd"; then
+	u_plus_rw=
+      else
+	u_plus_rw='% 200'
+      fi
+      cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
+    *)
+      if test -z "$stripcmd"; then
+	u_plus_rw=
+      else
+	u_plus_rw=,u+rw
+      fi
+      cp_umask=$mode$u_plus_rw;;
+  esac
+fi
 
-	$doit $rmcmd -f $dstdir/$dstfile &&
-	$doit $mvcmd $dsttmp $dstdir/$dstfile 
+for src
+do
+  # Protect names problematic for `test' and other utilities.
+  case $src in
+    -* | [=\(\)!]) src=./$src;;
+  esac
+
+  if test -n "$dir_arg"; then
+    dst=$src
+    dstdir=$dst
+    test -d "$dstdir"
+    dstdir_status=$?
+  else
+
+    # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
+    # might cause directories to be created, which would be especially bad
+    # if $src (and thus $dsttmp) contains '*'.
+    if test ! -f "$src" && test ! -d "$src"; then
+      echo "$0: $src does not exist." >&2
+      exit 1
+    fi
+
+    if test -z "$dst_arg"; then
+      echo "$0: no destination specified." >&2
+      exit 1
+    fi
+    dst=$dst_arg
+
+    # If destination is a directory, append the input filename; won't work
+    # if double slashes aren't ignored.
+    if test -d "$dst"; then
+      if test -n "$no_target_directory"; then
+	echo "$0: $dst_arg: Is a directory" >&2
+	exit 1
+      fi
+      dstdir=$dst
+      dst=$dstdir/`basename "$src"`
+      dstdir_status=0
+    else
+      # Prefer dirname, but fall back on a substitute if dirname fails.
+      dstdir=`
+	(dirname "$dst") 2>/dev/null ||
+	expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	     X"$dst" : 'X\(//\)[^/]' \| \
+	     X"$dst" : 'X\(//\)$' \| \
+	     X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
+	echo X"$dst" |
+	    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\/\)[^/].*/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\/\)$/{
+		   s//\1/
+		   q
+		 }
+		 /^X\(\/\).*/{
+		   s//\1/
+		   q
+		 }
+		 s/.*/./; q'
+      `
+
+      test -d "$dstdir"
+      dstdir_status=$?
+    fi
+  fi
+
+  obsolete_mkdir_used=false
+
+  if test $dstdir_status != 0; then
+    case $posix_mkdir in
+      '')
+	# Create intermediate dirs using mode 755 as modified by the umask.
+	# This is like FreeBSD 'install' as of 1997-10-28.
+	umask=`umask`
+	case $stripcmd.$umask in
+	  # Optimize common cases.
+	  *[2367][2367]) mkdir_umask=$umask;;
+	  .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
+
+	  *[0-7])
+	    mkdir_umask=`expr $umask + 22 \
+	      - $umask % 100 % 40 + $umask % 20 \
+	      - $umask % 10 % 4 + $umask % 2
+	    `;;
+	  *) mkdir_umask=$umask,go-w;;
+	esac
+
+	# With -d, create the new directory with the user-specified mode.
+	# Otherwise, rely on $mkdir_umask.
+	if test -n "$dir_arg"; then
+	  mkdir_mode=-m$mode
+	else
+	  mkdir_mode=
+	fi
 
-fi &&
+	posix_mkdir=false
+	case $umask in
+	  *[123567][0-7][0-7])
+	    # POSIX mkdir -p sets u+wx bits regardless of umask, which
+	    # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
+	    ;;
+	  *)
+	    tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
+	    trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
+
+	    if (umask $mkdir_umask &&
+		exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
+	    then
+	      if test -z "$dir_arg" || {
+		   # Check for POSIX incompatibilities with -m.
+		   # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
+		   # other-writeable bit of parent directory when it shouldn't.
+		   # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
+		   ls_ld_tmpdir=`ls -ld "$tmpdir"`
+		   case $ls_ld_tmpdir in
+		     d????-?r-*) different_mode=700;;
+		     d????-?--*) different_mode=755;;
+		     *) false;;
+		   esac &&
+		   $mkdirprog -m$different_mode -p -- "$tmpdir" && {
+		     ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
+		     test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
+		   }
+		 }
+	      then posix_mkdir=:
+	      fi
+	      rmdir "$tmpdir/d" "$tmpdir"
+	    else
+	      # Remove any dirs left behind by ancient mkdir implementations.
+	      rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
+	    fi
+	    trap '' 0;;
+	esac;;
+    esac
 
+    if
+      $posix_mkdir && (
+	umask $mkdir_umask &&
+	$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
+      )
+    then :
+    else
+
+      # The umask is ridiculous, or mkdir does not conform to POSIX,
+      # or it failed possibly due to a race condition.  Create the
+      # directory the slow way, step by step, checking for races as we go.
+
+      case $dstdir in
+	/*) prefix='/';;
+	[-=\(\)!]*) prefix='./';;
+	*)  prefix='';;
+      esac
+
+      eval "$initialize_posix_glob"
+
+      oIFS=$IFS
+      IFS=/
+      $posix_glob set -f
+      set fnord $dstdir
+      shift
+      $posix_glob set +f
+      IFS=$oIFS
+
+      prefixes=
+
+      for d
+      do
+	test X"$d" = X && continue
+
+	prefix=$prefix$d
+	if test -d "$prefix"; then
+	  prefixes=
+	else
+	  if $posix_mkdir; then
+	    (umask=$mkdir_umask &&
+	     $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
+	    # Don't fail if two instances are running concurrently.
+	    test -d "$prefix" || exit 1
+	  else
+	    case $prefix in
+	      *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
+	      *) qprefix=$prefix;;
+	    esac
+	    prefixes="$prefixes '$qprefix'"
+	  fi
+	fi
+	prefix=$prefix/
+      done
+
+      if test -n "$prefixes"; then
+	# Don't fail if two instances are running concurrently.
+	(umask $mkdir_umask &&
+	 eval "\$doit_exec \$mkdirprog $prefixes") ||
+	  test -d "$dstdir" || exit 1
+	obsolete_mkdir_used=true
+      fi
+    fi
+  fi
+
+  if test -n "$dir_arg"; then
+    { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
+    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
+    { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
+      test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
+  else
+
+    # Make a couple of temp file names in the proper directory.
+    dsttmp=$dstdir/_inst.$$_
+    rmtmp=$dstdir/_rm.$$_
+
+    # Trap to clean up those temp files at exit.
+    trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
+
+    # Copy the file name to the temp name.
+    (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
+
+    # and set any options; do chmod last to preserve setuid bits.
+    #
+    # If any of these fail, we abort the whole thing.  If we want to
+    # ignore errors from any of these, just make sure not to ignore
+    # errors from the above "$doit $cpprog $src $dsttmp" command.
+    #
+    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
+    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
+    { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
+    { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
+
+    # If -C, don't bother to copy if it wouldn't change the file.
+    if $copy_on_change &&
+       old=`LC_ALL=C ls -dlL "$dst"	2>/dev/null` &&
+       new=`LC_ALL=C ls -dlL "$dsttmp"	2>/dev/null` &&
+
+       eval "$initialize_posix_glob" &&
+       $posix_glob set -f &&
+       set X $old && old=:$2:$4:$5:$6 &&
+       set X $new && new=:$2:$4:$5:$6 &&
+       $posix_glob set +f &&
+
+       test "$old" = "$new" &&
+       $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
+    then
+      rm -f "$dsttmp"
+    else
+      # Rename the file to the real destination.
+      $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
+
+      # The rename failed, perhaps because mv can't rename something else
+      # to itself, or perhaps because mv is so ancient that it does not
+      # support -f.
+      {
+	# Now remove or move aside any old file at destination location.
+	# We try this two ways since rm can't unlink itself on some
+	# systems and the destination file might be busy for other
+	# reasons.  In this case, the final cleanup might fail but the new
+	# file should still install successfully.
+	{
+	  test ! -f "$dst" ||
+	  $doit $rmcmd -f "$dst" 2>/dev/null ||
+	  { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
+	    { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
+	  } ||
+	  { echo "$0: cannot unlink or rename $dst" >&2
+	    (exit 1); exit 1
+	  }
+	} &&
+
+	# Now rename the file to the real destination.
+	$doit $mvcmd "$dsttmp" "$dst"
+      }
+    fi || exit 1
+
+    trap '' 0
+  fi
+done
 
-exit 0
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/ltmain.sh b/ltmain.sh
index 3506ead3..c2852d85 100755..100644
--- a/ltmain.sh
+++ b/ltmain.sh
@@ -1,9 +1,9 @@
-# Generated from ltmain.m4sh.
 
-# ltmain.sh (GNU libtool) 2.2.6
+# libtool (GNU libtool) 2.4.2
 # Written by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
 
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007 2008 Free Software Foundation, Inc.
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006,
+# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
 # This is free software; see the source for copying conditions.  There is NO
 # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
@@ -32,50 +32,57 @@
 #
 # Provide generalized library-building support services.
 #
-#     --config             show all configuration variables
-#     --debug              enable verbose shell tracing
-# -n, --dry-run            display commands without modifying any files
-#     --features           display basic configuration information and exit
-#     --mode=MODE          use operation mode MODE
-#     --preserve-dup-deps  don't remove duplicate dependency libraries
-#     --quiet, --silent    don't print informational messages
-#     --tag=TAG            use configuration variables from tag TAG
-# -v, --verbose            print informational messages (default)
-#     --version            print version information
-# -h, --help               print short or long help message
+#       --config             show all configuration variables
+#       --debug              enable verbose shell tracing
+#   -n, --dry-run            display commands without modifying any files
+#       --features           display basic configuration information and exit
+#       --mode=MODE          use operation mode MODE
+#       --preserve-dup-deps  don't remove duplicate dependency libraries
+#       --quiet, --silent    don't print informational messages
+#       --no-quiet, --no-silent
+#                            print informational messages (default)
+#       --no-warn            don't display warning messages
+#       --tag=TAG            use configuration variables from tag TAG
+#   -v, --verbose            print more informational messages than default
+#       --no-verbose         don't print the extra informational messages
+#       --version            print version information
+#   -h, --help, --help-all   print short, long, or detailed help message
 #
 # MODE must be one of the following:
 #
-#       clean              remove files from the build directory
-#       compile            compile a source file into a libtool object
-#       execute            automatically set library path, then run a program
-#       finish             complete the installation of libtool libraries
-#       install            install libraries or executables
-#       link               create a library or an executable
-#       uninstall          remove libraries from an installed directory
+#         clean              remove files from the build directory
+#         compile            compile a source file into a libtool object
+#         execute            automatically set library path, then run a program
+#         finish             complete the installation of libtool libraries
+#         install            install libraries or executables
+#         link               create a library or an executable
+#         uninstall          remove libraries from an installed directory
 #
-# MODE-ARGS vary depending on the MODE.
+# MODE-ARGS vary depending on the MODE.  When passed as first option,
+# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that.
 # Try `$progname --help --mode=MODE' for a more detailed description of MODE.
 #
 # When reporting a bug, please describe a test case to reproduce it and
 # include the following information:
 #
-#       host-triplet:	$host
-#       shell:		$SHELL
-#       compiler:		$LTCC
-#       compiler flags:		$LTCFLAGS
-#       linker:		$LD (gnu? $with_gnu_ld)
-#       $progname:		(GNU libtool) 2.2.6 Debian-2.2.6a-4
-#       automake:		$automake_version
-#       autoconf:		$autoconf_version
+#         host-triplet:	$host
+#         shell:		$SHELL
+#         compiler:		$LTCC
+#         compiler flags:		$LTCFLAGS
+#         linker:		$LD (gnu? $with_gnu_ld)
+#         $progname:	(GNU libtool) 2.4.2 Debian-2.4.2-1ubuntu1
+#         automake:	$automake_version
+#         autoconf:	$autoconf_version
 #
 # Report bugs to <bug-libtool@gnu.org>.
+# GNU libtool home page: <http://www.gnu.org/software/libtool/>.
+# General help using GNU software: <http://www.gnu.org/gethelp/>.
 
-PROGRAM=ltmain.sh
+PROGRAM=libtool
 PACKAGE=libtool
-VERSION="2.2.6 Debian-2.2.6a-4"
+VERSION="2.4.2 Debian-2.4.2-1ubuntu1"
 TIMESTAMP=""
-package_revision=1.3012
+package_revision=1.3337
 
 # Be Bourne compatible
 if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
@@ -91,10 +98,15 @@ fi
 BIN_SH=xpg4; export BIN_SH # for Tru64
 DUALCASE=1; export DUALCASE # for MKS sh
 
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+}
+
 # NLS nuisances: We save the old values to restore during execute mode.
-# Only set LANG and LC_ALL to C if already set.
-# These must not be set unconditionally because not all systems understand
-# e.g. LANG=C (notably SCO).
 lt_user_locale=
 lt_safe_locale=
 for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
@@ -107,24 +119,28 @@ do
 	  lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\"
 	fi"
 done
+LC_ALL=C
+LANGUAGE=C
+export LANGUAGE LC_ALL
 
 $lt_unset CDPATH
 
 
+# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
+# is ksh but when the shell is invoked as "sh" and the current value of
+# the _XPG environment variable is not equal to 1 (one), the special
+# positional parameter $0, within a function call, is the name of the
+# function.
+progpath="$0"
 
 
 
 : ${CP="cp -f"}
-: ${ECHO="echo"}
-: ${EGREP="/bin/grep -E"}
-: ${FGREP="/bin/grep -F"}
-: ${GREP="/bin/grep"}
-: ${LN_S="ln -s"}
+test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'}
 : ${MAKE="make"}
 : ${MKDIR="mkdir"}
 : ${MV="mv -f"}
 : ${RM="rm -f"}
-: ${SED="/bin/sed"}
 : ${SHELL="${CONFIG_SHELL-/bin/sh}"}
 : ${Xsed="$SED -e 1s/^X//"}
 
@@ -144,6 +160,27 @@ IFS=" 	$lt_nl"
 dirname="s,/[^/]*$,,"
 basename="s,^.*/,,"
 
+# func_dirname file append nondir_replacement
+# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
+# otherwise set result to NONDIR_REPLACEMENT.
+func_dirname ()
+{
+    func_dirname_result=`$ECHO "${1}" | $SED "$dirname"`
+    if test "X$func_dirname_result" = "X${1}"; then
+      func_dirname_result="${3}"
+    else
+      func_dirname_result="$func_dirname_result${2}"
+    fi
+} # func_dirname may be replaced by extended shell implementation
+
+
+# func_basename file
+func_basename ()
+{
+    func_basename_result=`$ECHO "${1}" | $SED "$basename"`
+} # func_basename may be replaced by extended shell implementation
+
+
 # func_dirname_and_basename file append nondir_replacement
 # perform func_basename and func_dirname in a single function
 # call:
@@ -158,33 +195,183 @@ basename="s,^.*/,,"
 # those functions but instead duplicate the functionality here.
 func_dirname_and_basename ()
 {
-  # Extract subdirectory from the argument.
-  func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
-  if test "X$func_dirname_result" = "X${1}"; then
-    func_dirname_result="${3}"
-  else
-    func_dirname_result="$func_dirname_result${2}"
-  fi
-  func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
+    # Extract subdirectory from the argument.
+    func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"`
+    if test "X$func_dirname_result" = "X${1}"; then
+      func_dirname_result="${3}"
+    else
+      func_dirname_result="$func_dirname_result${2}"
+    fi
+    func_basename_result=`$ECHO "${1}" | $SED -e "$basename"`
+} # func_dirname_and_basename may be replaced by extended shell implementation
+
+
+# func_stripname prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+# func_strip_suffix prefix name
+func_stripname ()
+{
+    case ${2} in
+      .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+      *)  func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
+    esac
+} # func_stripname may be replaced by extended shell implementation
+
+
+# These SED scripts presuppose an absolute path with a trailing slash.
+pathcar='s,^/\([^/]*\).*$,\1,'
+pathcdr='s,^/[^/]*,,'
+removedotparts=':dotsl
+		s@/\./@/@g
+		t dotsl
+		s,/\.$,/,'
+collapseslashes='s@/\{1,\}@/@g'
+finalslash='s,/*$,/,'
+
+# func_normal_abspath PATH
+# Remove doubled-up and trailing slashes, "." path components,
+# and cancel out any ".." path components in PATH after making
+# it an absolute path.
+#             value returned in "$func_normal_abspath_result"
+func_normal_abspath ()
+{
+  # Start from root dir and reassemble the path.
+  func_normal_abspath_result=
+  func_normal_abspath_tpath=$1
+  func_normal_abspath_altnamespace=
+  case $func_normal_abspath_tpath in
+    "")
+      # Empty path, that just means $cwd.
+      func_stripname '' '/' "`pwd`"
+      func_normal_abspath_result=$func_stripname_result
+      return
+    ;;
+    # The next three entries are used to spot a run of precisely
+    # two leading slashes without using negated character classes;
+    # we take advantage of case's first-match behaviour.
+    ///*)
+      # Unusual form of absolute path, do nothing.
+    ;;
+    //*)
+      # Not necessarily an ordinary path; POSIX reserves leading '//'
+      # and for example Cygwin uses it to access remote file shares
+      # over CIFS/SMB, so we conserve a leading double slash if found.
+      func_normal_abspath_altnamespace=/
+    ;;
+    /*)
+      # Absolute path, do nothing.
+    ;;
+    *)
+      # Relative path, prepend $cwd.
+      func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath
+    ;;
+  esac
+  # Cancel out all the simple stuff to save iterations.  We also want
+  # the path to end with a slash for ease of parsing, so make sure
+  # there is one (and only one) here.
+  func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"`
+  while :; do
+    # Processed it all yet?
+    if test "$func_normal_abspath_tpath" = / ; then
+      # If we ascended to the root using ".." the result may be empty now.
+      if test -z "$func_normal_abspath_result" ; then
+        func_normal_abspath_result=/
+      fi
+      break
+    fi
+    func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$pathcar"`
+    func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+        -e "$pathcdr"`
+    # Figure out what to do with it
+    case $func_normal_abspath_tcomponent in
+      "")
+        # Trailing empty path component, ignore it.
+      ;;
+      ..)
+        # Parent dir; strip last assembled component from result.
+        func_dirname "$func_normal_abspath_result"
+        func_normal_abspath_result=$func_dirname_result
+      ;;
+      *)
+        # Actual path component, append it.
+        func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent
+      ;;
+    esac
+  done
+  # Restore leading double-slash if one was found on entry.
+  func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result
 }
 
-# Generated shell functions inserted here.
+# func_relative_path SRCDIR DSTDIR
+# generates a relative path from SRCDIR to DSTDIR, with a trailing
+# slash if non-empty, suitable for immediately appending a filename
+# without needing to append a separator.
+#             value returned in "$func_relative_path_result"
+func_relative_path ()
+{
+  func_relative_path_result=
+  func_normal_abspath "$1"
+  func_relative_path_tlibdir=$func_normal_abspath_result
+  func_normal_abspath "$2"
+  func_relative_path_tbindir=$func_normal_abspath_result
+
+  # Ascend the tree starting from libdir
+  while :; do
+    # check if we have found a prefix of bindir
+    case $func_relative_path_tbindir in
+      $func_relative_path_tlibdir)
+        # found an exact match
+        func_relative_path_tcancelled=
+        break
+        ;;
+      $func_relative_path_tlibdir*)
+        # found a matching prefix
+        func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir"
+        func_relative_path_tcancelled=$func_stripname_result
+        if test -z "$func_relative_path_result"; then
+          func_relative_path_result=.
+        fi
+        break
+        ;;
+      *)
+        func_dirname $func_relative_path_tlibdir
+        func_relative_path_tlibdir=${func_dirname_result}
+        if test "x$func_relative_path_tlibdir" = x ; then
+          # Have to descend all the way to the root!
+          func_relative_path_result=../$func_relative_path_result
+          func_relative_path_tcancelled=$func_relative_path_tbindir
+          break
+        fi
+        func_relative_path_result=../$func_relative_path_result
+        ;;
+    esac
+  done
 
-# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
-# is ksh but when the shell is invoked as "sh" and the current value of
-# the _XPG environment variable is not equal to 1 (one), the special
-# positional parameter $0, within a function call, is the name of the
-# function.
-progpath="$0"
+  # Now calculate path; take care to avoid doubling-up slashes.
+  func_stripname '' '/' "$func_relative_path_result"
+  func_relative_path_result=$func_stripname_result
+  func_stripname '/' '/' "$func_relative_path_tcancelled"
+  if test "x$func_stripname_result" != x ; then
+    func_relative_path_result=${func_relative_path_result}/${func_stripname_result}
+  fi
+
+  # Normalisation. If bindir is libdir, return empty string,
+  # else relative path ending with a slash; either way, target
+  # file name can be directly appended.
+  if test ! -z "$func_relative_path_result"; then
+    func_stripname './' '' "$func_relative_path_result/"
+    func_relative_path_result=$func_stripname_result
+  fi
+}
 
 # The name of this program:
-# In the unlikely event $progname began with a '-', it would play havoc with
-# func_echo (imagine progname=-n), so we prepend ./ in that case:
 func_dirname_and_basename "$progpath"
 progname=$func_basename_result
-case $progname in
-  -*) progname=./$progname ;;
-esac
 
 # Make sure we have an absolute path for reexecution:
 case $progpath in
@@ -196,7 +383,7 @@ case $progpath in
      ;;
   *)
      save_IFS="$IFS"
-     IFS=:
+     IFS=${PATH_SEPARATOR-:}
      for progdir in $PATH; do
        IFS="$save_IFS"
        test -x "$progdir/$progname" && break
@@ -215,6 +402,15 @@ sed_quote_subst='s/\([`"$\\]\)/\\\1/g'
 # Same as above, but do not quote variable references.
 double_quote_subst='s/\(["`\\]\)/\\\1/g'
 
+# Sed substitution that turns a string into a regex matching for the
+# string literally.
+sed_make_literal_regex='s,[].[^$\\*\/],\\&,g'
+
+# Sed substitution that converts a w32 file name or path
+# which contains forward slashes, into one that contains
+# (escaped) backslashes.  A very naive implementation.
+lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
+
 # Re-`\' parameter expansions in output of double_quote_subst that were
 # `\'-ed in input to the same.  If an odd number of `\' preceded a '$'
 # in input to double_quote_subst, that '$' was protected from expansion.
@@ -243,7 +439,7 @@ opt_warning=:
 # name if it has been set yet.
 func_echo ()
 {
-    $ECHO "$progname${mode+: }$mode: $*"
+    $ECHO "$progname: ${opt_mode+$opt_mode: }$*"
 }
 
 # func_verbose arg...
@@ -258,18 +454,25 @@ func_verbose ()
     :
 }
 
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO "$*"
+}
+
 # func_error arg...
 # Echo program name prefixed message to standard error.
 func_error ()
 {
-    $ECHO "$progname${mode+: }$mode: "${1+"$@"} 1>&2
+    $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2
 }
 
 # func_warning arg...
 # Echo program name prefixed warning message to standard error.
 func_warning ()
 {
-    $opt_warning && $ECHO "$progname${mode+: }$mode: warning: "${1+"$@"} 1>&2
+    $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2
 
     # bash bug again:
     :
@@ -326,9 +529,9 @@ func_mkdir_p ()
         case $my_directory_path in */*) ;; *) break ;; esac
 
         # ...otherwise throw away the child directory and loop
-        my_directory_path=`$ECHO "X$my_directory_path" | $Xsed -e "$dirname"`
+        my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"`
       done
-      my_dir_list=`$ECHO "X$my_dir_list" | $Xsed -e 's,:*$,,'`
+      my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'`
 
       save_mkdir_p_IFS="$IFS"; IFS=':'
       for my_dir in $my_dir_list; do
@@ -378,7 +581,7 @@ func_mktempdir ()
         func_fatal_error "cannot create temporary directory \`$my_tmpdir'"
     fi
 
-    $ECHO "X$my_tmpdir" | $Xsed
+    $ECHO "$my_tmpdir"
 }
 
 
@@ -392,7 +595,7 @@ func_quote_for_eval ()
 {
     case $1 in
       *[\\\`\"\$]*)
-	func_quote_for_eval_unquoted_result=`$ECHO "X$1" | $Xsed -e "$sed_quote_subst"` ;;
+	func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;;
       *)
         func_quote_for_eval_unquoted_result="$1" ;;
     esac
@@ -419,7 +622,7 @@ func_quote_for_expand ()
 {
     case $1 in
       *[\\\`\"]*)
-	my_arg=`$ECHO "X$1" | $Xsed \
+	my_arg=`$ECHO "$1" | $SED \
 	    -e "$double_quote_subst" -e "$sed_double_backslash"` ;;
       *)
         my_arg="$1" ;;
@@ -488,15 +691,39 @@ func_show_eval_locale ()
     fi
 }
 
-
-
+# func_tr_sh
+# Turn $1 into a string suitable for a shell variable name.
+# Result is stored in $func_tr_sh_result.  All characters
+# not in the set a-zA-Z0-9_ are replaced with '_'. Further,
+# if $1 begins with a digit, a '_' is prepended as well.
+func_tr_sh ()
+{
+  case $1 in
+  [0-9]* | *[!a-zA-Z0-9_]*)
+    func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'`
+    ;;
+  * )
+    func_tr_sh_result=$1
+    ;;
+  esac
+}
 
 
 # func_version
 # Echo version message to standard output and exit.
 func_version ()
 {
-    $SED -n '/^# '$PROGRAM' (GNU /,/# warranty; / {
+    $opt_debug
+
+    $SED -n '/(C)/!b go
+	:more
+	/\./!{
+	  N
+	  s/\n# / /
+	  b more
+	}
+	:go
+	/^# '$PROGRAM' (GNU /,/# warranty; / {
         s/^# //
 	s/^# *$//
         s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/
@@ -509,22 +736,28 @@ func_version ()
 # Echo short help message to standard output and exit.
 func_usage ()
 {
-    $SED -n '/^# Usage:/,/# -h/ {
+    $opt_debug
+
+    $SED -n '/^# Usage:/,/^#  *.*--help/ {
         s/^# //
 	s/^# *$//
 	s/\$progname/'$progname'/
 	p
     }' < "$progpath"
-    $ECHO
+    echo
     $ECHO "run \`$progname --help | more' for full usage"
     exit $?
 }
 
-# func_help
-# Echo long help message to standard output and exit.
+# func_help [NOEXIT]
+# Echo long help message to standard output and exit,
+# unless 'noexit' is passed as argument.
 func_help ()
 {
+    $opt_debug
+
     $SED -n '/^# Usage:/,/# Report bugs to/ {
+	:print
         s/^# //
 	s/^# *$//
 	s*\$progname*'$progname'*
@@ -534,11 +767,18 @@ func_help ()
 	s*\$LTCFLAGS*'"$LTCFLAGS"'*
 	s*\$LD*'"$LD"'*
 	s/\$with_gnu_ld/'"$with_gnu_ld"'/
-	s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/
-	s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/
+	s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/
+	s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/
 	p
-     }' < "$progpath"
-    exit $?
+	d
+     }
+     /^# .* home page:/b print
+     /^# General help using/b print
+     ' < "$progpath"
+    ret=$?
+    if test -z "$1"; then
+      exit $ret
+    fi
 }
 
 # func_missing_arg argname
@@ -546,63 +786,106 @@ func_help ()
 # exit_cmd.
 func_missing_arg ()
 {
-    func_error "missing argument for $1"
+    $opt_debug
+
+    func_error "missing argument for $1."
     exit_cmd=exit
 }
 
-exit_cmd=:
 
+# func_split_short_opt shortopt
+# Set func_split_short_opt_name and func_split_short_opt_arg shell
+# variables after splitting SHORTOPT after the 2nd character.
+func_split_short_opt ()
+{
+    my_sed_short_opt='1s/^\(..\).*$/\1/;q'
+    my_sed_short_rest='1s/^..\(.*\)$/\1/;q'
 
+    func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"`
+    func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"`
+} # func_split_short_opt may be replaced by extended shell implementation
+
+
+# func_split_long_opt longopt
+# Set func_split_long_opt_name and func_split_long_opt_arg shell
+# variables after splitting LONGOPT at the `=' sign.
+func_split_long_opt ()
+{
+    my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q'
+    my_sed_long_arg='1s/^--[^=]*=//'
+
+    func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"`
+    func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"`
+} # func_split_long_opt may be replaced by extended shell implementation
+
+exit_cmd=:
 
 
 
-# Check that we have a working $ECHO.
-if test "X$1" = X--no-reexec; then
-  # Discard the --no-reexec flag, and continue.
-  shift
-elif test "X$1" = X--fallback-echo; then
-  # Avoid inline document here, it may be left over
-  :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t'; then
-  # Yippee, $ECHO works!
-  :
-else
-  # Restart under the correct shell, and then maybe $ECHO will work.
-  exec $SHELL "$progpath" --no-reexec ${1+"$@"}
-fi
 
-if test "X$1" = X--fallback-echo; then
-  # used as fallback echo
-  shift
-  cat <<EOF
-$*
-EOF
-  exit $EXIT_SUCCESS
-fi
 
 magic="%%%MAGIC variable%%%"
 magic_exe="%%%MAGIC EXE variable%%%"
 
 # Global variables.
-# $mode is unset
 nonopt=
-execute_dlfiles=
 preserve_args=
 lo2o="s/\\.lo\$/.${objext}/"
 o2lo="s/\\.${objext}\$/.lo/"
 extracted_archives=
 extracted_serial=0
 
-opt_dry_run=false
-opt_duplicate_deps=false
-opt_silent=false
-opt_debug=:
-
 # If this variable is set in any of the actions, the command in it
 # will be execed at the end.  This prevents here-documents from being
 # left over by shells.
 exec_cmd=
 
+# func_append var value
+# Append VALUE to the end of shell variable VAR.
+func_append ()
+{
+    eval "${1}=\$${1}\${2}"
+} # func_append may be replaced by extended shell implementation
+
+# func_append_quoted var value
+# Quote VALUE and append to the end of shell variable VAR, separated
+# by a space.
+func_append_quoted ()
+{
+    func_quote_for_eval "${2}"
+    eval "${1}=\$${1}\\ \$func_quote_for_eval_result"
+} # func_append_quoted may be replaced by extended shell implementation
+
+
+# func_arith arithmetic-term...
+func_arith ()
+{
+    func_arith_result=`expr "${@}"`
+} # func_arith may be replaced by extended shell implementation
+
+
+# func_len string
+# STRING may not start with a hyphen.
+func_len ()
+{
+    func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len`
+} # func_len may be replaced by extended shell implementation
+
+
+# func_lo2o object
+func_lo2o ()
+{
+    func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"`
+} # func_lo2o may be replaced by extended shell implementation
+
+
+# func_xform libobj-or-source
+func_xform ()
+{
+    func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'`
+} # func_xform may be replaced by extended shell implementation
+
+
 # func_fatal_configuration arg...
 # Echo program name prefixed message to standard error, followed by
 # a configuration failure hint, and exit.
@@ -636,16 +919,16 @@ func_config ()
 # Display the features supported by this script.
 func_features ()
 {
-    $ECHO "host: $host"
+    echo "host: $host"
     if test "$build_libtool_libs" = yes; then
-      $ECHO "enable shared libraries"
+      echo "enable shared libraries"
     else
-      $ECHO "disable shared libraries"
+      echo "disable shared libraries"
     fi
     if test "$build_old_libs" = yes; then
-      $ECHO "enable static libraries"
+      echo "enable static libraries"
     else
-      $ECHO "disable static libraries"
+      echo "disable static libraries"
     fi
 
     exit $?
@@ -692,117 +975,209 @@ func_enable_tag ()
   esac
 }
 
-# Parse options once, thoroughly.  This comes as soon as possible in
-# the script to make things like `libtool --version' happen quickly.
+# func_check_version_match
+# Ensure that we are using m4 macros, and libtool script from the same
+# release of libtool.
+func_check_version_match ()
 {
+  if test "$package_revision" != "$macro_revision"; then
+    if test "$VERSION" != "$macro_version"; then
+      if test -z "$macro_version"; then
+        cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from an older release.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+      else
+        cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
+$progname: definition of this LT_INIT comes from $PACKAGE $macro_version.
+$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
+$progname: and run autoconf again.
+_LT_EOF
+      fi
+    else
+      cat >&2 <<_LT_EOF
+$progname: Version mismatch error.  This is $PACKAGE $VERSION, revision $package_revision,
+$progname: but the definition of this LT_INIT comes from revision $macro_revision.
+$progname: You should recreate aclocal.m4 with macros from revision $package_revision
+$progname: of $PACKAGE $VERSION and run autoconf again.
+_LT_EOF
+    fi
+
+    exit $EXIT_MISMATCH
+  fi
+}
+
+
+# Shorthand for --mode=foo, only valid as the first argument
+case $1 in
+clean|clea|cle|cl)
+  shift; set dummy --mode clean ${1+"$@"}; shift
+  ;;
+compile|compil|compi|comp|com|co|c)
+  shift; set dummy --mode compile ${1+"$@"}; shift
+  ;;
+execute|execut|execu|exec|exe|ex|e)
+  shift; set dummy --mode execute ${1+"$@"}; shift
+  ;;
+finish|finis|fini|fin|fi|f)
+  shift; set dummy --mode finish ${1+"$@"}; shift
+  ;;
+install|instal|insta|inst|ins|in|i)
+  shift; set dummy --mode install ${1+"$@"}; shift
+  ;;
+link|lin|li|l)
+  shift; set dummy --mode link ${1+"$@"}; shift
+  ;;
+uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
+  shift; set dummy --mode uninstall ${1+"$@"}; shift
+  ;;
+esac
+
 
-  # Shorthand for --mode=foo, only valid as the first argument
-  case $1 in
-  clean|clea|cle|cl)
-    shift; set dummy --mode clean ${1+"$@"}; shift
-    ;;
-  compile|compil|compi|comp|com|co|c)
-    shift; set dummy --mode compile ${1+"$@"}; shift
-    ;;
-  execute|execut|execu|exec|exe|ex|e)
-    shift; set dummy --mode execute ${1+"$@"}; shift
-    ;;
-  finish|finis|fini|fin|fi|f)
-    shift; set dummy --mode finish ${1+"$@"}; shift
-    ;;
-  install|instal|insta|inst|ins|in|i)
-    shift; set dummy --mode install ${1+"$@"}; shift
-    ;;
-  link|lin|li|l)
-    shift; set dummy --mode link ${1+"$@"}; shift
-    ;;
-  uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u)
-    shift; set dummy --mode uninstall ${1+"$@"}; shift
-    ;;
-  esac
 
-  # Parse non-mode specific arguments:
-  while test "$#" -gt 0; do
+# Option defaults:
+opt_debug=:
+opt_dry_run=false
+opt_config=false
+opt_preserve_dup_deps=false
+opt_features=false
+opt_finish=false
+opt_help=false
+opt_help_all=false
+opt_silent=:
+opt_warning=:
+opt_verbose=:
+opt_silent=false
+opt_verbose=false
+
+
+# Parse options once, thoroughly.  This comes as soon as possible in the
+# script to make things like `--version' happen as quickly as we can.
+{
+  # this just eases exit handling
+  while test $# -gt 0; do
     opt="$1"
     shift
-
     case $opt in
-      --config)		func_config					;;
-
-      --debug)		preserve_args="$preserve_args $opt"
+      --debug|-x)	opt_debug='set -x'
 			func_echo "enabling shell trace mode"
-			opt_debug='set -x'
 			$opt_debug
 			;;
-
-      -dlopen)		test "$#" -eq 0 && func_missing_arg "$opt" && break
-			execute_dlfiles="$execute_dlfiles $1"
-			shift
+      --dry-run|--dryrun|-n)
+			opt_dry_run=:
 			;;
-
-      --dry-run | -n)	opt_dry_run=:					;;
-      --features)       func_features					;;
-      --finish)		mode="finish"					;;
-
-      --mode)		test "$#" -eq 0 && func_missing_arg "$opt" && break
-			case $1 in
-			  # Valid mode arguments:
-			  clean)	;;
-			  compile)	;;
-			  execute)	;;
-			  finish)	;;
-			  install)	;;
-			  link)		;;
-			  relink)	;;
-			  uninstall)	;;
-
-			  # Catch anything else as an error
-			  *) func_error "invalid argument for $opt"
-			     exit_cmd=exit
-			     break
-			     ;;
-		        esac
-
-			mode="$1"
+      --config)
+			opt_config=:
+func_config
+			;;
+      --dlopen|-dlopen)
+			optarg="$1"
+			opt_dlopen="${opt_dlopen+$opt_dlopen
+}$optarg"
 			shift
 			;;
-
       --preserve-dup-deps)
-			opt_duplicate_deps=:				;;
-
-      --quiet|--silent)	preserve_args="$preserve_args $opt"
-			opt_silent=:
+			opt_preserve_dup_deps=:
 			;;
-
-      --verbose| -v)	preserve_args="$preserve_args $opt"
+      --features)
+			opt_features=:
+func_features
+			;;
+      --finish)
+			opt_finish=:
+set dummy --mode finish ${1+"$@"}; shift
+			;;
+      --help)
+			opt_help=:
+			;;
+      --help-all)
+			opt_help_all=:
+opt_help=': help-all'
+			;;
+      --mode)
+			test $# = 0 && func_missing_arg $opt && break
+			optarg="$1"
+			opt_mode="$optarg"
+case $optarg in
+  # Valid mode arguments:
+  clean|compile|execute|finish|install|link|relink|uninstall) ;;
+
+  # Catch anything else as an error
+  *) func_error "invalid argument for $opt"
+     exit_cmd=exit
+     break
+     ;;
+esac
+			shift
+			;;
+      --no-silent|--no-quiet)
 			opt_silent=false
+func_append preserve_args " $opt"
 			;;
-
-      --tag)		test "$#" -eq 0 && func_missing_arg "$opt" && break
-			preserve_args="$preserve_args $opt $1"
-			func_enable_tag "$1"	# tagname is set here
+      --no-warning|--no-warn)
+			opt_warning=false
+func_append preserve_args " $opt"
+			;;
+      --no-verbose)
+			opt_verbose=false
+func_append preserve_args " $opt"
+			;;
+      --silent|--quiet)
+			opt_silent=:
+func_append preserve_args " $opt"
+        opt_verbose=false
+			;;
+      --verbose|-v)
+			opt_verbose=:
+func_append preserve_args " $opt"
+opt_silent=false
+			;;
+      --tag)
+			test $# = 0 && func_missing_arg $opt && break
+			optarg="$1"
+			opt_tag="$optarg"
+func_append preserve_args " $opt $optarg"
+func_enable_tag "$optarg"
 			shift
 			;;
 
+      -\?|-h)		func_usage				;;
+      --help)		func_help				;;
+      --version)	func_version				;;
+
       # Separate optargs to long options:
-      -dlopen=*|--mode=*|--tag=*)
-			func_opt_split "$opt"
-			set dummy "$func_opt_split_opt" "$func_opt_split_arg" ${1+"$@"}
+      --*=*)
+			func_split_long_opt "$opt"
+			set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"}
 			shift
 			;;
 
-      -\?|-h)		func_usage					;;
-      --help)		opt_help=:					;;
-      --version)	func_version					;;
-
-      -*)		func_fatal_help "unrecognized option \`$opt'"	;;
-
-      *)		nonopt="$opt"
-			break
+      # Separate non-argument short options:
+      -\?*|-h*|-n*|-v*)
+			func_split_short_opt "$opt"
+			set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"}
+			shift
 			;;
+
+      --)		break					;;
+      -*)		func_fatal_help "unrecognized option \`$opt'" ;;
+      *)		set dummy "$opt" ${1+"$@"};	shift; break  ;;
     esac
   done
 
+  # Validate options:
+
+  # save first non-option argument
+  if test "$#" -gt 0; then
+    nonopt="$opt"
+    shift
+  fi
+
+  # preserve --debug
+  test "$opt_debug" = : || func_append preserve_args " --debug"
 
   case $host in
     *cygwin* | *mingw* | *pw32* | *cegcc*)
@@ -810,82 +1185,44 @@ func_enable_tag ()
       opt_duplicate_compiler_generated_deps=:
       ;;
     *)
-      opt_duplicate_compiler_generated_deps=$opt_duplicate_deps
+      opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps
       ;;
   esac
 
-  # Having warned about all mis-specified options, bail out if
-  # anything was wrong.
-  $exit_cmd $EXIT_FAILURE
-}
+  $opt_help || {
+    # Sanity checks first:
+    func_check_version_match
 
-# func_check_version_match
-# Ensure that we are using m4 macros, and libtool script from the same
-# release of libtool.
-func_check_version_match ()
-{
-  if test "$package_revision" != "$macro_revision"; then
-    if test "$VERSION" != "$macro_version"; then
-      if test -z "$macro_version"; then
-        cat >&2 <<_LT_EOF
-$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
-$progname: definition of this LT_INIT comes from an older release.
-$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
-$progname: and run autoconf again.
-_LT_EOF
-      else
-        cat >&2 <<_LT_EOF
-$progname: Version mismatch error.  This is $PACKAGE $VERSION, but the
-$progname: definition of this LT_INIT comes from $PACKAGE $macro_version.
-$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION
-$progname: and run autoconf again.
-_LT_EOF
-      fi
-    else
-      cat >&2 <<_LT_EOF
-$progname: Version mismatch error.  This is $PACKAGE $VERSION, revision $package_revision,
-$progname: but the definition of this LT_INIT comes from revision $macro_revision.
-$progname: You should recreate aclocal.m4 with macros from revision $package_revision
-$progname: of $PACKAGE $VERSION and run autoconf again.
-_LT_EOF
+    if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
+      func_fatal_configuration "not configured to build any kind of library"
     fi
 
-    exit $EXIT_MISMATCH
-  fi
-}
-
-
-## ----------- ##
-##    Main.    ##
-## ----------- ##
-
-$opt_help || {
-  # Sanity checks first:
-  func_check_version_match
+    # Darwin sucks
+    eval std_shrext=\"$shrext_cmds\"
 
-  if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
-    func_fatal_configuration "not configured to build any kind of library"
-  fi
+    # Only execute mode is allowed to have -dlopen flags.
+    if test -n "$opt_dlopen" && test "$opt_mode" != execute; then
+      func_error "unrecognized option \`-dlopen'"
+      $ECHO "$help" 1>&2
+      exit $EXIT_FAILURE
+    fi
 
-  test -z "$mode" && func_fatal_error "error: you must specify a MODE."
+    # Change the help message to a mode-specific one.
+    generic_help="$help"
+    help="Try \`$progname --help --mode=$opt_mode' for more information."
+  }
 
 
-  # Darwin sucks
-  eval std_shrext=\"$shrext_cmds\"
+  # Bail if the options were screwed
+  $exit_cmd $EXIT_FAILURE
+}
 
 
-  # Only execute mode is allowed to have -dlopen flags.
-  if test -n "$execute_dlfiles" && test "$mode" != execute; then
-    func_error "unrecognized option \`-dlopen'"
-    $ECHO "$help" 1>&2
-    exit $EXIT_FAILURE
-  fi
 
-  # Change the help message to a mode-specific one.
-  generic_help="$help"
-  help="Try \`$progname --help --mode=$mode' for more information."
-}
 
+## ----------- ##
+##    Main.    ##
+## ----------- ##
 
 # func_lalib_p file
 # True iff FILE is a libtool `.la' library or `.lo' object file.
@@ -950,12 +1287,9 @@ func_ltwrapper_executable_p ()
 # temporary ltwrapper_script.
 func_ltwrapper_scriptname ()
 {
-    func_ltwrapper_scriptname_result=""
-    if func_ltwrapper_executable_p "$1"; then
-	func_dirname_and_basename "$1" "" "."
-	func_stripname '' '.exe' "$func_basename_result"
-	func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper"
-    fi
+    func_dirname_and_basename "$1" "" "."
+    func_stripname '' '.exe' "$func_basename_result"
+    func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper"
 }
 
 # func_ltwrapper_p file
@@ -1001,6 +1335,37 @@ func_source ()
 }
 
 
+# func_resolve_sysroot PATH
+# Replace a leading = in PATH with a sysroot.  Store the result into
+# func_resolve_sysroot_result
+func_resolve_sysroot ()
+{
+  func_resolve_sysroot_result=$1
+  case $func_resolve_sysroot_result in
+  =*)
+    func_stripname '=' '' "$func_resolve_sysroot_result"
+    func_resolve_sysroot_result=$lt_sysroot$func_stripname_result
+    ;;
+  esac
+}
+
+# func_replace_sysroot PATH
+# If PATH begins with the sysroot, replace it with = and
+# store the result into func_replace_sysroot_result.
+func_replace_sysroot ()
+{
+  case "$lt_sysroot:$1" in
+  ?*:"$lt_sysroot"*)
+    func_stripname "$lt_sysroot" '' "$1"
+    func_replace_sysroot_result="=$func_stripname_result"
+    ;;
+  *)
+    # Including no sysroot.
+    func_replace_sysroot_result=$1
+    ;;
+  esac
+}
+
 # func_infer_tag arg
 # Infer tagged configuration to use if any are available and
 # if one wasn't chosen via the "--tag" command line option.
@@ -1013,13 +1378,15 @@ func_infer_tag ()
     if test -n "$available_tags" && test -z "$tagname"; then
       CC_quoted=
       for arg in $CC; do
-        func_quote_for_eval "$arg"
-	CC_quoted="$CC_quoted $func_quote_for_eval_result"
+	func_append_quoted CC_quoted "$arg"
       done
+      CC_expanded=`func_echo_all $CC`
+      CC_quoted_expanded=`func_echo_all $CC_quoted`
       case $@ in
       # Blanks in the command may have been stripped by the calling shell,
       # but not from the CC environment variable when configure was run.
-      " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*) ;;
+      " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+      " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;;
       # Blanks at the start of $base_compile will cause this to fail
       # if we don't check for them as well.
       *)
@@ -1030,11 +1397,13 @@ func_infer_tag ()
 	    CC_quoted=
 	    for arg in $CC; do
 	      # Double-quote args containing other shell metacharacters.
-	      func_quote_for_eval "$arg"
-	      CC_quoted="$CC_quoted $func_quote_for_eval_result"
+	      func_append_quoted CC_quoted "$arg"
 	    done
+	    CC_expanded=`func_echo_all $CC`
+	    CC_quoted_expanded=`func_echo_all $CC_quoted`
 	    case "$@ " in
-	      " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*)
+	    " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+	    " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*)
 	      # The compiler in the base compile command matches
 	      # the one in the tagged configuration.
 	      # Assume this is the tagged configuration we want.
@@ -1097,6 +1466,486 @@ EOF
     }
 }
 
+
+##################################################
+# FILE NAME AND PATH CONVERSION HELPER FUNCTIONS #
+##################################################
+
+# func_convert_core_file_wine_to_w32 ARG
+# Helper function used by file name conversion functions when $build is *nix,
+# and $host is mingw, cygwin, or some other w32 environment. Relies on a
+# correctly configured wine environment available, with the winepath program
+# in $build's $PATH.
+#
+# ARG is the $build file name to be converted to w32 format.
+# Result is available in $func_convert_core_file_wine_to_w32_result, and will
+# be empty on error (or when ARG is empty)
+func_convert_core_file_wine_to_w32 ()
+{
+  $opt_debug
+  func_convert_core_file_wine_to_w32_result="$1"
+  if test -n "$1"; then
+    # Unfortunately, winepath does not exit with a non-zero error code, so we
+    # are forced to check the contents of stdout. On the other hand, if the
+    # command is not found, the shell will set an exit code of 127 and print
+    # *an error message* to stdout. So we must check for both error code of
+    # zero AND non-empty stdout, which explains the odd construction:
+    func_convert_core_file_wine_to_w32_tmp=`winepath -w "$1" 2>/dev/null`
+    if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then
+      func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" |
+        $SED -e "$lt_sed_naive_backslashify"`
+    else
+      func_convert_core_file_wine_to_w32_result=
+    fi
+  fi
+}
+# end: func_convert_core_file_wine_to_w32
+
+
+# func_convert_core_path_wine_to_w32 ARG
+# Helper function used by path conversion functions when $build is *nix, and
+# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly
+# configured wine environment available, with the winepath program in $build's
+# $PATH. Assumes ARG has no leading or trailing path separator characters.
+#
+# ARG is path to be converted from $build format to win32.
+# Result is available in $func_convert_core_path_wine_to_w32_result.
+# Unconvertible file (directory) names in ARG are skipped; if no directory names
+# are convertible, then the result may be empty.
+func_convert_core_path_wine_to_w32 ()
+{
+  $opt_debug
+  # unfortunately, winepath doesn't convert paths, only file names
+  func_convert_core_path_wine_to_w32_result=""
+  if test -n "$1"; then
+    oldIFS=$IFS
+    IFS=:
+    for func_convert_core_path_wine_to_w32_f in $1; do
+      IFS=$oldIFS
+      func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f"
+      if test -n "$func_convert_core_file_wine_to_w32_result" ; then
+        if test -z "$func_convert_core_path_wine_to_w32_result"; then
+          func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result"
+        else
+          func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result"
+        fi
+      fi
+    done
+    IFS=$oldIFS
+  fi
+}
+# end: func_convert_core_path_wine_to_w32
+
+
+# func_cygpath ARGS...
+# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when
+# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2)
+# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or
+# (2), returns the Cygwin file name or path in func_cygpath_result (input
+# file name or path is assumed to be in w32 format, as previously converted
+# from $build's *nix or MSYS format). In case (3), returns the w32 file name
+# or path in func_cygpath_result (input file name or path is assumed to be in
+# Cygwin format). Returns an empty string on error.
+#
+# ARGS are passed to cygpath, with the last one being the file name or path to
+# be converted.
+#
+# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH
+# environment variable; do not put it in $PATH.
+func_cygpath ()
+{
+  $opt_debug
+  if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then
+    func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null`
+    if test "$?" -ne 0; then
+      # on failure, ensure result is empty
+      func_cygpath_result=
+    fi
+  else
+    func_cygpath_result=
+    func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'"
+  fi
+}
+#end: func_cygpath
+
+
+# func_convert_core_msys_to_w32 ARG
+# Convert file name or path ARG from MSYS format to w32 format.  Return
+# result in func_convert_core_msys_to_w32_result.
+func_convert_core_msys_to_w32 ()
+{
+  $opt_debug
+  # awkward: cmd appends spaces to result
+  func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null |
+    $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"`
+}
+#end: func_convert_core_msys_to_w32
+
+
+# func_convert_file_check ARG1 ARG2
+# Verify that ARG1 (a file name in $build format) was converted to $host
+# format in ARG2. Otherwise, emit an error message, but continue (resetting
+# func_to_host_file_result to ARG1).
+func_convert_file_check ()
+{
+  $opt_debug
+  if test -z "$2" && test -n "$1" ; then
+    func_error "Could not determine host file name corresponding to"
+    func_error "  \`$1'"
+    func_error "Continuing, but uninstalled executables may not work."
+    # Fallback:
+    func_to_host_file_result="$1"
+  fi
+}
+# end func_convert_file_check
+
+
+# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH
+# Verify that FROM_PATH (a path in $build format) was converted to $host
+# format in TO_PATH. Otherwise, emit an error message, but continue, resetting
+# func_to_host_file_result to a simplistic fallback value (see below).
+func_convert_path_check ()
+{
+  $opt_debug
+  if test -z "$4" && test -n "$3"; then
+    func_error "Could not determine the host path corresponding to"
+    func_error "  \`$3'"
+    func_error "Continuing, but uninstalled executables may not work."
+    # Fallback.  This is a deliberately simplistic "conversion" and
+    # should not be "improved".  See libtool.info.
+    if test "x$1" != "x$2"; then
+      lt_replace_pathsep_chars="s|$1|$2|g"
+      func_to_host_path_result=`echo "$3" |
+        $SED -e "$lt_replace_pathsep_chars"`
+    else
+      func_to_host_path_result="$3"
+    fi
+  fi
+}
+# end func_convert_path_check
+
+
+# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG
+# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT
+# and appending REPL if ORIG matches BACKPAT.
+func_convert_path_front_back_pathsep ()
+{
+  $opt_debug
+  case $4 in
+  $1 ) func_to_host_path_result="$3$func_to_host_path_result"
+    ;;
+  esac
+  case $4 in
+  $2 ) func_append func_to_host_path_result "$3"
+    ;;
+  esac
+}
+# end func_convert_path_front_back_pathsep
+
+
+##################################################
+# $build to $host FILE NAME CONVERSION FUNCTIONS #
+##################################################
+# invoked via `$to_host_file_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# Result will be available in $func_to_host_file_result.
+
+
+# func_to_host_file ARG
+# Converts the file name ARG from $build format to $host format. Return result
+# in func_to_host_file_result.
+func_to_host_file ()
+{
+  $opt_debug
+  $to_host_file_cmd "$1"
+}
+# end func_to_host_file
+
+
+# func_to_tool_file ARG LAZY
+# converts the file name ARG from $build format to toolchain format. Return
+# result in func_to_tool_file_result.  If the conversion in use is listed
+# in (the comma separated) LAZY, no conversion takes place.
+func_to_tool_file ()
+{
+  $opt_debug
+  case ,$2, in
+    *,"$to_tool_file_cmd",*)
+      func_to_tool_file_result=$1
+      ;;
+    *)
+      $to_tool_file_cmd "$1"
+      func_to_tool_file_result=$func_to_host_file_result
+      ;;
+  esac
+}
+# end func_to_tool_file
+
+
+# func_convert_file_noop ARG
+# Copy ARG to func_to_host_file_result.
+func_convert_file_noop ()
+{
+  func_to_host_file_result="$1"
+}
+# end func_convert_file_noop
+
+
+# func_convert_file_msys_to_w32 ARG
+# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper.  Returns result in
+# func_to_host_file_result.
+func_convert_file_msys_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_msys_to_w32 "$1"
+    func_to_host_file_result="$func_convert_core_msys_to_w32_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_w32
+
+
+# func_convert_file_cygwin_to_w32 ARG
+# Convert file name ARG from Cygwin to w32 format.  Returns result in
+# func_to_host_file_result.
+func_convert_file_cygwin_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    # because $build is cygwin, we call "the" cygpath in $PATH; no need to use
+    # LT_CYGPATH in this case.
+    func_to_host_file_result=`cygpath -m "$1"`
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_cygwin_to_w32
+
+
+# func_convert_file_nix_to_w32 ARG
+# Convert file name ARG from *nix to w32 format.  Requires a wine environment
+# and a working winepath. Returns result in func_to_host_file_result.
+func_convert_file_nix_to_w32 ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_file_wine_to_w32 "$1"
+    func_to_host_file_result="$func_convert_core_file_wine_to_w32_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_w32
+
+
+# func_convert_file_msys_to_cygwin ARG
+# Convert file name ARG from MSYS to Cygwin format.  Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_file_msys_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    func_convert_core_msys_to_w32 "$1"
+    func_cygpath -u "$func_convert_core_msys_to_w32_result"
+    func_to_host_file_result="$func_cygpath_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_msys_to_cygwin
+
+
+# func_convert_file_nix_to_cygwin ARG
+# Convert file name ARG from *nix to Cygwin format.  Requires Cygwin installed
+# in a wine environment, working winepath, and LT_CYGPATH set.  Returns result
+# in func_to_host_file_result.
+func_convert_file_nix_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_file_result="$1"
+  if test -n "$1"; then
+    # convert from *nix to w32, then use cygpath to convert from w32 to cygwin.
+    func_convert_core_file_wine_to_w32 "$1"
+    func_cygpath -u "$func_convert_core_file_wine_to_w32_result"
+    func_to_host_file_result="$func_cygpath_result"
+  fi
+  func_convert_file_check "$1" "$func_to_host_file_result"
+}
+# end func_convert_file_nix_to_cygwin
+
+
+#############################################
+# $build to $host PATH CONVERSION FUNCTIONS #
+#############################################
+# invoked via `$to_host_path_cmd ARG'
+#
+# In each case, ARG is the path to be converted from $build to $host format.
+# The result will be available in $func_to_host_path_result.
+#
+# Path separators are also converted from $build format to $host format.  If
+# ARG begins or ends with a path separator character, it is preserved (but
+# converted to $host format) on output.
+#
+# All path conversion functions are named using the following convention:
+#   file name conversion function    : func_convert_file_X_to_Y ()
+#   path conversion function         : func_convert_path_X_to_Y ()
+# where, for any given $build/$host combination the 'X_to_Y' value is the
+# same.  If conversion functions are added for new $build/$host combinations,
+# the two new functions must follow this pattern, or func_init_to_host_path_cmd
+# will break.
+
+
+# func_init_to_host_path_cmd
+# Ensures that function "pointer" variable $to_host_path_cmd is set to the
+# appropriate value, based on the value of $to_host_file_cmd.
+to_host_path_cmd=
+func_init_to_host_path_cmd ()
+{
+  $opt_debug
+  if test -z "$to_host_path_cmd"; then
+    func_stripname 'func_convert_file_' '' "$to_host_file_cmd"
+    to_host_path_cmd="func_convert_path_${func_stripname_result}"
+  fi
+}
+
+
+# func_to_host_path ARG
+# Converts the path ARG from $build format to $host format. Return result
+# in func_to_host_path_result.
+func_to_host_path ()
+{
+  $opt_debug
+  func_init_to_host_path_cmd
+  $to_host_path_cmd "$1"
+}
+# end func_to_host_path
+
+
+# func_convert_path_noop ARG
+# Copy ARG to func_to_host_path_result.
+func_convert_path_noop ()
+{
+  func_to_host_path_result="$1"
+}
+# end func_convert_path_noop
+
+
+# func_convert_path_msys_to_w32 ARG
+# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic
+# conversion to w32 is not available inside the cwrapper.  Returns result in
+# func_to_host_path_result.
+func_convert_path_msys_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # Remove leading and trailing path separator characters from ARG.  MSYS
+    # behavior is inconsistent here; cygpath turns them into '.;' and ';.';
+    # and winepath ignores them completely.
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+    func_to_host_path_result="$func_convert_core_msys_to_w32_result"
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_msys_to_w32
+
+
+# func_convert_path_cygwin_to_w32 ARG
+# Convert path ARG from Cygwin to w32 format.  Returns result in
+# func_to_host_file_result.
+func_convert_path_cygwin_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"`
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_cygwin_to_w32
+
+
+# func_convert_path_nix_to_w32 ARG
+# Convert path ARG from *nix to w32 format.  Requires a wine environment and
+# a working winepath.  Returns result in func_to_host_file_result.
+func_convert_path_nix_to_w32 ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+    func_to_host_path_result="$func_convert_core_path_wine_to_w32_result"
+    func_convert_path_check : ";" \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" ";" "$1"
+  fi
+}
+# end func_convert_path_nix_to_w32
+
+
+# func_convert_path_msys_to_cygwin ARG
+# Convert path ARG from MSYS to Cygwin format.  Requires LT_CYGPATH set.
+# Returns result in func_to_host_file_result.
+func_convert_path_msys_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # See func_convert_path_msys_to_w32:
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_msys_to_w32 "$func_to_host_path_tmp1"
+    func_cygpath -u -p "$func_convert_core_msys_to_w32_result"
+    func_to_host_path_result="$func_cygpath_result"
+    func_convert_path_check : : \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+  fi
+}
+# end func_convert_path_msys_to_cygwin
+
+
+# func_convert_path_nix_to_cygwin ARG
+# Convert path ARG from *nix to Cygwin format.  Requires Cygwin installed in a
+# a wine environment, working winepath, and LT_CYGPATH set.  Returns result in
+# func_to_host_file_result.
+func_convert_path_nix_to_cygwin ()
+{
+  $opt_debug
+  func_to_host_path_result="$1"
+  if test -n "$1"; then
+    # Remove leading and trailing path separator characters from
+    # ARG. msys behavior is inconsistent here, cygpath turns them
+    # into '.;' and ';.', and winepath ignores them completely.
+    func_stripname : : "$1"
+    func_to_host_path_tmp1=$func_stripname_result
+    func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1"
+    func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result"
+    func_to_host_path_result="$func_cygpath_result"
+    func_convert_path_check : : \
+      "$func_to_host_path_tmp1" "$func_to_host_path_result"
+    func_convert_path_front_back_pathsep ":*" "*:" : "$1"
+  fi
+}
+# end func_convert_path_nix_to_cygwin
+
+
 # func_mode_compile arg...
 func_mode_compile ()
 {
@@ -1137,12 +1986,12 @@ func_mode_compile ()
 	  ;;
 
 	-pie | -fpie | -fPIE)
-          pie_flag="$pie_flag $arg"
+          func_append pie_flag " $arg"
 	  continue
 	  ;;
 
 	-shared | -static | -prefer-pic | -prefer-non-pic)
-	  later="$later $arg"
+	  func_append later " $arg"
 	  continue
 	  ;;
 
@@ -1163,15 +2012,14 @@ func_mode_compile ()
 	  save_ifs="$IFS"; IFS=','
 	  for arg in $args; do
 	    IFS="$save_ifs"
-	    func_quote_for_eval "$arg"
-	    lastarg="$lastarg $func_quote_for_eval_result"
+	    func_append_quoted lastarg "$arg"
 	  done
 	  IFS="$save_ifs"
 	  func_stripname ' ' '' "$lastarg"
 	  lastarg=$func_stripname_result
 
 	  # Add the arguments to base_compile.
-	  base_compile="$base_compile $lastarg"
+	  func_append base_compile " $lastarg"
 	  continue
 	  ;;
 
@@ -1187,8 +2035,7 @@ func_mode_compile ()
       esac    #  case $arg_mode
 
       # Aesthetically quote the previous argument.
-      func_quote_for_eval "$lastarg"
-      base_compile="$base_compile $func_quote_for_eval_result"
+      func_append_quoted base_compile "$lastarg"
     done # for arg
 
     case $arg_mode in
@@ -1213,7 +2060,7 @@ func_mode_compile ()
     *.[cCFSifmso] | \
     *.ada | *.adb | *.ads | *.asm | \
     *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \
-    *.[fF][09]? | *.for | *.java | *.obj | *.sx)
+    *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup)
       func_xform "$libobj"
       libobj=$func_xform_result
       ;;
@@ -1288,7 +2135,7 @@ func_mode_compile ()
     # Calculate the filename of the output object if compiler does
     # not support -o with -c
     if test "$compiler_c_o" = no; then
-      output_obj=`$ECHO "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext}
+      output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext}
       lockfile="$output_obj.lock"
     else
       output_obj=
@@ -1319,17 +2166,16 @@ compiler."
 	$opt_dry_run || $RM $removelist
 	exit $EXIT_FAILURE
       fi
-      removelist="$removelist $output_obj"
+      func_append removelist " $output_obj"
       $ECHO "$srcfile" > "$lockfile"
     fi
 
     $opt_dry_run || $RM $removelist
-    removelist="$removelist $lockfile"
+    func_append removelist " $lockfile"
     trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15
 
-    if test -n "$fix_srcfile_path"; then
-      eval srcfile=\"$fix_srcfile_path\"
-    fi
+    func_to_tool_file "$srcfile" func_convert_file_msys_to_w32
+    srcfile=$func_to_tool_file_result
     func_quote_for_eval "$srcfile"
     qsrcfile=$func_quote_for_eval_result
 
@@ -1349,7 +2195,7 @@ compiler."
 
       if test -z "$output_obj"; then
 	# Place PIC objects in $objdir
-	command="$command -o $lobj"
+	func_append command " -o $lobj"
       fi
 
       func_show_eval_locale "$command"	\
@@ -1396,11 +2242,11 @@ compiler."
 	command="$base_compile $qsrcfile $pic_flag"
       fi
       if test "$compiler_c_o" = yes; then
-	command="$command -o $obj"
+	func_append command " -o $obj"
       fi
 
       # Suppress compiler output if we already did a PIC compilation.
-      command="$command$suppress_output"
+      func_append command "$suppress_output"
       func_show_eval_locale "$command" \
         '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE'
 
@@ -1445,13 +2291,13 @@ compiler."
 }
 
 $opt_help || {
-test "$mode" = compile && func_mode_compile ${1+"$@"}
+  test "$opt_mode" = compile && func_mode_compile ${1+"$@"}
 }
 
 func_mode_help ()
 {
     # We need to display help for each of the modes.
-    case $mode in
+    case $opt_mode in
       "")
         # Generic help is extracted from the usage comments
         # at the start of this file.
@@ -1482,10 +2328,11 @@ This mode accepts the following additional options:
 
   -o OUTPUT-FILE    set the output file name to OUTPUT-FILE
   -no-suppress      do not suppress compiler output for multiple passes
-  -prefer-pic       try to building PIC objects only
-  -prefer-non-pic   try to building non-PIC objects only
+  -prefer-pic       try to build PIC objects only
+  -prefer-non-pic   try to build non-PIC objects only
   -shared           do not build a \`.o' file suitable for static linking
   -static           only build a \`.o' file suitable for static linking
+  -Wc,FLAG          pass FLAG directly to the compiler
 
 COMPILE-COMMAND is a command to be used in creating a \`standard' object file
 from the given SOURCEFILE.
@@ -1538,7 +2385,7 @@ either the \`install' or \`cp' program.
 
 The following components of INSTALL-COMMAND are treated specially:
 
-  -inst-prefix PREFIX-DIR  Use PREFIX-DIR as a staging area for installation
+  -inst-prefix-dir PREFIX-DIR  Use PREFIX-DIR as a staging area for installation
 
 The rest of the components are interpreted as arguments to that command (only
 BSD-compatible install options are recognized)."
@@ -1558,6 +2405,8 @@ The following components of LINK-COMMAND are treated specially:
 
   -all-static       do not do any dynamic linking at all
   -avoid-version    do not add a version suffix if possible
+  -bindir BINDIR    specify path to binaries directory (for systems where
+                    libraries must be found in the PATH setting at runtime)
   -dlopen FILE      \`-dlpreopen' FILE if it cannot be dlopened at runtime
   -dlpreopen FILE   link in FILE and add its symbols to lt_preloaded_symbols
   -export-dynamic   allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
@@ -1586,6 +2435,11 @@ The following components of LINK-COMMAND are treated specially:
   -version-info CURRENT[:REVISION[:AGE]]
                     specify library version info [each variable defaults to 0]
   -weak LIBNAME     declare that the target provides the LIBNAME interface
+  -Wc,FLAG
+  -Xcompiler FLAG   pass linker-specific FLAG directly to the compiler
+  -Wl,FLAG
+  -Xlinker FLAG     pass linker-specific FLAG directly to the linker
+  -XCClinker FLAG   pass link-specific FLAG to the compiler driver (CC)
 
 All other options (arguments beginning with \`-') are ignored.
 
@@ -1619,18 +2473,44 @@ Otherwise, only FILE itself is deleted using RM."
         ;;
 
       *)
-        func_fatal_help "invalid operation mode \`$mode'"
+        func_fatal_help "invalid operation mode \`$opt_mode'"
         ;;
     esac
 
-    $ECHO
+    echo
     $ECHO "Try \`$progname --help' for more information about other modes."
-
-    exit $?
 }
 
-  # Now that we've collected a possible --mode arg, show help if necessary
-  $opt_help && func_mode_help
+# Now that we've collected a possible --mode arg, show help if necessary
+if $opt_help; then
+  if test "$opt_help" = :; then
+    func_mode_help
+  else
+    {
+      func_help noexit
+      for opt_mode in compile link execute install finish uninstall clean; do
+	func_mode_help
+      done
+    } | sed -n '1p; 2,$s/^Usage:/  or: /p'
+    {
+      func_help noexit
+      for opt_mode in compile link execute install finish uninstall clean; do
+	echo
+	func_mode_help
+      done
+    } |
+    sed '1d
+      /^When reporting/,/^Report/{
+	H
+	d
+      }
+      $x
+      /information about other modes/d
+      /more detailed .*MODE/d
+      s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/'
+  fi
+  exit $?
+fi
 
 
 # func_mode_execute arg...
@@ -1643,13 +2523,16 @@ func_mode_execute ()
       func_fatal_help "you must specify a COMMAND"
 
     # Handle -dlopen flags immediately.
-    for file in $execute_dlfiles; do
+    for file in $opt_dlopen; do
       test -f "$file" \
 	|| func_fatal_help "\`$file' is not a file"
 
       dir=
       case $file in
       *.la)
+	func_resolve_sysroot "$file"
+	file=$func_resolve_sysroot_result
+
 	# Check to see that this really is a libtool archive.
 	func_lalib_unsafe_p "$file" \
 	  || func_fatal_help "\`$lib' is not a valid libtool archive"
@@ -1671,7 +2554,7 @@ func_mode_execute ()
 	dir="$func_dirname_result"
 
 	if test -f "$dir/$objdir/$dlname"; then
-	  dir="$dir/$objdir"
+	  func_append dir "/$objdir"
 	else
 	  if test ! -f "$dir/$dlname"; then
 	    func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'"
@@ -1712,7 +2595,7 @@ func_mode_execute ()
     for file
     do
       case $file in
-      -*) ;;
+      -* | *.la | *.lo ) ;;
       *)
 	# Do a test to see if this is really a libtool program.
 	if func_ltwrapper_script_p "$file"; then
@@ -1728,8 +2611,7 @@ func_mode_execute ()
 	;;
       esac
       # Quote arguments (to preserve shell metacharacters).
-      func_quote_for_eval "$file"
-      args="$args $func_quote_for_eval_result"
+      func_append_quoted args "$file"
     done
 
     if test "X$opt_dry_run" = Xfalse; then
@@ -1754,29 +2636,66 @@ func_mode_execute ()
       # Display what would be done.
       if test -n "$shlibpath_var"; then
 	eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\""
-	$ECHO "export $shlibpath_var"
+	echo "export $shlibpath_var"
       fi
       $ECHO "$cmd$args"
       exit $EXIT_SUCCESS
     fi
 }
 
-test "$mode" = execute && func_mode_execute ${1+"$@"}
+test "$opt_mode" = execute && func_mode_execute ${1+"$@"}
 
 
 # func_mode_finish arg...
 func_mode_finish ()
 {
     $opt_debug
-    libdirs="$nonopt"
+    libs=
+    libdirs=
     admincmds=
 
-    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
-      for dir
-      do
-	libdirs="$libdirs $dir"
-      done
+    for opt in "$nonopt" ${1+"$@"}
+    do
+      if test -d "$opt"; then
+	func_append libdirs " $opt"
 
+      elif test -f "$opt"; then
+	if func_lalib_unsafe_p "$opt"; then
+	  func_append libs " $opt"
+	else
+	  func_warning "\`$opt' is not a valid libtool archive"
+	fi
+
+      else
+	func_fatal_error "invalid argument \`$opt'"
+      fi
+    done
+
+    if test -n "$libs"; then
+      if test -n "$lt_sysroot"; then
+        sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"`
+        sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;"
+      else
+        sysroot_cmd=
+      fi
+
+      # Remove sysroot references
+      if $opt_dry_run; then
+        for lib in $libs; do
+          echo "removing references to $lt_sysroot and \`=' prefixes from $lib"
+        done
+      else
+        tmpdir=`func_mktempdir`
+        for lib in $libs; do
+	  sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \
+	    > $tmpdir/tmp-la
+	  mv -f $tmpdir/tmp-la $lib
+	done
+        ${RM}r "$tmpdir"
+      fi
+    fi
+
+    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
       for libdir in $libdirs; do
 	if test -n "$finish_cmds"; then
 	  # Do each command in the finish commands.
@@ -1786,7 +2705,7 @@ func_mode_finish ()
 	if test -n "$finish_eval"; then
 	  # Do the single finish_eval.
 	  eval cmds=\"$finish_eval\"
-	  $opt_dry_run || eval "$cmds" || admincmds="$admincmds
+	  $opt_dry_run || eval "$cmds" || func_append admincmds "
        $cmds"
 	fi
       done
@@ -1795,53 +2714,55 @@ func_mode_finish ()
     # Exit here if they wanted silent mode.
     $opt_silent && exit $EXIT_SUCCESS
 
-    $ECHO "X----------------------------------------------------------------------" | $Xsed
-    $ECHO "Libraries have been installed in:"
-    for libdir in $libdirs; do
-      $ECHO "   $libdir"
-    done
-    $ECHO
-    $ECHO "If you ever happen to want to link against installed libraries"
-    $ECHO "in a given directory, LIBDIR, you must either use libtool, and"
-    $ECHO "specify the full pathname of the library, or use the \`-LLIBDIR'"
-    $ECHO "flag during linking and do at least one of the following:"
-    if test -n "$shlibpath_var"; then
-      $ECHO "   - add LIBDIR to the \`$shlibpath_var' environment variable"
-      $ECHO "     during execution"
-    fi
-    if test -n "$runpath_var"; then
-      $ECHO "   - add LIBDIR to the \`$runpath_var' environment variable"
-      $ECHO "     during linking"
-    fi
-    if test -n "$hardcode_libdir_flag_spec"; then
-      libdir=LIBDIR
-      eval flag=\"$hardcode_libdir_flag_spec\"
+    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+      echo "----------------------------------------------------------------------"
+      echo "Libraries have been installed in:"
+      for libdir in $libdirs; do
+	$ECHO "   $libdir"
+      done
+      echo
+      echo "If you ever happen to want to link against installed libraries"
+      echo "in a given directory, LIBDIR, you must either use libtool, and"
+      echo "specify the full pathname of the library, or use the \`-LLIBDIR'"
+      echo "flag during linking and do at least one of the following:"
+      if test -n "$shlibpath_var"; then
+	echo "   - add LIBDIR to the \`$shlibpath_var' environment variable"
+	echo "     during execution"
+      fi
+      if test -n "$runpath_var"; then
+	echo "   - add LIBDIR to the \`$runpath_var' environment variable"
+	echo "     during linking"
+      fi
+      if test -n "$hardcode_libdir_flag_spec"; then
+	libdir=LIBDIR
+	eval flag=\"$hardcode_libdir_flag_spec\"
 
-      $ECHO "   - use the \`$flag' linker flag"
-    fi
-    if test -n "$admincmds"; then
-      $ECHO "   - have your system administrator run these commands:$admincmds"
-    fi
-    if test -f /etc/ld.so.conf; then
-      $ECHO "   - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
-    fi
-    $ECHO
+	$ECHO "   - use the \`$flag' linker flag"
+      fi
+      if test -n "$admincmds"; then
+	$ECHO "   - have your system administrator run these commands:$admincmds"
+      fi
+      if test -f /etc/ld.so.conf; then
+	echo "   - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
+      fi
+      echo
 
-    $ECHO "See any operating system documentation about shared libraries for"
-    case $host in
-      solaris2.[6789]|solaris2.1[0-9])
-        $ECHO "more information, such as the ld(1), crle(1) and ld.so(8) manual"
-	$ECHO "pages."
-	;;
-      *)
-        $ECHO "more information, such as the ld(1) and ld.so(8) manual pages."
-        ;;
-    esac
-    $ECHO "X----------------------------------------------------------------------" | $Xsed
+      echo "See any operating system documentation about shared libraries for"
+      case $host in
+	solaris2.[6789]|solaris2.1[0-9])
+	  echo "more information, such as the ld(1), crle(1) and ld.so(8) manual"
+	  echo "pages."
+	  ;;
+	*)
+	  echo "more information, such as the ld(1) and ld.so(8) manual pages."
+	  ;;
+      esac
+      echo "----------------------------------------------------------------------"
+    fi
     exit $EXIT_SUCCESS
 }
 
-test "$mode" = finish && func_mode_finish ${1+"$@"}
+test "$opt_mode" = finish && func_mode_finish ${1+"$@"}
 
 
 # func_mode_install arg...
@@ -1852,7 +2773,7 @@ func_mode_install ()
     # install_prog (especially on Windows NT).
     if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh ||
        # Allow the use of GNU shtool's install command.
-       $ECHO "X$nonopt" | $GREP shtool >/dev/null; then
+       case $nonopt in *shtool*) :;; *) false;; esac; then
       # Aesthetically quote it.
       func_quote_for_eval "$nonopt"
       install_prog="$func_quote_for_eval_result "
@@ -1866,7 +2787,12 @@ func_mode_install ()
     # The real first argument should be the name of the installation program.
     # Aesthetically quote it.
     func_quote_for_eval "$arg"
-    install_prog="$install_prog$func_quote_for_eval_result"
+    func_append install_prog "$func_quote_for_eval_result"
+    install_shared_prog=$install_prog
+    case " $install_prog " in
+      *[\\\ /]cp\ *) install_cp=: ;;
+      *) install_cp=false ;;
+    esac
 
     # We need to accept at least all the BSD install flags.
     dest=
@@ -1876,10 +2802,12 @@ func_mode_install ()
     install_type=
     isdir=no
     stripme=
+    no_mode=:
     for arg
     do
+      arg2=
       if test -n "$dest"; then
-	files="$files $dest"
+	func_append files " $dest"
 	dest=$arg
 	continue
       fi
@@ -1887,10 +2815,9 @@ func_mode_install ()
       case $arg in
       -d) isdir=yes ;;
       -f)
-	case " $install_prog " in
-	*[\\\ /]cp\ *) ;;
-	*) prev=$arg ;;
-	esac
+	if $install_cp; then :; else
+	  prev=$arg
+	fi
 	;;
       -g | -m | -o)
 	prev=$arg
@@ -1904,6 +2831,10 @@ func_mode_install ()
       *)
 	# If the previous option needed an argument, then skip it.
 	if test -n "$prev"; then
+	  if test "x$prev" = x-m && test -n "$install_override_mode"; then
+	    arg2=$install_override_mode
+	    no_mode=false
+	  fi
 	  prev=
 	else
 	  dest=$arg
@@ -1914,7 +2845,11 @@ func_mode_install ()
 
       # Aesthetically quote the argument.
       func_quote_for_eval "$arg"
-      install_prog="$install_prog $func_quote_for_eval_result"
+      func_append install_prog " $func_quote_for_eval_result"
+      if test -n "$arg2"; then
+	func_quote_for_eval "$arg2"
+      fi
+      func_append install_shared_prog " $func_quote_for_eval_result"
     done
 
     test -z "$install_prog" && \
@@ -1923,6 +2858,13 @@ func_mode_install ()
     test -n "$prev" && \
       func_fatal_help "the \`$prev' option requires an argument"
 
+    if test -n "$install_override_mode" && $no_mode; then
+      if $install_cp; then :; else
+	func_quote_for_eval "$install_override_mode"
+	func_append install_shared_prog " -m $func_quote_for_eval_result"
+      fi
+    fi
+
     if test -z "$files"; then
       if test -z "$dest"; then
 	func_fatal_help "no file or destination specified"
@@ -1977,10 +2919,13 @@ func_mode_install ()
       case $file in
       *.$libext)
 	# Do the static libraries later.
-	staticlibs="$staticlibs $file"
+	func_append staticlibs " $file"
 	;;
 
       *.la)
+	func_resolve_sysroot "$file"
+	file=$func_resolve_sysroot_result
+
 	# Check to see that this really is a libtool archive.
 	func_lalib_unsafe_p "$file" \
 	  || func_fatal_help "\`$file' is not a valid libtool archive"
@@ -1994,23 +2939,23 @@ func_mode_install ()
 	if test "X$destdir" = "X$libdir"; then
 	  case "$current_libdirs " in
 	  *" $libdir "*) ;;
-	  *) current_libdirs="$current_libdirs $libdir" ;;
+	  *) func_append current_libdirs " $libdir" ;;
 	  esac
 	else
 	  # Note the libdir as a future libdir.
 	  case "$future_libdirs " in
 	  *" $libdir "*) ;;
-	  *) future_libdirs="$future_libdirs $libdir" ;;
+	  *) func_append future_libdirs " $libdir" ;;
 	  esac
 	fi
 
 	func_dirname "$file" "/" ""
 	dir="$func_dirname_result"
-	dir="$dir$objdir"
+	func_append dir "$objdir"
 
 	if test -n "$relink_command"; then
 	  # Determine the prefix the user has applied to our future dir.
-	  inst_prefix_dir=`$ECHO "X$destdir" | $Xsed -e "s%$libdir\$%%"`
+	  inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"`
 
 	  # Don't allow the user to place us outside of our expected
 	  # location b/c this prevents finding dependent libraries that
@@ -2023,9 +2968,9 @@ func_mode_install ()
 
 	  if test -n "$inst_prefix_dir"; then
 	    # Stick the inst_prefix_dir data into the link command.
-	    relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
+	    relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
 	  else
-	    relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%%"`
+	    relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"`
 	  fi
 
 	  func_warning "relinking \`$file'"
@@ -2043,7 +2988,7 @@ func_mode_install ()
 	  test -n "$relink_command" && srcname="$realname"T
 
 	  # Install the shared library and build the symlinks.
-	  func_show_eval "$install_prog $dir/$srcname $destdir/$realname" \
+	  func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \
 	      'exit $?'
 	  tstripme="$stripme"
 	  case $host_os in
@@ -2083,7 +3028,7 @@ func_mode_install ()
 	func_show_eval "$install_prog $instname $destdir/$name" 'exit $?'
 
 	# Maybe install the static library, too.
-	test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library"
+	test -n "$old_library" && func_append staticlibs " $dir/$old_library"
 	;;
 
       *.lo)
@@ -2183,7 +3128,7 @@ func_mode_install ()
 	    if test -f "$lib"; then
 	      func_source "$lib"
 	    fi
-	    libfile="$libdir/"`$ECHO "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test
+	    libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test
 	    if test -n "$libdir" && test ! -f "$libfile"; then
 	      func_warning "\`$lib' has not been installed in \`$libdir'"
 	      finalize=no
@@ -2202,7 +3147,7 @@ func_mode_install ()
 		file="$func_basename_result"
 	        outputname="$tmpdir/$file"
 	        # Replace the output file specification.
-	        relink_command=`$ECHO "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'`
+	        relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'`
 
 	        $opt_silent || {
 	          func_quote_for_expand "$relink_command"
@@ -2221,7 +3166,7 @@ func_mode_install ()
 	    }
 	  else
 	    # Install the binary that we compiled earlier.
-	    file=`$ECHO "X$file$stripped_ext" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"`
+	    file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"`
 	  fi
 	fi
 
@@ -2257,11 +3202,13 @@ func_mode_install ()
 
       # Set up the ranlib parameters.
       oldlib="$destdir/$name"
+      func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+      tool_oldlib=$func_to_tool_file_result
 
       func_show_eval "$install_prog \$file \$oldlib" 'exit $?'
 
       if test -n "$stripme" && test -n "$old_striplib"; then
-	func_show_eval "$old_striplib $oldlib" 'exit $?'
+	func_show_eval "$old_striplib $tool_oldlib" 'exit $?'
       fi
 
       # Do each command in the postinstall commands.
@@ -2280,7 +3227,7 @@ func_mode_install ()
     fi
 }
 
-test "$mode" = install && func_mode_install ${1+"$@"}
+test "$opt_mode" = install && func_mode_install ${1+"$@"}
 
 
 # func_generate_dlsyms outputname originator pic_p
@@ -2323,6 +3270,22 @@ func_generate_dlsyms ()
 extern \"C\" {
 #endif
 
+#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4))
+#pragma GCC diagnostic ignored \"-Wstrict-prototypes\"
+#endif
+
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT_DLSYM_CONST
+#else
+# define LT_DLSYM_CONST const
+#endif
+
 /* External symbol declarations for the compiler. */\
 "
 
@@ -2332,10 +3295,11 @@ extern \"C\" {
 	  $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist"
 
 	  # Add our own program objects to the symbol list.
-	  progfiles=`$ECHO "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+	  progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP`
 	  for progfile in $progfiles; do
-	    func_verbose "extracting global C symbols from \`$progfile'"
-	    $opt_dry_run || eval "$NM $progfile | $global_symbol_pipe >> '$nlist'"
+	    func_to_tool_file "$progfile" func_convert_file_msys_to_w32
+	    func_verbose "extracting global C symbols from \`$func_to_tool_file_result'"
+	    $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'"
 	  done
 
 	  if test -n "$exclude_expsyms"; then
@@ -2371,7 +3335,7 @@ extern \"C\" {
 	      eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
 	      eval '$MV "$nlist"T "$nlist"'
 	      case $host in
-	        *cygwin | *mingw* | *cegcc* )
+	        *cygwin* | *mingw* | *cegcc* )
 	          eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
 	          eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
 	          ;;
@@ -2384,10 +3348,52 @@ extern \"C\" {
 	  func_verbose "extracting global C symbols from \`$dlprefile'"
 	  func_basename "$dlprefile"
 	  name="$func_basename_result"
-	  $opt_dry_run || {
-	    eval '$ECHO ": $name " >> "$nlist"'
-	    eval "$NM $dlprefile 2>/dev/null | $global_symbol_pipe >> '$nlist'"
-	  }
+          case $host in
+	    *cygwin* | *mingw* | *cegcc* )
+	      # if an import library, we need to obtain dlname
+	      if func_win32_import_lib_p "$dlprefile"; then
+	        func_tr_sh "$dlprefile"
+	        eval "curr_lafile=\$libfile_$func_tr_sh_result"
+	        dlprefile_dlbasename=""
+	        if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then
+	          # Use subshell, to avoid clobbering current variable values
+	          dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"`
+	          if test -n "$dlprefile_dlname" ; then
+	            func_basename "$dlprefile_dlname"
+	            dlprefile_dlbasename="$func_basename_result"
+	          else
+	            # no lafile. user explicitly requested -dlpreopen <import library>.
+	            $sharedlib_from_linklib_cmd "$dlprefile"
+	            dlprefile_dlbasename=$sharedlib_from_linklib_result
+	          fi
+	        fi
+	        $opt_dry_run || {
+	          if test -n "$dlprefile_dlbasename" ; then
+	            eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"'
+	          else
+	            func_warning "Could not compute DLL name from $name"
+	            eval '$ECHO ": $name " >> "$nlist"'
+	          fi
+	          func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	          eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe |
+	            $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'"
+	        }
+	      else # not an import lib
+	        $opt_dry_run || {
+	          eval '$ECHO ": $name " >> "$nlist"'
+	          func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	          eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+	        }
+	      fi
+	    ;;
+	    *)
+	      $opt_dry_run || {
+	        eval '$ECHO ": $name " >> "$nlist"'
+	        func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32
+	        eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'"
+	      }
+	    ;;
+          esac
 	done
 
 	$opt_dry_run || {
@@ -2415,36 +3421,19 @@ extern \"C\" {
 	  if test -f "$nlist"S; then
 	    eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"'
 	  else
-	    $ECHO '/* NONE */' >> "$output_objdir/$my_dlsyms"
+	    echo '/* NONE */' >> "$output_objdir/$my_dlsyms"
 	  fi
 
-	  $ECHO >> "$output_objdir/$my_dlsyms" "\
+	  echo >> "$output_objdir/$my_dlsyms" "\
 
 /* The mapping between symbol names and symbols.  */
 typedef struct {
   const char *name;
   void *address;
 } lt_dlsymlist;
-"
-	  case $host in
-	  *cygwin* | *mingw* | *cegcc* )
-	    $ECHO >> "$output_objdir/$my_dlsyms" "\
-/* DATA imports from DLLs on WIN32 con't be const, because
-   runtime relocations are performed -- see ld's documentation
-   on pseudo-relocs.  */"
-	    lt_dlsym_const= ;;
-	  *osf5*)
-	    echo >> "$output_objdir/$my_dlsyms" "\
-/* This system does not cope well with relocations in const data */"
-	    lt_dlsym_const= ;;
-	  *)
-	    lt_dlsym_const=const ;;
-	  esac
-
-	  $ECHO >> "$output_objdir/$my_dlsyms" "\
-extern $lt_dlsym_const lt_dlsymlist
+extern LT_DLSYM_CONST lt_dlsymlist
 lt_${my_prefix}_LTX_preloaded_symbols[];
-$lt_dlsym_const lt_dlsymlist
+LT_DLSYM_CONST lt_dlsymlist
 lt_${my_prefix}_LTX_preloaded_symbols[] =
 {\
   { \"$my_originator\", (void *) 0 },"
@@ -2457,7 +3446,7 @@ lt_${my_prefix}_LTX_preloaded_symbols[] =
 	    eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms"
 	    ;;
 	  esac
-	  $ECHO >> "$output_objdir/$my_dlsyms" "\
+	  echo >> "$output_objdir/$my_dlsyms" "\
   {0, (void *) 0}
 };
 
@@ -2484,7 +3473,7 @@ static const void *lt_preloaded_setup() {
 	  # linked before any other PIC object.  But we must not use
 	  # pic_flag when linking with -static.  The problem exists in
 	  # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
-	  *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
+	  *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
 	    pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;;
 	  *-*-hpux*)
 	    pic_flag_for_symtable=" $pic_flag"  ;;
@@ -2500,7 +3489,7 @@ static const void *lt_preloaded_setup() {
 	for arg in $LTCFLAGS; do
 	  case $arg in
 	  -pie | -fpie | -fPIE) ;;
-	  *) symtab_cflags="$symtab_cflags $arg" ;;
+	  *) func_append symtab_cflags " $arg" ;;
 	  esac
 	done
 
@@ -2515,16 +3504,16 @@ static const void *lt_preloaded_setup() {
 	case $host in
 	*cygwin* | *mingw* | *cegcc* )
 	  if test -f "$output_objdir/$my_outputname.def"; then
-	    compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
-	    finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+	    compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+	    finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
 	  else
-	    compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
-	    finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
+	    compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	    finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
 	  fi
 	  ;;
 	*)
-	  compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
-	  finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
+	  compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+	  finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
 	  ;;
 	esac
 	;;
@@ -2538,8 +3527,8 @@ static const void *lt_preloaded_setup() {
       # really was required.
 
       # Nullify the symbol file.
-      compile_command=`$ECHO "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"`
-      finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"`
+      compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"`
+      finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"`
     fi
 }
 
@@ -2549,6 +3538,7 @@ static const void *lt_preloaded_setup() {
 # Need a lot of goo to handle *both* DLLs and import libs
 # Has to be a shell function in order to 'eat' the argument
 # that is supplied when $file_magic_command is called.
+# Despite the name, also deal with 64 bit binaries.
 func_win32_libid ()
 {
   $opt_debug
@@ -2559,9 +3549,11 @@ func_win32_libid ()
     win32_libid_type="x86 archive import"
     ;;
   *ar\ archive*) # could be an import, or static
+    # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD.
     if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null |
-       $EGREP 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then
-      win32_nmres=`eval $NM -f posix -A $1 |
+       $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then
+      func_to_tool_file "$1" func_convert_file_msys_to_w32
+      win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" |
 	$SED -n -e '
 	    1,100{
 		/ I /{
@@ -2590,6 +3582,131 @@ func_win32_libid ()
   $ECHO "$win32_libid_type"
 }
 
+# func_cygming_dll_for_implib ARG
+#
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+# Invoked by eval'ing the libtool variable
+#    $sharedlib_from_linklib_cmd
+# Result is available in the variable
+#    $sharedlib_from_linklib_result
+func_cygming_dll_for_implib ()
+{
+  $opt_debug
+  sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"`
+}
+
+# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs
+#
+# The is the core of a fallback implementation of a
+# platform-specific function to extract the name of the
+# DLL associated with the specified import library LIBNAME.
+#
+# SECTION_NAME is either .idata$6 or .idata$7, depending
+# on the platform and compiler that created the implib.
+#
+# Echos the name of the DLL associated with the
+# specified import library.
+func_cygming_dll_for_implib_fallback_core ()
+{
+  $opt_debug
+  match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"`
+  $OBJDUMP -s --section "$1" "$2" 2>/dev/null |
+    $SED '/^Contents of section '"$match_literal"':/{
+      # Place marker at beginning of archive member dllname section
+      s/.*/====MARK====/
+      p
+      d
+    }
+    # These lines can sometimes be longer than 43 characters, but
+    # are always uninteresting
+    /:[	 ]*file format pe[i]\{,1\}-/d
+    /^In archive [^:]*:/d
+    # Ensure marker is printed
+    /^====MARK====/p
+    # Remove all lines with less than 43 characters
+    /^.\{43\}/!d
+    # From remaining lines, remove first 43 characters
+    s/^.\{43\}//' |
+    $SED -n '
+      # Join marker and all lines until next marker into a single line
+      /^====MARK====/ b para
+      H
+      $ b para
+      b
+      :para
+      x
+      s/\n//g
+      # Remove the marker
+      s/^====MARK====//
+      # Remove trailing dots and whitespace
+      s/[\. \t]*$//
+      # Print
+      /./p' |
+    # we now have a list, one entry per line, of the stringified
+    # contents of the appropriate section of all members of the
+    # archive which possess that section. Heuristic: eliminate
+    # all those which have a first or second character that is
+    # a '.' (that is, objdump's representation of an unprintable
+    # character.) This should work for all archives with less than
+    # 0x302f exports -- but will fail for DLLs whose name actually
+    # begins with a literal '.' or a single character followed by
+    # a '.'.
+    #
+    # Of those that remain, print the first one.
+    $SED -e '/^\./d;/^.\./d;q'
+}
+
+# func_cygming_gnu_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is a GNU/binutils-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_gnu_implib_p ()
+{
+  $opt_debug
+  func_to_tool_file "$1" func_convert_file_msys_to_w32
+  func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'`
+  test -n "$func_cygming_gnu_implib_tmp"
+}
+
+# func_cygming_ms_implib_p ARG
+# This predicate returns with zero status (TRUE) if
+# ARG is an MS-style import library. Returns
+# with nonzero status (FALSE) otherwise.
+func_cygming_ms_implib_p ()
+{
+  $opt_debug
+  func_to_tool_file "$1" func_convert_file_msys_to_w32
+  func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'`
+  test -n "$func_cygming_ms_implib_tmp"
+}
+
+# func_cygming_dll_for_implib_fallback ARG
+# Platform-specific function to extract the
+# name of the DLL associated with the specified
+# import library ARG.
+#
+# This fallback implementation is for use when $DLLTOOL
+# does not support the --identify-strict option.
+# Invoked by eval'ing the libtool variable
+#    $sharedlib_from_linklib_cmd
+# Result is available in the variable
+#    $sharedlib_from_linklib_result
+func_cygming_dll_for_implib_fallback ()
+{
+  $opt_debug
+  if func_cygming_gnu_implib_p "$1" ; then
+    # binutils import library
+    sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"`
+  elif func_cygming_ms_implib_p "$1" ; then
+    # ms-generated import library
+    sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"`
+  else
+    # unknown
+    sharedlib_from_linklib_result=""
+  fi
+}
 
 
 # func_extract_an_archive dir oldlib
@@ -2598,7 +3715,18 @@ func_extract_an_archive ()
     $opt_debug
     f_ex_an_ar_dir="$1"; shift
     f_ex_an_ar_oldlib="$1"
-    func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" 'exit $?'
+    if test "$lock_old_archive_extraction" = yes; then
+      lockfile=$f_ex_an_ar_oldlib.lock
+      until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+	func_echo "Waiting for $lockfile to be removed"
+	sleep 2
+      done
+    fi
+    func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \
+		   'stat=$?; rm -f "$lockfile"; exit $stat'
+    if test "$lock_old_archive_extraction" = yes; then
+      $opt_dry_run || rm -f "$lockfile"
+    fi
     if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
      :
     else
@@ -2669,7 +3797,7 @@ func_extract_archives ()
 	    darwin_file=
 	    darwin_files=
 	    for darwin_file in $darwin_filelist; do
-	      darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP`
+	      darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP`
 	      $LIPO -create -output "$darwin_file" $darwin_files
 	    done # $darwin_filelist
 	    $RM -rf unfat-$$
@@ -2684,25 +3812,30 @@ func_extract_archives ()
         func_extract_an_archive "$my_xdir" "$my_xabs"
 	;;
       esac
-      my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP`
+      my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP`
     done
 
     func_extract_archives_result="$my_oldobjs"
 }
 
 
-
-# func_emit_wrapper_part1 [arg=no]
+# func_emit_wrapper [arg=no]
 #
-# Emit the first part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part1 ()
+# Emit a libtool wrapper script on stdout.
+# Don't directly open a file because we may want to
+# incorporate the script contents within a cygwin/mingw
+# wrapper executable.  Must ONLY be called from within
+# func_mode_link because it depends on a number of variables
+# set therein.
+#
+# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
+# variable will take.  If 'yes', then the emitted script
+# will assume that the directory in which it is stored is
+# the $objdir directory.  This is a cygwin/mingw-specific
+# behavior.
+func_emit_wrapper ()
 {
-	func_emit_wrapper_part1_arg1=no
-	if test -n "$1" ; then
-	  func_emit_wrapper_part1_arg1=$1
-	fi
+	func_emit_wrapper_arg1=${1-no}
 
 	$ECHO "\
 #! $SHELL
@@ -2718,7 +3851,6 @@ func_emit_wrapper_part1 ()
 
 # Sed substitution that helps us do robust quoting.  It backslashifies
 # metacharacters that are still active within double-quoted strings.
-Xsed='${SED} -e 1s/^X//'
 sed_quote_subst='$sed_quote_subst'
 
 # Be Bourne compatible
@@ -2749,31 +3881,135 @@ if test \"\$libtool_install_magic\" = \"$magic\"; then
 else
   # When we are sourced in execute mode, \$file and \$ECHO are already set.
   if test \"\$libtool_execute_magic\" != \"$magic\"; then
-    ECHO=\"$qecho\"
-    file=\"\$0\"
-    # Make sure echo works.
-    if test \"X\$1\" = X--no-reexec; then
-      # Discard the --no-reexec flag, and continue.
-      shift
-    elif test \"X\`{ \$ECHO '\t'; } 2>/dev/null\`\" = 'X\t'; then
-      # Yippee, \$ECHO works!
-      :
-    else
-      # Restart under the correct shell, and then maybe \$ECHO will work.
-      exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"}
-    fi
-  fi\
+    file=\"\$0\""
+
+    qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"`
+    $ECHO "\
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+    ECHO=\"$qECHO\"
+  fi
+
+# Very basic option parsing. These options are (a) specific to
+# the libtool wrapper, (b) are identical between the wrapper
+# /script/ and the wrapper /executable/ which is used only on
+# windows platforms, and (c) all begin with the string "--lt-"
+# (application programs are unlikely to have options which match
+# this pattern).
+#
+# There are only two supported options: --lt-debug and
+# --lt-dump-script. There is, deliberately, no --lt-help.
+#
+# The first argument to this parsing function should be the
+# script's $0 value, followed by "$@".
+lt_option_debug=
+func_parse_lt_options ()
+{
+  lt_script_arg0=\$0
+  shift
+  for lt_opt
+  do
+    case \"\$lt_opt\" in
+    --lt-debug) lt_option_debug=1 ;;
+    --lt-dump-script)
+        lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\`
+        test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=.
+        lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\`
+        cat \"\$lt_dump_D/\$lt_dump_F\"
+        exit 0
+      ;;
+    --lt-*)
+        \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2
+        exit 1
+      ;;
+    esac
+  done
+
+  # Print the debug banner immediately:
+  if test -n \"\$lt_option_debug\"; then
+    echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2
+  fi
+}
+
+# Used when --lt-debug. Prints its arguments to stdout
+# (redirection is the responsibility of the caller)
+func_lt_dump_args ()
+{
+  lt_dump_args_N=1;
+  for lt_arg
+  do
+    \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\"
+    lt_dump_args_N=\`expr \$lt_dump_args_N + 1\`
+  done
+}
+
+# Core function for launching the target application
+func_exec_program_core ()
+{
 "
-	$ECHO "\
+  case $host in
+  # Backslashes separate directories on plain windows
+  *-*-mingw | *-*-os2* | *-cegcc*)
+    $ECHO "\
+      if test -n \"\$lt_option_debug\"; then
+        \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2
+        func_lt_dump_args \${1+\"\$@\"} 1>&2
+      fi
+      exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
+"
+    ;;
+
+  *)
+    $ECHO "\
+      if test -n \"\$lt_option_debug\"; then
+        \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2
+        func_lt_dump_args \${1+\"\$@\"} 1>&2
+      fi
+      exec \"\$progdir/\$program\" \${1+\"\$@\"}
+"
+    ;;
+  esac
+  $ECHO "\
+      \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
+      exit 1
+}
+
+# A function to encapsulate launching the target application
+# Strips options in the --lt-* namespace from \$@ and
+# launches target application with the remaining arguments.
+func_exec_program ()
+{
+  case \" \$* \" in
+  *\\ --lt-*)
+    for lt_wr_arg
+    do
+      case \$lt_wr_arg in
+      --lt-*) ;;
+      *) set x \"\$@\" \"\$lt_wr_arg\"; shift;;
+      esac
+      shift
+    done ;;
+  esac
+  func_exec_program_core \${1+\"\$@\"}
+}
+
+  # Parse options
+  func_parse_lt_options \"\$0\" \${1+\"\$@\"}
 
   # Find the directory that this script lives in.
-  thisdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\`
+  thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\`
   test \"x\$thisdir\" = \"x\$file\" && thisdir=.
 
   # Follow symbolic links until we get to the real thisdir.
-  file=\`ls -ld \"\$file\" | ${SED} -n 's/.*-> //p'\`
+  file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\`
   while test -n \"\$file\"; do
-    destdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\`
+    destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\`
 
     # If there was a directory component, then change thisdir.
     if test \"x\$destdir\" != \"x\$file\"; then
@@ -2783,30 +4019,13 @@ else
       esac
     fi
 
-    file=\`\$ECHO \"X\$file\" | \$Xsed -e 's%^.*/%%'\`
-    file=\`ls -ld \"\$thisdir/\$file\" | ${SED} -n 's/.*-> //p'\`
+    file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\`
+    file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\`
   done
-"
-}
-# end: func_emit_wrapper_part1
-
-# func_emit_wrapper_part2 [arg=no]
-#
-# Emit the second part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part2 ()
-{
-	func_emit_wrapper_part2_arg1=no
-	if test -n "$1" ; then
-	  func_emit_wrapper_part2_arg1=$1
-	fi
-
-	$ECHO "\
 
   # Usually 'no', except on cygwin/mingw when embedded into
   # the cwrapper.
-  WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_part2_arg1
+  WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1
   if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then
     # special case for '.'
     if test \"\$thisdir\" = \".\"; then
@@ -2814,7 +4033,7 @@ func_emit_wrapper_part2 ()
     fi
     # remove .libs from thisdir
     case \"\$thisdir\" in
-    *[\\\\/]$objdir ) thisdir=\`\$ECHO \"X\$thisdir\" | \$Xsed -e 's%[\\\\/][^\\\\/]*$%%'\` ;;
+    *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;;
     $objdir )   thisdir=. ;;
     esac
   fi
@@ -2869,6 +4088,18 @@ func_emit_wrapper_part2 ()
 
   if test -f \"\$progdir/\$program\"; then"
 
+	# fixup the dll searchpath if we need to.
+	#
+	# Fix the DLL searchpath if we need to.  Do this before prepending
+	# to shlibpath, because on Windows, both are PATH and uninstalled
+	# libraries must come first.
+	if test -n "$dllsearchpath"; then
+	  $ECHO "\
+    # Add the dll search path components to the executable PATH
+    PATH=$dllsearchpath:\$PATH
+"
+	fi
+
 	# Export our shlibpath_var if we have one.
 	if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
 	  $ECHO "\
@@ -2877,254 +4108,29 @@ func_emit_wrapper_part2 ()
 
     # Some systems cannot cope with colon-terminated $shlibpath_var
     # The second colon is a workaround for a bug in BeOS R4 sed
-    $shlibpath_var=\`\$ECHO \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\`
+    $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\`
 
     export $shlibpath_var
 "
 	fi
 
-	# fixup the dll searchpath if we need to.
-	if test -n "$dllsearchpath"; then
-	  $ECHO "\
-    # Add the dll search path components to the executable PATH
-    PATH=$dllsearchpath:\$PATH
-"
-	fi
-
 	$ECHO "\
     if test \"\$libtool_execute_magic\" != \"$magic\"; then
       # Run the actual program with our arguments.
-"
-	case $host in
-	# Backslashes separate directories on plain windows
-	*-*-mingw | *-*-os2* | *-cegcc*)
-	  $ECHO "\
-      exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
-"
-	  ;;
-
-	*)
-	  $ECHO "\
-      exec \"\$progdir/\$program\" \${1+\"\$@\"}
-"
-	  ;;
-	esac
-	$ECHO "\
-      \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
-      exit 1
+      func_exec_program \${1+\"\$@\"}
     fi
   else
     # The program doesn't exist.
     \$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2
     \$ECHO \"This script is just a wrapper for \$program.\" 1>&2
-    $ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
+    \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
     exit 1
   fi
 fi\
 "
 }
-# end: func_emit_wrapper_part2
-
-
-# func_emit_wrapper [arg=no]
-#
-# Emit a libtool wrapper script on stdout.
-# Don't directly open a file because we may want to
-# incorporate the script contents within a cygwin/mingw
-# wrapper executable.  Must ONLY be called from within
-# func_mode_link because it depends on a number of variables
-# set therein.
-#
-# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
-# variable will take.  If 'yes', then the emitted script
-# will assume that the directory in which it is stored is
-# the $objdir directory.  This is a cygwin/mingw-specific
-# behavior.
-func_emit_wrapper ()
-{
-	func_emit_wrapper_arg1=no
-	if test -n "$1" ; then
-	  func_emit_wrapper_arg1=$1
-	fi
-
-	# split this up so that func_emit_cwrapperexe_src
-	# can call each part independently.
-	func_emit_wrapper_part1 "${func_emit_wrapper_arg1}"
-	func_emit_wrapper_part2 "${func_emit_wrapper_arg1}"
-}
 
 
-# func_to_host_path arg
-#
-# Convert paths to host format when used with build tools.
-# Intended for use with "native" mingw (where libtool itself
-# is running under the msys shell), or in the following cross-
-# build environments:
-#    $build          $host
-#    mingw (msys)    mingw  [e.g. native]
-#    cygwin          mingw
-#    *nix + wine     mingw
-# where wine is equipped with the `winepath' executable.
-# In the native mingw case, the (msys) shell automatically
-# converts paths for any non-msys applications it launches,
-# but that facility isn't available from inside the cwrapper.
-# Similar accommodations are necessary for $host mingw and
-# $build cygwin.  Calling this function does no harm for other
-# $host/$build combinations not listed above.
-#
-# ARG is the path (on $build) that should be converted to
-# the proper representation for $host. The result is stored
-# in $func_to_host_path_result.
-func_to_host_path ()
-{
-  func_to_host_path_result="$1"
-  if test -n "$1" ; then
-    case $host in
-      *mingw* )
-        lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
-        case $build in
-          *mingw* ) # actually, msys
-            # awkward: cmd appends spaces to result
-            lt_sed_strip_trailing_spaces="s/[ ]*\$//"
-            func_to_host_path_tmp1=`( cmd //c echo "$1" |\
-              $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
-            func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
-              $SED -e "$lt_sed_naive_backslashify"`
-            ;;
-          *cygwin* )
-            func_to_host_path_tmp1=`cygpath -w "$1"`
-            func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
-              $SED -e "$lt_sed_naive_backslashify"`
-            ;;
-          * )
-            # Unfortunately, winepath does not exit with a non-zero
-            # error code, so we are forced to check the contents of
-            # stdout. On the other hand, if the command is not
-            # found, the shell will set an exit code of 127 and print
-            # *an error message* to stdout. So we must check for both
-            # error code of zero AND non-empty stdout, which explains
-            # the odd construction:
-            func_to_host_path_tmp1=`winepath -w "$1" 2>/dev/null`
-            if test "$?" -eq 0 && test -n "${func_to_host_path_tmp1}"; then
-              func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
-                $SED -e "$lt_sed_naive_backslashify"`
-            else
-              # Allow warning below.
-              func_to_host_path_result=""
-            fi
-            ;;
-        esac
-        if test -z "$func_to_host_path_result" ; then
-          func_error "Could not determine host path corresponding to"
-          func_error "  '$1'"
-          func_error "Continuing, but uninstalled executables may not work."
-          # Fallback:
-          func_to_host_path_result="$1"
-        fi
-        ;;
-    esac
-  fi
-}
-# end: func_to_host_path
-
-# func_to_host_pathlist arg
-#
-# Convert pathlists to host format when used with build tools.
-# See func_to_host_path(), above. This function supports the
-# following $build/$host combinations (but does no harm for
-# combinations not listed here):
-#    $build          $host
-#    mingw (msys)    mingw  [e.g. native]
-#    cygwin          mingw
-#    *nix + wine     mingw
-#
-# Path separators are also converted from $build format to
-# $host format. If ARG begins or ends with a path separator
-# character, it is preserved (but converted to $host format)
-# on output.
-#
-# ARG is a pathlist (on $build) that should be converted to
-# the proper representation on $host. The result is stored
-# in $func_to_host_pathlist_result.
-func_to_host_pathlist ()
-{
-  func_to_host_pathlist_result="$1"
-  if test -n "$1" ; then
-    case $host in
-      *mingw* )
-        lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
-        # Remove leading and trailing path separator characters from
-        # ARG. msys behavior is inconsistent here, cygpath turns them
-        # into '.;' and ';.', and winepath ignores them completely.
-        func_to_host_pathlist_tmp2="$1"
-        # Once set for this call, this variable should not be
-        # reassigned. It is used in tha fallback case.
-        func_to_host_pathlist_tmp1=`echo "$func_to_host_pathlist_tmp2" |\
-          $SED -e 's|^:*||' -e 's|:*$||'`
-        case $build in
-          *mingw* ) # Actually, msys.
-            # Awkward: cmd appends spaces to result.
-            lt_sed_strip_trailing_spaces="s/[ ]*\$//"
-            func_to_host_pathlist_tmp2=`( cmd //c echo "$func_to_host_pathlist_tmp1" |\
-              $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
-            func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
-              $SED -e "$lt_sed_naive_backslashify"`
-            ;;
-          *cygwin* )
-            func_to_host_pathlist_tmp2=`cygpath -w -p "$func_to_host_pathlist_tmp1"`
-            func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
-              $SED -e "$lt_sed_naive_backslashify"`
-            ;;
-          * )
-            # unfortunately, winepath doesn't convert pathlists
-            func_to_host_pathlist_result=""
-            func_to_host_pathlist_oldIFS=$IFS
-            IFS=:
-            for func_to_host_pathlist_f in $func_to_host_pathlist_tmp1 ; do
-              IFS=$func_to_host_pathlist_oldIFS
-              if test -n "$func_to_host_pathlist_f" ; then
-                func_to_host_path "$func_to_host_pathlist_f"
-                if test -n "$func_to_host_path_result" ; then
-                  if test -z "$func_to_host_pathlist_result" ; then
-                    func_to_host_pathlist_result="$func_to_host_path_result"
-                  else
-                    func_to_host_pathlist_result="$func_to_host_pathlist_result;$func_to_host_path_result"
-                  fi
-                fi
-              fi
-              IFS=:
-            done
-            IFS=$func_to_host_pathlist_oldIFS
-            ;;
-        esac
-        if test -z "$func_to_host_pathlist_result" ; then
-          func_error "Could not determine the host path(s) corresponding to"
-          func_error "  '$1'"
-          func_error "Continuing, but uninstalled executables may not work."
-          # Fallback. This may break if $1 contains DOS-style drive
-          # specifications. The fix is not to complicate the expression
-          # below, but for the user to provide a working wine installation
-          # with winepath so that path translation in the cross-to-mingw
-          # case works properly.
-          lt_replace_pathsep_nix_to_dos="s|:|;|g"
-          func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp1" |\
-            $SED -e "$lt_replace_pathsep_nix_to_dos"`
-        fi
-        # Now, add the leading and trailing path separators back
-        case "$1" in
-          :* ) func_to_host_pathlist_result=";$func_to_host_pathlist_result"
-            ;;
-        esac
-        case "$1" in
-          *: ) func_to_host_pathlist_result="$func_to_host_pathlist_result;"
-            ;;
-        esac
-        ;;
-    esac
-  fi
-}
-# end: func_to_host_pathlist
-
 # func_emit_cwrapperexe_src
 # emit the source code for a wrapper executable on stdout
 # Must ONLY be called from within func_mode_link because
@@ -3141,31 +4147,23 @@ func_emit_cwrapperexe_src ()
 
    This wrapper executable should never be moved out of the build directory.
    If it is, it will not operate correctly.
-
-   Currently, it simply execs the wrapper *script* "$SHELL $output",
-   but could eventually absorb all of the scripts functionality and
-   exec $objdir/$outputname directly.
 */
 EOF
 	    cat <<"EOF"
+#ifdef _MSC_VER
+# define _CRT_SECURE_NO_DEPRECATE 1
+#endif
 #include <stdio.h>
 #include <stdlib.h>
 #ifdef _MSC_VER
 # include <direct.h>
 # include <process.h>
 # include <io.h>
-# define setmode _setmode
 #else
 # include <unistd.h>
 # include <stdint.h>
 # ifdef __CYGWIN__
 #  include <io.h>
-#  define HAVE_SETENV
-#  ifdef __STRICT_ANSI__
-char *realpath (const char *, char *);
-int putenv (char *);
-int setenv (const char *, const char *, int);
-#  endif
 # endif
 #endif
 #include <malloc.h>
@@ -3177,6 +4175,44 @@ int setenv (const char *, const char *, int);
 #include <fcntl.h>
 #include <sys/stat.h>
 
+/* declarations of non-ANSI functions */
+#if defined(__MINGW32__)
+# ifdef __STRICT_ANSI__
+int _putenv (const char *);
+# endif
+#elif defined(__CYGWIN__)
+# ifdef __STRICT_ANSI__
+char *realpath (const char *, char *);
+int putenv (char *);
+int setenv (const char *, const char *, int);
+# endif
+/* #elif defined (other platforms) ... */
+#endif
+
+/* portability defines, excluding path handling macros */
+#if defined(_MSC_VER)
+# define setmode _setmode
+# define stat    _stat
+# define chmod   _chmod
+# define getcwd  _getcwd
+# define putenv  _putenv
+# define S_IXUSR _S_IEXEC
+# ifndef _INTPTR_T_DEFINED
+#  define _INTPTR_T_DEFINED
+#  define intptr_t int
+# endif
+#elif defined(__MINGW32__)
+# define setmode _setmode
+# define stat    _stat
+# define chmod   _chmod
+# define getcwd  _getcwd
+# define putenv  _putenv
+#elif defined(__CYGWIN__)
+# define HAVE_SETENV
+# define FOPEN_WB "wb"
+/* #elif defined (other platforms) ... */
+#endif
+
 #if defined(PATH_MAX)
 # define LT_PATHMAX PATH_MAX
 #elif defined(MAXPATHLEN)
@@ -3192,14 +4228,7 @@ int setenv (const char *, const char *, int);
 # define S_IXGRP 0
 #endif
 
-#ifdef _MSC_VER
-# define S_IXUSR _S_IEXEC
-# define stat _stat
-# ifndef _INTPTR_T_DEFINED
-#  define intptr_t int
-# endif
-#endif
-
+/* path handling portability macros */
 #ifndef DIR_SEPARATOR
 # define DIR_SEPARATOR '/'
 # define PATH_SEPARATOR ':'
@@ -3230,10 +4259,6 @@ int setenv (const char *, const char *, int);
 # define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
 #endif /* PATH_SEPARATOR_2 */
 
-#ifdef __CYGWIN__
-# define FOPEN_WB "wb"
-#endif
-
 #ifndef FOPEN_WB
 # define FOPEN_WB "w"
 #endif
@@ -3246,22 +4271,13 @@ int setenv (const char *, const char *, int);
   if (stale) { free ((void *) stale); stale = 0; } \
 } while (0)
 
-#undef LTWRAPPER_DEBUGPRINTF
-#if defined DEBUGWRAPPER
-# define LTWRAPPER_DEBUGPRINTF(args) ltwrapper_debugprintf args
-static void
-ltwrapper_debugprintf (const char *fmt, ...)
-{
-    va_list args;
-    va_start (args, fmt);
-    (void) vfprintf (stderr, fmt, args);
-    va_end (args);
-}
+#if defined(LT_DEBUGWRAPPER)
+static int lt_debug = 1;
 #else
-# define LTWRAPPER_DEBUGPRINTF(args)
+static int lt_debug = 0;
 #endif
 
-const char *program_name = NULL;
+const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */
 
 void *xmalloc (size_t num);
 char *xstrdup (const char *string);
@@ -3271,41 +4287,27 @@ char *chase_symlinks (const char *pathspec);
 int make_executable (const char *path);
 int check_executable (const char *path);
 char *strendzap (char *str, const char *pat);
-void lt_fatal (const char *message, ...);
+void lt_debugprintf (const char *file, int line, const char *fmt, ...);
+void lt_fatal (const char *file, int line, const char *message, ...);
+static const char *nonnull (const char *s);
+static const char *nonempty (const char *s);
 void lt_setenv (const char *name, const char *value);
 char *lt_extend_str (const char *orig_value, const char *add, int to_end);
-void lt_opt_process_env_set (const char *arg);
-void lt_opt_process_env_prepend (const char *arg);
-void lt_opt_process_env_append (const char *arg);
-int lt_split_name_value (const char *arg, char** name, char** value);
 void lt_update_exe_path (const char *name, const char *value);
 void lt_update_lib_path (const char *name, const char *value);
-
-static const char *script_text_part1 =
+char **prepare_spawn (char **argv);
+void lt_dump_script (FILE *f);
 EOF
 
-	    func_emit_wrapper_part1 yes |
-	        $SED -e 's/\([\\"]\)/\\\1/g' \
-	             -e 's/^/  "/' -e 's/$/\\n"/'
-	    echo ";"
 	    cat <<EOF
-
-static const char *script_text_part2 =
-EOF
-	    func_emit_wrapper_part2 yes |
-	        $SED -e 's/\([\\"]\)/\\\1/g' \
-	             -e 's/^/  "/' -e 's/$/\\n"/'
-	    echo ";"
-
-	    cat <<EOF
-const char * MAGIC_EXE = "$magic_exe";
+volatile const char * MAGIC_EXE = "$magic_exe";
 const char * LIB_PATH_VARNAME = "$shlibpath_var";
 EOF
 
 	    if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
-              func_to_host_pathlist "$temp_rpath"
+              func_to_host_path "$temp_rpath"
 	      cat <<EOF
-const char * LIB_PATH_VALUE   = "$func_to_host_pathlist_result";
+const char * LIB_PATH_VALUE   = "$func_to_host_path_result";
 EOF
 	    else
 	      cat <<"EOF"
@@ -3314,10 +4316,10 @@ EOF
 	    fi
 
 	    if test -n "$dllsearchpath"; then
-              func_to_host_pathlist "$dllsearchpath:"
+              func_to_host_path "$dllsearchpath:"
 	      cat <<EOF
 const char * EXE_PATH_VARNAME = "PATH";
-const char * EXE_PATH_VALUE   = "$func_to_host_pathlist_result";
+const char * EXE_PATH_VALUE   = "$func_to_host_path_result";
 EOF
 	    else
 	      cat <<"EOF"
@@ -3340,24 +4342,10 @@ EOF
 	    cat <<"EOF"
 
 #define LTWRAPPER_OPTION_PREFIX         "--lt-"
-#define LTWRAPPER_OPTION_PREFIX_LENGTH  5
 
-static const size_t opt_prefix_len         = LTWRAPPER_OPTION_PREFIX_LENGTH;
 static const char *ltwrapper_option_prefix = LTWRAPPER_OPTION_PREFIX;
-
 static const char *dumpscript_opt       = LTWRAPPER_OPTION_PREFIX "dump-script";
-
-static const size_t env_set_opt_len     = LTWRAPPER_OPTION_PREFIX_LENGTH + 7;
-static const char *env_set_opt          = LTWRAPPER_OPTION_PREFIX "env-set";
-  /* argument is putenv-style "foo=bar", value of foo is set to bar */
-
-static const size_t env_prepend_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 11;
-static const char *env_prepend_opt      = LTWRAPPER_OPTION_PREFIX "env-prepend";
-  /* argument is putenv-style "foo=bar", new value of foo is bar${foo} */
-
-static const size_t env_append_opt_len  = LTWRAPPER_OPTION_PREFIX_LENGTH + 10;
-static const char *env_append_opt       = LTWRAPPER_OPTION_PREFIX "env-append";
-  /* argument is putenv-style "foo=bar", new value of foo is ${foo}bar */
+static const char *debug_opt            = LTWRAPPER_OPTION_PREFIX "debug";
 
 int
 main (int argc, char *argv[])
@@ -3374,10 +4362,13 @@ main (int argc, char *argv[])
   int i;
 
   program_name = (char *) xstrdup (base_name (argv[0]));
-  LTWRAPPER_DEBUGPRINTF (("(main) argv[0]      : %s\n", argv[0]));
-  LTWRAPPER_DEBUGPRINTF (("(main) program_name : %s\n", program_name));
+  newargz = XMALLOC (char *, argc + 1);
 
-  /* very simple arg parsing; don't want to rely on getopt */
+  /* very simple arg parsing; don't want to rely on getopt
+   * also, copy all non cwrapper options to newargz, except
+   * argz[0], which is handled differently
+   */
+  newargc=0;
   for (i = 1; i < argc; i++)
     {
       if (strcmp (argv[i], dumpscript_opt) == 0)
@@ -3391,25 +4382,57 @@ EOF
 	      esac
 
 	    cat <<"EOF"
-	  printf ("%s", script_text_part1);
-	  printf ("%s", script_text_part2);
+	  lt_dump_script (stdout);
 	  return 0;
 	}
+      if (strcmp (argv[i], debug_opt) == 0)
+	{
+          lt_debug = 1;
+          continue;
+	}
+      if (strcmp (argv[i], ltwrapper_option_prefix) == 0)
+        {
+          /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
+             namespace, but it is not one of the ones we know about and
+             have already dealt with, above (inluding dump-script), then
+             report an error. Otherwise, targets might begin to believe
+             they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
+             namespace. The first time any user complains about this, we'll
+             need to make LTWRAPPER_OPTION_PREFIX a configure-time option
+             or a configure.ac-settable value.
+           */
+          lt_fatal (__FILE__, __LINE__,
+		    "unrecognized %s option: '%s'",
+                    ltwrapper_option_prefix, argv[i]);
+        }
+      /* otherwise ... */
+      newargz[++newargc] = xstrdup (argv[i]);
     }
+  newargz[++newargc] = NULL;
+
+EOF
+	    cat <<EOF
+  /* The GNU banner must be the first non-error debug message */
+  lt_debugprintf (__FILE__, __LINE__, "libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\n");
+EOF
+	    cat <<"EOF"
+  lt_debugprintf (__FILE__, __LINE__, "(main) argv[0]: %s\n", argv[0]);
+  lt_debugprintf (__FILE__, __LINE__, "(main) program_name: %s\n", program_name);
 
-  newargz = XMALLOC (char *, argc + 1);
   tmp_pathspec = find_executable (argv[0]);
   if (tmp_pathspec == NULL)
-    lt_fatal ("Couldn't find %s", argv[0]);
-  LTWRAPPER_DEBUGPRINTF (("(main) found exe (before symlink chase) at : %s\n",
-			  tmp_pathspec));
+    lt_fatal (__FILE__, __LINE__, "couldn't find %s", argv[0]);
+  lt_debugprintf (__FILE__, __LINE__,
+                  "(main) found exe (before symlink chase) at: %s\n",
+		  tmp_pathspec);
 
   actual_cwrapper_path = chase_symlinks (tmp_pathspec);
-  LTWRAPPER_DEBUGPRINTF (("(main) found exe (after symlink chase) at : %s\n",
-			  actual_cwrapper_path));
+  lt_debugprintf (__FILE__, __LINE__,
+                  "(main) found exe (after symlink chase) at: %s\n",
+		  actual_cwrapper_path);
   XFREE (tmp_pathspec);
 
-  actual_cwrapper_name = xstrdup( base_name (actual_cwrapper_path));
+  actual_cwrapper_name = xstrdup (base_name (actual_cwrapper_path));
   strendzap (actual_cwrapper_path, actual_cwrapper_name);
 
   /* wrapper name transforms */
@@ -3427,8 +4450,9 @@ EOF
   target_name = tmp_pathspec;
   tmp_pathspec = 0;
 
-  LTWRAPPER_DEBUGPRINTF (("(main) libtool target name: %s\n",
-			  target_name));
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(main) libtool target name: %s\n",
+		  target_name);
 EOF
 
 	    cat <<EOF
@@ -3478,80 +4502,19 @@ EOF
 
   lt_setenv ("BIN_SH", "xpg4"); /* for Tru64 */
   lt_setenv ("DUALCASE", "1");  /* for MSK sh */
-  lt_update_lib_path (LIB_PATH_VARNAME, LIB_PATH_VALUE);
+  /* Update the DLL searchpath.  EXE_PATH_VALUE ($dllsearchpath) must
+     be prepended before (that is, appear after) LIB_PATH_VALUE ($temp_rpath)
+     because on Windows, both *_VARNAMEs are PATH but uninstalled
+     libraries must come first. */
   lt_update_exe_path (EXE_PATH_VARNAME, EXE_PATH_VALUE);
+  lt_update_lib_path (LIB_PATH_VARNAME, LIB_PATH_VALUE);
 
-  newargc=0;
-  for (i = 1; i < argc; i++)
-    {
-      if (strncmp (argv[i], env_set_opt, env_set_opt_len) == 0)
-        {
-          if (argv[i][env_set_opt_len] == '=')
-            {
-              const char *p = argv[i] + env_set_opt_len + 1;
-              lt_opt_process_env_set (p);
-            }
-          else if (argv[i][env_set_opt_len] == '\0' && i + 1 < argc)
-            {
-              lt_opt_process_env_set (argv[++i]); /* don't copy */
-            }
-          else
-            lt_fatal ("%s missing required argument", env_set_opt);
-          continue;
-        }
-      if (strncmp (argv[i], env_prepend_opt, env_prepend_opt_len) == 0)
-        {
-          if (argv[i][env_prepend_opt_len] == '=')
-            {
-              const char *p = argv[i] + env_prepend_opt_len + 1;
-              lt_opt_process_env_prepend (p);
-            }
-          else if (argv[i][env_prepend_opt_len] == '\0' && i + 1 < argc)
-            {
-              lt_opt_process_env_prepend (argv[++i]); /* don't copy */
-            }
-          else
-            lt_fatal ("%s missing required argument", env_prepend_opt);
-          continue;
-        }
-      if (strncmp (argv[i], env_append_opt, env_append_opt_len) == 0)
-        {
-          if (argv[i][env_append_opt_len] == '=')
-            {
-              const char *p = argv[i] + env_append_opt_len + 1;
-              lt_opt_process_env_append (p);
-            }
-          else if (argv[i][env_append_opt_len] == '\0' && i + 1 < argc)
-            {
-              lt_opt_process_env_append (argv[++i]); /* don't copy */
-            }
-          else
-            lt_fatal ("%s missing required argument", env_append_opt);
-          continue;
-        }
-      if (strncmp (argv[i], ltwrapper_option_prefix, opt_prefix_len) == 0)
-        {
-          /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
-             namespace, but it is not one of the ones we know about and
-             have already dealt with, above (inluding dump-script), then
-             report an error. Otherwise, targets might begin to believe
-             they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
-             namespace. The first time any user complains about this, we'll
-             need to make LTWRAPPER_OPTION_PREFIX a configure-time option
-             or a configure.ac-settable value.
-           */
-          lt_fatal ("Unrecognized option in %s namespace: '%s'",
-                    ltwrapper_option_prefix, argv[i]);
-        }
-      /* otherwise ... */
-      newargz[++newargc] = xstrdup (argv[i]);
-    }
-  newargz[++newargc] = NULL;
-
-  LTWRAPPER_DEBUGPRINTF     (("(main) lt_argv_zero : %s\n", (lt_argv_zero ? lt_argv_zero : "<NULL>")));
+  lt_debugprintf (__FILE__, __LINE__, "(main) lt_argv_zero: %s\n",
+		  nonnull (lt_argv_zero));
   for (i = 0; i < newargc; i++)
     {
-      LTWRAPPER_DEBUGPRINTF (("(main) newargz[%d]   : %s\n", i, (newargz[i] ? newargz[i] : "<NULL>")));
+      lt_debugprintf (__FILE__, __LINE__, "(main) newargz[%d]: %s\n",
+		      i, nonnull (newargz[i]));
     }
 
 EOF
@@ -3560,11 +4523,14 @@ EOF
 	      mingw*)
 		cat <<"EOF"
   /* execv doesn't actually work on mingw as expected on unix */
+  newargz = prepare_spawn (newargz);
   rval = _spawnv (_P_WAIT, lt_argv_zero, (const char * const *) newargz);
   if (rval == -1)
     {
       /* failed to start process */
-      LTWRAPPER_DEBUGPRINTF (("(main) failed to launch target \"%s\": errno = %d\n", lt_argv_zero, errno));
+      lt_debugprintf (__FILE__, __LINE__,
+		      "(main) failed to launch target \"%s\": %s\n",
+		      lt_argv_zero, nonnull (strerror (errno)));
       return 127;
     }
   return rval;
@@ -3586,7 +4552,7 @@ xmalloc (size_t num)
 {
   void *p = (void *) malloc (num);
   if (!p)
-    lt_fatal ("Memory exhausted");
+    lt_fatal (__FILE__, __LINE__, "memory exhausted");
 
   return p;
 }
@@ -3620,8 +4586,8 @@ check_executable (const char *path)
 {
   struct stat st;
 
-  LTWRAPPER_DEBUGPRINTF (("(check_executable)  : %s\n",
-			  path ? (*path ? path : "EMPTY!") : "NULL!"));
+  lt_debugprintf (__FILE__, __LINE__, "(check_executable): %s\n",
+                  nonempty (path));
   if ((!path) || (!*path))
     return 0;
 
@@ -3638,8 +4604,8 @@ make_executable (const char *path)
   int rval = 0;
   struct stat st;
 
-  LTWRAPPER_DEBUGPRINTF (("(make_executable)   : %s\n",
-			  path ? (*path ? path : "EMPTY!") : "NULL!"));
+  lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n",
+                  nonempty (path));
   if ((!path) || (!*path))
     return 0;
 
@@ -3665,8 +4631,8 @@ find_executable (const char *wrapper)
   int tmp_len;
   char *concat_name;
 
-  LTWRAPPER_DEBUGPRINTF (("(find_executable)   : %s\n",
-			  wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!"));
+  lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n",
+                  nonempty (wrapper));
 
   if ((wrapper == NULL) || (*wrapper == '\0'))
     return NULL;
@@ -3719,7 +4685,8 @@ find_executable (const char *wrapper)
 		{
 		  /* empty path: current directory */
 		  if (getcwd (tmp, LT_PATHMAX) == NULL)
-		    lt_fatal ("getcwd failed");
+		    lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+                              nonnull (strerror (errno)));
 		  tmp_len = strlen (tmp);
 		  concat_name =
 		    XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
@@ -3744,7 +4711,8 @@ find_executable (const char *wrapper)
     }
   /* Relative path | not found in path: prepend cwd */
   if (getcwd (tmp, LT_PATHMAX) == NULL)
-    lt_fatal ("getcwd failed");
+    lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+              nonnull (strerror (errno)));
   tmp_len = strlen (tmp);
   concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
   memcpy (concat_name, tmp, tmp_len);
@@ -3770,8 +4738,9 @@ chase_symlinks (const char *pathspec)
   int has_symlinks = 0;
   while (strlen (tmp_pathspec) && !has_symlinks)
     {
-      LTWRAPPER_DEBUGPRINTF (("checking path component for symlinks: %s\n",
-			      tmp_pathspec));
+      lt_debugprintf (__FILE__, __LINE__,
+		      "checking path component for symlinks: %s\n",
+		      tmp_pathspec);
       if (lstat (tmp_pathspec, &s) == 0)
 	{
 	  if (S_ISLNK (s.st_mode) != 0)
@@ -3793,8 +4762,9 @@ chase_symlinks (const char *pathspec)
 	}
       else
 	{
-	  char *errstr = strerror (errno);
-	  lt_fatal ("Error accessing file %s (%s)", tmp_pathspec, errstr);
+	  lt_fatal (__FILE__, __LINE__,
+		    "error accessing file \"%s\": %s",
+		    tmp_pathspec, nonnull (strerror (errno)));
 	}
     }
   XFREE (tmp_pathspec);
@@ -3807,7 +4777,8 @@ chase_symlinks (const char *pathspec)
   tmp_pathspec = realpath (pathspec, buf);
   if (tmp_pathspec == 0)
     {
-      lt_fatal ("Could not follow symlinks for %s", pathspec);
+      lt_fatal (__FILE__, __LINE__,
+		"could not follow symlinks for %s", pathspec);
     }
   return xstrdup (tmp_pathspec);
 #endif
@@ -3833,11 +4804,25 @@ strendzap (char *str, const char *pat)
   return str;
 }
 
+void
+lt_debugprintf (const char *file, int line, const char *fmt, ...)
+{
+  va_list args;
+  if (lt_debug)
+    {
+      (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line);
+      va_start (args, fmt);
+      (void) vfprintf (stderr, fmt, args);
+      va_end (args);
+    }
+}
+
 static void
-lt_error_core (int exit_status, const char *mode,
+lt_error_core (int exit_status, const char *file,
+	       int line, const char *mode,
 	       const char *message, va_list ap)
 {
-  fprintf (stderr, "%s: %s: ", program_name, mode);
+  fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode);
   vfprintf (stderr, message, ap);
   fprintf (stderr, ".\n");
 
@@ -3846,20 +4831,32 @@ lt_error_core (int exit_status, const char *mode,
 }
 
 void
-lt_fatal (const char *message, ...)
+lt_fatal (const char *file, int line, const char *message, ...)
 {
   va_list ap;
   va_start (ap, message);
-  lt_error_core (EXIT_FAILURE, "FATAL", message, ap);
+  lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap);
   va_end (ap);
 }
 
+static const char *
+nonnull (const char *s)
+{
+  return s ? s : "(null)";
+}
+
+static const char *
+nonempty (const char *s)
+{
+  return (s && !*s) ? "(empty)" : nonnull (s);
+}
+
 void
 lt_setenv (const char *name, const char *value)
 {
-  LTWRAPPER_DEBUGPRINTF (("(lt_setenv) setting '%s' to '%s'\n",
-                          (name ? name : "<NULL>"),
-                          (value ? value : "<NULL>")));
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_setenv) setting '%s' to '%s'\n",
+                  nonnull (name), nonnull (value));
   {
 #ifdef HAVE_SETENV
     /* always make a copy, for consistency with !HAVE_SETENV */
@@ -3904,95 +4901,12 @@ lt_extend_str (const char *orig_value, const char *add, int to_end)
   return new_value;
 }
 
-int
-lt_split_name_value (const char *arg, char** name, char** value)
-{
-  const char *p;
-  int len;
-  if (!arg || !*arg)
-    return 1;
-
-  p = strchr (arg, (int)'=');
-
-  if (!p)
-    return 1;
-
-  *value = xstrdup (++p);
-
-  len = strlen (arg) - strlen (*value);
-  *name = XMALLOC (char, len);
-  strncpy (*name, arg, len-1);
-  (*name)[len - 1] = '\0';
-
-  return 0;
-}
-
-void
-lt_opt_process_env_set (const char *arg)
-{
-  char *name = NULL;
-  char *value = NULL;
-
-  if (lt_split_name_value (arg, &name, &value) != 0)
-    {
-      XFREE (name);
-      XFREE (value);
-      lt_fatal ("bad argument for %s: '%s'", env_set_opt, arg);
-    }
-
-  lt_setenv (name, value);
-  XFREE (name);
-  XFREE (value);
-}
-
-void
-lt_opt_process_env_prepend (const char *arg)
-{
-  char *name = NULL;
-  char *value = NULL;
-  char *new_value = NULL;
-
-  if (lt_split_name_value (arg, &name, &value) != 0)
-    {
-      XFREE (name);
-      XFREE (value);
-      lt_fatal ("bad argument for %s: '%s'", env_prepend_opt, arg);
-    }
-
-  new_value = lt_extend_str (getenv (name), value, 0);
-  lt_setenv (name, new_value);
-  XFREE (new_value);
-  XFREE (name);
-  XFREE (value);
-}
-
-void
-lt_opt_process_env_append (const char *arg)
-{
-  char *name = NULL;
-  char *value = NULL;
-  char *new_value = NULL;
-
-  if (lt_split_name_value (arg, &name, &value) != 0)
-    {
-      XFREE (name);
-      XFREE (value);
-      lt_fatal ("bad argument for %s: '%s'", env_append_opt, arg);
-    }
-
-  new_value = lt_extend_str (getenv (name), value, 1);
-  lt_setenv (name, new_value);
-  XFREE (new_value);
-  XFREE (name);
-  XFREE (value);
-}
-
 void
 lt_update_exe_path (const char *name, const char *value)
 {
-  LTWRAPPER_DEBUGPRINTF (("(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
-                          (name ? name : "<NULL>"),
-                          (value ? value : "<NULL>")));
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
+                  nonnull (name), nonnull (value));
 
   if (name && *name && value && *value)
     {
@@ -4011,9 +4925,9 @@ lt_update_exe_path (const char *name, const char *value)
 void
 lt_update_lib_path (const char *name, const char *value)
 {
-  LTWRAPPER_DEBUGPRINTF (("(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
-                          (name ? name : "<NULL>"),
-                          (value ? value : "<NULL>")));
+  lt_debugprintf (__FILE__, __LINE__,
+		  "(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
+                  nonnull (name), nonnull (value));
 
   if (name && *name && value && *value)
     {
@@ -4023,11 +4937,158 @@ lt_update_lib_path (const char *name, const char *value)
     }
 }
 
+EOF
+	    case $host_os in
+	      mingw*)
+		cat <<"EOF"
+
+/* Prepares an argument vector before calling spawn().
+   Note that spawn() does not by itself call the command interpreter
+     (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") :
+      ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
+         GetVersionEx(&v);
+         v.dwPlatformId == VER_PLATFORM_WIN32_NT;
+      }) ? "cmd.exe" : "command.com").
+   Instead it simply concatenates the arguments, separated by ' ', and calls
+   CreateProcess().  We must quote the arguments since Win32 CreateProcess()
+   interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a
+   special way:
+   - Space and tab are interpreted as delimiters. They are not treated as
+     delimiters if they are surrounded by double quotes: "...".
+   - Unescaped double quotes are removed from the input. Their only effect is
+     that within double quotes, space and tab are treated like normal
+     characters.
+   - Backslashes not followed by double quotes are not special.
+   - But 2*n+1 backslashes followed by a double quote become
+     n backslashes followed by a double quote (n >= 0):
+       \" -> "
+       \\\" -> \"
+       \\\\\" -> \\"
+ */
+#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+char **
+prepare_spawn (char **argv)
+{
+  size_t argc;
+  char **new_argv;
+  size_t i;
+
+  /* Count number of arguments.  */
+  for (argc = 0; argv[argc] != NULL; argc++)
+    ;
+
+  /* Allocate new argument vector.  */
+  new_argv = XMALLOC (char *, argc + 1);
+
+  /* Put quoted arguments into the new argument vector.  */
+  for (i = 0; i < argc; i++)
+    {
+      const char *string = argv[i];
 
+      if (string[0] == '\0')
+	new_argv[i] = xstrdup ("\"\"");
+      else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL)
+	{
+	  int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL);
+	  size_t length;
+	  unsigned int backslashes;
+	  const char *s;
+	  char *quoted_string;
+	  char *p;
+
+	  length = 0;
+	  backslashes = 0;
+	  if (quote_around)
+	    length++;
+	  for (s = string; *s != '\0'; s++)
+	    {
+	      char c = *s;
+	      if (c == '"')
+		length += backslashes + 1;
+	      length++;
+	      if (c == '\\')
+		backslashes++;
+	      else
+		backslashes = 0;
+	    }
+	  if (quote_around)
+	    length += backslashes + 1;
+
+	  quoted_string = XMALLOC (char, length + 1);
+
+	  p = quoted_string;
+	  backslashes = 0;
+	  if (quote_around)
+	    *p++ = '"';
+	  for (s = string; *s != '\0'; s++)
+	    {
+	      char c = *s;
+	      if (c == '"')
+		{
+		  unsigned int j;
+		  for (j = backslashes + 1; j > 0; j--)
+		    *p++ = '\\';
+		}
+	      *p++ = c;
+	      if (c == '\\')
+		backslashes++;
+	      else
+		backslashes = 0;
+	    }
+	  if (quote_around)
+	    {
+	      unsigned int j;
+	      for (j = backslashes; j > 0; j--)
+		*p++ = '\\';
+	      *p++ = '"';
+	    }
+	  *p = '\0';
+
+	  new_argv[i] = quoted_string;
+	}
+      else
+	new_argv[i] = (char *) string;
+    }
+  new_argv[argc] = NULL;
+
+  return new_argv;
+}
+EOF
+		;;
+	    esac
+
+            cat <<"EOF"
+void lt_dump_script (FILE* f)
+{
+EOF
+	    func_emit_wrapper yes |
+	      $SED -n -e '
+s/^\(.\{79\}\)\(..*\)/\1\
+\2/
+h
+s/\([\\"]\)/\\\1/g
+s/$/\\n/
+s/\([^\n]*\).*/  fputs ("\1", f);/p
+g
+D'
+            cat <<"EOF"
+}
 EOF
 }
 # end: func_emit_cwrapperexe_src
 
+# func_win32_import_lib_p ARG
+# True if ARG is an import lib, as indicated by $file_magic_cmd
+func_win32_import_lib_p ()
+{
+    $opt_debug
+    case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in
+    *import*) : ;;
+    *) false ;;
+    esac
+}
+
 # func_mode_link arg...
 func_mode_link ()
 {
@@ -4072,6 +5133,7 @@ func_mode_link ()
     new_inherited_linker_flags=
 
     avoid_version=no
+    bindir=
     dlfiles=
     dlprefiles=
     dlself=no
@@ -4164,6 +5226,11 @@ func_mode_link ()
 	esac
 
 	case $prev in
+	bindir)
+	  bindir="$arg"
+	  prev=
+	  continue
+	  ;;
 	dlfiles|dlprefiles)
 	  if test "$preload" = no; then
 	    # Add the symbol object into the linking commands.
@@ -4195,9 +5262,9 @@ func_mode_link ()
 	    ;;
 	  *)
 	    if test "$prev" = dlfiles; then
-	      dlfiles="$dlfiles $arg"
+	      func_append dlfiles " $arg"
 	    else
-	      dlprefiles="$dlprefiles $arg"
+	      func_append dlprefiles " $arg"
 	    fi
 	    prev=
 	    continue
@@ -4221,7 +5288,7 @@ func_mode_link ()
 	    *-*-darwin*)
 	      case "$deplibs " in
 		*" $qarg.ltframework "*) ;;
-		*) deplibs="$deplibs $qarg.ltframework" # this is fixed later
+		*) func_append deplibs " $qarg.ltframework" # this is fixed later
 		   ;;
 	      esac
 	      ;;
@@ -4240,7 +5307,7 @@ func_mode_link ()
 	    moreargs=
 	    for fil in `cat "$save_arg"`
 	    do
-#	      moreargs="$moreargs $fil"
+#	      func_append moreargs " $fil"
 	      arg=$fil
 	      # A libtool-controlled object.
 
@@ -4269,7 +5336,7 @@ func_mode_link ()
 
 		  if test "$prev" = dlfiles; then
 		    if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
-		      dlfiles="$dlfiles $pic_object"
+		      func_append dlfiles " $pic_object"
 		      prev=
 		      continue
 		    else
@@ -4281,7 +5348,7 @@ func_mode_link ()
 		  # CHECK ME:  I think I busted this.  -Ossama
 		  if test "$prev" = dlprefiles; then
 		    # Preload the old-style object.
-		    dlprefiles="$dlprefiles $pic_object"
+		    func_append dlprefiles " $pic_object"
 		    prev=
 		  fi
 
@@ -4351,12 +5418,12 @@ func_mode_link ()
 	  if test "$prev" = rpath; then
 	    case "$rpath " in
 	    *" $arg "*) ;;
-	    *) rpath="$rpath $arg" ;;
+	    *) func_append rpath " $arg" ;;
 	    esac
 	  else
 	    case "$xrpath " in
 	    *" $arg "*) ;;
-	    *) xrpath="$xrpath $arg" ;;
+	    *) func_append xrpath " $arg" ;;
 	    esac
 	  fi
 	  prev=
@@ -4368,28 +5435,28 @@ func_mode_link ()
 	  continue
 	  ;;
 	weak)
-	  weak_libs="$weak_libs $arg"
+	  func_append weak_libs " $arg"
 	  prev=
 	  continue
 	  ;;
 	xcclinker)
-	  linker_flags="$linker_flags $qarg"
-	  compiler_flags="$compiler_flags $qarg"
+	  func_append linker_flags " $qarg"
+	  func_append compiler_flags " $qarg"
 	  prev=
 	  func_append compile_command " $qarg"
 	  func_append finalize_command " $qarg"
 	  continue
 	  ;;
 	xcompiler)
-	  compiler_flags="$compiler_flags $qarg"
+	  func_append compiler_flags " $qarg"
 	  prev=
 	  func_append compile_command " $qarg"
 	  func_append finalize_command " $qarg"
 	  continue
 	  ;;
 	xlinker)
-	  linker_flags="$linker_flags $qarg"
-	  compiler_flags="$compiler_flags $wl$qarg"
+	  func_append linker_flags " $qarg"
+	  func_append compiler_flags " $wl$qarg"
 	  prev=
 	  func_append compile_command " $wl$qarg"
 	  func_append finalize_command " $wl$qarg"
@@ -4425,6 +5492,11 @@ func_mode_link ()
 	continue
 	;;
 
+      -bindir)
+	prev=bindir
+	continue
+	;;
+
       -dlopen)
 	prev=dlfiles
 	continue
@@ -4475,15 +5547,16 @@ func_mode_link ()
 	;;
 
       -L*)
-	func_stripname '-L' '' "$arg"
-	dir=$func_stripname_result
-	if test -z "$dir"; then
+	func_stripname "-L" '' "$arg"
+	if test -z "$func_stripname_result"; then
 	  if test "$#" -gt 0; then
 	    func_fatal_error "require no space between \`-L' and \`$1'"
 	  else
 	    func_fatal_error "need path for \`-L' option"
 	  fi
 	fi
+	func_resolve_sysroot "$func_stripname_result"
+	dir=$func_resolve_sysroot_result
 	# We need an absolute path.
 	case $dir in
 	[\\/]* | [A-Za-z]:[\\/]*) ;;
@@ -4495,24 +5568,30 @@ func_mode_link ()
 	  ;;
 	esac
 	case "$deplibs " in
-	*" -L$dir "*) ;;
+	*" -L$dir "* | *" $arg "*)
+	  # Will only happen for absolute or sysroot arguments
+	  ;;
 	*)
-	  deplibs="$deplibs -L$dir"
-	  lib_search_path="$lib_search_path $dir"
+	  # Preserve sysroot, but never include relative directories
+	  case $dir in
+	    [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;;
+	    *) func_append deplibs " -L$dir" ;;
+	  esac
+	  func_append lib_search_path " $dir"
 	  ;;
 	esac
 	case $host in
 	*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
-	  testbindir=`$ECHO "X$dir" | $Xsed -e 's*/lib$*/bin*'`
+	  testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'`
 	  case :$dllsearchpath: in
 	  *":$dir:"*) ;;
 	  ::) dllsearchpath=$dir;;
-	  *) dllsearchpath="$dllsearchpath:$dir";;
+	  *) func_append dllsearchpath ":$dir";;
 	  esac
 	  case :$dllsearchpath: in
 	  *":$testbindir:"*) ;;
 	  ::) dllsearchpath=$testbindir;;
-	  *) dllsearchpath="$dllsearchpath:$testbindir";;
+	  *) func_append dllsearchpath ":$testbindir";;
 	  esac
 	  ;;
 	esac
@@ -4522,7 +5601,7 @@ func_mode_link ()
       -l*)
 	if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
 	  case $host in
-	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc*)
+	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*)
 	    # These systems don't actually have a C or math library (as such)
 	    continue
 	    ;;
@@ -4536,7 +5615,7 @@ func_mode_link ()
 	    ;;
 	  *-*-rhapsody* | *-*-darwin1.[012])
 	    # Rhapsody C and math libraries are in the System framework
-	    deplibs="$deplibs System.ltframework"
+	    func_append deplibs " System.ltframework"
 	    continue
 	    ;;
 	  *-*-sco3.2v5* | *-*-sco5v6*)
@@ -4556,7 +5635,7 @@ func_mode_link ()
 	   ;;
 	 esac
 	fi
-	deplibs="$deplibs $arg"
+	func_append deplibs " $arg"
 	continue
 	;;
 
@@ -4568,21 +5647,22 @@ func_mode_link ()
       # Tru64 UNIX uses -model [arg] to determine the layout of C++
       # classes, name mangling, and exception handling.
       # Darwin uses the -arch flag to determine output architecture.
-      -model|-arch|-isysroot)
-	compiler_flags="$compiler_flags $arg"
+      -model|-arch|-isysroot|--sysroot)
+	func_append compiler_flags " $arg"
 	func_append compile_command " $arg"
 	func_append finalize_command " $arg"
 	prev=xcompiler
 	continue
 	;;
 
-      -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads)
-	compiler_flags="$compiler_flags $arg"
+      -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
+      |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
+	func_append compiler_flags " $arg"
 	func_append compile_command " $arg"
 	func_append finalize_command " $arg"
 	case "$new_inherited_linker_flags " in
 	    *" $arg "*) ;;
-	    * ) new_inherited_linker_flags="$new_inherited_linker_flags $arg" ;;
+	    * ) func_append new_inherited_linker_flags " $arg" ;;
 	esac
 	continue
 	;;
@@ -4649,13 +5729,17 @@ func_mode_link ()
 	# We need an absolute path.
 	case $dir in
 	[\\/]* | [A-Za-z]:[\\/]*) ;;
+	=*)
+	  func_stripname '=' '' "$dir"
+	  dir=$lt_sysroot$func_stripname_result
+	  ;;
 	*)
 	  func_fatal_error "only absolute run-paths are allowed"
 	  ;;
 	esac
 	case "$xrpath " in
 	*" $dir "*) ;;
-	*) xrpath="$xrpath $dir" ;;
+	*) func_append xrpath " $dir" ;;
 	esac
 	continue
 	;;
@@ -4708,8 +5792,8 @@ func_mode_link ()
 	for flag in $args; do
 	  IFS="$save_ifs"
           func_quote_for_eval "$flag"
-	  arg="$arg $wl$func_quote_for_eval_result"
-	  compiler_flags="$compiler_flags $func_quote_for_eval_result"
+	  func_append arg " $func_quote_for_eval_result"
+	  func_append compiler_flags " $func_quote_for_eval_result"
 	done
 	IFS="$save_ifs"
 	func_stripname ' ' '' "$arg"
@@ -4724,9 +5808,9 @@ func_mode_link ()
 	for flag in $args; do
 	  IFS="$save_ifs"
           func_quote_for_eval "$flag"
-	  arg="$arg $wl$func_quote_for_eval_result"
-	  compiler_flags="$compiler_flags $wl$func_quote_for_eval_result"
-	  linker_flags="$linker_flags $func_quote_for_eval_result"
+	  func_append arg " $wl$func_quote_for_eval_result"
+	  func_append compiler_flags " $wl$func_quote_for_eval_result"
+	  func_append linker_flags " $func_quote_for_eval_result"
 	done
 	IFS="$save_ifs"
 	func_stripname ' ' '' "$arg"
@@ -4754,23 +5838,27 @@ func_mode_link ()
 	arg="$func_quote_for_eval_result"
 	;;
 
-      # -64, -mips[0-9] enable 64-bit mode on the SGI compiler
-      # -r[0-9][0-9]* specifies the processor on the SGI compiler
-      # -xarch=*, -xtarget=* enable 64-bit mode on the Sun compiler
-      # +DA*, +DD* enable 64-bit mode on the HP compiler
-      # -q* pass through compiler args for the IBM compiler
-      # -m*, -t[45]*, -txscale* pass through architecture-specific
-      # compiler args for GCC
-      # -F/path gives path to uninstalled frameworks, gcc on darwin
-      # -p, -pg, --coverage, -fprofile-* pass through profiling flag for GCC
-      # @file GCC response files
+      # Flags to be passed through unchanged, with rationale:
+      # -64, -mips[0-9]      enable 64-bit mode for the SGI compiler
+      # -r[0-9][0-9]*        specify processor for the SGI compiler
+      # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler
+      # +DA*, +DD*           enable 64-bit mode for the HP compiler
+      # -q*                  compiler args for the IBM compiler
+      # -m*, -t[45]*, -txscale* architecture-specific flags for GCC
+      # -F/path              path to uninstalled frameworks, gcc on darwin
+      # -p, -pg, --coverage, -fprofile-*  profiling flags for GCC
+      # @file                GCC response files
+      # -tp=*                Portland pgcc target processor selection
+      # --sysroot=*          for sysroot support
+      # -O*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization
       -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
-      -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*)
+      -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \
+      -O*|-flto*|-fwhopr*|-fuse-linker-plugin)
         func_quote_for_eval "$arg"
 	arg="$func_quote_for_eval_result"
         func_append compile_command " $arg"
         func_append finalize_command " $arg"
-        compiler_flags="$compiler_flags $arg"
+        func_append compiler_flags " $arg"
         continue
         ;;
 
@@ -4782,7 +5870,7 @@ func_mode_link ()
 
       *.$objext)
 	# A standard object.
-	objs="$objs $arg"
+	func_append objs " $arg"
 	;;
 
       *.lo)
@@ -4813,7 +5901,7 @@ func_mode_link ()
 
 	    if test "$prev" = dlfiles; then
 	      if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then
-		dlfiles="$dlfiles $pic_object"
+		func_append dlfiles " $pic_object"
 		prev=
 		continue
 	      else
@@ -4825,7 +5913,7 @@ func_mode_link ()
 	    # CHECK ME:  I think I busted this.  -Ossama
 	    if test "$prev" = dlprefiles; then
 	      # Preload the old-style object.
-	      dlprefiles="$dlprefiles $pic_object"
+	      func_append dlprefiles " $pic_object"
 	      prev=
 	    fi
 
@@ -4870,24 +5958,25 @@ func_mode_link ()
 
       *.$libext)
 	# An archive.
-	deplibs="$deplibs $arg"
-	old_deplibs="$old_deplibs $arg"
+	func_append deplibs " $arg"
+	func_append old_deplibs " $arg"
 	continue
 	;;
 
       *.la)
 	# A libtool-controlled library.
 
+	func_resolve_sysroot "$arg"
 	if test "$prev" = dlfiles; then
 	  # This library was specified with -dlopen.
-	  dlfiles="$dlfiles $arg"
+	  func_append dlfiles " $func_resolve_sysroot_result"
 	  prev=
 	elif test "$prev" = dlprefiles; then
 	  # The library was specified with -dlpreopen.
-	  dlprefiles="$dlprefiles $arg"
+	  func_append dlprefiles " $func_resolve_sysroot_result"
 	  prev=
 	else
-	  deplibs="$deplibs $arg"
+	  func_append deplibs " $func_resolve_sysroot_result"
 	fi
 	continue
 	;;
@@ -4925,7 +6014,7 @@ func_mode_link ()
 
     if test -n "$shlibpath_var"; then
       # get the directories listed in $shlibpath_var
-      eval shlib_search_path=\`\$ECHO \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\`
+      eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\`
     else
       shlib_search_path=
     fi
@@ -4934,6 +6023,8 @@ func_mode_link ()
 
     func_dirname "$output" "/" ""
     output_objdir="$func_dirname_result$objdir"
+    func_to_tool_file "$output_objdir/"
+    tool_output_objdir=$func_to_tool_file_result
     # Create the object directory.
     func_mkdir_p "$output_objdir"
 
@@ -4954,12 +6045,12 @@ func_mode_link ()
     # Find all interdependent deplibs by searching for libraries
     # that are linked more than once (e.g. -la -lb -la)
     for deplib in $deplibs; do
-      if $opt_duplicate_deps ; then
+      if $opt_preserve_dup_deps ; then
 	case "$libs " in
-	*" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+	*" $deplib "*) func_append specialdeplibs " $deplib" ;;
 	esac
       fi
-      libs="$libs $deplib"
+      func_append libs " $deplib"
     done
 
     if test "$linkmode" = lib; then
@@ -4972,9 +6063,9 @@ func_mode_link ()
       if $opt_duplicate_compiler_generated_deps; then
 	for pre_post_dep in $predeps $postdeps; do
 	  case "$pre_post_deps " in
-	  *" $pre_post_dep "*) specialdeplibs="$specialdeplibs $pre_post_deps" ;;
+	  *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;;
 	  esac
-	  pre_post_deps="$pre_post_deps $pre_post_dep"
+	  func_append pre_post_deps " $pre_post_dep"
 	done
       fi
       pre_post_deps=
@@ -5044,17 +6135,19 @@ func_mode_link ()
 	for lib in $dlprefiles; do
 	  # Ignore non-libtool-libs
 	  dependency_libs=
+	  func_resolve_sysroot "$lib"
 	  case $lib in
-	  *.la)	func_source "$lib" ;;
+	  *.la)	func_source "$func_resolve_sysroot_result" ;;
 	  esac
 
 	  # Collect preopened libtool deplibs, except any this library
 	  # has declared as weak libs
 	  for deplib in $dependency_libs; do
-            deplib_base=`$ECHO "X$deplib" | $Xsed -e "$basename"`
+	    func_basename "$deplib"
+            deplib_base=$func_basename_result
 	    case " $weak_libs " in
 	    *" $deplib_base "*) ;;
-	    *) deplibs="$deplibs $deplib" ;;
+	    *) func_append deplibs " $deplib" ;;
 	    esac
 	  done
 	done
@@ -5070,16 +6163,17 @@ func_mode_link ()
 	lib=
 	found=no
 	case $deplib in
-	-mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe|-threads)
+	-mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \
+        |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*)
 	  if test "$linkmode,$pass" = "prog,link"; then
 	    compile_deplibs="$deplib $compile_deplibs"
 	    finalize_deplibs="$deplib $finalize_deplibs"
 	  else
-	    compiler_flags="$compiler_flags $deplib"
+	    func_append compiler_flags " $deplib"
 	    if test "$linkmode" = lib ; then
 		case "$new_inherited_linker_flags " in
 		    *" $deplib "*) ;;
-		    * ) new_inherited_linker_flags="$new_inherited_linker_flags $deplib" ;;
+		    * ) func_append new_inherited_linker_flags " $deplib" ;;
 		esac
 	    fi
 	  fi
@@ -5164,7 +6258,7 @@ func_mode_link ()
 	    if test "$linkmode" = lib ; then
 		case "$new_inherited_linker_flags " in
 		    *" $deplib "*) ;;
-		    * ) new_inherited_linker_flags="$new_inherited_linker_flags $deplib" ;;
+		    * ) func_append new_inherited_linker_flags " $deplib" ;;
 		esac
 	    fi
 	  fi
@@ -5177,7 +6271,8 @@ func_mode_link ()
 	    test "$pass" = conv && continue
 	    newdependency_libs="$deplib $newdependency_libs"
 	    func_stripname '-L' '' "$deplib"
-	    newlib_search_path="$newlib_search_path $func_stripname_result"
+	    func_resolve_sysroot "$func_stripname_result"
+	    func_append newlib_search_path " $func_resolve_sysroot_result"
 	    ;;
 	  prog)
 	    if test "$pass" = conv; then
@@ -5191,7 +6286,8 @@ func_mode_link ()
 	      finalize_deplibs="$deplib $finalize_deplibs"
 	    fi
 	    func_stripname '-L' '' "$deplib"
-	    newlib_search_path="$newlib_search_path $func_stripname_result"
+	    func_resolve_sysroot "$func_stripname_result"
+	    func_append newlib_search_path " $func_resolve_sysroot_result"
 	    ;;
 	  *)
 	    func_warning "\`-L' is ignored for archives/objects"
@@ -5202,17 +6298,21 @@ func_mode_link ()
 	-R*)
 	  if test "$pass" = link; then
 	    func_stripname '-R' '' "$deplib"
-	    dir=$func_stripname_result
+	    func_resolve_sysroot "$func_stripname_result"
+	    dir=$func_resolve_sysroot_result
 	    # Make sure the xrpath contains only unique directories.
 	    case "$xrpath " in
 	    *" $dir "*) ;;
-	    *) xrpath="$xrpath $dir" ;;
+	    *) func_append xrpath " $dir" ;;
 	    esac
 	  fi
 	  deplibs="$deplib $deplibs"
 	  continue
 	  ;;
-	*.la) lib="$deplib" ;;
+	*.la)
+	  func_resolve_sysroot "$deplib"
+	  lib=$func_resolve_sysroot_result
+	  ;;
 	*.$libext)
 	  if test "$pass" = conv; then
 	    deplibs="$deplib $deplibs"
@@ -5230,7 +6330,7 @@ func_mode_link ()
 		match_pattern*)
 		  set dummy $deplibs_check_method; shift
 		  match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
-		  if eval "\$ECHO \"X$deplib\"" 2>/dev/null | $Xsed -e 10q \
+		  if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \
 		    | $EGREP "$match_pattern_regex" > /dev/null; then
 		    valid_a_lib=yes
 		  fi
@@ -5240,15 +6340,15 @@ func_mode_link ()
 		;;
 	      esac
 	      if test "$valid_a_lib" != yes; then
-		$ECHO
+		echo
 		$ECHO "*** Warning: Trying to link with static lib archive $deplib."
-		$ECHO "*** I have the capability to make that library automatically link in when"
-		$ECHO "*** you link to this library.  But I can only do this if you have a"
-		$ECHO "*** shared version of the library, which you do not appear to have"
-		$ECHO "*** because the file extensions .$libext of this argument makes me believe"
-		$ECHO "*** that it is just a static archive that I should not use here."
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because the file extensions .$libext of this argument makes me believe"
+		echo "*** that it is just a static archive that I should not use here."
 	      else
-		$ECHO
+		echo
 		$ECHO "*** Warning: Linking the shared library $output against the"
 		$ECHO "*** static library $deplib is not portable!"
 		deplibs="$deplib $deplibs"
@@ -5275,11 +6375,11 @@ func_mode_link ()
 	    if test "$pass" = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then
 	      # If there is no dlopen support or we're linking statically,
 	      # we need to preload.
-	      newdlprefiles="$newdlprefiles $deplib"
+	      func_append newdlprefiles " $deplib"
 	      compile_deplibs="$deplib $compile_deplibs"
 	      finalize_deplibs="$deplib $finalize_deplibs"
 	    else
-	      newdlfiles="$newdlfiles $deplib"
+	      func_append newdlfiles " $deplib"
 	    fi
 	  fi
 	  continue
@@ -5321,20 +6421,20 @@ func_mode_link ()
 
 	# Convert "-framework foo" to "foo.ltframework"
 	if test -n "$inherited_linker_flags"; then
-	  tmp_inherited_linker_flags=`$ECHO "X$inherited_linker_flags" | $Xsed -e 's/-framework \([^ $]*\)/\1.ltframework/g'`
+	  tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'`
 	  for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do
 	    case " $new_inherited_linker_flags " in
 	      *" $tmp_inherited_linker_flag "*) ;;
-	      *) new_inherited_linker_flags="$new_inherited_linker_flags $tmp_inherited_linker_flag";;
+	      *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";;
 	    esac
 	  done
 	fi
-	dependency_libs=`$ECHO "X $dependency_libs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+	dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
 	if test "$linkmode,$pass" = "lib,link" ||
 	   test "$linkmode,$pass" = "prog,scan" ||
 	   { test "$linkmode" != prog && test "$linkmode" != lib; }; then
-	  test -n "$dlopen" && dlfiles="$dlfiles $dlopen"
-	  test -n "$dlpreopen" && dlprefiles="$dlprefiles $dlpreopen"
+	  test -n "$dlopen" && func_append dlfiles " $dlopen"
+	  test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen"
 	fi
 
 	if test "$pass" = conv; then
@@ -5345,17 +6445,17 @@ func_mode_link ()
 	      func_fatal_error "cannot find name of link library for \`$lib'"
 	    fi
 	    # It is a libtool convenience library, so add in its objects.
-	    convenience="$convenience $ladir/$objdir/$old_library"
-	    old_convenience="$old_convenience $ladir/$objdir/$old_library"
+	    func_append convenience " $ladir/$objdir/$old_library"
+	    func_append old_convenience " $ladir/$objdir/$old_library"
 	    tmp_libs=
 	    for deplib in $dependency_libs; do
 	      deplibs="$deplib $deplibs"
-	      if $opt_duplicate_deps ; then
+	      if $opt_preserve_dup_deps ; then
 		case "$tmp_libs " in
-		*" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+		*" $deplib "*) func_append specialdeplibs " $deplib" ;;
 		esac
 	      fi
-	      tmp_libs="$tmp_libs $deplib"
+	      func_append tmp_libs " $deplib"
 	    done
 	  elif test "$linkmode" != prog && test "$linkmode" != lib; then
 	    func_fatal_error "\`$lib' is not a convenience library"
@@ -5366,9 +6466,15 @@ func_mode_link ()
 
 	# Get the name of the library we link against.
 	linklib=
-	for l in $old_library $library_names; do
-	  linklib="$l"
-	done
+	if test -n "$old_library" &&
+	   { test "$prefer_static_libs" = yes ||
+	     test "$prefer_static_libs,$installed" = "built,no"; }; then
+	  linklib=$old_library
+	else
+	  for l in $old_library $library_names; do
+	    linklib="$l"
+	  done
+	fi
 	if test -z "$linklib"; then
 	  func_fatal_error "cannot find name of link library for \`$lib'"
 	fi
@@ -5385,9 +6491,9 @@ func_mode_link ()
 	    # statically, we need to preload.  We also need to preload any
 	    # dependent libraries so libltdl's deplib preloader doesn't
 	    # bomb out in the load deplibs phase.
-	    dlprefiles="$dlprefiles $lib $dependency_libs"
+	    func_append dlprefiles " $lib $dependency_libs"
 	  else
-	    newdlfiles="$newdlfiles $lib"
+	    func_append newdlfiles " $lib"
 	  fi
 	  continue
 	fi # $pass = dlopen
@@ -5409,14 +6515,14 @@ func_mode_link ()
 
 	# Find the relevant object directory and library name.
 	if test "X$installed" = Xyes; then
-	  if test ! -f "$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
+	  if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then
 	    func_warning "library \`$lib' was moved."
 	    dir="$ladir"
 	    absdir="$abs_ladir"
 	    libdir="$abs_ladir"
 	  else
-	    dir="$libdir"
-	    absdir="$libdir"
+	    dir="$lt_sysroot$libdir"
+	    absdir="$lt_sysroot$libdir"
 	  fi
 	  test "X$hardcode_automatic" = Xyes && avoidtemprpath=yes
 	else
@@ -5424,12 +6530,12 @@ func_mode_link ()
 	    dir="$ladir"
 	    absdir="$abs_ladir"
 	    # Remove this search path later
-	    notinst_path="$notinst_path $abs_ladir"
+	    func_append notinst_path " $abs_ladir"
 	  else
 	    dir="$ladir/$objdir"
 	    absdir="$abs_ladir/$objdir"
 	    # Remove this search path later
-	    notinst_path="$notinst_path $abs_ladir"
+	    func_append notinst_path " $abs_ladir"
 	  fi
 	fi # $installed = yes
 	func_stripname 'lib' '.la' "$laname"
@@ -5440,20 +6546,46 @@ func_mode_link ()
 	  if test -z "$libdir" && test "$linkmode" = prog; then
 	    func_fatal_error "only libraries may -dlpreopen a convenience library: \`$lib'"
 	  fi
-	  # Prefer using a static library (so that no silly _DYNAMIC symbols
-	  # are required to link).
-	  if test -n "$old_library"; then
-	    newdlprefiles="$newdlprefiles $dir/$old_library"
-	    # Keep a list of preopened convenience libraries to check
-	    # that they are being used correctly in the link pass.
-	    test -z "$libdir" && \
-		dlpreconveniencelibs="$dlpreconveniencelibs $dir/$old_library"
-	  # Otherwise, use the dlname, so that lt_dlopen finds it.
-	  elif test -n "$dlname"; then
-	    newdlprefiles="$newdlprefiles $dir/$dlname"
-	  else
-	    newdlprefiles="$newdlprefiles $dir/$linklib"
-	  fi
+	  case "$host" in
+	    # special handling for platforms with PE-DLLs.
+	    *cygwin* | *mingw* | *cegcc* )
+	      # Linker will automatically link against shared library if both
+	      # static and shared are present.  Therefore, ensure we extract
+	      # symbols from the import library if a shared library is present
+	      # (otherwise, the dlopen module name will be incorrect).  We do
+	      # this by putting the import library name into $newdlprefiles.
+	      # We recover the dlopen module name by 'saving' the la file
+	      # name in a special purpose variable, and (later) extracting the
+	      # dlname from the la file.
+	      if test -n "$dlname"; then
+	        func_tr_sh "$dir/$linklib"
+	        eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname"
+	        func_append newdlprefiles " $dir/$linklib"
+	      else
+	        func_append newdlprefiles " $dir/$old_library"
+	        # Keep a list of preopened convenience libraries to check
+	        # that they are being used correctly in the link pass.
+	        test -z "$libdir" && \
+	          func_append dlpreconveniencelibs " $dir/$old_library"
+	      fi
+	    ;;
+	    * )
+	      # Prefer using a static library (so that no silly _DYNAMIC symbols
+	      # are required to link).
+	      if test -n "$old_library"; then
+	        func_append newdlprefiles " $dir/$old_library"
+	        # Keep a list of preopened convenience libraries to check
+	        # that they are being used correctly in the link pass.
+	        test -z "$libdir" && \
+	          func_append dlpreconveniencelibs " $dir/$old_library"
+	      # Otherwise, use the dlname, so that lt_dlopen finds it.
+	      elif test -n "$dlname"; then
+	        func_append newdlprefiles " $dir/$dlname"
+	      else
+	        func_append newdlprefiles " $dir/$linklib"
+	      fi
+	    ;;
+	  esac
 	fi # $pass = dlpreopen
 
 	if test -z "$libdir"; then
@@ -5471,7 +6603,7 @@ func_mode_link ()
 
 
 	if test "$linkmode" = prog && test "$pass" != link; then
-	  newlib_search_path="$newlib_search_path $ladir"
+	  func_append newlib_search_path " $ladir"
 	  deplibs="$lib $deplibs"
 
 	  linkalldeplibs=no
@@ -5484,7 +6616,8 @@ func_mode_link ()
 	  for deplib in $dependency_libs; do
 	    case $deplib in
 	    -L*) func_stripname '-L' '' "$deplib"
-	         newlib_search_path="$newlib_search_path $func_stripname_result"
+	         func_resolve_sysroot "$func_stripname_result"
+	         func_append newlib_search_path " $func_resolve_sysroot_result"
 		 ;;
 	    esac
 	    # Need to link against all dependency_libs?
@@ -5495,12 +6628,12 @@ func_mode_link ()
 	      # or/and link against static libraries
 	      newdependency_libs="$deplib $newdependency_libs"
 	    fi
-	    if $opt_duplicate_deps ; then
+	    if $opt_preserve_dup_deps ; then
 	      case "$tmp_libs " in
-	      *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+	      *" $deplib "*) func_append specialdeplibs " $deplib" ;;
 	      esac
 	    fi
-	    tmp_libs="$tmp_libs $deplib"
+	    func_append tmp_libs " $deplib"
 	  done # for deplib
 	  continue
 	fi # $linkmode = prog...
@@ -5515,7 +6648,7 @@ func_mode_link ()
 	      # Make sure the rpath contains only unique directories.
 	      case "$temp_rpath:" in
 	      *"$absdir:"*) ;;
-	      *) temp_rpath="$temp_rpath$absdir:" ;;
+	      *) func_append temp_rpath "$absdir:" ;;
 	      esac
 	    fi
 
@@ -5527,7 +6660,7 @@ func_mode_link ()
 	    *)
 	      case "$compile_rpath " in
 	      *" $absdir "*) ;;
-	      *) compile_rpath="$compile_rpath $absdir"
+	      *) func_append compile_rpath " $absdir" ;;
 	      esac
 	      ;;
 	    esac
@@ -5536,7 +6669,7 @@ func_mode_link ()
 	    *)
 	      case "$finalize_rpath " in
 	      *" $libdir "*) ;;
-	      *) finalize_rpath="$finalize_rpath $libdir"
+	      *) func_append finalize_rpath " $libdir" ;;
 	      esac
 	      ;;
 	    esac
@@ -5561,12 +6694,12 @@ func_mode_link ()
 	  case $host in
 	  *cygwin* | *mingw* | *cegcc*)
 	      # No point in relinking DLLs because paths are not encoded
-	      notinst_deplibs="$notinst_deplibs $lib"
+	      func_append notinst_deplibs " $lib"
 	      need_relink=no
 	    ;;
 	  *)
 	    if test "$installed" = no; then
-	      notinst_deplibs="$notinst_deplibs $lib"
+	      func_append notinst_deplibs " $lib"
 	      need_relink=yes
 	    fi
 	    ;;
@@ -5583,7 +6716,7 @@ func_mode_link ()
 	    fi
 	  done
 	  if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then
-	    $ECHO
+	    echo
 	    if test "$linkmode" = prog; then
 	      $ECHO "*** Warning: Linking the executable $output against the loadable module"
 	    else
@@ -5601,7 +6734,7 @@ func_mode_link ()
 	    *)
 	      case "$compile_rpath " in
 	      *" $absdir "*) ;;
-	      *) compile_rpath="$compile_rpath $absdir"
+	      *) func_append compile_rpath " $absdir" ;;
 	      esac
 	      ;;
 	    esac
@@ -5610,7 +6743,7 @@ func_mode_link ()
 	    *)
 	      case "$finalize_rpath " in
 	      *" $libdir "*) ;;
-	      *) finalize_rpath="$finalize_rpath $libdir"
+	      *) func_append finalize_rpath " $libdir" ;;
 	      esac
 	      ;;
 	    esac
@@ -5664,7 +6797,7 @@ func_mode_link ()
 	    linklib=$newlib
 	  fi # test -n "$old_archive_from_expsyms_cmds"
 
-	  if test "$linkmode" = prog || test "$mode" != relink; then
+	  if test "$linkmode" = prog || test "$opt_mode" != relink; then
 	    add_shlibpath=
 	    add_dir=
 	    add=
@@ -5686,9 +6819,9 @@ func_mode_link ()
 		      if test "X$dlopenmodule" != "X$lib"; then
 			$ECHO "*** Warning: lib $linklib is a module, not a shared library"
 			if test -z "$old_library" ; then
-			  $ECHO
-			  $ECHO "*** And there doesn't seem to be a static archive available"
-			  $ECHO "*** The link will probably fail, sorry"
+			  echo
+			  echo "*** And there doesn't seem to be a static archive available"
+			  echo "*** The link will probably fail, sorry"
 			else
 			  add="$dir/$old_library"
 			fi
@@ -5715,12 +6848,12 @@ func_mode_link ()
 	         test "$hardcode_direct_absolute" = no; then
 		add="$dir/$linklib"
 	      elif test "$hardcode_minus_L" = yes; then
-		add_dir="-L$dir"
+		add_dir="-L$absdir"
 		# Try looking first in the location we're being installed to.
 		if test -n "$inst_prefix_dir"; then
 		  case $libdir in
 		    [\\/]*)
-		      add_dir="$add_dir -L$inst_prefix_dir$libdir"
+		      func_append add_dir " -L$inst_prefix_dir$libdir"
 		      ;;
 		  esac
 		fi
@@ -5742,7 +6875,7 @@ func_mode_link ()
 	    if test -n "$add_shlibpath"; then
 	      case :$compile_shlibpath: in
 	      *":$add_shlibpath:"*) ;;
-	      *) compile_shlibpath="$compile_shlibpath$add_shlibpath:" ;;
+	      *) func_append compile_shlibpath "$add_shlibpath:" ;;
 	      esac
 	    fi
 	    if test "$linkmode" = prog; then
@@ -5756,13 +6889,13 @@ func_mode_link ()
 		 test "$hardcode_shlibpath_var" = yes; then
 		case :$finalize_shlibpath: in
 		*":$libdir:"*) ;;
-		*) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
+		*) func_append finalize_shlibpath "$libdir:" ;;
 		esac
 	      fi
 	    fi
 	  fi
 
-	  if test "$linkmode" = prog || test "$mode" = relink; then
+	  if test "$linkmode" = prog || test "$opt_mode" = relink; then
 	    add_shlibpath=
 	    add_dir=
 	    add=
@@ -5776,7 +6909,7 @@ func_mode_link ()
 	    elif test "$hardcode_shlibpath_var" = yes; then
 	      case :$finalize_shlibpath: in
 	      *":$libdir:"*) ;;
-	      *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;;
+	      *) func_append finalize_shlibpath "$libdir:" ;;
 	      esac
 	      add="-l$name"
 	    elif test "$hardcode_automatic" = yes; then
@@ -5793,7 +6926,7 @@ func_mode_link ()
 	      if test -n "$inst_prefix_dir"; then
 		case $libdir in
 		  [\\/]*)
-		    add_dir="$add_dir -L$inst_prefix_dir$libdir"
+		    func_append add_dir " -L$inst_prefix_dir$libdir"
 		    ;;
 		esac
 	      fi
@@ -5828,21 +6961,21 @@ func_mode_link ()
 
 	    # Just print a warning and add the library to dependency_libs so
 	    # that the program can be linked against the static library.
-	    $ECHO
+	    echo
 	    $ECHO "*** Warning: This system can not link to static lib archive $lib."
-	    $ECHO "*** I have the capability to make that library automatically link in when"
-	    $ECHO "*** you link to this library.  But I can only do this if you have a"
-	    $ECHO "*** shared version of the library, which you do not appear to have."
+	    echo "*** I have the capability to make that library automatically link in when"
+	    echo "*** you link to this library.  But I can only do this if you have a"
+	    echo "*** shared version of the library, which you do not appear to have."
 	    if test "$module" = yes; then
-	      $ECHO "*** But as you try to build a module library, libtool will still create "
-	      $ECHO "*** a static module, that should work as long as the dlopening application"
-	      $ECHO "*** is linked with the -dlopen flag to resolve symbols at runtime."
+	      echo "*** But as you try to build a module library, libtool will still create "
+	      echo "*** a static module, that should work as long as the dlopening application"
+	      echo "*** is linked with the -dlopen flag to resolve symbols at runtime."
 	      if test -z "$global_symbol_pipe"; then
-		$ECHO
-		$ECHO "*** However, this would only work if libtool was able to extract symbol"
-		$ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
-		$ECHO "*** not find such a program.  So, this module is probably useless."
-		$ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
+		echo
+		echo "*** However, this would only work if libtool was able to extract symbol"
+		echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+		echo "*** not find such a program.  So, this module is probably useless."
+		echo "*** \`nm' from GNU binutils and a full rebuild may help."
 	      fi
 	      if test "$build_old_libs" = no; then
 		build_libtool_libs=module
@@ -5870,27 +7003,33 @@ func_mode_link ()
 	           temp_xrpath=$func_stripname_result
 		   case " $xrpath " in
 		   *" $temp_xrpath "*) ;;
-		   *) xrpath="$xrpath $temp_xrpath";;
+		   *) func_append xrpath " $temp_xrpath";;
 		   esac;;
-	      *) temp_deplibs="$temp_deplibs $libdir";;
+	      *) func_append temp_deplibs " $libdir";;
 	      esac
 	    done
 	    dependency_libs="$temp_deplibs"
 	  fi
 
-	  newlib_search_path="$newlib_search_path $absdir"
+	  func_append newlib_search_path " $absdir"
 	  # Link against this library
 	  test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs"
 	  # ... and its dependency_libs
 	  tmp_libs=
 	  for deplib in $dependency_libs; do
 	    newdependency_libs="$deplib $newdependency_libs"
-	    if $opt_duplicate_deps ; then
+	    case $deplib in
+              -L*) func_stripname '-L' '' "$deplib"
+                   func_resolve_sysroot "$func_stripname_result";;
+              *) func_resolve_sysroot "$deplib" ;;
+            esac
+	    if $opt_preserve_dup_deps ; then
 	      case "$tmp_libs " in
-	      *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+	      *" $func_resolve_sysroot_result "*)
+                func_append specialdeplibs " $func_resolve_sysroot_result" ;;
 	      esac
 	    fi
-	    tmp_libs="$tmp_libs $deplib"
+	    func_append tmp_libs " $func_resolve_sysroot_result"
 	  done
 
 	  if test "$link_all_deplibs" != no; then
@@ -5900,8 +7039,10 @@ func_mode_link ()
 	      case $deplib in
 	      -L*) path="$deplib" ;;
 	      *.la)
+	        func_resolve_sysroot "$deplib"
+	        deplib=$func_resolve_sysroot_result
 	        func_dirname "$deplib" "" "."
-		dir="$func_dirname_result"
+		dir=$func_dirname_result
 		# We need an absolute path.
 		case $dir in
 		[\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;;
@@ -5928,8 +7069,8 @@ func_mode_link ()
                       if test -z "$darwin_install_name"; then
                           darwin_install_name=`${OTOOL64} -L $depdepl  | awk '{if (NR == 2) {print $1;exit}}'`
                       fi
-		      compiler_flags="$compiler_flags ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}"
-		      linker_flags="$linker_flags -dylib_file ${darwin_install_name}:${depdepl}"
+		      func_append compiler_flags " ${wl}-dylib_file ${wl}${darwin_install_name}:${depdepl}"
+		      func_append linker_flags " -dylib_file ${darwin_install_name}:${depdepl}"
 		      path=
 		    fi
 		  fi
@@ -5962,7 +7103,7 @@ func_mode_link ()
 	  compile_deplibs="$new_inherited_linker_flags $compile_deplibs"
 	  finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs"
 	else
-	  compiler_flags="$compiler_flags "`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
 	fi
       fi
       dependency_libs="$newdependency_libs"
@@ -5979,7 +7120,7 @@ func_mode_link ()
 	  for dir in $newlib_search_path; do
 	    case "$lib_search_path " in
 	    *" $dir "*) ;;
-	    *) lib_search_path="$lib_search_path $dir" ;;
+	    *) func_append lib_search_path " $dir" ;;
 	    esac
 	  done
 	  newlib_search_path=
@@ -6037,10 +7178,10 @@ func_mode_link ()
 	    -L*)
 	      case " $tmp_libs " in
 	      *" $deplib "*) ;;
-	      *) tmp_libs="$tmp_libs $deplib" ;;
+	      *) func_append tmp_libs " $deplib" ;;
 	      esac
 	      ;;
-	    *) tmp_libs="$tmp_libs $deplib" ;;
+	    *) func_append tmp_libs " $deplib" ;;
 	    esac
 	  done
 	  eval $var=\"$tmp_libs\"
@@ -6056,7 +7197,7 @@ func_mode_link ()
 	  ;;
 	esac
 	if test -n "$i" ; then
-	  tmp_libs="$tmp_libs $i"
+	  func_append tmp_libs " $i"
 	fi
       done
       dependency_libs=$tmp_libs
@@ -6097,7 +7238,7 @@ func_mode_link ()
       # Now set the variables for building old libraries.
       build_libtool_libs=no
       oldlibs="$output"
-      objs="$objs$old_deplibs"
+      func_append objs "$old_deplibs"
       ;;
 
     lib)
@@ -6130,10 +7271,10 @@ func_mode_link ()
 	if test "$deplibs_check_method" != pass_all; then
 	  func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs"
 	else
-	  $ECHO
+	  echo
 	  $ECHO "*** Warning: Linking the shared library $output against the non-libtool"
 	  $ECHO "*** objects $objs is not portable!"
-	  libobjs="$libobjs $objs"
+	  func_append libobjs " $objs"
 	fi
       fi
 
@@ -6192,13 +7333,14 @@ func_mode_link ()
 	  # which has an extra 1 added just for fun
 	  #
 	  case $version_type in
+	  # correct linux to gnu/linux during the next big refactor
 	  darwin|linux|osf|windows|none)
 	    func_arith $number_major + $number_minor
 	    current=$func_arith_result
 	    age="$number_minor"
 	    revision="$number_revision"
 	    ;;
-	  freebsd-aout|freebsd-elf|sunos)
+	  freebsd-aout|freebsd-elf|qnx|sunos)
 	    current="$number_major"
 	    revision="$number_minor"
 	    age="0"
@@ -6311,7 +7453,7 @@ func_mode_link ()
 	  versuffix="$major.$revision"
 	  ;;
 
-	linux)
+	linux) # correct to gnu/linux during the next big refactor
 	  func_arith $current - $age
 	  major=.$func_arith_result
 	  versuffix="$major.$age.$revision"
@@ -6334,7 +7476,7 @@ func_mode_link ()
 	  done
 
 	  # Make executables depend on our current version.
-	  verstring="$verstring:${current}.0"
+	  func_append verstring ":${current}.0"
 	  ;;
 
 	qnx)
@@ -6402,10 +7544,10 @@ func_mode_link ()
       fi
 
       func_generate_dlsyms "$libname" "$libname" "yes"
-      libobjs="$libobjs $symfileobj"
+      func_append libobjs " $symfileobj"
       test "X$libobjs" = "X " && libobjs=
 
-      if test "$mode" != relink; then
+      if test "$opt_mode" != relink; then
 	# Remove our outputs, but don't remove object files since they
 	# may have been created when compiling PIC objects.
 	removelist=
@@ -6421,7 +7563,7 @@ func_mode_link ()
 		   continue
 		 fi
 	       fi
-	       removelist="$removelist $p"
+	       func_append removelist " $p"
 	       ;;
 	    *) ;;
 	  esac
@@ -6432,27 +7574,28 @@ func_mode_link ()
 
       # Now set the variables for building old libraries.
       if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then
-	oldlibs="$oldlibs $output_objdir/$libname.$libext"
+	func_append oldlibs " $output_objdir/$libname.$libext"
 
 	# Transform .lo files to .o files.
-	oldobjs="$objs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP`
+	oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP`
       fi
 
       # Eliminate all temporary directories.
       #for path in $notinst_path; do
-      #	lib_search_path=`$ECHO "X$lib_search_path " | $Xsed -e "s% $path % %g"`
-      #	deplibs=`$ECHO "X$deplibs " | $Xsed -e "s% -L$path % %g"`
-      #	dependency_libs=`$ECHO "X$dependency_libs " | $Xsed -e "s% -L$path % %g"`
+      #	lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"`
+      #	deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"`
+      #	dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"`
       #done
 
       if test -n "$xrpath"; then
 	# If the user specified any rpath flags, then add them.
 	temp_xrpath=
 	for libdir in $xrpath; do
-	  temp_xrpath="$temp_xrpath -R$libdir"
+	  func_replace_sysroot "$libdir"
+	  func_append temp_xrpath " -R$func_replace_sysroot_result"
 	  case "$finalize_rpath " in
 	  *" $libdir "*) ;;
-	  *) finalize_rpath="$finalize_rpath $libdir" ;;
+	  *) func_append finalize_rpath " $libdir" ;;
 	  esac
 	done
 	if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then
@@ -6466,7 +7609,7 @@ func_mode_link ()
       for lib in $old_dlfiles; do
 	case " $dlprefiles $dlfiles " in
 	*" $lib "*) ;;
-	*) dlfiles="$dlfiles $lib" ;;
+	*) func_append dlfiles " $lib" ;;
 	esac
       done
 
@@ -6476,19 +7619,19 @@ func_mode_link ()
       for lib in $old_dlprefiles; do
 	case "$dlprefiles " in
 	*" $lib "*) ;;
-	*) dlprefiles="$dlprefiles $lib" ;;
+	*) func_append dlprefiles " $lib" ;;
 	esac
       done
 
       if test "$build_libtool_libs" = yes; then
 	if test -n "$rpath"; then
 	  case $host in
-	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc*)
+	  *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*)
 	    # these systems don't actually have a c library (as such)!
 	    ;;
 	  *-*-rhapsody* | *-*-darwin1.[012])
 	    # Rhapsody C library is in the System framework
-	    deplibs="$deplibs System.ltframework"
+	    func_append deplibs " System.ltframework"
 	    ;;
 	  *-*-netbsd*)
 	    # Don't link with libc until the a.out ld.so is fixed.
@@ -6505,7 +7648,7 @@ func_mode_link ()
 	  *)
 	    # Add libc to deplibs on all other systems if necessary.
 	    if test "$build_libtool_need_lc" = "yes"; then
-	      deplibs="$deplibs -lc"
+	      func_append deplibs " -lc"
 	    fi
 	    ;;
 	  esac
@@ -6554,7 +7697,7 @@ EOF
 		if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
 		  case " $predeps $postdeps " in
 		  *" $i "*)
-		    newdeplibs="$newdeplibs $i"
+		    func_append newdeplibs " $i"
 		    i=""
 		    ;;
 		  esac
@@ -6565,21 +7708,21 @@ EOF
 		  set dummy $deplib_matches; shift
 		  deplib_match=$1
 		  if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
-		    newdeplibs="$newdeplibs $i"
+		    func_append newdeplibs " $i"
 		  else
 		    droppeddeps=yes
-		    $ECHO
+		    echo
 		    $ECHO "*** Warning: dynamic linker does not accept needed library $i."
-		    $ECHO "*** I have the capability to make that library automatically link in when"
-		    $ECHO "*** you link to this library.  But I can only do this if you have a"
-		    $ECHO "*** shared version of the library, which I believe you do not have"
-		    $ECHO "*** because a test_compile did reveal that the linker did not use it for"
-		    $ECHO "*** its dynamic dependency list that programs get resolved with at runtime."
+		    echo "*** I have the capability to make that library automatically link in when"
+		    echo "*** you link to this library.  But I can only do this if you have a"
+		    echo "*** shared version of the library, which I believe you do not have"
+		    echo "*** because a test_compile did reveal that the linker did not use it for"
+		    echo "*** its dynamic dependency list that programs get resolved with at runtime."
 		  fi
 		fi
 		;;
 	      *)
-		newdeplibs="$newdeplibs $i"
+		func_append newdeplibs " $i"
 		;;
 	      esac
 	    done
@@ -6597,7 +7740,7 @@ EOF
 		  if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
 		    case " $predeps $postdeps " in
 		    *" $i "*)
-		      newdeplibs="$newdeplibs $i"
+		      func_append newdeplibs " $i"
 		      i=""
 		      ;;
 		    esac
@@ -6608,29 +7751,29 @@ EOF
 		    set dummy $deplib_matches; shift
 		    deplib_match=$1
 		    if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
-		      newdeplibs="$newdeplibs $i"
+		      func_append newdeplibs " $i"
 		    else
 		      droppeddeps=yes
-		      $ECHO
+		      echo
 		      $ECHO "*** Warning: dynamic linker does not accept needed library $i."
-		      $ECHO "*** I have the capability to make that library automatically link in when"
-		      $ECHO "*** you link to this library.  But I can only do this if you have a"
-		      $ECHO "*** shared version of the library, which you do not appear to have"
-		      $ECHO "*** because a test_compile did reveal that the linker did not use this one"
-		      $ECHO "*** as a dynamic dependency that programs can get resolved with at runtime."
+		      echo "*** I have the capability to make that library automatically link in when"
+		      echo "*** you link to this library.  But I can only do this if you have a"
+		      echo "*** shared version of the library, which you do not appear to have"
+		      echo "*** because a test_compile did reveal that the linker did not use this one"
+		      echo "*** as a dynamic dependency that programs can get resolved with at runtime."
 		    fi
 		  fi
 		else
 		  droppeddeps=yes
-		  $ECHO
+		  echo
 		  $ECHO "*** Warning!  Library $i is needed by this library but I was not able to"
-		  $ECHO "*** make it link in!  You will probably need to install it or some"
-		  $ECHO "*** library that it depends on before this library will be fully"
-		  $ECHO "*** functional.  Installing it before continuing would be even better."
+		  echo "*** make it link in!  You will probably need to install it or some"
+		  echo "*** library that it depends on before this library will be fully"
+		  echo "*** functional.  Installing it before continuing would be even better."
 		fi
 		;;
 	      *)
-		newdeplibs="$newdeplibs $i"
+		func_append newdeplibs " $i"
 		;;
 	      esac
 	    done
@@ -6647,15 +7790,27 @@ EOF
 	      if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
 		case " $predeps $postdeps " in
 		*" $a_deplib "*)
-		  newdeplibs="$newdeplibs $a_deplib"
+		  func_append newdeplibs " $a_deplib"
 		  a_deplib=""
 		  ;;
 		esac
 	      fi
 	      if test -n "$a_deplib" ; then
 		libname=`eval "\\$ECHO \"$libname_spec\""`
+		if test -n "$file_magic_glob"; then
+		  libnameglob=`func_echo_all "$libname" | $SED -e $file_magic_glob`
+		else
+		  libnameglob=$libname
+		fi
+		test "$want_nocaseglob" = yes && nocaseglob=`shopt -p nocaseglob`
 		for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do
-		  potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+		  if test "$want_nocaseglob" = yes; then
+		    shopt -s nocaseglob
+		    potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null`
+		    $nocaseglob
+		  else
+		    potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null`
+		  fi
 		  for potent_lib in $potential_libs; do
 		      # Follow soft links.
 		      if ls -lLd "$potent_lib" 2>/dev/null |
@@ -6672,13 +7827,13 @@ EOF
 			potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'`
 			case $potliblink in
 			[\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
-			*) potlib=`$ECHO "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";;
+			*) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";;
 			esac
 		      done
 		      if eval $file_magic_cmd \"\$potlib\" 2>/dev/null |
 			 $SED -e 10q |
 			 $EGREP "$file_magic_regex" > /dev/null; then
-			newdeplibs="$newdeplibs $a_deplib"
+			func_append newdeplibs " $a_deplib"
 			a_deplib=""
 			break 2
 		      fi
@@ -6687,12 +7842,12 @@ EOF
 	      fi
 	      if test -n "$a_deplib" ; then
 		droppeddeps=yes
-		$ECHO
+		echo
 		$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
-		$ECHO "*** I have the capability to make that library automatically link in when"
-		$ECHO "*** you link to this library.  But I can only do this if you have a"
-		$ECHO "*** shared version of the library, which you do not appear to have"
-		$ECHO "*** because I did check the linker path looking for a file starting"
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because I did check the linker path looking for a file starting"
 		if test -z "$potlib" ; then
 		  $ECHO "*** with $libname but no candidates were found. (...for file magic test)"
 		else
@@ -6703,7 +7858,7 @@ EOF
 	      ;;
 	    *)
 	      # Add a -L argument.
-	      newdeplibs="$newdeplibs $a_deplib"
+	      func_append newdeplibs " $a_deplib"
 	      ;;
 	    esac
 	  done # Gone through all deplibs.
@@ -6719,7 +7874,7 @@ EOF
 	      if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
 		case " $predeps $postdeps " in
 		*" $a_deplib "*)
-		  newdeplibs="$newdeplibs $a_deplib"
+		  func_append newdeplibs " $a_deplib"
 		  a_deplib=""
 		  ;;
 		esac
@@ -6730,9 +7885,9 @@ EOF
 		  potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
 		  for potent_lib in $potential_libs; do
 		    potlib="$potent_lib" # see symlink-check above in file_magic test
-		    if eval "\$ECHO \"X$potent_lib\"" 2>/dev/null | $Xsed -e 10q | \
+		    if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \
 		       $EGREP "$match_pattern_regex" > /dev/null; then
-		      newdeplibs="$newdeplibs $a_deplib"
+		      func_append newdeplibs " $a_deplib"
 		      a_deplib=""
 		      break 2
 		    fi
@@ -6741,12 +7896,12 @@ EOF
 	      fi
 	      if test -n "$a_deplib" ; then
 		droppeddeps=yes
-		$ECHO
+		echo
 		$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
-		$ECHO "*** I have the capability to make that library automatically link in when"
-		$ECHO "*** you link to this library.  But I can only do this if you have a"
-		$ECHO "*** shared version of the library, which you do not appear to have"
-		$ECHO "*** because I did check the linker path looking for a file starting"
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have"
+		echo "*** because I did check the linker path looking for a file starting"
 		if test -z "$potlib" ; then
 		  $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)"
 		else
@@ -6757,32 +7912,32 @@ EOF
 	      ;;
 	    *)
 	      # Add a -L argument.
-	      newdeplibs="$newdeplibs $a_deplib"
+	      func_append newdeplibs " $a_deplib"
 	      ;;
 	    esac
 	  done # Gone through all deplibs.
 	  ;;
 	none | unknown | *)
 	  newdeplibs=""
-	  tmp_deplibs=`$ECHO "X $deplibs" | $Xsed \
-	      -e 's/ -lc$//' -e 's/ -[LR][^ ]*//g'`
+	  tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'`
 	  if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
 	    for i in $predeps $postdeps ; do
 	      # can't use Xsed below, because $i might contain '/'
-	      tmp_deplibs=`$ECHO "X $tmp_deplibs" | $Xsed -e "s,$i,,"`
+	      tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"`
 	    done
 	  fi
-	  if $ECHO "X $tmp_deplibs" | $Xsed -e 's/[	 ]//g' |
-	     $GREP . >/dev/null; then
-	    $ECHO
+	  case $tmp_deplibs in
+	  *[!\	\ ]*)
+	    echo
 	    if test "X$deplibs_check_method" = "Xnone"; then
-	      $ECHO "*** Warning: inter-library dependencies are not supported in this platform."
+	      echo "*** Warning: inter-library dependencies are not supported in this platform."
 	    else
-	      $ECHO "*** Warning: inter-library dependencies are not known to be supported."
+	      echo "*** Warning: inter-library dependencies are not known to be supported."
 	    fi
-	    $ECHO "*** All declared inter-library dependencies are being dropped."
+	    echo "*** All declared inter-library dependencies are being dropped."
 	    droppeddeps=yes
-	  fi
+	    ;;
+	  esac
 	  ;;
 	esac
 	versuffix=$versuffix_save
@@ -6794,23 +7949,23 @@ EOF
 	case $host in
 	*-*-rhapsody* | *-*-darwin1.[012])
 	  # On Rhapsody replace the C library with the System framework
-	  newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
+	  newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'`
 	  ;;
 	esac
 
 	if test "$droppeddeps" = yes; then
 	  if test "$module" = yes; then
-	    $ECHO
-	    $ECHO "*** Warning: libtool could not satisfy all declared inter-library"
+	    echo
+	    echo "*** Warning: libtool could not satisfy all declared inter-library"
 	    $ECHO "*** dependencies of module $libname.  Therefore, libtool will create"
-	    $ECHO "*** a static module, that should work as long as the dlopening"
-	    $ECHO "*** application is linked with the -dlopen flag."
+	    echo "*** a static module, that should work as long as the dlopening"
+	    echo "*** application is linked with the -dlopen flag."
 	    if test -z "$global_symbol_pipe"; then
-	      $ECHO
-	      $ECHO "*** However, this would only work if libtool was able to extract symbol"
-	      $ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
-	      $ECHO "*** not find such a program.  So, this module is probably useless."
-	      $ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
+	      echo
+	      echo "*** However, this would only work if libtool was able to extract symbol"
+	      echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+	      echo "*** not find such a program.  So, this module is probably useless."
+	      echo "*** \`nm' from GNU binutils and a full rebuild may help."
 	    fi
 	    if test "$build_old_libs" = no; then
 	      oldlibs="$output_objdir/$libname.$libext"
@@ -6820,16 +7975,16 @@ EOF
 	      build_libtool_libs=no
 	    fi
 	  else
-	    $ECHO "*** The inter-library dependencies that have been dropped here will be"
-	    $ECHO "*** automatically added whenever a program is linked with this library"
-	    $ECHO "*** or is declared to -dlopen it."
+	    echo "*** The inter-library dependencies that have been dropped here will be"
+	    echo "*** automatically added whenever a program is linked with this library"
+	    echo "*** or is declared to -dlopen it."
 
 	    if test "$allow_undefined" = no; then
-	      $ECHO
-	      $ECHO "*** Since this library must not contain undefined symbols,"
-	      $ECHO "*** because either the platform does not support them or"
-	      $ECHO "*** it was explicitly requested with -no-undefined,"
-	      $ECHO "*** libtool will only create a static version of it."
+	      echo
+	      echo "*** Since this library must not contain undefined symbols,"
+	      echo "*** because either the platform does not support them or"
+	      echo "*** it was explicitly requested with -no-undefined,"
+	      echo "*** libtool will only create a static version of it."
 	      if test "$build_old_libs" = no; then
 		oldlibs="$output_objdir/$libname.$libext"
 		build_libtool_libs=module
@@ -6846,9 +8001,9 @@ EOF
       # Time to change all our "foo.ltframework" stuff back to "-framework foo"
       case $host in
 	*-*-darwin*)
-	  newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
-	  new_inherited_linker_flags=`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
-	  deplibs=`$ECHO "X $deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	  deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
 	  ;;
       esac
 
@@ -6861,7 +8016,7 @@ EOF
 	*)
 	  case " $deplibs " in
 	  *" -L$path/$objdir "*)
-	    new_libs="$new_libs -L$path/$objdir" ;;
+	    func_append new_libs " -L$path/$objdir" ;;
 	  esac
 	  ;;
 	esac
@@ -6871,10 +8026,10 @@ EOF
 	-L*)
 	  case " $new_libs " in
 	  *" $deplib "*) ;;
-	  *) new_libs="$new_libs $deplib" ;;
+	  *) func_append new_libs " $deplib" ;;
 	  esac
 	  ;;
-	*) new_libs="$new_libs $deplib" ;;
+	*) func_append new_libs " $deplib" ;;
 	esac
       done
       deplibs="$new_libs"
@@ -6886,15 +8041,22 @@ EOF
 
       # Test again, we may have decided not to build it any more
       if test "$build_libtool_libs" = yes; then
+	# Remove ${wl} instances when linking with ld.
+	# FIXME: should test the right _cmds variable.
+	case $archive_cmds in
+	  *\$LD\ *) wl= ;;
+        esac
 	if test "$hardcode_into_libs" = yes; then
 	  # Hardcode the library paths
 	  hardcode_libdirs=
 	  dep_rpath=
 	  rpath="$finalize_rpath"
-	  test "$mode" != relink && rpath="$compile_rpath$rpath"
+	  test "$opt_mode" != relink && rpath="$compile_rpath$rpath"
 	  for libdir in $rpath; do
 	    if test -n "$hardcode_libdir_flag_spec"; then
 	      if test -n "$hardcode_libdir_separator"; then
+		func_replace_sysroot "$libdir"
+		libdir=$func_replace_sysroot_result
 		if test -z "$hardcode_libdirs"; then
 		  hardcode_libdirs="$libdir"
 		else
@@ -6903,18 +8065,18 @@ EOF
 		  *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
 		    ;;
 		  *)
-		    hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+		    func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
 		    ;;
 		  esac
 		fi
 	      else
 		eval flag=\"$hardcode_libdir_flag_spec\"
-		dep_rpath="$dep_rpath $flag"
+		func_append dep_rpath " $flag"
 	      fi
 	    elif test -n "$runpath_var"; then
 	      case "$perm_rpath " in
 	      *" $libdir "*) ;;
-	      *) perm_rpath="$perm_rpath $libdir" ;;
+	      *) func_append perm_rpath " $libdir" ;;
 	      esac
 	    fi
 	  done
@@ -6922,17 +8084,13 @@ EOF
 	  if test -n "$hardcode_libdir_separator" &&
 	     test -n "$hardcode_libdirs"; then
 	    libdir="$hardcode_libdirs"
-	    if test -n "$hardcode_libdir_flag_spec_ld"; then
-	      eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\"
-	    else
-	      eval dep_rpath=\"$hardcode_libdir_flag_spec\"
-	    fi
+	    eval "dep_rpath=\"$hardcode_libdir_flag_spec\""
 	  fi
 	  if test -n "$runpath_var" && test -n "$perm_rpath"; then
 	    # We should set the runpath_var.
 	    rpath=
 	    for dir in $perm_rpath; do
-	      rpath="$rpath$dir:"
+	      func_append rpath "$dir:"
 	    done
 	    eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var"
 	  fi
@@ -6940,7 +8098,7 @@ EOF
 	fi
 
 	shlibpath="$finalize_shlibpath"
-	test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath"
+	test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath"
 	if test -n "$shlibpath"; then
 	  eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var"
 	fi
@@ -6966,18 +8124,18 @@ EOF
 	linknames=
 	for link
 	do
-	  linknames="$linknames $link"
+	  func_append linknames " $link"
 	done
 
 	# Use standard objects if they are pic
-	test -z "$pic_flag" && libobjs=`$ECHO "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+	test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP`
 	test "X$libobjs" = "X " && libobjs=
 
 	delfiles=
 	if test -n "$export_symbols" && test -n "$include_expsyms"; then
 	  $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp"
 	  export_symbols="$output_objdir/$libname.uexp"
-	  delfiles="$delfiles $export_symbols"
+	  func_append delfiles " $export_symbols"
 	fi
 
 	orig_export_symbols=
@@ -7008,13 +8166,45 @@ EOF
 	    $opt_dry_run || $RM $export_symbols
 	    cmds=$export_symbols_cmds
 	    save_ifs="$IFS"; IFS='~'
-	    for cmd in $cmds; do
+	    for cmd1 in $cmds; do
 	      IFS="$save_ifs"
-	      eval cmd=\"$cmd\"
-	      func_len " $cmd"
-	      len=$func_len_result
-	      if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
+	      # Take the normal branch if the nm_file_list_spec branch
+	      # doesn't work or if tool conversion is not needed.
+	      case $nm_file_list_spec~$to_tool_file_cmd in
+		*~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*)
+		  try_normal_branch=yes
+		  eval cmd=\"$cmd1\"
+		  func_len " $cmd"
+		  len=$func_len_result
+		  ;;
+		*)
+		  try_normal_branch=no
+		  ;;
+	      esac
+	      if test "$try_normal_branch" = yes \
+		 && { test "$len" -lt "$max_cmd_len" \
+		      || test "$max_cmd_len" -le -1; }
+	      then
+		func_show_eval "$cmd" 'exit $?'
+		skipped_export=false
+	      elif test -n "$nm_file_list_spec"; then
+		func_basename "$output"
+		output_la=$func_basename_result
+		save_libobjs=$libobjs
+		save_output=$output
+		output=${output_objdir}/${output_la}.nm
+		func_to_tool_file "$output"
+		libobjs=$nm_file_list_spec$func_to_tool_file_result
+		func_append delfiles " $output"
+		func_verbose "creating $NM input file list: $output"
+		for obj in $save_libobjs; do
+		  func_to_tool_file "$obj"
+		  $ECHO "$func_to_tool_file_result"
+		done > "$output"
+		eval cmd=\"$cmd1\"
 		func_show_eval "$cmd" 'exit $?'
+		output=$save_output
+		libobjs=$save_libobjs
 		skipped_export=false
 	      else
 		# The command line is too long to execute in one step.
@@ -7036,7 +8226,7 @@ EOF
 	if test -n "$export_symbols" && test -n "$include_expsyms"; then
 	  tmp_export_symbols="$export_symbols"
 	  test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
-	  $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
+	  $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
 	fi
 
 	if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then
@@ -7048,7 +8238,7 @@ EOF
 	  # global variables. join(1) would be nice here, but unfortunately
 	  # isn't a blessed tool.
 	  $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
-	  delfiles="$delfiles $export_symbols $output_objdir/$libname.filter"
+	  func_append delfiles " $export_symbols $output_objdir/$libname.filter"
 	  export_symbols=$output_objdir/$libname.def
 	  $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
 	fi
@@ -7058,7 +8248,7 @@ EOF
 	  case " $convenience " in
 	  *" $test_deplib "*) ;;
 	  *)
-	    tmp_deplibs="$tmp_deplibs $test_deplib"
+	    func_append tmp_deplibs " $test_deplib"
 	    ;;
 	  esac
 	done
@@ -7078,21 +8268,21 @@ EOF
 	    test "X$libobjs" = "X " && libobjs=
 	  else
 	    gentop="$output_objdir/${outputname}x"
-	    generated="$generated $gentop"
+	    func_append generated " $gentop"
 
 	    func_extract_archives $gentop $convenience
-	    libobjs="$libobjs $func_extract_archives_result"
+	    func_append libobjs " $func_extract_archives_result"
 	    test "X$libobjs" = "X " && libobjs=
 	  fi
 	fi
 
 	if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then
 	  eval flag=\"$thread_safe_flag_spec\"
-	  linker_flags="$linker_flags $flag"
+	  func_append linker_flags " $flag"
 	fi
 
 	# Make a backup of the uninstalled library when relinking
-	if test "$mode" = relink; then
+	if test "$opt_mode" = relink; then
 	  $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $?
 	fi
 
@@ -7137,7 +8327,8 @@ EOF
 	    save_libobjs=$libobjs
 	  fi
 	  save_output=$output
-	  output_la=`$ECHO "X$output" | $Xsed -e "$basename"`
+	  func_basename "$output"
+	  output_la=$func_basename_result
 
 	  # Clear the reloadable object creation command queue and
 	  # initialize k to one.
@@ -7150,13 +8341,16 @@ EOF
 	  if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then
 	    output=${output_objdir}/${output_la}.lnkscript
 	    func_verbose "creating GNU ld script: $output"
-	    $ECHO 'INPUT (' > $output
+	    echo 'INPUT (' > $output
 	    for obj in $save_libobjs
 	    do
-	      $ECHO "$obj" >> $output
+	      func_to_tool_file "$obj"
+	      $ECHO "$func_to_tool_file_result" >> $output
 	    done
-	    $ECHO ')' >> $output
-	    delfiles="$delfiles $output"
+	    echo ')' >> $output
+	    func_append delfiles " $output"
+	    func_to_tool_file "$output"
+	    output=$func_to_tool_file_result
 	  elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then
 	    output=${output_objdir}/${output_la}.lnk
 	    func_verbose "creating linker input file list: $output"
@@ -7170,10 +8364,12 @@ EOF
 	    fi
 	    for obj
 	    do
-	      $ECHO "$obj" >> $output
+	      func_to_tool_file "$obj"
+	      $ECHO "$func_to_tool_file_result" >> $output
 	    done
-	    delfiles="$delfiles $output"
-	    output=$firstobj\"$file_list_spec$output\"
+	    func_append delfiles " $output"
+	    func_to_tool_file "$output"
+	    output=$firstobj\"$file_list_spec$func_to_tool_file_result\"
 	  else
 	    if test -n "$save_libobjs"; then
 	      func_verbose "creating reloadable object files..."
@@ -7197,17 +8393,19 @@ EOF
 		  # command to the queue.
 		  if test "$k" -eq 1 ; then
 		    # The first file doesn't have a previous command to add.
-		    eval concat_cmds=\"$reload_cmds $objlist $last_robj\"
+		    reload_objs=$objlist
+		    eval concat_cmds=\"$reload_cmds\"
 		  else
 		    # All subsequent reloadable object files will link in
 		    # the last one created.
-		    eval concat_cmds=\"\$concat_cmds~$reload_cmds $objlist $last_robj~\$RM $last_robj\"
+		    reload_objs="$objlist $last_robj"
+		    eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\"
 		  fi
 		  last_robj=$output_objdir/$output_la-${k}.$objext
 		  func_arith $k + 1
 		  k=$func_arith_result
 		  output=$output_objdir/$output_la-${k}.$objext
-		  objlist=$obj
+		  objlist=" $obj"
 		  func_len " $last_robj"
 		  func_arith $len0 + $func_len_result
 		  len=$func_arith_result
@@ -7217,11 +8415,12 @@ EOF
 	      # reloadable object file.  All subsequent reloadable object
 	      # files will link in the last one created.
 	      test -z "$concat_cmds" || concat_cmds=$concat_cmds~
-	      eval concat_cmds=\"\${concat_cmds}$reload_cmds $objlist $last_robj\"
+	      reload_objs="$objlist $last_robj"
+	      eval concat_cmds=\"\${concat_cmds}$reload_cmds\"
 	      if test -n "$last_robj"; then
 	        eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\"
 	      fi
-	      delfiles="$delfiles $output"
+	      func_append delfiles " $output"
 
 	    else
 	      output=
@@ -7255,7 +8454,7 @@ EOF
 		lt_exit=$?
 
 		# Restore the uninstalled library and exit
-		if test "$mode" = relink; then
+		if test "$opt_mode" = relink; then
 		  ( cd "$output_objdir" && \
 		    $RM "${realname}T" && \
 		    $MV "${realname}U" "$realname" )
@@ -7276,7 +8475,7 @@ EOF
 	    if test -n "$export_symbols" && test -n "$include_expsyms"; then
 	      tmp_export_symbols="$export_symbols"
 	      test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
-	      $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
+	      $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
 	    fi
 
 	    if test -n "$orig_export_symbols"; then
@@ -7288,7 +8487,7 @@ EOF
 	      # global variables. join(1) would be nice here, but unfortunately
 	      # isn't a blessed tool.
 	      $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter
-	      delfiles="$delfiles $export_symbols $output_objdir/$libname.filter"
+	      func_append delfiles " $export_symbols $output_objdir/$libname.filter"
 	      export_symbols=$output_objdir/$libname.def
 	      $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols
 	    fi
@@ -7329,10 +8528,10 @@ EOF
 	# Add any objects from preloaded convenience libraries
 	if test -n "$dlprefiles"; then
 	  gentop="$output_objdir/${outputname}x"
-	  generated="$generated $gentop"
+	  func_append generated " $gentop"
 
 	  func_extract_archives $gentop $dlprefiles
-	  libobjs="$libobjs $func_extract_archives_result"
+	  func_append libobjs " $func_extract_archives_result"
 	  test "X$libobjs" = "X " && libobjs=
 	fi
 
@@ -7348,7 +8547,7 @@ EOF
 	    lt_exit=$?
 
 	    # Restore the uninstalled library and exit
-	    if test "$mode" = relink; then
+	    if test "$opt_mode" = relink; then
 	      ( cd "$output_objdir" && \
 	        $RM "${realname}T" && \
 		$MV "${realname}U" "$realname" )
@@ -7360,7 +8559,7 @@ EOF
 	IFS="$save_ifs"
 
 	# Restore the uninstalled library and exit
-	if test "$mode" = relink; then
+	if test "$opt_mode" = relink; then
 	  $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $?
 
 	  if test -n "$convenience"; then
@@ -7441,18 +8640,21 @@ EOF
       if test -n "$convenience"; then
 	if test -n "$whole_archive_flag_spec"; then
 	  eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\"
-	  reload_conv_objs=$reload_objs\ `$ECHO "X$tmp_whole_archive_flags" | $Xsed -e 's|,| |g'`
+	  reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'`
 	else
 	  gentop="$output_objdir/${obj}x"
-	  generated="$generated $gentop"
+	  func_append generated " $gentop"
 
 	  func_extract_archives $gentop $convenience
 	  reload_conv_objs="$reload_objs $func_extract_archives_result"
 	fi
       fi
 
+      # If we're not building shared, we need to use non_pic_objs
+      test "$build_libtool_libs" != yes && libobjs="$non_pic_objects"
+
       # Create the old-style object.
-      reload_objs="$objs$old_deplibs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
+      reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
 
       output="$obj"
       func_execute_cmds "$reload_cmds" 'exit $?'
@@ -7512,8 +8714,8 @@ EOF
       case $host in
       *-*-rhapsody* | *-*-darwin1.[012])
 	# On Rhapsody replace the C library is the System framework
-	compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
-	finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
+	compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'`
+	finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'`
 	;;
       esac
 
@@ -7524,14 +8726,14 @@ EOF
 	if test "$tagname" = CXX ; then
 	  case ${MACOSX_DEPLOYMENT_TARGET-10.0} in
 	    10.[0123])
-	      compile_command="$compile_command ${wl}-bind_at_load"
-	      finalize_command="$finalize_command ${wl}-bind_at_load"
+	      func_append compile_command " ${wl}-bind_at_load"
+	      func_append finalize_command " ${wl}-bind_at_load"
 	    ;;
 	  esac
 	fi
 	# Time to change all our "foo.ltframework" stuff back to "-framework foo"
-	compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
-	finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+	compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+	finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
 	;;
       esac
 
@@ -7545,7 +8747,7 @@ EOF
 	*)
 	  case " $compile_deplibs " in
 	  *" -L$path/$objdir "*)
-	    new_libs="$new_libs -L$path/$objdir" ;;
+	    func_append new_libs " -L$path/$objdir" ;;
 	  esac
 	  ;;
 	esac
@@ -7555,17 +8757,17 @@ EOF
 	-L*)
 	  case " $new_libs " in
 	  *" $deplib "*) ;;
-	  *) new_libs="$new_libs $deplib" ;;
+	  *) func_append new_libs " $deplib" ;;
 	  esac
 	  ;;
-	*) new_libs="$new_libs $deplib" ;;
+	*) func_append new_libs " $deplib" ;;
 	esac
       done
       compile_deplibs="$new_libs"
 
 
-      compile_command="$compile_command $compile_deplibs"
-      finalize_command="$finalize_command $finalize_deplibs"
+      func_append compile_command " $compile_deplibs"
+      func_append finalize_command " $finalize_deplibs"
 
       if test -n "$rpath$xrpath"; then
 	# If the user specified any rpath flags, then add them.
@@ -7573,7 +8775,7 @@ EOF
 	  # This is the magic to use -rpath.
 	  case "$finalize_rpath " in
 	  *" $libdir "*) ;;
-	  *) finalize_rpath="$finalize_rpath $libdir" ;;
+	  *) func_append finalize_rpath " $libdir" ;;
 	  esac
 	done
       fi
@@ -7592,18 +8794,18 @@ EOF
 	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
 		;;
 	      *)
-		hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+		func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
 		;;
 	      esac
 	    fi
 	  else
 	    eval flag=\"$hardcode_libdir_flag_spec\"
-	    rpath="$rpath $flag"
+	    func_append rpath " $flag"
 	  fi
 	elif test -n "$runpath_var"; then
 	  case "$perm_rpath " in
 	  *" $libdir "*) ;;
-	  *) perm_rpath="$perm_rpath $libdir" ;;
+	  *) func_append perm_rpath " $libdir" ;;
 	  esac
 	fi
 	case $host in
@@ -7612,12 +8814,12 @@ EOF
 	  case :$dllsearchpath: in
 	  *":$libdir:"*) ;;
 	  ::) dllsearchpath=$libdir;;
-	  *) dllsearchpath="$dllsearchpath:$libdir";;
+	  *) func_append dllsearchpath ":$libdir";;
 	  esac
 	  case :$dllsearchpath: in
 	  *":$testbindir:"*) ;;
 	  ::) dllsearchpath=$testbindir;;
-	  *) dllsearchpath="$dllsearchpath:$testbindir";;
+	  *) func_append dllsearchpath ":$testbindir";;
 	  esac
 	  ;;
 	esac
@@ -7643,18 +8845,18 @@ EOF
 	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
 		;;
 	      *)
-		hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+		func_append hardcode_libdirs "$hardcode_libdir_separator$libdir"
 		;;
 	      esac
 	    fi
 	  else
 	    eval flag=\"$hardcode_libdir_flag_spec\"
-	    rpath="$rpath $flag"
+	    func_append rpath " $flag"
 	  fi
 	elif test -n "$runpath_var"; then
 	  case "$finalize_perm_rpath " in
 	  *" $libdir "*) ;;
-	  *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;;
+	  *) func_append finalize_perm_rpath " $libdir" ;;
 	  esac
 	fi
       done
@@ -7668,8 +8870,8 @@ EOF
 
       if test -n "$libobjs" && test "$build_old_libs" = yes; then
 	# Transform all the library objects into standard objects.
-	compile_command=`$ECHO "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
-	finalize_command=`$ECHO "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+	compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+	finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
       fi
 
       func_generate_dlsyms "$outputname" "@PROGRAM@" "no"
@@ -7681,15 +8883,15 @@ EOF
 
       wrappers_required=yes
       case $host in
+      *cegcc* | *mingw32ce*)
+        # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway.
+        wrappers_required=no
+        ;;
       *cygwin* | *mingw* )
         if test "$build_libtool_libs" != yes; then
           wrappers_required=no
         fi
         ;;
-      *cegcc)
-        # Disable wrappers for cegcc, we are cross compiling anyway.
-        wrappers_required=no
-        ;;
       *)
         if test "$need_relink" = no || test "$build_libtool_libs" != yes; then
           wrappers_required=no
@@ -7698,13 +8900,19 @@ EOF
       esac
       if test "$wrappers_required" = no; then
 	# Replace the output file specification.
-	compile_command=`$ECHO "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+	compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
 	link_command="$compile_command$compile_rpath"
 
 	# We have no uninstalled library dependencies, so finalize right now.
 	exit_status=0
 	func_show_eval "$link_command" 'exit_status=$?'
 
+	if test -n "$postlink_cmds"; then
+	  func_to_tool_file "$output"
+	  postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	  func_execute_cmds "$postlink_cmds" 'exit $?'
+	fi
+
 	# Delete the generated files.
 	if test -f "$output_objdir/${outputname}S.${objext}"; then
 	  func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"'
@@ -7727,7 +8935,7 @@ EOF
 	  # We should set the runpath_var.
 	  rpath=
 	  for dir in $perm_rpath; do
-	    rpath="$rpath$dir:"
+	    func_append rpath "$dir:"
 	  done
 	  compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
 	fi
@@ -7735,7 +8943,7 @@ EOF
 	  # We should set the runpath_var.
 	  rpath=
 	  for dir in $finalize_perm_rpath; do
-	    rpath="$rpath$dir:"
+	    func_append rpath "$dir:"
 	  done
 	  finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
 	fi
@@ -7745,11 +8953,18 @@ EOF
 	# We don't need to create a wrapper script.
 	link_command="$compile_var$compile_command$compile_rpath"
 	# Replace the output file specification.
-	link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+	link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
 	# Delete the old output file.
 	$opt_dry_run || $RM $output
 	# Link the executable and exit
 	func_show_eval "$link_command" 'exit $?'
+
+	if test -n "$postlink_cmds"; then
+	  func_to_tool_file "$output"
+	  postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	  func_execute_cmds "$postlink_cmds" 'exit $?'
+	fi
+
 	exit $EXIT_SUCCESS
       fi
 
@@ -7764,7 +8979,7 @@ EOF
 	if test "$fast_install" != no; then
 	  link_command="$finalize_var$compile_command$finalize_rpath"
 	  if test "$fast_install" = yes; then
-	    relink_command=`$ECHO "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'`
+	    relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'`
 	  else
 	    # fast_install is set to needless
 	    relink_command=
@@ -7776,13 +8991,19 @@ EOF
       fi
 
       # Replace the output file specification.
-      link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+      link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
 
       # Delete the old output files.
       $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname
 
       func_show_eval "$link_command" 'exit $?'
 
+      if test -n "$postlink_cmds"; then
+	func_to_tool_file "$output_objdir/$outputname"
+	postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'`
+	func_execute_cmds "$postlink_cmds" 'exit $?'
+      fi
+
       # Now create the wrapper script.
       func_verbose "creating $output"
 
@@ -7800,18 +9021,7 @@ EOF
 	  fi
 	done
 	relink_command="(cd `pwd`; $relink_command)"
-	relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
-      fi
-
-      # Quote $ECHO for shipping.
-      if test "X$ECHO" = "X$SHELL $progpath --fallback-echo"; then
-	case $progpath in
-	[\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";;
-	*) qecho="$SHELL `pwd`/$progpath --fallback-echo";;
-	esac
-	qecho=`$ECHO "X$qecho" | $Xsed -e "$sed_quote_subst"`
-      else
-	qecho=`$ECHO "X$ECHO" | $Xsed -e "$sed_quote_subst"`
+	relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
       fi
 
       # Only actually do things if not in dry run mode.
@@ -7891,7 +9101,7 @@ EOF
 	else
 	  oldobjs="$old_deplibs $non_pic_objects"
 	  if test "$preload" = yes && test -f "$symfileobj"; then
-	    oldobjs="$oldobjs $symfileobj"
+	    func_append oldobjs " $symfileobj"
 	  fi
 	fi
 	addlibs="$old_convenience"
@@ -7899,10 +9109,10 @@ EOF
 
       if test -n "$addlibs"; then
 	gentop="$output_objdir/${outputname}x"
-	generated="$generated $gentop"
+	func_append generated " $gentop"
 
 	func_extract_archives $gentop $addlibs
-	oldobjs="$oldobjs $func_extract_archives_result"
+	func_append oldobjs " $func_extract_archives_result"
       fi
 
       # Do each command in the archive commands.
@@ -7913,10 +9123,10 @@ EOF
 	# Add any objects from preloaded convenience libraries
 	if test -n "$dlprefiles"; then
 	  gentop="$output_objdir/${outputname}x"
-	  generated="$generated $gentop"
+	  func_append generated " $gentop"
 
 	  func_extract_archives $gentop $dlprefiles
-	  oldobjs="$oldobjs $func_extract_archives_result"
+	  func_append oldobjs " $func_extract_archives_result"
 	fi
 
 	# POSIX demands no paths to be encoded in archives.  We have
@@ -7932,9 +9142,9 @@ EOF
 	    done | sort | sort -uc >/dev/null 2>&1); then
 	  :
 	else
-	  $ECHO "copying selected object files to avoid basename conflicts..."
+	  echo "copying selected object files to avoid basename conflicts..."
 	  gentop="$output_objdir/${outputname}x"
-	  generated="$generated $gentop"
+	  func_append generated " $gentop"
 	  func_mkdir_p "$gentop"
 	  save_oldobjs=$oldobjs
 	  oldobjs=
@@ -7958,18 +9168,30 @@ EOF
 		esac
 	      done
 	      func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj"
-	      oldobjs="$oldobjs $gentop/$newobj"
+	      func_append oldobjs " $gentop/$newobj"
 	      ;;
-	    *) oldobjs="$oldobjs $obj" ;;
+	    *) func_append oldobjs " $obj" ;;
 	    esac
 	  done
 	fi
+	func_to_tool_file "$oldlib" func_convert_file_msys_to_w32
+	tool_oldlib=$func_to_tool_file_result
 	eval cmds=\"$old_archive_cmds\"
 
 	func_len " $cmds"
 	len=$func_len_result
 	if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then
 	  cmds=$old_archive_cmds
+	elif test -n "$archiver_list_spec"; then
+	  func_verbose "using command file archive linking..."
+	  for obj in $oldobjs
+	  do
+	    func_to_tool_file "$obj"
+	    $ECHO "$func_to_tool_file_result"
+	  done > $output_objdir/$libname.libcmd
+	  func_to_tool_file "$output_objdir/$libname.libcmd"
+	  oldobjs=" $archiver_list_spec$func_to_tool_file_result"
+	  cmds=$old_archive_cmds
 	else
 	  # the command line is too long to link in one step, link in parts
 	  func_verbose "using piecewise archive linking..."
@@ -8043,7 +9265,7 @@ EOF
       done
       # Quote the link command for shipping.
       relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
-      relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
+      relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
       if test "$hardcode_automatic" = yes ; then
 	relink_command=
       fi
@@ -8063,12 +9285,23 @@ EOF
 	      *.la)
 		func_basename "$deplib"
 		name="$func_basename_result"
-		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib`
+		func_resolve_sysroot "$deplib"
+		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result`
 		test -z "$libdir" && \
 		  func_fatal_error "\`$deplib' is not a valid libtool archive"
-		newdependency_libs="$newdependency_libs $libdir/$name"
+		func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name"
+		;;
+	      -L*)
+		func_stripname -L '' "$deplib"
+		func_replace_sysroot "$func_stripname_result"
+		func_append newdependency_libs " -L$func_replace_sysroot_result"
+		;;
+	      -R*)
+		func_stripname -R '' "$deplib"
+		func_replace_sysroot "$func_stripname_result"
+		func_append newdependency_libs " -R$func_replace_sysroot_result"
 		;;
-	      *) newdependency_libs="$newdependency_libs $deplib" ;;
+	      *) func_append newdependency_libs " $deplib" ;;
 	      esac
 	    done
 	    dependency_libs="$newdependency_libs"
@@ -8082,9 +9315,9 @@ EOF
 		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
 		test -z "$libdir" && \
 		  func_fatal_error "\`$lib' is not a valid libtool archive"
-		newdlfiles="$newdlfiles $libdir/$name"
+		func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name"
 		;;
-	      *) newdlfiles="$newdlfiles $lib" ;;
+	      *) func_append newdlfiles " $lib" ;;
 	      esac
 	    done
 	    dlfiles="$newdlfiles"
@@ -8101,7 +9334,7 @@ EOF
 		eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib`
 		test -z "$libdir" && \
 		  func_fatal_error "\`$lib' is not a valid libtool archive"
-		newdlprefiles="$newdlprefiles $libdir/$name"
+		func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name"
 		;;
 	      esac
 	    done
@@ -8113,7 +9346,7 @@ EOF
 		[\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
 		*) abs=`pwd`"/$lib" ;;
 	      esac
-	      newdlfiles="$newdlfiles $abs"
+	      func_append newdlfiles " $abs"
 	    done
 	    dlfiles="$newdlfiles"
 	    newdlprefiles=
@@ -8122,15 +9355,33 @@ EOF
 		[\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;;
 		*) abs=`pwd`"/$lib" ;;
 	      esac
-	      newdlprefiles="$newdlprefiles $abs"
+	      func_append newdlprefiles " $abs"
 	    done
 	    dlprefiles="$newdlprefiles"
 	  fi
 	  $RM $output
 	  # place dlname in correct position for cygwin
+	  # In fact, it would be nice if we could use this code for all target
+	  # systems that can't hard-code library paths into their executables
+	  # and that have no shared library path variable independent of PATH,
+	  # but it turns out we can't easily determine that from inspecting
+	  # libtool variables, so we have to hard-code the OSs to which it
+	  # applies here; at the moment, that means platforms that use the PE
+	  # object format with DLL files.  See the long comment at the top of
+	  # tests/bindir.at for full details.
 	  tdlname=$dlname
 	  case $host,$output,$installed,$module,$dlname in
-	    *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;;
+	    *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll)
+	      # If a -bindir argument was supplied, place the dll there.
+	      if test "x$bindir" != x ;
+	      then
+		func_relative_path "$install_libdir" "$bindir"
+		tdlname=$func_relative_path_result$dlname
+	      else
+		# Otherwise fall back on heuristic.
+		tdlname=../bin/$dlname
+	      fi
+	      ;;
 	  esac
 	  $ECHO > $output "\
 # $outputname - a libtool library file
@@ -8189,7 +9440,7 @@ relink_command=\"$relink_command\""
     exit $EXIT_SUCCESS
 }
 
-{ test "$mode" = link || test "$mode" = relink; } &&
+{ test "$opt_mode" = link || test "$opt_mode" = relink; } &&
     func_mode_link ${1+"$@"}
 
 
@@ -8209,9 +9460,9 @@ func_mode_uninstall ()
     for arg
     do
       case $arg in
-      -f) RM="$RM $arg"; rmforce=yes ;;
-      -*) RM="$RM $arg" ;;
-      *) files="$files $arg" ;;
+      -f) func_append RM " $arg"; rmforce=yes ;;
+      -*) func_append RM " $arg" ;;
+      *) func_append files " $arg" ;;
       esac
     done
 
@@ -8220,24 +9471,23 @@ func_mode_uninstall ()
 
     rmdirs=
 
-    origobjdir="$objdir"
     for file in $files; do
       func_dirname "$file" "" "."
       dir="$func_dirname_result"
       if test "X$dir" = X.; then
-	objdir="$origobjdir"
+	odir="$objdir"
       else
-	objdir="$dir/$origobjdir"
+	odir="$dir/$objdir"
       fi
       func_basename "$file"
       name="$func_basename_result"
-      test "$mode" = uninstall && objdir="$dir"
+      test "$opt_mode" = uninstall && odir="$dir"
 
-      # Remember objdir for removal later, being careful to avoid duplicates
-      if test "$mode" = clean; then
+      # Remember odir for removal later, being careful to avoid duplicates
+      if test "$opt_mode" = clean; then
 	case " $rmdirs " in
-	  *" $objdir "*) ;;
-	  *) rmdirs="$rmdirs $objdir" ;;
+	  *" $odir "*) ;;
+	  *) func_append rmdirs " $odir" ;;
 	esac
       fi
 
@@ -8263,18 +9513,17 @@ func_mode_uninstall ()
 
 	  # Delete the libtool libraries and symlinks.
 	  for n in $library_names; do
-	    rmfiles="$rmfiles $objdir/$n"
+	    func_append rmfiles " $odir/$n"
 	  done
-	  test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library"
+	  test -n "$old_library" && func_append rmfiles " $odir/$old_library"
 
-	  case "$mode" in
+	  case "$opt_mode" in
 	  clean)
-	    case "  $library_names " in
-	    # "  " in the beginning catches empty $dlname
+	    case " $library_names " in
 	    *" $dlname "*) ;;
-	    *) rmfiles="$rmfiles $objdir/$dlname" ;;
+	    *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;;
 	    esac
-	    test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i"
+	    test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i"
 	    ;;
 	  uninstall)
 	    if test -n "$library_names"; then
@@ -8302,19 +9551,19 @@ func_mode_uninstall ()
 	  # Add PIC object to the list of files to remove.
 	  if test -n "$pic_object" &&
 	     test "$pic_object" != none; then
-	    rmfiles="$rmfiles $dir/$pic_object"
+	    func_append rmfiles " $dir/$pic_object"
 	  fi
 
 	  # Add non-PIC object to the list of files to remove.
 	  if test -n "$non_pic_object" &&
 	     test "$non_pic_object" != none; then
-	    rmfiles="$rmfiles $dir/$non_pic_object"
+	    func_append rmfiles " $dir/$non_pic_object"
 	  fi
 	fi
 	;;
 
       *)
-	if test "$mode" = clean ; then
+	if test "$opt_mode" = clean ; then
 	  noexename=$name
 	  case $file in
 	  *.exe)
@@ -8324,7 +9573,7 @@ func_mode_uninstall ()
 	    noexename=$func_stripname_result
 	    # $file with .exe has already been added to rmfiles,
 	    # add $file without .exe
-	    rmfiles="$rmfiles $file"
+	    func_append rmfiles " $file"
 	    ;;
 	  esac
 	  # Do a test to see if this is a libtool program.
@@ -8333,7 +9582,7 @@ func_mode_uninstall ()
 	      func_ltwrapper_scriptname "$file"
 	      relink_command=
 	      func_source $func_ltwrapper_scriptname_result
-	      rmfiles="$rmfiles $func_ltwrapper_scriptname_result"
+	      func_append rmfiles " $func_ltwrapper_scriptname_result"
 	    else
 	      relink_command=
 	      func_source $dir/$noexename
@@ -8341,12 +9590,12 @@ func_mode_uninstall ()
 
 	    # note $name still contains .exe if it was in $file originally
 	    # as does the version of $file that was added into $rmfiles
-	    rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}"
+	    func_append rmfiles " $odir/$name $odir/${name}S.${objext}"
 	    if test "$fast_install" = yes && test -n "$relink_command"; then
-	      rmfiles="$rmfiles $objdir/lt-$name"
+	      func_append rmfiles " $odir/lt-$name"
 	    fi
 	    if test "X$noexename" != "X$name" ; then
-	      rmfiles="$rmfiles $objdir/lt-${noexename}.c"
+	      func_append rmfiles " $odir/lt-${noexename}.c"
 	    fi
 	  fi
 	fi
@@ -8354,7 +9603,6 @@ func_mode_uninstall ()
       esac
       func_show_eval "$RM $rmfiles" 'exit_status=1'
     done
-    objdir="$origobjdir"
 
     # Try to remove the ${objdir}s in the directories where we deleted files
     for dir in $rmdirs; do
@@ -8366,16 +9614,16 @@ func_mode_uninstall ()
     exit $exit_status
 }
 
-{ test "$mode" = uninstall || test "$mode" = clean; } &&
+{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } &&
     func_mode_uninstall ${1+"$@"}
 
-test -z "$mode" && {
+test -z "$opt_mode" && {
   help="$generic_help"
   func_fatal_help "you must specify a MODE"
 }
 
 test -z "$exec_cmd" && \
-  func_fatal_help "invalid operation mode \`$mode'"
+  func_fatal_help "invalid operation mode \`$opt_mode'"
 
 if test -n "$exec_cmd"; then
   eval exec "$exec_cmd"
diff --git a/m4/libtool.m4 b/m4/libtool.m4
index 1e7ea47c..828104cf 100644
--- a/m4/libtool.m4
+++ b/m4/libtool.m4
@@ -1,7 +1,8 @@
 # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
 #
 #   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-#                 2006, 2007, 2008 Free Software Foundation, Inc.
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
 #   Written by Gordon Matzigkeit, 1996
 #
 # This file is free software; the Free Software Foundation gives
@@ -10,7 +11,8 @@
 
 m4_define([_LT_COPYING], [dnl
 #   Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-#                 2006, 2007, 2008 Free Software Foundation, Inc.
+#                 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+#                 Foundation, Inc.
 #   Written by Gordon Matzigkeit, 1996
 #
 #   This file is part of GNU Libtool.
@@ -37,7 +39,7 @@ m4_define([_LT_COPYING], [dnl
 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 ])
 
-# serial 56 LT_INIT
+# serial 57 LT_INIT
 
 
 # LT_PREREQ(VERSION)
@@ -66,6 +68,7 @@ esac
 # ------------------
 AC_DEFUN([LT_INIT],
 [AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT
+AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl
 AC_BEFORE([$0], [LT_LANG])dnl
 AC_BEFORE([$0], [LT_OUTPUT])dnl
 AC_BEFORE([$0], [LTDL_INIT])dnl
@@ -82,6 +85,8 @@ AC_REQUIRE([LTVERSION_VERSION])dnl
 AC_REQUIRE([LTOBSOLETE_VERSION])dnl
 m4_require([_LT_PROG_LTMAIN])dnl
 
+_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}])
+
 dnl Parse OPTIONS
 _LT_SET_OPTIONS([$0], [$1])
 
@@ -118,7 +123,7 @@ m4_defun([_LT_CC_BASENAME],
     *) break;;
   esac
 done
-cc_basename=`$ECHO "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
 ])
 
 
@@ -138,6 +143,11 @@ m4_defun([_LT_FILEUTILS_DEFAULTS],
 m4_defun([_LT_SETUP],
 [AC_REQUIRE([AC_CANONICAL_HOST])dnl
 AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl
+
+_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl
+dnl
 _LT_DECL([], [host_alias], [0], [The host system])dnl
 _LT_DECL([], [host], [0])dnl
 _LT_DECL([], [host_os], [0])dnl
@@ -160,10 +170,13 @@ _LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl
 dnl
 m4_require([_LT_FILEUTILS_DEFAULTS])dnl
 m4_require([_LT_CHECK_SHELL_FEATURES])dnl
+m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl
 m4_require([_LT_CMD_RELOAD])dnl
 m4_require([_LT_CHECK_MAGIC_METHOD])dnl
+m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl
 m4_require([_LT_CMD_OLD_ARCHIVE])dnl
 m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl
+m4_require([_LT_WITH_SYSROOT])dnl
 
 _LT_CONFIG_LIBTOOL_INIT([
 # See if we are running on zsh, and set the options which allow our
@@ -179,7 +192,6 @@ fi
 _LT_CHECK_OBJDIR
 
 m4_require([_LT_TAG_COMPILER])dnl
-_LT_PROG_ECHO_BACKSLASH
 
 case $host_os in
 aix3*)
@@ -193,23 +205,6 @@ aix3*)
   ;;
 esac
 
-# Sed substitution that helps us do robust quoting.  It backslashifies
-# metacharacters that are still active within double-quoted strings.
-sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
-
-# Same as above, but do not quote variable references.
-double_quote_subst='s/\([["`\\]]\)/\\\1/g'
-
-# Sed substitution to delay expansion of an escaped shell variable in a
-# double_quote_subst'ed string.
-delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
-
-# Sed substitution to delay expansion of an escaped single quote.
-delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
-
-# Sed substitution to avoid accidental globbing in evaled expressions
-no_glob_subst='s/\*/\\\*/g'
-
 # Global variables:
 ofile=libtool
 can_build_shared=yes
@@ -250,6 +245,28 @@ _LT_CONFIG_COMMANDS
 ])# _LT_SETUP
 
 
+# _LT_PREPARE_SED_QUOTE_VARS
+# --------------------------
+# Define a few sed substitution that help us do robust quoting.
+m4_defun([_LT_PREPARE_SED_QUOTE_VARS],
+[# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([["`\\]]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+])
+
 # _LT_PROG_LTMAIN
 # ---------------
 # Note that this code is called both from `configure', and `config.status'
@@ -408,7 +425,7 @@ m4_define([_lt_decl_all_varnames],
 # declaration there will have the same value as in `configure'.  VARNAME
 # must have a single quote delimited value for this to work.
 m4_define([_LT_CONFIG_STATUS_DECLARE],
-[$1='`$ECHO "X$][$1" | $Xsed -e "$delay_single_quote_subst"`'])
+[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`'])
 
 
 # _LT_CONFIG_STATUS_DECLARATIONS
@@ -418,7 +435,7 @@ m4_define([_LT_CONFIG_STATUS_DECLARE],
 # embedded single quotes properly.  In configure, this macro expands
 # each variable declared with _LT_DECL (and _LT_TAGDECL) into:
 #
-#    <var>='`$ECHO "X$<var>" | $Xsed -e "$delay_single_quote_subst"`'
+#    <var>='`$ECHO "$<var>" | $SED "$delay_single_quote_subst"`'
 m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
 [m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
     [m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
@@ -517,12 +534,20 @@ LTCC='$LTCC'
 LTCFLAGS='$LTCFLAGS'
 compiler='$compiler_DEFAULT'
 
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+  eval 'cat <<_LTECHO_EOF
+\$[]1
+_LTECHO_EOF'
+}
+
 # Quote evaled strings.
 for var in lt_decl_all_varnames([[ \
 ]], lt_decl_quote_varnames); do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
     *[[\\\\\\\`\\"\\\$]]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
       ;;
     *)
       eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
@@ -533,9 +558,9 @@ done
 # Double-quote double-evaled strings.
 for var in lt_decl_all_varnames([[ \
 ]], lt_decl_dquote_varnames); do
-    case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+    case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
     *[[\\\\\\\`\\"\\\$]]*)
-      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+      eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
       ;;
     *)
       eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
@@ -543,16 +568,38 @@ for var in lt_decl_all_varnames([[ \
     esac
 done
 
-# Fix-up fallback echo if it was mangled by the above quoting rules.
-case \$lt_ECHO in
-*'\\\[$]0 --fallback-echo"')dnl "
-  lt_ECHO=\`\$ECHO "X\$lt_ECHO" | \$Xsed -e 's/\\\\\\\\\\\\\\\[$]0 --fallback-echo"\[$]/\[$]0 --fallback-echo"/'\`
-  ;;
-esac
-
 _LT_OUTPUT_LIBTOOL_INIT
 ])
 
+# _LT_GENERATED_FILE_INIT(FILE, [COMMENT])
+# ------------------------------------
+# Generate a child script FILE with all initialization necessary to
+# reuse the environment learned by the parent script, and make the
+# file executable.  If COMMENT is supplied, it is inserted after the
+# `#!' sequence but before initialization text begins.  After this
+# macro, additional text can be appended to FILE to form the body of
+# the child script.  The macro ends with non-zero status if the
+# file could not be fully written (such as if the disk is full).
+m4_ifdef([AS_INIT_GENERATED],
+[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])],
+[m4_defun([_LT_GENERATED_FILE_INIT],
+[m4_require([AS_PREPARE])]dnl
+[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl
+[lt_write_fail=0
+cat >$1 <<_ASEOF || lt_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+$2
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$1 <<\_ASEOF || lt_write_fail=1
+AS_SHELL_SANITIZE
+_AS_PREPARE
+exec AS_MESSAGE_FD>&1
+_ASEOF
+test $lt_write_fail = 0 && chmod +x $1[]dnl
+m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT
 
 # LT_OUTPUT
 # ---------
@@ -562,20 +609,11 @@ _LT_OUTPUT_LIBTOOL_INIT
 AC_DEFUN([LT_OUTPUT],
 [: ${CONFIG_LT=./config.lt}
 AC_MSG_NOTICE([creating $CONFIG_LT])
-cat >"$CONFIG_LT" <<_LTEOF
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate a libtool stub with the current configuration.
-
-lt_cl_silent=false
-SHELL=\${CONFIG_SHELL-$SHELL}
-_LTEOF
+_LT_GENERATED_FILE_INIT(["$CONFIG_LT"],
+[# Run this file to recreate a libtool stub with the current configuration.])
 
 cat >>"$CONFIG_LT" <<\_LTEOF
-AS_SHELL_SANITIZE
-_AS_PREPARE
-
-exec AS_MESSAGE_FD>&1
+lt_cl_silent=false
 exec AS_MESSAGE_LOG_FD>>config.log
 {
   echo
@@ -601,7 +639,7 @@ m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl
 m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
 configured by $[0], generated by m4_PACKAGE_STRING.
 
-Copyright (C) 2008 Free Software Foundation, Inc.
+Copyright (C) 2011 Free Software Foundation, Inc.
 This config.lt script is free software; the Free Software Foundation
 gives unlimited permision to copy, distribute and modify it."
 
@@ -646,15 +684,13 @@ chmod +x "$CONFIG_LT"
 # appending to config.log, which fails on DOS, as config.log is still kept
 # open by configure.  Here we exec the FD to /dev/null, effectively closing
 # config.log, so it can be properly (re)opened and appended to by config.lt.
-if test "$no_create" != yes; then
-  lt_cl_success=:
-  test "$silent" = yes &&
-    lt_config_lt_args="$lt_config_lt_args --quiet"
-  exec AS_MESSAGE_LOG_FD>/dev/null
-  $SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
-  exec AS_MESSAGE_LOG_FD>>config.log
-  $lt_cl_success || AS_EXIT(1)
-fi
+lt_cl_success=:
+test "$silent" = yes &&
+  lt_config_lt_args="$lt_config_lt_args --quiet"
+exec AS_MESSAGE_LOG_FD>/dev/null
+$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
+exec AS_MESSAGE_LOG_FD>>config.log
+$lt_cl_success || AS_EXIT(1)
 ])# LT_OUTPUT
 
 
@@ -717,15 +753,12 @@ _LT_EOF
   # if finds mixed CR/LF and LF-only lines.  Since sed operates in
   # text mode, it properly converts lines to CR/LF.  This bash problem
   # is reportedly fixed, but why not run on old versions too?
-  sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
+  sed '$q' "$ltmain" >> "$cfgfile" \
+     || (rm -f "$cfgfile"; exit 1)
 
-  _LT_PROG_XSI_SHELLFNS
+  _LT_PROG_REPLACE_SHELLFNS
 
-  sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \
-    || (rm -f "$cfgfile"; exit 1)
-
-  mv -f "$cfgfile" "$ofile" ||
+   mv -f "$cfgfile" "$ofile" ||
     (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile")
   chmod +x "$ofile"
 ],
@@ -770,6 +803,7 @@ AC_DEFUN([LT_LANG],
 m4_case([$1],
   [C],			[_LT_LANG(C)],
   [C++],		[_LT_LANG(CXX)],
+  [Go],			[_LT_LANG(GO)],
   [Java],		[_LT_LANG(GCJ)],
   [Fortran 77],		[_LT_LANG(F77)],
   [Fortran],		[_LT_LANG(FC)],
@@ -791,6 +825,31 @@ m4_defun([_LT_LANG],
 ])# _LT_LANG
 
 
+m4_ifndef([AC_PROG_GO], [
+############################################################
+# NOTE: This macro has been submitted for inclusion into   #
+#  GNU Autoconf as AC_PROG_GO.  When it is available in    #
+#  a released version of Autoconf we should remove this    #
+#  macro and use it instead.                               #
+############################################################
+m4_defun([AC_PROG_GO],
+[AC_LANG_PUSH(Go)dnl
+AC_ARG_VAR([GOC],     [Go compiler command])dnl
+AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl
+_AC_ARG_VAR_LDFLAGS()dnl
+AC_CHECK_TOOL(GOC, gccgo)
+if test -z "$GOC"; then
+  if test -n "$ac_tool_prefix"; then
+    AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo])
+  fi
+fi
+if test -z "$GOC"; then
+  AC_CHECK_PROG(GOC, gccgo, gccgo, false)
+fi
+])#m4_defun
+])#m4_ifndef
+
+
 # _LT_LANG_DEFAULT_CONFIG
 # -----------------------
 m4_defun([_LT_LANG_DEFAULT_CONFIG],
@@ -821,6 +880,10 @@ AC_PROVIDE_IFELSE([AC_PROG_GCJ],
        m4_ifdef([LT_PROG_GCJ],
 	[m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])])
 
+AC_PROVIDE_IFELSE([AC_PROG_GO],
+  [LT_LANG(GO)],
+  [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])])
+
 AC_PROVIDE_IFELSE([LT_PROG_RC],
   [LT_LANG(RC)],
   [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])])
@@ -831,11 +894,13 @@ AU_DEFUN([AC_LIBTOOL_CXX], [LT_LANG(C++)])
 AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
 AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
 AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
+AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)])
 dnl aclocal-1.4 backwards compatibility:
 dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
 dnl AC_DEFUN([AC_LIBTOOL_F77], [])
 dnl AC_DEFUN([AC_LIBTOOL_FC], [])
 dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
+dnl AC_DEFUN([AC_LIBTOOL_RC], [])
 
 
 # _LT_TAG_COMPILER
@@ -921,7 +986,13 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
 	$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \
 	  -dynamiclib -Wl,-single_module conftest.c 2>conftest.err
         _lt_result=$?
-	if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then
+	# If there is a non-empty error log, and "single_module"
+	# appears in it, assume the flag caused a linker warning
+        if test -s conftest.err && $GREP single_module conftest.err; then
+	  cat conftest.err >&AS_MESSAGE_LOG_FD
+	# Otherwise, if the output was created with a 0 exit code from
+	# the compiler, it worked.
+	elif test -f libconftest.dylib && test $_lt_result -eq 0; then
 	  lt_cv_apple_cc_single_mod=yes
 	else
 	  cat conftest.err >&AS_MESSAGE_LOG_FD
@@ -929,6 +1000,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
 	rm -rf libconftest.dylib*
 	rm -f conftest.*
       fi])
+
     AC_CACHE_CHECK([for -exported_symbols_list linker flag],
       [lt_cv_ld_exported_symbols_list],
       [lt_cv_ld_exported_symbols_list=no
@@ -940,6 +1012,34 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
 	[lt_cv_ld_exported_symbols_list=no])
 	LDFLAGS="$save_LDFLAGS"
     ])
+
+    AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load],
+      [lt_cv_ld_force_load=no
+      cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
+      $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
+      echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
+      $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
+      echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
+      $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
+      cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+      echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD
+      $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+      _lt_result=$?
+      if test -s conftest.err && $GREP force_load conftest.err; then
+	cat conftest.err >&AS_MESSAGE_LOG_FD
+      elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then
+	lt_cv_ld_force_load=yes
+      else
+	cat conftest.err >&AS_MESSAGE_LOG_FD
+      fi
+        rm -f conftest.err libconftest.a conftest conftest.c
+        rm -rf conftest.dSYM
+    ])
     case $host_os in
     rhapsody* | darwin1.[[012]])
       _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
@@ -967,7 +1067,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
     else
       _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
     fi
-    if test "$DSYMUTIL" != ":"; then
+    if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
       _lt_dsymutil='~$DSYMUTIL $lib || :'
     else
       _lt_dsymutil=
@@ -977,8 +1077,8 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[
 ])
 
 
-# _LT_DARWIN_LINKER_FEATURES
-# --------------------------
+# _LT_DARWIN_LINKER_FEATURES([TAG])
+# ---------------------------------
 # Checks for linker and compiler features on darwin
 m4_defun([_LT_DARWIN_LINKER_FEATURES],
 [
@@ -987,7 +1087,13 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES],
   _LT_TAGVAR(hardcode_direct, $1)=no
   _LT_TAGVAR(hardcode_automatic, $1)=yes
   _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
-  _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+  if test "$lt_cv_ld_force_load" = "yes"; then
+    _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+    m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes],
+                  [FC],  [_LT_TAGVAR(compiler_needs_object, $1)=yes])
+  else
+    _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+  fi
   _LT_TAGVAR(link_all_deplibs, $1)=yes
   _LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
   case $cc_basename in
@@ -995,7 +1101,7 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES],
      *) _lt_dar_can_shared=$GCC ;;
   esac
   if test "$_lt_dar_can_shared" = "yes"; then
-    output_verbose_link_cmd=echo
+    output_verbose_link_cmd=func_echo_all
     _LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
     _LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
     _LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
@@ -1011,203 +1117,142 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES],
   fi
 ])
 
-# _LT_SYS_MODULE_PATH_AIX
-# -----------------------
+# _LT_SYS_MODULE_PATH_AIX([TAGNAME])
+# ----------------------------------
 # Links a minimal program and checks the executable
 # for the system default hardcoded library path. In most cases,
 # this is /usr/lib:/lib, but when the MPI compilers are used
 # the location of the communication and MPI libs are included too.
 # If we don't find anything, use the default library path according
 # to the aix ld manual.
+# Store the results from the different compilers for each TAGNAME.
+# Allow to override them for all tags through lt_cv_aix_libpath.
 m4_defun([_LT_SYS_MODULE_PATH_AIX],
 [m4_require([_LT_DECL_SED])dnl
-AC_LINK_IFELSE(AC_LANG_PROGRAM,[
-lt_aix_libpath_sed='
-    /Import File Strings/,/^$/ {
-	/^0/ {
-	    s/^0  *\(.*\)$/\1/
-	    p
-	}
-    }'
-aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-# Check for a 64-bit object if we didn't find anything.
-if test -z "$aix_libpath"; then
-  aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
-fi],[])
-if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi
+if test "${lt_cv_aix_libpath+set}" = set; then
+  aix_libpath=$lt_cv_aix_libpath
+else
+  AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])],
+  [AC_LINK_IFELSE([AC_LANG_PROGRAM],[
+  lt_aix_libpath_sed='[
+      /Import File Strings/,/^$/ {
+	  /^0/ {
+	      s/^0  *\([^ ]*\) *$/\1/
+	      p
+	  }
+      }]'
+  _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  # Check for a 64-bit object if we didn't find anything.
+  if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+    _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"`
+  fi],[])
+  if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then
+    _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib"
+  fi
+  ])
+  aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])
+fi
 ])# _LT_SYS_MODULE_PATH_AIX
 
 
 # _LT_SHELL_INIT(ARG)
 # -------------------
 m4_define([_LT_SHELL_INIT],
-[ifdef([AC_DIVERSION_NOTICE],
-	     [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
-	 [AC_DIVERT_PUSH(NOTICE)])
-$1
-AC_DIVERT_POP
-])# _LT_SHELL_INIT
+[m4_divert_text([M4SH-INIT], [$1
+])])# _LT_SHELL_INIT
+
 
 
 # _LT_PROG_ECHO_BACKSLASH
 # -----------------------
-# Add some code to the start of the generated configure script which
-# will find an echo command which doesn't interpret backslashes.
+# Find how we can fake an echo command that does not interpret backslash.
+# In particular, with Autoconf 2.60 or later we add some code to the start
+# of the generated configure script which will find a shell with a builtin
+# printf (which we can use as an echo command).
 m4_defun([_LT_PROG_ECHO_BACKSLASH],
-[_LT_SHELL_INIT([
-# Check that we are running under the correct shell.
-SHELL=${CONFIG_SHELL-/bin/sh}
-
-case X$lt_ECHO in
-X*--fallback-echo)
-  # Remove one level of quotation (which was required for Make).
-  ECHO=`echo "$lt_ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
-  ;;
-esac
-
-ECHO=${lt_ECHO-echo}
-if test "X[$]1" = X--no-reexec; then
-  # Discard the --no-reexec flag, and continue.
-  shift
-elif test "X[$]1" = X--fallback-echo; then
-  # Avoid inline document here, it may be left over
-  :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' ; then
-  # Yippee, $ECHO works!
-  :
+[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+AC_MSG_CHECKING([how to print strings])
+# Test print first, because it will be a builtin if present.
+if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \
+   test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+  ECHO='printf %s\n'
 else
-  # Restart under the correct shell.
-  exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
-fi
-
-if test "X[$]1" = X--fallback-echo; then
-  # used as fallback echo
-  shift
-  cat <<_LT_EOF
-[$]*
-_LT_EOF
-  exit 0
+  # Use this function as a fallback that always works.
+  func_fallback_echo ()
+  {
+    eval 'cat <<_LTECHO_EOF
+$[]1
+_LTECHO_EOF'
+  }
+  ECHO='func_fallback_echo'
 fi
 
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test -z "$lt_ECHO"; then
-  if test "X${echo_test_string+set}" != Xset; then
-    # find a string as large as possible, as long as the shell can cope with it
-    for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
-      # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
-      if { echo_test_string=`eval $cmd`; } 2>/dev/null &&
-	 { test "X$echo_test_string" = "X$echo_test_string"; } 2>/dev/null
-      then
-        break
-      fi
-    done
-  fi
-
-  if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-     echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-     test "X$echo_testing_string" = "X$echo_test_string"; then
-    :
-  else
-    # The Solaris, AIX, and Digital Unix default echo programs unquote
-    # backslashes.  This makes it impossible to quote backslashes using
-    #   echo "$something" | sed 's/\\/\\\\/g'
-    #
-    # So, first we look for a working echo in the user's PATH.
-
-    lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
-    for dir in $PATH /usr/ucb; do
-      IFS="$lt_save_ifs"
-      if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
-         test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        ECHO="$dir/echo"
-        break
-      fi
-    done
-    IFS="$lt_save_ifs"
-
-    if test "X$ECHO" = Xecho; then
-      # We didn't find a better echo, so look for alternatives.
-      if test "X`{ print -r '\t'; } 2>/dev/null`" = 'X\t' &&
-         echo_testing_string=`{ print -r "$echo_test_string"; } 2>/dev/null` &&
-         test "X$echo_testing_string" = "X$echo_test_string"; then
-        # This shell has a builtin print -r that does the trick.
-        ECHO='print -r'
-      elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
-	   test "X$CONFIG_SHELL" != X/bin/ksh; then
-        # If we have ksh, try running configure again with it.
-        ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
-        export ORIGINAL_CONFIG_SHELL
-        CONFIG_SHELL=/bin/ksh
-        export CONFIG_SHELL
-        exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
-      else
-        # Try using printf.
-        ECHO='printf %s\n'
-        if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
-	   echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
-	   test "X$echo_testing_string" = "X$echo_test_string"; then
-	  # Cool, printf works
-	  :
-        elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
-	  export CONFIG_SHELL
-	  SHELL="$CONFIG_SHELL"
-	  export SHELL
-	  ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
-        elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
-	     test "X$echo_testing_string" = 'X\t' &&
-	     echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
-	     test "X$echo_testing_string" = "X$echo_test_string"; then
-	  ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
-        else
-	  # maybe with a smaller string...
-	  prev=:
-
-	  for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
-	    if { test "X$echo_test_string" = "X`eval $cmd`"; } 2>/dev/null
-	    then
-	      break
-	    fi
-	    prev="$cmd"
-	  done
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+    $ECHO "$*" 
+}
 
-	  if test "$prev" != 'sed 50q "[$]0"'; then
-	    echo_test_string=`eval $prev`
-	    export echo_test_string
-	    exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
-	  else
-	    # Oops.  We lost completely, so just stick with echo.
-	    ECHO=echo
-	  fi
-        fi
-      fi
-    fi
-  fi
-fi
+case "$ECHO" in
+  printf*) AC_MSG_RESULT([printf]) ;;
+  print*) AC_MSG_RESULT([print -r]) ;;
+  *) AC_MSG_RESULT([cat]) ;;
+esac
 
-# Copy echo and quote the copy suitably for passing to libtool from
-# the Makefile, instead of quoting the original, which is used later.
-lt_ECHO=$ECHO
-if test "X$lt_ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
-   lt_ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
-fi
+m4_ifdef([_AS_DETECT_SUGGESTED],
+[_AS_DETECT_SUGGESTED([
+  test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || (
+    ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+    ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+    ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+    PATH=/empty FPATH=/empty; export PATH FPATH
+    test "X`printf %s $ECHO`" = "X$ECHO" \
+      || test "X`print -r -- $ECHO`" = "X$ECHO" )])])
 
-AC_SUBST(lt_ECHO)
-])
 _LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
-_LT_DECL([], [ECHO], [1],
-    [An echo program that does not interpret backslashes])
+_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes])
 ])# _LT_PROG_ECHO_BACKSLASH
 
 
+# _LT_WITH_SYSROOT
+# ----------------
+AC_DEFUN([_LT_WITH_SYSROOT],
+[AC_MSG_CHECKING([for sysroot])
+AC_ARG_WITH([sysroot],
+[  --with-sysroot[=DIR] Search for dependent libraries within DIR
+                        (or the compiler's sysroot if not specified).],
+[], [with_sysroot=no])
+
+dnl lt_sysroot will always be passed unquoted.  We quote it here
+dnl in case the user passed a directory name.
+lt_sysroot=
+case ${with_sysroot} in #(
+ yes)
+   if test "$GCC" = yes; then
+     lt_sysroot=`$CC --print-sysroot 2>/dev/null`
+   fi
+   ;; #(
+ /*)
+   lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"`
+   ;; #(
+ no|'')
+   ;; #(
+ *)
+   AC_MSG_RESULT([${with_sysroot}])
+   AC_MSG_ERROR([The sysroot must be an absolute path.])
+   ;;
+esac
+
+ AC_MSG_RESULT([${lt_sysroot:-no}])
+_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl
+[dependent libraries, and in which our libraries should be installed.])])
+
 # _LT_ENABLE_LOCK
 # ---------------
 m4_defun([_LT_ENABLE_LOCK],
@@ -1236,7 +1281,7 @@ ia64-*-hpux*)
   ;;
 *-*-irix6*)
   # Find out which ABI we are using.
-  echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+  echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
   if AC_TRY_EVAL(ac_compile); then
     if test "$lt_cv_prog_gnu_ld" = yes; then
       case `/usr/bin/file conftest.$ac_objext` in
@@ -1329,14 +1374,27 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
     CFLAGS="$SAVE_CFLAGS"
   fi
   ;;
-sparc*-*solaris*)
+*-*solaris*)
   # Find out which ABI we are using.
   echo 'int i;' > conftest.$ac_ext
   if AC_TRY_EVAL(ac_compile); then
     case `/usr/bin/file conftest.o` in
     *64-bit*)
       case $lt_cv_prog_gnu_ld in
-      yes*) LD="${LD-ld} -m elf64_sparc" ;;
+      yes*)
+        case $host in
+        i?86-*-solaris*)
+          LD="${LD-ld} -m elf_x86_64"
+          ;;
+        sparc*-*-solaris*)
+          LD="${LD-ld} -m elf64_sparc"
+          ;;
+        esac
+        # GNU ld 2.21 introduced _sol2 emulations.  Use them if available.
+        if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then
+          LD="${LD-ld}_sol2"
+        fi
+        ;;
       *)
 	if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then
 	  LD="${LD-ld} -64"
@@ -1354,14 +1412,47 @@ need_locks="$enable_libtool_lock"
 ])# _LT_ENABLE_LOCK
 
 
+# _LT_PROG_AR
+# -----------
+m4_defun([_LT_PROG_AR],
+[AC_CHECK_TOOLS(AR, [ar], false)
+: ${AR=ar}
+: ${AR_FLAGS=cru}
+_LT_DECL([], [AR], [1], [The archiver])
+_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive])
+
+AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file],
+  [lt_cv_ar_at_file=no
+   AC_COMPILE_IFELSE([AC_LANG_PROGRAM],
+     [echo conftest.$ac_objext > conftest.lst
+      lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD'
+      AC_TRY_EVAL([lt_ar_try])
+      if test "$ac_status" -eq 0; then
+	# Ensure the archiver fails upon bogus file names.
+	rm -f conftest.$ac_objext libconftest.a
+	AC_TRY_EVAL([lt_ar_try])
+	if test "$ac_status" -ne 0; then
+          lt_cv_ar_at_file=@
+        fi
+      fi
+      rm -f conftest.* libconftest.a
+     ])
+  ])
+
+if test "x$lt_cv_ar_at_file" = xno; then
+  archiver_list_spec=
+else
+  archiver_list_spec=$lt_cv_ar_at_file
+fi
+_LT_DECL([], [archiver_list_spec], [1],
+  [How to feed a file listing to the archiver])
+])# _LT_PROG_AR
+
+
 # _LT_CMD_OLD_ARCHIVE
 # -------------------
 m4_defun([_LT_CMD_OLD_ARCHIVE],
-[AC_CHECK_TOOL(AR, ar, false)
-test -z "$AR" && AR=ar
-test -z "$AR_FLAGS" && AR_FLAGS=cru
-_LT_DECL([], [AR], [1], [The archiver])
-_LT_DECL([], [AR_FLAGS], [1])
+[_LT_PROG_AR
 
 AC_CHECK_TOOL(STRIP, strip, :)
 test -z "$STRIP" && STRIP=:
@@ -1380,18 +1471,27 @@ old_postuninstall_cmds=
 if test -n "$RANLIB"; then
   case $host_os in
   openbsd*)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib"
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib"
     ;;
   *)
-    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib"
+    old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib"
     ;;
   esac
-  old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+  old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib"
 fi
+
+case $host_os in
+  darwin*)
+    lock_old_archive_extraction=yes ;;
+  *)
+    lock_old_archive_extraction=no ;;
+esac
 _LT_DECL([], [old_postinstall_cmds], [2])
 _LT_DECL([], [old_postuninstall_cmds], [2])
 _LT_TAGDECL([], [old_archive_cmds], [2],
     [Commands used to build an old-style archive])
+_LT_DECL([], [lock_old_archive_extraction], [0],
+    [Whether to use a lock for old archive extraction])
 ])# _LT_CMD_OLD_ARCHIVE
 
 
@@ -1416,15 +1516,15 @@ AC_CACHE_CHECK([$1], [$2],
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
    (eval "$lt_compile" 2>conftest.err)
    ac_status=$?
    cat conftest.err >&AS_MESSAGE_LOG_FD
-   echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+   echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
    if (exit $ac_status) && test -s "$ac_outfile"; then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings other than the usual output.
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
      $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
      if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
        $2=yes
@@ -1464,7 +1564,7 @@ AC_CACHE_CHECK([$1], [$2],
      if test -s conftest.err; then
        # Append any errors to the config.log.
        cat conftest.err 1>&AS_MESSAGE_LOG_FD
-       $ECHO "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+       $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
        $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
        if diff conftest.exp conftest.er2 >/dev/null; then
          $2=yes
@@ -1527,6 +1627,11 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
     lt_cv_sys_max_cmd_len=8192;
     ;;
 
+  mint*)
+    # On MiNT this can take a long time and run out of memory.
+    lt_cv_sys_max_cmd_len=8192;
+    ;;
+
   amigaos*)
     # On AmigaOS with pdksh, this test takes hours, literally.
     # So we just punt and use a minimum line length of 8192.
@@ -1552,6 +1657,11 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
     lt_cv_sys_max_cmd_len=196608
     ;;
 
+  os2*)
+    # The test takes a long time on OS/2.
+    lt_cv_sys_max_cmd_len=8192
+    ;;
+
   osf*)
     # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure
     # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not
@@ -1591,8 +1701,8 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
       # If test is not a shell built-in, we'll probably end up computing a
       # maximum length that is only half of the actual maximum length, but
       # we can't tell.
-      while { test "X"`$SHELL [$]0 --fallback-echo "X$teststring$teststring" 2>/dev/null` \
-	         = "XX$teststring$teststring"; } >/dev/null 2>&1 &&
+      while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \
+	         = "X$teststring$teststring"; } >/dev/null 2>&1 &&
 	      test $i != 17 # 1/2 MB should be enough
       do
         i=`expr $i + 1`
@@ -1643,7 +1753,7 @@ else
   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
   lt_status=$lt_dlunknown
   cat > conftest.$ac_ext <<_LT_EOF
-[#line __oline__ "configure"
+[#line $LINENO "configure"
 #include "confdefs.h"
 
 #if HAVE_DLFCN_H
@@ -1684,7 +1794,13 @@ else
 #  endif
 #endif
 
-void fnord() { int i=42;}
+/* When -fvisbility=hidden is used, assume the code has been annotated
+   correspondingly for the symbols needed.  */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+int fnord () __attribute__((visibility("default")));
+#endif
+
+int fnord () { return 42; }
 int main ()
 {
   void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
@@ -1693,7 +1809,11 @@ int main ()
   if (self)
     {
       if (dlsym (self,"fnord"))       status = $lt_dlno_uscore;
-      else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+      else
+        {
+	  if (dlsym( self,"_fnord"))  status = $lt_dlneed_uscore;
+          else puts (dlerror ());
+	}
       /* dlclose (self); */
     }
   else
@@ -1869,16 +1989,16 @@ AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext],
    -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
    -e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
    -e 's:$: $lt_compiler_flag:'`
-   (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+   (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
    (eval "$lt_compile" 2>out/conftest.err)
    ac_status=$?
    cat out/conftest.err >&AS_MESSAGE_LOG_FD
-   echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+   echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
    if (exit $ac_status) && test -s out/conftest2.$ac_objext
    then
      # The compiler can only warn and ignore the option if not recognized
      # So say no if there are warnings
-     $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+     $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
      $SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
      if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
        _LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
@@ -2037,6 +2157,7 @@ m4_require([_LT_DECL_EGREP])dnl
 m4_require([_LT_FILEUTILS_DEFAULTS])dnl
 m4_require([_LT_DECL_OBJDUMP])dnl
 m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
 AC_MSG_CHECKING([dynamic linker characteristics])
 m4_if([$1],
 	[], [
@@ -2045,16 +2166,23 @@ if test "$GCC" = yes; then
     darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
     *) lt_awk_arg="/^libraries:/" ;;
   esac
-  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-  if $ECHO "$lt_search_path_spec" | $GREP ';' >/dev/null ; then
+  case $host_os in
+    mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;;
+    *) lt_sed_strip_eq="s,=/,/,g" ;;
+  esac
+  lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+  case $lt_search_path_spec in
+  *\;*)
     # if the path contains ";" then we assume it to be the separator
     # otherwise default to the standard path separator (i.e. ":") - it is
     # assumed that no part of a normal pathname contains ";" but that should
     # okay in the real world where ";" in dirpaths is itself problematic.
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e 's/;/ /g'`
-  else
-    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-  fi
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+    ;;
+  *)
+    lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+    ;;
+  esac
   # Ok, now we have the path, separated by spaces, we can step through it
   # and add multilib dir if necessary.
   lt_tmp_lt_search_path_spec=
@@ -2067,7 +2195,7 @@ if test "$GCC" = yes; then
 	lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
     fi
   done
-  lt_search_path_spec=`$ECHO $lt_tmp_lt_search_path_spec | awk '
+  lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
 BEGIN {RS=" "; FS="/|\n";} {
   lt_foo="";
   lt_count=0;
@@ -2087,7 +2215,13 @@ BEGIN {RS=" "; FS="/|\n";} {
   if (lt_foo != "") { lt_freq[[lt_foo]]++; }
   if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
 }'`
-  sys_lib_search_path_spec=`$ECHO $lt_search_path_spec`
+  # AWK program above erroneously prepends '/' to C:/dos/paths
+  # for these hosts.
+  case $host_os in
+    mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+      $SED 's,/\([[A-Za-z]]:\),\1,g'` ;;
+  esac
+  sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
 else
   sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
 fi])
@@ -2113,7 +2247,7 @@ need_version=unknown
 
 case $host_os in
 aix3*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a'
   shlibpath_var=LIBPATH
 
@@ -2122,7 +2256,7 @@ aix3*)
   ;;
 
 aix[[4-9]]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   hardcode_into_libs=yes
@@ -2175,7 +2309,7 @@ amigaos*)
   m68k)
     library_names_spec='$libname.ixlibrary $libname.a'
     # Create ${libname}_ixlibrary.a entries in /sys/libs.
-    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$ECHO "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+    finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
     ;;
   esac
   ;;
@@ -2187,7 +2321,7 @@ beos*)
   ;;
 
 bsdi[[45]]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
@@ -2206,8 +2340,9 @@ cygwin* | mingw* | pw32* | cegcc*)
   need_version=no
   need_lib_prefix=no
 
-  case $GCC,$host_os in
-  yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*)
+  case $GCC,$cc_basename in
+  yes,*)
+    # gcc
     library_names_spec='$libname.dll.a'
     # DLL is installed to $(libdir)/../bin by postinstall_cmds
     postinstall_cmds='base_file=`basename \${file}`~
@@ -2228,36 +2363,83 @@ cygwin* | mingw* | pw32* | cegcc*)
     cygwin*)
       # Cygwin DLLs use 'cyg' prefix rather than 'lib'
       soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+m4_if([$1], [],[
+      sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"])
       ;;
     mingw* | cegcc*)
       # MinGW DLLs use traditional 'lib' prefix
       soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
-      sys_lib_search_path_spec=`$CC -print-search-dirs | $GREP "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
-      if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
-        # It is most probably a Windows format PATH printed by
-        # mingw gcc, but we are running on Cygwin. Gcc prints its search
-        # path with ; separators, and with drive letters. We can handle the
-        # drive letters (cygwin fileutils understands them), so leave them,
-        # especially as we might pass files found there to a mingw objdump,
-        # which wouldn't understand a cygwinified path. Ahh.
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
-      else
-        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED  -e "s/$PATH_SEPARATOR/ /g"`
-      fi
       ;;
     pw32*)
       # pw32 DLLs use 'pw' prefix rather than 'lib'
       library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
       ;;
     esac
+    dynamic_linker='Win32 ld.exe'
+    ;;
+
+  *,cl*)
+    # Native MSVC
+    libname_spec='$name'
+    soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
+    library_names_spec='${libname}.dll.lib'
+
+    case $build_os in
+    mingw*)
+      sys_lib_search_path_spec=
+      lt_save_ifs=$IFS
+      IFS=';'
+      for lt_path in $LIB
+      do
+        IFS=$lt_save_ifs
+        # Let DOS variable expansion print the short 8.3 style file name.
+        lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"`
+        sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path"
+      done
+      IFS=$lt_save_ifs
+      # Convert to MSYS style.
+      sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'`
+      ;;
+    cygwin*)
+      # Convert to unix form, then to dos form, then back to unix form
+      # but this time dos style (no spaces!) so that the unix form looks
+      # like /cygdrive/c/PROGRA~1:/cygdr...
+      sys_lib_search_path_spec=`cygpath --path --unix "$LIB"`
+      sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null`
+      sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      ;;
+    *)
+      sys_lib_search_path_spec="$LIB"
+      if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
+        # It is most probably a Windows format PATH.
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
+      else
+        sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
+      fi
+      # FIXME: find the short name or the path components, as spaces are
+      # common. (e.g. "Program Files" -> "PROGRA~1")
+      ;;
+    esac
+
+    # DLL is installed to $(libdir)/../bin by postinstall_cmds
+    postinstall_cmds='base_file=`basename \${file}`~
+      dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~
+      dldir=$destdir/`dirname \$dlpath`~
+      test -d \$dldir || mkdir -p \$dldir~
+      $install_prog $dir/$dlname \$dldir/$dlname'
+    postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~
+      dlpath=$dir/\$dldll~
+       $RM \$dlpath'
+    shlibpath_overrides_runpath=yes
+    dynamic_linker='Win32 link.exe'
     ;;
 
   *)
+    # Assume MSVC wrapper
     library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib'
+    dynamic_linker='Win32 ld.exe'
     ;;
   esac
-  dynamic_linker='Win32 ld.exe'
   # FIXME: first we should search . and the directory the executable is in
   shlibpath_var=PATH
   ;;
@@ -2278,7 +2460,7 @@ m4_if([$1], [],[
   ;;
 
 dgux*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext'
@@ -2286,10 +2468,6 @@ dgux*)
   shlibpath_var=LD_LIBRARY_PATH
   ;;
 
-freebsd1*)
-  dynamic_linker=no
-  ;;
-
 freebsd* | dragonfly*)
   # DragonFly does not have aout.  When/if they implement a new
   # versioning mechanism, adjust this.
@@ -2297,7 +2475,7 @@ freebsd* | dragonfly*)
     objformat=`/usr/bin/objformat`
   else
     case $host_os in
-    freebsd[[123]]*) objformat=aout ;;
+    freebsd[[23]].*) objformat=aout ;;
     *) objformat=elf ;;
     esac
   fi
@@ -2315,7 +2493,7 @@ freebsd* | dragonfly*)
   esac
   shlibpath_var=LD_LIBRARY_PATH
   case $host_os in
-  freebsd2*)
+  freebsd2.*)
     shlibpath_overrides_runpath=yes
     ;;
   freebsd3.[[01]]* | freebsdelf3.[[01]]*)
@@ -2335,12 +2513,26 @@ freebsd* | dragonfly*)
   ;;
 
 gnu*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  hardcode_into_libs=yes
+  ;;
+
+haiku*)
+  version_type=linux # correct to gnu/linux during the next big refactor
+  need_lib_prefix=no
+  need_version=no
+  dynamic_linker="$host_os runtime_loader"
+  library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+  soname_spec='${libname}${release}${shared_ext}$major'
+  shlibpath_var=LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
   hardcode_into_libs=yes
   ;;
 
@@ -2386,12 +2578,14 @@ hpux9* | hpux10* | hpux11*)
     soname_spec='${libname}${release}${shared_ext}$major'
     ;;
   esac
-  # HP-UX runs *really* slowly unless shared libraries are mode 555.
+  # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
   postinstall_cmds='chmod 555 $lib'
+  # or fails outright, so override atomically:
+  install_override_mode=555
   ;;
 
 interix[[3-9]]*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
@@ -2407,7 +2601,7 @@ irix5* | irix6* | nonstopux*)
     nonstopux*) version_type=nonstopux ;;
     *)
 	if test "$lt_cv_prog_gnu_ld" = yes; then
-		version_type=linux
+		version_type=linux # correct to gnu/linux during the next big refactor
 	else
 		version_type=irix
 	fi ;;
@@ -2444,9 +2638,9 @@ linux*oldld* | linux*aout* | linux*coff*)
   dynamic_linker=no
   ;;
 
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
-  version_type=linux
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -2454,16 +2648,21 @@ linux* | k*bsd*-gnu)
   finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
   shlibpath_var=LD_LIBRARY_PATH
   shlibpath_overrides_runpath=no
+
   # Some binutils ld are patched to set DT_RUNPATH
-  save_LDFLAGS=$LDFLAGS
-  save_libdir=$libdir
-  eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
-       LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
-  AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
-    [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
-       [shlibpath_overrides_runpath=yes])])
-  LDFLAGS=$save_LDFLAGS
-  libdir=$save_libdir
+  AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath],
+    [lt_cv_shlibpath_overrides_runpath=no
+    save_LDFLAGS=$LDFLAGS
+    save_libdir=$libdir
+    eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
+	 LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
+    AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+      [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
+	 [lt_cv_shlibpath_overrides_runpath=yes])])
+    LDFLAGS=$save_LDFLAGS
+    libdir=$save_libdir
+    ])
+  shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
 
   # This implies no fast_install, which is unacceptable.
   # Some rework will be needed to allow for fast_install
@@ -2472,7 +2671,7 @@ linux* | k*bsd*-gnu)
 
   # Append ld.so.conf contents to the search path
   if test -f /etc/ld.so.conf; then
-    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+    lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
     sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
   fi
 
@@ -2516,7 +2715,7 @@ netbsd*)
   ;;
 
 newsos6)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   shlibpath_var=LD_LIBRARY_PATH
   shlibpath_overrides_runpath=yes
@@ -2585,7 +2784,7 @@ rdos*)
   ;;
 
 solaris*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -2610,7 +2809,7 @@ sunos4*)
   ;;
 
 sysv4 | sysv4.3*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
@@ -2634,7 +2833,7 @@ sysv4 | sysv4.3*)
 
 sysv4*MP*)
   if test -d /usr/nec ;then
-    version_type=linux
+    version_type=linux # correct to gnu/linux during the next big refactor
     library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}'
     soname_spec='$libname${shared_ext}.$major'
     shlibpath_var=LD_LIBRARY_PATH
@@ -2665,7 +2864,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
 
 tpf*)
   # TPF is a cross-target only.  Preferred cross-host = GNU/Linux.
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   need_lib_prefix=no
   need_version=no
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
@@ -2675,7 +2874,7 @@ tpf*)
   ;;
 
 uts4*)
-  version_type=linux
+  version_type=linux # correct to gnu/linux during the next big refactor
   library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}'
   soname_spec='${libname}${release}${shared_ext}$major'
   shlibpath_var=LD_LIBRARY_PATH
@@ -2717,6 +2916,8 @@ _LT_DECL([], [library_names_spec], [1],
     The last name is the one that the linker finds with -lNAME]])
 _LT_DECL([], [soname_spec], [1],
     [[The coded name of the library, if different from the real name]])
+_LT_DECL([], [install_override_mode], [1],
+    [Permission mode override for installation of shared libraries])
 _LT_DECL([], [postinstall_cmds], [2],
     [Command to use after installation of a shared archive])
 _LT_DECL([], [postuninstall_cmds], [2],
@@ -2829,6 +3030,7 @@ AC_REQUIRE([AC_CANONICAL_HOST])dnl
 AC_REQUIRE([AC_CANONICAL_BUILD])dnl
 m4_require([_LT_DECL_SED])dnl
 m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PROG_ECHO_BACKSLASH])dnl
 
 AC_ARG_WITH([gnu-ld],
     [AS_HELP_STRING([--with-gnu-ld],
@@ -2950,6 +3152,11 @@ case $reload_flag in
 esac
 reload_cmds='$LD$reload_flag -o $output$reload_objs'
 case $host_os in
+  cygwin* | mingw* | pw32* | cegcc*)
+    if test "$GCC" != yes; then
+      reload_cmds=false
+    fi
+    ;;
   darwin*)
     if test "$GCC" = yes; then
       reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs'
@@ -2958,8 +3165,8 @@ case $host_os in
     fi
     ;;
 esac
-_LT_DECL([], [reload_flag], [1], [How to create reloadable object files])dnl
-_LT_DECL([], [reload_cmds], [2])dnl
+_LT_TAGDECL([], [reload_flag], [1], [How to create reloadable object files])dnl
+_LT_TAGDECL([], [reload_cmds], [2])dnl
 ])# _LT_CMD_RELOAD
 
 
@@ -3011,16 +3218,18 @@ mingw* | pw32*)
   # Base MSYS/MinGW do not provide the 'file' command needed by
   # func_win32_libid shell function, so use a weaker test based on 'objdump',
   # unless we find 'file', for example because we are cross-compiling.
-  if ( file / ) >/dev/null 2>&1; then
+  # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin.
+  if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then
     lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
     lt_cv_file_magic_cmd='func_win32_libid'
   else
-    lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+    # Keep this pattern in sync with the one in func_win32_libid.
+    lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
     lt_cv_file_magic_cmd='$OBJDUMP -f'
   fi
   ;;
 
-cegcc)
+cegcc*)
   # use the weaker test based on 'objdump'. See mingw*.
   lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
   lt_cv_file_magic_cmd='$OBJDUMP -f'
@@ -3050,6 +3259,10 @@ gnu*)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
+haiku*)
+  lt_cv_deplibs_check_method=pass_all
+  ;;
+
 hpux10.20* | hpux11*)
   lt_cv_file_magic_cmd=/usr/bin/file
   case $host_cpu in
@@ -3058,11 +3271,11 @@ hpux10.20* | hpux11*)
     lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
     ;;
   hppa*64*)
-    [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
+    [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]']
     lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
     ;;
   *)
-    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
+    lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library'
     lt_cv_file_magic_test_file=/usr/lib/libc.sl
     ;;
   esac
@@ -3083,8 +3296,8 @@ irix5* | irix6* | nonstopux*)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
-# This must be Linux ELF.
-linux* | k*bsd*-gnu)
+# This must be glibc/ELF.
+linux* | k*bsd*-gnu | kopensolaris*-gnu)
   lt_cv_deplibs_check_method=pass_all
   ;;
 
@@ -3162,6 +3375,21 @@ tpf*)
   ;;
 esac
 ])
+
+file_magic_glob=
+want_nocaseglob=no
+if test "$build" = "$host"; then
+  case $host_os in
+  mingw* | pw32*)
+    if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then
+      want_nocaseglob=yes
+    else
+      file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"`
+    fi
+    ;;
+  esac
+fi
+
 file_magic_cmd=$lt_cv_file_magic_cmd
 deplibs_check_method=$lt_cv_deplibs_check_method
 test -z "$deplibs_check_method" && deplibs_check_method=unknown
@@ -3169,7 +3397,11 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown
 _LT_DECL([], [deplibs_check_method], [1],
     [Method to check whether dependent libraries are shared objects])
 _LT_DECL([], [file_magic_cmd], [1],
-    [Command to use when deplibs_check_method == "file_magic"])
+    [Command to use when deplibs_check_method = "file_magic"])
+_LT_DECL([], [file_magic_glob], [1],
+    [How to find potential files when deplibs_check_method = "file_magic"])
+_LT_DECL([], [want_nocaseglob], [1],
+    [Find potential files using nocaseglob when deplibs_check_method = "file_magic"])
 ])# _LT_CHECK_MAGIC_METHOD
 
 
@@ -3226,7 +3458,19 @@ if test "$lt_cv_path_NM" != "no"; then
   NM="$lt_cv_path_NM"
 else
   # Didn't find any BSD compatible name lister, look for dumpbin.
-  AC_CHECK_TOOLS(DUMPBIN, ["dumpbin -symbols" "link -dump -symbols"], :)
+  if test -n "$DUMPBIN"; then :
+    # Let the user override the test.
+  else
+    AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :)
+    case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+    *COFF*)
+      DUMPBIN="$DUMPBIN -symbols"
+      ;;
+    *)
+      DUMPBIN=:
+      ;;
+    esac
+  fi
   AC_SUBST([DUMPBIN])
   if test "$DUMPBIN" != ":"; then
     NM="$DUMPBIN"
@@ -3239,13 +3483,13 @@ _LT_DECL([], [NM], [1], [A BSD- or MS-compatible name lister])dnl
 AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
   [lt_cv_nm_interface="BSD nm"
   echo "int some_variable = 0;" > conftest.$ac_ext
-  (eval echo "\"\$as_me:__oline__: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
+  (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
   (eval "$ac_compile" 2>conftest.err)
   cat conftest.err >&AS_MESSAGE_LOG_FD
-  (eval echo "\"\$as_me:__oline__: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
+  (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
   (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
   cat conftest.err >&AS_MESSAGE_LOG_FD
-  (eval echo "\"\$as_me:__oline__: output\"" >&AS_MESSAGE_LOG_FD)
+  (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD)
   cat conftest.out >&AS_MESSAGE_LOG_FD
   if $GREP 'External.*some_variable' conftest.out > /dev/null; then
     lt_cv_nm_interface="MS dumpbin"
@@ -3260,6 +3504,67 @@ dnl aclocal-1.4 backwards compatibility:
 dnl AC_DEFUN([AM_PROG_NM], [])
 dnl AC_DEFUN([AC_PROG_NM], [])
 
+# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+# --------------------------------
+# how to determine the name of the shared library
+# associated with a specific link library.
+#  -- PORTME fill in with the dynamic library characteristics
+m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB],
+[m4_require([_LT_DECL_EGREP])
+m4_require([_LT_DECL_OBJDUMP])
+m4_require([_LT_DECL_DLLTOOL])
+AC_CACHE_CHECK([how to associate runtime and link libraries],
+lt_cv_sharedlib_from_linklib_cmd,
+[lt_cv_sharedlib_from_linklib_cmd='unknown'
+
+case $host_os in
+cygwin* | mingw* | pw32* | cegcc*)
+  # two different shell functions defined in ltmain.sh
+  # decide which to use based on capabilities of $DLLTOOL
+  case `$DLLTOOL --help 2>&1` in
+  *--identify-strict*)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib
+    ;;
+  *)
+    lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback
+    ;;
+  esac
+  ;;
+*)
+  # fallback: assume linklib IS sharedlib
+  lt_cv_sharedlib_from_linklib_cmd="$ECHO"
+  ;;
+esac
+])
+sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd
+test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO
+
+_LT_DECL([], [sharedlib_from_linklib_cmd], [1],
+    [Command to associate shared and link libraries])
+])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB
+
+
+# _LT_PATH_MANIFEST_TOOL
+# ----------------------
+# locate the manifest tool
+m4_defun([_LT_PATH_MANIFEST_TOOL],
+[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :)
+test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt
+AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool],
+  [lt_cv_path_mainfest_tool=no
+  echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD
+  $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out
+  cat conftest.err >&AS_MESSAGE_LOG_FD
+  if $GREP 'Manifest Tool' conftest.out > /dev/null; then
+    lt_cv_path_mainfest_tool=yes
+  fi
+  rm -f conftest*])
+if test "x$lt_cv_path_mainfest_tool" != xyes; then
+  MANIFEST_TOOL=:
+fi
+_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl
+])# _LT_PATH_MANIFEST_TOOL
+
 
 # LT_LIB_M
 # --------
@@ -3268,7 +3573,7 @@ AC_DEFUN([LT_LIB_M],
 [AC_REQUIRE([AC_CANONICAL_HOST])dnl
 LIBM=
 case $host in
-*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
+*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*)
   # These system don't have libm, or don't need it
   ;;
 *-ncr-sysv4.3*)
@@ -3296,7 +3601,12 @@ m4_defun([_LT_COMPILER_NO_RTTI],
 _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
 
 if test "$GCC" = yes; then
-  _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+  case $cc_basename in
+  nvcc*)
+    _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;;
+  *)
+    _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;;
+  esac
 
   _LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
     lt_cv_prog_compiler_rtti_exceptions,
@@ -3313,6 +3623,7 @@ _LT_TAGDECL([no_builtin_flag], [lt_prog_compiler_no_builtin_flag], [1],
 m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
 [AC_REQUIRE([AC_CANONICAL_HOST])dnl
 AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_PROG_AWK])dnl
 AC_REQUIRE([LT_PATH_NM])dnl
 AC_REQUIRE([LT_PATH_LD])dnl
 m4_require([_LT_DECL_SED])dnl
@@ -3380,8 +3691,8 @@ esac
 lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'"
 
 # Transform an extracted symbol line into symbol name and symbol address
-lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p'"
-lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\) $/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p'"
+lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/  {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/  {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/  {\"lib\2\", (void *) \&\2},/p'"
 
 # Handle CRLF in mingw tool chain
 opt_cr=
@@ -3405,6 +3716,7 @@ for ac_symprfx in "" "_"; do
     # which start with @ or ?.
     lt_cv_sys_global_symbol_pipe="$AWK ['"\
 "     {last_section=section; section=\$ 3};"\
+"     /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\
 "     /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\
 "     \$ 0!~/External *\|/{next};"\
 "     / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\
@@ -3417,6 +3729,7 @@ for ac_symprfx in "" "_"; do
   else
     lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[	 ]]\($symcode$symcode*\)[[	 ]][[	 ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'"
   fi
+  lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'"
 
   # Check to see that the pipe works correctly.
   pipe_works=no
@@ -3438,7 +3751,7 @@ _LT_EOF
   if AC_TRY_EVAL(ac_compile); then
     # Now try to grab the symbols.
     nlist=conftest.nm
-    if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
+    if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then
       # Try sorting and uniquifying the output.
       if sort "$nlist" | uniq > "$nlist"T; then
 	mv -f "$nlist"T "$nlist"
@@ -3450,6 +3763,18 @@ _LT_EOF
       if $GREP ' nm_test_var$' "$nlist" >/dev/null; then
 	if $GREP ' nm_test_func$' "$nlist" >/dev/null; then
 	  cat <<_LT_EOF > conftest.$ac_ext
+/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests.  */
+#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE)
+/* DATA imports from DLLs on WIN32 con't be const, because runtime
+   relocations are performed -- see ld's documentation on pseudo-relocs.  */
+# define LT@&t@_DLSYM_CONST
+#elif defined(__osf__)
+/* This system does not cope well with relocations in const data.  */
+# define LT@&t@_DLSYM_CONST
+#else
+# define LT@&t@_DLSYM_CONST const
+#endif
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -3461,7 +3786,7 @@ _LT_EOF
 	  cat <<_LT_EOF >> conftest.$ac_ext
 
 /* The mapping between symbol names and symbols.  */
-const struct {
+LT@&t@_DLSYM_CONST struct {
   const char *name;
   void       *address;
 }
@@ -3487,15 +3812,15 @@ static const void *lt_preloaded_setup() {
 _LT_EOF
 	  # Now try linking the two files.
 	  mv conftest.$ac_objext conftstm.$ac_objext
-	  lt_save_LIBS="$LIBS"
-	  lt_save_CFLAGS="$CFLAGS"
+	  lt_globsym_save_LIBS=$LIBS
+	  lt_globsym_save_CFLAGS=$CFLAGS
 	  LIBS="conftstm.$ac_objext"
 	  CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)"
 	  if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then
 	    pipe_works=yes
 	  fi
-	  LIBS="$lt_save_LIBS"
-	  CFLAGS="$lt_save_CFLAGS"
+	  LIBS=$lt_globsym_save_LIBS
+	  CFLAGS=$lt_globsym_save_CFLAGS
 	else
 	  echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD
 	fi
@@ -3528,6 +3853,13 @@ else
   AC_MSG_RESULT(ok)
 fi
 
+# Response file support.
+if test "$lt_cv_nm_interface" = "MS dumpbin"; then
+  nm_file_list_spec='@'
+elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then
+  nm_file_list_spec='@'
+fi
+
 _LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1],
     [Take the output of nm and produce a listing of raw symbols and C names])
 _LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1],
@@ -3538,6 +3870,8 @@ _LT_DECL([global_symbol_to_c_name_address],
 _LT_DECL([global_symbol_to_c_name_address_lib_prefix],
     [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1],
     [Transform the output of nm in a C name address pair when lib prefix is needed])
+_LT_DECL([], [nm_file_list_spec], [1],
+    [Specify filename containing input files for $NM])
 ]) # _LT_CMD_GLOBAL_SYMBOLS
 
 
@@ -3549,7 +3883,6 @@ _LT_TAGVAR(lt_prog_compiler_wl, $1)=
 _LT_TAGVAR(lt_prog_compiler_pic, $1)=
 _LT_TAGVAR(lt_prog_compiler_static, $1)=
 
-AC_MSG_CHECKING([for $compiler option to produce PIC])
 m4_if([$1], [CXX], [
   # C++ specific cases for pic, static, wl, etc.
   if test "$GXX" = yes; then
@@ -3600,6 +3933,11 @@ m4_if([$1], [CXX], [
       # DJGPP does not support shared libraries at all
       _LT_TAGVAR(lt_prog_compiler_pic, $1)=
       ;;
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)=
+      ;;
     interix[[3-9]]*)
       # Interix 3.x gcc -fpic/-fPIC options generate broken code.
       # Instead, we relocate shared libraries at runtime.
@@ -3649,6 +3987,12 @@ m4_if([$1], [CXX], [
 	  ;;
 	esac
 	;;
+      mingw* | cygwin* | os2* | pw32* | cegcc*)
+	# This hack is so that the source file can tell whether it is being
+	# built for inclusion in a dll (and should export symbols for example).
+	m4_if([$1], [GCJ], [],
+	  [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT'])
+	;;
       dgux*)
 	case $cc_basename in
 	  ec++*)
@@ -3705,7 +4049,7 @@ m4_if([$1], [CXX], [
 	    ;;
 	esac
 	;;
-      linux* | k*bsd*-gnu)
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
 	case $cc_basename in
 	  KCC*)
 	    # KAI C++ Compiler
@@ -3738,8 +4082,8 @@ m4_if([$1], [CXX], [
 	    _LT_TAGVAR(lt_prog_compiler_pic, $1)=
 	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
 	    ;;
-	  xlc* | xlC*)
-	    # IBM XL 8.0 on PPC
+	  xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*)
+	    # IBM XL 8.0, 9.0 on PPC and BlueGene
 	    _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
 	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
 	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
@@ -3801,7 +4145,7 @@ m4_if([$1], [CXX], [
 	;;
       solaris*)
 	case $cc_basename in
-	  CC*)
+	  CC* | sunCC*)
 	    # Sun C++ 4.2, 5.x and Centerline C++
 	    _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
 	    _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
@@ -3905,6 +4249,12 @@ m4_if([$1], [CXX], [
       _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
       ;;
 
+    haiku*)
+      # PIC is the default for Haiku.
+      # The "-static" flag exists, but is broken.
+      _LT_TAGVAR(lt_prog_compiler_static, $1)=
+      ;;
+
     hpux*)
       # PIC is the default for 64-bit PA HP-UX, but not for 32-bit
       # PA HP-UX.  On IA64 HP-UX, PIC is the default but the pic flag
@@ -3947,6 +4297,15 @@ m4_if([$1], [CXX], [
       _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
       ;;
     esac
+
+    case $cc_basename in
+    nvcc*) # Cuda Compiler Driver 2.2
+      _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker '
+      if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then
+        _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)"
+      fi
+      ;;
+    esac
   else
     # PORTME Check for flag to pass linker flags through the system compiler.
     case $host_os in
@@ -3989,7 +4348,7 @@ m4_if([$1], [CXX], [
       _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
       ;;
 
-    linux* | k*bsd*-gnu)
+    linux* | k*bsd*-gnu | kopensolaris*-gnu)
       case $cc_basename in
       # old Intel for x86_64 which still supported -KPIC.
       ecc*)
@@ -4010,7 +4369,13 @@ m4_if([$1], [CXX], [
 	_LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
 	_LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
 	;;
-      pgcc* | pgf77* | pgf90* | pgf95*)
+      nagfor*)
+	# NAG Fortran compiler
+	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,'
+	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC'
+	_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	;;
+      pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
         # Portland Group compilers (*not* the Pentium gcc compiler,
 	# which looks to be a dead project)
 	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
@@ -4022,25 +4387,40 @@ m4_if([$1], [CXX], [
         # All Alpha code is PIC.
         _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
         ;;
-      xl*)
-	# IBM XL C 8.0/Fortran 10.1 on PPC
+      xl* | bgxl* | bgf* | mpixl*)
+	# IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
 	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
 	_LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
 	_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
 	;;
       *)
 	case `$CC -V 2>&1 | sed 5q` in
+	*Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*)
+	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
+	  ;;
+	*Sun\ F* | *Sun*Fortran*)
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld '
+	  ;;
 	*Sun\ C*)
 	  # Sun C 5.9
 	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
 	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
 	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
 	  ;;
-	*Sun\ F*)
-	  # Sun Fortran 8.3 passes all unrecognized flags to the linker
-	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
+        *Intel*\ [[CF]]*Compiler*)
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
+	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-static'
+	  ;;
+	*Portland\ Group*)
+	  _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+	  _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic'
 	  _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
-	  _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
 	  ;;
 	esac
 	;;
@@ -4072,7 +4452,7 @@ m4_if([$1], [CXX], [
       _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
       _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
       case $cc_basename in
-      f77* | f90* | f95*)
+      f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
 	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
       *)
 	_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
@@ -4129,9 +4509,11 @@ case $host_os in
     _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])"
     ;;
 esac
-AC_MSG_RESULT([$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
-_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
-	[How to pass a linker flag through the compiler])
+
+AC_CACHE_CHECK([for $compiler option to produce PIC],
+  [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)],
+  [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)])
+_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)
 
 #
 # Check to make sure the PIC flag actually works.
@@ -4150,6 +4532,8 @@ fi
 _LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1],
 	[Additional compiler flags for building library objects])
 
+_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1],
+	[How to pass a linker flag through the compiler])
 #
 # Check to make sure the static flag actually works.
 #
@@ -4170,6 +4554,7 @@ _LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1],
 m4_defun([_LT_LINKER_SHLIBS],
 [AC_REQUIRE([LT_PATH_LD])dnl
 AC_REQUIRE([LT_PATH_NM])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
 m4_require([_LT_FILEUTILS_DEFAULTS])dnl
 m4_require([_LT_DECL_EGREP])dnl
 m4_require([_LT_DECL_SED])dnl
@@ -4178,30 +4563,40 @@ m4_require([_LT_TAG_COMPILER])dnl
 AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries])
 m4_if([$1], [CXX], [
   _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
+  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
   case $host_os in
   aix[[4-9]]*)
     # If we're using GNU nm, then we don't want the "-C" option.
     # -C means demangle to AIX nm, but means don't demangle with GNU nm
+    # Also, AIX nm treats weak defined symbols like other global defined
+    # symbols, whereas GNU nm marks them as "W".
     if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
-      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
     else
       _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
     fi
     ;;
   pw32*)
     _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds"
-  ;;
+    ;;
   cygwin* | mingw* | cegcc*)
-    _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
-  ;;
-  linux* | k*bsd*-gnu)
+    case $cc_basename in
+    cl*)
+      _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+      ;;
+    *)
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+      _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
+      ;;
+    esac
+    ;;
+  linux* | k*bsd*-gnu | gnu*)
     _LT_TAGVAR(link_all_deplibs, $1)=no
-  ;;
+    ;;
   *)
     _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
-  ;;
+    ;;
   esac
-  _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*']
 ], [
   runpath_var=
   _LT_TAGVAR(allow_undefined_flag, $1)=
@@ -4216,7 +4611,6 @@ m4_if([$1], [CXX], [
   _LT_TAGVAR(hardcode_direct, $1)=no
   _LT_TAGVAR(hardcode_direct_absolute, $1)=no
   _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-  _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
   _LT_TAGVAR(hardcode_libdir_separator, $1)=
   _LT_TAGVAR(hardcode_minus_L, $1)=no
   _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
@@ -4261,13 +4655,39 @@ dnl Note also adjust exclude_expsyms for C++ above.
   openbsd*)
     with_gnu_ld=no
     ;;
-  linux* | k*bsd*-gnu)
+  linux* | k*bsd*-gnu | gnu*)
     _LT_TAGVAR(link_all_deplibs, $1)=no
     ;;
   esac
 
   _LT_TAGVAR(ld_shlibs, $1)=yes
+
+  # On some targets, GNU ld is compatible enough with the native linker
+  # that we're better off using the native interface for both.
+  lt_use_gnu_ld_interface=no
   if test "$with_gnu_ld" = yes; then
+    case $host_os in
+      aix*)
+	# The AIX port of GNU ld has always aspired to compatibility
+	# with the native linker.  However, as the warning in the GNU ld
+	# block says, versions before 2.19.5* couldn't really create working
+	# shared libraries, regardless of the interface used.
+	case `$LD -v 2>&1` in
+	  *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+	  *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;;
+	  *\ \(GNU\ Binutils\)\ [[3-9]]*) ;;
+	  *)
+	    lt_use_gnu_ld_interface=yes
+	    ;;
+	esac
+	;;
+      *)
+	lt_use_gnu_ld_interface=yes
+	;;
+    esac
+  fi
+
+  if test "$lt_use_gnu_ld_interface" = yes; then
     # If archive_cmds runs LD, not CC, wlarc should be empty
     wlarc='${wl}'
 
@@ -4285,6 +4705,7 @@ dnl Note also adjust exclude_expsyms for C++ above.
     fi
     supports_anon_versioning=no
     case `$LD -v 2>&1` in
+      *GNU\ gold*) supports_anon_versioning=yes ;;
       *\ [[01]].* | *\ 2.[[0-9]].* | *\ 2.10.*) ;; # catch versions < 2.11
       *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ...
       *\ 2.11.92.0.12\ *) supports_anon_versioning=yes ;; # Mandrake 8.2 ...
@@ -4300,11 +4721,12 @@ dnl Note also adjust exclude_expsyms for C++ above.
 	_LT_TAGVAR(ld_shlibs, $1)=no
 	cat <<_LT_EOF 1>&2
 
-*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** Warning: the GNU linker, at least up to release 2.19, is reported
 *** to be unable to reliably create shared libraries on AIX.
 *** Therefore, libtool is disabling shared libraries support.  If you
-*** really care for shared libraries, you may want to modify your PATH
-*** so that a non-GNU linker is found, and then restart.
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
 
 _LT_EOF
       fi
@@ -4340,10 +4762,12 @@ _LT_EOF
       # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
       # as there is no search path for DLLs.
       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+      _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
       _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
       _LT_TAGVAR(always_export_symbols, $1)=no
       _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
+      _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
+      _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname']
 
       if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
         _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
@@ -4361,6 +4785,11 @@ _LT_EOF
       fi
       ;;
 
+    haiku*)
+      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+      _LT_TAGVAR(link_all_deplibs, $1)=yes
+      ;;
+
     interix[[3-9]]*)
       _LT_TAGVAR(hardcode_direct, $1)=no
       _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
@@ -4376,7 +4805,7 @@ _LT_EOF
       _LT_TAGVAR(archive_expsym_cmds, $1)='sed "s,^,_," $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-h,$soname ${wl}--retain-symbols-file,$output_objdir/$soname.expsym ${wl}--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib'
       ;;
 
-    gnu* | linux* | tpf* | k*bsd*-gnu)
+    gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
       tmp_diet=no
       if test "$host_os" = linux-dietlibc; then
 	case $cc_basename in
@@ -4386,15 +4815,16 @@ _LT_EOF
       if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \
 	 && test "$tmp_diet" = no
       then
-	tmp_addflag=
+	tmp_addflag=' $pic_flag'
 	tmp_sharedflag='-shared'
 	case $cc_basename,$host_cpu in
         pgcc*)				# Portland Group C compiler
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  tmp_addflag=' $pic_flag'
 	  ;;
-	pgf77* | pgf90* | pgf95*)	# Portland Group f77 and f90 compilers
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	pgf77* | pgf90* | pgf95* | pgfortran*)
+					# Portland Group f77 and f90 compilers
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  tmp_addflag=' $pic_flag -Mnomain' ;;
 	ecc*,ia64* | icc*,ia64*)	# Intel C compiler on ia64
 	  tmp_addflag=' -i_dynamic' ;;
@@ -4405,13 +4835,17 @@ _LT_EOF
 	lf95*)				# Lahey Fortran 8.1
 	  _LT_TAGVAR(whole_archive_flag_spec, $1)=
 	  tmp_sharedflag='--shared' ;;
-	xl[[cC]]*)			# IBM XL C 8.0 on PPC (deal with xlf below)
+	xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
 	  tmp_sharedflag='-qmkshrobj'
 	  tmp_addflag= ;;
+	nvcc*)	# Cuda Compiler Driver 2.2
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+	  _LT_TAGVAR(compiler_needs_object, $1)=yes
+	  ;;
 	esac
 	case `$CC -V 2>&1 | sed 5q` in
 	*Sun\ C*)			# Sun C 5.9
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	  _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	  _LT_TAGVAR(compiler_needs_object, $1)=yes
 	  tmp_sharedflag='-G' ;;
 	*Sun\ F*)			# Sun Fortran 8.3
@@ -4427,17 +4861,16 @@ _LT_EOF
         fi
 
 	case $cc_basename in
-	xlf*)
+	xlf* | bgf* | bgxlf* | mpixlf*)
 	  # IBM XL Fortran 10.1 on PPC cannot create shared libs itself
 	  _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
-	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-	  _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
-	  _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $compiler_flags -soname $soname -o $lib'
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
+	  _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
 	  if test "x$supports_anon_versioning" = xyes; then
 	    _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
 	      cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
 	      echo "local: *; };" >> $output_objdir/$libname.ver~
-	      $LD -shared $libobjs $deplibs $compiler_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+	      $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
 	  fi
 	  ;;
 	esac
@@ -4451,8 +4884,8 @@ _LT_EOF
 	_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
 	wlarc=
       else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       fi
       ;;
 
@@ -4470,8 +4903,8 @@ _LT_EOF
 
 _LT_EOF
       elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       else
 	_LT_TAGVAR(ld_shlibs, $1)=no
       fi
@@ -4517,8 +4950,8 @@ _LT_EOF
 
     *)
       if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
       else
 	_LT_TAGVAR(ld_shlibs, $1)=no
       fi
@@ -4558,8 +4991,10 @@ _LT_EOF
       else
 	# If we're using GNU nm, then we don't want the "-C" option.
 	# -C means demangle to AIX nm, but means don't demangle with GNU nm
+	# Also, AIX nm treats weak defined symbols like other global
+	# defined symbols, whereas GNU nm marks them as "W".
 	if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
-	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
 	else
 	  _LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
 	fi
@@ -4647,9 +5082,9 @@ _LT_EOF
 	_LT_TAGVAR(allow_undefined_flag, $1)='-berok'
         # Determine the default libpath from the value encoded in an
         # empty executable.
-        _LT_SYS_MODULE_PATH_AIX
+        _LT_SYS_MODULE_PATH_AIX([$1])
         _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
-        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
       else
 	if test "$host_cpu" = ia64; then
 	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
@@ -4658,14 +5093,19 @@ _LT_EOF
 	else
 	 # Determine the default libpath from the value encoded in an
 	 # empty executable.
-	 _LT_SYS_MODULE_PATH_AIX
+	 _LT_SYS_MODULE_PATH_AIX([$1])
 	 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
 	  # Warning - without using the other run time loading flags,
 	  # -berok will link without error, but may produce a broken library.
 	  _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
 	  _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
-	  # Exported symbols can be pulled into shared objects from archives
-	  _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	  if test "$with_gnu_ld" = yes; then
+	    # We only use this code for GNU lds that support --whole-archive.
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	  else
+	    # Exported symbols can be pulled into shared objects from archives
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	  fi
 	  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
 	  # This is similar to how AIX traditionally builds its shared libraries.
 	  _LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
@@ -4697,20 +5137,64 @@ _LT_EOF
       # Microsoft Visual C++.
       # hardcode_libdir_flag_spec is actually meaningless, as there is
       # no search path for DLLs.
-      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
-      _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      # Tell ltmain to make .lib files, not .a files.
-      libext=lib
-      # Tell ltmain to make .dll files, not .so files.
-      shrext_cmds=".dll"
-      # FIXME: Setting linknames here is a bad hack.
-      _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `$ECHO "X$deplibs" | $Xsed -e '\''s/ -lc$//'\''` -link -dll~linknames='
-      # The linker will automatically build a .lib file if we build a DLL.
-      _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
-      # FIXME: Should let the user specify the lib program.
-      _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
-      _LT_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`'
-      _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+      case $cc_basename in
+      cl*)
+	# Native MSVC
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	_LT_TAGVAR(always_export_symbols, $1)=yes
+	_LT_TAGVAR(file_list_spec, $1)='@'
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	_LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	    sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	  else
+	    sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	  fi~
+	  $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	  linknames='
+	# The linker will not automatically build a static lib if we build a DLL.
+	# _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	_LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*'
+	_LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols'
+	# Don't use ranlib
+	_LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+	_LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+	  lt_tool_outputfile="@TOOL_OUTPUT@"~
+	  case $lt_outputfile in
+	    *.exe|*.EXE) ;;
+	    *)
+	      lt_outputfile="$lt_outputfile.exe"
+	      lt_tool_outputfile="$lt_tool_outputfile.exe"
+	      ;;
+	  esac~
+	  if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	    $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	    $RM "$lt_outputfile.manifest";
+	  fi'
+	;;
+      *)
+	# Assume MSVC wrapper
+	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	# Tell ltmain to make .lib files, not .a files.
+	libext=lib
+	# Tell ltmain to make .dll files, not .so files.
+	shrext_cmds=".dll"
+	# FIXME: Setting linknames here is a bad hack.
+	_LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
+	# The linker will automatically build a .lib file if we build a DLL.
+	_LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	# FIXME: Should let the user specify the lib program.
+	_LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs'
+	_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	;;
+      esac
       ;;
 
     darwin* | rhapsody*)
@@ -4723,10 +5207,6 @@ _LT_EOF
       _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
       ;;
 
-    freebsd1*)
-      _LT_TAGVAR(ld_shlibs, $1)=no
-      ;;
-
     # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
     # support.  Future versions do this automatically, but an explicit c++rt0.o
     # does not break anything, and helps significantly (at the cost of a little
@@ -4739,7 +5219,7 @@ _LT_EOF
       ;;
 
     # Unfortunately, older versions of FreeBSD 2 do not have this feature.
-    freebsd2*)
+    freebsd2.*)
       _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags'
       _LT_TAGVAR(hardcode_direct, $1)=yes
       _LT_TAGVAR(hardcode_minus_L, $1)=yes
@@ -4748,7 +5228,7 @@ _LT_EOF
 
     # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
     freebsd* | dragonfly*)
-      _LT_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags'
+      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags'
       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
       _LT_TAGVAR(hardcode_direct, $1)=yes
       _LT_TAGVAR(hardcode_shlibpath_var, $1)=no
@@ -4756,7 +5236,7 @@ _LT_EOF
 
     hpux9*)
       if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
       else
 	_LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
       fi
@@ -4771,14 +5251,13 @@ _LT_EOF
       ;;
 
     hpux10*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
       else
 	_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
       fi
       if test "$with_gnu_ld" = no; then
 	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
-	_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir'
 	_LT_TAGVAR(hardcode_libdir_separator, $1)=:
 	_LT_TAGVAR(hardcode_direct, $1)=yes
 	_LT_TAGVAR(hardcode_direct_absolute, $1)=yes
@@ -4790,16 +5269,16 @@ _LT_EOF
       ;;
 
     hpux11*)
-      if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+      if test "$GCC" = yes && test "$with_gnu_ld" = no; then
 	case $host_cpu in
 	hppa*64*)
 	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	ia64*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	esac
       else
@@ -4811,7 +5290,14 @@ _LT_EOF
 	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
 	  ;;
 	*)
-	  _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+	m4_if($1, [], [
+	  # Older versions of the 11.00 compiler do not understand -b yet
+	  # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+	  _LT_LINKER_OPTION([if $CC understands -b],
+	    _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b],
+	    [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'],
+	    [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])],
+	  [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'])
 	  ;;
 	esac
       fi
@@ -4839,19 +5325,34 @@ _LT_EOF
 
     irix5* | irix6* | nonstopux*)
       if test "$GCC" = yes; then
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 	# Try to use the -exported_symbol ld option, if it does not
 	# work, assume that -exports_file does not work either and
 	# implicitly export all symbols.
-        save_LDFLAGS="$LDFLAGS"
-        LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
-        AC_LINK_IFELSE(int foo(void) {},
-          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
-        )
-        LDFLAGS="$save_LDFLAGS"
+	# This should be the same for all languages, so no per-tag cache variable.
+	AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol],
+	  [lt_cv_irix_exported_symbol],
+	  [save_LDFLAGS="$LDFLAGS"
+	   LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
+	   AC_LINK_IFELSE(
+	     [AC_LANG_SOURCE(
+	        [AC_LANG_CASE([C], [[int foo (void) { return 0; }]],
+			      [C++], [[int foo (void) { return 0; }]],
+			      [Fortran 77], [[
+      subroutine foo
+      end]],
+			      [Fortran], [[
+      subroutine foo
+      end]])])],
+	      [lt_cv_irix_exported_symbol=yes],
+	      [lt_cv_irix_exported_symbol=no])
+           LDFLAGS="$save_LDFLAGS"])
+	if test "$lt_cv_irix_exported_symbol" = yes; then
+          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+	fi
       else
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
-	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
       fi
       _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
@@ -4913,17 +5414,17 @@ _LT_EOF
       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
       _LT_TAGVAR(hardcode_minus_L, $1)=yes
       _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-      _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$ECHO DATA >> $output_objdir/$libname.def~$ECHO " SINGLE NONSHARED" >> $output_objdir/$libname.def~$ECHO EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+      _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
       _LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
       ;;
 
     osf3*)
       if test "$GCC" = yes; then
 	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
       else
 	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
       fi
       _LT_TAGVAR(archive_cmds_need_lc, $1)='no'
       _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
@@ -4933,13 +5434,13 @@ _LT_EOF
     osf4* | osf5*)	# as osf3* with the addition of -msym flag
       if test "$GCC" = yes; then
 	_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
       else
 	_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
 	_LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
-	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+	$CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
 
 	# Both c and cxx compiler support -rpath directly
 	_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
@@ -4952,9 +5453,9 @@ _LT_EOF
       _LT_TAGVAR(no_undefined_flag, $1)=' -z defs'
       if test "$GCC" = yes; then
 	wlarc='${wl}'
-	_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
+	_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
 	_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-	  $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
+	  $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp'
       else
 	case `$CC -V 2>&1` in
 	*"Compilers 5.0"*)
@@ -5130,36 +5631,38 @@ x|xyes)
       # Test whether the compiler implicitly links with -lc since on some
       # systems, -lgcc has to come before -lc. If gcc already passes -lc
       # to ld, don't add -lc before -lgcc.
-      AC_MSG_CHECKING([whether -lc should be explicitly linked in])
-      $RM conftest*
-      echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
-      if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
-        soname=conftest
-        lib=conftest
-        libobjs=conftest.$ac_objext
-        deplibs=
-        wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
-	pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
-        compiler_flags=-v
-        linker_flags=-v
-        verstring=
-        output_objdir=.
-        libname=conftest
-        lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
-        _LT_TAGVAR(allow_undefined_flag, $1)=
-        if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
-        then
-	  _LT_TAGVAR(archive_cmds_need_lc, $1)=no
-        else
-	  _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
-        fi
-        _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
-      else
-        cat conftest.err 1>&5
-      fi
-      $RM conftest*
-      AC_MSG_RESULT([$_LT_TAGVAR(archive_cmds_need_lc, $1)])
+      AC_CACHE_CHECK([whether -lc should be explicitly linked in],
+	[lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1),
+	[$RM conftest*
+	echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+	if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+	  soname=conftest
+	  lib=conftest
+	  libobjs=conftest.$ac_objext
+	  deplibs=
+	  wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
+	  pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
+	  compiler_flags=-v
+	  linker_flags=-v
+	  verstring=
+	  output_objdir=.
+	  libname=conftest
+	  lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
+	  _LT_TAGVAR(allow_undefined_flag, $1)=
+	  if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
+	  then
+	    lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+	  else
+	    lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+	  fi
+	  _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+	else
+	  cat conftest.err 1>&5
+	fi
+	$RM conftest*
+	])
+      _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)
       ;;
     esac
   fi
@@ -5196,9 +5699,6 @@ _LT_TAGDECL([], [no_undefined_flag], [1],
 _LT_TAGDECL([], [hardcode_libdir_flag_spec], [1],
     [Flag to hardcode $libdir into a binary during linking.
     This must work even if $libdir does not exist])
-_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1],
-    [[If ld is used when linking, flag to hardcode $libdir into a binary
-    during linking.  This must work even if $libdir does not exist]])
 _LT_TAGDECL([], [hardcode_libdir_separator], [1],
     [Whether we need a single "-rpath" flag with a separated argument])
 _LT_TAGDECL([], [hardcode_direct], [0],
@@ -5224,8 +5724,6 @@ _LT_TAGDECL([], [inherit_rpath], [0],
     to runtime path list])
 _LT_TAGDECL([], [link_all_deplibs], [0],
     [Whether libtool must link a program against all its dependency libraries])
-_LT_TAGDECL([], [fix_srcfile_path], [1],
-    [Fix the shell variable $srcfile for the compiler])
 _LT_TAGDECL([], [always_export_symbols], [0],
     [Set to "yes" if exported symbols are required])
 _LT_TAGDECL([], [export_symbols_cmds], [2],
@@ -5236,6 +5734,8 @@ _LT_TAGDECL([], [include_expsyms], [1],
     [Symbols that must always be exported])
 _LT_TAGDECL([], [prelink_cmds], [2],
     [Commands necessary for linking programs (against libraries) with templates])
+_LT_TAGDECL([], [postlink_cmds], [2],
+    [Commands necessary for finishing linking programs])
 _LT_TAGDECL([], [file_list_spec], [1],
     [Specify filename containing input files])
 dnl FIXME: Not yet implemented
@@ -5329,37 +5829,22 @@ CC="$lt_save_CC"
 ])# _LT_LANG_C_CONFIG
 
 
-# _LT_PROG_CXX
-# ------------
-# Since AC_PROG_CXX is broken, in that it returns g++ if there is no c++
-# compiler, we have our own version here.
-m4_defun([_LT_PROG_CXX],
-[
-pushdef([AC_MSG_ERROR], [_lt_caught_CXX_error=yes])
-AC_PROG_CXX
-if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
-    ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
-    (test "X$CXX" != "Xg++"))) ; then
-  AC_PROG_CXXCPP
-else
-  _lt_caught_CXX_error=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_CXX
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_CXX], [])
-
-
 # _LT_LANG_CXX_CONFIG([TAG])
 # --------------------------
 # Ensure that the configuration variables for a C++ compiler are suitably
 # defined.  These variables are subsequently used by _LT_CONFIG to write
 # the compiler configuration to `libtool'.
 m4_defun([_LT_LANG_CXX_CONFIG],
-[AC_REQUIRE([_LT_PROG_CXX])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
 m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PATH_MANIFEST_TOOL])dnl
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+    ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+    (test "X$CXX" != "Xg++"))) ; then
+  AC_PROG_CXXCPP
+else
+  _lt_caught_CXX_error=yes
+fi
 
 AC_LANG_PUSH(C++)
 _LT_TAGVAR(archive_cmds_need_lc, $1)=no
@@ -5371,7 +5856,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
 _LT_TAGVAR(hardcode_direct, $1)=no
 _LT_TAGVAR(hardcode_direct_absolute, $1)=no
 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
 _LT_TAGVAR(hardcode_libdir_separator, $1)=
 _LT_TAGVAR(hardcode_minus_L, $1)=no
 _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
@@ -5381,6 +5865,8 @@ _LT_TAGVAR(module_cmds, $1)=
 _LT_TAGVAR(module_expsym_cmds, $1)=
 _LT_TAGVAR(link_all_deplibs, $1)=unknown
 _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
 _LT_TAGVAR(no_undefined_flag, $1)=
 _LT_TAGVAR(whole_archive_flag_spec, $1)=
 _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
@@ -5412,6 +5898,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 
   # Allow CC to be a program name with arguments.
   lt_save_CC=$CC
+  lt_save_CFLAGS=$CFLAGS
   lt_save_LD=$LD
   lt_save_GCC=$GCC
   GCC=$GXX
@@ -5429,6 +5916,7 @@ if test "$_lt_caught_CXX_error" != yes; then
   fi
   test -z "${LDCXX+set}" || LD=$LDCXX
   CC=${CXX-"c++"}
+  CFLAGS=$CXXFLAGS
   compiler=$CC
   _LT_TAGVAR(compiler, $1)=$CC
   _LT_CC_BASENAME([$compiler])
@@ -5450,8 +5938,8 @@ if test "$_lt_caught_CXX_error" != yes; then
       # Check if GNU C++ uses GNU ld as the underlying linker, since the
       # archiving commands below assume that GNU ld is being used.
       if test "$with_gnu_ld" = yes; then
-        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
-        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+        _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
 
         _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
         _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
@@ -5483,7 +5971,7 @@ if test "$_lt_caught_CXX_error" != yes; then
       # Commands to make compiler produce verbose output that lists
       # what "hidden" libraries, object files and flags are used when
       # linking a shared library.
-      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
 
     else
       GXX=no
@@ -5592,10 +6080,10 @@ if test "$_lt_caught_CXX_error" != yes; then
           _LT_TAGVAR(allow_undefined_flag, $1)='-berok'
           # Determine the default libpath from the value encoded in an empty
           # executable.
-          _LT_SYS_MODULE_PATH_AIX
+          _LT_SYS_MODULE_PATH_AIX([$1])
           _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
 
-          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+          _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
         else
           if test "$host_cpu" = ia64; then
 	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
@@ -5604,14 +6092,19 @@ if test "$_lt_caught_CXX_error" != yes; then
           else
 	    # Determine the default libpath from the value encoded in an
 	    # empty executable.
-	    _LT_SYS_MODULE_PATH_AIX
+	    _LT_SYS_MODULE_PATH_AIX([$1])
 	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
 	    # Warning - without using the other run time loading flags,
 	    # -berok will link without error, but may produce a broken library.
 	    _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
 	    _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
-	    # Exported symbols can be pulled into shared objects from archives
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	    if test "$with_gnu_ld" = yes; then
+	      # We only use this code for GNU lds that support --whole-archive.
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+	    else
+	      # Exported symbols can be pulled into shared objects from archives
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+	    fi
 	    _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
 	    # This is similar to how AIX traditionally builds its shared
 	    # libraries.
@@ -5641,28 +6134,75 @@ if test "$_lt_caught_CXX_error" != yes; then
         ;;
 
       cygwin* | mingw* | pw32* | cegcc*)
-        # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
-        # as there is no search path for DLLs.
-        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
-        _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
-        _LT_TAGVAR(always_export_symbols, $1)=no
-        _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
-
-        if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
-          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-          # If the export-symbols file already is a .def file (1st line
-          # is EXPORTS), use it as is; otherwise, prepend...
-          _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
-	    cp $export_symbols $output_objdir/$soname.def;
-          else
-	    echo EXPORTS > $output_objdir/$soname.def;
-	    cat $export_symbols >> $output_objdir/$soname.def;
-          fi~
-          $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
-        else
-          _LT_TAGVAR(ld_shlibs, $1)=no
-        fi
-        ;;
+	case $GXX,$cc_basename in
+	,cl* | no,cl*)
+	  # Native MSVC
+	  # hardcode_libdir_flag_spec is actually meaningless, as there is
+	  # no search path for DLLs.
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' '
+	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	  _LT_TAGVAR(always_export_symbols, $1)=yes
+	  _LT_TAGVAR(file_list_spec, $1)='@'
+	  # Tell ltmain to make .lib files, not .a files.
+	  libext=lib
+	  # Tell ltmain to make .dll files, not .so files.
+	  shrext_cmds=".dll"
+	  # FIXME: Setting linknames here is a bad hack.
+	  _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames='
+	  _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp;
+	    else
+	      $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp;
+	    fi~
+	    $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~
+	    linknames='
+	  # The linker will not automatically build a static lib if we build a DLL.
+	  # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
+	  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+	  # Don't use ranlib
+	  _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib'
+	  _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~
+	    lt_tool_outputfile="@TOOL_OUTPUT@"~
+	    case $lt_outputfile in
+	      *.exe|*.EXE) ;;
+	      *)
+		lt_outputfile="$lt_outputfile.exe"
+		lt_tool_outputfile="$lt_tool_outputfile.exe"
+		;;
+	    esac~
+	    func_to_tool_file "$lt_outputfile"~
+	    if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then
+	      $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1;
+	      $RM "$lt_outputfile.manifest";
+	    fi'
+	  ;;
+	*)
+	  # g++
+	  # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
+	  # as there is no search path for DLLs.
+	  _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+	  _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
+	  _LT_TAGVAR(allow_undefined_flag, $1)=unsupported
+	  _LT_TAGVAR(always_export_symbols, $1)=no
+	  _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
+
+	  if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	    # If the export-symbols file already is a .def file (1st line
+	    # is EXPORTS), use it as is; otherwise, prepend...
+	    _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then
+	      cp $export_symbols $output_objdir/$soname.def;
+	    else
+	      echo EXPORTS > $output_objdir/$soname.def;
+	      cat $export_symbols >> $output_objdir/$soname.def;
+	    fi~
+	    $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib'
+	  else
+	    _LT_TAGVAR(ld_shlibs, $1)=no
+	  fi
+	  ;;
+	esac
+	;;
       darwin* | rhapsody*)
         _LT_DARWIN_LINKER_FEATURES($1)
 	;;
@@ -5685,7 +6225,7 @@ if test "$_lt_caught_CXX_error" != yes; then
         esac
         ;;
 
-      freebsd[[12]]*)
+      freebsd2.*)
         # C++ shared libraries reported to be fairly broken before
 	# switch to ELF
         _LT_TAGVAR(ld_shlibs, $1)=no
@@ -5704,6 +6244,11 @@ if test "$_lt_caught_CXX_error" != yes; then
       gnu*)
         ;;
 
+      haiku*)
+        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+        _LT_TAGVAR(link_all_deplibs, $1)=yes
+        ;;
+
       hpux9*)
         _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
         _LT_TAGVAR(hardcode_libdir_separator, $1)=:
@@ -5728,11 +6273,11 @@ if test "$_lt_caught_CXX_error" != yes; then
             # explicitly linking system object files so we need to strip them
             # from the output so that they don't get included in the library
             # dependencies.
-            output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+            output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
             ;;
           *)
             if test "$GXX" = yes; then
-              _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
+              _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib'
             else
               # FIXME: insert proper C++ library support
               _LT_TAGVAR(ld_shlibs, $1)=no
@@ -5793,7 +6338,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    # explicitly linking system object files so we need to strip them
 	    # from the output so that they don't get included in the library
 	    # dependencies.
-	    output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+	    output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
 	    ;;
           *)
 	    if test "$GXX" = yes; then
@@ -5803,10 +6348,10 @@ if test "$_lt_caught_CXX_error" != yes; then
 	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
 	            ;;
 	          ia64*)
-	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
 	            ;;
 	          *)
-	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
+	            _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
 	            ;;
 	        esac
 	      fi
@@ -5836,7 +6381,7 @@ if test "$_lt_caught_CXX_error" != yes; then
         case $cc_basename in
           CC*)
 	    # SGI C++
-	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
 
 	    # Archives containing C++ object files must be created using
 	    # "CC -ar", where "CC" is the IRIX C++ compiler.  This is
@@ -5847,9 +6392,9 @@ if test "$_lt_caught_CXX_error" != yes; then
           *)
 	    if test "$GXX" = yes; then
 	      if test "$with_gnu_ld" = no; then
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 	      else
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` -o $lib'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib'
 	      fi
 	    fi
 	    _LT_TAGVAR(link_all_deplibs, $1)=yes
@@ -5860,7 +6405,7 @@ if test "$_lt_caught_CXX_error" != yes; then
         _LT_TAGVAR(inherit_rpath, $1)=yes
         ;;
 
-      linux* | k*bsd*-gnu)
+      linux* | k*bsd*-gnu | kopensolaris*-gnu)
         case $cc_basename in
           KCC*)
 	    # Kuck and Associates, Inc. (KAI) C++ Compiler
@@ -5878,7 +6423,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    # explicitly linking system object files so we need to strip them
 	    # from the output so that they don't get included in the library
 	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+	    output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
 
 	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
 	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
@@ -5915,26 +6460,26 @@ if test "$_lt_caught_CXX_error" != yes; then
           pgCC* | pgcpp*)
             # Portland Group C++ compiler
 	    case `$CC -V` in
-	    *pgCC\ [[1-5]]* | *pgcpp\ [[1-5]]*)
+	    *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*)
 	      _LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
 		rm -rf $tpldir~
 		$CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
-		compile_command="$compile_command `find $tpldir -name \*.o | $NL2SP`"'
+		compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"'
 	      _LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
 		rm -rf $tpldir~
 		$CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
-		$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | $NL2SP`~
+		$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~
 		$RANLIB $oldlib'
 	      _LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
 		rm -rf $tpldir~
 		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
-		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
 	      _LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
 		rm -rf $tpldir~
 		$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
-		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+		$CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
 	      ;;
-	    *) # Version 6 will use weak symbols
+	    *) # Version 6 and above use weak symbols
 	      _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
 	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
 	      ;;
@@ -5942,7 +6487,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 
 	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
 	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
-	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	    _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test  -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
             ;;
 	  cxx*)
 	    # Compaq C++
@@ -5961,9 +6506,9 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    # explicitly linking system object files so we need to strip them
 	    # from the output so that they don't get included in the library
 	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed'
 	    ;;
-	  xl*)
+	  xl* | mpixl* | bgxl*)
 	    # IBM XL 8.0 on PPC, with GNU ld
 	    _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
 	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
@@ -5983,13 +6528,13 @@ if test "$_lt_caught_CXX_error" != yes; then
 	      _LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
 	      _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
 	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
-	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+	      _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
 	      _LT_TAGVAR(compiler_needs_object, $1)=yes
 
 	      # Not sure whether something based on
 	      # $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
 	      # would be better.
-	      output_verbose_link_cmd='echo'
+	      output_verbose_link_cmd='func_echo_all'
 
 	      # Archives containing C++ object files must be created using
 	      # "CC -xar", where "CC" is the Sun C++ compiler.  This is
@@ -6058,7 +6603,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
 	    _LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
 	  fi
-	  output_verbose_link_cmd=echo
+	  output_verbose_link_cmd=func_echo_all
 	else
 	  _LT_TAGVAR(ld_shlibs, $1)=no
 	fi
@@ -6093,15 +6638,15 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    case $host in
 	      osf3*)
 	        _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && $ECHO "X${wl}-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
 	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
 		;;
 	      *)
 	        _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
 	        _LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
 	          echo "-hidden">> $lib.exp~
-	          $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp  `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~
+	          $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp  `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~
 	          $RM $lib.exp'
 	        _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
 		;;
@@ -6117,17 +6662,17 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    # explicitly linking system object files so we need to strip them
 	    # from the output so that they don't get included in the library
 	    # dependencies.
-	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+	    output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
 	    ;;
 	  *)
 	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
 	      _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
 	      case $host in
 	        osf3*)
-	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 		  ;;
 	        *)
-	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+	          _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
 		  ;;
 	      esac
 
@@ -6137,7 +6682,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	      # Commands to make compiler produce verbose output that lists
 	      # what "hidden" libraries, object files and flags are used when
 	      # linking a shared library.
-	      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+	      output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
 
 	    else
 	      # FIXME: insert proper C++ library support
@@ -6173,7 +6718,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 
       solaris*)
         case $cc_basename in
-          CC*)
+          CC* | sunCC*)
 	    # Sun C++ 4.2, 5.x and Centerline C++
             _LT_TAGVAR(archive_cmds_need_lc,$1)=yes
 	    _LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
@@ -6194,7 +6739,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    esac
 	    _LT_TAGVAR(link_all_deplibs, $1)=yes
 
-	    output_verbose_link_cmd='echo'
+	    output_verbose_link_cmd='func_echo_all'
 
 	    # Archives containing C++ object files must be created using
 	    # "CC -xar", where "CC" is the Sun C++ compiler.  This is
@@ -6214,14 +6759,14 @@ if test "$_lt_caught_CXX_error" != yes; then
 	    if test "$GXX" = yes && test "$with_gnu_ld" = no; then
 	      _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs'
 	      if $CC --version | $GREP -v '^2\.7' > /dev/null; then
-	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
+	        _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib'
 	        _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~
-		  $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
+		  $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp'
 
 	        # Commands to make compiler produce verbose output that lists
 	        # what "hidden" libraries, object files and flags are used when
 	        # linking a shared library.
-	        output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+	        output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
 	      else
 	        # g++ 2.7 appears to require `-G' NOT `-shared' on this
 	        # platform.
@@ -6232,7 +6777,7 @@ if test "$_lt_caught_CXX_error" != yes; then
 	        # Commands to make compiler produce verbose output that lists
 	        # what "hidden" libraries, object files and flags are used when
 	        # linking a shared library.
-	        output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+	        output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
 	      fi
 
 	      _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
@@ -6286,6 +6831,10 @@ if test "$_lt_caught_CXX_error" != yes; then
           CC*)
 	    _LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
 	    _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+	    _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~
+	      '"$_LT_TAGVAR(old_archive_cmds, $1)"
+	    _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~
+	      '"$_LT_TAGVAR(reload_cmds, $1)"
 	    ;;
 	  *)
 	    _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
@@ -6341,6 +6890,7 @@ if test "$_lt_caught_CXX_error" != yes; then
   fi # test -n "$compiler"
 
   CC=$lt_save_CC
+  CFLAGS=$lt_save_CFLAGS
   LDCXX=$LD
   LD=$lt_save_LD
   GCC=$lt_save_GCC
@@ -6355,6 +6905,29 @@ AC_LANG_POP
 ])# _LT_LANG_CXX_CONFIG
 
 
+# _LT_FUNC_STRIPNAME_CNF
+# ----------------------
+# func_stripname_cnf prefix suffix name
+# strip PREFIX and SUFFIX off of NAME.
+# PREFIX and SUFFIX must not contain globbing or regex special
+# characters, hashes, percent signs, but SUFFIX may contain a leading
+# dot (in which case that matches only a dot).
+#
+# This function is identical to the (non-XSI) version of func_stripname,
+# except this one can be used by m4 code that may be executed by configure,
+# rather than the libtool script.
+m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl
+AC_REQUIRE([_LT_DECL_SED])
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])
+func_stripname_cnf ()
+{
+  case ${2} in
+  .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+  *)  func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
+  esac
+} # func_stripname_cnf
+])# _LT_FUNC_STRIPNAME_CNF
+
 # _LT_SYS_HIDDEN_LIBDEPS([TAGNAME])
 # ---------------------------------
 # Figure out "hidden" library dependencies from verbose
@@ -6363,6 +6936,7 @@ AC_LANG_POP
 # objects, libraries and library flags.
 m4_defun([_LT_SYS_HIDDEN_LIBDEPS],
 [m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl
 # Dependencies to place before and after the object being linked:
 _LT_TAGVAR(predep_objects, $1)=
 _LT_TAGVAR(postdep_objects, $1)=
@@ -6412,7 +6986,20 @@ public class foo {
   }
 };
 _LT_EOF
+], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF
+package foo
+func foo() {
+}
+_LT_EOF
 ])
+
+_lt_libdeps_save_CFLAGS=$CFLAGS
+case "$CC $CFLAGS " in #(
+*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;;
+*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;;
+*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;;
+esac
+
 dnl Parse the compiler output and extract the necessary
 dnl objects, libraries and library flags.
 if AC_TRY_EVAL(ac_compile); then
@@ -6424,7 +7011,7 @@ if AC_TRY_EVAL(ac_compile); then
   pre_test_object_deps_done=no
 
   for p in `eval "$output_verbose_link_cmd"`; do
-    case $p in
+    case ${prev}${p} in
 
     -L* | -R* | -l*)
        # Some compilers place space between "-{L,R}" and the path.
@@ -6433,13 +7020,22 @@ if AC_TRY_EVAL(ac_compile); then
           test $p = "-R"; then
 	 prev=$p
 	 continue
-       else
-	 prev=
        fi
 
+       # Expand the sysroot to ease extracting the directories later.
+       if test -z "$prev"; then
+         case $p in
+         -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;;
+         -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;;
+         -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;;
+         esac
+       fi
+       case $p in
+       =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;;
+       esac
        if test "$pre_test_object_deps_done" = no; then
-	 case $p in
-	 -L* | -R*)
+	 case ${prev} in
+	 -L | -R)
 	   # Internal compiler library paths should come after those
 	   # provided the user.  The postdeps already come after the
 	   # user supplied libs so there is no need to process them.
@@ -6459,8 +7055,10 @@ if AC_TRY_EVAL(ac_compile); then
 	   _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}"
 	 fi
        fi
+       prev=
        ;;
 
+    *.lto.$objext) ;; # Ignore GCC LTO objects
     *.$objext)
        # This assumes that the test object file only shows up
        # once in the compiler output.
@@ -6496,6 +7094,7 @@ else
 fi
 
 $RM -f confest.$objext
+CFLAGS=$_lt_libdeps_save_CFLAGS
 
 # PORTME: override above test on systems where it is broken
 m4_if([$1], [CXX],
@@ -6532,7 +7131,7 @@ linux*)
 
 solaris*)
   case $cc_basename in
-  CC*)
+  CC* | sunCC*)
     # The more standards-conforming stlport4 library is
     # incompatible with the Cstd library. Avoid specifying
     # it if it's in CXXFLAGS. Ignore libCrun as
@@ -6576,32 +7175,16 @@ _LT_TAGDECL([], [compiler_lib_search_path], [1],
 ])# _LT_SYS_HIDDEN_LIBDEPS
 
 
-# _LT_PROG_F77
-# ------------
-# Since AC_PROG_F77 is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_F77],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_F77=yes])
-AC_PROG_F77
-if test -z "$F77" || test "X$F77" = "Xno"; then
-  _lt_disable_F77=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_F77
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_F77], [])
-
-
 # _LT_LANG_F77_CONFIG([TAG])
 # --------------------------
 # Ensure that the configuration variables for a Fortran 77 compiler are
 # suitably defined.  These variables are subsequently used by _LT_CONFIG
 # to write the compiler configuration to `libtool'.
 m4_defun([_LT_LANG_F77_CONFIG],
-[AC_REQUIRE([_LT_PROG_F77])dnl
-AC_LANG_PUSH(Fortran 77)
+[AC_LANG_PUSH(Fortran 77)
+if test -z "$F77" || test "X$F77" = "Xno"; then
+  _lt_disable_F77=yes
+fi
 
 _LT_TAGVAR(archive_cmds_need_lc, $1)=no
 _LT_TAGVAR(allow_undefined_flag, $1)=
@@ -6611,7 +7194,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
 _LT_TAGVAR(hardcode_direct, $1)=no
 _LT_TAGVAR(hardcode_direct_absolute, $1)=no
 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
 _LT_TAGVAR(hardcode_libdir_separator, $1)=
 _LT_TAGVAR(hardcode_minus_L, $1)=no
 _LT_TAGVAR(hardcode_automatic, $1)=no
@@ -6620,6 +7202,8 @@ _LT_TAGVAR(module_cmds, $1)=
 _LT_TAGVAR(module_expsym_cmds, $1)=
 _LT_TAGVAR(link_all_deplibs, $1)=unknown
 _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
 _LT_TAGVAR(no_undefined_flag, $1)=
 _LT_TAGVAR(whole_archive_flag_spec, $1)=
 _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
@@ -6659,7 +7243,9 @@ if test "$_lt_disable_F77" != yes; then
   # Allow CC to be a program name with arguments.
   lt_save_CC="$CC"
   lt_save_GCC=$GCC
+  lt_save_CFLAGS=$CFLAGS
   CC=${F77-"f77"}
+  CFLAGS=$FFLAGS
   compiler=$CC
   _LT_TAGVAR(compiler, $1)=$CC
   _LT_CC_BASENAME([$compiler])
@@ -6713,38 +7299,24 @@ if test "$_lt_disable_F77" != yes; then
 
   GCC=$lt_save_GCC
   CC="$lt_save_CC"
+  CFLAGS="$lt_save_CFLAGS"
 fi # test "$_lt_disable_F77" != yes
 
 AC_LANG_POP
 ])# _LT_LANG_F77_CONFIG
 
 
-# _LT_PROG_FC
-# -----------
-# Since AC_PROG_FC is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_FC],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_FC=yes])
-AC_PROG_FC
-if test -z "$FC" || test "X$FC" = "Xno"; then
-  _lt_disable_FC=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_FC
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_FC], [])
-
-
 # _LT_LANG_FC_CONFIG([TAG])
 # -------------------------
 # Ensure that the configuration variables for a Fortran compiler are
 # suitably defined.  These variables are subsequently used by _LT_CONFIG
 # to write the compiler configuration to `libtool'.
 m4_defun([_LT_LANG_FC_CONFIG],
-[AC_REQUIRE([_LT_PROG_FC])dnl
-AC_LANG_PUSH(Fortran)
+[AC_LANG_PUSH(Fortran)
+
+if test -z "$FC" || test "X$FC" = "Xno"; then
+  _lt_disable_FC=yes
+fi
 
 _LT_TAGVAR(archive_cmds_need_lc, $1)=no
 _LT_TAGVAR(allow_undefined_flag, $1)=
@@ -6754,7 +7326,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)=
 _LT_TAGVAR(hardcode_direct, $1)=no
 _LT_TAGVAR(hardcode_direct_absolute, $1)=no
 _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
-_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)=
 _LT_TAGVAR(hardcode_libdir_separator, $1)=
 _LT_TAGVAR(hardcode_minus_L, $1)=no
 _LT_TAGVAR(hardcode_automatic, $1)=no
@@ -6763,6 +7334,8 @@ _LT_TAGVAR(module_cmds, $1)=
 _LT_TAGVAR(module_expsym_cmds, $1)=
 _LT_TAGVAR(link_all_deplibs, $1)=unknown
 _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
 _LT_TAGVAR(no_undefined_flag, $1)=
 _LT_TAGVAR(whole_archive_flag_spec, $1)=
 _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
@@ -6802,7 +7375,9 @@ if test "$_lt_disable_FC" != yes; then
   # Allow CC to be a program name with arguments.
   lt_save_CC="$CC"
   lt_save_GCC=$GCC
+  lt_save_CFLAGS=$CFLAGS
   CC=${FC-"f95"}
+  CFLAGS=$FCFLAGS
   compiler=$CC
   GCC=$ac_cv_fc_compiler_gnu
 
@@ -6858,7 +7433,8 @@ if test "$_lt_disable_FC" != yes; then
   fi # test -n "$compiler"
 
   GCC=$lt_save_GCC
-  CC="$lt_save_CC"
+  CC=$lt_save_CC
+  CFLAGS=$lt_save_CFLAGS
 fi # test "$_lt_disable_FC" != yes
 
 AC_LANG_POP
@@ -6895,10 +7471,12 @@ _LT_COMPILER_BOILERPLATE
 _LT_LINKER_BOILERPLATE
 
 # Allow CC to be a program name with arguments.
-lt_save_CC="$CC"
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
 lt_save_GCC=$GCC
 GCC=yes
 CC=${GCJ-"gcj"}
+CFLAGS=$GCJFLAGS
 compiler=$CC
 _LT_TAGVAR(compiler, $1)=$CC
 _LT_TAGVAR(LD, $1)="$LD"
@@ -6908,6 +7486,8 @@ _LT_CC_BASENAME([$compiler])
 _LT_TAGVAR(archive_cmds_need_lc, $1)=no
 
 _LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
 
 ## CAVEAT EMPTOR:
 ## There is no encapsulation within the following macros, do not change
@@ -6927,10 +7507,82 @@ fi
 AC_LANG_RESTORE
 
 GCC=$lt_save_GCC
-CC="$lt_save_CC"
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
 ])# _LT_LANG_GCJ_CONFIG
 
 
+# _LT_LANG_GO_CONFIG([TAG])
+# --------------------------
+# Ensure that the configuration variables for the GNU Go compiler
+# are suitably defined.  These variables are subsequently used by _LT_CONFIG
+# to write the compiler configuration to `libtool'.
+m4_defun([_LT_LANG_GO_CONFIG],
+[AC_REQUIRE([LT_PROG_GO])dnl
+AC_LANG_SAVE
+
+# Source file extension for Go test sources.
+ac_ext=go
+
+# Object file extension for compiled Go test sources.
+objext=o
+_LT_TAGVAR(objext, $1)=$objext
+
+# Code to be used in simple compile tests
+lt_simple_compile_test_code="package main; func main() { }"
+
+# Code to be used in simple link tests
+lt_simple_link_test_code='package main; func main() { }'
+
+# ltmain only uses $CC for tagged configurations so make sure $CC is set.
+_LT_TAG_COMPILER
+
+# save warnings/boilerplate of simple test code
+_LT_COMPILER_BOILERPLATE
+_LT_LINKER_BOILERPLATE
+
+# Allow CC to be a program name with arguments.
+lt_save_CC=$CC
+lt_save_CFLAGS=$CFLAGS
+lt_save_GCC=$GCC
+GCC=yes
+CC=${GOC-"gccgo"}
+CFLAGS=$GOFLAGS
+compiler=$CC
+_LT_TAGVAR(compiler, $1)=$CC
+_LT_TAGVAR(LD, $1)="$LD"
+_LT_CC_BASENAME([$compiler])
+
+# Go did not exist at the time GCC didn't implicitly link libc in.
+_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+
+_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
+
+## CAVEAT EMPTOR:
+## There is no encapsulation within the following macros, do not change
+## the running order or otherwise move them around unless you know exactly
+## what you are doing...
+if test -n "$compiler"; then
+  _LT_COMPILER_NO_RTTI($1)
+  _LT_COMPILER_PIC($1)
+  _LT_COMPILER_C_O($1)
+  _LT_COMPILER_FILE_LOCKS($1)
+  _LT_LINKER_SHLIBS($1)
+  _LT_LINKER_HARDCODE_LIBPATH($1)
+
+  _LT_CONFIG($1)
+fi
+
+AC_LANG_RESTORE
+
+GCC=$lt_save_GCC
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
+])# _LT_LANG_GO_CONFIG
+
+
 # _LT_LANG_RC_CONFIG([TAG])
 # -------------------------
 # Ensure that the configuration variables for the Windows resource compiler
@@ -6962,9 +7614,11 @@ _LT_LINKER_BOILERPLATE
 
 # Allow CC to be a program name with arguments.
 lt_save_CC="$CC"
+lt_save_CFLAGS=$CFLAGS
 lt_save_GCC=$GCC
 GCC=
 CC=${RC-"windres"}
+CFLAGS=
 compiler=$CC
 _LT_TAGVAR(compiler, $1)=$CC
 _LT_CC_BASENAME([$compiler])
@@ -6977,7 +7631,8 @@ fi
 
 GCC=$lt_save_GCC
 AC_LANG_RESTORE
-CC="$lt_save_CC"
+CC=$lt_save_CC
+CFLAGS=$lt_save_CFLAGS
 ])# _LT_LANG_RC_CONFIG
 
 
@@ -6997,6 +7652,13 @@ dnl aclocal-1.4 backwards compatibility:
 dnl AC_DEFUN([LT_AC_PROG_GCJ], [])
 
 
+# LT_PROG_GO
+# ----------
+AC_DEFUN([LT_PROG_GO],
+[AC_CHECK_TOOL(GOC, gccgo,)
+])
+
+
 # LT_PROG_RC
 # ----------
 AC_DEFUN([LT_PROG_RC],
@@ -7036,6 +7698,15 @@ _LT_DECL([], [OBJDUMP], [1], [An object symbol dumper])
 AC_SUBST([OBJDUMP])
 ])
 
+# _LT_DECL_DLLTOOL
+# ----------------
+# Ensure DLLTOOL variable is set.
+m4_defun([_LT_DECL_DLLTOOL],
+[AC_CHECK_TOOL(DLLTOOL, dlltool, false)
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])
+AC_SUBST([DLLTOOL])
+])
 
 # _LT_DECL_SED
 # ------------
@@ -7129,8 +7800,8 @@ m4_defun([_LT_CHECK_SHELL_FEATURES],
 # Try some XSI features
 xsi_shell=no
 ( _lt_dummy="a/b/c"
-  test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \
-      = c,a/b,, \
+  test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \
+      = c,a/b,b/c, \
     && eval 'test $(( 1 + 1 )) -eq 2 \
     && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \
   && xsi_shell=yes
@@ -7169,208 +7840,162 @@ _LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl
 ])# _LT_CHECK_SHELL_FEATURES
 
 
-# _LT_PROG_XSI_SHELLFNS
-# ---------------------
-# Bourne and XSI compatible variants of some useful shell functions.
-m4_defun([_LT_PROG_XSI_SHELLFNS],
-[case $xsi_shell in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-}
-
-# func_basename file
-func_basename ()
-{
-  func_basename_result="${1##*/}"
-}
-
-# func_dirname_and_basename file append nondir_replacement
-# perform func_basename and func_dirname in a single function
-# call:
-#   dirname:  Compute the dirname of FILE.  If nonempty,
-#             add APPEND to the result, otherwise set result
-#             to NONDIR_REPLACEMENT.
-#             value returned in "$func_dirname_result"
-#   basename: Compute filename of FILE.
-#             value retuned in "$func_basename_result"
-# Implementation must be kept synchronized with func_dirname
-# and func_basename. For efficiency, we do not delegate to
-# those functions but instead duplicate the functionality here.
-func_dirname_and_basename ()
-{
-  case ${1} in
-    */*) func_dirname_result="${1%/*}${2}" ;;
-    *  ) func_dirname_result="${3}" ;;
-  esac
-  func_basename_result="${1##*/}"
-}
-
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-func_stripname ()
-{
-  # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
-  # positional parameters, so assign one to ordinary parameter first.
-  func_stripname_result=${3}
-  func_stripname_result=${func_stripname_result#"${1}"}
-  func_stripname_result=${func_stripname_result%"${2}"}
-}
-
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=${1%%=*}
-  func_opt_split_arg=${1#*=}
-}
-
-# func_lo2o object
-func_lo2o ()
-{
-  case ${1} in
-    *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
-    *)    func_lo2o_result=${1} ;;
-  esac
-}
-
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=${1%.*}.lo
-}
-
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=$(( $[*] ))
-}
-
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=${#1}
-}
+# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY)
+# ------------------------------------------------------
+# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and
+# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY.
+m4_defun([_LT_PROG_FUNCTION_REPLACE],
+[dnl {
+sed -e '/^$1 ()$/,/^} # $1 /c\
+$1 ()\
+{\
+m4_bpatsubsts([$2], [$], [\\], [^\([	 ]\)], [\\\1])
+} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \
+  && mv -f "$cfgfile.tmp" "$cfgfile" \
+    || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+test 0 -eq $? || _lt_function_replace_fail=:
+])
 
-_LT_EOF
-    ;;
-  *) # Bourne compatible functions.
-    cat << \_LT_EOF >> "$cfgfile"
 
-# func_dirname file append nondir_replacement
-# Compute the dirname of FILE.  If nonempty, add APPEND to the result,
-# otherwise set result to NONDIR_REPLACEMENT.
-func_dirname ()
-{
-  # Extract subdirectory from the argument.
-  func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
-  if test "X$func_dirname_result" = "X${1}"; then
-    func_dirname_result="${3}"
-  else
-    func_dirname_result="$func_dirname_result${2}"
-  fi
-}
+# _LT_PROG_REPLACE_SHELLFNS
+# -------------------------
+# Replace existing portable implementations of several shell functions with
+# equivalent extended shell implementations where those features are available..
+m4_defun([_LT_PROG_REPLACE_SHELLFNS],
+[if test x"$xsi_shell" = xyes; then
+  _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl
+    case ${1} in
+      */*) func_dirname_result="${1%/*}${2}" ;;
+      *  ) func_dirname_result="${3}" ;;
+    esac])
+
+  _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl
+    func_basename_result="${1##*/}"])
+
+  _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl
+    case ${1} in
+      */*) func_dirname_result="${1%/*}${2}" ;;
+      *  ) func_dirname_result="${3}" ;;
+    esac
+    func_basename_result="${1##*/}"])
 
-# func_basename file
-func_basename ()
-{
-  func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
-}
+  _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl
+    # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are
+    # positional parameters, so assign one to ordinary parameter first.
+    func_stripname_result=${3}
+    func_stripname_result=${func_stripname_result#"${1}"}
+    func_stripname_result=${func_stripname_result%"${2}"}])
 
-dnl func_dirname_and_basename
-dnl A portable version of this function is already defined in general.m4sh
-dnl so there is no need for it here.
+  _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl
+    func_split_long_opt_name=${1%%=*}
+    func_split_long_opt_arg=${1#*=}])
 
-# func_stripname prefix suffix name
-# strip PREFIX and SUFFIX off of NAME.
-# PREFIX and SUFFIX must not contain globbing or regex special
-# characters, hashes, percent signs, but SUFFIX may contain a leading
-# dot (in which case that matches only a dot).
-# func_strip_suffix prefix name
-func_stripname ()
-{
-  case ${2} in
-    .*) func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%\\\\${2}\$%%"`;;
-    *)  func_stripname_result=`$ECHO "X${3}" \
-           | $Xsed -e "s%^${1}%%" -e "s%${2}\$%%"`;;
-  esac
-}
+  _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl
+    func_split_short_opt_arg=${1#??}
+    func_split_short_opt_name=${1%"$func_split_short_opt_arg"}])
 
-# sed scripts:
-my_sed_long_opt='1s/^\(-[[^=]]*\)=.*/\1/;q'
-my_sed_long_arg='1s/^-[[^=]]*=//'
+  _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl
+    case ${1} in
+      *.lo) func_lo2o_result=${1%.lo}.${objext} ;;
+      *)    func_lo2o_result=${1} ;;
+    esac])
 
-# func_opt_split
-func_opt_split ()
-{
-  func_opt_split_opt=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_opt"`
-  func_opt_split_arg=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_arg"`
-}
+  _LT_PROG_FUNCTION_REPLACE([func_xform], [    func_xform_result=${1%.*}.lo])
 
-# func_lo2o object
-func_lo2o ()
-{
-  func_lo2o_result=`$ECHO "X${1}" | $Xsed -e "$lo2o"`
-}
+  _LT_PROG_FUNCTION_REPLACE([func_arith], [    func_arith_result=$(( $[*] ))])
 
-# func_xform libobj-or-source
-func_xform ()
-{
-  func_xform_result=`$ECHO "X${1}" | $Xsed -e 's/\.[[^.]]*$/.lo/'`
-}
+  _LT_PROG_FUNCTION_REPLACE([func_len], [    func_len_result=${#1}])
+fi
 
-# func_arith arithmetic-term...
-func_arith ()
-{
-  func_arith_result=`expr "$[@]"`
-}
+if test x"$lt_shell_append" = xyes; then
+  _LT_PROG_FUNCTION_REPLACE([func_append], [    eval "${1}+=\\${2}"])
 
-# func_len string
-# STRING may not start with a hyphen.
-func_len ()
-{
-  func_len_result=`expr "$[1]" : ".*" 2>/dev/null || echo $max_cmd_len`
-}
+  _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl
+    func_quote_for_eval "${2}"
+dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \
+    eval "${1}+=\\\\ \\$func_quote_for_eval_result"])
 
-_LT_EOF
-esac
+  # Save a `func_append' function call where possible by direct use of '+='
+  sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+else
+  # Save a `func_append' function call even when '+=' is not available
+  sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \
+    && mv -f "$cfgfile.tmp" "$cfgfile" \
+      || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp")
+  test 0 -eq $? || _lt_function_replace_fail=:
+fi
 
-case $lt_shell_append in
-  yes)
-    cat << \_LT_EOF >> "$cfgfile"
+if test x"$_lt_function_replace_fail" = x":"; then
+  AC_MSG_WARN([Unable to substitute extended shell functions in $ofile])
+fi
+])
 
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$[1]+=\$[2]"
-}
-_LT_EOF
+# _LT_PATH_CONVERSION_FUNCTIONS
+# -----------------------------
+# Determine which file name conversion functions should be used by
+# func_to_host_file (and, implicitly, by func_to_host_path).  These are needed
+# for certain cross-compile configurations and native mingw.
+m4_defun([_LT_PATH_CONVERSION_FUNCTIONS],
+[AC_REQUIRE([AC_CANONICAL_HOST])dnl
+AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_MSG_CHECKING([how to convert $build file names to $host format])
+AC_CACHE_VAL(lt_cv_to_host_file_cmd,
+[case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32
+        ;;
+    esac
     ;;
-  *)
-    cat << \_LT_EOF >> "$cfgfile"
-
-# func_append var value
-# Append VALUE to the end of shell variable VAR.
-func_append ()
-{
-  eval "$[1]=\$$[1]\$[2]"
-}
-
-_LT_EOF
+  *-*-cygwin* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin
+        ;;
+      *-*-cygwin* )
+        lt_cv_to_host_file_cmd=func_convert_file_noop
+        ;;
+      * ) # otherwise, assume *nix
+        lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin
+        ;;
+    esac
     ;;
-  esac
+  * ) # unhandled hosts (and "normal" native builds)
+    lt_cv_to_host_file_cmd=func_convert_file_noop
+    ;;
+esac
+])
+to_host_file_cmd=$lt_cv_to_host_file_cmd
+AC_MSG_RESULT([$lt_cv_to_host_file_cmd])
+_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd],
+         [0], [convert $build file names to $host format])dnl
+
+AC_MSG_CHECKING([how to convert $build file names to toolchain format])
+AC_CACHE_VAL(lt_cv_to_tool_file_cmd,
+[#assume ordinary cross tools, or native build.
+lt_cv_to_tool_file_cmd=func_convert_file_noop
+case $host in
+  *-*-mingw* )
+    case $build in
+      *-*-mingw* ) # actually msys
+        lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32
+        ;;
+    esac
+    ;;
+esac
 ])
+to_tool_file_cmd=$lt_cv_to_tool_file_cmd
+AC_MSG_RESULT([$lt_cv_to_tool_file_cmd])
+_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd],
+         [0], [convert $build files to toolchain format])dnl
+])# _LT_PATH_CONVERSION_FUNCTIONS
diff --git a/m4/ltoptions.m4 b/m4/ltoptions.m4
index 34151a3b..5d9acd8e 100644
--- a/m4/ltoptions.m4
+++ b/m4/ltoptions.m4
@@ -1,13 +1,14 @@
 # Helper functions for option handling.                    -*- Autoconf -*-
 #
-#   Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
+#   Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation,
+#   Inc.
 #   Written by Gary V. Vaughan, 2004
 #
 # This file is free software; the Free Software Foundation gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
 
-# serial 6 ltoptions.m4
+# serial 7 ltoptions.m4
 
 # This is to help aclocal find these macros, as it can't see m4_define.
 AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
@@ -125,7 +126,7 @@ LT_OPTION_DEFINE([LT_INIT], [win32-dll],
 [enable_win32_dll=yes
 
 case $host in
-*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-cegcc*)
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
   AC_CHECK_TOOL(AS, as, false)
   AC_CHECK_TOOL(DLLTOOL, dlltool, false)
   AC_CHECK_TOOL(OBJDUMP, objdump, false)
@@ -133,13 +134,13 @@ case $host in
 esac
 
 test -z "$AS" && AS=as
-_LT_DECL([], [AS],      [0], [Assembler program])dnl
+_LT_DECL([], [AS],      [1], [Assembler program])dnl
 
 test -z "$DLLTOOL" && DLLTOOL=dlltool
-_LT_DECL([], [DLLTOOL], [0], [DLL creation program])dnl
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl
 
 test -z "$OBJDUMP" && OBJDUMP=objdump
-_LT_DECL([], [OBJDUMP], [0], [Object dumper program])dnl
+_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl
 ])# win32-dll
 
 AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
@@ -325,9 +326,24 @@ dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], [])
 # MODE is either `yes' or `no'.  If omitted, it defaults to `both'.
 m4_define([_LT_WITH_PIC],
 [AC_ARG_WITH([pic],
-    [AS_HELP_STRING([--with-pic],
+    [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@],
 	[try to use only PIC/non-PIC objects @<:@default=use both@:>@])],
-    [pic_mode="$withval"],
+    [lt_p=${PACKAGE-default}
+    case $withval in
+    yes|no) pic_mode=$withval ;;
+    *)
+      pic_mode=default
+      # Look at the argument we got.  We use all the common list separators.
+      lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR,"
+      for lt_pkg in $withval; do
+	IFS="$lt_save_ifs"
+	if test "X$lt_pkg" = "X$lt_p"; then
+	  pic_mode=yes
+	fi
+      done
+      IFS="$lt_save_ifs"
+      ;;
+    esac],
     [pic_mode=default])
 
 test -z "$pic_mode" && pic_mode=m4_default([$1], [default])
diff --git a/m4/ltversion.m4 b/m4/ltversion.m4
index b8e154fe..07a8602d 100644
--- a/m4/ltversion.m4
+++ b/m4/ltversion.m4
@@ -7,17 +7,17 @@
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
 
-# Generated from ltversion.in.
+# @configure_input@
 
-# serial 3012 ltversion.m4
+# serial 3337 ltversion.m4
 # This file is part of GNU Libtool
 
-m4_define([LT_PACKAGE_VERSION], [2.2.6])
-m4_define([LT_PACKAGE_REVISION], [1.3012])
+m4_define([LT_PACKAGE_VERSION], [2.4.2])
+m4_define([LT_PACKAGE_REVISION], [1.3337])
 
 AC_DEFUN([LTVERSION_VERSION],
-[macro_version='2.2.6'
-macro_revision='1.3012'
+[macro_version='2.4.2'
+macro_revision='1.3337'
 _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
 _LT_DECL(, macro_revision, 0)
 ])
diff --git a/m4/lt~obsolete.m4 b/m4/lt~obsolete.m4
index 637bb206..c573da90 100644
--- a/m4/lt~obsolete.m4
+++ b/m4/lt~obsolete.m4
@@ -1,13 +1,13 @@
 # lt~obsolete.m4 -- aclocal satisfying obsolete definitions.    -*-Autoconf-*-
 #
-#   Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc.
+#   Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc.
 #   Written by Scott James Remnant, 2004.
 #
 # This file is free software; the Free Software Foundation gives
 # unlimited permission to copy and/or distribute it, with or without
 # modifications, as long as this notice is preserved.
 
-# serial 4 lt~obsolete.m4
+# serial 5 lt~obsolete.m4
 
 # These exist entirely to fool aclocal when bootstrapping libtool.
 #
@@ -77,7 +77,6 @@ m4_ifndef([AC_DISABLE_FAST_INSTALL],	[AC_DEFUN([AC_DISABLE_FAST_INSTALL])])
 m4_ifndef([_LT_AC_LANG_CXX],		[AC_DEFUN([_LT_AC_LANG_CXX])])
 m4_ifndef([_LT_AC_LANG_F77],		[AC_DEFUN([_LT_AC_LANG_F77])])
 m4_ifndef([_LT_AC_LANG_GCJ],		[AC_DEFUN([_LT_AC_LANG_GCJ])])
-m4_ifndef([AC_LIBTOOL_RC],		[AC_DEFUN([AC_LIBTOOL_RC])])
 m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
 m4_ifndef([_LT_AC_LANG_C_CONFIG],	[AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
 m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
@@ -90,3 +89,10 @@ m4_ifndef([AC_LIBTOOL_LANG_RC_CONFIG],	[AC_DEFUN([AC_LIBTOOL_LANG_RC_CONFIG])])
 m4_ifndef([_LT_AC_LANG_RC_CONFIG],	[AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
 m4_ifndef([AC_LIBTOOL_CONFIG],		[AC_DEFUN([AC_LIBTOOL_CONFIG])])
 m4_ifndef([_LT_AC_FILE_LTDLL_C],	[AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
+m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS],	[AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])])
+m4_ifndef([_LT_AC_PROG_CXXCPP],		[AC_DEFUN([_LT_AC_PROG_CXXCPP])])
+m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS],	[AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])])
+m4_ifndef([_LT_PROG_ECHO_BACKSLASH],	[AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_PROG_F77],		[AC_DEFUN([_LT_PROG_F77])])
+m4_ifndef([_LT_PROG_FC],		[AC_DEFUN([_LT_PROG_FC])])
+m4_ifndef([_LT_PROG_CXX],		[AC_DEFUN([_LT_PROG_CXX])])
diff --git a/man/Makefile.in b/man/Makefile.in
index e772287c..2f4c529c 100644
--- a/man/Makefile.in
+++ b/man/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -36,13 +36,22 @@ host_triplet = @host@
 subdir = man
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 SOURCES =
 DIST_SOURCES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -66,6 +75,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 man1dir = $(mandir)/man1
 am__installdirs = "$(DESTDIR)$(man1dir)"
 NROFF = nroff
@@ -73,6 +88,7 @@ MANS = $(man_MANS)
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -87,6 +103,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -95,6 +112,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -125,6 +146,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -156,8 +178,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -165,7 +189,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -184,6 +207,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -193,6 +218,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -228,6 +254,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -260,7 +287,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -364,9 +390,7 @@ uninstall-man1:
 	  sed -n '/\.1[a-z]*$$/p'; \
 	} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \
 	      -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
-	test -z "$$files" || { \
-	  echo " ( cd '$(DESTDIR)$(man1dir)' && rm -f" $$files ")"; \
-	  cd "$(DESTDIR)$(man1dir)" && rm -f $$files; }
+	dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir)
 tags: TAGS
 TAGS:
 
@@ -434,10 +458,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/man/xmlsec1-config.1 b/man/xmlsec1-config.1
index 012a85ff..f79fcd0a 100644
--- a/man/xmlsec1-config.1
+++ b/man/xmlsec1-config.1
@@ -1,5 +1,5 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH XMLSEC1-CONFIG "1" "December 2009" "xmlsec1-config 1.2.14" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.40.4.
+.TH XMLSEC1-CONFIG "1" "March 2013" "xmlsec1-config 1.2.19" "User Commands"
 .SH NAME
 xmlsec1-config \- detail installed version of xmlsec library
 .SH SYNOPSIS
@@ -31,4 +31,4 @@ output version information
 .TP
 \fB\-\-crypto\fR=\fILIB\fR
 configure with XMLSEC crypto library (one of the
-following: none default openssl gnutls nss)
+following: none default openssl nss gnutls gcrypt)
diff --git a/man/xmlsec1.1 b/man/xmlsec1.1
index a920497f..37fc834f 100644
--- a/man/xmlsec1.1
+++ b/man/xmlsec1.1
@@ -1,5 +1,5 @@
-.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.36.
-.TH XMLSEC1 "1" "December 2009" "xmlsec1 1.2.14 (openssl)" "User Commands"
+.\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.40.4.
+.TH XMLSEC1 "1" "March 2013" "xmlsec1 1.2.19 (openssl)" "User Commands"
 .SH NAME
 xmlsec1 \- sign, verify, encrypt and decrypt XML documents
 .SH SYNOPSIS
@@ -237,7 +237,7 @@ skip strict checking of X509 data
 \fB\-\-crypto\fR <name>
 .IP
 the name of the crypto engine to use from the following
-list: openssl, gnutls, nss, mscrypto (if no crypto engine is
+list: openssl, mscrypto, nss, gnutls, gcrypt (if no crypto engine is
 specified then the default one is used)
 .HP
 \fB\-\-crypto\-config\fR <path>
@@ -264,6 +264,6 @@ Written by Aleksey Sanin <aleksey@aleksey.com>.
 .SH "REPORTING BUGS"
 Report bugs to http://www.aleksey.com/xmlsec/bugs.html
 .SH COPYRIGHT
-Copyright \(co 2002-2003 Aleksey Sanin.
+Copyright \(co 2002\-2003 Aleksey Sanin.
 .br
 This is free software: see the source for copying information.
diff --git a/missing b/missing
index 6a37006e..86a8fc31 100755
--- a/missing
+++ b/missing
@@ -1,6 +1,10 @@
 #! /bin/sh
 # Common stub for a few missing GNU programs while installing.
-# Copyright (C) 1996, 1997, 1999, 2000, 2002 Free Software Foundation, Inc.
+
+scriptversion=2012-01-06.13; # UTC
+
+# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
+# 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc.
 # Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
 
 # This program is free software; you can redistribute it and/or modify
@@ -14,9 +18,7 @@
 # GNU General Public License for more details.
 
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
-# 02111-1307, USA.
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -29,6 +31,8 @@ if test $# -eq 0; then
 fi
 
 run=:
+sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p'
+sed_minuso='s/.* -o \([^ ]*\).*/\1/p'
 
 # In the cases where this matters, `missing' is being run in the
 # srcdir already.
@@ -38,18 +42,24 @@ else
   configure_ac=configure.in
 fi
 
-case "$1" in
+msg="missing on your system"
+
+case $1 in
 --run)
   # Try to run requested program, and just exit if it succeeds.
   run=
   shift
   "$@" && exit 0
+  # Exit code 63 means version mismatch.  This often happens
+  # when the user try to use an ancient version of a tool on
+  # a file that requires a minimum version.  In this case we
+  # we should proceed has if the program had been absent, or
+  # if --run hadn't been passed.
+  if test $? = 63; then
+    run=:
+    msg="probably too old"
+  fi
   ;;
-esac
-
-# If it does not exist, or fails to run (possibly an outdated version),
-# try to emulate it.
-case "$1" in
 
   -h|--h|--he|--hel|--help)
     echo "\
@@ -67,18 +77,25 @@ Supported PROGRAM values:
   aclocal      touch file \`aclocal.m4'
   autoconf     touch file \`configure'
   autoheader   touch file \`config.h.in'
+  autom4te     touch the output file, or create a stub one
   automake     touch all \`Makefile.in' files
   bison        create \`y.tab.[ch]', if possible, from existing .[ch]
   flex         create \`lex.yy.c', if possible, from existing .c
   help2man     touch the output file
   lex          create \`lex.yy.c', if possible, from existing .c
   makeinfo     touch the output file
-  tar          try tar, gnutar, gtar, then tar without non-portable flags
-  yacc         create \`y.tab.[ch]', if possible, from existing .[ch]"
+  yacc         create \`y.tab.[ch]', if possible, from existing .[ch]
+
+Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
+\`g' are ignored when checking the name.
+
+Send bug reports to <bug-automake@gnu.org>."
+    exit $?
     ;;
 
   -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
-    echo "missing 0.4 - GNU automake"
+    echo "missing $scriptversion (GNU Automake)"
+    exit $?
     ;;
 
   -*)
@@ -87,42 +104,60 @@ Supported PROGRAM values:
     exit 1
     ;;
 
-  aclocal*)
+esac
+
+# normalize program name to check for.
+program=`echo "$1" | sed '
+  s/^gnu-//; t
+  s/^gnu//; t
+  s/^g//; t'`
+
+# Now exit if we have it, but it failed.  Also exit now if we
+# don't have it and --version was passed (most likely to detect
+# the program).  This is about non-GNU programs, so use $1 not
+# $program.
+case $1 in
+  lex*|yacc*)
+    # Not GNU programs, they don't have --version.
+    ;;
+
+  *)
     if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
        # We have it, but it failed.
        exit 1
+    elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
+       # Could not run --version or --help.  This is probably someone
+       # running `$TOOL --version' or `$TOOL --help' to check whether
+       # $TOOL exists and not knowing $TOOL uses missing.
+       exit 1
     fi
+    ;;
+esac
 
+# If it does not exist, or fails to run (possibly an outdated version),
+# try to emulate it.
+case $program in
+  aclocal*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified \`acinclude.m4' or \`${configure_ac}'.  You might want
          to install the \`Automake' and \`Perl' packages.  Grab them from
          any GNU archive site."
     touch aclocal.m4
     ;;
 
-  autoconf)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    fi
-
+  autoconf*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified \`${configure_ac}'.  You might want to install the
          \`Autoconf' and \`GNU m4' packages.  Grab them from any GNU
          archive site."
     touch configure
     ;;
 
-  autoheader)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    fi
-
+  autoheader*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified \`acconfig.h' or \`${configure_ac}'.  You might want
          to install the \`Autoconf' and \`GNU m4' packages.  Grab them
          from any GNU archive site."
@@ -130,7 +165,7 @@ WARNING: \`$1' is missing on your system.  You should only need it if
     test -z "$files" && files="config.h"
     touch_files=
     for f in $files; do
-      case "$f" in
+      case $f in
       *:*) touch_files="$touch_files "`echo "$f" |
 				       sed -e 's/^[^:]*://' -e 's/:.*//'`;;
       *) touch_files="$touch_files $f.in";;
@@ -140,13 +175,8 @@ WARNING: \`$1' is missing on your system.  You should only need it if
     ;;
 
   automake*)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    fi
-
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
          You might want to install the \`Automake' and \`Perl' packages.
          Grab them from any GNU archive site."
@@ -155,21 +185,16 @@ WARNING: \`$1' is missing on your system.  You should only need it if
 	   while read f; do touch "$f"; done
     ;;
 
-  autom4te)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    fi
-
+  autom4te*)
     echo 1>&2 "\
-WARNING: \`$1' is needed, and you do not seem to have it handy on your
-         system.  You might have modified some files without having the
+WARNING: \`$1' is needed, but is $msg.
+         You might have modified some files without having the
          proper tools for further handling them.
-         You can get \`$1Help2man' as part of \`Autoconf' from any GNU
+         You can get \`$1' as part of \`Autoconf' from any GNU
          archive site."
 
-    file=`echo "$*" | sed -n 's/.*--output[ =]*\([^ ]*\).*/\1/p'`
-    test -z "$file" && file=`echo "$*" | sed -n 's/.*-o[ ]*\([^ ]*\).*/\1/p'`
+    file=`echo "$*" | sed -n "$sed_output"`
+    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
     if test -f "$file"; then
 	touch $file
     else
@@ -183,150 +208,112 @@ WARNING: \`$1' is needed, and you do not seem to have it handy on your
     fi
     ;;
 
-  bison|yacc)
+  bison*|yacc*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' $msg.  You should only need it if
          you modified a \`.y' file.  You may need the \`Bison' package
          in order for those modifications to take effect.  You can get
          \`Bison' from any GNU archive site."
     rm -f y.tab.c y.tab.h
-    if [ $# -ne 1 ]; then
-        eval LASTARG="\${$#}"
-	case "$LASTARG" in
+    if test $# -ne 1; then
+        eval LASTARG=\${$#}
+	case $LASTARG in
 	*.y)
 	    SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
-	    if [ -f "$SRCFILE" ]; then
+	    if test -f "$SRCFILE"; then
 	         cp "$SRCFILE" y.tab.c
 	    fi
 	    SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
-	    if [ -f "$SRCFILE" ]; then
+	    if test -f "$SRCFILE"; then
 	         cp "$SRCFILE" y.tab.h
 	    fi
 	  ;;
 	esac
     fi
-    if [ ! -f y.tab.h ]; then
+    if test ! -f y.tab.h; then
 	echo >y.tab.h
     fi
-    if [ ! -f y.tab.c ]; then
+    if test ! -f y.tab.c; then
 	echo 'main() { return 0; }' >y.tab.c
     fi
     ;;
 
-  lex|flex)
+  lex*|flex*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified a \`.l' file.  You may need the \`Flex' package
          in order for those modifications to take effect.  You can get
          \`Flex' from any GNU archive site."
     rm -f lex.yy.c
-    if [ $# -ne 1 ]; then
-        eval LASTARG="\${$#}"
-	case "$LASTARG" in
+    if test $# -ne 1; then
+        eval LASTARG=\${$#}
+	case $LASTARG in
 	*.l)
 	    SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
-	    if [ -f "$SRCFILE" ]; then
+	    if test -f "$SRCFILE"; then
 	         cp "$SRCFILE" lex.yy.c
 	    fi
 	  ;;
 	esac
     fi
-    if [ ! -f lex.yy.c ]; then
+    if test ! -f lex.yy.c; then
 	echo 'main() { return 0; }' >lex.yy.c
     fi
     ;;
 
-  help2man)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    fi
-
+  help2man*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
 	 you modified a dependency of a manual page.  You may need the
 	 \`Help2man' package in order for those modifications to take
 	 effect.  You can get \`Help2man' from any GNU archive site."
 
-    file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
-    if test -z "$file"; then
-	file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'`
-    fi
-    if [ -f "$file" ]; then
+    file=`echo "$*" | sed -n "$sed_output"`
+    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
+    if test -f "$file"; then
 	touch $file
     else
 	test -z "$file" || exec >$file
 	echo ".ab help2man is required to generate this page"
-	exit 1
+	exit $?
     fi
     ;;
 
-  makeinfo)
-    if test -z "$run" && (makeinfo --version) > /dev/null 2>&1; then
-       # We have makeinfo, but it failed.
-       exit 1
-    fi
-
+  makeinfo*)
     echo 1>&2 "\
-WARNING: \`$1' is missing on your system.  You should only need it if
+WARNING: \`$1' is $msg.  You should only need it if
          you modified a \`.texi' or \`.texinfo' file, or any other file
          indirectly affecting the aspect of the manual.  The spurious
          call might also be the consequence of using a buggy \`make' (AIX,
          DU, IRIX).  You might want to install the \`Texinfo' package or
          the \`GNU make' package.  Grab either from any GNU archive site."
-    file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+    # The file to touch is that specified with -o ...
+    file=`echo "$*" | sed -n "$sed_output"`
+    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
     if test -z "$file"; then
-      file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
-      file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file`
+      # ... or it is the one specified with @setfilename ...
+      infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
+      file=`sed -n '
+	/^@setfilename/{
+	  s/.* \([^ ]*\) *$/\1/
+	  p
+	  q
+	}' $infile`
+      # ... or it is derived from the source name (dir/f.texi becomes f.info)
+      test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info
     fi
+    # If the file does not exist, the user really needs makeinfo;
+    # let's fail without touching anything.
+    test -f $file || exit 1
     touch $file
     ;;
 
-  tar)
-    shift
-    if test -n "$run"; then
-      echo 1>&2 "ERROR: \`tar' requires --run"
-      exit 1
-    fi
-
-    # We have already tried tar in the generic part.
-    # Look for gnutar/gtar before invocation to avoid ugly error
-    # messages.
-    if (gnutar --version > /dev/null 2>&1); then
-       gnutar "$@" && exit 0
-    fi
-    if (gtar --version > /dev/null 2>&1); then
-       gtar "$@" && exit 0
-    fi
-    firstarg="$1"
-    if shift; then
-	case "$firstarg" in
-	*o*)
-	    firstarg=`echo "$firstarg" | sed s/o//`
-	    tar "$firstarg" "$@" && exit 0
-	    ;;
-	esac
-	case "$firstarg" in
-	*h*)
-	    firstarg=`echo "$firstarg" | sed s/h//`
-	    tar "$firstarg" "$@" && exit 0
-	    ;;
-	esac
-    fi
-
-    echo 1>&2 "\
-WARNING: I can't seem to be able to run \`tar' with the given arguments.
-         You may want to install GNU tar or Free paxutils, or check the
-         command line arguments."
-    exit 1
-    ;;
-
   *)
     echo 1>&2 "\
-WARNING: \`$1' is needed, and you do not seem to have it handy on your
-         system.  You might have modified some files without having the
+WARNING: \`$1' is needed, and is $msg.
+         You might have modified some files without having the
          proper tools for further handling them.  Check the \`README' file,
-         it often tells you about the needed prerequirements for installing
+         it often tells you about the needed prerequisites for installing
          this package.  You may also peek at any GNU archive site, in case
          some other package would contain this missing \`$1' program."
     exit 1
@@ -334,3 +321,11 @@ WARNING: \`$1' is needed, and you do not seem to have it handy on your
 esac
 
 exit 0
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "scriptversion="
+# time-stamp-format: "%:y-%02m-%02d.%02H"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
+# End:
diff --git a/mkinstalldirs b/mkinstalldirs
deleted file mode 100755
index d0fd194f..00000000
--- a/mkinstalldirs
+++ /dev/null
@@ -1,40 +0,0 @@
-#! /bin/sh
-# mkinstalldirs --- make directory hierarchy
-# Author: Noah Friedman <friedman@prep.ai.mit.edu>
-# Created: 1993-05-16
-# Public domain
-
-# $Id$
-
-errstatus=0
-
-for file
-do
-   set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
-   shift
-
-   pathcomp=
-   for d
-   do
-     pathcomp="$pathcomp$d"
-     case "$pathcomp" in
-       -* ) pathcomp=./$pathcomp ;;
-     esac
-
-     if test ! -d "$pathcomp"; then
-        echo "mkdir $pathcomp" 1>&2
-
-        mkdir "$pathcomp" || lasterr=$?
-
-        if test ! -d "$pathcomp"; then
-  	  errstatus=$lasterr
-        fi
-     fi
-
-     pathcomp="$pathcomp/"
-   done
-done
-
-exit $errstatus
-
-# mkinstalldirs ends here
diff --git a/scripts/build_release.sh b/scripts/build_release.sh
index dc4cdbfc..dc9edd0f 100755
--- a/scripts/build_release.sh
+++ b/scripts/build_release.sh
@@ -19,7 +19,9 @@ cd xmlsec
 find . -name ".git" | xargs rm -r
 
 ./autogen.sh --prefix=/usr --sysconfdir=/etc
-make rpm-release
+make tar-release
+# can't build rpm on ubuntu
+# make rpm-release
 
 tar_file=`ls xmlsec*.tar.gz`
 echo "Moving sources tar file to $rpm_root/SOURCES/$tar_file"
diff --git a/scripts/test_leaks.pl b/scripts/test_leaks.pl
deleted file mode 100755
index 1fbc7b9e..00000000
--- a/scripts/test_leaks.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/perl
-
-# Copyright (c) 2003 America Online, Inc.  All rights reserved.
-
-# A crude, simple script that looks at "loss record" (stacks) in valgrind 
-# output, and if the stack contains any of the funcs to ignore, then it 
-# skips that stack else the stack is printed.
-
-# syntax 
-#   test_leaks.pl <file containing funcs to ignore> <valgrind output file>
-
-
-$ignore_file = shift @ARGV;
-$valgrind_output = shift @ARGV;
-
-# gather funcs to ignore
-open(IN, "$ignore_file") || die "Unable to open file $ignore_file";
-$i=0;
-while(<IN>) {
-    chop;
-    $ignore[$i++] = $_;
-}
-close IN;
-
-# now walk through the valgrind output
-open(IN, "$valgrind_output") || die "Unable to open file $valgrind_output";
-while(<IN>) {
-    if (/==\d+==.*loss record.*\n/) {
-	$line=$_;
-	next;
-    } else {
-	if (/==\d+== \n/ && $line) {
-            $i=0;
-            $bad=0;
-            while ($ignore[$i]) {
-	        if ($line =~ /$ignore[$i]/) {
-                    #printf "STACK TO BE IGNORED : \n%s\n", $line;
-		    $bad=1;
-		    break;
-                }
-		$i++;
-	    }
-
-	    # if none of the patterns matched...
-	    if ($bad==0) {
-                printf "STACK TO EXAMINE: \n%s\n", $line;
-	    }
-
-	    undef $line;
-	    next;
-	}
-
-	if ($line) {
-	    $line=$line.$_;
-	}
-   
-   }
-}
-close IN;
-
diff --git a/src/Makefile.am b/src/Makefile.am
index e28bb5ed..3883ab6f 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -14,6 +14,7 @@ INCLUDES = \
 
 EXTRA_DIST = \
 	globals.h \
+	kw_aes_des.h \
 	skeleton \
 	mscrypto \
 	$(XMLSEC_CRYPTO_DISABLED_LIST) \
@@ -38,6 +39,7 @@ libxmlsec1_la_SOURCES = \
 	keys.c \
 	keysdata.c \
 	keysmngr.c \
+	kw_aes_des.c \
 	list.c \
 	membuf.c \
 	nodeset.c \
diff --git a/src/Makefile.in b/src/Makefile.in
index 56fb659d..c0d0157c 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -37,10 +37,13 @@ host_triplet = @host@
 subdir = src
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -65,6 +68,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 am__DEPENDENCIES_1 =
@@ -74,12 +83,15 @@ libxmlsec1_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
 am__objects_1 =
 am_libxmlsec1_la_OBJECTS = app.lo base64.lo bn.lo buffer.lo c14n.lo \
 	dl.lo enveloped.lo errors.lo io.lo keyinfo.lo keys.lo \
-	keysdata.lo keysmngr.lo list.lo membuf.lo nodeset.lo parser.lo \
-	soap.lo strings.lo templates.lo transforms.lo x509.lo xkms.lo \
-	xmldsig.lo xmlenc.lo xmlsec.lo xmltree.lo xpath.lo xslt.lo \
-	$(am__objects_1)
+	keysdata.lo keysmngr.lo kw_aes_des.lo list.lo membuf.lo \
+	nodeset.lo parser.lo soap.lo strings.lo templates.lo \
+	transforms.lo x509.lo xkms.lo xmldsig.lo xmlenc.lo xmlsec.lo \
+	xmltree.lo xpath.lo xslt.lo $(am__objects_1)
 libxmlsec1_la_OBJECTS = $(am_libxmlsec1_la_OBJECTS)
-libxmlsec1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 	$(libxmlsec1_la_LDFLAGS) $(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
@@ -88,13 +100,26 @@ am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(libxmlsec1_la_SOURCES)
 DIST_SOURCES = $(libxmlsec1_la_SOURCES)
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@@ -140,6 +165,7 @@ am__relativize = \
   reldir="$$dir2"
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -154,6 +180,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -162,6 +189,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -192,6 +223,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -223,8 +255,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -232,7 +266,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -251,6 +284,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -260,6 +295,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -295,6 +331,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -327,7 +364,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -357,6 +393,7 @@ INCLUDES = \
 
 EXTRA_DIST = \
 	globals.h \
+	kw_aes_des.h \
 	skeleton \
 	mscrypto \
 	$(XMLSEC_CRYPTO_DISABLED_LIST) \
@@ -381,6 +418,7 @@ libxmlsec1_la_SOURCES = \
 	keys.c \
 	keysdata.c \
 	keysmngr.c \
+	kw_aes_des.c \
 	list.c \
 	membuf.c \
 	nodeset.c \
@@ -475,8 +513,8 @@ clean-libLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libxmlsec1.la: $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_DEPENDENCIES) 
-	$(libxmlsec1_la_LINK) -rpath $(libdir) $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_LIBADD) $(LIBS)
+libxmlsec1.la: $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_DEPENDENCIES) $(EXTRA_libxmlsec1_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_la_LINK) -rpath $(libdir) $(libxmlsec1_la_OBJECTS) $(libxmlsec1_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -497,6 +535,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keys.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keysdata.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/keysmngr.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/kw_aes_des.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/membuf.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nodeset.Plo@am__quote@
@@ -515,25 +554,25 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xslt.Plo@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -548,7 +587,7 @@ clean-libtool:
 #     (which will cause the Makefiles to be regenerated when you run `make');
 # (2) otherwise, pass the desired values on the `make' command line.
 $(RECURSIVE_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -573,7 +612,7 @@ $(RECURSIVE_TARGETS):
 	fi; test -z "$$fail"
 
 $(RECURSIVE_CLEAN_TARGETS):
-	@failcom='exit 1'; \
+	@fail= failcom='exit 1'; \
 	for f in x $$MAKEFLAGS; do \
 	  case $$f in \
 	    *=* | --[!k]*);; \
@@ -752,10 +791,15 @@ install-am: all-am
 
 installcheck: installcheck-recursive
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/src/app.c b/src/app.c
index ca09f62c..55f54530 100644
--- a/src/app.c
+++ b/src/app.c
@@ -1,10 +1,10 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -29,7 +29,7 @@
 #include <xmlsec/private.h>
 #include <xmlsec/errors.h>
 
-			
+
 /******************************************************************************
  *
  * Crypto Init/shutdown
@@ -37,65 +37,65 @@
  *****************************************************************************/
 /**
  * xmlSecCryptoInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoInit(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoInit == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoInit",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoInit",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoInit());
 }
 
 /**
  * xmlSecCryptoShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoShutdown(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoShutdown == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoShutdown",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoShutdown",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoShutdown());
 }
 
 /**
  * xmlSecCryptoKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds crypto specific key data stores in keys manager.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoKeysMngrInit == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoKeysMngrInit",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoKeysMngrInit",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoKeysMngrInit(mngr));
 }
 
@@ -104,187 +104,210 @@ xmlSecCryptoKeysMngrInit(xmlSecKeysMngrPtr mngr) {
  * Key data ids
  *
  *****************************************************************************/
-/** 
+/**
  * xmlSecKeyDataAesGetKlass:
- * 
+ *
  * The AES key data klass.
  *
  * Returns: AES key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the AES key data
  * klass is not implemented).
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataAesGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataAesGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataAesId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataAesId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataAesGetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataDesGetKlass:
- * 
+ *
  * The DES key data klass.
  *
  * Returns: DES key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the DES key data
  * klass is not implemented).
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataDesGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataDesGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataDesId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataDesId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataDesGetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataDsaGetKlass:
- * 
+ *
  * The DSA key data klass.
  *
  * Returns: DSA key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the DSA key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataDsaGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataDsaGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataDsaId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataDsaId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataDsaGetKlass());
 }
 
-/** 
+/**
+ * xmlSecKeyDataEcdsaGetKlass:
+ *
+ * The ECDSA key data klass.
+ *
+ * Returns: ECDSA key data klass or NULL if an error occurs
+ * (xmlsec-crypto library is not loaded or the ECDSA key data
+ * klass is not implemented).
+ */
+xmlSecKeyDataId
+xmlSecKeyDataEcdsaGetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataEcdsaGetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataEcdsaId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecKeyDataIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->keyDataEcdsaGetKlass());
+}
+
+/**
  * xmlSecKeyDataGost2001GetKlass:
- * 
+ *
  * The GOST2001 key data klass.
  *
  * Returns: GOST2001 key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the GOST2001 key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataGost2001GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataGost2001GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataGost2001Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataGost2001Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataGost2001GetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataHmacGetKlass:
- * 
+ *
  * The HMAC key data klass.
  *
  * Returns: HMAC key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the HMAC key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataHmacGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataHmacGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataHmacId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataHmacId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataHmacGetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataRsaGetKlass:
- * 
+ *
  * The RSA key data klass.
  *
  * Returns: RSA key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the RSA key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataRsaGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataRsaGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataRsaId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataRsaId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataRsaGetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataX509GetKlass:
- * 
+ *
  * The X509 key data klass.
  *
  * Returns: X509 key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the X509 key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataX509GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataX509GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataX509Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataX509Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataX509GetKlass());
 }
 
-/** 
+/**
  * xmlSecKeyDataRawX509CertGetKlass:
- * 
+ *
  * The raw X509 cert key data klass.
  *
  * Returns: raw x509 cert key data klass or NULL if an error occurs
  * (xmlsec-crypto library is not loaded or the raw X509 cert key data
  * klass is not implemented).
  */
-xmlSecKeyDataId	
+xmlSecKeyDataId
 xmlSecKeyDataRawX509CertGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->keyDataRawX509CertGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "keyDataRawX509CertId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "keyDataRawX509CertId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyDataIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->keyDataRawX509CertGetKlass());
 }
 
@@ -293,26 +316,26 @@ xmlSecKeyDataRawX509CertGetKlass(void) {
  * Key data store ids
  *
  *****************************************************************************/
-/** 
+/**
  * xmlSecX509StoreGetKlass:
- * 
+ *
  * The X509 certificates key data store klass.
  *
- * Returns: pointer to X509 certificates key data store klass or NULL if 
- * an error occurs (xmlsec-crypto library is not loaded or the raw X509 
+ * Returns: pointer to X509 certificates key data store klass or NULL if
+ * an error occurs (xmlsec-crypto library is not loaded or the raw X509
  * cert key data klass is not implemented).
  */
-xmlSecKeyDataStoreId 
+xmlSecKeyDataStoreId
 xmlSecX509StoreGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->x509StoreGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "x509StoreId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "x509StoreId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecKeyStoreIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->x509StoreGetKlass());
 }
 
@@ -323,74 +346,74 @@ xmlSecX509StoreGetKlass(void) {
  *****************************************************************************/
 /**
  * xmlSecTransformAes128CbcGetKlass:
- * 
+ *
  * AES 128 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 128 CBC encryption transform or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecTransformAes128CbcGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformAes128CbcGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformAes128CbcId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformAes128CbcId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformAes128CbcGetKlass());
 }
 
 /**
  * xmlSecTransformAes192CbcGetKlass:
- * 
+ *
  * AES 192 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 192 CBC encryption transform or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecTransformAes192CbcGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformAes192CbcGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformAes192CbcId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformAes192CbcId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformAes192CbcGetKlass());
 }
 
 /**
  * xmlSecTransformAes256CbcGetKlass:
- * 
+ *
  * AES 256 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 256 CBC encryption transform or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecTransformAes256CbcGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformAes256CbcGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformAes256CbcId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformAes256CbcId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformAes256CbcGetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformKWAes128GetKlass:
  *
  * The AES-128 kew wrapper transform klass.
@@ -399,21 +422,21 @@ xmlSecTransformAes256CbcGetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformKWAes128GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformKWAes128GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformKWAes128GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformKWAes128Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformKWAes128Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformKWAes128GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformKWAes192GetKlass:
  *
  * The AES-192 kew wrapper transform klass.
@@ -422,21 +445,21 @@ xmlSecTransformKWAes128GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformKWAes192GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformKWAes192GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformKWAes192GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformKWAes192Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformKWAes192Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformKWAes192GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformKWAes256GetKlass:
  *
  * The AES-256 kew wrapper transform klass.
@@ -445,113 +468,251 @@ xmlSecTransformKWAes192GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformKWAes256GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformKWAes256GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformKWAes256GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformKWAes256Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformKWAes256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformKWAes256GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformDes3CbcGetKlass:
  *
  * Triple DES CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to Triple DES encryption transform or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformDes3CbcGetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformDes3CbcGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformDes3CbcGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformDes3CbcId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformDes3CbcId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformDes3CbcGetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformKWDes3GetKlass:
- * 
+ *
  * The Triple DES key wrapper transform klass.
  *
  * Returns: Triple DES key wrapper transform klass or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformKWDes3GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformKWDes3GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformKWDes3Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformKWDes3Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformKWDes3GetKlass());
 }
 
 /**
  * xmlSecTransformDsaSha1GetKlass:
- * 
+ *
  * The DSA-SHA1 signature transform klass.
  *
  * Returns: DSA-SHA1 signature transform klass or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformDsaSha1GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformDsaSha1GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformDsaSha1GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformDsaSha1Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformDsaSha1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformDsaSha1GetKlass());
 }
 
-/** 
+/**
+ * xmlSecTransformDsaSha256GetKlass:
+ *
+ * The DSA-SHA256 signature transform klass.
+ *
+ * Returns: DSA-SHA256 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformDsaSha256GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformDsaSha256GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformDsaSha256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformDsaSha256GetKlass());
+}
+
+/**
+ * xmlSecTransformEcdsaSha1GetKlass:
+ *
+ * The ECDSA-SHA1 signature transform klass.
+ *
+ * Returns: ECDSA-SHA1 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformEcdsaSha1GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformEcdsaSha1GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformEcdsaSha1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformEcdsaSha1GetKlass());
+}
+
+/**
+ * xmlSecTransformEcdsaSha224GetKlass:
+ *
+ * The ECDSA-SHA224 signature transform klass.
+ *
+ * Returns: ECDSA-SHA224 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformEcdsaSha224GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformEcdsaSha224GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformEcdsaSha224Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformEcdsaSha224GetKlass());
+}
+
+/**
+ * xmlSecTransformEcdsaSha256GetKlass:
+ *
+ * The ECDSA-SHA256 signature transform klass.
+ *
+ * Returns: ECDSA-SHA256 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformEcdsaSha256GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformEcdsaSha256GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformEcdsaSha256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformEcdsaSha256GetKlass());
+}
+
+/**
+ * xmlSecTransformEcdsaSha384GetKlass:
+ *
+ * The ECDSA-SHA384 signature transform klass.
+ *
+ * Returns: ECDSA-SHA384 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformEcdsaSha384GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformEcdsaSha384GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformEcdsaSha384Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformEcdsaSha384GetKlass());
+}
+
+/**
+ * xmlSecTransformEcdsaSha512GetKlass:
+ *
+ * The ECDSA-SHA512 signature transform klass.
+ *
+ * Returns: ECDSA-SHA512 signature transform klass or NULL if an error
+ * occurs (the xmlsec-crypto library is not loaded or this transform is not
+ * implemented).
+ */
+xmlSecTransformId
+xmlSecTransformEcdsaSha512GetKlass(void) {
+    if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformEcdsaSha512GetKlass == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformEcdsaSha512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecTransformIdUnknown);
+    }
+
+    return(xmlSecCryptoDLGetFunctions()->transformEcdsaSha512GetKlass());
+}
+
+/**
  * xmlSecTransformGost2001GostR3411_94GetKlass:
- * 
+ *
  * The GOST2001-GOSTR3411_94 signature transform klass.
  *
  * Returns: GOST2001-GOSTR3411_94 signature transform klass or NULL if an error
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformGost2001GostR3411_94GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformGost2001GostR3411_94GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGost2001GostR3411_94GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformGost2001GostR3411_94Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGost2001GostR3411_94Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformGost2001GostR3411_94GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacMd5GetKlass:
  *
  * The HMAC-MD5 transform klass.
@@ -560,21 +721,21 @@ xmlSecTransformGost2001GostR3411_94GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacMd5GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacMd5GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacMd5GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacMd5Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacMd5Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacMd5GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacRipemd160GetKlass:
  *
  * The HMAC-RIPEMD160 transform klass.
@@ -583,21 +744,21 @@ xmlSecTransformHmacMd5GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformHmacRipemd160GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacRipemd160GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacRipemd160Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacRipemd160Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacRipemd160GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacSha1GetKlass:
  *
  * The HMAC-SHA1 transform klass.
@@ -606,21 +767,21 @@ xmlSecTransformHmacRipemd160GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacSha1GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacSha1GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacSha1GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacSha1Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacSha1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacSha1GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacSha224GetKlass:
  *
  * The HMAC-SHA224 transform klass.
@@ -629,21 +790,21 @@ xmlSecTransformHmacSha1GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacSha224GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacSha224GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacSha224GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacSha224Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacSha224Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacSha224GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacSha256GetKlass:
  *
  * The HMAC-SHA256 transform klass.
@@ -652,21 +813,21 @@ xmlSecTransformHmacSha224GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacSha256GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacSha256GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacSha256GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacSha256Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacSha256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacSha256GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacSha384GetKlass:
  *
  * The HMAC-SHA384 transform klass.
@@ -675,21 +836,21 @@ xmlSecTransformHmacSha256GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacSha384GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacSha384GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacSha384GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacSha384Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacSha384Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacSha384GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformHmacSha512GetKlass:
  *
  * The HMAC-SHA512 transform klass.
@@ -698,21 +859,21 @@ xmlSecTransformHmacSha384GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformHmacSha512GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformHmacSha512GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformHmacSha512GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformHmacSha512Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformHmacSha512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformHmacSha512GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformMd5GetKlass:
  *
  * MD5 digest transform klass.
@@ -721,21 +882,21 @@ xmlSecTransformHmacSha512GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformMd5GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformMd5GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformMd5Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformMd5Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformMd5GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformRipemd160GetKlass:
  *
  * RIPEMD-160 digest transform klass.
@@ -744,23 +905,23 @@ xmlSecTransformMd5GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformRipemd160GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRipemd160GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRipemd160Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRipemd160Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRipemd160GetKlass());
 }
 
 /**
  * xmlSecTransformRsaMd5GetKlass:
- * 
+ *
  * The RSA-MD5 signature transform klass.
  *
  * Returns: RSA-MD5 signature transform klass or NULL if an error
@@ -768,22 +929,22 @@ xmlSecTransformRipemd160GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaMd5GetKlass(void) {	
+xmlSecTransformRsaMd5GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaMd5GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaMd5Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaMd5Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaMd5GetKlass());
 }
 
 /**
  * xmlSecTransformRsaRipemd160GetKlass:
- * 
+ *
  * The RSA-RIPEMD160 signature transform klass.
  *
  * Returns: RSA-RIPEMD160 signature transform klass or NULL if an error
@@ -791,22 +952,22 @@ xmlSecTransformRsaMd5GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaRipemd160GetKlass(void) {	
+xmlSecTransformRsaRipemd160GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaRipemd160GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaRipemd160Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaRipemd160Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaRipemd160GetKlass());
 }
 
 /**
  * xmlSecTransformRsaSha1GetKlass:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  *
  * Returns: RSA-SHA1 signature transform klass or NULL if an error
@@ -814,22 +975,22 @@ xmlSecTransformRsaRipemd160GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaSha1GetKlass(void) {	
+xmlSecTransformRsaSha1GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaSha1GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaSha1Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaSha1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaSha1GetKlass());
 }
 
 /**
  * xmlSecTransformRsaSha224GetKlass:
- * 
+ *
  * The RSA-SHA224 signature transform klass.
  *
  * Returns: RSA-SHA224 signature transform klass or NULL if an error
@@ -837,22 +998,22 @@ xmlSecTransformRsaSha1GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaSha224GetKlass(void) {	
+xmlSecTransformRsaSha224GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaSha224GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaSha224Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaSha224Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaSha224GetKlass());
 }
 
 /**
  * xmlSecTransformRsaSha256GetKlass:
- * 
+ *
  * The RSA-SHA256 signature transform klass.
  *
  * Returns: RSA-SHA256 signature transform klass or NULL if an error
@@ -860,22 +1021,22 @@ xmlSecTransformRsaSha224GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaSha256GetKlass(void) {	
+xmlSecTransformRsaSha256GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaSha256GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaSha256Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaSha256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaSha256GetKlass());
 }
 
 /**
  * xmlSecTransformRsaSha384GetKlass:
- * 
+ *
  * The RSA-SHA384 signature transform klass.
  *
  * Returns: RSA-SHA384 signature transform klass or NULL if an error
@@ -883,22 +1044,22 @@ xmlSecTransformRsaSha256GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaSha384GetKlass(void) {	
+xmlSecTransformRsaSha384GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaSha384GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaSha384Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaSha384Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaSha384GetKlass());
 }
 
 /**
  * xmlSecTransformRsaSha512GetKlass:
- * 
+ *
  * The RSA-SHA512 signature transform klass.
  *
  * Returns: RSA-SHA512 signature transform klass or NULL if an error
@@ -906,20 +1067,20 @@ xmlSecTransformRsaSha384GetKlass(void) {
  * implemented).
  */
 xmlSecTransformId
-xmlSecTransformRsaSha512GetKlass(void) {	
+xmlSecTransformRsaSha512GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaSha512GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaSha512Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaSha512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaSha512GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformRsaPkcs1GetKlass:
  *
  * The RSA-PKCS1 key transport transform klass.
@@ -928,21 +1089,21 @@ xmlSecTransformRsaSha512GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformRsaPkcs1GetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformRsaPkcs1GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaPkcs1GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaPkcs1Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaPkcs1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaPkcs1GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformRsaOaepGetKlass:
  *
  * The RSA-OAEP key transport transform klass.
@@ -951,21 +1112,21 @@ xmlSecTransformRsaPkcs1GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
-xmlSecTransformRsaOaepGetKlass(void) {	
+xmlSecTransformId
+xmlSecTransformRsaOaepGetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformRsaOaepGetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformRsaOaepId",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformRsaOaepId",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformRsaOaepGetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformGostR3411_94GetKlass:
  *
  * GOSTR3411_94 digest transform klass.
@@ -974,22 +1135,22 @@ xmlSecTransformRsaOaepGetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformGostR3411_94GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformGostR3411_94GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformGostR3411_94Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformGostR3411_94Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformGostR3411_94GetKlass());
 }
 
 
-/** 
+/**
  * xmlSecTransformSha1GetKlass:
  *
  * SHA-1 digest transform klass.
@@ -998,21 +1159,21 @@ xmlSecTransformGostR3411_94GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformSha1GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformSha1GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformSha1Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformSha1Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformSha1GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformSha224GetKlass:
  *
  * SHA224 digest transform klass.
@@ -1021,21 +1182,21 @@ xmlSecTransformSha1GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformSha224GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformSha224GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformSha224Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformSha224Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformSha224GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformSha256GetKlass:
  *
  * SHA256 digest transform klass.
@@ -1044,21 +1205,21 @@ xmlSecTransformSha224GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformSha256GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformSha256GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformSha256Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformSha256Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformSha256GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformSha384GetKlass:
  *
  * SHA384 digest transform klass.
@@ -1067,21 +1228,21 @@ xmlSecTransformSha256GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformSha384GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformSha384GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformSha384Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformSha384Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformSha384GetKlass());
 }
 
-/** 
+/**
  * xmlSecTransformSha512GetKlass:
  *
  * SHA512 digest transform klass.
@@ -1090,17 +1251,17 @@ xmlSecTransformSha384GetKlass(void) {
  * occurs (the xmlsec-crypto library is not loaded or this transform is not
  * implemented).
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformSha512GetKlass(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->transformSha512GetKlass == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "transformSha512Id",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "transformSha512Id",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(xmlSecTransformIdUnknown);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->transformSha512GetKlass());
 }
 
@@ -1108,187 +1269,187 @@ xmlSecTransformSha512GetKlass(void) {
  *
  * High level routines form xmlsec command line utility
  *
- *****************************************************************************/ 
+ *****************************************************************************/
 /**
  * xmlSecCryptoAppInit:
- * @config:		the path to crypto library configuration.
+ * @config:             the path to crypto library configuration.
  *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoAppInit(const char* config) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppInit == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppInit",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppInit",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppInit(config));
 }
 
 
 /**
  * xmlSecCryptoAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoAppShutdown(void) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppShutdown == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppShutdown",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppShutdown",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppShutdown());
 }
 
 /**
  * xmlSecCryptoAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecCryptoAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrInit == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppDefaultKeysMngrInit",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppDefaultKeysMngrInit",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrInit(mngr));
 }
 
 /**
  * xmlSecCryptoAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecCryptoAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecCryptoAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrAdoptKey == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppDefaultKeysMngrAdoptKey",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppDefaultKeysMngrAdoptKey",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrAdoptKey(mngr, key));
 }
 
 /**
  * xmlSecCryptoAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecCryptoAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecCryptoAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrLoad == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppDefaultKeysMngrLoad",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppDefaultKeysMngrLoad",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrLoad(mngr, uri));
 }
 
 /**
  * xmlSecCryptoAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecCryptoAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename,
-				   xmlSecKeyDataType type) {
+                                   xmlSecKeyDataType type) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrSave == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppDefaultKeysMngrSave",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppDefaultKeysMngrSave",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppDefaultKeysMngrSave(mngr, filename, type));
 }
 
 /**
  * xmlSecCryptoAppKeysMngrCertLoad:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
-xmlSecCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-				xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
+int
+xmlSecCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+                                xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeysMngrCertLoad == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeysMngrCertLoad",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeysMngrCertLoad",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeysMngrCertLoad(mngr, filename, format, type));
 }
 
 /**
  * xmlSecCryptoAppKeysMngrCertLoadMemory:
- * @mngr: 		the keys manager.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate trusted or not.
+ *
  * Reads cert from binary buffer @data and adds to the list of trusted or known
  * untrusted certs in @store.
  *
@@ -1296,81 +1457,81 @@ xmlSecCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
  */
 int
 xmlSecCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
-				    xmlSecSize dataSize, xmlSecKeyDataFormat format, 
-				    xmlSecKeyDataType type) {
+                                    xmlSecSize dataSize, xmlSecKeyDataFormat format,
+                                    xmlSecKeyDataType type) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeysMngrCertLoadMemory == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeysMngrCertLoadMemory",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeysMngrCertLoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeysMngrCertLoadMemory(mngr, data, dataSize, format, type));
 }
 
 /**
  * xmlSecCryptoAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-		       const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                       const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeyLoad == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeyLoad",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeyLoad",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeyLoad(filename, format, pwd, pwdCallback, pwdCallbackCtx));
 }
 
 /**
  * xmlSecCryptoAppKeyLoadMemory:
- * @data:		the binary key data.
- * @dataSize:		the size of binary key.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the binary key data.
+ * @dataSize:           the size of binary key.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the memory buffer.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecCryptoAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
-		       const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                       const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeyLoadMemory == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeyLoadMemory",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeyLoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeyLoadMemory(data, dataSize, format, pwd, pwdCallback, pwdCallbackCtx));
 }
-				
+
 /**
  * xmlSecCryptoAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file.
  * For uniformity, call xmlSecCryptoAppKeyLoad instead of this function. Pass
@@ -1378,28 +1539,28 @@ xmlSecCryptoAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSec
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
-xmlSecCryptoAppPkcs12Load(const char* filename, const char* pwd, void* pwdCallback, 
-			  void* pwdCallbackCtx) {
+xmlSecKeyPtr
+xmlSecCryptoAppPkcs12Load(const char* filename, const char* pwd, void* pwdCallback,
+                          void* pwdCallbackCtx) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppPkcs12Load == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppPkcs12Load",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppPkcs12Load",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppPkcs12Load(filename, pwd, pwdCallback, pwdCallbackCtx));
 }
 
 /**
  * xmlSecCryptoAppPkcs12LoadMemory:
- * @data:		the PKCS12 binary data.
- * @dataSize:		the PKCS12 binary data size.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the PKCS12 binary data.
+ * @dataSize:           the PKCS12 binary data size.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 data in memory buffer.
  * For uniformity, call xmlSecCryptoAppKeyLoadMemory instead of this function. Pass
@@ -1407,69 +1568,69 @@ xmlSecCryptoAppPkcs12Load(const char* filename, const char* pwd, void* pwdCallba
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecCryptoAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
-			   const char *pwd, void* pwdCallback, 
-			   void* pwdCallbackCtx) {
+xmlSecKeyPtr
+xmlSecCryptoAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                           const char *pwd, void* pwdCallback,
+                           void* pwdCallbackCtx) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppPkcs12LoadMemory == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppPkcs12LoadMemory",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppPkcs12LoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppPkcs12LoadMemory(data, dataSize, pwd, pwdCallback, pwdCallbackCtx));
 }
 
 /**
  * xmlSecCryptoAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@filename and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecCryptoAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFormat format) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeyCertLoad == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeyCertLoad",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeyCertLoad",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeyCertLoad(key, filename, format));
 }
 
 /**
  * xmlSecCryptoAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from memory buffer and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
-				xmlSecKeyDataFormat format) {
+int
+xmlSecCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
+                                xmlSecKeyDataFormat format) {
     if((xmlSecCryptoDLGetFunctions() == NULL) || (xmlSecCryptoDLGetFunctions()->cryptoAppKeyCertLoadMemory == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cryptoAppKeyCertLoadMemory",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cryptoAppKeyCertLoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppKeyCertLoadMemory(key, data, dataSize, format));
 }
 
@@ -1480,17 +1641,17 @@ xmlSecCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSe
  *
  * Returns: default password callback.
  */
-void* 
+void*
 xmlSecCryptoAppGetDefaultPwdCallback(void) {
     if(xmlSecCryptoDLGetFunctions() == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(xmlSecCryptoDLGetFunctions()->cryptoAppDefaultPwdCallback);
 }
 
diff --git a/src/base64.c b/src/base64.c
index 73b9e504..53e66945 100644
--- a/src/base64.c
+++ b/src/base64.c
@@ -5,7 +5,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -22,11 +22,11 @@
 #include <xmlsec/base64.h>
 #include <xmlsec/errors.h>
 
-/* 
- * the table to map numbers to base64 
+/*
+ * the table to map numbers to base64
  */
 static const xmlSecByte base64[] =
-{  
+{
 /*   0    1    2    3    4    5    6    7   */
     'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', /* 0 */
     'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', /* 1 */
@@ -40,21 +40,21 @@ static const xmlSecByte base64[] =
 
 
 /* few macros to simplify the code */
-#define xmlSecBase64Encode1(a) 		(((a) >> 2) & 0x3F)
-#define xmlSecBase64Encode2(a, b) 	((((a) << 4) & 0x30) + (((b) >> 4) & 0x0F))
-#define xmlSecBase64Encode3(b, c) 	((((b) << 2) & 0x3c) + (((c) >> 6) & 0x03))
-#define xmlSecBase64Encode4(c)		((c) & 0x3F)
+#define xmlSecBase64Encode1(a)          (((a) >> 2) & 0x3F)
+#define xmlSecBase64Encode2(a, b)       ((((a) << 4) & 0x30) + (((b) >> 4) & 0x0F))
+#define xmlSecBase64Encode3(b, c)       ((((b) << 2) & 0x3c) + (((c) >> 6) & 0x03))
+#define xmlSecBase64Encode4(c)          ((c) & 0x3F)
+
+#define xmlSecBase64Decode1(a, b)       (((a) << 2) | (((b) & 0x3F) >> 4))
+#define xmlSecBase64Decode2(b, c)       (((b) << 4) | (((c) & 0x3F) >> 2))
+#define xmlSecBase64Decode3(c, d)       (((c) << 6) | ((d) & 0x3F))
 
-#define xmlSecBase64Decode1(a, b)	(((a) << 2) | (((b) & 0x3F) >> 4))
-#define xmlSecBase64Decode2(b, c)	(((b) << 4) | (((c) & 0x3F) >> 2))
-#define xmlSecBase64Decode3(c, d)	(((c) << 6) | ((d) & 0x3F))
-	
-#define xmlSecIsBase64Char(ch) 		((((ch) >= 'A') && ((ch) <= 'Z')) || \
-					 (((ch) >= 'a') && ((ch) <= 'z')) || \
-					 (((ch) >= '0') && ((ch) <= '9')) || \
-					 ((ch) == '+') || ((ch) == '/')) 
-#define xmlSecIsBase64Space(ch)		(((ch) == ' ') || ((ch) == '\t') || \
-					 ((ch) == '\x0d') || ((ch) == '\x0a'))
+#define xmlSecIsBase64Char(ch)          ((((ch) >= 'A') && ((ch) <= 'Z')) || \
+                                         (((ch) >= 'a') && ((ch) <= 'z')) || \
+                                         (((ch) >= '0') && ((ch) <= '9')) || \
+                                         ((ch) == '+') || ((ch) == '/'))
+#define xmlSecIsBase64Space(ch)         (((ch) == ' ') || ((ch) == '\t') || \
+                                         ((ch) == '\x0d') || ((ch) == '\x0a'))
 
 
 
@@ -72,48 +72,48 @@ typedef enum {
 } xmlSecBase64Status;
 
 struct _xmlSecBase64Ctx {
-    int			encode;    
+    int                 encode;
     int                 inByte;
     int                 inPos;
-    xmlSecSize		linePos;
-    xmlSecSize		columns;  
+    xmlSecSize          linePos;
+    xmlSecSize          columns;
     int                 finished;
 };
 
-static xmlSecBase64Status	xmlSecBase64CtxEncodeByte	(xmlSecBase64CtxPtr ctx, 
-								 xmlSecByte  inByte, 
-								 xmlSecByte* outByte);
-static xmlSecBase64Status	xmlSecBase64CtxEncodeByteFinal	(xmlSecBase64CtxPtr ctx, 
-								 xmlSecByte* outByte);
-static xmlSecBase64Status	xmlSecBase64CtxDecodeByte	(xmlSecBase64CtxPtr ctx, 
-								 xmlSecByte inByte, 
-								 xmlSecByte* outByte);
-static int			xmlSecBase64CtxEncode		(xmlSecBase64CtxPtr ctx, 
-                						 const xmlSecByte* inBuf, 
-								 xmlSecSize inBufSize, 
-								 xmlSecSize* inBufResSize,
-                						 xmlSecByte* outBuf, 
-								 xmlSecSize outBufSize, 
-								 xmlSecSize* outBufResSize);
-static int			xmlSecBase64CtxEncodeFinal	(xmlSecBase64CtxPtr ctx, 
-                						 xmlSecByte* outBuf, 
-								 xmlSecSize outBufSize, 
-								 xmlSecSize* outBufResSize);
-static int			xmlSecBase64CtxDecode		(xmlSecBase64CtxPtr ctx, 
-                						 const xmlSecByte* inBuf, 
-								 xmlSecSize inBufSize, 
-								 xmlSecSize* inBufResSize,
-                						 xmlSecByte* outBuf, 
-								 xmlSecSize outBufSize, 
-								 xmlSecSize* outBufResSize);
-static int			xmlSecBase64CtxDecodeIsFinished	(xmlSecBase64CtxPtr ctx);
+static xmlSecBase64Status       xmlSecBase64CtxEncodeByte       (xmlSecBase64CtxPtr ctx,
+                                                                 xmlSecByte  inByte,
+                                                                 xmlSecByte* outByte);
+static xmlSecBase64Status       xmlSecBase64CtxEncodeByteFinal  (xmlSecBase64CtxPtr ctx,
+                                                                 xmlSecByte* outByte);
+static xmlSecBase64Status       xmlSecBase64CtxDecodeByte       (xmlSecBase64CtxPtr ctx,
+                                                                 xmlSecByte inByte,
+                                                                 xmlSecByte* outByte);
+static int                      xmlSecBase64CtxEncode           (xmlSecBase64CtxPtr ctx,
+                                                                 const xmlSecByte* inBuf,
+                                                                 xmlSecSize inBufSize,
+                                                                 xmlSecSize* inBufResSize,
+                                                                 xmlSecByte* outBuf,
+                                                                 xmlSecSize outBufSize,
+                                                                 xmlSecSize* outBufResSize);
+static int                      xmlSecBase64CtxEncodeFinal      (xmlSecBase64CtxPtr ctx,
+                                                                 xmlSecByte* outBuf,
+                                                                 xmlSecSize outBufSize,
+                                                                 xmlSecSize* outBufResSize);
+static int                      xmlSecBase64CtxDecode           (xmlSecBase64CtxPtr ctx,
+                                                                 const xmlSecByte* inBuf,
+                                                                 xmlSecSize inBufSize,
+                                                                 xmlSecSize* inBufResSize,
+                                                                 xmlSecByte* outBuf,
+                                                                 xmlSecSize outBufSize,
+                                                                 xmlSecSize* outBufResSize);
+static int                      xmlSecBase64CtxDecodeIsFinished (xmlSecBase64CtxPtr ctx);
 
 
 static int g_xmlsec_base64_default_line_size = XMLSEC_BASE64_LINESIZE;
 
 /**
  * xmlSecBase64GetDefaultLineSize:
- * 
+ *
  * Gets the current default line size.
  *
  * Returns: the current default line size.
@@ -138,72 +138,72 @@ xmlSecBase64SetDefaultLineSize(int columns)
 
 /**
  * xmlSecBase64CtxCreate:
- * @encode:		the encode/decode flag (1 - encode, 0 - decode) 
- * @columns: 		the max line length.
+ * @encode:             the encode/decode flag (1 - encode, 0 - decode)
+ * @columns:            the max line length.
  *
  * Allocates and initializes new base64 context.
  *
  * Returns: a pointer to newly created #xmlSecBase64Ctx structure
  * or NULL if an error occurs.
  */
-xmlSecBase64CtxPtr	
+xmlSecBase64CtxPtr
 xmlSecBase64CtxCreate(int encode, int columns) {
     xmlSecBase64CtxPtr ctx;
     int ret;
-    
+
     /*
      * Allocate a new xmlSecBase64CtxPtr and fill the fields.
      */
     ctx = (xmlSecBase64CtxPtr) xmlMalloc(sizeof(xmlSecBase64Ctx));
     if (ctx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecBase64Ctx)=%d", 
-		    sizeof(xmlSecBase64Ctx));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecBase64Ctx)=%d",
+                    sizeof(xmlSecBase64Ctx));
+        return(NULL);
     }
-    
+
     ret = xmlSecBase64CtxInitialize(ctx, encode, columns);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBase64CtxDestroy(ctx);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBase64CtxDestroy(ctx);
+        return(NULL);
     }
     return(ctx);
 }
 
 /**
  * xmlSecBase64CtxDestroy:
- * @ctx: 		the pointer to #xmlSecBase64Ctx structure.
- * 
+ * @ctx:                the pointer to #xmlSecBase64Ctx structure.
+ *
  * Destroys base64 context.
  */
 void
 xmlSecBase64CtxDestroy(xmlSecBase64CtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecBase64CtxFinalize(ctx);
     xmlFree(ctx);
 }
 
 /**
  * xmlSecBase64CtxInitialize:
- * @ctx:		the pointer to #xmlSecBase64Ctx structure,
- * @encode:		the encode/decode flag (1 - encode, 0 - decode) 
- * @columns: 		the max line length.
+ * @ctx:                the pointer to #xmlSecBase64Ctx structure,
+ * @encode:             the encode/decode flag (1 - encode, 0 - decode)
+ * @columns:            the max line length.
  *
  * Initializes new base64 context.
  *
  * Returns: 0 on success and a negative value otherwise.
  */
-int 
-xmlSecBase64CtxInitialize(xmlSecBase64CtxPtr ctx, int encode, int columns) {    
+int
+xmlSecBase64CtxInitialize(xmlSecBase64CtxPtr ctx, int encode, int columns) {
     xmlSecAssert2(ctx != NULL, -1);
 
     memset(ctx, 0, sizeof(xmlSecBase64Ctx));
@@ -215,63 +215,63 @@ xmlSecBase64CtxInitialize(xmlSecBase64CtxPtr ctx, int encode, int columns) {
 
 /**
  * xmlSecBase64CtxFinalize:
- * @ctx:		the pointer to #xmlSecBase64Ctx structure,
+ * @ctx:                the pointer to #xmlSecBase64Ctx structure,
  *
  * Frees all the resources allocated by @ctx.
  */
-void 
-xmlSecBase64CtxFinalize(xmlSecBase64CtxPtr ctx) {    
+void
+xmlSecBase64CtxFinalize(xmlSecBase64CtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
 
-    memset(ctx, 0, sizeof(xmlSecBase64Ctx)); 
-}	
+    memset(ctx, 0, sizeof(xmlSecBase64Ctx));
+}
 
 /**
  * xmlSecBase64CtxUpdate:
- * @ctx: 		the pointer to #xmlSecBase64Ctx structure
- * @in:			the input buffer
- * @inSize: 		the input buffer size
- * @out: 		the output buffer
- * @outSize: 		the output buffer size
+ * @ctx:                the pointer to #xmlSecBase64Ctx structure
+ * @in:                 the input buffer
+ * @inSize:             the input buffer size
+ * @out:                the output buffer
+ * @outSize:            the output buffer size
  *
  * Encodes or decodes the next piece of data from input buffer.
- * 
- * Returns: the number of bytes written to output buffer or 
+ *
+ * Returns: the number of bytes written to output buffer or
  * -1 if an error occurs.
  */
 int
 xmlSecBase64CtxUpdate(xmlSecBase64CtxPtr ctx,
-		     const xmlSecByte *in, xmlSecSize inSize, 
-		     xmlSecByte *out, xmlSecSize outSize) {
+                     const xmlSecByte *in, xmlSecSize inSize,
+                     xmlSecByte *out, xmlSecSize outSize) {
     xmlSecSize inResSize = 0, outResSize = 0;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(out != NULL, -1);
 
     if(ctx->encode != 0) {
-	ret = xmlSecBase64CtxEncode(ctx, in, inSize, &inResSize, 
-				    out, outSize, &outResSize);
-	if((ret < 0) || (inResSize != inSize)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			"xmlSecBase64CtxEncode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-    	    return(-1);
-	}
+        ret = xmlSecBase64CtxEncode(ctx, in, inSize, &inResSize,
+                                    out, outSize, &outResSize);
+        if((ret < 0) || (inResSize != inSize)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBase64CtxEncode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	ret = xmlSecBase64CtxDecode(ctx, in, inSize, &inResSize, 
-				    out, outSize, &outResSize);
-	if((ret < 0) || (inResSize != inSize)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			"xmlSecBase64CtxDecode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-    	    return(-1);
-	}
+        ret = xmlSecBase64CtxDecode(ctx, in, inSize, &inResSize,
+                                    out, outSize, &outResSize);
+        if((ret < 0) || (inResSize != inSize)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBase64CtxDecode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     return(outResSize);
@@ -279,50 +279,50 @@ xmlSecBase64CtxUpdate(xmlSecBase64CtxPtr ctx,
 
 /**
  * xmlSecBase64CtxFinal:
- * @ctx: 		the pointer to #xmlSecBase64Ctx structure
- * @out: 		the output buffer
- * @outSize: 		the output buffer size
+ * @ctx:                the pointer to #xmlSecBase64Ctx structure
+ * @out:                the output buffer
+ * @outSize:            the output buffer size
  *
  * Encodes or decodes the last piece of data stored in the context
  * and finalizes the result.
  *
- * Returns: the number of bytes written to output buffer or 
+ * Returns: the number of bytes written to output buffer or
  * -1 if an error occurs.
  */
 int
-xmlSecBase64CtxFinal(xmlSecBase64CtxPtr ctx, 
-		    xmlSecByte *out, xmlSecSize outSize) {
+xmlSecBase64CtxFinal(xmlSecBase64CtxPtr ctx,
+                    xmlSecByte *out, xmlSecSize outSize) {
     xmlSecSize outResSize = 0;
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(out != NULL, -1);    
-    xmlSecAssert2(outSize > 0, -1);    
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
 
-    if(ctx->encode != 0) {    
-	ret = xmlSecBase64CtxEncodeFinal(ctx, out, outSize, &outResSize);
+    if(ctx->encode != 0) {
+        ret = xmlSecBase64CtxEncodeFinal(ctx, out, outSize, &outResSize);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			"xmlSecBase64CtxEncodeFinal",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"outSize=%d", outSize);
-	    return(-1);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBase64CtxEncodeFinal",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
     } else {
-	if(!xmlSecBase64CtxDecodeIsFinished(ctx)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			"xmlSecBase64CtxIsFinished",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-    	    return(-1);
-	}	
+        if(!xmlSecBase64CtxDecodeIsFinished(ctx)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBase64CtxIsFinished",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
-    
+
     /* add \0 */
     if((outResSize + 1) < outSize) {
-	out[outResSize] = '\0';
+        out[outResSize] = '\0';
     }
     return(outResSize);
 }
@@ -338,36 +338,36 @@ xmlSecBase64CtxEncodeByte(xmlSecBase64CtxPtr ctx, xmlSecByte inByte, xmlSecByte*
         return(xmlSecBase64StatusConsumeAndRepeat);
     } else if(ctx->inPos == 0) {
         /* we just started new block */
-	(*outByte) = base64[xmlSecBase64Encode1(inByte)];
+        (*outByte) = base64[xmlSecBase64Encode1(inByte)];
         ctx->inByte = inByte;
         ++ctx->linePos;
         ++ctx->inPos;
         return(xmlSecBase64StatusConsumeAndNext);
     } else if(ctx->inPos == 1) {
-	(*outByte) = base64[xmlSecBase64Encode2(ctx->inByte, inByte)];
+        (*outByte) = base64[xmlSecBase64Encode2(ctx->inByte, inByte)];
         ctx->inByte = inByte;
         ++ctx->linePos;
         ++ctx->inPos;
         return(xmlSecBase64StatusConsumeAndNext);
     } else if(ctx->inPos == 2) {
-	(*outByte) = base64[xmlSecBase64Encode3(ctx->inByte, inByte)];
+        (*outByte) = base64[xmlSecBase64Encode3(ctx->inByte, inByte)];
         ctx->inByte = inByte;
         ++ctx->linePos;
         ++ctx->inPos;
         return(xmlSecBase64StatusConsumeAndRepeat);
     } else if(ctx->inPos == 3) {
-	(*outByte) = base64[xmlSecBase64Encode4(ctx->inByte)];
+        (*outByte) = base64[xmlSecBase64Encode4(ctx->inByte)];
         ++ctx->linePos;
         ctx->inByte = 0;
         ctx->inPos  = 0;
         return(xmlSecBase64StatusConsumeAndNext);
     }
 
-    xmlSecError(XMLSEC_ERRORS_HERE, 
-		NULL,
-		NULL,
-		XMLSEC_ERRORS_R_INVALID_DATA,
-		"ctx->inPos=%d", ctx->inPos);
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                NULL,
+                XMLSEC_ERRORS_R_INVALID_DATA,
+                "ctx->inPos=%d", ctx->inPos);
     return(xmlSecBase64StatusFailed);
 }
 
@@ -397,68 +397,68 @@ xmlSecBase64CtxEncodeByteFinal(xmlSecBase64CtxPtr ctx, xmlSecByte* outByte) {
         return(xmlSecBase64StatusConsumeAndRepeat);
     }
 
-    xmlSecError(XMLSEC_ERRORS_HERE, 
-		NULL,
-		NULL,
-		XMLSEC_ERRORS_R_INVALID_DATA,
-		"ctx->inPos=%d", ctx->inPos);
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                NULL,
+                XMLSEC_ERRORS_R_INVALID_DATA,
+                "ctx->inPos=%d", ctx->inPos);
     return(xmlSecBase64StatusFailed);
 }
 
 static xmlSecBase64Status
 xmlSecBase64CtxDecodeByte(xmlSecBase64CtxPtr ctx, xmlSecByte inByte, xmlSecByte* outByte) {
     xmlSecAssert2(ctx != NULL, xmlSecBase64StatusFailed);
-    xmlSecAssert2(outByte != NULL, xmlSecBase64StatusFailed);    
+    xmlSecAssert2(outByte != NULL, xmlSecBase64StatusFailed);
 
     if((ctx->finished != 0) && (ctx->inPos == 0)) {
         return(xmlSecBase64StatusDone);
     } if(inByte == '=') {
         ctx->finished = 1;
         if(ctx->inPos < 2) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"ctx->inPos=%d", ctx->inPos);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "ctx->inPos=%d", ctx->inPos);
             return(xmlSecBase64StatusFailed);
         } else if(ctx->inPos == 2) {
             ++ctx->inPos;
-            return(xmlSecBase64StatusNext);            
+            return(xmlSecBase64StatusNext);
         } else if(ctx->inPos == 3) {
             ctx->inPos = 0;
             return(xmlSecBase64StatusNext);
         } else {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"ctx->inPos=%d", ctx->inPos);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "ctx->inPos=%d", ctx->inPos);
             return(xmlSecBase64StatusFailed);
         }
     } else if(xmlSecIsBase64Space(inByte)) {
         return(xmlSecBase64StatusNext);
     } else if(!xmlSecIsBase64Char(inByte) || (ctx->finished != 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "inByte=0x%02x", inByte);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "inByte=0x%02x", inByte);
         return(xmlSecBase64StatusFailed);
     }
 
     /* convert from character to position in base64 array */
     if((inByte >= 'A') && (inByte <= 'Z')) {
-	inByte = (inByte - 'A');
+        inByte = (inByte - 'A');
     } else if((inByte >= 'a') && (inByte <= 'z')) {
-	inByte = 26 + (inByte - 'a');
+        inByte = 26 + (inByte - 'a');
     } else if((inByte >= '0') && (inByte <= '9')) {
-	inByte = 52 + (inByte - '0'); 
+        inByte = 52 + (inByte - '0');
     } else if(inByte == '+') {
-    	inByte = 62;
+        inByte = 62;
     } else if(inByte == '/') {
-	inByte = 63;
+        inByte = 63;
     }
-        
+
     if(ctx->inPos == 0) {
         ctx->inByte = inByte;
         ++ctx->inPos;
@@ -480,22 +480,22 @@ xmlSecBase64CtxDecodeByte(xmlSecBase64CtxPtr ctx, xmlSecByte inByte, xmlSecByte*
         return(xmlSecBase64StatusConsumeAndNext);
     }
 
-    xmlSecError(XMLSEC_ERRORS_HERE, 
-		NULL,
-		NULL,
-		XMLSEC_ERRORS_R_INVALID_DATA,
-		"ctx->inPos=%d", ctx->inPos);
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                NULL,
+                XMLSEC_ERRORS_R_INVALID_DATA,
+                "ctx->inPos=%d", ctx->inPos);
     return(xmlSecBase64StatusFailed);
 }
 
 
 static int
-xmlSecBase64CtxEncode(xmlSecBase64CtxPtr ctx, 
+xmlSecBase64CtxEncode(xmlSecBase64CtxPtr ctx,
                      const xmlSecByte* inBuf, xmlSecSize inBufSize, xmlSecSize* inBufResSize,
                      xmlSecByte* outBuf, xmlSecSize outBufSize, xmlSecSize* outBufResSize) {
     xmlSecBase64Status status = xmlSecBase64StatusNext;
     xmlSecSize inPos, outPos;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(inBuf != NULL, -1);
     xmlSecAssert2(inBufResSize != NULL, -1);
@@ -516,11 +516,11 @@ xmlSecBase64CtxEncode(xmlSecBase64CtxPtr ctx,
             case xmlSecBase64StatusNext:
             case xmlSecBase64StatusDone:
             case xmlSecBase64StatusFailed:
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    NULL,
-			    "xmlSecBase64CtxEncodeByte",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "status=%d", status);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecBase64CtxEncodeByte",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "status=%d", status);
                 return(-1);
         }
     }
@@ -532,11 +532,11 @@ xmlSecBase64CtxEncode(xmlSecBase64CtxPtr ctx,
 }
 
 static int
-xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx, 
+xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx,
                      xmlSecByte* outBuf, xmlSecSize outBufSize, xmlSecSize* outBufResSize) {
     xmlSecBase64Status status = xmlSecBase64StatusNext;
     xmlSecSize outPos;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(outBuf != NULL, -1);
     xmlSecAssert2(outBufResSize != NULL, -1);
@@ -553,21 +553,21 @@ xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx,
                 break;
             case xmlSecBase64StatusNext:
             case xmlSecBase64StatusFailed:
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    NULL,
-			    "xmlSecBase64CtxEncodeByteFinal",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "status=%d", status);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecBase64CtxEncodeByteFinal",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "status=%d", status);
                 return(-1);
         }
     }
 
     if(status != xmlSecBase64StatusDone) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "outBufSize=%d", outBufSize);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "outBufSize=%d", outBufSize);
         return(-1);
     }
     if(outPos < outBufSize) {
@@ -580,12 +580,12 @@ xmlSecBase64CtxEncodeFinal(xmlSecBase64CtxPtr ctx,
 
 
 static int
-xmlSecBase64CtxDecode(xmlSecBase64CtxPtr ctx, 
+xmlSecBase64CtxDecode(xmlSecBase64CtxPtr ctx,
                      const xmlSecByte* inBuf, xmlSecSize inBufSize, xmlSecSize* inBufResSize,
                      xmlSecByte* outBuf, xmlSecSize outBufSize, xmlSecSize* outBufResSize) {
     xmlSecBase64Status status = xmlSecBase64StatusNext;
     xmlSecSize inPos, outPos;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(inBuf != NULL, -1);
     xmlSecAssert2(inBufResSize != NULL, -1);
@@ -609,11 +609,11 @@ xmlSecBase64CtxDecode(xmlSecBase64CtxPtr ctx,
             case xmlSecBase64StatusDone:
                 break;
             case xmlSecBase64StatusFailed:
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    NULL,
-			    "xmlSecBase64CtxDecodeByte",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "status=%d", status);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecBase64CtxDecodeByte",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "status=%d", status);
                 return(-1);
         }
     }
@@ -638,23 +638,23 @@ xmlSecBase64CtxDecodeIsFinished(xmlSecBase64CtxPtr ctx) {
 
 /**
  * xmlSecBase64Encode:
- * @buf: 		the input buffer.
- * @len: 		the input buffer size.
- * @columns: 		the output max line length (if 0 then no line breaks
- *          		would be inserted)
+ * @buf:                the input buffer.
+ * @len:                the input buffer size.
+ * @columns:            the output max line length (if 0 then no line breaks
+ *                      would be inserted)
  *
  * Encodes the data from input buffer and allocates the string for the result.
  * The caller is responsible for freeing returned buffer using
  * xmlFree() function.
  *
- * Returns: newly allocated string with base64 encoded data 
+ * Returns: newly allocated string with base64 encoded data
  * or NULL if an error occurs.
  */
 xmlChar*
 xmlSecBase64Encode(const xmlSecByte *buf, xmlSecSize len, int columns) {
     xmlSecBase64Ctx ctx;
     xmlChar *ptr;
-    xmlSecSize size;    
+    xmlSecSize size;
     int size_update, size_final;
     int ret;
 
@@ -662,72 +662,72 @@ xmlSecBase64Encode(const xmlSecByte *buf, xmlSecSize len, int columns) {
 
     ret = xmlSecBase64CtxInitialize(&ctx, 1, columns);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* create result buffer */
     size = (4 * len) / 3 + 4;
     if(columns > 0) {
-	size += (size / columns) + 4;
+        size += (size / columns) + 4;
     }
     ptr = (xmlChar*) xmlMalloc(size);
     if(ptr == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", size);
-	xmlSecBase64CtxFinalize(&ctx);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", size);
+        xmlSecBase64CtxFinalize(&ctx);
+        return(NULL);
     }
 
     ret = xmlSecBase64CtxUpdate(&ctx, buf, len, (xmlSecByte*)ptr, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxUpdate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "len=%d", len);
-	xmlFree(ptr);
-	xmlSecBase64CtxFinalize(&ctx);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxUpdate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "len=%d", len);
+        xmlFree(ptr);
+        xmlSecBase64CtxFinalize(&ctx);
+        return(NULL);
     }
     size_update = ret;
 
     ret = xmlSecBase64CtxFinal(&ctx, ((xmlSecByte*)ptr) + size_update, size - size_update);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxFinal",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(ptr);
-	xmlSecBase64CtxFinalize(&ctx);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxFinal",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(ptr);
+        xmlSecBase64CtxFinalize(&ctx);
+        return(NULL);
     }
     size_final = ret;
     ptr[size_update + size_final] = '\0';
-    
+
     xmlSecBase64CtxFinalize(&ctx);
     return(ptr);
 }
 
 /**
  * xmlSecBase64Decode:
- * @str: 		the input buffer with base64 encoded string
- * @buf: 		the output buffer
- * @len: 		the output buffer size
+ * @str:                the input buffer with base64 encoded string
+ * @buf:                the output buffer
+ * @len:                the output buffer size
  *
  * Decodes input base64 encoded string and puts result into
  * the output buffer.
  *
- * Returns: the number of bytes written to the output buffer or 
- * a negative value if an error occurs 
+ * Returns: the number of bytes written to the output buffer or
+ * a negative value if an error occurs
  */
 int
 xmlSecBase64Decode(const xmlChar* str, xmlSecByte *buf, xmlSecSize len) {
@@ -741,37 +741,37 @@ xmlSecBase64Decode(const xmlChar* str, xmlSecByte *buf, xmlSecSize len) {
 
     ret = xmlSecBase64CtxInitialize(&ctx, 0, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecBase64CtxUpdate(&ctx, (const xmlSecByte*)str, xmlStrlen(str), buf, len);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxUpdate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBase64CtxFinalize(&ctx);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxUpdate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBase64CtxFinalize(&ctx);
+        return(-1);
     }
 
     size_update = ret;
     ret = xmlSecBase64CtxFinal(&ctx, buf + size_update, len - size_update);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64CtxFinal",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBase64CtxFinalize(&ctx);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64CtxFinal",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBase64CtxFinalize(&ctx);
+        return(-1);
     }
-    size_final = ret;    
+    size_final = ret;
 
     xmlSecBase64CtxFinalize(&ctx);
     return(size_update + size_final);
@@ -782,46 +782,46 @@ xmlSecBase64Decode(const xmlChar* str, xmlSecByte *buf, xmlSecSize len) {
  * Base64 Transform
  *
  * xmlSecBase64Ctx is located after xmlSecTransform
- * 
+ *
  **************************************************************/
 #define xmlSecBase64Size \
-	(sizeof(xmlSecTransform) + sizeof(xmlSecBase64Ctx))
+        (sizeof(xmlSecTransform) + sizeof(xmlSecBase64Ctx))
 #define xmlSecBase64GetCtx(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecBase64Size)) ? \
-	(xmlSecBase64CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlSecBase64CtxPtr)NULL)
+        (xmlSecBase64CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlSecBase64CtxPtr)NULL)
 
-static int		xmlSecBase64Initialize		(xmlSecTransformPtr transform);
-static void		xmlSecBase64Finalize		(xmlSecTransformPtr transform);
-static int 		xmlSecBase64Execute		(xmlSecTransformPtr transform, 
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecBase64Initialize          (xmlSecTransformPtr transform);
+static void             xmlSecBase64Finalize            (xmlSecTransformPtr transform);
+static int              xmlSecBase64Execute             (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecBase64Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecBase64Size,				/* xmlSecSize objSize */
-
-    xmlSecNameBase64,				/* const xmlChar* name; */
-    xmlSecHrefBase64,				/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecBase64Initialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecBase64Finalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecBase64Execute,			/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecBase64Size,                           /* xmlSecSize objSize */
+
+    xmlSecNameBase64,                           /* const xmlChar* name; */
+    xmlSecHrefBase64,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecBase64Initialize,                     /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecBase64Finalize,                       /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecBase64Execute,                        /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -829,42 +829,42 @@ static xmlSecTransformKlass xmlSecBase64Klass = {
  *
  * The Base64 transform klass (http://www.w3.org/TR/xmldsig-core/#sec-Base-64).
  * The normative specification for base64 decoding transforms is RFC 2045
- * (http://www.ietf.org/rfc/rfc2045.txt). The base64 Transform element has 
- * no content. The input is decoded by the algorithms. This transform is 
- * useful if an application needs to sign the raw data associated with 
+ * (http://www.ietf.org/rfc/rfc2045.txt). The base64 Transform element has
+ * no content. The input is decoded by the algorithms. This transform is
+ * useful if an application needs to sign the raw data associated with
  * the encoded content of an element.
  *
  * Returns: base64 transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformBase64GetKlass(void) {
     return(&xmlSecBase64Klass);
 }
 
 /**
  * xmlSecTransformBase64SetLineSize:
- * @transform: 		the pointer to BASE64 encode transform.
- * @lineSize: 		the new max line size.
+ * @transform:          the pointer to BASE64 encode transform.
+ * @lineSize:           the new max line size.
  *
  * Sets the max line size to @lineSize.
  */
 void
 xmlSecTransformBase64SetLineSize(xmlSecTransformPtr transform, xmlSecSize lineSize) {
     xmlSecBase64CtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id));
-    
+
     ctx = xmlSecBase64GetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
-    ctx->columns = lineSize;    
+
+    ctx->columns = lineSize;
 }
 
 static int
 xmlSecBase64Initialize(xmlSecTransformPtr transform) {
     xmlSecBase64CtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1);
 
     ctx = xmlSecBase64GetCtx(transform);
@@ -873,30 +873,30 @@ xmlSecBase64Initialize(xmlSecTransformPtr transform) {
     transform->operation = xmlSecTransformOperationDecode;
     ret = xmlSecBase64CtxInitialize(ctx, 0, xmlSecBase64GetDefaultLineSize());
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBase64CtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBase64CtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 static void
 xmlSecBase64Finalize(xmlSecTransformPtr transform) {
     xmlSecBase64CtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id));
 
     ctx = xmlSecBase64GetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecBase64CtxFinalize(ctx);
 }
 
-static int 
+static int
 xmlSecBase64Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecBase64CtxPtr ctx;
     xmlSecBufferPtr in, out;
@@ -906,127 +906,127 @@ xmlSecBase64Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPt
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformBase64Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncode) || (transform->operation == xmlSecTransformOperationDecode), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     ctx = xmlSecBase64GetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     in = &(transform->inBuf);
     out = &(transform->outBuf);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	ctx->encode = (transform->operation == xmlSecTransformOperationEncode) ? 1 : 0;
-	transform->status = xmlSecTransformStatusWorking;
+        ctx->encode = (transform->operation == xmlSecTransformOperationEncode) ? 1 : 0;
+        transform->status = xmlSecTransformStatusWorking;
     }
 
     switch(transform->status) {
-	case xmlSecTransformStatusWorking:
-	    inSize = xmlSecBufferGetSize(in);
-	    outSize = xmlSecBufferGetSize(out);
-	    if(inSize > 0) {
-		if(ctx->encode != 0) {
-		    outLen = 4 * inSize / 3 + 8;
-		    if(ctx->columns > 0) {
-			outLen += inSize / ctx->columns + 4;
-		    }
-		} else {
-		    outLen = 3 * inSize / 4 + 8;
-		}
-		ret = xmlSecBufferSetMaxSize(out, outSize + outLen);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferSetMaxSize",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", outSize + outLen);
-		    return(-1);
-		}
-
-		/* encode/decode the next chunk */
-		ret = xmlSecBase64CtxUpdate(ctx, xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out) + outSize, 
-					    outLen);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBase64CtxUpdate",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		    return(-1);
-		}
-		outLen = ret;
-		
-		/* set correct size */
-		ret = xmlSecBufferSetSize(out, outSize + outLen);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferSetSize",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", outSize + outLen);
-		    return(-1);
-		}
-		
-		/* remove chunk from input */
-		ret = xmlSecBufferRemoveHead(in, inSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferRemoveHead",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", inSize);
-		    return(-1);
-		}
-	    }
-	    
-	    if(last) {
-	        outSize = xmlSecBufferGetSize(out);
-
-		ret = xmlSecBufferSetMaxSize(out, outSize + 16);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferSetMaxSize",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", outSize + 16);
-		    return(-1);
-		}
-	
-		/* add from ctx buffer */
-		ret = xmlSecBase64CtxFinal(ctx, xmlSecBufferGetData(out) + outSize, 16);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBase64CtxFinal",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		    return(-1);
-		}
-		outLen = ret;
-		
-		/* set correct size */
-		ret = xmlSecBufferSetSize(out, outSize + outLen);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferSetSize",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", outSize + outLen);
-		    return(-1);
-		}
-		transform->status = xmlSecTransformStatusFinished;
-	    }
-	    break;
-	case xmlSecTransformStatusFinished:
-	    /* the only way we can get here is if there is no input */
-	    xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
-	    break;
-	default:
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_STATUS,
-			"status=%d", transform->status);
-	    return(-1);
+        case xmlSecTransformStatusWorking:
+            inSize = xmlSecBufferGetSize(in);
+            outSize = xmlSecBufferGetSize(out);
+            if(inSize > 0) {
+                if(ctx->encode != 0) {
+                    outLen = 4 * inSize / 3 + 8;
+                    if(ctx->columns > 0) {
+                        outLen += inSize / ctx->columns + 4;
+                    }
+                } else {
+                    outLen = 3 * inSize / 4 + 8;
+                }
+                ret = xmlSecBufferSetMaxSize(out, outSize + outLen);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferSetMaxSize",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", outSize + outLen);
+                    return(-1);
+                }
+
+                /* encode/decode the next chunk */
+                ret = xmlSecBase64CtxUpdate(ctx, xmlSecBufferGetData(in), inSize,
+                                            xmlSecBufferGetData(out) + outSize,
+                                            outLen);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBase64CtxUpdate",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+                }
+                outLen = ret;
+
+                /* set correct size */
+                ret = xmlSecBufferSetSize(out, outSize + outLen);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferSetSize",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", outSize + outLen);
+                    return(-1);
+                }
+
+                /* remove chunk from input */
+                ret = xmlSecBufferRemoveHead(in, inSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferRemoveHead",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", inSize);
+                    return(-1);
+                }
+            }
+
+            if(last) {
+                outSize = xmlSecBufferGetSize(out);
+
+                ret = xmlSecBufferSetMaxSize(out, outSize + 16);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferSetMaxSize",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", outSize + 16);
+                    return(-1);
+                }
+
+                /* add from ctx buffer */
+                ret = xmlSecBase64CtxFinal(ctx, xmlSecBufferGetData(out) + outSize, 16);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBase64CtxFinal",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+                }
+                outLen = ret;
+
+                /* set correct size */
+                ret = xmlSecBufferSetSize(out, outSize + outLen);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferSetSize",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", outSize + outLen);
+                    return(-1);
+                }
+                transform->status = xmlSecTransformStatusFinished;
+            }
+            break;
+        case xmlSecTransformStatusFinished:
+            /* the only way we can get here is if there is no input */
+            xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+            break;
+        default:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_STATUS,
+                        "status=%d", transform->status);
+            return(-1);
     }
     return(0);
 }
diff --git a/src/bn.c b/src/bn.c
index 5a26de28..06a31d5b 100644
--- a/src/bn.c
+++ b/src/bn.c
@@ -1,20 +1,20 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Big Numbers.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -44,10 +44,10 @@ static const int xmlSecBnLookupTable[] =
     -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
 };
 
-static const char xmlSecBnRevLookupTable[] = 
-{ 
-    '0', '1', '2', '3', '4', '5', '6', '7', 
-    '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' 
+static const char xmlSecBnRevLookupTable[] =
+{
+    '0', '1', '2', '3', '4', '5', '6', '7',
+    '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
 };
 
 /*****************************************************************************
@@ -57,118 +57,118 @@ static const char xmlSecBnRevLookupTable[] =
  ****************************************************************************/
 /**
  * xmlSecBnCreate:
- * @size:	the initial allocated BN size.
+ * @size:       the initial allocated BN size.
  *
  * Creates a new BN object. Caller is responsible for destroying it
  * by calling @xmlSecBnDestroy function.
  *
  * Returns: the newly BN or a NULL if an error occurs.
  */
-xmlSecBnPtr 
+xmlSecBnPtr
 xmlSecBnCreate(xmlSecSize size) {
     return(xmlSecBufferCreate(size));
 }
 
 /**
  * xmlSecBnDestroy:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Destroys @bn object created with @xmlSecBnCreate function.
  */
-void 
+void
 xmlSecBnDestroy(xmlSecBnPtr bn) {
     xmlSecBufferDestroy(bn);
 }
 
 /**
  * xmlSecBnInitialize:
- * @bn:		the pointer to BN.
- * @size:	the initial allocated BN size.
+ * @bn:         the pointer to BN.
+ * @size:       the initial allocated BN size.
  *
  * Initializes a BN object. Caller is responsible for destroying it
  * by calling @xmlSecBnFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnInitialize(xmlSecBnPtr bn, xmlSecSize size) {
     return(xmlSecBufferInitialize(bn, size));
 }
 
 /**
  * xmlSecBnFinalize:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Destroys @bn object created with @xmlSecBnInitialize function.
  */
-void 
+void
 xmlSecBnFinalize(xmlSecBnPtr bn) {
     xmlSecBufferFinalize(bn);
 }
 
 /**
  * xmlSecBnGetData:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Gets pointer to the binary @bn representation.
- * 
+ *
  * Returns: pointer to binary BN data or NULL if an error occurs.
  */
-xmlSecByte* 
+xmlSecByte*
 xmlSecBnGetData(xmlSecBnPtr bn) {
     return(xmlSecBufferGetData(bn));
 }
 
 /**
  * xmlSecBnSetData:
- * @bn:		the pointer to BN.
- * @data:	the pointer to new BN binary data.
- * @size:	the size of new BN data.
+ * @bn:         the pointer to BN.
+ * @data:       the pointer to new BN binary data.
+ * @size:       the size of new BN data.
  *
  * Sets the value of @bn to @data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnSetData(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize size) {
     return(xmlSecBufferSetData(bn, data, size));
 }
 
 /**
  * xmlSecBnGetSize:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Gets the size of binary data in @bn.
  *
  * Returns: the size of binary data.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecBnGetSize(xmlSecBnPtr bn) {
     return(xmlSecBufferGetSize(bn));
 }
 
 /**
  * xmlSecBnZero:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Sets the value of @bn to zero.
  */
-void 
+void
 xmlSecBnZero(xmlSecBnPtr bn) {
     xmlSecBufferEmpty(bn);
 }
 
 /**
  * xmlSecBnFromString:
- * @bn:		the pointer to BN.
- * @str:	the string with BN.
- * @base:	the base for @str.
+ * @bn:         the pointer to BN.
+ * @str:        the string with BN.
+ * @base:       the base for @str.
  *
  * Reads @bn from string @str assuming it has base @base.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
     xmlSecSize i, len, size;
     xmlSecByte ch;
@@ -187,21 +187,21 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
     if(len == 0) {
         return(0);
     }
-    
+
     /* The result size could not exceed the input string length
      * because each char fits inside a byte in all cases :)
      * In truth, it would be likely less than 1/2 input string length
-     * because each byte is represented by 2 chars. If needed, 
+     * because each byte is represented by 2 chars. If needed,
      * buffer size would be increased by Mul/Add functions.
      * Finally, we can add one byte for 00 or 10 prefix.
      */
     ret = xmlSecBufferSetMaxSize(bn, xmlSecBufferGetSize(bn) + len / 2 + 1 + 1);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecBnRevLookupTable",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "size=%d", len / 2 + 1);
+                        NULL,
+                        "xmlSecBnRevLookupTable",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", len / 2 + 1);
         return (-1);
     }
 
@@ -213,9 +213,9 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
 
         /* skip spaces */
         if(isspace(ch)) {
-	        continue;
-        } 
-        
+                continue;
+        }
+
         /* check if it is + or - */
         if(ch == '+') {
             positive = 1;
@@ -235,13 +235,13 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
             --i; /* make sure that we will look at this character in next loop */
             break;
         } else {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        NULL,
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        "char=%c;base=%d", 
-		        ch, base);
-    	        return (-1);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "char=%c;base=%d",
+                        ch, base);
+                return (-1);
         }
     }
 
@@ -249,40 +249,40 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
     while(i < len) {
         ch = str[i++];
         if(isspace(ch)) {
-	        continue;
+                continue;
         }
 
         xmlSecAssert2(ch <= sizeof(xmlSecBnLookupTable), -1);
         nn = xmlSecBnLookupTable[ch];
         if((nn < 0) || ((xmlSecSize)nn > base)) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        NULL,
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        "char=%c;base=%d", 
-		        ch, base);
-    	        return (-1);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "char=%c;base=%d",
+                        ch, base);
+                return (-1);
         }
 
         ret = xmlSecBnMul(bn, base);
         if(ret < 0) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecBnMul",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "base=%d", base);
-	        return (-1);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnMul",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "base=%d", base);
+                return (-1);
         }
 
         ret = xmlSecBnAdd(bn, nn);
         if(ret < 0) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecBnAdd",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "base=%d", base);
-	        return (-1);
-}	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "base=%d", base);
+                return (-1);
+}
     }
 
     /* check if we need to add 00 prefix, do this for empty bn too */
@@ -308,7 +308,7 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
         for(i = 0; i < size; ++i) {
             data[i] ^= 0xFF;
         }
-        
+
         ret = xmlSecBnAdd(bn, 1);
         if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
@@ -325,15 +325,15 @@ xmlSecBnFromString(xmlSecBnPtr bn, const xmlChar* str, xmlSecSize base) {
 
 /**
  * xmlSecBnToString:
- * @bn:		the pointer to BN.
- * @base:	the base for returned string.
+ * @bn:         the pointer to BN.
+ * @base:       the base for returned string.
  *
- * Writes @bn to string with base @base. Caller is responsible for 
+ * Writes @bn to string with base @base. Caller is responsible for
  * freeing returned string with @xmlFree.
  *
  * Returns: the string represenataion if BN or a NULL if an error occurs.
  */
-xmlChar* 
+xmlChar*
 xmlSecBnToString(xmlSecBnPtr bn, xmlSecSize base) {
     xmlSecBn bn2;
     int positive = 1;
@@ -361,7 +361,7 @@ xmlSecBnToString(xmlSecBnPtr bn, xmlSecSize base) {
             "size=%d", size);
         return (NULL);
     }
-    
+
     ret = xmlSecBnSetData(&bn2, data, size);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -398,18 +398,18 @@ xmlSecBnToString(xmlSecBnPtr bn, xmlSecSize base) {
     }
 
     /* Result string len is
-     *	    len = log base (256) * <bn size>
-     * Since the smallest base == 2 then we can get away with 
-     *	    len = 8 * <bn size>
+     *      len = log base (256) * <bn size>
+     * Since the smallest base == 2 then we can get away with
+     *      len = 8 * <bn size>
      */
     len = 8 * size + 1 + 1;
     res = (xmlChar*)xmlMalloc(len + 1);
     if(res == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            NULL,
-		            XMLSEC_ERRORS_R_MALLOC_FAILED,
-		            "len=%d", len);
+                            NULL,
+                            NULL,
+                            XMLSEC_ERRORS_R_MALLOC_FAILED,
+                            "len=%d", len);
         xmlSecBnFinalize(&bn2);
         return (NULL);
     }
@@ -454,70 +454,70 @@ xmlSecBnToString(xmlSecBnPtr bn, xmlSecSize base) {
 
 /**
  * xmlSecBnFromHexString:
- * @bn:		the pointer to BN.
- * @str:	the string with BN.
+ * @bn:         the pointer to BN.
+ * @str:        the string with BN.
  *
  * Reads @bn from hex string @str.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnFromHexString(xmlSecBnPtr bn, const xmlChar* str) {
     return(xmlSecBnFromString(bn, str, 16));
 }
 
 /**
  * xmlSecBnToHexString:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
- * Writes @bn to hex string. Caller is responsible for 
+ * Writes @bn to hex string. Caller is responsible for
  * freeing returned string with @xmlFree.
  *
  * Returns: the string represenataion if BN or a NULL if an error occurs.
  */
-xmlChar* 
+xmlChar*
 xmlSecBnToHexString(xmlSecBnPtr bn) {
     return(xmlSecBnToString(bn, 16));
 }
 
 /**
  * xmlSecBnFromDecString:
- * @bn:		the pointer to BN.
- * @str:	the string with BN.
+ * @bn:         the pointer to BN.
+ * @str:        the string with BN.
  *
  * Reads @bn from decimal string @str.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnFromDecString(xmlSecBnPtr bn, const xmlChar* str) {
     return(xmlSecBnFromString(bn, str, 10));
 }
 
 /**
  * xmlSecBnToDecString:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
- * Writes @bn to decimal string. Caller is responsible for 
+ * Writes @bn to decimal string. Caller is responsible for
  * freeing returned string with @xmlFree.
  *
  * Returns: the string represenataion if BN or a NULL if an error occurs.
  */
-xmlChar* 
+xmlChar*
 xmlSecBnToDecString(xmlSecBnPtr bn) {
     return(xmlSecBnToString(bn, 10));
 }
 
 /**
  * xmlSecBnMul:
- * @bn:			the pointer to BN.
- * @multiplier:		the multiplier.
+ * @bn:                 the pointer to BN.
+ * @multiplier:         the multiplier.
  *
  * Multiplies @bn with @multiplier.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnMul(xmlSecBnPtr bn, int multiplier) {
     xmlSecByte* data;
     int over;
@@ -529,49 +529,49 @@ xmlSecBnMul(xmlSecBnPtr bn, int multiplier) {
     xmlSecAssert2(multiplier > 0, -1);
 
     if(multiplier == 1) {
-	return(0);
+        return(0);
     }
 
     data = xmlSecBufferGetData(bn);
     i = xmlSecBufferGetSize(bn);
-    over = 0; 
+    over = 0;
     while(i > 0) {
-	xmlSecAssert2(data != NULL, -1);
+        xmlSecAssert2(data != NULL, -1);
 
-	over	= over + multiplier * data[--i];
-	data[i]	= over % 256;
-	over	= over / 256;
+        over    = over + multiplier * data[--i];
+        data[i] = over % 256;
+        over    = over / 256;
     }
-    
+
     while(over > 0) {
-	ch	= over % 256;
-	over	= over / 256;
-	
-	ret = xmlSecBufferPrepend(bn, &ch, 1);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferPrepend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=1");
-	    return (-1);
-	}
+        ch      = over % 256;
+        over    = over / 256;
+
+        ret = xmlSecBufferPrepend(bn, &ch, 1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferPrepend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=1");
+            return (-1);
+        }
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecBnDiv:
- * @bn:		the pointer to BN.
- * @divider:	the divider
- * @mod:	the pointer for modulus result.
+ * @bn:         the pointer to BN.
+ * @divider:    the divider
+ * @mod:        the pointer for modulus result.
  *
  * Divides @bn by @divider and places modulus into @mod.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnDiv(xmlSecBnPtr bn, int divider, int* mod) {
     int over;
     xmlSecSize i, size;
@@ -583,52 +583,52 @@ xmlSecBnDiv(xmlSecBnPtr bn, int divider, int* mod) {
     xmlSecAssert2(mod != NULL, -1);
 
     if(divider == 1) {
-	return(0);
+        return(0);
     }
 
     data = xmlSecBufferGetData(bn);
     size = xmlSecBufferGetSize(bn);
     for(over = 0, i = 0; i < size; i++) {
-	xmlSecAssert2(data != NULL, -1);
+        xmlSecAssert2(data != NULL, -1);
 
-	over	= over * 256 + data[i];
-	data[i]	= over / divider;
-	over	= over % divider;
+        over    = over * 256 + data[i];
+        data[i] = over / divider;
+        over    = over % divider;
     }
     (*mod) = over;
-    
+
     /* remove leading zeros */
     for(i = 0; i < size; i++) {
-	xmlSecAssert2(data != NULL, -1);
+        xmlSecAssert2(data != NULL, -1);
 
-	if(data[i] != 0) {
-	    break;
-	}
+        if(data[i] != 0) {
+            break;
+        }
     }
     if(i > 0) {
-	ret = xmlSecBufferRemoveHead(bn, i);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", i);
-	    return (-1);
-	}
+        ret = xmlSecBufferRemoveHead(bn, i);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", i);
+            return (-1);
+        }
     }
     return(0);
 }
 
 /**
  * xmlSecBnAdd:
- * @bn:		the pointer to BN.
- * @delta:	the delta.
+ * @bn:         the pointer to BN.
+ * @delta:      the delta.
  *
  * Adds @delta to @bn.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnAdd(xmlSecBnPtr bn, int delta) {
     int over, tmp;
     xmlSecByte* data;
@@ -639,41 +639,41 @@ xmlSecBnAdd(xmlSecBnPtr bn, int delta) {
     xmlSecAssert2(bn != NULL, -1);
 
     if(delta == 0) {
-    	return(0);
+        return(0);
     }
 
     data = xmlSecBufferGetData(bn);
     if(delta > 0) {
         for(over = delta, i = xmlSecBufferGetSize(bn); (i > 0) && (over > 0) ;) {
-	        xmlSecAssert2(data != NULL, -1);
-	
+                xmlSecAssert2(data != NULL, -1);
+
             tmp     = data[--i];
-        	over   += tmp;
-	        data[i]	= over % 256;
-	        over	= over / 256;
+                over   += tmp;
+                data[i] = over % 256;
+                over    = over / 256;
         }
-    
+
         while(over > 0) {
-	        ch	= over % 256;
-	        over	= over / 256;
-	
-        	ret = xmlSecBufferPrepend(bn, &ch, 1);
-	        if(ret < 0) {
-	            xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecBufferPrepend",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "size=1");
-	            return (-1);
-	        }
+                ch      = over % 256;
+                over    = over / 256;
+
+                ret = xmlSecBufferPrepend(bn, &ch, 1);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecBufferPrepend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=1");
+                    return (-1);
+                }
         }
     } else {
         for(over = -delta, i = xmlSecBufferGetSize(bn); (i > 0) && (over > 0);) {
-	        xmlSecAssert2(data != NULL, -1);
-	
+                xmlSecAssert2(data != NULL, -1);
+
             tmp     = data[--i];
             if(tmp < over) {
-                data[i]	= 0;
+                data[i] = 0;
                 over = (over - tmp) / 256;
             } else {
                 data[i] = tmp - over;
@@ -686,13 +686,13 @@ xmlSecBnAdd(xmlSecBnPtr bn, int delta) {
 
 /**
  * xmlSecBnReverse:
- * @bn:		the pointer to BN.
+ * @bn:         the pointer to BN.
  *
  * Reverses bytes order in @bn.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBnReverse(xmlSecBnPtr bn) {
     xmlSecByte* data;
     xmlSecSize i, j, size;
@@ -703,28 +703,28 @@ xmlSecBnReverse(xmlSecBnPtr bn) {
     data = xmlSecBufferGetData(bn);
     size = xmlSecBufferGetSize(bn);
     for(i = 0, j = size - 1; i < size / 2; ++i, --j) {
-	xmlSecAssert2(data != NULL, -1);
+        xmlSecAssert2(data != NULL, -1);
 
-	ch	 = data[i];
-	data[i]	 = data[j];
-	data[j]  = ch;
-    }    
+        ch       = data[i];
+        data[i]  = data[j];
+        data[j]  = ch;
+    }
 
     return(0);
 }
 
 /**
  * xmlSecBnCompare:
- * @bn:		the pointer to BN.
- * @data:	the data to compare BN to.
- * @dataSize:	the @data size.
+ * @bn:         the pointer to BN.
+ * @data:       the data to compare BN to.
+ * @dataSize:   the @data size.
  *
  * Compares the @bn with @data.
  *
  * Returns: 0 if data is equal, negative value if @bn is less or positive value if @bn
  * is greater than @data.
  */
-int 
+int
 xmlSecBnCompare(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSize) {
     xmlSecByte* bnData;
     xmlSecSize bnSize;
@@ -736,25 +736,25 @@ xmlSecBnCompare(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSize) {
 
     /* skip zeros in the beggining */
     while((dataSize > 0) && (data != 0) && (data[0] == 0)) {
-	++data;
-	--dataSize;
+        ++data;
+        --dataSize;
     }
     while((bnSize > 0) && (bnData != 0) && (bnData[0] == 0)) {
-	++bnData;
-	--bnSize;
+        ++bnData;
+        --bnSize;
     }
 
     if(((bnData == NULL) || (bnSize == 0)) && ((data == NULL) || (dataSize == 0))) {
-	return(0);
+        return(0);
     } else if((bnData == NULL) || (bnSize == 0)) {
-	return(-1);
+        return(-1);
     } else if((data == NULL) || (dataSize == 0)) {
-	return(1);
+        return(1);
     } else if(bnSize < dataSize) {
-	return(-1);
+        return(-1);
     } else if(bnSize > dataSize) {
-	return(-1);
-    } 
+        return(-1);
+    }
 
     xmlSecAssert2(bnData != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
@@ -765,16 +765,16 @@ xmlSecBnCompare(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSize) {
 
 /**
  * xmlSecBnCompareReverse:
- * @bn:		the pointer to BN.
- * @data:	the data to compare BN to.
- * @dataSize:	the @data size.
+ * @bn:         the pointer to BN.
+ * @data:       the data to compare BN to.
+ * @dataSize:   the @data size.
  *
  * Compares the @bn with reverse @data.
  *
  * Returns: 0 if data is equal, negative value if @bn is less or positive value if @bn
  * is greater than @data.
  */
-int 
+int
 xmlSecBnCompareReverse(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSize) {
     xmlSecByte* bnData;
     xmlSecSize bnSize;
@@ -787,34 +787,34 @@ xmlSecBnCompareReverse(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSi
 
     /* skip zeros in the beggining */
     while((dataSize > 0) && (data != 0) && (data[dataSize - 1] == 0)) {
-	--dataSize;
+        --dataSize;
     }
     while((bnSize > 0) && (bnData != 0) && (bnData[0] == 0)) {
-	++bnData;
-	--bnSize;
+        ++bnData;
+        --bnSize;
     }
 
     if(((bnData == NULL) || (bnSize == 0)) && ((data == NULL) || (dataSize == 0))) {
-	return(0);
+        return(0);
     } else if((bnData == NULL) || (bnSize == 0)) {
-	return(-1);
+        return(-1);
     } else if((data == NULL) || (dataSize == 0)) {
-	return(1);
+        return(1);
     } else if(bnSize < dataSize) {
-	return(-1);
+        return(-1);
     } else if(bnSize > dataSize) {
-	return(-1);
-    } 
+        return(-1);
+    }
 
     xmlSecAssert2(bnData != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(bnSize == dataSize, -1);
     for(i = 0, j = dataSize - 1; i < dataSize; ++i, --j) {
-	if(bnData[i] < data[j]) {
-	    return(-1);
-	} else if(data[j] < bnData[i]) {
-	    return(1);
-	}
+        if(bnData[i] < data[j]) {
+            return(-1);
+        } else if(data[j] < bnData[i]) {
+            return(1);
+        }
     }
 
     return(0);
@@ -822,16 +822,16 @@ xmlSecBnCompareReverse(xmlSecBnPtr bn, const xmlSecByte* data, xmlSecSize dataSi
 
 /**
  * xmlSecBnGetNodeValue:
- * @bn:		the pointer to BN.
- * @cur:	the poitner to an XML node.
- * @format:	the BN format.
- * @reverse:	if set then reverse read buffer after reading.
+ * @bn:         the pointer to BN.
+ * @cur:        the poitner to an XML node.
+ * @format:     the BN format.
+ * @reverse:    if set then reverse read buffer after reading.
  *
  * Converts the node content from @format to @bn.
  *
  * Returns: 0 on success and a negative values if an error occurs.
  */
-int 
+int
 xmlSecBnGetNodeValue(xmlSecBnPtr bn, xmlNodePtr cur, xmlSecBnFormat format, int reverse) {
     xmlChar* content;
     int ret;
@@ -841,89 +841,89 @@ xmlSecBnGetNodeValue(xmlSecBnPtr bn, xmlNodePtr cur, xmlSecBnFormat format, int
 
     switch(format) {
     case xmlSecBnBase64:
-	ret = xmlSecBufferBase64NodeContentRead(bn, cur);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferBase64NodeContentRead",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	break;
+        ret = xmlSecBufferBase64NodeContentRead(bn, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferBase64NodeContentRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        break;
     case xmlSecBnHex:
-	content = xmlNodeGetContent(cur);
-	if(content == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlNodeGetContent",
-	    		XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	ret = xmlSecBnFromHexString(bn, content);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnFromHexString",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(content);
-	    return(-1);
-	}
-	xmlFree(content);
-	break;
+        content = xmlNodeGetContent(cur);
+        if(content == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNodeGetContent",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        ret = xmlSecBnFromHexString(bn, content);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnFromHexString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(content);
+            return(-1);
+        }
+        xmlFree(content);
+        break;
     case xmlSecBnDec:
-	content = xmlNodeGetContent(cur);
-	if(content == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlNodeGetContent",
-	    		XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	ret = xmlSecBnFromDecString(bn, content);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnFromDecString",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(content);
-	    return(-1);
-	}
-	xmlFree(content);
-	break;
+        content = xmlNodeGetContent(cur);
+        if(content == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNodeGetContent",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        ret = xmlSecBnFromDecString(bn, content);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnFromDecString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(content);
+            return(-1);
+        }
+        xmlFree(content);
+        break;
     }
 
     if(reverse != 0) {
-    	ret = xmlSecBnReverse(bn);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnReverse",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        ret = xmlSecBnReverse(bn);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnReverse",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
 
 /**
  * xmlSecBnSetNodeValue:
- * @bn:			the pointer to BN.
- * @cur:		the poitner to an XML node.
- * @format:		the BN format.
- * @reverse:		the flag that indicates whether to reverse the buffer before writing.
- * @addLineBreaks:  	the flag; it is equal to 1 then linebreaks will be added before and after new buffer content.
+ * @bn:                 the pointer to BN.
+ * @cur:                the poitner to an XML node.
+ * @format:             the BN format.
+ * @reverse:            the flag that indicates whether to reverse the buffer before writing.
+ * @addLineBreaks:      the flag; it is equal to 1 then linebreaks will be added before and after new buffer content.
  *
  * Converts the @bn and sets it to node content.
  *
  * Returns: 0 on success and a negative values if an error occurs.
  */
-int  
+int
 xmlSecBnSetNodeValue(xmlSecBnPtr bn, xmlNodePtr cur, xmlSecBnFormat format, int reverse, int addLineBreaks) {
     xmlChar* content;
     int ret;
@@ -932,65 +932,65 @@ xmlSecBnSetNodeValue(xmlSecBnPtr bn, xmlNodePtr cur, xmlSecBnFormat format, int
     xmlSecAssert2(cur != NULL, -1);
 
     if(reverse != 0) {
-    	ret = xmlSecBnReverse(bn);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnReverse",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        ret = xmlSecBnReverse(bn);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnReverse",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     if(addLineBreaks) {
-	xmlNodeAddContent(cur, xmlSecStringCR);
+        xmlNodeAddContent(cur, xmlSecStringCR);
     }
 
     switch(format) {
     case xmlSecBnBase64:
-	ret = xmlSecBufferBase64NodeContentWrite(bn, cur, xmlSecBase64GetDefaultLineSize());
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferBase64NodeContentWrite",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	break;
+        ret = xmlSecBufferBase64NodeContentWrite(bn, cur, xmlSecBase64GetDefaultLineSize());
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferBase64NodeContentWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        break;
     case xmlSecBnHex:
-	content = xmlSecBnToHexString(bn);
-	if(content == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnToHexString",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(content);
-	    return(-1);
-	}
-	xmlNodeSetContent(cur, content);
-	xmlFree(content);
-	break;
+        content = xmlSecBnToHexString(bn);
+        if(content == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnToHexString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(content);
+            return(-1);
+        }
+        xmlNodeSetContent(cur, content);
+        xmlFree(content);
+        break;
     case xmlSecBnDec:
-	content = xmlSecBnToDecString(bn);
-	if(content == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBnToDecString",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(content);
-	    return(-1);
-	}
-	xmlNodeSetContent(cur, content);
-	xmlFree(content);
-	break;
+        content = xmlSecBnToDecString(bn);
+        if(content == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBnToDecString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(content);
+            return(-1);
+        }
+        xmlNodeSetContent(cur, content);
+        xmlFree(content);
+        break;
     }
 
     if(addLineBreaks) {
-	xmlNodeAddContent(cur, xmlSecStringCR);
+        xmlNodeAddContent(cur, xmlSecStringCR);
     }
 
     return(0);
@@ -998,23 +998,23 @@ xmlSecBnSetNodeValue(xmlSecBnPtr bn, xmlNodePtr cur, xmlSecBnFormat format, int
 
 /**
  * xmlSecBnBlobSetNodeValue:
- * @data:	the pointer to BN blob.
- * @dataSize:	the size of BN blob.
- * @cur:	the poitner to an XML node.
- * @format:	the BN format.
- * @reverse:	the flag that indicates whether to reverse the buffer before writing.
- * @addLineBreaks:  if the flag is equal to 1 then 
- *		linebreaks will be added before and after
- *		new buffer content.
+ * @data:       the pointer to BN blob.
+ * @dataSize:   the size of BN blob.
+ * @cur:        the poitner to an XML node.
+ * @format:     the BN format.
+ * @reverse:    the flag that indicates whether to reverse the buffer before writing.
+ * @addLineBreaks:  if the flag is equal to 1 then
+ *              linebreaks will be added before and after
+ *              new buffer content.
  *
  * Converts the @blob and sets it to node content.
  *
  * Returns: 0 on success and a negative values if an error occurs.
  */
-int  
-xmlSecBnBlobSetNodeValue(const xmlSecByte* data, xmlSecSize dataSize, 
-			 xmlNodePtr cur, xmlSecBnFormat format, int reverse,
-			 int addLineBreaks) {
+int
+xmlSecBnBlobSetNodeValue(const xmlSecByte* data, xmlSecSize dataSize,
+                         xmlNodePtr cur, xmlSecBnFormat format, int reverse,
+                         int addLineBreaks) {
     xmlSecBn bn;
     int ret;
 
@@ -1023,34 +1023,34 @@ xmlSecBnBlobSetNodeValue(const xmlSecByte* data, xmlSecSize dataSize,
 
     ret = xmlSecBnInitialize(&bn, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnInitialize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecBnSetData(&bn, data, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnSetData",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBnFinalize(&bn);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBnFinalize(&bn);
+        return(-1);
     }
 
     ret = xmlSecBnSetNodeValue(&bn, cur, format, reverse, addLineBreaks);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnSetNodeValue",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBnFinalize(&bn);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBnFinalize(&bn);
+        return(-1);
     }
 
     xmlSecBnFinalize(&bn);
diff --git a/src/buffer.c b/src/buffer.c
index c13fe44f..0efbfed2 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Memory buffer.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -33,22 +33,22 @@ static xmlSecSize gInitialSize = 1024;
 
 /**
  * xmlSecBufferSetDefaultAllocMode:
- * @defAllocMode:	the new default buffer allocation mode.
- * @defInitialSize:	the new default buffer minimal intial size.
- * 
+ * @defAllocMode:       the new default buffer allocation mode.
+ * @defInitialSize:     the new default buffer minimal intial size.
+ *
  * Sets new global default allocation mode and minimal intial size.
  */
-void 
+void
 xmlSecBufferSetDefaultAllocMode(xmlSecAllocMode defAllocMode, xmlSecSize defInitialSize) {
     xmlSecAssert(defInitialSize > 0);
-    
+
     gAllocMode = defAllocMode;
     gInitialSize = defInitialSize;
 }
 
 /**
  * xmlSecBufferCreate:
- * @size: 		the intial size.
+ * @size:               the intial size.
  *
  * Allocates and initalizes new memory buffer with given size.
  * Caller is responsible for calling #xmlSecBufferDestroy function
@@ -56,83 +56,83 @@ xmlSecBufferSetDefaultAllocMode(xmlSecAllocMode defAllocMode, xmlSecSize defInit
  *
  * Returns: pointer to newly allocated buffer or NULL if an error occurs.
  */
-xmlSecBufferPtr 
+xmlSecBufferPtr
 xmlSecBufferCreate(xmlSecSize size) {
     xmlSecBufferPtr buf;
     int ret;
-    
+
     buf = (xmlSecBufferPtr)xmlMalloc(sizeof(xmlSecBuffer));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecBuffer)=%d", sizeof(xmlSecBuffer));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecBuffer)=%d", sizeof(xmlSecBuffer));
+        return(NULL);
     }
-    
+
     ret = xmlSecBufferInitialize(buf, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	xmlSecBufferDestroy(buf);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        xmlSecBufferDestroy(buf);
+        return(NULL);
     }
     return(buf);
 }
 
 /**
  * xmlSecBufferDestroy:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Desrtoys buffer object created with #xmlSecBufferCreate function.
  */
-void 
+void
 xmlSecBufferDestroy(xmlSecBufferPtr buf) {
     xmlSecAssert(buf != NULL);
-    
+
     xmlSecBufferFinalize(buf);
     xmlFree(buf);
 }
 
 /**
  * xmlSecBufferInitialize:
- * @buf:		the pointer to buffer object.
- * @size:		the initial buffer size.
+ * @buf:                the pointer to buffer object.
+ * @size:               the initial buffer size.
  *
  * Initializes buffer object @buf. Caller is responsible for calling
  * #xmlSecBufferFinalize function to free allocated resources.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferInitialize(xmlSecBufferPtr buf, xmlSecSize size) {
     xmlSecAssert2(buf != NULL, -1);
 
     buf->data = NULL;
     buf->size = buf->maxSize = 0;
     buf->allocMode = gAllocMode;
-        
+
     return(xmlSecBufferSetMaxSize(buf, size));
 }
 
 /**
  * xmlSecBufferFinalize:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Frees allocated resource for a buffer intialized with #xmlSecBufferInitialize
  * function.
  */
-void 
+void
 xmlSecBufferFinalize(xmlSecBufferPtr buf) {
     xmlSecAssert(buf != NULL);
 
-    xmlSecBufferEmpty(buf);    
+    xmlSecBufferEmpty(buf);
     if(buf->data != 0) {
-	xmlFree(buf->data);
+        xmlFree(buf->data);
     }
     buf->data = NULL;
     buf->size = buf->maxSize = 0;
@@ -140,83 +140,83 @@ xmlSecBufferFinalize(xmlSecBufferPtr buf) {
 
 /**
  * xmlSecBufferEmpty:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Empties the buffer.
  */
 void
 xmlSecBufferEmpty(xmlSecBufferPtr buf) {
     xmlSecAssert(buf != NULL);
-    
+
     if(buf->data != 0) {
-	xmlSecAssert(buf->maxSize > 0);
+        xmlSecAssert(buf->maxSize > 0);
 
-	memset(buf->data, 0, buf->maxSize);
+        memset(buf->data, 0, buf->maxSize);
     }
     buf->size = 0;
 }
 
 /**
  * xmlSecBufferGetData:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Gets pointer to buffer's data.
  *
  * Returns: pointer to buffer's data.
  */
-xmlSecByte* 
+xmlSecByte*
 xmlSecBufferGetData(xmlSecBufferPtr buf) {
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     return(buf->data);
 }
 
 /**
  * xmlSecBufferSetData:
- * @buf:		the pointer to buffer object.
- * @data:		the data.
- * @size:		the data size.
+ * @buf:                the pointer to buffer object.
+ * @data:               the data.
+ * @size:               the data size.
  *
  * Sets the value of the buffer to @data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferSetData(xmlSecBufferPtr buf, const xmlSecByte* data, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
 
     xmlSecBufferEmpty(buf);
     if(size > 0) {
-	xmlSecAssert2(data != NULL, -1);
-    
-	ret = xmlSecBufferSetMaxSize(buf, size);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", size);
-	    return(-1);
+        xmlSecAssert2(data != NULL, -1);
+
+        ret = xmlSecBufferSetMaxSize(buf, size);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", size);
+            return(-1);
         }
-	
-	memcpy(buf->data, data, size);
+
+        memcpy(buf->data, data, size);
     }
-    
-    buf->size = size;    
+
+    buf->size = size;
     return(0);
 }
 
 /**
  * xmlSecBufferGetSize:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Gets the current buffer data size.
  *
  * Returns: the current data size.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecBufferGetSize(xmlSecBufferPtr buf) {
     xmlSecAssert2(buf != NULL, 0);
 
@@ -225,44 +225,44 @@ xmlSecBufferGetSize(xmlSecBufferPtr buf) {
 
 /**
  * xmlSecBufferSetSize:
- * @buf:		the pointer to buffer object.
- * @size:		the new data size.
+ * @buf:                the pointer to buffer object.
+ * @size:               the new data size.
  *
- * Sets new buffer data size. If necessary, buffer grows to 
- * have at least @size bytes. 
+ * Sets new buffer data size. If necessary, buffer grows to
+ * have at least @size bytes.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferSetSize(xmlSecBufferPtr buf, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
 
     ret = xmlSecBufferSetMaxSize(buf, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
     }
-    
-    
+
+
     buf->size = size;
     return(0);
 }
 
 /**
  * xmlSecBufferGetMaxSize:
- * @buf:		the pointer to buffer object.
+ * @buf:                the pointer to buffer object.
  *
  * Gets the maximum (allocated) buffer size.
  *
  * Returns: the maximum (allocated) buffer size.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecBufferGetMaxSize(xmlSecBufferPtr buf) {
     xmlSecAssert2(buf != NULL, 0);
 
@@ -271,104 +271,104 @@ xmlSecBufferGetMaxSize(xmlSecBufferPtr buf) {
 
 /**
  * xmlSecBufferSetMaxSize:
- * @buf:		the pointer to buffer object.
- * @size:		the new maximum size.
+ * @buf:                the pointer to buffer object.
+ * @size:               the new maximum size.
  *
- * Sets new buffer maximum size. If necessary, buffer grows to 
- * have at least @size bytes. 
+ * Sets new buffer maximum size. If necessary, buffer grows to
+ * have at least @size bytes.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferSetMaxSize(xmlSecBufferPtr buf, xmlSecSize size) {
     xmlSecByte* newData;
     xmlSecSize newSize = 0;
-    
+
     xmlSecAssert2(buf != NULL, -1);
     if(size <= buf->maxSize) {
-	return(0);
+        return(0);
     }
-    
+
     switch(buf->allocMode) {
-	case xmlSecAllocModeExact:
-	    newSize = size + 8;
-	    break;
-	case xmlSecAllocModeDouble:
-	    newSize = 2 * size + 32;
-	    break;
+        case xmlSecAllocModeExact:
+            newSize = size + 8;
+            break;
+        case xmlSecAllocModeDouble:
+            newSize = 2 * size + 32;
+            break;
     }
 
     if(newSize < gInitialSize) {
-	newSize = gInitialSize;
+        newSize = gInitialSize;
     }
-    
+
 
     if(buf->data != NULL) {
-    	newData = (xmlSecByte*)xmlRealloc(buf->data, newSize);
+        newData = (xmlSecByte*)xmlRealloc(buf->data, newSize);
     } else {
-    	newData = (xmlSecByte*)xmlMalloc(newSize);
+        newData = (xmlSecByte*)xmlMalloc(newSize);
     }
     if(newData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", newSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", newSize);
+        return(-1);
     }
-    
+
     buf->data = newData;
     buf->maxSize = newSize;
 
     if(buf->size < buf->maxSize) {
-	xmlSecAssert2(buf->data != NULL, -1);
-	memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
+        xmlSecAssert2(buf->data != NULL, -1);
+        memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecBufferAppend:
- * @buf:		the pointer to buffer object.
- * @data:		the data.
- * @size:		the data size.
+ * @buf:                the pointer to buffer object.
+ * @data:               the data.
+ * @size:               the data size.
  *
  * Appends the @data after the current data stored in the buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferAppend(xmlSecBufferPtr buf, const xmlSecByte* data, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
 
     if(size > 0) {
-	xmlSecAssert2(data != NULL, -1);
-    
+        xmlSecAssert2(data != NULL, -1);
+
         ret = xmlSecBufferSetMaxSize(buf, buf->size + size);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", buf->size + size);
-	    return(-1);
-	}
-	
-	memcpy(buf->data + buf->size, data, size);
-	buf->size += size;    
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", buf->size + size);
+            return(-1);
+        }
+
+        memcpy(buf->data + buf->size, data, size);
+        buf->size += size;
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecBufferPrepend:
- * @buf:		the pointer to buffer object.
- * @data:		the data.
- * @size:		the data size.
+ * @buf:                the pointer to buffer object.
+ * @data:               the data.
+ * @size:               the data size.
  *
  * Prepends the @data before the current data stored in the buffer.
  *
@@ -377,93 +377,93 @@ xmlSecBufferAppend(xmlSecBufferPtr buf, const xmlSecByte* data, xmlSecSize size)
 int
 xmlSecBufferPrepend(xmlSecBufferPtr buf, const xmlSecByte* data, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
 
     if(size > 0) {
-	xmlSecAssert2(data != NULL, -1);
-    
-	ret = xmlSecBufferSetMaxSize(buf, buf->size + size);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", buf->size + size);
-	    return(-1);
-	}
-
-	memmove(buf->data + size, buf->data, buf->size);	
-	memcpy(buf->data, data, size);
-	buf->size += size;    
+        xmlSecAssert2(data != NULL, -1);
+
+        ret = xmlSecBufferSetMaxSize(buf, buf->size + size);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", buf->size + size);
+            return(-1);
+        }
+
+        memmove(buf->data + size, buf->data, buf->size);
+        memcpy(buf->data, data, size);
+        buf->size += size;
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecBufferRemoveHead:
- * @buf:		the pointer to buffer object.
- * @size:		the number of bytes to be removed.
+ * @buf:                the pointer to buffer object.
+ * @size:               the number of bytes to be removed.
  *
  * Removes @size bytes from the beginning of the current buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferRemoveHead(xmlSecBufferPtr buf, xmlSecSize size) {
     xmlSecAssert2(buf != NULL, -1);
-    
+
     if(size < buf->size) {
-	xmlSecAssert2(buf->data != NULL, -1);
-	
-	buf->size -= size;
-	memmove(buf->data, buf->data + size, buf->size);
+        xmlSecAssert2(buf->data != NULL, -1);
+
+        buf->size -= size;
+        memmove(buf->data, buf->data + size, buf->size);
     } else {
-	buf->size = 0;
+        buf->size = 0;
     }
     if(buf->size < buf->maxSize) {
-	xmlSecAssert2(buf->data != NULL, -1);
-	memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
+        xmlSecAssert2(buf->data != NULL, -1);
+        memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
     }
     return(0);
 }
 
 /**
  * xmlSecBufferRemoveTail:
- * @buf:		the pointer to buffer object.
- * @size:		the number of bytes to be removed.
+ * @buf:                the pointer to buffer object.
+ * @size:               the number of bytes to be removed.
  *
  * Removes @size bytes from the end of current buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferRemoveTail(xmlSecBufferPtr buf, xmlSecSize size) {
     xmlSecAssert2(buf != NULL, -1);
 
     if(size < buf->size) {
-	buf->size -= size;
+        buf->size -= size;
     } else {
-	buf->size = 0;
+        buf->size = 0;
     }
     if(buf->size < buf->maxSize) {
-	xmlSecAssert2(buf->data != NULL, -1);
-	memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
+        xmlSecAssert2(buf->data != NULL, -1);
+        memset(buf->data + buf->size, 0, buf->maxSize - buf->size);
     }
     return(0);
 }
 
 /**
  * xmlSecBufferReadFile:
- * @buf:		the pointer to buffer object.
- * @filename:		the filename.
+ * @buf:                the pointer to buffer object.
+ * @filename:           the filename.
  *
  * Reads the content of the file @filename in the buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferReadFile(xmlSecBufferPtr buf, const char* filename) {
     xmlSecByte buffer[1024];
     FILE* f;
@@ -474,43 +474,43 @@ xmlSecBufferReadFile(xmlSecBufferPtr buf, const char* filename) {
 
     f = fopen(filename, "rb");
     if(f == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "fopen",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename),
-		    errno);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "fopen",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        return(-1);
     }
 
     while(1) {
         len = fread(buffer, 1, sizeof(buffer), f);
-	if(len == 0) {
+        if(len == 0) {
             break;
         }else if(len < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "fread",
                         XMLSEC_ERRORS_R_IO_FAILED,
-                        "filename=%s;errno=%d", 
+                        "filename=%s;errno=%d",
                         xmlSecErrorsSafeString(filename),
-			errno);
+                        errno);
             fclose(f);
             return(-1);
         }
 
-	ret = xmlSecBufferAppend(buf, buffer, len);
-	if(ret < 0) {
+        ret = xmlSecBufferAppend(buf, buffer, len);
+        if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlSecBufferAppend",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                        "size=%d", 
+                        "size=%d",
                         len);
             fclose(f);
             return(-1);
-        }     
+        }
     }
 
     fclose(f);
@@ -519,101 +519,101 @@ xmlSecBufferReadFile(xmlSecBufferPtr buf, const char* filename) {
 
 /**
  * xmlSecBufferBase64NodeContentRead:
- * @buf:		the pointer to buffer object.
- * @node:		the pointer to node.
+ * @buf:                the pointer to buffer object.
+ * @node:               the pointer to node.
  *
  * Reads the content of the @node, base64 decodes it and stores the
  * result in the buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferBase64NodeContentRead(xmlSecBufferPtr buf, xmlNodePtr node) {
     xmlChar* content;
     xmlSecSize size;
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     content = xmlNodeGetContent(node);
     if(content == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);		
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     /* base64 decode size is less than input size */
     ret = xmlSecBufferSetMaxSize(buf, xmlStrlen(content));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
     }
-    
+
     ret = xmlSecBase64Decode(content, xmlSecBufferGetData(buf), xmlSecBufferGetMaxSize(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
     }
     size = ret;
 
     ret = xmlSecBufferSetSize(buf, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	xmlFree(content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        xmlFree(content);
+        return(-1);
     }
     xmlFree(content);
-    
+
     return(0);
 }
 
 /**
  * xmlSecBufferBase64NodeContentWrite:
- * @buf:		the pointer to buffer object.
- * @node:		the pointer to a node.
- * @columns:		the max line size fro base64 encoded data.
+ * @buf:                the pointer to buffer object.
+ * @node:               the pointer to a node.
+ * @columns:            the max line size fro base64 encoded data.
  *
  * Sets the content of the @node to the base64 encoded buffer data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecBufferBase64NodeContentWrite(xmlSecBufferPtr buf, xmlNodePtr node, int columns) {
     xmlChar* content;
-    
+
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     content = xmlSecBase64Encode(xmlSecBufferGetData(buf), xmlSecBufferGetSize(buf), columns);
     if(content == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlNodeAddContent(node, content);
     xmlFree(content);
-    
+
     return(0);
 }
 
@@ -621,54 +621,54 @@ xmlSecBufferBase64NodeContentWrite(xmlSecBufferPtr buf, xmlNodePtr node, int col
  *
  * IO buffer
  *
- ************************************************************************/ 
-static int	xmlSecBufferIOWrite				(xmlSecBufferPtr buf,
-								 const xmlSecByte *data,
-								 xmlSecSize size);		
-static int	xmlSecBufferIOClose				(xmlSecBufferPtr buf);
+ ************************************************************************/
+static int      xmlSecBufferIOWrite                             (xmlSecBufferPtr buf,
+                                                                 const xmlSecByte *data,
+                                                                 xmlSecSize size);
+static int      xmlSecBufferIOClose                             (xmlSecBufferPtr buf);
 
 /**
  * xmlSecBufferCreateOutputBuffer:
- * @buf:		the pointer to buffer.
+ * @buf:                the pointer to buffer.
  *
- * Creates new LibXML output buffer to store data in the @buf. Caller is 
- * responsible for destroying @buf when processing is done. 
+ * Creates new LibXML output buffer to store data in the @buf. Caller is
+ * responsible for destroying @buf when processing is done.
  *
  * Returns: pointer to newly allocated output buffer or NULL if an error
  * occurs.
  */
-xmlOutputBufferPtr 
+xmlOutputBufferPtr
 xmlSecBufferCreateOutputBuffer(xmlSecBufferPtr buf) {
     return(xmlOutputBufferCreateIO((xmlOutputWriteCallback)xmlSecBufferIOWrite,
-				     (xmlOutputCloseCallback)xmlSecBufferIOClose,
-				     buf,
-				     NULL)); 
+                                     (xmlOutputCloseCallback)xmlSecBufferIOClose,
+                                     buf,
+                                     NULL));
 }
 
-static int 
+static int
 xmlSecBufferIOWrite(xmlSecBufferPtr buf, const xmlSecByte *data, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
-    
+
     ret = xmlSecBufferAppend(buf, data, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferAppend",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferAppend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
     }
-    
-    return(size);    
+
+    return(size);
 }
 
-static int 
+static int
 xmlSecBufferIOClose(xmlSecBufferPtr buf) {
     xmlSecAssert2(buf != NULL, -1);
-    
+
     /* just do nothing */
     return(0);
 }
diff --git a/src/c14n.c b/src/c14n.c
index 384e2d86..5967a35e 100644
--- a/src/c14n.c
+++ b/src/c14n.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Canonicalization transforms.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -28,16 +28,16 @@
  *
  * C14N transforms
  *
- * Inclusive namespaces list for ExclC14N (xmlSecStringList) is located 
+ * Inclusive namespaces list for ExclC14N (xmlSecStringList) is located
  * after xmlSecTransform structure
- * 
+ *
  *****************************************************************************/
-#define xmlSecTransformC14NSize	\
+#define xmlSecTransformC14NSize \
     (sizeof(xmlSecTransform) + sizeof(xmlSecPtrList))
 #define xmlSecTransformC14NGetNsList(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecTransformC14NSize)) ? \
-	(xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlSecPtrListPtr)NULL)
+        (xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlSecPtrListPtr)NULL)
 
 #define xmlSecTransformC14NCheckId(transform) \
     (xmlSecTransformInclC14NCheckId((transform)) || \
@@ -55,41 +55,41 @@
      xmlSecTransformCheckId((transform), xmlSecTransformExclC14NWithCommentsId) )
 
 
-static int		xmlSecTransformC14NInitialize	(xmlSecTransformPtr transform);
-static void		xmlSecTransformC14NFinalize	(xmlSecTransformPtr transform);
-static int 		xmlSecTransformC14NNodeRead	(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
-static int		xmlSecTransformC14NPushXml	(xmlSecTransformPtr transform, 
-							 xmlSecNodeSetPtr nodes,
-							 xmlSecTransformCtxPtr transformCtx);
-static int		xmlSecTransformC14NPopBin	(xmlSecTransformPtr transform, 
-							 xmlSecByte* data,
-							 xmlSecSize maxDataSize,
-							 xmlSecSize* dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int		xmlSecTransformC14NExecute	(xmlSecTransformId id, 
-							 xmlSecNodeSetPtr nodes, 
-							 xmlChar** nsList,
-							 xmlOutputBufferPtr buf);
+static int              xmlSecTransformC14NInitialize   (xmlSecTransformPtr transform);
+static void             xmlSecTransformC14NFinalize     (xmlSecTransformPtr transform);
+static int              xmlSecTransformC14NNodeRead     (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformC14NPushXml      (xmlSecTransformPtr transform,
+                                                         xmlSecNodeSetPtr nodes,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformC14NPopBin       (xmlSecTransformPtr transform,
+                                                         xmlSecByte* data,
+                                                         xmlSecSize maxDataSize,
+                                                         xmlSecSize* dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformC14NExecute      (xmlSecTransformId id,
+                                                         xmlSecNodeSetPtr nodes,
+                                                         xmlChar** nsList,
+                                                         xmlOutputBufferPtr buf);
 static int
 xmlSecTransformC14NInitialize(xmlSecTransformPtr transform) {
     xmlSecPtrListPtr nsList;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformC14NCheckId(transform), -1);
 
     nsList = xmlSecTransformC14NGetNsList(transform);
     xmlSecAssert2(nsList != NULL, -1);
-    
+
     ret = xmlSecPtrListInitialize(nsList, xmlSecStringListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -102,7 +102,7 @@ xmlSecTransformC14NFinalize(xmlSecTransformPtr transform) {
 
     nsList = xmlSecTransformC14NGetNsList(transform);
     xmlSecAssert(xmlSecPtrListCheckId(nsList, xmlSecStringListId));
-    
+
     xmlSecPtrListFinalize(nsList);
 }
 
@@ -113,105 +113,105 @@ xmlSecTransformC14NNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSe
     xmlChar *list;
     xmlChar *p, *n, *tmp;
     int ret;
-    
+
     /* we have something to read only for exclusive c14n transforms */
     xmlSecAssert2(xmlSecTransformExclC14NCheckId(transform), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-        
+
     nsList = xmlSecTransformC14NGetNsList(transform);
     xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
     xmlSecAssert2(xmlSecPtrListGetSize(nsList) == 0, -1);
-    
+
     /* there is only one optional node */
-    cur = xmlSecGetNextElementNode(node->children);  
+    cur = xmlSecGetNextElementNode(node->children);
     if(cur != NULL) {
-	if(!xmlSecCheckNodeName(cur, xmlSecNodeInclusiveNamespaces, xmlSecNsExcC14N)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    
+        if(!xmlSecCheckNodeName(cur, xmlSecNodeInclusiveNamespaces, xmlSecNsExcC14N)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
         list = xmlGetProp(cur, xmlSecAttrPrefixList);
-	if(list == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(xmlSecAttrPrefixList),
-			XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
-    
+        if(list == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecAttrPrefixList),
+                        XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
         /* the list of namespaces is space separated */
-	for(p = n = list; ((p != NULL) && ((*p) != '\0')); p = n) {
-	    n = (xmlChar*)xmlStrchr(p, ' ');
-	    if(n != NULL) {
-	        *(n++) = '\0';
-	    }	
-	
-	    tmp = xmlStrdup(p);
-	    if(tmp == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-		    	    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    NULL,
-		    	    XMLSEC_ERRORS_R_STRDUP_FAILED,
-			    "len=%d", xmlStrlen(p));
-		xmlFree(list);
-		return(-1);	
-	    }
-	
-	    ret = xmlSecPtrListAdd(nsList, tmp);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecPtrListAdd",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        xmlFree(tmp);
-		xmlFree(list);
-	        return(-1);
-	    }
-	}
+        for(p = n = list; ((p != NULL) && ((*p) != '\0')); p = n) {
+            n = (xmlChar*)xmlStrchr(p, ' ');
+            if(n != NULL) {
+                *(n++) = '\0';
+            }
+
+            tmp = xmlStrdup(p);
+            if(tmp == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_STRDUP_FAILED,
+                            "len=%d", xmlStrlen(p));
+                xmlFree(list);
+                return(-1);
+            }
+
+            ret = xmlSecPtrListAdd(nsList, tmp);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecPtrListAdd",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFree(tmp);
+                xmlFree(list);
+                return(-1);
+            }
+        }
         xmlFree(list);
 
-	/* add NULL at the end */
+        /* add NULL at the end */
         ret = xmlSecPtrListAdd(nsList, NULL);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		        "xmlSecPtrListAdd",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	cur = xmlSecGetNextElementNode(cur->next);        
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     /* check that we have nothing else */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    return(0);    
+    return(0);
 }
 
-static int 
+static int
 xmlSecTransformC14NPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
-			    xmlSecTransformCtxPtr transformCtx) {
+                            xmlSecTransformCtxPtr transformCtx) {
     xmlOutputBufferPtr buf;
     xmlSecPtrListPtr nsList;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformC14NCheckId(transform), -1);
     xmlSecAssert2(nodes != NULL, -1);
     xmlSecAssert2(nodes->doc != NULL, -1);
@@ -220,42 +220,42 @@ xmlSecTransformC14NPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
     /* check/update current transform status */
     switch(transform->status) {
     case xmlSecTransformStatusNone:
-	transform->status = xmlSecTransformStatusWorking;
-	break;
+        transform->status = xmlSecTransformStatusWorking;
+        break;
     case xmlSecTransformStatusWorking:
     case xmlSecTransformStatusFinished:
-	return(0);
+        return(0);
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
 
     /* prepare output buffer: next transform or ourselves */
     if(transform->next != NULL) {
-	buf = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
-	if(buf == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformCreateOutputBuffer",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        buf = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
+        if(buf == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformCreateOutputBuffer",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	buf = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
-	if(buf == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferCreateOutputBuffer",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        buf = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
+        if(buf == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferCreateOutputBuffer",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     /* we are using a semi-hack here: we know that xmlSecPtrList keeps
@@ -265,203 +265,203 @@ xmlSecTransformC14NPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
 
     ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformC14NExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlOutputBufferClose(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformC14NExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlOutputBufferClose(buf);
+        return(-1);
     }
-    
+
     ret = xmlOutputBufferClose(buf);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlOutputBufferClose",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlOutputBufferClose",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     transform->status = xmlSecTransformStatusFinished;
     return(0);
 }
 
-static int 
+static int
 xmlSecTransformC14NPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
-			    xmlSecSize maxDataSize, xmlSecSize* dataSize,
-			    xmlSecTransformCtxPtr transformCtx) {
+                            xmlSecSize maxDataSize, xmlSecSize* dataSize,
+                            xmlSecTransformCtxPtr transformCtx) {
     xmlSecPtrListPtr nsList;
     xmlSecBufferPtr out;
     int ret;
-        
+
     xmlSecAssert2(xmlSecTransformC14NCheckId(transform), -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(dataSize != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     out = &(transform->outBuf);
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlOutputBufferPtr buf;
-	
-	xmlSecAssert2(transform->inNodes == NULL, -1);
-	
-	/* todo: isn't it an error? */
-	if(transform->prev == NULL) {
-	    (*dataSize) = 0;
-	    transform->status = xmlSecTransformStatusFinished;
-	    return(0);
-	}
-	
-	/* get xml data from previous transform */
-	ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformPopXml",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-		
-	/* dump everything to internal buffer */
-	buf = xmlSecBufferCreateOutputBuffer(out);
-	if(buf == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferCreateOutputBuffer",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	    
-	/* we are using a semi-hack here: we know that xmlSecPtrList keeps
-	 * all pointers in the big array */
-	nsList = xmlSecTransformC14NGetNsList(transform);
-	xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
-
-    	ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
-    	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformC14NExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlOutputBufferClose(buf);
-	    return(-1);
-	}
-	ret = xmlOutputBufferClose(buf);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlOutputBufferClose",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusWorking;
+        xmlOutputBufferPtr buf;
+
+        xmlSecAssert2(transform->inNodes == NULL, -1);
+
+        /* todo: isn't it an error? */
+        if(transform->prev == NULL) {
+            (*dataSize) = 0;
+            transform->status = xmlSecTransformStatusFinished;
+            return(0);
+        }
+
+        /* get xml data from previous transform */
+        ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformPopXml",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* dump everything to internal buffer */
+        buf = xmlSecBufferCreateOutputBuffer(out);
+        if(buf == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferCreateOutputBuffer",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* we are using a semi-hack here: we know that xmlSecPtrList keeps
+         * all pointers in the big array */
+        nsList = xmlSecTransformC14NGetNsList(transform);
+        xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1);
+
+        ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformC14NExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlOutputBufferClose(buf);
+            return(-1);
+        }
+        ret = xmlOutputBufferClose(buf);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlOutputBufferClose",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize outSize;
-	
-	/* return chunk after chunk */
-	outSize = xmlSecBufferGetSize(out);
-	if(outSize > maxDataSize) {	
-	    outSize = maxDataSize;
-	}
-	if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
-	    outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
-	}
-	if(outSize > 0) {
-	    xmlSecAssert2(xmlSecBufferGetData(&(transform->outBuf)), -1);
-	
-	    memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
-	    ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		return(-1);
-	    }	
-	} else if(xmlSecBufferGetSize(out) == 0) {
-	    transform->status = xmlSecTransformStatusFinished;
-	}
-	(*dataSize) = outSize;
+        xmlSecSize outSize;
+
+        /* return chunk after chunk */
+        outSize = xmlSecBufferGetSize(out);
+        if(outSize > maxDataSize) {
+            outSize = maxDataSize;
+        }
+        if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
+            outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+        }
+        if(outSize > 0) {
+            xmlSecAssert2(xmlSecBufferGetData(&(transform->outBuf)), -1);
+
+            memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
+            ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", outSize);
+                return(-1);
+            }
+        } else if(xmlSecBufferGetSize(out) == 0) {
+            transform->status = xmlSecTransformStatusFinished;
+        }
+        (*dataSize) = outSize;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no output */
-	xmlSecAssert2(xmlSecBufferGetSize(out) == 0, -1);
-	(*dataSize) = 0;
+        /* the only way we can get here is if there is no output */
+        xmlSecAssert2(xmlSecBufferGetSize(out) == 0, -1);
+        (*dataSize) = 0;
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
-static int 
-xmlSecTransformC14NExecute(xmlSecTransformId id, xmlSecNodeSetPtr nodes, xmlChar** nsList, 
-			   xmlOutputBufferPtr buf) {
-    int ret; 
-    
+static int
+xmlSecTransformC14NExecute(xmlSecTransformId id, xmlSecNodeSetPtr nodes, xmlChar** nsList,
+                           xmlOutputBufferPtr buf) {
+    int ret;
+
     xmlSecAssert2(id != xmlSecTransformIdUnknown, -1);
     xmlSecAssert2(nodes != NULL, -1);
     xmlSecAssert2(nodes->doc != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
 
     /* execute c14n transform */
-    if(id == xmlSecTransformInclC14NId) {    
-    	ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_1_0, NULL, 0, buf);
+    if(id == xmlSecTransformInclC14NId) {
+        ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_1_0, NULL, 0, buf);
     } else if(id == xmlSecTransformInclC14NWithCommentsId) {
-	 ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_1_0, NULL, 1, buf); 
-    } else if(id == xmlSecTransformInclC14N11Id) {    
-    	ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_1_1, NULL, 0, buf);
+         ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_1_0, NULL, 1, buf);
+    } else if(id == xmlSecTransformInclC14N11Id) {
+        ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_1_1, NULL, 0, buf);
     } else if(id == xmlSecTransformInclC14N11WithCommentsId) {
-	 ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_1_1, NULL, 1, buf); 
+         ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_1_1, NULL, 1, buf);
     } else if(id == xmlSecTransformExclC14NId) {
-	ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 0, buf);
+        ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 0, buf);
     } else if(id == xmlSecTransformExclC14NWithCommentsId) {
-	ret = xmlC14NExecute(nodes->doc, 
-			(xmlC14NIsVisibleCallback)xmlSecNodeSetContains, 
-			nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 1, buf);
-    } else if(id == xmlSecTransformRemoveXmlTagsC14NId) { 
-    	ret = xmlSecNodeSetDumpTextNodes(nodes, buf);
+        ret = xmlC14NExecute(nodes->doc,
+                        (xmlC14NIsVisibleCallback)xmlSecNodeSetContains,
+                        nodes, XML_C14N_EXCLUSIVE_1_0, nsList, 1, buf);
+    } else if(id == xmlSecTransformRemoveXmlTagsC14NId) {
+        ret = xmlSecNodeSetDumpTextNodes(nodes, buf);
     } else {
-	/* shoudn't be possible to come here, actually */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        /* shoudn't be possible to come here, actually */
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
-		    "xmlC14NExecute",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
+                    "xmlC14NExecute",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -472,46 +472,46 @@ xmlSecTransformC14NExecute(xmlSecTransformId id, xmlSecNodeSetPtr nodes, xmlChar
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformInclC14NKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    xmlSecNameC14N,				/* const xmlChar* name; */
-    xmlSecHrefC14N, 				/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,	
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    xmlSecNameC14N,                             /* const xmlChar* name; */
+    xmlSecHrefC14N,                             /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformInclC14NGetKlass:
  *
  * Inclusive (regular) canonicalization that omits comments transform klass
- * (http://www.w3.org/TR/xmldsig-core/#sec-c14nAlg and 
+ * (http://www.w3.org/TR/xmldsig-core/#sec-c14nAlg and
  * http://www.w3.org/TR/2001/REC-xml-c14n-20010315).
  *
  * Returns: c14n transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformInclC14NGetKlass(void) {
     return(&xmlSecTransformInclC14NKlass);
 }
- 
+
 /***************************************************************************
  *
  * C14N With Comments
@@ -519,43 +519,43 @@ xmlSecTransformInclC14NGetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformInclC14NWithCommentsKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    /* same as xmlSecTransformId */    
-    xmlSecNameC14NWithComments,			/* const xmlChar* name; */
-    xmlSecHrefC14NWithComments, 		/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,	
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod read; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    /* same as xmlSecTransformId */
+    xmlSecNameC14NWithComments,                 /* const xmlChar* name; */
+    xmlSecHrefC14NWithComments,                 /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod read; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformInclC14NWithCommentsGetKlass:
  *
  * Inclusive (regular) canonicalization that includes comments transform klass
- * (http://www.w3.org/TR/xmldsig-core/#sec-c14nAlg and 
+ * (http://www.w3.org/TR/xmldsig-core/#sec-c14nAlg and
  * http://www.w3.org/TR/2001/REC-xml-c14n-20010315).
  *
  * Returns: c14n with comments transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformInclC14NWithCommentsGetKlass(void) {
     return(&xmlSecTransformInclC14NWithCommentsKlass);
 }
@@ -567,30 +567,30 @@ xmlSecTransformInclC14NWithCommentsGetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformInclC14N11Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    xmlSecNameC14N11,				/* const xmlChar* name; */
-    xmlSecHrefC14N11, 				/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,	
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    xmlSecNameC14N11,                           /* const xmlChar* name; */
+    xmlSecHrefC14N11,                           /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -600,11 +600,11 @@ static xmlSecTransformKlass xmlSecTransformInclC14N11Klass = {
  *
  * Returns: c14n v1.1 transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformInclC14N11GetKlass(void) {
     return(&xmlSecTransformInclC14N11Klass);
 }
- 
+
 /***************************************************************************
  *
  * C14N v1.1 With Comments
@@ -612,31 +612,31 @@ xmlSecTransformInclC14N11GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformInclC14N11WithCommentsKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    /* same as xmlSecTransformId */    
-    xmlSecNameC14N11WithComments,		/* const xmlChar* name; */
-    xmlSecHrefC14N11WithComments, 		/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,	
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod read; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    /* same as xmlSecTransformId */
+    xmlSecNameC14N11WithComments,               /* const xmlChar* name; */
+    xmlSecHrefC14N11WithComments,               /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod read; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -646,7 +646,7 @@ static xmlSecTransformKlass xmlSecTransformInclC14N11WithCommentsKlass = {
  *
  * Returns: c14n v1.1 with comments transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformInclC14N11WithCommentsGetKlass(void) {
     return(&xmlSecTransformInclC14N11WithCommentsKlass);
 }
@@ -659,87 +659,87 @@ xmlSecTransformInclC14N11WithCommentsGetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformExclC14NKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    xmlSecNameExcC14N,				/* const xmlChar* name; */
-    xmlSecHrefExcC14N,				/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,	
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecTransformC14NNodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    xmlSecNameExcC14N,                          /* const xmlChar* name; */
+    xmlSecHrefExcC14N,                          /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecTransformC14NNodeRead,                /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecTransformExclC14NGetKlass:
- * 
+ *
  * Exclusive canoncicalization that ommits comments transform klass
  * (http://www.w3.org/TR/xml-exc-c14n/).
- * 
+ *
  * Returns: exclusive c14n transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformExclC14NGetKlass(void) {
     return(&xmlSecTransformExclC14NKlass);
 }
 
 /***************************************************************************
- * 
+ *
  * Excl C14N With Comments
  *
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformExclC14NWithCommentsKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    xmlSecNameExcC14NWithComments,		/* const xmlChar* name; */
-    xmlSecHrefExcC14NWithComments,		/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,		
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecTransformC14NNodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    xmlSecNameExcC14NWithComments,              /* const xmlChar* name; */
+    xmlSecHrefExcC14NWithComments,              /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecTransformC14NNodeRead,                /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecTransformExclC14NWithCommentsGetKlass:
- * 
+ *
  * Exclusive canoncicalization that includes comments transform klass
  * (http://www.w3.org/TR/xml-exc-c14n/).
- * 
+ *
  * Returns: exclusive c14n with comments transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformExclC14NWithCommentsGetKlass(void) {
     return(&xmlSecTransformExclC14NWithCommentsKlass);
 }
@@ -751,50 +751,50 @@ xmlSecTransformExclC14NWithCommentsGetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecTransformRemoveXmlTagsC14NKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformC14NSize,			/* xmlSecSize objSize */
-
-    BAD_CAST "remove-xml-tags-transform",	/* const xmlChar* name; */
-    NULL, 					/* const xmlChar* href; */
-    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,		
-						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformC14NInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformC14NFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformC14NPopBin,			/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformC14NPushXml,			/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformC14NSize,                    /* xmlSecSize objSize */
+
+    BAD_CAST "remove-xml-tags-transform",       /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecTransformUsageC14NMethod | xmlSecTransformUsageDSigTransform,
+                                                /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformC14NInitialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformC14NFinalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformC14NPopBin,                  /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformC14NPushXml,                 /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformRemoveXmlTagsC14NGetKlass:
  *
  * The "remove xml tags" transform klass (http://www.w3.org/TR/xmldsig-core/#sec-Base-64):
- * Base64 transform requires an octet stream for input. If an XPath node-set 
- * (or sufficiently functional alternative) is given as input, then it is 
- * converted to an octet stream by performing operations logically equivalent 
- * to 1) applying an XPath transform with expression self::text(), then 2) 
- * taking the string-value of the node-set. Thus, if an XML element is 
- * identified by a barename XPointer in the Reference URI, and its content 
- * consists solely of base64 encoded character data, then this transform 
- * automatically strips away the start and end tags of the identified element 
- * and any of its descendant elements as well as any descendant comments and 
+ * Base64 transform requires an octet stream for input. If an XPath node-set
+ * (or sufficiently functional alternative) is given as input, then it is
+ * converted to an octet stream by performing operations logically equivalent
+ * to 1) applying an XPath transform with expression self::text(), then 2)
+ * taking the string-value of the node-set. Thus, if an XML element is
+ * identified by a barename XPointer in the Reference URI, and its content
+ * consists solely of base64 encoded character data, then this transform
+ * automatically strips away the start and end tags of the identified element
+ * and any of its descendant elements as well as any descendant comments and
  * processing instructions. The output of this transform is an octet stream.
  *
  * Returns: "remove xml tags" transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformRemoveXmlTagsC14NGetKlass(void) {
     return(&xmlSecTransformRemoveXmlTagsC14NKlass);
 }
diff --git a/src/dl.c b/src/dl.c
index 6c0aa180..5ffc2ff7 100644
--- a/src/dl.c
+++ b/src/dl.c
@@ -1,10 +1,10 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -45,12 +45,12 @@
  * loaded libraries list
  *
  **********************************************************************/
-typedef struct _xmlSecCryptoDLLibrary					xmlSecCryptoDLLibrary,
-									*xmlSecCryptoDLLibraryPtr;
+typedef struct _xmlSecCryptoDLLibrary                                   xmlSecCryptoDLLibrary,
+                                                                        *xmlSecCryptoDLLibraryPtr;
 struct _xmlSecCryptoDLLibrary {
-    xmlChar*	name;
-    xmlChar* 	filename;
-    xmlChar* 	getFunctionsName;
+    xmlChar*    name;
+    xmlChar*    filename;
+    xmlChar*    getFunctionsName;
     xmlSecCryptoDLFunctionsPtr functions;
 
 #ifdef XMLSEC_DL_LIBLTDL
@@ -62,209 +62,220 @@ struct _xmlSecCryptoDLLibrary {
 #endif /* XMLSEC_DL_WIN32 */
 };
 
-static xmlSecCryptoDLLibraryPtr	xmlSecCryptoDLLibraryCreate		(const xmlChar* name);
-static void			xmlSecCryptoDLLibraryDestroy		(xmlSecCryptoDLLibraryPtr lib);
-static xmlSecCryptoDLLibraryPtr	xmlSecCryptoDLLibraryDuplicate		(xmlSecCryptoDLLibraryPtr lib);
-static xmlChar*			xmlSecCryptoDLLibraryConstructFilename	(const xmlChar* name);
-static xmlChar*			xmlSecCryptoDLLibraryConstructGetFunctionsName(const xmlChar* name);
-							
+static xmlSecCryptoDLLibraryPtr xmlSecCryptoDLLibraryCreate             (const xmlChar* name);
+static void                     xmlSecCryptoDLLibraryDestroy            (xmlSecCryptoDLLibraryPtr lib);
+static xmlSecCryptoDLLibraryPtr xmlSecCryptoDLLibraryDuplicate          (xmlSecCryptoDLLibraryPtr lib);
+static xmlChar*                 xmlSecCryptoDLLibraryConstructFilename  (const xmlChar* name);
+static xmlChar*                 xmlSecCryptoDLLibraryConstructGetFunctionsName(const xmlChar* name);
+
 
 static xmlSecPtrListKlass xmlSecCryptoDLLibrariesListKlass = {
     BAD_CAST "dl-libraries-list",
     (xmlSecPtrDuplicateItemMethod)xmlSecCryptoDLLibraryDuplicate,/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecCryptoDLLibraryDestroy,	/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecCryptoDLLibraryDestroy,   /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
-static xmlSecPtrListId		xmlSecCryptoDLLibrariesListGetKlass	(void);
-static int			xmlSecCryptoDLLibrariesListFindByName	(xmlSecPtrListPtr list, 
-									 const xmlChar* name);
+static xmlSecPtrListId          xmlSecCryptoDLLibrariesListGetKlass     (void);
+static int                      xmlSecCryptoDLLibrariesListFindByName   (xmlSecPtrListPtr list,
+                                                                         const xmlChar* name);
+
+typedef xmlSecCryptoDLFunctionsPtr xmlSecCryptoGetFunctionsCallback(void);
 
-typedef xmlSecCryptoDLFunctionsPtr (*xmlSecCryptoGetFunctionsCallback)(void);
+/* conversion from ptr to func "the right way" */
+XMLSEC_PTR_TO_FUNC_IMPL(xmlSecCryptoGetFunctionsCallback)
 
-static xmlSecCryptoDLLibraryPtr	
+
+static xmlSecCryptoDLLibraryPtr
 xmlSecCryptoDLLibraryCreate(const xmlChar* name) {
     xmlSecCryptoDLLibraryPtr lib;
-    xmlSecCryptoGetFunctionsCallback getFunctions;
-    
+    xmlSecCryptoGetFunctionsCallback * getFunctions;
+
     xmlSecAssert2(name != NULL, NULL);
 
     /* fprintf (stderr, "loading \"library %s\"...\n", name); */
-    
+
     /* Allocate a new xmlSecCryptoDLLibrary and fill the fields. */
     lib = (xmlSecCryptoDLLibraryPtr)xmlMalloc(sizeof(xmlSecCryptoDLLibrary));
     if(lib == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", sizeof(lib)); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(lib));
+        return(NULL);
     }
     memset(lib, 0, sizeof(xmlSecCryptoDLLibrary));
-    
+
     lib->name = xmlStrdup(name);
     if(lib->name == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "xmlStrdup",
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE); 
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlStrdup",
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
     lib->filename = xmlSecCryptoDLLibraryConstructFilename(name);
     if(lib->filename == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "xmlSecCryptoDLLibraryConstructFilename",
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE); 
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecCryptoDLLibraryConstructFilename",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
     lib->getFunctionsName = xmlSecCryptoDLLibraryConstructGetFunctionsName(name);
     if(lib->getFunctionsName == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "xmlSecCryptoDLLibraryConstructGetFunctionsName",
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE); 
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecCryptoDLLibraryConstructGetFunctionsName",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
 #ifdef XMLSEC_DL_LIBLTDL
     lib->handle = lt_dlopenext((char*)lib->filename);
     if(lib->handle == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "lt_dlopenext",
-		    NULL,
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s",
-		    xmlSecErrorsSafeString(lib->filename));
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "lt_dlopenext",
+                    NULL,
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(lib->filename));
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
-    getFunctions = (xmlSecCryptoGetFunctionsCallback)lt_dlsym(lib->handle, (char*)lib->getFunctionsName);
+    getFunctions = XMLSEC_PTR_TO_FUNC(xmlSecCryptoGetFunctionsCallback,
+                        lt_dlsym(lib->handle, (char*)lib->getFunctionsName)
+                    );
     if(getFunctions == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "lt_dlsym",
-		    NULL,
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "function=%s",
-		    xmlSecErrorsSafeString(lib->getFunctionsName));
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "lt_dlsym",
+                    NULL,
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "function=%s",
+                    xmlSecErrorsSafeString(lib->getFunctionsName));
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 #endif /* XMLSEC_DL_LIBLTDL */
 
 #ifdef XMLSEC_DL_WIN32
     lib->handle = LoadLibraryA((char*)lib->filename);
     if(lib->handle == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "LoadLibraryA",
-		    NULL,
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s",
-		    xmlSecErrorsSafeString(lib->filename));
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "LoadLibraryA",
+                    NULL,
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(lib->filename));
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
-    getFunctions = (xmlSecCryptoGetFunctionsCallback)GetProcAddress(lib->handle, (char*)lib->getFunctionsName);
+    getFunctions = XMLSEC_PTR_TO_FUNC(xmlSecCryptoGetFunctionsCallback,
+                        GetProcAddress(
+                            lib->handle,
+                            (const char*)lib->getFunctionsName
+                        )
+                    );
     if(getFunctions == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "GetProcAddressA",
-		    NULL,
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "function=%s",
-		    xmlSecErrorsSafeString(lib->getFunctionsName));
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "GetProcAddressA",
+                    NULL,
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "function=%s",
+                    xmlSecErrorsSafeString(lib->getFunctionsName));
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 #endif /* XMLSEC_DL_WIN32 */
 
     if(getFunctions == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "invalid configuration: no way to load library");
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "invalid configuration: no way to load library");
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
+    }
 
     lib->functions = getFunctions();
     if(lib->functions == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    "getFunctions",
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE); 
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "getFunctions",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
     /* fprintf (stderr, "library %s loaded\n", name); */
     return(lib);
 }
 
-static void 
+static void
 xmlSecCryptoDLLibraryDestroy(xmlSecCryptoDLLibraryPtr lib) {
     xmlSecAssert(lib != NULL);
 
     /* fprintf (stderr, "unloading \"library %s\"...\n", lib->name); */
     if(lib->name != NULL) {
-	xmlFree(lib->name);
+        xmlFree(lib->name);
     }
 
     if(lib->filename != NULL) {
-	xmlFree(lib->filename);
+        xmlFree(lib->filename);
     }
-    
+
     if(lib->getFunctionsName != NULL) {
-	xmlFree(lib->getFunctionsName);
+        xmlFree(lib->getFunctionsName);
     }
 
 #ifdef XMLSEC_DL_LIBLTDL
-    if(lib->handle != NULL) {	
-	int ret;
-	
-	ret = lt_dlclose(lib->handle);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			"lt_dlclose",
-			NULL,
-			XMLSEC_ERRORS_R_IO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	}
+    if(lib->handle != NULL) {
+        int ret;
+
+        ret = lt_dlclose(lib->handle);
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        "lt_dlclose",
+                        NULL,
+                        XMLSEC_ERRORS_R_IO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        }
     }
 #endif /* XMLSEC_DL_LIBLTDL */
 
 #ifdef XMLSEC_DL_WIN32
-    if(lib->handle != NULL) {	
-	BOOL res;
-
-	res = FreeLibrary(lib->handle);
-	if(!res) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			"FreeLibrary",
-			NULL,
-			XMLSEC_ERRORS_R_IO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	}
-	}
+    if(lib->handle != NULL) {
+        BOOL res;
+
+        res = FreeLibrary(lib->handle);
+        if(!res) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        "FreeLibrary",
+                        NULL,
+                        XMLSEC_ERRORS_R_IO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        }
+        }
 #endif /* XMLSEC_DL_WIN32*/
 
     memset(lib, 0, sizeof(xmlSecCryptoDLLibrary));
     xmlFree(lib);
 }
 
-static xmlSecCryptoDLLibraryPtr	
+static xmlSecCryptoDLLibraryPtr
 xmlSecCryptoDLLibraryDuplicate(xmlSecCryptoDLLibraryPtr lib) {
     xmlSecAssert2(lib != NULL, NULL);
     xmlSecAssert2(lib->name != NULL, NULL);
@@ -272,7 +283,7 @@ xmlSecCryptoDLLibraryDuplicate(xmlSecCryptoDLLibraryPtr lib) {
     return(xmlSecCryptoDLLibraryCreate(lib->name));
 }
 
-static xmlChar*	
+static xmlChar*
 xmlSecCryptoDLLibraryConstructFilename(const xmlChar* name) {
     static xmlChar tmpl[] = "lib%s-%s";
     xmlChar* res;
@@ -284,42 +295,42 @@ xmlSecCryptoDLLibraryConstructFilename(const xmlChar* name) {
     len = xmlStrlen(BAD_CAST PACKAGE) + xmlStrlen(name) + xmlStrlen(tmpl) + 1;
     res = (xmlChar*)xmlMalloc(len + 1);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", len + 1); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", len + 1);
+        return(NULL);
     }
     xmlSecStrPrintf(res, len, tmpl, PACKAGE, name);
-    
+
     return(res);
 }
 
-static xmlChar*	
+static xmlChar*
 xmlSecCryptoDLLibraryConstructGetFunctionsName(const xmlChar* name) {
     static xmlChar tmpl[] = "xmlSecCryptoGetFunctions_%s";
     xmlChar* res;
     int len;
-    
+
     xmlSecAssert2(name != NULL, NULL);
-    
+
     len = xmlStrlen(name) + xmlStrlen(tmpl) + 1;
     res = (xmlChar*)xmlMalloc(len + 1);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", len + 1); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", len + 1);
+        return(NULL);
     }
     xmlSecStrPrintf(res, len, tmpl, name);
-    
+
     return(res);
 }
 
-static xmlSecPtrListId 
+static xmlSecPtrListId
 xmlSecCryptoDLLibrariesListGetKlass(void) {
     return(&xmlSecCryptoDLLibrariesListKlass);
 }
@@ -328,16 +339,16 @@ static int
 xmlSecCryptoDLLibrariesListFindByName(xmlSecPtrListPtr list, const xmlChar* name) {
     xmlSecSize i, size;
     xmlSecCryptoDLLibraryPtr lib;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecCryptoDLLibrariesListGetKlass()), -1);
     xmlSecAssert2(name != NULL, -1);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(list, i);
-	if((lib != NULL) && (lib->name != NULL) && (xmlStrcmp(lib->name, name) == 0)) {
-	    return(i);
-	}
+        lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(list, i);
+        if((lib != NULL) && (lib->name != NULL) && (xmlStrcmp(lib->name, name) == 0)) {
+            return(i);
+        }
     }
     return(-1);
 }
@@ -352,34 +363,34 @@ static xmlSecPtrList gXmlSecCryptoDLLibraries;
 
 /**
  * xmlSecCryptoDLInit:
- * 
+ *
  * Initializes dynamic loading engine. This is an internal function
  * and should not be called by application directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCryptoDLInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(&gXmlSecCryptoDLLibraries, xmlSecCryptoDLLibrariesListGetKlass());
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecCryptoDLLibrariesListGetKlass");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecCryptoDLLibrariesListGetKlass");
         return(-1);
     }
 
 #ifdef XMLSEC_DL_LIBLTDL
     ret = lt_dlinit ();
     if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "lt_dlinit",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "lt_dlinit",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
 #endif /* XMLSEC_DL_LIBLTDL */
@@ -390,13 +401,13 @@ xmlSecCryptoDLInit(void) {
 
 /**
  * xmlSecCryptoDLShutdown:
- * 
+ *
  * Shutdowns dynamic loading engine. This is an internal function
  * and should not be called by application directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCryptoDLShutdown(void) {
     int ret;
 
@@ -405,155 +416,155 @@ xmlSecCryptoDLShutdown(void) {
 #ifdef XMLSEC_DL_LIBLTDL
     ret = lt_dlexit ();
     if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "lt_dlexit",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "lt_dlexit",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
     }
 #endif /* XMLSEC_DL_LIBLTDL */
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecCryptoDLLoadLibrary:
- * @crypto:		the desired crypto library name ("openssl", "nss", ...).
+ * @crypto:             the desired crypto library name ("openssl", "nss", ...).
  *
- * Loads the xmlsec-<crypto> library. This function is NOT thread safe, 
+ * Loads the xmlsec-<crypto> library. This function is NOT thread safe,
  * application MUST NOT call #xmlSecCryptoDLLoadLibrary, #xmlSecCryptoDLGetLibraryFunctions,
  * and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCryptoDLLoadLibrary(const xmlChar* crypto) {
     xmlSecCryptoDLFunctionsPtr functions;
     int ret;
-    
+
     xmlSecAssert2(crypto != NULL, -1);
 
     functions = xmlSecCryptoDLGetLibraryFunctions(crypto);
     if(functions == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-	    	    NULL,
-		    "xmlSecCryptoDLGetLibraryFunctions",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+                    NULL,
+                    "xmlSecCryptoDLGetLibraryFunctions",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecCryptoDLSetFunctions(functions);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-	    	    NULL,
-		    "xmlSecCryptoDLSetFunctions",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+                    NULL,
+                    "xmlSecCryptoDLSetFunctions",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-/** 
+/**
  * xmlSecCryptoDLGetLibraryFunctions:
- * @crypto:		the desired crypto library name ("openssl", "nss", ...).
+ * @crypto:             the desired crypto library name ("openssl", "nss", ...).
  *
- * Loads the xmlsec-<crypto> library and gets global crypto functions/transforms/keys data/keys store 
- * table. This function is NOT thread safe, application MUST NOT call #xmlSecCryptoDLLoadLibrary, 
+ * Loads the xmlsec-<crypto> library and gets global crypto functions/transforms/keys data/keys store
+ * table. This function is NOT thread safe, application MUST NOT call #xmlSecCryptoDLLoadLibrary,
  * #xmlSecCryptoDLGetLibraryFunctions, and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
  *
  * Returns: the table or NULL if an error occurs.
  */
-xmlSecCryptoDLFunctionsPtr 
+xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoDLGetLibraryFunctions(const xmlChar* crypto) {
     xmlSecCryptoDLLibraryPtr lib;
     int pos;
     int ret;
-        
+
     xmlSecAssert2(crypto != NULL, NULL);
 
     pos = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto);
     if(pos >= 0) {
         lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(&gXmlSecCryptoDLLibraries, pos);
-	xmlSecAssert2(lib != NULL, NULL);
-	xmlSecAssert2(lib->functions != NULL, NULL);
-	
-	return(lib->functions);
+        xmlSecAssert2(lib != NULL, NULL);
+        xmlSecAssert2(lib->functions != NULL, NULL);
+
+        return(lib->functions);
     }
 
     lib = xmlSecCryptoDLLibraryCreate(crypto);
     if(lib == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-	    	    NULL,
-		    "xmlSecCryptoDLLibraryCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "crypto=%s",
-		    xmlSecErrorsSafeString(crypto));
-	return(NULL);
+                    NULL,
+                    "xmlSecCryptoDLLibraryCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "crypto=%s",
+                    xmlSecErrorsSafeString(crypto));
+        return(NULL);
     }
 
-    ret = xmlSecPtrListAdd(&gXmlSecCryptoDLLibraries, lib);    
+    ret = xmlSecPtrListAdd(&gXmlSecCryptoDLLibraries, lib);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-	    	    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "crypto=%s",
-		    xmlSecErrorsSafeString(crypto));
-	xmlSecCryptoDLLibraryDestroy(lib);
-	return(NULL);
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "crypto=%s",
+                    xmlSecErrorsSafeString(crypto));
+        xmlSecCryptoDLLibraryDestroy(lib);
+        return(NULL);
     }
 
     return(lib->functions);
 }
 
-/** 
+/**
  * xmlSecCryptoDLUnloadLibrary:
- * @crypto:		the desired crypto library name ("openssl", "nss", ...).
+ * @crypto:             the desired crypto library name ("openssl", "nss", ...).
  *
  * Unloads the xmlsec-<crypto> library. All pointers to this library
- * functions tables became invalid. This function is NOT thread safe, 
+ * functions tables became invalid. This function is NOT thread safe,
  * application MUST NOT call #xmlSecCryptoDLLoadLibrary, #xmlSecCryptoDLGetLibraryFunctions,
  * and #xmlSecCryptoDLUnloadLibrary functions from multiple threads.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCryptoDLUnloadLibrary(const xmlChar* crypto) {
     xmlSecCryptoDLLibraryPtr lib;
     int pos;
     int ret;
-    
+
     xmlSecAssert2(crypto != NULL, -1);
 
     pos = xmlSecCryptoDLLibrariesListFindByName(&gXmlSecCryptoDLLibraries, crypto);
     if(pos < 0) {
-	/* todo: is it an error? */
-	return(0);
+        /* todo: is it an error? */
+        return(0);
     }
-    
+
     lib = (xmlSecCryptoDLLibraryPtr)xmlSecPtrListGetItem(&gXmlSecCryptoDLLibraries, pos);
     if((lib != NULL) && (lib->functions == gXmlSecCryptoDLFunctions)) {
-	gXmlSecCryptoDLFunctions = NULL;
+        gXmlSecCryptoDLFunctions = NULL;
     }
-    
+
     ret = xmlSecPtrListRemove(&gXmlSecCryptoDLLibraries, pos);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-	    	    NULL,
-		    "xmlSecPtrListRemove",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+                    NULL,
+                    "xmlSecPtrListRemove",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecCryptoDLSetFunctions:
- * @functions:		the new table
+ * @functions:          the new table
  *
  * Sets global crypto functions/transforms/keys data/keys store table.
  *
@@ -564,18 +575,18 @@ xmlSecCryptoDLSetFunctions(xmlSecCryptoDLFunctionsPtr functions) {
     xmlSecAssert2(functions != NULL, -1);
 
     gXmlSecCryptoDLFunctions = functions;
-    
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecCryptoDLGetFunctions:
  *
  * Gets global crypto functions/transforms/keys data/keys store table.
  *
  * Returns: the table.
  */
-xmlSecCryptoDLFunctionsPtr 
+xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoDLGetFunctions(void) {
     return(gXmlSecCryptoDLFunctions);
 }
@@ -584,395 +595,462 @@ xmlSecCryptoDLGetFunctions(void) {
 
 /**
  * xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms:
- * @functions: 		the functions table.
- * 
- * Registers the key data and transforms klasses from @functions table in xmlsec. 
+ * @functions:          the functions table.
+ *
+ * Registers the key data and transforms klasses from @functions table in xmlsec.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(struct _xmlSecCryptoDLFunctions* functions) {
     xmlSecAssert2(functions != NULL, -1);
 
-    /** 
+    /****************************************************************************
+     *
      * Register keys
-     */
+     *
+     ****************************************************************************/
     if((functions->keyDataAesGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataAesGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataAesGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataAesGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataDesGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataDesGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataDesGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataDesGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataDsaGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataDsaGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataDsaGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataDsaGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    if((functions->keyDataEcdsaGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataEcdsaGetKlass()) < 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataEcdsaGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataGost2001GetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataGost2001GetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGost2001GetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataGost2001GetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataHmacGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataHmacGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataHmacGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataHmacGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataRsaGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataRsaGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataRsaGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataRsaGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataX509GetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataX509GetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataX509GetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataX509GetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if((functions->keyDataRawX509CertGetKlass != NULL) && (xmlSecKeyDataIdsRegister(functions->keyDataRawX509CertGetKlass()) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataRawX509CertGetKlass())),
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(functions->keyDataRawX509CertGetKlass())),
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 
-    /** 
+    /****************************************************************************
+     *
      * Register transforms
-     */
+     *
+     ****************************************************************************/
     if((functions->transformAes128CbcGetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformAes128CbcGetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes128CbcGetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes128CbcGetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformAes192CbcGetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformAes192CbcGetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes192CbcGetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes192CbcGetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformAes256CbcGetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformAes256CbcGetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes256CbcGetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformAes256CbcGetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformKWAes128GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformKWAes128GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes128GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes128GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformKWAes192GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformKWAes192GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes192GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes192GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformKWAes256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformKWAes256GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes256GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWAes256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformDes3CbcGetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformDes3CbcGetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDes3CbcGetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDes3CbcGetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformKWDes3GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformKWDes3GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWDes3GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformKWDes3GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformGost2001GostR3411_94GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGost2001GostR3411_94GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGost2001GostR3411_94GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGost2001GostR3411_94GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformDsaSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformDsaSha1GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha1GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformDsaSha256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformDsaSha256GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformDsaSha256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformEcdsaSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformEcdsaSha1GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformEcdsaSha1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformEcdsaSha224GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformEcdsaSha224GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformEcdsaSha224GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformEcdsaSha256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformEcdsaSha256GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformEcdsaSha256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformEcdsaSha384GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformEcdsaSha384GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformEcdsaSha384GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((functions->transformEcdsaSha512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformEcdsaSha512GetKlass()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformEcdsaSha512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacMd5GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacMd5GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacMd5GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacMd5GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacRipemd160GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacRipemd160GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacRipemd160GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacRipemd160GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacSha1GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha1GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacSha224GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacSha224GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha224GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha224GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacSha256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacSha256GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha256GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacSha384GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacSha384GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha384GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha384GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformHmacSha512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformHmacSha512GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha512GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformHmacSha512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((functions->transformMd5GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformMd5GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformMd5GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformMd5GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRipemd160GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRipemd160GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRipemd160GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRipemd160GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaMd5GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaMd5GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaMd5GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaMd5GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaRipemd160GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaRipemd160GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaRipemd160GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaRipemd160GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaSha1GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha1GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaSha224GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaSha224GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha224GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha224GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaSha256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaSha256GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha256GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaSha384GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaSha384GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha384GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha384GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaSha512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaSha512GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha512GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaSha512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((functions->transformRsaPkcs1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaPkcs1GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaPkcs1GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaPkcs1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformRsaOaepGetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformRsaOaepGetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaOaepGetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformRsaOaepGetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformGostR3411_94GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformGostR3411_94GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_94GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformGostR3411_94GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformSha1GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha1GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha1GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha1GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformSha224GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha224GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha224GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha224GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformSha256GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha256GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha256GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha256GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformSha384GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha384GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha384GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha384GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     if((functions->transformSha512GetKlass != NULL) && xmlSecTransformIdsRegister(functions->transformSha512GetKlass()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha512GetKlass())),
-		    "xmlSecTransformIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
-
-    return(0);     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(functions->transformSha512GetKlass())),
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* done */
+    return(0);
 }
 
 
diff --git a/src/enveloped.c b/src/enveloped.c
index bea30a15..8047d318 100644
--- a/src/enveloped.c
+++ b/src/enveloped.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Enveloped transform.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -25,39 +25,39 @@
 
 /**************************************************************************
  *
- *  Enveloped transform 
+ *  Enveloped transform
  *
  *************************************************************************/
-static int 	xmlSecTransformEnvelopedExecute		(xmlSecTransformPtr transform,
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecTransformEnvelopedExecute         (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 
 static xmlSecTransformKlass xmlSecTransformEnvelopedKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    sizeof(xmlSecTransform),			/* xmlSecSize objSize */
-
-    xmlSecNameEnveloped,			/* const xmlChar* name; */
-    xmlSecHrefEnveloped,			/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-    
-    NULL,					/* xmlSecTransformInitializeMethod initialize; */
-    NULL,					/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */    
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformDefaultPushXml,		/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecTransformDefaultPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformEnvelopedExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    sizeof(xmlSecTransform),                    /* xmlSecSize objSize */
+
+    xmlSecNameEnveloped,                        /* const xmlChar* name; */
+    xmlSecHrefEnveloped,                        /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    NULL,                                       /* xmlSecTransformInitializeMethod initialize; */
+    NULL,                                       /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformDefaultPushXml,              /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecTransformDefaultPopXml,               /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformEnvelopedExecute,            /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -65,36 +65,36 @@ static xmlSecTransformKlass xmlSecTransformEnvelopedKlass = {
  *
  * The enveloped transform klass (http://www.w3.org/TR/xmldsig-core/#sec-EnvelopedSignature):
  *
- * An enveloped signature transform T removes the whole Signature element 
- * containing T from the digest calculation of the Reference element 
- * containing T. The entire string of characters used by an XML processor 
- * to match the Signature with the XML production element is removed. 
- * The output of the transform is equivalent to the output that would 
- * result from replacing T with an XPath transform containing the following 
+ * An enveloped signature transform T removes the whole Signature element
+ * containing T from the digest calculation of the Reference element
+ * containing T. The entire string of characters used by an XML processor
+ * to match the Signature with the XML production element is removed.
+ * The output of the transform is equivalent to the output that would
+ * result from replacing T with an XPath transform containing the following
  * XPath parameter element:
  *
  * <XPath xmlns:dsig="&dsig;">
  *   count(ancestor-or-self::dsig:Signature |
  *   here()/ancestor::dsig:Signature[1]) >
  *   count(ancestor-or-self::dsig:Signature)</XPath>
- *    
- * The input and output requirements of this transform are identical to 
- * those of the XPath transform, but may only be applied to a node-set from 
- * its parent XML document. Note that it is not necessary to use an XPath 
- * expression evaluator to create this transform. However, this transform 
- * MUST produce output in exactly the same manner as the XPath transform 
+ *
+ * The input and output requirements of this transform are identical to
+ * those of the XPath transform, but may only be applied to a node-set from
+ * its parent XML document. Note that it is not necessary to use an XPath
+ * expression evaluator to create this transform. However, this transform
+ * MUST produce output in exactly the same manner as the XPath transform
  * parameterized by the XPath expression above.
  *
  * Returns: enveloped transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformEnvelopedGetKlass(void) {
     return(&xmlSecTransformEnvelopedKlass);
 }
 
 static int
-xmlSecTransformEnvelopedExecute(xmlSecTransformPtr transform, int last, 
-				 xmlSecTransformCtxPtr transformCtx) {
+xmlSecTransformEnvelopedExecute(xmlSecTransformPtr transform, int last,
+                                 xmlSecTransformCtxPtr transformCtx) {
     xmlNodePtr node;
     xmlSecNodeSetPtr children;
 
@@ -103,50 +103,50 @@ xmlSecTransformEnvelopedExecute(xmlSecTransformPtr transform, int last,
     xmlSecAssert2(transform->outNodes == NULL, -1);
     xmlSecAssert2(last != 0, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     if((transform->inNodes != NULL) && (transform->inNodes->doc != transform->hereNode->doc)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     /* find signature node and get all its children in the nodes set */
     node = xmlSecFindParent(transform->hereNode, xmlSecNodeSignature, xmlSecDSigNs);
     if(node == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeSignature),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeSignature),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     children = xmlSecNodeSetGetChildren(node->doc, node, 1, 1);
     if(children == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecNodeSetGetChildren",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecNodeSetGetChildren",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+        return(-1);
     }
 
     /* intersect <dsig:Signature/> node children with input nodes (if exist) */
     transform->outNodes = xmlSecNodeSetAdd(transform->inNodes, children, xmlSecNodeSetIntersection);
     if(transform->outNodes == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecNodeSetAdd",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecNodeSetDestroy(children);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecNodeSetAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecNodeSetDestroy(children);
+        return(-1);
     }
-    
+
     return(0);
 }
 
diff --git a/src/errors.c b/src/errors.c
index 54e34e6c..c9886d36 100644
--- a/src/errors.c
+++ b/src/errors.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Error codes and error reporting functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -22,221 +22,221 @@
 #include <xmlsec/private.h>
 #include <xmlsec/errors.h>
 
-#define XMLSEC_ERRORS_BUFFER_SIZE	1024
+#define XMLSEC_ERRORS_BUFFER_SIZE       1024
 
-typedef struct _xmlSecErrorDescription			xmlSecErrorDescription, *xmlSecErrorDescriptionPtr;
+typedef struct _xmlSecErrorDescription                  xmlSecErrorDescription, *xmlSecErrorDescriptionPtr;
 struct _xmlSecErrorDescription {
-    int 		errorCode;
-    const char*		errorMsg;
+    int                 errorCode;
+    const char*         errorMsg;
 };
 
 static xmlSecErrorDescription xmlSecErrorsTable[XMLSEC_ERRORS_MAX_NUMBER + 1] = {
-  { XMLSEC_ERRORS_R_XMLSEC_FAILED, 		"xmlsec library function failed" }, 
-  { XMLSEC_ERRORS_R_MALLOC_FAILED, 		"malloc function failed" }, 
-  { XMLSEC_ERRORS_R_STRDUP_FAILED, 		"strdup function failed" }, 
-  { XMLSEC_ERRORS_R_CRYPTO_FAILED, 		"crypto library function failed" }, 
-  { XMLSEC_ERRORS_R_XML_FAILED, 		"libxml2 library function failed" }, 
-  { XMLSEC_ERRORS_R_XSLT_FAILED, 		"libxslt library function failed" }, 
-  { XMLSEC_ERRORS_R_IO_FAILED, 			"io function failed" }, 
-  { XMLSEC_ERRORS_R_DISABLED, 			"feature is disabled" }, 
-  { XMLSEC_ERRORS_R_NOT_IMPLEMENTED, 		"feature is not implemented" }, 
-  { XMLSEC_ERRORS_R_INVALID_SIZE, 		"invalid size" }, 
-  { XMLSEC_ERRORS_R_INVALID_DATA, 		"invalid data" }, 
-  { XMLSEC_ERRORS_R_INVALID_RESULT, 		"invalid result" }, 
-  { XMLSEC_ERRORS_R_INVALID_TYPE, 		"invalid type" }, 
-  { XMLSEC_ERRORS_R_INVALID_OPERATION, 		"invalid operation" }, 
-  { XMLSEC_ERRORS_R_INVALID_STATUS, 		"invalid status" }, 
-  { XMLSEC_ERRORS_R_INVALID_FORMAT, 		"invalid format" }, 
-  { XMLSEC_ERRORS_R_DATA_NOT_MATCH, 		"data do not match" }, 
-  { XMLSEC_ERRORS_R_INVALID_NODE, 		"invalid node" }, 
-  { XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, 	"invalid node content" }, 
-  { XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, 	"invalid node attribute" }, 
-  { XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE, 	"missing node attribute" }, 
-  { XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT, 	"node already present" }, 
-  { XMLSEC_ERRORS_R_UNEXPECTED_NODE, 		"unexpected node" }, 
-  { XMLSEC_ERRORS_R_NODE_NOT_FOUND, 		"node node found" }, 
-  { XMLSEC_ERRORS_R_INVALID_TRANSFORM, 		"invalid transform" }, 
-  { XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY, 	"invalid transform key" }, 
-  { XMLSEC_ERRORS_R_INVALID_URI_TYPE, 		"invalid URI type" }, 
-  { XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED, 	"same document is required for transform" }, 
-  { XMLSEC_ERRORS_R_TRANSFORM_DISABLED, 	"transform is disabled" }, 
-  { XMLSEC_ERRORS_R_INVALID_KEY_DATA, 		"invalid key data" }, 
-  { XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND, 	"key data is not found" }, 
-  { XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST, 	"key data already exist" }, 
-  { XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE, 	"invalid key data size" }, 
-  { XMLSEC_ERRORS_R_KEY_NOT_FOUND, 		"key is not found" }, 
-  { XMLSEC_ERRORS_R_KEYDATA_DISABLED, 		"key data is disabled" }, 
-  { XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL, 	"maximum key retrieval level" }, 
-  { XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH,"key retrieval type mismatch" }, 
-  { XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL, 		"maximum encrypted key level" }, 
-  { XMLSEC_ERRORS_R_CERT_VERIFY_FAILED, 	"certificate verification failed" }, 
-  { XMLSEC_ERRORS_R_CERT_NOT_FOUND, 		"certificate is not found" }, 
-  { XMLSEC_ERRORS_R_CERT_REVOKED, 		"certificate is revoked" }, 
-  { XMLSEC_ERRORS_R_CERT_ISSUER_FAILED, 	"certificate issuer check failed" }, 
-  { XMLSEC_ERRORS_R_CERT_NOT_YET_VALID, 	"certificate is not yet valid" }, 
-  { XMLSEC_ERRORS_R_CERT_HAS_EXPIRED, 		"certificate has expirred" }, 
-  { XMLSEC_ERRORS_R_DSIG_NO_REFERENCES, 	"Reference nodes are not found" }, 
-  { XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE, 	"Reference verification failed" }, 
-  { XMLSEC_ERRORS_R_ASSERTION, 			"assertion" }, 
-  { 0,						NULL}
+  { XMLSEC_ERRORS_R_XMLSEC_FAILED,              "xmlsec library function failed" },
+  { XMLSEC_ERRORS_R_MALLOC_FAILED,              "malloc function failed" },
+  { XMLSEC_ERRORS_R_STRDUP_FAILED,              "strdup function failed" },
+  { XMLSEC_ERRORS_R_CRYPTO_FAILED,              "crypto library function failed" },
+  { XMLSEC_ERRORS_R_XML_FAILED,                 "libxml2 library function failed" },
+  { XMLSEC_ERRORS_R_XSLT_FAILED,                "libxslt library function failed" },
+  { XMLSEC_ERRORS_R_IO_FAILED,                  "io function failed" },
+  { XMLSEC_ERRORS_R_DISABLED,                   "feature is disabled" },
+  { XMLSEC_ERRORS_R_NOT_IMPLEMENTED,            "feature is not implemented" },
+  { XMLSEC_ERRORS_R_INVALID_SIZE,               "invalid size" },
+  { XMLSEC_ERRORS_R_INVALID_DATA,               "invalid data" },
+  { XMLSEC_ERRORS_R_INVALID_RESULT,             "invalid result" },
+  { XMLSEC_ERRORS_R_INVALID_TYPE,               "invalid type" },
+  { XMLSEC_ERRORS_R_INVALID_OPERATION,          "invalid operation" },
+  { XMLSEC_ERRORS_R_INVALID_STATUS,             "invalid status" },
+  { XMLSEC_ERRORS_R_INVALID_FORMAT,             "invalid format" },
+  { XMLSEC_ERRORS_R_DATA_NOT_MATCH,             "data do not match" },
+  { XMLSEC_ERRORS_R_INVALID_NODE,               "invalid node" },
+  { XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,       "invalid node content" },
+  { XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,     "invalid node attribute" },
+  { XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE,     "missing node attribute" },
+  { XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,       "node already present" },
+  { XMLSEC_ERRORS_R_UNEXPECTED_NODE,            "unexpected node" },
+  { XMLSEC_ERRORS_R_NODE_NOT_FOUND,             "node node found" },
+  { XMLSEC_ERRORS_R_INVALID_TRANSFORM,          "invalid transform" },
+  { XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY,      "invalid transform key" },
+  { XMLSEC_ERRORS_R_INVALID_URI_TYPE,           "invalid URI type" },
+  { XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED,   "same document is required for transform" },
+  { XMLSEC_ERRORS_R_TRANSFORM_DISABLED,         "transform is disabled" },
+  { XMLSEC_ERRORS_R_INVALID_KEY_DATA,           "invalid key data" },
+  { XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND,         "key data is not found" },
+  { XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,     "key data already exist" },
+  { XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,      "invalid key data size" },
+  { XMLSEC_ERRORS_R_KEY_NOT_FOUND,              "key is not found" },
+  { XMLSEC_ERRORS_R_KEYDATA_DISABLED,           "key data is disabled" },
+  { XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL,       "maximum key retrieval level" },
+  { XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH,"key retrieval type mismatch" },
+  { XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL,           "maximum encrypted key level" },
+  { XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,         "certificate verification failed" },
+  { XMLSEC_ERRORS_R_CERT_NOT_FOUND,             "certificate is not found" },
+  { XMLSEC_ERRORS_R_CERT_REVOKED,               "certificate is revoked" },
+  { XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,         "certificate issuer check failed" },
+  { XMLSEC_ERRORS_R_CERT_NOT_YET_VALID,         "certificate is not yet valid" },
+  { XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,           "certificate has expirred" },
+  { XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,         "Reference nodes are not found" },
+  { XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE,     "Reference verification failed" },
+  { XMLSEC_ERRORS_R_ASSERTION,                  "assertion" },
+  { 0,                                          NULL}
 };
 
 static xmlSecErrorsCallback xmlSecErrorsClbk = xmlSecErrorsDefaultCallback;
-static int  xmlSecPrintErrorMessages = 1;	/* whether the error messages will be printed immidiatelly */
+static int  xmlSecPrintErrorMessages = 1;       /* whether the error messages will be printed immidiatelly */
 
-/** 
+/**
  * xmlSecErrorsInit:
  *
  * Initializes the errors reporting. It is called from #xmlSecInit function.
  * and applications must not call this function directly.
  */
-void 
+void
 xmlSecErrorsInit(void) {
 }
 
-/** 
+/**
  * xmlSecErrorsShutdown:
  *
  * Cleanups the errors reporting. It is called from #xmlSecShutdown function.
  * and applications must not call this function directly.
  */
-void 
+void
 xmlSecErrorsShutdown(void) {
 }
 
 /**
  * xmlSecErrorsSetCallback:
- * @callback: 		the new errors callback function.
+ * @callback:           the new errors callback function.
  *
- * Sets the errors callback function to @callback that will be called 
+ * Sets the errors callback function to @callback that will be called
  * every time an error occurs.
  */
-void 
+void
 xmlSecErrorsSetCallback(xmlSecErrorsCallback callback) {
     xmlSecErrorsClbk = callback;
 }
 
 /**
  * xmlSecErrorsDefaultCallback:
- * @file:		the error location file name (__FILE__ macro).
- * @line:		the error location line number (__LINE__ macro).
- * @func:		the error location function name (__FUNCTION__ macro).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject.
- * @reason:		the error code.
- * @msg:		the additional error message.
+ * @file:               the error location file name (__FILE__ macro).
+ * @line:               the error location line number (__LINE__ macro).
+ * @func:               the error location function name (__FUNCTION__ macro).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the additional error message.
  *
  * The default error reporting callback that utilizes LibXML
  * error reporting #xmlGenericError function.
  */
-void 
+void
 xmlSecErrorsDefaultCallback(const char* file, int line, const char* func,
-			    const char* errorObject, const char* errorSubject,
-			    int reason, const char* msg) {
-    if(xmlSecPrintErrorMessages) {    
-	const char* error_msg = NULL;
-	xmlSecSize i;
-
-	for(i = 0; (i < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(i) != NULL); ++i) {
-	    if(xmlSecErrorsGetCode(i) == reason) {
-		error_msg = xmlSecErrorsGetMsg(i);
-		break;
-	    }
-	}
-	xmlGenericError(xmlGenericErrorContext,
-	    "func=%s:file=%s:line=%d:obj=%s:subj=%s:error=%d:%s:%s\n",
-	    (func != NULL) ? func : "unknown",
-	    (file != NULL) ? file : "unknown",
-	    line,
-	    (errorObject != NULL) ? errorObject : "unknown",
-	    (errorSubject != NULL) ? errorSubject : "unknown",
-	    reason,
-	    (error_msg != NULL) ? error_msg : "",
-	    (msg != NULL) ? msg : "");
+                            const char* errorObject, const char* errorSubject,
+                            int reason, const char* msg) {
+    if(xmlSecPrintErrorMessages) {
+        const char* error_msg = NULL;
+        xmlSecSize i;
+
+        for(i = 0; (i < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(i) != NULL); ++i) {
+            if(xmlSecErrorsGetCode(i) == reason) {
+                error_msg = xmlSecErrorsGetMsg(i);
+                break;
+            }
+        }
+        xmlGenericError(xmlGenericErrorContext,
+            "func=%s:file=%s:line=%d:obj=%s:subj=%s:error=%d:%s:%s\n",
+            (func != NULL) ? func : "unknown",
+            (file != NULL) ? file : "unknown",
+            line,
+            (errorObject != NULL) ? errorObject : "unknown",
+            (errorSubject != NULL) ? errorSubject : "unknown",
+            reason,
+            (error_msg != NULL) ? error_msg : "",
+            (msg != NULL) ? msg : "");
     }
 }
 
 /**
  * xmlSecErrorsDefaultCallbackEnableOutput:
- * @enabled:		the flag.
- * 
+ * @enabled:            the flag.
+ *
  * Enables or disables calling LibXML2 callback from the default
  * errors callback.
  */
-void 
+void
 xmlSecErrorsDefaultCallbackEnableOutput(int enabled) {
     xmlSecPrintErrorMessages = enabled;
 }
 
 /**
  * xmlSecErrorsGetCode:
- * @pos:		the error position.
- * 
+ * @pos:                the error position.
+ *
  * Gets the known error code at position @pos.
  *
- * Returns: the known error code or 0 if @pos is greater than 
+ * Returns: the known error code or 0 if @pos is greater than
  * total number of known error codes.
  */
-int 
+int
 xmlSecErrorsGetCode(xmlSecSize pos) {
     /* could not use asserts here! */
     if(pos < sizeof(xmlSecErrorsTable) / sizeof(xmlSecErrorsTable[0])) {
-	return(xmlSecErrorsTable[pos].errorCode);
+        return(xmlSecErrorsTable[pos].errorCode);
     }
     return(0);
 }
 
 /**
  * xmlSecErrorsGetMsg:
- * @pos:		the error position.
+ * @pos:                the error position.
  *
  * Gets the known error message at position @pos.
  *
- * Returns: the known error message or NULL if @pos is greater than 
+ * Returns: the known error message or NULL if @pos is greater than
  * total number of known error codes.
  */
-const char* 
+const char*
 xmlSecErrorsGetMsg(xmlSecSize pos) {
     /* could not use asserts here! */
     if(pos < sizeof(xmlSecErrorsTable) / sizeof(xmlSecErrorsTable[0])) {
-	return(xmlSecErrorsTable[pos].errorMsg);
+        return(xmlSecErrorsTable[pos].errorMsg);
     }
     return(NULL);
 }
 
 /**
  * xmlSecError:
- * @file: 		the error location filename (__FILE__).
- * @line: 		the error location line number (__LINE__).
- * @func: 		the error location function (__FUNCTIION__).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject. 
- * @reason: 		the error code.
- * @msg: 		the error message in printf format.
- * @...: 		the parameters for the @msg.
+ * @file:               the error location filename (__FILE__).
+ * @line:               the error location line number (__LINE__).
+ * @func:               the error location function (__FUNCTIION__).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the error message in printf format.
+ * @...:                the parameters for the @msg.
  *
- * Reports an error to the default (#xmlSecErrorsDefaultCallback) or 
- * application specific callback installed using #xmlSecErrorsSetCallback 
+ * Reports an error to the default (#xmlSecErrorsDefaultCallback) or
+ * application specific callback installed using #xmlSecErrorsSetCallback
  * function.
  */
-void	
-xmlSecError(const char* file, int line, const char* func, 
-	    const char* errorObject, const char* errorSubject,
-  	    int reason, const char* msg, ...) {
-	    
+void
+xmlSecError(const char* file, int line, const char* func,
+            const char* errorObject, const char* errorSubject,
+            int reason, const char* msg, ...) {
+
     if(xmlSecErrorsClbk != NULL) {
-	xmlChar error_msg[XMLSEC_ERRORS_BUFFER_SIZE];
-	
-	if(msg != NULL) {
-	    va_list va;
-
-	    va_start(va, msg);
-  	    xmlSecStrVPrintf(error_msg, sizeof(error_msg), BAD_CAST msg, va);
-	    error_msg[sizeof(error_msg) - 1] = '\0';
-	    va_end(va);	
-	} else {
-	    error_msg[0] = '\0';	    
-	}
-	xmlSecErrorsClbk(file, line, func, errorObject, errorSubject, reason, (char*)error_msg);
-    }	
+        xmlChar error_msg[XMLSEC_ERRORS_BUFFER_SIZE];
+
+        if(msg != NULL) {
+            va_list va;
+
+            va_start(va, msg);
+            xmlSecStrVPrintf(error_msg, sizeof(error_msg), BAD_CAST msg, va);
+            error_msg[sizeof(error_msg) - 1] = '\0';
+            va_end(va);
+        } else {
+            error_msg[0] = '\0';
+        }
+        xmlSecErrorsClbk(file, line, func, errorObject, errorSubject, reason, (char*)error_msg);
+    }
 }
diff --git a/src/gcrypt/Makefile.am b/src/gcrypt/Makefile.am
new file mode 100644
index 00000000..734c429f
--- /dev/null
+++ b/src/gcrypt/Makefile.am
@@ -0,0 +1,55 @@
+NULL =
+
+EXTRA_DIST = \
+	README \
+	$(NULL)
+
+lib_LTLIBRARIES = \
+	libxmlsec1-gcrypt.la \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_CPPFLAGS = \
+	-DPACKAGE=\"@PACKAGE@\" \
+	-DGCRYPT_MIN_VERSION=\"$(GCRYPT_MIN_VERSION)\" \
+	-I../../include \
+	-I$(top_srcdir)/include \
+	$(XMLSEC_DEFINES) \
+	$(GCRYPT_CFLAGS) \
+	$(LIBXSLT_CFLAGS) \
+	$(LIBXML_CFLAGS) \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_SOURCES =\
+	app.c \
+	asn1.h \
+	asn1.c \
+	ciphers.c \
+	crypto.c \
+	digests.c \
+	hmac.c \
+	kw_aes.c \
+	kw_des.c \
+	symkeys.c \
+	asymkeys.c \
+	signatures.c \
+	globals.h \
+	$(NULL)
+
+if SHAREDLIB_HACK
+libxmlsec1_gcrypt_la_SOURCES += ../strings.c
+endif
+
+libxmlsec1_gcrypt_la_LIBADD = \
+	$(GCRYPT_LIBS) \
+	$(LIBXSLT_LIBS) \
+	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_DEPENDENCIES = \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_LDFLAGS = \
+	@XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+	-version-info @XMLSEC_VERSION_INFO@ \
+	$(NULL)
diff --git a/src/gcrypt/Makefile.in b/src/gcrypt/Makefile.in
new file mode 100644
index 00000000..325e5cf8
--- /dev/null
+++ b/src/gcrypt/Makefile.in
@@ -0,0 +1,794 @@
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@SHAREDLIB_HACK_TRUE@am__append_1 = ../strings.c
+subdir = src/gcrypt
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+	$(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+    *) f=$$p;; \
+  esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+  srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+  for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+  for p in $$list; do echo "$$p $$p"; done | \
+  sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+  $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+    if (++n[$$2] == $(am__install_max)) \
+      { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+    END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+  sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+  sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
+am__installdirs = "$(DESTDIR)$(libdir)"
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+am__libxmlsec1_gcrypt_la_SOURCES_DIST = app.c asn1.h asn1.c ciphers.c \
+	crypto.c digests.c hmac.c kw_aes.c kw_des.c symkeys.c \
+	asymkeys.c signatures.c globals.h ../strings.c
+am__objects_1 =
+@SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_gcrypt_la-strings.lo
+am_libxmlsec1_gcrypt_la_OBJECTS = libxmlsec1_gcrypt_la-app.lo \
+	libxmlsec1_gcrypt_la-asn1.lo libxmlsec1_gcrypt_la-ciphers.lo \
+	libxmlsec1_gcrypt_la-crypto.lo libxmlsec1_gcrypt_la-digests.lo \
+	libxmlsec1_gcrypt_la-hmac.lo libxmlsec1_gcrypt_la-kw_aes.lo \
+	libxmlsec1_gcrypt_la-kw_des.lo libxmlsec1_gcrypt_la-symkeys.lo \
+	libxmlsec1_gcrypt_la-asymkeys.lo \
+	libxmlsec1_gcrypt_la-signatures.lo $(am__objects_1) \
+	$(am__objects_2)
+libxmlsec1_gcrypt_la_OBJECTS = $(am_libxmlsec1_gcrypt_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_gcrypt_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gcrypt_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
+SOURCES = $(libxmlsec1_gcrypt_la_SOURCES)
+DIST_SOURCES = $(am__libxmlsec1_gcrypt_la_SOURCES_DIST)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CP = @CP@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
+GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
+GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
+GNUTLS_LIBS = @GNUTLS_LIBS@
+GNUTLS_MIN_VERSION = @GNUTLS_MIN_VERSION@
+GREP = @GREP@
+HELP2MAN = @HELP2MAN@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIBXML_CFLAGS = @LIBXML_CFLAGS@
+LIBXML_CONFIG = @LIBXML_CONFIG@
+LIBXML_LIBS = @LIBXML_LIBS@
+LIBXML_MIN_VERSION = @LIBXML_MIN_VERSION@
+LIBXSLT_CFLAGS = @LIBXSLT_CFLAGS@
+LIBXSLT_CONFIG = @LIBXSLT_CONFIG@
+LIBXSLT_LIBS = @LIBXSLT_LIBS@
+LIBXSLT_MIN_VERSION = @LIBXSLT_MIN_VERSION@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAKEINFO = @MAKEINFO@
+MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
+MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
+MSCRYPTO_CRYPTO_LIB = @MSCRYPTO_CRYPTO_LIB@
+MSCRYPTO_LIBS = @MSCRYPTO_LIBS@
+MV = @MV@
+NM = @NM@
+NMEDIT = @NMEDIT@
+NSPR_MIN_VERSION = @NSPR_MIN_VERSION@
+NSPR_PACKAGE = @NSPR_PACKAGE@
+NSS_CFLAGS = @NSS_CFLAGS@
+NSS_CRYPTO_LIB = @NSS_CRYPTO_LIB@
+NSS_LIBS = @NSS_LIBS@
+NSS_MIN_VERSION = @NSS_MIN_VERSION@
+NSS_PACKAGE = @NSS_PACKAGE@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OPENSSL_CFLAGS = @OPENSSL_CFLAGS@
+OPENSSL_CRYPTO_LIB = @OPENSSL_CRYPTO_LIB@
+OPENSSL_LIBS = @OPENSSL_LIBS@
+OPENSSL_MIN_VERSION = @OPENSSL_MIN_VERSION@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+RANLIB = @RANLIB@
+RM = @RM@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+TAR = @TAR@
+VERSION = @VERSION@
+XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
+XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
+XMLSEC_CORE_CFLAGS = @XMLSEC_CORE_CFLAGS@
+XMLSEC_CORE_LIBS = @XMLSEC_CORE_LIBS@
+XMLSEC_CRYPTO = @XMLSEC_CRYPTO@
+XMLSEC_CRYPTO_CFLAGS = @XMLSEC_CRYPTO_CFLAGS@
+XMLSEC_CRYPTO_DISABLED_LIST = @XMLSEC_CRYPTO_DISABLED_LIST@
+XMLSEC_CRYPTO_EXTRA_LDFLAGS = @XMLSEC_CRYPTO_EXTRA_LDFLAGS@
+XMLSEC_CRYPTO_LIB = @XMLSEC_CRYPTO_LIB@
+XMLSEC_CRYPTO_LIBS = @XMLSEC_CRYPTO_LIBS@
+XMLSEC_CRYPTO_LIST = @XMLSEC_CRYPTO_LIST@
+XMLSEC_CRYPTO_PC_FILES_LIST = @XMLSEC_CRYPTO_PC_FILES_LIST@
+XMLSEC_DEFINES = @XMLSEC_DEFINES@
+XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
+XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
+XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
+XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
+XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
+XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
+XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
+XMLSEC_LIBS = @XMLSEC_LIBS@
+XMLSEC_NO_AES = @XMLSEC_NO_AES@
+XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
+XMLSEC_NO_DES = @XMLSEC_NO_DES@
+XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
+XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
+XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
+XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
+XMLSEC_NO_LIBXSLT = @XMLSEC_NO_LIBXSLT@
+XMLSEC_NO_MD5 = @XMLSEC_NO_MD5@
+XMLSEC_NO_MSCRYPTO = @XMLSEC_NO_MSCRYPTO@
+XMLSEC_NO_NSS = @XMLSEC_NO_NSS@
+XMLSEC_NO_OPENSSL = @XMLSEC_NO_OPENSSL@
+XMLSEC_NO_RIPEMD160 = @XMLSEC_NO_RIPEMD160@
+XMLSEC_NO_RSA = @XMLSEC_NO_RSA@
+XMLSEC_NO_SHA1 = @XMLSEC_NO_SHA1@
+XMLSEC_NO_SHA224 = @XMLSEC_NO_SHA224@
+XMLSEC_NO_SHA256 = @XMLSEC_NO_SHA256@
+XMLSEC_NO_SHA384 = @XMLSEC_NO_SHA384@
+XMLSEC_NO_SHA512 = @XMLSEC_NO_SHA512@
+XMLSEC_NO_X509 = @XMLSEC_NO_X509@
+XMLSEC_NO_XKMS = @XMLSEC_NO_XKMS@
+XMLSEC_NO_XMLDSIG = @XMLSEC_NO_XMLDSIG@
+XMLSEC_NO_XMLENC = @XMLSEC_NO_XMLENC@
+XMLSEC_NSS_CFLAGS = @XMLSEC_NSS_CFLAGS@
+XMLSEC_NSS_LIBS = @XMLSEC_NSS_LIBS@
+XMLSEC_OPENSSL_CFLAGS = @XMLSEC_OPENSSL_CFLAGS@
+XMLSEC_OPENSSL_LIBS = @XMLSEC_OPENSSL_LIBS@
+XMLSEC_PACKAGE = @XMLSEC_PACKAGE@
+XMLSEC_STATIC_BINARIES = @XMLSEC_STATIC_BINARIES@
+XMLSEC_VERSION = @XMLSEC_VERSION@
+XMLSEC_VERSION_INFO = @XMLSEC_VERSION_INFO@
+XMLSEC_VERSION_MAJOR = @XMLSEC_VERSION_MAJOR@
+XMLSEC_VERSION_MINOR = @XMLSEC_VERSION_MINOR@
+XMLSEC_VERSION_SAFE = @XMLSEC_VERSION_SAFE@
+XMLSEC_VERSION_SUBMINOR = @XMLSEC_VERSION_SUBMINOR@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+srcdir = @srcdir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+NULL = 
+EXTRA_DIST = \
+	README \
+	$(NULL)
+
+lib_LTLIBRARIES = \
+	libxmlsec1-gcrypt.la \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_CPPFLAGS = \
+	-DPACKAGE=\"@PACKAGE@\" \
+	-DGCRYPT_MIN_VERSION=\"$(GCRYPT_MIN_VERSION)\" \
+	-I../../include \
+	-I$(top_srcdir)/include \
+	$(XMLSEC_DEFINES) \
+	$(GCRYPT_CFLAGS) \
+	$(LIBXSLT_CFLAGS) \
+	$(LIBXML_CFLAGS) \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_SOURCES = app.c asn1.h asn1.c ciphers.c crypto.c \
+	digests.c hmac.c kw_aes.c kw_des.c symkeys.c asymkeys.c \
+	signatures.c globals.h $(NULL) $(am__append_1)
+libxmlsec1_gcrypt_la_LIBADD = \
+	$(GCRYPT_LIBS) \
+	$(LIBXSLT_LIBS) \
+	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_DEPENDENCIES = \
+	$(NULL)
+
+libxmlsec1_gcrypt_la_LDFLAGS = \
+	@XMLSEC_CRYPTO_EXTRA_LDFLAGS@ \
+	-version-info @XMLSEC_VERSION_INFO@ \
+	$(NULL)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
+	@for dep in $?; do \
+	  case '$(am__configure_deps)' in \
+	    *$$dep*) \
+	      ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+	        && { if test -f $@; then exit 0; else break; fi; }; \
+	      exit 1;; \
+	  esac; \
+	done; \
+	echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/gcrypt/Makefile'; \
+	$(am__cd) $(top_srcdir) && \
+	  $(AUTOMAKE) --gnu src/gcrypt/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+	@$(NORMAL_INSTALL)
+	test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)"
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	list2=; for p in $$list; do \
+	  if test -f $$p; then \
+	    list2="$$list2 $$p"; \
+	  else :; fi; \
+	done; \
+	test -z "$$list2" || { \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \
+	}
+
+uninstall-libLTLIBRARIES:
+	@$(NORMAL_UNINSTALL)
+	@list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \
+	for p in $$list; do \
+	  $(am__strip_dir) \
+	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \
+	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \
+	done
+
+clean-libLTLIBRARIES:
+	-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+	@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+	  dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+	  test "$$dir" != "$$p" || dir=.; \
+	  echo "rm -f \"$${dir}/so_locations\""; \
+	  rm -f "$${dir}/so_locations"; \
+	done
+libxmlsec1-gcrypt.la: $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gcrypt_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_gcrypt_la_LINK) -rpath $(libdir) $(libxmlsec1_gcrypt_la_OBJECTS) $(libxmlsec1_gcrypt_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+	-rm -f *.$(OBJEXT)
+
+distclean-compile:
+	-rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+libxmlsec1_gcrypt_la-app.lo: app.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-app.Tpo -c -o libxmlsec1_gcrypt_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-app.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='app.c' object='libxmlsec1_gcrypt_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+
+libxmlsec1_gcrypt_la-asn1.lo: asn1.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-asn1.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Tpo -c -o libxmlsec1_gcrypt_la-asn1.lo `test -f 'asn1.c' || echo '$(srcdir)/'`asn1.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-asn1.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='asn1.c' object='libxmlsec1_gcrypt_la-asn1.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-asn1.lo `test -f 'asn1.c' || echo '$(srcdir)/'`asn1.c
+
+libxmlsec1_gcrypt_la-ciphers.lo: ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Tpo -c -o libxmlsec1_gcrypt_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ciphers.c' object='libxmlsec1_gcrypt_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+
+libxmlsec1_gcrypt_la-crypto.lo: crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Tpo -c -o libxmlsec1_gcrypt_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='crypto.c' object='libxmlsec1_gcrypt_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+
+libxmlsec1_gcrypt_la-digests.lo: digests.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Tpo -c -o libxmlsec1_gcrypt_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='digests.c' object='libxmlsec1_gcrypt_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_gcrypt_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Tpo -c -o libxmlsec1_gcrypt_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hmac.c' object='libxmlsec1_gcrypt_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_gcrypt_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Tpo -c -o libxmlsec1_gcrypt_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_aes.c' object='libxmlsec1_gcrypt_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_gcrypt_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Tpo -c -o libxmlsec1_gcrypt_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_des.c' object='libxmlsec1_gcrypt_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+
+libxmlsec1_gcrypt_la-symkeys.lo: symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Tpo -c -o libxmlsec1_gcrypt_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='symkeys.c' object='libxmlsec1_gcrypt_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_gcrypt_la-asymkeys.lo: asymkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-asymkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Tpo -c -o libxmlsec1_gcrypt_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-asymkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='asymkeys.c' object='libxmlsec1_gcrypt_la-asymkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+
+libxmlsec1_gcrypt_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Tpo -c -o libxmlsec1_gcrypt_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='signatures.c' object='libxmlsec1_gcrypt_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_gcrypt_la-strings.lo: ../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gcrypt_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo -c -o libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Tpo $(DEPDIR)/libxmlsec1_gcrypt_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../strings.c' object='libxmlsec1_gcrypt_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gcrypt_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gcrypt_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+
+mostlyclean-libtool:
+	-rm -f *.lo
+
+clean-libtool:
+	-rm -rf .libs _libs
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	mkid -fID $$unique
+tags: TAGS
+
+TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	set x; \
+	here=`pwd`; \
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	shift; \
+	if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+	  test -n "$$unique" || unique=$$empty_fix; \
+	  if test $$# -gt 0; then \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      "$$@" $$unique; \
+	  else \
+	    $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+	      $$unique; \
+	  fi; \
+	fi
+ctags: CTAGS
+CTAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
+		$(TAGS_FILES) $(LISP)
+	list='$(SOURCES) $(HEADERS)  $(LISP) $(TAGS_FILES)'; \
+	unique=`for i in $$list; do \
+	    if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+	  done | \
+	  $(AWK) '{ files[$$0] = 1; nonempty = 1; } \
+	      END { if (nonempty) { for (i in files) print i; }; }'`; \
+	test -z "$(CTAGS_ARGS)$$unique" \
+	  || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+	     $$unique
+
+GTAGS:
+	here=`$(am__cd) $(top_builddir) && pwd` \
+	  && $(am__cd) $(top_srcdir) \
+	  && gtags -i $(GTAGS_ARGS) "$$here"
+
+distclean-tags:
+	-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+	@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+	list='$(DISTFILES)'; \
+	  dist_files=`for file in $$list; do echo $$file; done | \
+	  sed -e "s|^$$srcdirstrip/||;t" \
+	      -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+	case $$dist_files in \
+	  */*) $(MKDIR_P) `echo "$$dist_files" | \
+			   sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+			   sort -u` ;; \
+	esac; \
+	for file in $$dist_files; do \
+	  if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+	  if test -d $$d/$$file; then \
+	    dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+	    if test -d "$(distdir)/$$file"; then \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+	      cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+	      find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+	    fi; \
+	    cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+	  else \
+	    test -f "$(distdir)/$$file" \
+	    || cp -p $$d/$$file "$(distdir)/$$file" \
+	    || exit 1; \
+	  fi; \
+	done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+	for dir in "$(DESTDIR)$(libdir)"; do \
+	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+	done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+	@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+	-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+	-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+
+maintainer-clean-generic:
+	@echo "This command is intended for maintainers to use"
+	@echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+	mostlyclean-am
+
+distclean: distclean-am
+	-rm -rf ./$(DEPDIR)
+	-rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+	distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+	-rm -rf ./$(DEPDIR)
+	-rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+	mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-libLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+	clean-libLTLIBRARIES clean-libtool ctags distclean \
+	distclean-compile distclean-generic distclean-libtool \
+	distclean-tags distdir dvi dvi-am html html-am info info-am \
+	install install-am install-data install-data-am install-dvi \
+	install-dvi-am install-exec install-exec-am install-html \
+	install-html-am install-info install-info-am \
+	install-libLTLIBRARIES install-man install-pdf install-pdf-am \
+	install-ps install-ps-am install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags uninstall uninstall-am uninstall-libLTLIBRARIES
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/gcrypt/README b/src/gcrypt/README
new file mode 100644
index 00000000..dcaa5a0d
--- /dev/null
+++ b/src/gcrypt/README
@@ -0,0 +1,9 @@
+The xmlsec-gcrypt implementation is really limited and is not ready
+for production use. The only supported crypto transforms are:
+
+    - HMAC
+    - Tripple DES
+    - AES [128|192|256]
+    - SHA1
+
+
diff --git a/src/gcrypt/app.c b/src/gcrypt/app.c
new file mode 100644
index 00000000..ab95f6dd
--- /dev/null
+++ b/src/gcrypt/app.c
@@ -0,0 +1,663 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/app.h>
+#include <xmlsec/gcrypt/crypto.h>
+
+#include "asn1.h"
+
+/**
+ * xmlSecGCryptAppInit:
+ * @config:             the path to GCrypt configuration (unused).
+ *
+ * General crypto engine initialization. This function is used
+ * by XMLSec command line utility and called before
+ * @xmlSecInit function.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppInit(const char* config ATTRIBUTE_UNUSED) {
+    /* Secure memory initialisation based on documentation from:
+         http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
+       NOTE sample code don't check gcry_control(...) return code
+
+       All flags from:
+         http://www.gnupg.org/documentation/manuals/gcrypt/Controlling-the-library.html
+
+       Also libgcrypt NEWS entries:
++++++
+.....
+Noteworthy changes in version 1.4.3 (2008-09-18)
+------------------------------------------------
+
+ * Try to auto-initialize Libgcrypt to minimize the effect of
+   applications not doing that correctly.  This is not a perfect
+   solution but given that many applicationion would totally fail
+   without such a hack, we try to help at least with the most common
+   cases.  Folks, please read the manual to learn how to properly
+   initialize Libgcrypt!
+
+ * Auto-initialize the secure memory to 32k instead of aborting the
+   process.
+.....
++++++
+    */
+
+    /* Version check should be the very first call because it
+       makes sure that important subsystems are intialized. */
+
+    /* NOTE configure.in defines GCRYPT_MIN_VERSION */
+    if (!gcry_check_version (GCRYPT_MIN_VERSION)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_check_version",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* We don't want to see any warnings, e.g. because we have not yet
+       parsed program options which might be used to suppress such
+       warnings. */
+    gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
+
+    /* ... If required, other initialization goes here.  Note that the
+       process might still be running with increased privileges and that
+       the secure memory has not been intialized.  */
+
+    /* Allocate a pool of 32k secure memory.  This make the secure memory
+       available and also drops privileges where needed.  */
+    gcry_control(GCRYCTL_INIT_SECMEM, 32768, 0);
+
+    /* It is now okay to let Libgcrypt complain when there was/is
+      a problem with the secure memory. */
+    gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
+
+    /* ... If required, other initialization goes here.  */
+
+    /* Tell Libgcrypt that initialization has completed. */
+    gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppShutdown:
+ *
+ * General crypto engine shutdown. This function is used
+ * by XMLSec command line utility and called after
+ * @xmlSecShutdown function.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppShutdown(void) {
+    gcry_error_t err;
+
+    err = gcry_control(GCRYCTL_TERM_SECMEM);
+    if (gcry_err_code(err)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_control(GCRYCTL_TERM_SECMEM)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppKeyLoad:
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
+ *
+ * Reads key from the a file.
+ *
+ * Returns: pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecGCryptAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
+                        const char *pwd,
+                        void* pwdCallback,
+                        void* pwdCallbackCtx) {
+    xmlSecKeyPtr key;
+    xmlSecBuffer buffer;
+    int ret;
+
+    xmlSecAssert2(filename != NULL, NULL);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+
+    ret = xmlSecBufferInitialize(&buffer, 4*1024);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    ret = xmlSecBufferReadFile(&buffer, filename);
+    if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s", 
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    key = xmlSecGCryptAppKeyLoadMemory(xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer),
+                    format, pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppKeyLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    /* cleanup */
+    xmlSecBufferFinalize(&buffer);
+    return(key);
+}
+
+/**
+ * xmlSecGCryptAppKeyLoadMemory:
+ * @data:               the binary key data.
+ * @dataSize:           the size of binary key.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
+ *
+ * Reads key from the memory buffer.
+ *
+ * Returns: pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecGCryptAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecKeyDataFormat format,
+                        const char *pwd ATTRIBUTE_UNUSED,
+                        void* pwdCallback ATTRIBUTE_UNUSED,
+                        void* pwdCallbackCtx ATTRIBUTE_UNUSED)
+{
+    xmlSecKeyPtr key = NULL;
+    xmlSecKeyDataPtr key_data = NULL;
+    int ret;
+
+    xmlSecAssert2(data != NULL, NULL);
+    xmlSecAssert2(dataSize > 0, NULL);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+
+    switch(format) {
+    case xmlSecKeyDataFormatDer:
+        key_data = xmlSecGCryptParseDer(data, dataSize, xmlSecGCryptDerKeyTypeAuto);
+        if(key_data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptParseDer",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
+    case xmlSecKeyDataFormatPem:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppKeyLoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+#ifndef XMLSEC_NO_X509
+    case xmlSecKeyDataFormatPkcs12:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppKeyLoadMemory",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+#endif /* XMLSEC_NO_X509 */
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
+    }
+
+    /* we should have key data by now */
+    xmlSecAssert2(key_data != NULL, NULL);
+    key = xmlSecKeyCreate();
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(key_data);
+        return(NULL);
+    }
+
+    ret = xmlSecKeySetValue(key, key_data);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(key_data)));
+        xmlSecKeyDestroy(key);
+        xmlSecKeyDataDestroy(key_data);
+        return(NULL);
+    }
+    key_data = NULL; /* key_data is owned by key */
+
+    /* done */
+    return(key);
+}
+
+#ifndef XMLSEC_NO_X509
+/**
+ * xmlSecGCryptAppKeyCertLoad:
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
+ *
+ * Reads the certificate from $@filename and adds it to key
+ * (not implemented yet).
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
+                          xmlSecKeyDataFormat format) {
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppKeyCertLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(-1);
+}
+
+/**
+ * xmlSecGCryptAppKeyCertLoadMemory:
+ * @key:                the pointer to key.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ *
+ * Reads the certificate from memory buffer and adds it to key (not implemented yet).
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppKeyCertLoadMemory(xmlSecKeyPtr key,
+                                 const xmlSecByte* data,
+                                 xmlSecSize dataSize,
+                                 xmlSecKeyDataFormat format) {
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppKeyCertLoadMemory",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(-1);
+}
+
+/**
+ * xmlSecGCryptAppPkcs12Load:
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
+ *
+ * Reads key and all associated certificates from the PKCS12 file
+ * (not implemented yet).
+ * For uniformity, call xmlSecGCryptAppKeyLoad instead of this function. Pass
+ * in format=xmlSecKeyDataFormatPkcs12.
+ *
+ * Returns: pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecGCryptAppPkcs12Load(const char *filename,
+                          const char *pwd ATTRIBUTE_UNUSED,
+                          void* pwdCallback ATTRIBUTE_UNUSED,
+                          void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(filename != NULL, NULL);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppPkcs12Load",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(NULL);
+}
+
+/**
+ * xmlSecGCryptAppPkcs12LoadMemory:
+ * @data:               the PKCS12 binary data.
+ * @dataSize:           the PKCS12 binary data size.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
+ *
+ * Reads key and all associated certificates from the PKCS12 data in memory buffer.
+ * For uniformity, call xmlSecGCryptAppKeyLoadMemory instead of this function. Pass
+ * in format=xmlSecKeyDataFormatPkcs12 (not implemented yet).
+ *
+ * Returns: pointer to the key or NULL if an error occurs.
+ */
+xmlSecKeyPtr
+xmlSecGCryptAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                           const char *pwd ATTRIBUTE_UNUSED,
+                           void* pwdCallback ATTRIBUTE_UNUSED,
+                           void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(data != NULL, NULL);
+    xmlSecAssert2(dataSize > 0, NULL);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppPkcs12LoadMemory",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(NULL);
+}
+
+/**
+ * xmlSecGCryptAppKeysMngrCertLoad:
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
+ * Reads cert from @filename and adds to the list of trusted or known
+ * untrusted certs in @store (not implemented yet).
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, 
+                                const char *filename,
+                                xmlSecKeyDataFormat format,
+                                xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(filename != NULL, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppKeysMngrCertLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(-1);
+}
+
+/**
+ * xmlSecGCryptAppKeysMngrCertLoadMemory:
+ * @mngr:               the keys manager.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate trusted or not.
+ *
+ * Reads cert from binary buffer @data and adds to the list of trusted or known
+ * untrusted certs in @store (not implemented yet).
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
+                                      const xmlSecByte* data,
+                                      xmlSecSize dataSize,
+                                      xmlSecKeyDataFormat format,
+                                      xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
+
+    /* TODO */
+    xmlSecError(XMLSEC_ERRORS_HERE,
+                NULL,
+                "xmlSecGCryptAppKeysMngrCertLoadMemory",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(-1);
+}
+
+#endif /* XMLSEC_NO_X509 */
+
+/**
+ * xmlSecGCryptAppDefaultKeysMngrInit:
+ * @mngr:               the pointer to keys manager.
+ *
+ * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
+ * and a default GCrypt crypto key data stores.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
+    int ret;
+
+    xmlSecAssert2(mngr != NULL, -1);
+
+    /* create simple keys store if needed */
+    if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecSimpleKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
+    }
+
+    ret = xmlSecGCryptKeysMngrInit(mngr);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKeysMngrInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* TODO */
+    mngr->getKey = xmlSecKeysMngrGetKey;
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppDefaultKeysMngrAdoptKey:
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
+ *
+ * Adds @key to the keys manager @mngr created with #xmlSecGCryptAppDefaultKeysMngrInit
+ * function.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
+    xmlSecKeyStorePtr store;
+    int ret;
+
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(key != NULL, -1);
+
+    store = xmlSecKeysMngrGetKeysStore(mngr);
+    if(store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppDefaultKeysMngrLoad:
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
+ *
+ * Loads XML keys file from @uri to the keys manager @mngr created
+ * with #xmlSecGCryptAppDefaultKeysMngrInit function.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
+    xmlSecKeyStorePtr store;
+    int ret;
+
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(uri != NULL, -1);
+
+    store = xmlSecKeysMngrGetKeysStore(mngr);
+    if(store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppDefaultKeysMngrSave:
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
+ *
+ * Saves keys from @mngr to  XML keys file.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
+    xmlSecKeyStorePtr store;
+    int ret;
+
+    xmlSecAssert2(mngr != NULL, -1);
+    xmlSecAssert2(filename != NULL, -1);
+
+    store = xmlSecKeysMngrGetKeysStore(mngr);
+    if(store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecSimpleKeysStoreSave(store, filename, type);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreSave",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGCryptAppGetDefaultPwdCallback:
+ *
+ * Gets default password callback.
+ *
+ * Returns: default password callback.
+ */
+void*
+xmlSecGCryptAppGetDefaultPwdCallback(void) {
+    return(NULL);
+}
+
diff --git a/src/gcrypt/asn1.c b/src/gcrypt/asn1.c
new file mode 100644
index 00000000..b1388420
--- /dev/null
+++ b/src/gcrypt/asn1.c
@@ -0,0 +1,602 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+#include "asn1.h"
+
+/**************************************************************************
+ *
+ * ASN.1 parser is taken from GCrypt tests
+ *
+ *************************************************************************/
+
+/* ASN.1 classes.  */
+enum
+{
+  UNIVERSAL = 0,
+  APPLICATION = 1,
+  ASNCONTEXT = 2,
+  PRIVATE = 3
+};
+
+
+/* ASN.1 tags.  */
+enum
+{
+  TAG_NONE = 0,
+  TAG_BOOLEAN = 1,
+  TAG_INTEGER = 2,
+  TAG_BIT_STRING = 3,
+  TAG_OCTET_STRING = 4,
+  TAG_NULL = 5,
+  TAG_OBJECT_ID = 6,
+  TAG_OBJECT_DESCRIPTOR = 7,
+  TAG_EXTERNAL = 8,
+  TAG_REAL = 9,
+  TAG_ENUMERATED = 10,
+  TAG_EMBEDDED_PDV = 11,
+  TAG_UTF8_STRING = 12,
+  TAG_REALTIVE_OID = 13,
+  TAG_SEQUENCE = 16,
+  TAG_SET = 17,
+  TAG_NUMERIC_STRING = 18,
+  TAG_PRINTABLE_STRING = 19,
+  TAG_TELETEX_STRING = 20,
+  TAG_VIDEOTEX_STRING = 21,
+  TAG_IA5_STRING = 22,
+  TAG_UTC_TIME = 23,
+  TAG_GENERALIZED_TIME = 24,
+  TAG_GRAPHIC_STRING = 25,
+  TAG_VISIBLE_STRING = 26,
+  TAG_GENERAL_STRING = 27,
+  TAG_UNIVERSAL_STRING = 28,
+  TAG_CHARACTER_STRING = 29,
+  TAG_BMP_STRING = 30
+};
+
+/* ASN.1 Parser object.  */
+struct tag_info
+{
+  int class;             /* Object class.  */
+  unsigned long tag;     /* The tag of the object.  */
+  unsigned long length;  /* Length of the values.  */
+  int nhdr;              /* Length of the header (TL).  */
+  unsigned int ndef:1;   /* The object has an indefinite length.  */
+  unsigned int cons:1;   /* This is a constructed object.  */
+};
+
+/* Parse the buffer at the address BUFFER which consists of the number
+   of octets as stored at BUFLEN.  Return the tag and the length part
+   from the TLV triplet.  Update BUFFER and BUFLEN on success.  Checks
+   that the encoded length does not exhaust the length of the provided
+   buffer. */
+static int
+xmlSecGCryptAsn1ParseTag (xmlSecByte const **buffer, xmlSecSize *buflen, struct tag_info *ti)
+{
+    int c;
+    unsigned long tag;
+    const xmlSecByte *buf;
+    xmlSecSize length;
+
+    xmlSecAssert2(buffer != NULL, -1);
+    xmlSecAssert2((*buffer) != NULL, -1);
+    xmlSecAssert2(buflen != NULL, -1);
+    xmlSecAssert2(ti != NULL, -1);
+
+    /* initialize */
+    buf = *buffer;
+    length = *buflen;
+
+    ti->length = 0;
+    ti->ndef = 0;
+    ti->nhdr = 0;
+
+    /* Get the tag */
+    if (length <= 0) {
+        return(-1); /* Premature EOF.  */
+    }
+    c = *buf++; 
+    length--;
+    ti->nhdr++;
+
+    ti->class = (c & 0xc0) >> 6;
+    ti->cons  = !!(c & 0x20);
+    tag       = (c & 0x1f);
+
+    if (tag == 0x1f) {
+        tag = 0;
+        do {
+            tag <<= 7;
+            if (length <= 0) {
+                return(-1); /* Premature EOF.  */
+            }
+            c = *buf++; 
+            length--;
+            ti->nhdr++;
+            tag |= (c & 0x7f);
+        } while ( (c & 0x80) );
+    }
+    ti->tag = tag;
+
+    /* Get the length */
+    if(length <= 0) {
+        return -1; /* Premature EOF. */
+    }
+    c = *buf++; 
+    length--;
+    ti->nhdr++;
+
+    if ( !(c & 0x80) ) {
+        ti->length = c;
+    } else if (c == 0x80) {
+        ti->ndef = 1;
+    } else if (c == 0xff) {
+        return -1; /* Forbidden length value.  */
+    } else {
+        xmlSecSize len = 0;
+        int count = c & 0x7f;
+
+        for (; count; count--) {
+            len <<= 8;
+            if (length <= 0) {
+                return -1; /* Premature EOF.  */
+            }
+            c = *buf++; length--;
+            ti->nhdr++;
+            len |= (c & 0xff);
+        }
+        ti->length = len;
+    }
+
+    if (ti->class == UNIVERSAL && !ti->tag) {
+        ti->length = 0;
+    }
+
+    if (ti->length > length) {
+        return(-1); /* Data larger than buffer.  */
+    }
+
+    /* done */
+    *buffer = buf;
+    *buflen = length;
+    return(0);
+}
+
+static int
+xmlSecGCryptAsn1ParseIntegerSequence(xmlSecByte const **buffer, xmlSecSize *buflen,
+                                     gcry_mpi_t * params, int params_size) {
+    const xmlSecByte *buf;
+    xmlSecSize length;
+    struct tag_info ti;
+    gcry_error_t err;
+    int idx = 0;
+    int ret;
+
+    xmlSecAssert2(buffer != NULL, -1);
+    xmlSecAssert2((*buffer) != NULL, -1);
+    xmlSecAssert2(buflen != NULL, -1);
+    xmlSecAssert2(params != NULL, -1);
+    xmlSecAssert2(params_size > 0, -1);
+
+    /* initialize */
+    buf = *buffer;
+    length = *buflen;
+
+    /* read SEQUENCE */
+    memset(&ti, 0, sizeof(ti));
+    ret = xmlSecGCryptAsn1ParseTag (&buf, &length, &ti);
+    if((ret != 0)  || (ti.tag != TAG_SEQUENCE) || ti.class || !ti.cons || ti.ndef) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsn1ParseTag",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "TAG_SEQUENCE is expected: tag=%d",
+                    (int)ti.tag);
+        return(-1);
+    }
+
+    /* read INTEGERs */
+    for (idx = 0; ((idx < params_size) && (length > 0)); idx++) {
+        memset(&ti, 0, sizeof(ti));
+        ret = xmlSecGCryptAsn1ParseTag (&buf, &length, &ti);
+        if((ret != 0) || (ti.tag != TAG_INTEGER) || ti.class || ti.cons || ti.ndef)
+        {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptAsn1ParseTag",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "TAG_INTEGER is expected - index=%d, tag=%d",
+                        (int)idx, (int)ti.tag);
+            return(-1);
+        }
+
+        err = gcry_mpi_scan(&(params[idx]), GCRYMPI_FMT_USG, buf, ti.length, NULL);
+        if((err != GPG_ERR_NO_ERROR) || (params[idx] == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_mpi_scan",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+        buf += ti.length;
+        length -= ti.length;
+    }
+
+    /* did we parse everything? */
+    if(length > 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsn1ParseTag",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "too many params - cur=%d, expected=%d",
+                    (int)(idx - 1), (int)params_size);
+        return(-1);
+    }
+
+    /* done */
+    *buffer = buf;
+    *buflen = length;
+    return(idx);
+}
+
+xmlSecKeyDataPtr
+xmlSecGCryptParseDer(const xmlSecByte * der, xmlSecSize derlen,
+                     enum xmlSecGCryptDerKeyType type) {
+    xmlSecKeyDataPtr key_data = NULL;
+    gcry_sexp_t s_pub_key = NULL;
+    gcry_sexp_t s_priv_key = NULL;
+    gcry_error_t err;
+    gcry_mpi_t keyparms[20];
+    int keyparms_num;
+    unsigned int idx;
+    int ret;
+
+    xmlSecAssert2(der != NULL, NULL);
+    xmlSecAssert2(derlen > 0, NULL);
+
+    /* Parse the ASN.1 structure.  */
+    memset(&keyparms, 0, sizeof(keyparms));
+    ret = xmlSecGCryptAsn1ParseIntegerSequence(
+        &der, &derlen,
+        keyparms,  sizeof(keyparms) / sizeof(keyparms[0])
+    );
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsn1ParseIntegerSequence",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    keyparms_num = ret;
+
+    /* The value of the first integer should be 0. */
+    if ((keyparms_num < 1) || (gcry_mpi_cmp_ui(keyparms[0], 0) != 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsn1ParseTag",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "num=%d",
+                    (int)keyparms_num);
+        goto done;
+    }
+
+    /* do we need to guess the key type? not robust but the best we can do */
+    if(type == xmlSecGCryptDerKeyTypeAuto) {
+        switch(keyparms_num) {
+        case 3:
+            /* Public RSA */
+            type = xmlSecGCryptDerKeyTypePublicRsa;
+        case 5:
+            /* Public DSA */
+            type = xmlSecGCryptDerKeyTypePublicDsa;
+        case 6:
+            /* Private DSA */
+            type = xmlSecGCryptDerKeyTypePrivateDsa;
+            break;
+        case 9:
+            /* Private RSA */
+            type = xmlSecGCryptDerKeyTypePrivateRsa;
+            break;
+        default:
+            /* unknown */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "Unexpected number of parameters, unknown key type",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "keyparms_num=%d", (int)keyparms_num);
+            goto done;
+        }
+    }
+
+
+    switch(type) {
+#ifndef XMLSEC_NO_DSA
+    case xmlSecGCryptDerKeyTypePrivateDsa:
+        /* check we have enough params */
+        if(keyparms_num != 6) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "Private DSA key: 6 parameters exepcted",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "parms_num=%d", (int)keyparms_num);
+            goto done;
+        }
+
+        /* Convert from OpenSSL parameter ordering to the OpenPGP order. */
+        /* First check that x < y; if not swap x and y  */
+        if (gcry_mpi_cmp (keyparms[4], keyparms[5]) > 0) {
+            gcry_mpi_swap (keyparms[4], keyparms[5]);
+        }
+
+        /* Build the S-expressions  */
+        err = gcry_sexp_build (&s_priv_key, NULL,
+                "(private-key(dsa(p%m)(q%m)(g%m)(x%m)(y%m)))",
+                keyparms[1], keyparms[2], keyparms[3], keyparms[4], keyparms[5]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_priv_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(private-key/dsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        err = gcry_sexp_build (&s_pub_key, NULL,
+                "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+                keyparms[1], keyparms[2], keyparms[3], keyparms[5]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(public-key/dsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        /* construct key and key data */
+        key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId);
+        if(key_data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataDsaId");
+            goto done;
+        }
+
+        ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(key_data, s_pub_key, s_priv_key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptKeyDataDsaAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataDsaId");
+            xmlSecKeyDataDestroy(key_data);
+            key_data = NULL;
+            goto done;
+        }
+        s_pub_key = NULL; /* owned by key_data now */
+        s_priv_key = NULL; /* owned by key_data now */
+        break;
+
+    case xmlSecGCryptDerKeyTypePublicDsa:
+        /* check we have enough params */
+        if(keyparms_num != 5) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "Public DSA key: 5 parameters exepcted",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "parms_num=%d", (int)keyparms_num);
+            goto done;
+        }
+
+        /* Build the S-expression.  */
+        err = gcry_sexp_build (&s_pub_key, NULL,
+                "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+                keyparms[2], keyparms[3], keyparms[4], keyparms[1]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(public-key/dsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        /* construct key and key data */
+        key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataDsaId);
+        if(key_data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataDsaId");
+            goto done;
+        }
+
+        ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(key_data, s_pub_key, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptKeyDataDsaAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataDsaId");
+            xmlSecKeyDataDestroy(key_data);
+            key_data = NULL;
+            goto done;
+        }
+        s_pub_key = NULL; /* owned by key_data now */
+        break;
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+    case xmlSecGCryptDerKeyTypePrivateRsa:
+        /* check we have enough params */
+        if(keyparms_num != 9) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "Private RSA key: 9 parameters exepcted",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "parms_num=%d", (int)keyparms_num);
+            goto done;
+        }
+
+        /* Convert from OpenSSL parameter ordering to the OpenPGP order. */
+        /* First check that p < q; if not swap p and q and recompute u.  */ 
+        if (gcry_mpi_cmp (keyparms[4], keyparms[5]) > 0) {
+            gcry_mpi_swap (keyparms[4], keyparms[5]);
+            gcry_mpi_invm (keyparms[8], keyparms[4], keyparms[5]);
+        }
+
+        /* Build the S-expression.  */
+        err = gcry_sexp_build (&s_priv_key, NULL,
+                         "(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
+                         keyparms[1], keyparms[2],
+                         keyparms[3], keyparms[4],
+                         keyparms[5], keyparms[8]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_priv_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(private-key/rsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        err = gcry_sexp_build (&s_pub_key, NULL,
+                         "(public-key(rsa(n%m)(e%m)))",
+                         keyparms[1], keyparms[2]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(public-key/rsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        /* construct key and key data */
+        key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId);
+        if(key_data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataRsaId");
+            goto done;
+        }
+
+        ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(key_data, s_pub_key, s_priv_key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptKeyDataRsaAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataRsaId");
+            xmlSecKeyDataDestroy(key_data);
+            key_data = NULL;
+            goto done;
+        }
+        s_pub_key = NULL; /* owned by key_data now */
+        s_priv_key = NULL; /* owned by key_data now */
+        break;
+
+    case xmlSecGCryptDerKeyTypePublicRsa:
+        /* check we have enough params */
+        if(keyparms_num != 3) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "Public RSA key: 3 parameters exepcted",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "parms_num=%d", (int)keyparms_num);
+            goto done;
+        }
+
+        /* Build the S-expression.  */
+        err = gcry_sexp_build (&s_pub_key, NULL,
+                         "(public-key(rsa(n%m)(e%m)))",
+                         keyparms[1], keyparms[2]
+        );
+        if((err != GPG_ERR_NO_ERROR) || (s_pub_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_sexp_build(public-key/rsa)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+
+        /* construct key and key data */
+        key_data = xmlSecKeyDataCreate(xmlSecGCryptKeyDataRsaId);
+        if(key_data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataRsaId");
+            goto done;
+        }
+
+        ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(key_data, s_pub_key, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGCryptKeyDataRsaAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGCryptKeyDataRsaId");
+            xmlSecKeyDataDestroy(key_data);
+            key_data = NULL;
+            goto done;
+        }
+        s_pub_key = NULL; /* owned by key_data now */
+        break;
+#endif /* XMLSEC_NO_RSA */
+
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "Unsupported key type",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=%d", (int)type);
+        goto done;
+        break;
+    }
+
+done:
+    if(s_priv_key != NULL) {
+        gcry_sexp_release(s_priv_key);
+    }
+    if(s_pub_key != NULL) {
+        gcry_sexp_release(s_pub_key);
+    }
+    for (idx = 0; idx < sizeof(keyparms) / sizeof(keyparms[0]); idx++) {
+        if(keyparms[idx] != NULL) {
+            gcry_mpi_release (keyparms[idx]);
+        }
+    }
+
+    return(key_data);
+}
diff --git a/src/gcrypt/asn1.h b/src/gcrypt/asn1.h
new file mode 100644
index 00000000..d05b5305
--- /dev/null
+++ b/src/gcrypt/asn1.h
@@ -0,0 +1,39 @@
+/*
+ * XML Security Library
+ *
+ * gcrypt/asn1.h: internal header only used during the compilation
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GCRYPT_ASN1_H__
+#define __XMLSEC_GCRYPT_ASN1_H__
+
+#ifndef XMLSEC_PRIVATE
+#error "gcrypt/asn1.h file contains private xmlsec-gcrypt definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+enum xmlSecGCryptDerKeyType {
+    xmlSecGCryptDerKeyTypeAuto = 0,
+    xmlSecGCryptDerKeyTypePublicDsa,
+    xmlSecGCryptDerKeyTypePublicRsa,
+    xmlSecGCryptDerKeyTypePrivateDsa,
+    xmlSecGCryptDerKeyTypePrivateRsa
+};
+
+xmlSecKeyDataPtr        xmlSecGCryptParseDer            (const xmlSecByte * der,
+                                                         xmlSecSize derlen,
+                                                         enum xmlSecGCryptDerKeyType type);
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+
+#endif /*__XMLSEC_GCRYPT_ASN1_H__ */
diff --git a/src/gcrypt/asymkeys.c b/src/gcrypt/asymkeys.c
new file mode 100644
index 00000000..8f0cec88
--- /dev/null
+++ b/src/gcrypt/asymkeys.c
@@ -0,0 +1,1920 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+/**************************************************************************
+ *
+ * Helpers
+ *
+ *************************************************************************/
+static gcry_sexp_t             xmlSecGCryptAsymSExpDup    (gcry_sexp_t sexp);
+
+
+/**************************************************************************
+ *
+ * Internal GCrypt asym key CTX
+ *
+ *************************************************************************/
+typedef struct _xmlSecGCryptAsymKeyDataCtx       xmlSecGCryptAsymKeyDataCtx,
+                                                *xmlSecGCryptAsymKeyDataCtxPtr;
+struct _xmlSecGCryptAsymKeyDataCtx {
+    gcry_sexp_t pub_key;
+    gcry_sexp_t priv_key;
+};
+
+/******************************************************************************
+ *
+ * Asym key (dsa/rsa)
+ *
+ * xmlSecGCryptAsymKeyDataCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecGCryptAsymKeyDataSize     \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecGCryptAsymKeyDataCtx))
+#define xmlSecGCryptAsymKeyDataGetCtx(data) \
+    ((xmlSecGCryptAsymKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+
+static int              xmlSecGCryptAsymKeyDataInitialize       (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptAsymKeyDataDuplicate        (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecGCryptAsymKeyDataFinalize         (xmlSecKeyDataPtr data);
+
+static int              xmlSecGCryptAsymKeyDataAdoptKey         (xmlSecKeyDataPtr data,
+                                                                 gcry_sexp_t key_pair);
+static int              xmlSecGCryptAsymKeyDataAdoptKeyPair     (xmlSecKeyDataPtr data,
+                                                                 gcry_sexp_t pub_key,
+                                                                 gcry_sexp_t priv_key);
+static gcry_sexp_t      xmlSecGCryptAsymKeyDataGetPublicKey     (xmlSecKeyDataPtr data);
+static gcry_sexp_t      xmlSecGCryptAsymKeyDataGetPrivateKey    (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptAsymKeyDataGenerate         (xmlSecKeyDataPtr data,
+                                                                 const char * alg,
+                                                                 xmlSecSize key_size);
+static xmlSecKeyDataType xmlSecGCryptAsymKeyDataGetType         (xmlSecKeyDataPtr data);
+static xmlSecSize       xmlSecGCryptAsymKeyDataGetSize          (xmlSecKeyDataPtr data);
+
+
+static int
+xmlSecGCryptAsymKeyDataInitialize(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), -1);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGCryptAsymKeyDataCtx));
+
+    return(0);
+}
+
+static int
+xmlSecGCryptAsymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctxDst;
+    xmlSecGCryptAsymKeyDataCtxPtr ctxSrc;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(dst), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(dst, xmlSecGCryptAsymKeyDataSize), -1);
+    xmlSecAssert2(xmlSecKeyDataIsValid(src), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(src, xmlSecGCryptAsymKeyDataSize), -1);
+
+    ctxDst = xmlSecGCryptAsymKeyDataGetCtx(dst);
+    xmlSecAssert2(ctxDst != NULL, -1);
+    xmlSecAssert2(ctxDst->pub_key == NULL, -1);
+    xmlSecAssert2(ctxDst->priv_key == NULL, -1);
+
+    ctxSrc = xmlSecGCryptAsymKeyDataGetCtx(src);
+    xmlSecAssert2(ctxSrc != NULL, -1);
+
+    if(ctxSrc->pub_key != NULL) {
+        ctxDst->pub_key = xmlSecGCryptAsymSExpDup(ctxSrc->pub_key);
+        if(ctxDst->pub_key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecGCryptAsymSExpDup(pub_key)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    if(ctxSrc->priv_key != NULL) {
+        ctxDst->priv_key = xmlSecGCryptAsymSExpDup(ctxSrc->priv_key);
+        if(ctxDst->priv_key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecGCryptAsymSExpDup(priv_key)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    return(0);
+}
+
+static void
+xmlSecGCryptAsymKeyDataFinalize(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert(xmlSecKeyDataIsValid(data));
+    xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize));
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->pub_key != NULL) {
+        gcry_sexp_release(ctx->pub_key);
+    }
+    if(ctx->priv_key != NULL) {
+        gcry_sexp_release(ctx->priv_key);
+    }
+    memset(ctx, 0, sizeof(xmlSecGCryptAsymKeyDataCtx));
+}
+
+static int
+xmlSecGCryptAsymKeyDataAdoptKey(xmlSecKeyDataPtr data, gcry_sexp_t key_pair) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+    gcry_sexp_t pub_key = NULL;
+    gcry_sexp_t priv_key = NULL;
+    int res = -1;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), -1);
+    xmlSecAssert2(key_pair != NULL, -1);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    /* split the key pair, public part should be always present, private might 
+       not be present */
+    pub_key = gcry_sexp_find_token(key_pair, "public-key", 0);
+    if(pub_key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(public-key)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    priv_key = gcry_sexp_find_token(key_pair, "private-key", 0);
+
+    /* assign */
+    if(xmlSecGCryptAsymKeyDataAdoptKeyPair(data, pub_key, priv_key) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsymKeyDataAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    pub_key = NULL; /* data owns it now */
+    priv_key = NULL; /* data owns it now */
+
+    /* success */
+    res = 0;
+
+done:
+    if(pub_key != NULL) {
+        gcry_sexp_release(pub_key);
+    }
+
+    if(priv_key != NULL) {
+        gcry_sexp_release(priv_key);
+    }
+
+    /* done */
+    return(res);
+}
+
+static int
+xmlSecGCryptAsymKeyDataAdoptKeyPair(xmlSecKeyDataPtr data, gcry_sexp_t pub_key, gcry_sexp_t priv_key) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), -1);
+    xmlSecAssert2(pub_key != NULL, -1); /* public key should present always */
+/*
+    aleksey - we don't set optional parameters for RSA keys (p, k, u) and
+    because of that we can't actually test the key
+
+    xmlSecAssert2(((priv_key == NULL) || (gcry_pk_testkey(priv_key) == GPG_ERR_NO_ERROR)), -1);
+*/
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    /* release prev values and assign new ones */
+    if(ctx->pub_key != NULL) {
+        gcry_sexp_release(ctx->pub_key);
+    }
+    if(ctx->priv_key != NULL) {
+        gcry_sexp_release(ctx->priv_key);
+    }
+
+    ctx->pub_key = pub_key;
+    ctx->priv_key = priv_key;
+
+    /* done */
+    return(0);
+}
+
+static gcry_sexp_t
+xmlSecGCryptAsymKeyDataGetPublicKey(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), NULL);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), NULL);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    return(ctx->pub_key);
+}
+
+static gcry_sexp_t
+xmlSecGCryptAsymKeyDataGetPrivateKey(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), NULL);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), NULL);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    return(ctx->priv_key);
+}
+
+static int
+xmlSecGCryptAsymKeyDataGenerate(xmlSecKeyDataPtr data, const char * alg, xmlSecSize key_size) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+    gcry_sexp_t key_spec = NULL;
+    gcry_sexp_t key_pair = NULL;
+    gcry_error_t err;
+    int ret;
+    int res = -1;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), -1);
+    xmlSecAssert2(alg != NULL, -1);
+    xmlSecAssert2(key_size > 0, -1);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    err = gcry_sexp_build(&key_spec, NULL,
+                          "(genkey (%s (nbits %d)(transient-key)))",
+                          alg, (int)key_size);
+    if((err != GPG_ERR_NO_ERROR) || (key_spec == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(genkey)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    err = gcry_pk_genkey(&key_pair, key_spec);
+    if((err != GPG_ERR_NO_ERROR) || (key_pair == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_pk_genkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    ret = xmlSecGCryptAsymKeyDataAdoptKey(data, key_pair);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAsymKeyDataAdopt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", (int)ret);
+        goto done;
+    }
+    key_pair = NULL; /* now owned by data */
+
+    /* success */
+    res = 0;
+
+done:
+    if(key_spec != NULL) {
+        gcry_sexp_release(key_spec);
+    }
+    if(key_pair != NULL) {
+        gcry_sexp_release(key_pair);
+    }
+
+    return(res);
+}
+
+static xmlSecKeyDataType
+xmlSecGCryptAsymKeyDataGetType(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), xmlSecKeyDataTypeUnknown);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
+
+    if((ctx->priv_key != NULL) && (ctx->pub_key != NULL)) {
+        return (xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+    } else if(ctx->pub_key != NULL) {
+        return (xmlSecKeyDataTypePublic);
+    }
+
+    return (xmlSecKeyDataTypeUnknown);
+}
+
+static xmlSecSize
+xmlSecGCryptAsymKeyDataGetSize(xmlSecKeyDataPtr data) {
+    xmlSecGCryptAsymKeyDataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
+    xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecGCryptAsymKeyDataSize), xmlSecKeyDataTypeUnknown);
+
+    ctx = xmlSecGCryptAsymKeyDataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, 0);
+
+    /* use pub key since it is more often you have it than not */
+    return (ctx->pub_key != NULL) ? gcry_pk_get_nbits(ctx->pub_key) : 0;
+}
+
+/******************************************************************************
+ *
+ * helper functions
+ *
+ *****************************************************************************/
+static gcry_sexp_t
+xmlSecGCryptAsymSExpDup(gcry_sexp_t pKey) {
+    gcry_sexp_t res = NULL;
+    xmlSecByte *buf = NULL;
+    gcry_error_t err;
+    size_t size;
+
+    xmlSecAssert2(pKey != NULL, NULL);
+
+    size = gcry_sexp_sprint(pKey, GCRYSEXP_FMT_ADVANCED, NULL, 0);
+    if(size == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_sprint",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    buf = (xmlSecByte *)xmlMalloc(size);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)size);
+        goto done;
+    }
+
+    size = gcry_sexp_sprint(pKey, GCRYSEXP_FMT_ADVANCED, buf, size);
+    if(size == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_sprint",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", (int)size);
+        goto done;
+    }
+
+    err = gcry_sexp_new(&res, buf, size, 1);
+    if((err != GPG_ERR_NO_ERROR) || (res == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+done:
+    if(buf != NULL) {
+        xmlFree(buf);
+    }
+    return (res);
+}
+
+/**
+ * xmlSecGCryptNodeGetMpiValue:
+ * @cur: the poitner to an XML node.
+ *
+ * Converts the node content from CryptoBinary format
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
+ * to a BIGNUM. If no BIGNUM buffer provided then a new
+ * BIGNUM is created (caller is responsible for freeing it).
+ *
+ * Returns: a pointer to MPI produced from CryptoBinary string
+ * or NULL if an error occurs.
+ */
+static gcry_mpi_t
+xmlSecGCryptNodeGetMpiValue(const xmlNodePtr cur) {
+    xmlSecBuffer buf;
+    gcry_mpi_t res = NULL;
+    gcry_error_t err;
+    int ret;
+
+    xmlSecAssert2(cur != NULL, NULL);
+
+    ret = xmlSecBufferInitialize(&buf, 128);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(NULL);
+    }
+
+    err = gcry_mpi_scan(&res, GCRYMPI_FMT_USG,
+                         xmlSecBufferGetData(&buf),
+                         xmlSecBufferGetSize(&buf),
+                         NULL);
+    if((err != GPG_ERR_NO_ERROR) || (res == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        xmlSecBufferFinalize(&buf);
+        return(NULL);
+    }
+
+    /* done */
+    xmlSecBufferFinalize(&buf);
+    return(res);
+}
+
+/**
+ * xmlSecGCryptNodeSetMpiValue:
+ * @cur: the pointer to an XML node.
+ * @a: the mpi value
+ * @addLineBreaks: if the flag is equal to 1 then
+ *              linebreaks will be added before and after
+ *              new buffer content.
+ *
+ * Converts MPI to CryptoBinary string
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
+ * and sets it as the content of the given node. If the
+ * addLineBreaks is set then line breaks are added
+ * before and after the CryptoBinary string.
+ *
+ * Returns: 0 on success or -1 otherwise.
+ */
+static int
+xmlSecGCryptNodeSetMpiValue(xmlNodePtr cur, const gcry_mpi_t a, int addLineBreaks) {
+    xmlSecBuffer buf;
+    gcry_error_t err;
+    size_t written = 0;
+    int ret;
+
+    xmlSecAssert2(a != NULL, -1);
+    xmlSecAssert2(cur != NULL, -1);
+
+    written = 0;
+    err = gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &written, a);
+    if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_print",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    ret = xmlSecBufferInitialize(&buf, written + 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", (int)written + 1);
+        return(-1);
+    }
+
+    written = 0;
+    err = gcry_mpi_print(GCRYMPI_FMT_USG,
+            xmlSecBufferGetData(&buf),
+            xmlSecBufferGetMaxSize(&buf),
+            &written, a);
+    if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_print",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
+    }
+
+    ret = xmlSecBufferSetSize(&buf, written);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "written=%d", (int)written);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
+    }
+
+    if(addLineBreaks) {
+        xmlNodeSetContent(cur, xmlSecStringCR);
+    } else {
+        xmlNodeSetContent(cur, xmlSecStringEmpty);
+    }
+
+    ret = xmlSecBufferBase64NodeContentWrite(&buf, cur, xmlSecBase64GetDefaultLineSize());
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
+    }
+
+    if(addLineBreaks) {
+        xmlNodeAddContent(cur, xmlSecStringCR);
+    }
+
+    xmlSecBufferFinalize(&buf);
+    return(0);
+}
+
+/**
+ * xmlSecGCryptNodeSetSExpTokValue:
+ * @cur: the pointer to an XML node.
+ * @sexp: the sexp
+ * @tok: the token
+ * @addLineBreaks: if the flag is equal to 1 then
+ *              linebreaks will be added before and after
+ *              new buffer content.
+ *
+ * Converts MPI to CryptoBinary string
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
+ * and sets it as the content of the given node. If the
+ * addLineBreaks is set then line breaks are added
+ * before and after the CryptoBinary string.
+ *
+ * Returns: 0 on success or -1 otherwise.
+ */
+static int
+xmlSecGCryptNodeSetSExpTokValue(xmlNodePtr cur, const gcry_sexp_t sexp,
+                                const char * tok, int addLineBreaks)
+{
+    gcry_sexp_t val = NULL;
+    gcry_mpi_t mpi = NULL;
+    int res = -1;
+
+    xmlSecAssert2(cur != NULL, -1);
+    xmlSecAssert2(sexp != NULL, -1);
+    xmlSecAssert2(tok != NULL, -1);
+
+    val = gcry_sexp_find_token(sexp, tok, 0);
+    if(val == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "tok=%s",
+                    xmlSecErrorsSafeString(tok));
+        goto done;
+    }
+
+    mpi = gcry_sexp_nth_mpi(val, 1, GCRYMPI_FMT_USG);
+    if(mpi == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_nth_mpi",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "tok=%s",
+                    xmlSecErrorsSafeString(tok));
+        goto done;
+    }
+
+    /* almost done */
+    res = xmlSecGCryptNodeSetMpiValue(cur, mpi, addLineBreaks);
+
+done:
+    if(mpi != NULL) {
+        gcry_mpi_release(mpi);
+    }
+    if(val != NULL) {
+        gcry_sexp_release(val);
+    }
+
+    return(res);
+}
+
+#ifndef XMLSEC_NO_DSA
+/**************************************************************************
+ *
+ * <dsig:DSAKeyValue> processing
+ *
+ *
+ * The DSAKeyValue Element (http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue)
+ *
+ * DSA keys and the DSA signature algorithm are specified in [DSS].
+ * DSA public key values can have the following fields:
+ *
+ *   * P - a prime modulus meeting the [DSS] requirements
+ *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime
+ *         divisor of P-1
+ *   * G - an integer with certain properties with respect to P and Q
+ *   * Y - G**X mod P (where X is part of the private key and not made
+ *         public)
+ *   * J - (P - 1) / Q
+ *   * seed - a DSA prime generation seed
+ *   * pgenCounter - a DSA prime generation counter
+ *
+ * Parameter J is available for inclusion solely for efficiency as it is
+ * calculatable from P and Q. Parameters seed and pgenCounter are used in the
+ * DSA prime number generation algorithm specified in [DSS]. As such, they are
+ * optional but must either both be present or both be absent. This prime
+ * generation algorithm is designed to provide assurance that a weak prime is
+ * not being used and it yields a P and Q value. Parameters P, Q, and G can be
+ * public and common to a group of users. They might be known from application
+ * context. As such, they are optional but P and Q must either both appear or
+ * both be absent. If all of P, Q, seed, and pgenCounter are present,
+ * implementations are not required to check if they are consistent and are
+ * free to use either P and Q or seed and pgenCounter. All parameters are
+ * encoded as base64 [MIME] values.
+ *
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
+ * represented in XML as octet strings as defined by the ds:CryptoBinary type.
+ *
+ * Schema Definition:
+ *
+ * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+ * <complexType name="DSAKeyValueType">
+ *   <sequence>
+ *     <sequence minOccurs="0">
+ *        <element name="P" type="ds:CryptoBinary"/>
+ *        <element name="Q" type="ds:CryptoBinary"/>
+ *     </sequence>
+ *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+ *     <element name="Y" type="ds:CryptoBinary"/>
+ *     <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+ *     <sequence minOccurs="0">
+ *       <element name="Seed" type="ds:CryptoBinary"/>
+ *       <element name="PgenCounter" type="ds:CryptoBinary"/>
+ *     </sequence>
+ *   </sequence>
+ * </complexType>
+ *
+ * DTD Definition:
+ *
+ *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
+ *  <!ELEMENT P (#PCDATA) >
+ *  <!ELEMENT Q (#PCDATA) >
+ *  <!ELEMENT G (#PCDATA) >
+ *  <!ELEMENT Y (#PCDATA) >
+ *  <!ELEMENT J (#PCDATA) >
+ *  <!ELEMENT Seed (#PCDATA) >
+ *  <!ELEMENT PgenCounter (#PCDATA) >
+ *
+ * ============================================================================
+ *
+ * To support reading/writing private keys an X element added (before Y).
+ * todo: The current implementation does not support Seed and PgenCounter!
+ * by this the P, Q and G are *required*!
+ *
+ *************************************************************************/
+static int              xmlSecGCryptKeyDataDsaInitialize        (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptKeyDataDsaDuplicate         (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecGCryptKeyDataDsaFinalize          (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptKeyDataDsaXmlRead           (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGCryptKeyDataDsaXmlWrite          (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGCryptKeyDataDsaGenerate          (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecGCryptKeyDataDsaGetType          (xmlSecKeyDataPtr data);
+static xmlSecSize       xmlSecGCryptKeyDataDsaGetSize           (xmlSecKeyDataPtr data);
+static void             xmlSecGCryptKeyDataDsaDebugDump         (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecGCryptKeyDataDsaDebugXmlDump      (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+
+static xmlSecKeyDataKlass xmlSecGCryptKeyDataDsaKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecGCryptAsymKeyDataSize,
+
+    /* data */
+    xmlSecNameDSAKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDSAKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDSAKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGCryptKeyDataDsaInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGCryptKeyDataDsaDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGCryptKeyDataDsaFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecGCryptKeyDataDsaGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGCryptKeyDataDsaGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecGCryptKeyDataDsaGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGCryptKeyDataDsaXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGCryptKeyDataDsaXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGCryptKeyDataDsaDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGCryptKeyDataDsaDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptKeyDataDsaGetKlass:
+ *
+ * The DSA key data klass.
+ *
+ * Returns: pointer to DSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGCryptKeyDataDsaGetKlass(void) {
+    return(&xmlSecGCryptKeyDataDsaKlass);
+}
+
+/**
+ * xmlSecGCryptKeyDataDsaAdoptKey:
+ * @data:               the pointer to DSA key data.
+ * @dsa_key:            the pointer to GCrypt DSA key.
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptKeyDataDsaAdoptKey(xmlSecKeyDataPtr data, gcry_sexp_t dsa_key) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), -1);
+    xmlSecAssert2(dsa_key != NULL, -1);
+
+    return xmlSecGCryptAsymKeyDataAdoptKey(data, dsa_key);
+}
+
+
+/**
+ * xmlSecGCryptKeyDataDsaAdoptKeyPair:
+ * @data:               the pointer to DSA key data.
+ * @pub_key:            the pointer to GCrypt DSA pub key.
+ * @priv_key:           the pointer to GCrypt DSA priv key.
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptKeyDataDsaAdoptKeyPair(xmlSecKeyDataPtr data, gcry_sexp_t pub_key, gcry_sexp_t priv_key) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), -1);
+    xmlSecAssert2(pub_key != NULL, -1);
+
+    return xmlSecGCryptAsymKeyDataAdoptKeyPair(data, pub_key, priv_key);
+}
+
+/**
+ * xmlSecGCryptKeyDataDsaGetPublicKey:
+ * @data:               the pointer to DSA key data.
+ *
+ * Gets the GCrypt DSA public key from DSA key data.
+ *
+ * Returns: pointer to GCrypt public DSA key or NULL if an error occurs.
+ */
+gcry_sexp_t
+xmlSecGCryptKeyDataDsaGetPublicKey(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), NULL);
+    return xmlSecGCryptAsymKeyDataGetPublicKey(data);
+}
+
+/**
+ * xmlSecGCryptKeyDataDsaGetPrivateKey:
+ * @data:               the pointer to DSA key data.
+ *
+ * Gets the GCrypt DSA private key from DSA key data.
+ *
+ * Returns: pointer to GCrypt private DSA key or NULL if an error occurs.
+ */
+gcry_sexp_t
+xmlSecGCryptKeyDataDsaGetPrivateKey(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), NULL);
+    return xmlSecGCryptAsymKeyDataGetPrivateKey(data);
+}
+
+static int
+xmlSecGCryptKeyDataDsaInitialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), -1);
+
+    return(xmlSecGCryptAsymKeyDataInitialize(data));
+}
+
+static int
+xmlSecGCryptKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecGCryptKeyDataDsaId), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecGCryptKeyDataDsaId), -1);
+
+    return(xmlSecGCryptAsymKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecGCryptKeyDataDsaFinalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId));
+
+    xmlSecGCryptAsymKeyDataFinalize(data);
+}
+
+static int
+xmlSecGCryptKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), -1);
+    xmlSecAssert2(sizeBits > 0, -1);
+
+    return xmlSecGCryptAsymKeyDataGenerate(data, "dsa", sizeBits);
+}
+
+static xmlSecKeyDataType
+xmlSecGCryptKeyDataDsaGetType(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), xmlSecKeyDataTypeUnknown);
+
+    return xmlSecGCryptAsymKeyDataGetType(data);
+}
+
+static xmlSecSize
+xmlSecGCryptKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId), 0);
+
+    return xmlSecGCryptAsymKeyDataGetSize(data);
+}
+
+static void
+xmlSecGCryptKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== dsa key: size = %d\n",
+            xmlSecGCryptKeyDataDsaGetSize(data));
+}
+
+static void
+xmlSecGCryptKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
+            xmlSecGCryptKeyDataDsaGetSize(data));
+}
+
+static int
+xmlSecGCryptKeyDataDsaXmlRead(xmlSecKeyDataId id,
+                              xmlSecKeyPtr key,
+                              xmlNodePtr node,
+                              xmlSecKeyInfoCtxPtr keyInfoCtx)
+{
+    xmlNodePtr cur;
+    xmlSecKeyDataPtr data = NULL;
+    gcry_mpi_t p = NULL;
+    gcry_mpi_t q = NULL;
+    gcry_mpi_t g = NULL;
+    gcry_mpi_t x = NULL;
+    gcry_mpi_t y = NULL;
+    gcry_sexp_t pub_key = NULL;
+    gcry_sexp_t priv_key = NULL;
+    gcry_error_t err;
+    int res = -1;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    if(xmlSecKeyGetValue(key) != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    cur = xmlSecGetNextElementNode(node->children);
+
+    /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeDSAP, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
+    }
+    p = xmlSecGCryptNodeGetMpiValue(cur);
+    if(p == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
+    }
+    q = xmlSecGCryptNodeGetMpiValue(cur);
+    if(q == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
+    }
+    g = xmlSecGCryptNodeGetMpiValue(cur);
+    if(g == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
+        /* next is X node. It is REQUIRED for private key but
+         * we are not sure exactly what do we read */
+        x = xmlSecGCryptNodeGetMpiValue(cur);
+        if(x == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptNodeGetMpiValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            goto done;
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    /* next is Y node. */
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
+    }
+    y = xmlSecGCryptNodeGetMpiValue(cur);
+    if(y == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    /* todo: add support for J */
+    if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    /* todo: add support for seed */
+    if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    /* todo: add support for pgencounter */
+    if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    if(cur != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+
+    /* construct pub/priv key pairs */
+    err = gcry_sexp_build(&pub_key, NULL,
+             "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+             p, q, g, y);
+    if((err != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "gcry_sexp_build(public)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+    if(x != NULL) {
+        err = gcry_sexp_build(&priv_key, NULL,
+                 "(private-key(dsa(p%m)(q%m)(g%m)(x%m)(y%m)))",
+                 p, q, g, x, y);
+        if((err != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "gcry_sexp_build(private)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+    }
+
+    /* create key data */
+    data = xmlSecKeyDataCreate(id);
+    if(data == NULL ) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(data, pub_key, priv_key);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGCryptKeyDataDsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    pub_key = NULL; /* pub_key is owned by data now */
+    priv_key = NULL; /* priv_key is owned by data now */
+
+    /* set key */
+    ret = xmlSecKeySetValue(key, data);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    data = NULL; /* data is owned by key now */
+
+    /* success */
+    res = 0;
+
+done:
+    /* cleanup */
+    if(p != NULL) {
+        gcry_mpi_release(p);
+    }
+
+    if(q != NULL) {
+        gcry_mpi_release(q);
+    }
+
+    if(g != NULL) {
+        gcry_mpi_release(g);
+    }
+
+    if(x != NULL) {
+        gcry_mpi_release(x);
+    }
+
+    if(y != NULL) {
+        gcry_mpi_release(y);
+    }
+
+    if(pub_key != NULL) {
+        gcry_sexp_release(pub_key);
+    }
+
+    if(priv_key != NULL) {
+        gcry_sexp_release(priv_key);
+    }
+
+    if(data != NULL) {
+        xmlSecKeyDataDestroy(data);
+    }
+    return(res);
+}
+
+static int
+xmlSecGCryptKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlNodePtr cur;
+    gcry_sexp_t pub_priv_key;
+    gcry_sexp_t dsa = NULL;
+    int private = 0;
+    int res = -1;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGCryptKeyDataDsaId, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataDsaId), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
+        /* we can have only private key or public key */
+        return(0);
+    }
+
+    /* find the private or public key */
+    pub_priv_key = xmlSecGCryptKeyDataDsaGetPrivateKey(xmlSecKeyGetValue(key));
+    if(pub_priv_key == NULL) {
+        pub_priv_key = xmlSecGCryptKeyDataDsaGetPublicKey(xmlSecKeyGetValue(key));
+        if(pub_priv_key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptKeyDataDsaGetPublicKey()",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+    } else {
+        private = 1;
+    }
+
+    dsa = gcry_sexp_find_token(pub_priv_key, "dsa", 0);
+    if(dsa == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "gcry_sexp_find_token(dsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* first is P node */
+    cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "p", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
+    }
+
+    /* next is Q node. */
+    cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "q", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
+    }
+
+    /* next is G node. */
+    cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "g", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
+    }
+
+    /* next is X node: write it ONLY for private keys and ONLY if it is requested */
+    if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (private != 0)) {
+        cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            goto done;
+        }
+        ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "x", 1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptNodeSetSExpTokValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            goto done;
+        }
+    }
+
+    /* next is Y node. */
+    cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, dsa, "y", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
+    }
+
+    /* success */
+    res = 0;
+
+done:
+    if(dsa != NULL) {
+        gcry_sexp_release(dsa);
+    }
+
+    return(res);
+}
+
+#endif /* XMLSEC_NO_DSA */
+
+
+#ifndef XMLSEC_NO_RSA
+/**************************************************************************
+ *
+ * <dsig:RSAKeyValue> processing
+ *
+ * http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue
+ * The RSAKeyValue Element
+ *
+ * RSA key values have two fields: Modulus and Exponent.
+ *
+ * <RSAKeyValue>
+ *   <Modulus>xA7SEU+e0yQH5rm9kbCDN9o3aPIo7HbP7tX6WOocLZAtNfyxSZDU16ksL6W
+ *     jubafOqNEpcwR3RdFsT7bCqnXPBe5ELh5u4VEy19MzxkXRgrMvavzyBpVRgBUwUlV
+ *        5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
+ *   </Modulus>
+ *   <Exponent>AQAB</Exponent>
+ * </RSAKeyValue>
+ *
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
+ * represented in XML as octet strings as defined by the ds:CryptoBinary type.
+ *
+ * Schema Definition:
+ *
+ * <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+ * <complexType name="RSAKeyValueType">
+ *   <sequence>
+ *     <element name="Modulus" type="ds:CryptoBinary"/>
+ *     <element name="Exponent" type="ds:CryptoBinary"/>
+ *   </sequence>
+ * </complexType>
+ *
+ * DTD Definition:
+ *
+ * <!ELEMENT RSAKeyValue (Modulus, Exponent) >
+ * <!ELEMENT Modulus (#PCDATA) >
+ * <!ELEMENT Exponent (#PCDATA) >
+ *
+ * ============================================================================
+ *
+ * To support reading/writing private keys an PrivateExponent element is added
+ * to the end
+ *
+ *************************************************************************/
+
+static int              xmlSecGCryptKeyDataRsaInitialize       (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptKeyDataRsaDuplicate        (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecGCryptKeyDataRsaFinalize         (xmlSecKeyDataPtr data);
+static int              xmlSecGCryptKeyDataRsaXmlRead          (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGCryptKeyDataRsaXmlWrite         (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGCryptKeyDataRsaGenerate         (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecGCryptKeyDataRsaGetType         (xmlSecKeyDataPtr data);
+static xmlSecSize               xmlSecGCryptKeyDataRsaGetSize          (xmlSecKeyDataPtr data);
+static void             xmlSecGCryptKeyDataRsaDebugDump        (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecGCryptKeyDataRsaDebugXmlDump     (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static xmlSecKeyDataKlass xmlSecGCryptKeyDataRsaKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecGCryptAsymKeyDataSize,
+
+    /* data */
+    xmlSecNameRSAKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRSAKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeRSAKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGCryptKeyDataRsaInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGCryptKeyDataRsaDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGCryptKeyDataRsaFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecGCryptKeyDataRsaGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGCryptKeyDataRsaGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecGCryptKeyDataRsaGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGCryptKeyDataRsaXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGCryptKeyDataRsaXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGCryptKeyDataRsaDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGCryptKeyDataRsaDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptKeyDataRsaGetKlass:
+ *
+ * The GCrypt RSA key data klass.
+ *
+ * Returns: pointer to GCrypt RSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGCryptKeyDataRsaGetKlass(void) {
+    return(&xmlSecGCryptKeyDataRsaKlass);
+}
+
+/**
+ * xmlSecGCryptKeyDataRsaAdoptKey:
+ * @data:               the pointer to RSA key data.
+ * @rsa_key:            the pointer to GCrypt RSA key.
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptKeyDataRsaAdoptKey(xmlSecKeyDataPtr data, gcry_sexp_t rsa_key) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), -1);
+    xmlSecAssert2(rsa_key != NULL, -1);
+
+    return xmlSecGCryptAsymKeyDataAdoptKey(data, rsa_key);
+}
+
+
+/**
+ * xmlSecGCryptKeyDataRsaAdoptKeyPair:
+ * @data:               the pointer to RSA key data.
+ * @pub_key:            the pointer to GCrypt RSA pub key.
+ * @priv_key:           the pointer to GCrypt RSA priv key.
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptKeyDataRsaAdoptKeyPair(xmlSecKeyDataPtr data, gcry_sexp_t pub_key, gcry_sexp_t priv_key) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), -1);
+    xmlSecAssert2(pub_key != NULL, -1);
+
+    return xmlSecGCryptAsymKeyDataAdoptKeyPair(data, pub_key, priv_key);
+}
+
+/**
+ * xmlSecGCryptKeyDataRsaGetPublicKey:
+ * @data:               the pointer to RSA key data.
+ *
+ * Gets the GCrypt RSA public key from RSA key data.
+ *
+ * Returns: pointer to GCrypt public RSA key or NULL if an error occurs.
+ */
+gcry_sexp_t
+xmlSecGCryptKeyDataRsaGetPublicKey(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), NULL);
+    return xmlSecGCryptAsymKeyDataGetPublicKey(data);
+}
+
+/**
+ * xmlSecGCryptKeyDataRsaGetPrivateKey:
+ * @data:               the pointer to RSA key data.
+ *
+ * Gets the GCrypt RSA private key from RSA key data.
+ *
+ * Returns: pointer to GCrypt private RSA key or NULL if an error occurs.
+ */
+gcry_sexp_t
+xmlSecGCryptKeyDataRsaGetPrivateKey(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), NULL);
+    return xmlSecGCryptAsymKeyDataGetPrivateKey(data);
+}
+
+static int
+xmlSecGCryptKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), -1);
+
+    return(xmlSecGCryptAsymKeyDataInitialize(data));
+}
+
+static int
+xmlSecGCryptKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecGCryptKeyDataRsaId), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecGCryptKeyDataRsaId), -1);
+
+    return(xmlSecGCryptAsymKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecGCryptKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId));
+
+    xmlSecGCryptAsymKeyDataFinalize(data);
+}
+
+static int
+xmlSecGCryptKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), -1);
+    xmlSecAssert2(sizeBits > 0, -1);
+
+    return xmlSecGCryptAsymKeyDataGenerate(data, "rsa", sizeBits);
+}
+
+static xmlSecKeyDataType
+xmlSecGCryptKeyDataRsaGetType(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), xmlSecKeyDataTypeUnknown);
+
+    return xmlSecGCryptAsymKeyDataGetType(data);
+}
+
+static xmlSecSize
+xmlSecGCryptKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId), 0);
+
+    return xmlSecGCryptAsymKeyDataGetSize(data);
+}
+
+static void
+xmlSecGCryptKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== rsa key: size = %d\n",
+            xmlSecGCryptKeyDataRsaGetSize(data));
+}
+
+static void
+xmlSecGCryptKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataRsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
+            xmlSecGCryptKeyDataRsaGetSize(data));
+}
+
+static int
+xmlSecGCryptKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlNodePtr cur;
+    xmlSecKeyDataPtr data = NULL;
+    gcry_mpi_t n = NULL;
+    gcry_mpi_t e = NULL;
+    gcry_mpi_t d = NULL;
+    gcry_sexp_t pub_key = NULL;
+    gcry_sexp_t priv_key = NULL;
+    gcry_error_t err;
+    int res = -1;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    if(xmlSecKeyGetValue(key) != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    "key already has a value");
+        goto done;
+    }
+
+    cur = xmlSecGetNextElementNode(node->children);
+
+    /* first is Modulus node. It is REQUIRED */
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeRSAModulus, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        goto done;
+    }
+    n = xmlSecGCryptNodeGetMpiValue(cur);
+    if(n == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    /* next is Exponent node. It is REQUIRED */
+    if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        goto done;
+    }
+    e = xmlSecGCryptNodeGetMpiValue(cur);
+    if(e == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeGetMpiValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        goto done;
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
+        /* next is PrivateExponent node. It is REQUIRED for private key */
+        d = xmlSecGCryptNodeGetMpiValue(cur);
+        if(d == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptNodeGetMpiValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+            goto done;
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    if(cur != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        goto done;
+    }
+
+    /* construct pub/priv key pairs */
+    err = gcry_sexp_build(&pub_key, NULL,
+             "(public-key(rsa(n%m)(e%m)))",
+             n, e);
+    if((err != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "gcry_sexp_build(public)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+    if(d != NULL) {
+        err = gcry_sexp_build(&priv_key, NULL,
+                 "(private-key(rsa(n%m)(e%m)(d%m)))",
+                 n, e, d);
+        if((err != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "gcry_sexp_build(private)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            goto done;
+        }
+    }
+
+
+    /* create key data */
+    data = xmlSecKeyDataCreate(id);
+    if(data == NULL ) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(data, pub_key, priv_key);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGCryptKeyDataRsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    pub_key = NULL; /* pub_key is owned by data now */
+    priv_key = NULL; /* priv_key is owned by data now */
+
+    /* set key */
+    ret = xmlSecKeySetValue(key, data);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    data = NULL; /* data is owned by key now */
+
+
+    /* success */
+    res = 0;
+
+done:
+    /* cleanup */
+    if(n != NULL) {
+        gcry_mpi_release(n);
+    }
+
+    if(e != NULL) {
+        gcry_mpi_release(e);
+    }
+
+    if(d != NULL) {
+        gcry_mpi_release(d);
+    }
+
+    if(pub_key != NULL) {
+        gcry_sexp_release(pub_key);
+    }
+
+    if(priv_key != NULL) {
+        gcry_sexp_release(priv_key);
+    }
+
+    if(data != NULL) {
+        xmlSecKeyDataDestroy(data);
+    }
+    return(res);
+
+}
+
+static int
+xmlSecGCryptKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                            xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlNodePtr cur;
+    gcry_sexp_t pub_priv_key;
+    gcry_sexp_t rsa = NULL;
+    int private = 0;
+    int res = -1;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGCryptKeyDataRsaId, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataRsaId), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
+        /* we can have only private key or public key */
+        return(0);
+    }
+
+    /* find the private or public key */
+    pub_priv_key = xmlSecGCryptKeyDataRsaGetPrivateKey(xmlSecKeyGetValue(key));
+    if(pub_priv_key == NULL) {
+        pub_priv_key = xmlSecGCryptKeyDataRsaGetPublicKey(xmlSecKeyGetValue(key));
+        if(pub_priv_key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptKeyDataRsaGetPublicKey()",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+    } else {
+        private = 1;
+    }
+
+    rsa = gcry_sexp_find_token(pub_priv_key, "rsa", 0);
+    if(rsa == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "gcry_sexp_find_token(rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* first is Modulus node */
+    cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+       goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "n", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        goto done;
+    }
+
+    /* next is Exponent node. */
+    cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+       goto done;
+    }
+    ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "e", 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGCryptNodeSetSExpTokValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+       goto done;
+    }
+
+    /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */
+    if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (private != 0)) {
+        cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+           goto done;
+        }
+        ret = xmlSecGCryptNodeSetSExpTokValue(cur, rsa, "d", 1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGCryptNodeSetSExpTokValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+           goto done;
+        }
+    }
+
+    /* success */
+    res = 0;
+
+done:
+    if(rsa != NULL) {
+        gcry_sexp_release(rsa);
+    }
+
+    return(res);
+}
+
+#endif /* XMLSEC_NO_RSA */
diff --git a/src/gcrypt/ciphers.c b/src/gcrypt/ciphers.c
new file mode 100644
index 00000000..6192b8b2
--- /dev/null
+++ b/src/gcrypt/ciphers.c
@@ -0,0 +1,855 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+/**************************************************************************
+ *
+ * Internal GCrypt Block cipher CTX
+ *
+ *****************************************************************************/
+typedef struct _xmlSecGCryptBlockCipherCtx              xmlSecGCryptBlockCipherCtx,
+                                                        *xmlSecGCryptBlockCipherCtxPtr;
+struct _xmlSecGCryptBlockCipherCtx {
+    int                 cipher;
+    int                 mode;
+    gcry_cipher_hd_t    cipherCtx;
+    xmlSecKeyDataId     keyId;
+    int                 keyInitialized;
+    int                 ctxInitialized;
+};
+
+static int      xmlSecGCryptBlockCipherCtxInit          (xmlSecGCryptBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptBlockCipherCtxUpdate        (xmlSecGCryptBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptBlockCipherCtxFinal         (xmlSecGCryptBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int
+xmlSecGCryptBlockCipherCtxInit(xmlSecGCryptBlockCipherCtxPtr ctx,
+                                xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                int encrypt,
+                                const xmlChar* cipherName,
+                                xmlSecTransformCtxPtr transformCtx) {
+    gcry_err_code_t err;
+    int blockLen;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cipher != 0, -1);
+    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
+    xmlSecAssert2(ctx->keyInitialized != 0, -1);
+    xmlSecAssert2(ctx->ctxInitialized == 0, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    /* iv len == block len */
+    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
+    xmlSecAssert2(blockLen > 0, -1);
+
+    if(encrypt) {
+        xmlSecByte* iv;
+        xmlSecSize outSize;
+
+        /* allocate space for IV */
+        outSize = xmlSecBufferGetSize(out);
+        ret = xmlSecBufferSetSize(out, outSize + blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize + blockLen);
+            return(-1);
+        }
+        iv = xmlSecBufferGetData(out) + outSize;
+
+        /* generate and use random iv */
+        gcry_randomize(iv, blockLen, GCRY_STRONG_RANDOM);
+        err = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_setiv",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+    } else {
+        /* if we don't have enough data, exit and hope that
+         * we'll have iv next time */
+        if(xmlSecBufferGetSize(in) < (xmlSecSize)blockLen) {
+            return(0);
+        }
+        xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
+
+        /* set iv */
+        err = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_setiv",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+
+        /* and remove from input */
+        ret = xmlSecBufferRemoveHead(in, blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", blockLen);
+            return(-1);
+        }
+    }
+
+    ctx->ctxInitialized = 1;
+    return(0);
+}
+
+static int
+xmlSecGCryptBlockCipherCtxUpdate(xmlSecGCryptBlockCipherCtxPtr ctx,
+                                  xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                  int encrypt,
+                                  const xmlChar* cipherName,
+                                  xmlSecTransformCtxPtr transformCtx) {
+    xmlSecSize inSize, inBlocks, outSize;
+    int blockLen;
+    xmlSecByte* outBuf;
+    gcry_err_code_t err;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cipher != 0, -1);
+    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
+    xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
+    xmlSecAssert2(blockLen > 0, -1);
+
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+
+    if(inSize < (xmlSecSize)blockLen) {
+        return(0);
+    }
+
+    if(encrypt) {
+        inBlocks = inSize / ((xmlSecSize)blockLen);
+    } else {
+        /* we want to have the last block in the input buffer
+         * for padding check */
+        inBlocks = (inSize - 1) / ((xmlSecSize)blockLen);
+    }
+    inSize = inBlocks * ((xmlSecSize)blockLen);
+
+    /* we write out the input size plus may be one block */
+    ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize + blockLen);
+        return(-1);
+    }
+    outBuf = xmlSecBufferGetData(out) + outSize;
+
+    if(encrypt) {
+        err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+                                xmlSecBufferGetData(in), inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_encrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+    } else {
+        err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+                                xmlSecBufferGetData(in), inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_decrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+    }
+
+    /* set correct output buffer size */
+    ret = xmlSecBufferSetSize(out, outSize + inSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize);
+        return(-1);
+    }
+
+    /* remove the processed block from input */
+    ret = xmlSecBufferRemoveHead(in, inSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
+    }
+    return(0);
+}
+
+static int
+xmlSecGCryptBlockCipherCtxFinal(xmlSecGCryptBlockCipherCtxPtr ctx,
+                                 xmlSecBufferPtr in,
+                                 xmlSecBufferPtr out,
+                                 int encrypt,
+                                 const xmlChar* cipherName,
+                                 xmlSecTransformCtxPtr transformCtx) {
+    xmlSecSize inSize, outSize;
+    int blockLen, outLen = 0;
+    xmlSecByte* inBuf;
+    xmlSecByte* outBuf;
+    gcry_err_code_t err;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cipher != 0, -1);
+    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
+    xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
+    xmlSecAssert2(blockLen > 0, -1);
+
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+
+    if(encrypt != 0) {
+        xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);
+
+        /* create padding */
+        ret = xmlSecBufferSetMaxSize(in, blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", blockLen);
+            return(-1);
+        }
+        inBuf = xmlSecBufferGetData(in);
+
+        /* create random padding */
+        if((xmlSecSize)blockLen > (inSize + 1)) {
+            gcry_randomize(inBuf + inSize, blockLen - inSize - 1,
+                        GCRY_STRONG_RANDOM); /* as usual, we are paranoid */
+        }
+        inBuf[blockLen - 1] = blockLen - inSize;
+        inSize = blockLen;
+    } else {
+        if(inSize != (xmlSecSize)blockLen) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "data=%d;block=%d", inSize, blockLen);
+            return(-1);
+        }
+    }
+
+    /* process last block */
+    ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + 2 * blockLen);
+        return(-1);
+    }
+    outBuf = xmlSecBufferGetData(out) + outSize;
+
+    if(encrypt) {
+        err = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+                                xmlSecBufferGetData(in), inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_encrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+    } else {
+        err = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
+                                xmlSecBufferGetData(in), inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "gcry_cipher_decrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            return(-1);
+        }
+    }
+
+    if(encrypt == 0) {
+        /* check padding */
+        if(inSize < outBuf[blockLen - 1]) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "padding=%d;buffer=%d",
+                        outBuf[blockLen - 1], inSize);
+            return(-1);
+        }
+        outLen = inSize - outBuf[blockLen - 1];
+    } else {
+        outLen = inSize;
+    }
+
+    /* set correct output buffer size */
+    ret = xmlSecBufferSetSize(out, outSize + outLen);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
+    }
+
+    /* remove the processed block from input */
+    ret = xmlSecBufferRemoveHead(in, inSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
+    }
+
+
+    /* set correct output buffer size */
+    ret = xmlSecBufferSetSize(out, outSize + outLen);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
+    }
+
+    /* remove the processed block from input */
+    ret = xmlSecBufferRemoveHead(in, inSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
+    }
+
+    return(0);
+}
+
+
+/******************************************************************************
+ *
+ *  Block Cipher transforms
+ *
+ * xmlSecGCryptBlockCipherCtx block is located after xmlSecTransform structure
+ *
+ *****************************************************************************/
+#define xmlSecGCryptBlockCipherSize     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptBlockCipherCtx))
+#define xmlSecGCryptBlockCipherGetCtx(transform) \
+    ((xmlSecGCryptBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecGCryptBlockCipherInitialize       (xmlSecTransformPtr transform);
+static void     xmlSecGCryptBlockCipherFinalize         (xmlSecTransformPtr transform);
+static int      xmlSecGCryptBlockCipherSetKeyReq        (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecGCryptBlockCipherSetKey           (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecGCryptBlockCipherExecute          (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptBlockCipherCheckId          (xmlSecTransformPtr transform);
+
+
+
+static int
+xmlSecGCryptBlockCipherCheckId(xmlSecTransformPtr transform) {
+#ifndef XMLSEC_NO_DES
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformDes3CbcId)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformAes128CbcId) ||
+       xmlSecTransformCheckId(transform, xmlSecGCryptTransformAes192CbcId) ||
+       xmlSecTransformCheckId(transform, xmlSecGCryptTransformAes256CbcId)) {
+
+       return(1);
+    }
+#endif /* XMLSEC_NO_AES */
+
+    return(0);
+}
+
+static int
+xmlSecGCryptBlockCipherInitialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptBlockCipherCtxPtr ctx;
+    gcry_error_t err;
+
+    xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize), -1);
+
+    ctx = xmlSecGCryptBlockCipherGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGCryptBlockCipherCtx));
+
+#ifndef XMLSEC_NO_DES
+    if(transform->id == xmlSecGCryptTransformDes3CbcId) {
+        ctx->cipher     = GCRY_CIPHER_3DES;
+        ctx->mode       = GCRY_CIPHER_MODE_CBC;
+        ctx->keyId      = xmlSecGCryptKeyDataDesId;
+    } else
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+    if(transform->id == xmlSecGCryptTransformAes128CbcId) {
+        ctx->cipher     = GCRY_CIPHER_AES128;
+        ctx->mode       = GCRY_CIPHER_MODE_CBC;
+        ctx->keyId      = xmlSecGCryptKeyDataAesId;
+    } else if(transform->id == xmlSecGCryptTransformAes192CbcId) {
+        ctx->cipher     = GCRY_CIPHER_AES192;
+        ctx->mode       = GCRY_CIPHER_MODE_CBC;
+        ctx->keyId      = xmlSecGCryptKeyDataAesId;
+    } else if(transform->id == xmlSecGCryptTransformAes256CbcId) {
+        ctx->cipher     = GCRY_CIPHER_AES256;
+        ctx->mode       = GCRY_CIPHER_MODE_CBC;
+        ctx->keyId      = xmlSecGCryptKeyDataAesId;
+    } else
+#endif /* XMLSEC_NO_AES */
+
+    if(1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    err = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_cipher_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+    return(0);
+}
+
+static void
+xmlSecGCryptBlockCipherFinalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptBlockCipherCtxPtr ctx;
+
+    xmlSecAssert(xmlSecGCryptBlockCipherCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize));
+
+    ctx = xmlSecGCryptBlockCipherGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->cipherCtx != NULL) {
+        gcry_cipher_close(ctx->cipherCtx);
+    }
+
+    memset(ctx, 0, sizeof(xmlSecGCryptBlockCipherCtx));
+}
+
+static int
+xmlSecGCryptBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecGCryptBlockCipherCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecGCryptBlockCipherGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cipher != 0, -1);
+    xmlSecAssert2(ctx->keyId != NULL, -1);
+
+    keyReq->keyId       = ctx->keyId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationEncrypt) {
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+    } else {
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+    }
+
+    keyReq->keyBitsSize = 8 * gcry_cipher_get_algo_keylen(ctx->cipher);
+    return(0);
+}
+
+static int
+xmlSecGCryptBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecGCryptBlockCipherCtxPtr ctx;
+    xmlSecBufferPtr buffer;
+    xmlSecSize keySize;
+    gcry_err_code_t err;
+
+    xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+
+    ctx = xmlSecGCryptBlockCipherGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
+    xmlSecAssert2(ctx->cipher != 0, -1);
+    xmlSecAssert2(ctx->keyInitialized == 0, -1);
+    xmlSecAssert2(ctx->keyId != NULL, -1);
+    xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
+
+    keySize = gcry_cipher_get_algo_keylen(ctx->cipher);
+    xmlSecAssert2(keySize > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+    xmlSecAssert2(buffer != NULL, -1);
+
+    if(xmlSecBufferGetSize(buffer) < keySize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=%d;expected=%d",
+                    xmlSecBufferGetSize(buffer), keySize);
+        return(-1);
+    }
+
+    xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
+    err = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_cipher_setkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    ctx->keyInitialized = 1;
+    return(0);
+}
+
+static int
+xmlSecGCryptBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptBlockCipherCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptBlockCipherCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptBlockCipherSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+
+    ctx = xmlSecGCryptBlockCipherGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        if(ctx->ctxInitialized == 0) {
+            ret = xmlSecGCryptBlockCipherCtxInit(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecGCryptBlockCipherCtxInit",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        if((ctx->ctxInitialized == 0) && (last != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "not enough data to initialize transform");
+            return(-1);
+        }
+        if(ctx->ctxInitialized != 0) {
+            ret = xmlSecGCryptBlockCipherCtxUpdate(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecGCryptBlockCipherCtxUpdate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+
+        if(last) {
+            ret = xmlSecGCryptBlockCipherCtxFinal(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecGCryptBlockCipherCtxFinal",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+    } else if(transform->status == xmlSecTransformStatusNone) {
+        /* the only way we can get here is if there is no enough data in the input */
+        xmlSecAssert2(last == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+
+    return(0);
+}
+
+
+#ifndef XMLSEC_NO_AES
+/*********************************************************************
+ *
+ * AES CBC cipher transforms
+ *
+ ********************************************************************/
+static xmlSecTransformKlass xmlSecGCryptAes128CbcKlass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptBlockCipherSize,                /* xmlSecSize objSize */
+
+    xmlSecNameAes128Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes128Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptBlockCipherInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptBlockCipherFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptBlockCipherSetKeyReq,           /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptBlockCipherSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptBlockCipherExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformAes128CbcGetKlass:
+ *
+ * AES 128 CBC encryption transform klass.
+ *
+ * Returns: pointer to AES 128 CBC encryption transform.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformAes128CbcGetKlass(void) {
+    return(&xmlSecGCryptAes128CbcKlass);
+}
+
+static xmlSecTransformKlass xmlSecGCryptAes192CbcKlass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptBlockCipherSize,                /* xmlSecSize objSize */
+
+    xmlSecNameAes192Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes192Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptBlockCipherInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptBlockCipherFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptBlockCipherSetKeyReq,           /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptBlockCipherSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptBlockCipherExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformAes192CbcGetKlass:
+ *
+ * AES 192 CBC encryption transform klass.
+ *
+ * Returns: pointer to AES 192 CBC encryption transform.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformAes192CbcGetKlass(void) {
+    return(&xmlSecGCryptAes192CbcKlass);
+}
+
+static xmlSecTransformKlass xmlSecGCryptAes256CbcKlass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptBlockCipherSize,                /* xmlSecSize objSize */
+
+    xmlSecNameAes256Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes256Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptBlockCipherInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptBlockCipherFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptBlockCipherSetKeyReq,           /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptBlockCipherSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptBlockCipherExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformAes256CbcGetKlass:
+ *
+ * AES 256 CBC encryption transform klass.
+ *
+ * Returns: pointer to AES 256 CBC encryption transform.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformAes256CbcGetKlass(void) {
+    return(&xmlSecGCryptAes256CbcKlass);
+}
+
+#endif /* XMLSEC_NO_AES */
+
+#ifndef XMLSEC_NO_DES
+static xmlSecTransformKlass xmlSecGCryptDes3CbcKlass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptBlockCipherSize,                /* xmlSecSize objSize */
+
+    xmlSecNameDes3Cbc,                          /* const xmlChar* name; */
+    xmlSecHrefDes3Cbc,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptBlockCipherInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptBlockCipherFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptBlockCipherSetKeyReq,           /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptBlockCipherSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptBlockCipherExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformDes3CbcGetKlass:
+ *
+ * Triple DES CBC encryption transform klass.
+ *
+ * Returns: pointer to Triple DES encryption transform.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformDes3CbcGetKlass(void) {
+    return(&xmlSecGCryptDes3CbcKlass);
+}
+#endif /* XMLSEC_NO_DES */
+
diff --git a/src/gcrypt/crypto.c b/src/gcrypt/crypto.c
new file mode 100644
index 00000000..11def388
--- /dev/null
+++ b/src/gcrypt/crypto.c
@@ -0,0 +1,315 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+#include <xmlsec/dl.h>
+#include <xmlsec/private.h>
+
+#include <xmlsec/gcrypt/app.h>
+#include <xmlsec/gcrypt/crypto.h>
+
+static xmlSecCryptoDLFunctionsPtr gXmlSecGCryptFunctions = NULL;
+
+/**
+ * xmlSecCryptoGetFunctions_gcrypt:
+ *
+ * Gets the pointer to xmlsec-gcrypt functions table.
+ *
+ * Returns: the xmlsec-gcrypt functions table or NULL if an error occurs.
+ */
+xmlSecCryptoDLFunctionsPtr
+xmlSecCryptoGetFunctions_gcrypt(void) {
+    static xmlSecCryptoDLFunctions functions;
+
+    if(gXmlSecGCryptFunctions != NULL) {
+        return(gXmlSecGCryptFunctions);
+    }
+
+    memset(&functions, 0, sizeof(functions));
+    gXmlSecGCryptFunctions = &functions;
+
+    /********************************************************************
+     *
+     * Crypto Init/shutdown
+     *
+     ********************************************************************/
+    gXmlSecGCryptFunctions->cryptoInit                  = xmlSecGCryptInit;
+    gXmlSecGCryptFunctions->cryptoShutdown              = xmlSecGCryptShutdown;
+    gXmlSecGCryptFunctions->cryptoKeysMngrInit          = xmlSecGCryptKeysMngrInit;
+
+    /********************************************************************
+     *
+     * Key data ids
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecGCryptFunctions->keyDataAesGetKlass          = xmlSecGCryptKeyDataAesGetKlass;
+#endif /* XMLSEC_NO_AES */
+
+#ifndef XMLSEC_NO_DES
+    gXmlSecGCryptFunctions->keyDataDesGetKlass          = xmlSecGCryptKeyDataDesGetKlass;
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_DSA
+    gXmlSecGCryptFunctions->keyDataDsaGetKlass          = xmlSecGCryptKeyDataDsaGetKlass;
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecGCryptFunctions->keyDataHmacGetKlass         = xmlSecGCryptKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
+
+#ifndef XMLSEC_NO_RSA
+    gXmlSecGCryptFunctions->keyDataRsaGetKlass          = xmlSecGCryptKeyDataRsaGetKlass;
+#endif /* XMLSEC_NO_RSA */
+
+
+    /********************************************************************
+     *
+     * Key data store ids
+     *
+     ********************************************************************/
+
+    /********************************************************************
+     *
+     * Crypto transforms ids
+     *
+     ********************************************************************/
+
+    /******************************* AES ********************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecGCryptFunctions->transformAes128CbcGetKlass          = xmlSecGCryptTransformAes128CbcGetKlass;
+    gXmlSecGCryptFunctions->transformAes192CbcGetKlass          = xmlSecGCryptTransformAes192CbcGetKlass;
+    gXmlSecGCryptFunctions->transformAes256CbcGetKlass          = xmlSecGCryptTransformAes256CbcGetKlass;
+    gXmlSecGCryptFunctions->transformKWAes128GetKlass           = xmlSecGCryptTransformKWAes128GetKlass;
+    gXmlSecGCryptFunctions->transformKWAes192GetKlass           = xmlSecGCryptTransformKWAes192GetKlass;
+    gXmlSecGCryptFunctions->transformKWAes256GetKlass           = xmlSecGCryptTransformKWAes256GetKlass;
+#endif /* XMLSEC_NO_AES */
+
+    /******************************* DES ********************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecGCryptFunctions->transformDes3CbcGetKlass            = xmlSecGCryptTransformDes3CbcGetKlass;
+    gXmlSecGCryptFunctions->transformKWDes3GetKlass             = xmlSecGCryptTransformKWDes3GetKlass;
+#endif /* XMLSEC_NO_DES */
+
+    /******************************* DSA ********************************/
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGCryptFunctions->transformDsaSha1GetKlass            = xmlSecGCryptTransformDsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+    /******************************* HMAC ********************************/
+#ifndef XMLSEC_NO_HMAC
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGCryptFunctions->transformHmacMd5GetKlass            = xmlSecGCryptTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGCryptFunctions->transformHmacRipemd160GetKlass      = xmlSecGCryptTransformHmacRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGCryptFunctions->transformHmacSha1GetKlass           = xmlSecGCryptTransformHmacSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGCryptFunctions->transformHmacSha256GetKlass         = xmlSecGCryptTransformHmacSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGCryptFunctions->transformHmacSha384GetKlass         = xmlSecGCryptTransformHmacSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGCryptFunctions->transformHmacSha512GetKlass         = xmlSecGCryptTransformHmacSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_HMAC */
+
+    /******************************* MD5 ********************************/
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGCryptFunctions->transformMd5GetKlass                = xmlSecGCryptTransformMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+    /******************************* RIPEMD160 ********************************/
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGCryptFunctions->transformRipemd160GetKlass          = xmlSecGCryptTransformRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+    /******************************* RSA ********************************/
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGCryptFunctions->transformRsaMd5GetKlass            = xmlSecGCryptTransformRsaMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGCryptFunctions->transformRsaRipemd160GetKlass      = xmlSecGCryptTransformRsaRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGCryptFunctions->transformRsaSha1GetKlass           = xmlSecGCryptTransformRsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGCryptFunctions->transformRsaSha256GetKlass         = xmlSecGCryptTransformRsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGCryptFunctions->transformRsaSha384GetKlass         = xmlSecGCryptTransformRsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGCryptFunctions->transformRsaSha512GetKlass         = xmlSecGCryptTransformRsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+    /******************************* SHA ********************************/
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGCryptFunctions->transformSha1GetKlass               = xmlSecGCryptTransformSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGCryptFunctions->transformSha256GetKlass             = xmlSecGCryptTransformSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGCryptFunctions->transformSha384GetKlass             = xmlSecGCryptTransformSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGCryptFunctions->transformSha512GetKlass             = xmlSecGCryptTransformSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+
+    /********************************************************************
+     *
+     * High level routines form xmlsec command line utility
+     *
+     ********************************************************************/
+    gXmlSecGCryptFunctions->cryptoAppInit                       = xmlSecGCryptAppInit;
+    gXmlSecGCryptFunctions->cryptoAppShutdown                   = xmlSecGCryptAppShutdown;
+    gXmlSecGCryptFunctions->cryptoAppDefaultKeysMngrInit        = xmlSecGCryptAppDefaultKeysMngrInit;
+    gXmlSecGCryptFunctions->cryptoAppDefaultKeysMngrAdoptKey    = xmlSecGCryptAppDefaultKeysMngrAdoptKey;
+    gXmlSecGCryptFunctions->cryptoAppDefaultKeysMngrLoad        = xmlSecGCryptAppDefaultKeysMngrLoad;
+    gXmlSecGCryptFunctions->cryptoAppDefaultKeysMngrSave        = xmlSecGCryptAppDefaultKeysMngrSave;
+#ifndef XMLSEC_NO_X509
+    gXmlSecGCryptFunctions->cryptoAppKeysMngrCertLoad           = xmlSecGCryptAppKeysMngrCertLoad;
+    gXmlSecGCryptFunctions->cryptoAppPkcs12Load                 = xmlSecGCryptAppPkcs12Load;
+    gXmlSecGCryptFunctions->cryptoAppKeyCertLoad                = xmlSecGCryptAppKeyCertLoad;
+#endif /* XMLSEC_NO_X509 */
+    gXmlSecGCryptFunctions->cryptoAppKeyLoad                    = xmlSecGCryptAppKeyLoad;
+    gXmlSecGCryptFunctions->cryptoAppDefaultPwdCallback         = (void*)xmlSecGCryptAppGetDefaultPwdCallback();
+
+    return(gXmlSecGCryptFunctions);
+}
+
+
+/**
+ * xmlSecGCryptInit:
+ *
+ * XMLSec library specific crypto engine initialization.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptInit (void)  {
+    /* Check loaded xmlsec library version */
+    if(xmlSecCheckVersionExact() != 1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* register our klasses */
+    if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_gcrypt()) < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGCryptShutdown:
+ *
+ * XMLSec library specific crypto engine shutdown.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptShutdown(void) {
+    return(0);
+}
+
+/**
+ * xmlSecGCryptKeysMngrInit:
+ * @mngr:               the pointer to keys manager.
+ *
+ * Adds GCrypt specific key data stores in keys manager.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptKeysMngrInit(xmlSecKeysMngrPtr mngr) {
+    xmlSecAssert2(mngr != NULL, -1);
+
+    /* TODO: add key data stores */
+    return(0);
+}
+
+/**
+ * xmlSecGCryptGenerateRandom:
+ * @buffer:             the destination buffer.
+ * @size:               the numer of bytes to generate.
+ *
+ * Generates @size random bytes and puts result in @buffer.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGCryptGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
+    int ret;
+
+    xmlSecAssert2(buffer != NULL, -1);
+    xmlSecAssert2(size > 0, -1);
+
+    ret = xmlSecBufferSetSize(buffer, size);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
+    }
+
+    /* get random data */
+    gcry_randomize(xmlSecBufferGetData(buffer), size, GCRY_STRONG_RANDOM);
+    return(0);
+}
diff --git a/src/gcrypt/digests.c b/src/gcrypt/digests.c
new file mode 100644
index 00000000..dcbe4c7f
--- /dev/null
+++ b/src/gcrypt/digests.c
@@ -0,0 +1,614 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/app.h>
+#include <xmlsec/gcrypt/crypto.h>
+
+/**************************************************************************
+ *
+ * Internal GCRYPT Digest CTX
+ *
+ *****************************************************************************/
+typedef struct _xmlSecGCryptDigestCtx           xmlSecGCryptDigestCtx, *xmlSecGCryptDigestCtxPtr;
+struct _xmlSecGCryptDigestCtx {
+    int                 digest;
+    gcry_md_hd_t        digestCtx;
+    xmlSecByte          dgst[XMLSEC_GCRYPT_MAX_DIGEST_SIZE];
+    xmlSecSize          dgstSize;       /* dgst size in bytes */
+};
+
+/******************************************************************************
+ *
+ * Digest transforms
+ *
+ * xmlSecGCryptDigestCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecGCryptDigestSize  \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptDigestCtx))
+#define xmlSecGCryptDigestGetCtx(transform) \
+    ((xmlSecGCryptDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecGCryptDigestInitialize            (xmlSecTransformPtr transform);
+static void     xmlSecGCryptDigestFinalize              (xmlSecTransformPtr transform);
+static int      xmlSecGCryptDigestVerify                (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptDigestExecute               (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptDigestCheckId               (xmlSecTransformPtr transform);
+
+static int
+xmlSecGCryptDigestCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha384Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformMd5Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRipemd160Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+    /* not found */
+    {
+        return(0);
+    }
+
+    /* just in case */
+    return(0);
+}
+
+static int
+xmlSecGCryptDigestInitialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptDigestCtxPtr ctx;
+    gcry_error_t err;
+
+    xmlSecAssert2(xmlSecGCryptDigestCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize), -1);
+
+    ctx = xmlSecGCryptDigestGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    /* initialize context */
+    memset(ctx, 0, sizeof(xmlSecGCryptDigestCtx));
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha1Id)) {
+        ctx->digest = GCRY_MD_SHA1;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha256Id)) {
+        ctx->digest = GCRY_MD_SHA256;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha384Id)) {
+        ctx->digest = GCRY_MD_SHA384;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformSha512Id)) {
+        ctx->digest = GCRY_MD_SHA512;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformMd5Id)) {
+        ctx->digest = GCRY_MD_MD5;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRipemd160Id)) {
+        ctx->digest = GCRY_MD_RMD160;
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+    if(1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* create digest ctx */
+    err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_md_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+    return(0);
+}
+
+static void
+xmlSecGCryptDigestFinalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptDigestCtxPtr ctx;
+
+    xmlSecAssert(xmlSecGCryptDigestCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize));
+
+    ctx = xmlSecGCryptDigestGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->digestCtx != NULL) {
+        gcry_md_close(ctx->digestCtx);
+    }
+    memset(ctx, 0, sizeof(xmlSecGCryptDigestCtx));
+}
+
+static int
+xmlSecGCryptDigestVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptDigestCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecGCryptDigestCheckId(transform), -1);
+    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize), -1);
+    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptDigestGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->dgstSize > 0, -1);
+
+    if(dataSize != ctx->dgstSize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest sizes are different (data=%d, dgst=%d)",
+                    dataSize, ctx->dgstSize);
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    if(memcmp(ctx->dgst, data, dataSize) != 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    transform->status = xmlSecTransformStatusOk;
+    return(0);
+}
+
+static int
+xmlSecGCryptDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptDigestCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptDigestCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptDigestSize), -1);
+
+    ctx = xmlSecGCryptDigestGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->digest != GCRY_MD_NONE, -1);
+    xmlSecAssert2(ctx->digestCtx != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last != 0) {
+            xmlSecByte* buf;
+
+            /* get the final digest */
+            gcry_md_final(ctx->digestCtx);
+            buf = gcry_md_read(ctx->digestCtx, ctx->digest);
+            if(buf == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "gcry_md_read",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* copy it to our internal buffer */
+            ctx->dgstSize = gcry_md_get_algo_dlen(ctx->digest);
+            xmlSecAssert2(ctx->dgstSize > 0, -1);
+            xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
+            memcpy(ctx->dgst, buf, ctx->dgstSize);
+
+            /* and to the output if needed */
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", ctx->dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+
+    return(0);
+}
+
+#ifndef XMLSEC_NO_SHA1
+/******************************************************************************
+ *
+ * SHA1 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha1,                             /* const xmlChar* name; */
+    xmlSecHrefSha1,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformSha1GetKlass:
+ *
+ * SHA-1 digest transform klass.
+ *
+ * Returns: pointer to SHA-1 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformSha1GetKlass(void) {
+    return(&xmlSecGCryptSha1Klass);
+}
+#endif /* XMLSEC_NO_SHA1 */
+
+
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * SHA256 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha256,                           /* const xmlChar* name; */
+    xmlSecHrefSha256,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformSha256GetKlass:
+ *
+ * SHA256 digest transform klass.
+ *
+ * Returns: pointer to SHA256 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformSha256GetKlass(void) {
+    return(&xmlSecGCryptSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * SHA384 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha384,                           /* const xmlChar* name; */
+    xmlSecHrefSha384,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformSha384GetKlass:
+ *
+ * SHA384 digest transform klass.
+ *
+ * Returns: pointer to SHA384 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformSha384GetKlass(void) {
+    return(&xmlSecGCryptSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * SHA512 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha512,                           /* const xmlChar* name; */
+    xmlSecHrefSha512,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformSha512GetKlass:
+ *
+ * SHA512 digest transform klass.
+ *
+ * Returns: pointer to SHA512 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformSha512GetKlass(void) {
+    return(&xmlSecGCryptSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * MD5 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameMd5,                           /* const xmlChar* name; */
+    xmlSecHrefMd5,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformMd5GetKlass:
+ *
+ * MD5 digest transform klass.
+ *
+ * Returns: pointer to MD5 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformMd5GetKlass(void) {
+    return(&xmlSecGCryptMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/******************************************************************************
+ *
+ * RIPEMD160 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRipemd160Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptDigestSize,                     /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameRipemd160,                           /* const xmlChar* name; */
+    xmlSecHrefRipemd160,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecGCryptDigestInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptDigestFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptDigestVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptDigestExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRipemd160GetKlass:
+ *
+ * RIPEMD160 digest transform klass.
+ *
+ * Returns: pointer to RIPEMD160 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRipemd160GetKlass(void) {
+    return(&xmlSecGCryptRipemd160Klass);
+}
+#endif /* XMLSEC_NO_RIPEMD160 */
diff --git a/src/gcrypt/globals.h b/src/gcrypt/globals.h
new file mode 100644
index 00000000..7bc03c1c
--- /dev/null
+++ b/src/gcrypt/globals.h
@@ -0,0 +1,30 @@
+/*
+ * XML Security Library
+ *
+ * globals.h: internal header only used during the compilation
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GLOBALS_H__
+#define __XMLSEC_GLOBALS_H__
+
+/**
+ * Use autoconf defines if present.
+ */
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif /* HAVE_CONFIG_H */
+
+#define IN_XMLSEC_CRYPTO
+#define XMLSEC_PRIVATE
+
+
+#define XMLSEC_GCRYPT_MAX_DIGEST_SIZE           256
+#define XMLSEC_GCRYPT_REPORT_ERROR(err)         \
+        "error code=%d; error message='%s'",    \
+        (int)err, xmlSecErrorsSafeString(gcry_strerror((err)))
+
+#endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/gcrypt/hmac.c b/src/gcrypt/hmac.c
new file mode 100644
index 00000000..192cb17b
--- /dev/null
+++ b/src/gcrypt/hmac.c
@@ -0,0 +1,823 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_HMAC
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/app.h>
+#include <xmlsec/gcrypt/crypto.h>
+
+/* sizes in bits */
+#define XMLSEC_GCRYPT_MIN_HMAC_SIZE             80
+#define XMLSEC_GCRYPT_MAX_HMAC_SIZE             (128 * 8)
+
+/**************************************************************************
+ *
+ * Configuration
+ *
+ *****************************************************************************/
+static int g_xmlsec_gcrypt_hmac_min_length = XMLSEC_GCRYPT_MIN_HMAC_SIZE;
+
+/**
+ * xmlSecGCryptHmacGetMinOutputLength:
+ *
+ * Gets the value of min HMAC length.
+ *
+ * Returns: the min HMAC output length
+ */
+int xmlSecGCryptHmacGetMinOutputLength(void)
+{
+    return g_xmlsec_gcrypt_hmac_min_length;
+}
+
+/**
+ * xmlSecGCryptHmacSetMinOutputLength:
+ * @min_length: the new min length
+ *
+ * Sets the min HMAC output length
+ */
+void xmlSecGCryptHmacSetMinOutputLength(int min_length)
+{
+    g_xmlsec_gcrypt_hmac_min_length = min_length;
+}
+
+/**************************************************************************
+ *
+ * Internal GCRYPT HMAC CTX
+ *
+ *****************************************************************************/
+typedef struct _xmlSecGCryptHmacCtx             xmlSecGCryptHmacCtx, *xmlSecGCryptHmacCtxPtr;
+struct _xmlSecGCryptHmacCtx {
+    int                 digest;
+    gcry_md_hd_t        digestCtx;
+    xmlSecByte          dgst[XMLSEC_GCRYPT_MAX_HMAC_SIZE / 8];
+    xmlSecSize          dgstSize;       /* dgst size in bits */
+};
+
+/******************************************************************************
+ *
+ * HMAC transforms
+ *
+ * xmlSecGCryptHmacCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecGCryptHmacGetCtx(transform) \
+    ((xmlSecGCryptHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+#define xmlSecGCryptHmacSize    \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptHmacCtx))
+
+static int      xmlSecGCryptHmacCheckId                 (xmlSecTransformPtr transform);
+static int      xmlSecGCryptHmacInitialize              (xmlSecTransformPtr transform);
+static void     xmlSecGCryptHmacFinalize                (xmlSecTransformPtr transform);
+static int      xmlSecGCryptHmacNodeRead                (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptHmacSetKeyReq               (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecGCryptHmacSetKey                  (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecGCryptHmacVerify                  (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptHmacExecute                 (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+
+static int
+xmlSecGCryptHmacCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha384Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacRipemd160Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacMd5Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+    /* not found */
+    {
+        return(0);
+    }
+
+    /* just in case */
+    return(0);
+}
+
+
+static int
+xmlSecGCryptHmacInitialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptHmacCtxPtr ctx;
+    gcry_error_t err;
+
+    xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGCryptHmacCtx));
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha1Id)) {
+        ctx->digest = GCRY_MD_SHA1;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha256Id)) {
+        ctx->digest = GCRY_MD_SHA256;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha384Id)) {
+        ctx->digest = GCRY_MD_SHA384;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacSha512Id)) {
+        ctx->digest = GCRY_MD_SHA512;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacRipemd160Id)) {
+        ctx->digest = GCRY_MD_RMD160;
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformHmacMd5Id)) {
+        ctx->digest = GCRY_MD_MD5;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* open context */
+    err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_md_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecGCryptHmacFinalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptHmacCtxPtr ctx;
+
+    xmlSecAssert(xmlSecGCryptHmacCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize));
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->digestCtx != NULL) {
+        gcry_md_close(ctx->digestCtx);
+    }
+    memset(ctx, 0, sizeof(xmlSecGCryptHmacCtx));
+}
+
+/**
+ * xmlSecGCryptHmacNodeRead:
+ *
+ * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
+ *
+ * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
+ * as a parameter; if the parameter is not specified then all the bits of the
+ * hash are output. An example of an HMAC SignatureMethod element:
+ * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+ *   <HMACOutputLength>128</HMACOutputLength>
+ * </SignatureMethod>
+ *
+ * Schema Definition:
+ *
+ * <simpleType name="HMACOutputLengthType">
+ *   <restriction base="integer"/>
+ * </simpleType>
+ *
+ * DTD:
+ *
+ * <!ELEMENT HMACOutputLength (#PCDATA)>
+ */
+static int
+xmlSecGCryptHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptHmacCtxPtr ctx;
+    xmlNodePtr cur;
+
+    xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    cur = xmlSecGetNextElementNode(node->children);
+    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
+        xmlChar *content;
+
+        content = xmlNodeGetContent(cur);
+        if(content != NULL) {
+            ctx->dgstSize = atoi((char*)content);
+            xmlFree(content);
+        }
+
+        /* Ensure that HMAC length is greater than min specified.
+           Otherwise, an attacker can set this length to 0 or very
+           small value
+        */
+        if((int)ctx->dgstSize < xmlSecGCryptHmacGetMinOutputLength()) {
+           xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                    "HMAC output length is too small");
+           return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    if(cur != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        return(-1);
+    }
+    return(0);
+}
+
+
+static int
+xmlSecGCryptHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecGCryptHmacCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId  = xmlSecGCryptKeyDataHmacId;
+    keyReq->keyType= xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationSign) {
+        keyReq->keyUsage = xmlSecKeyUsageSign;
+    } else {
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGCryptHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecGCryptHmacCtxPtr ctx;
+    xmlSecKeyDataPtr value;
+    xmlSecBufferPtr buffer;
+    gcry_error_t err;
+
+    xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->digestCtx != NULL, -1);
+
+    value = xmlSecKeyGetValue(key);
+    xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecGCryptKeyDataHmacId), -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    if(xmlSecBufferGetSize(buffer) == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key is empty");
+        return(-1);
+    }
+
+    err = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer),
+                        xmlSecBufferGetSize(buffer));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_md_setkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+    return(0);
+}
+
+static int
+xmlSecGCryptHmacVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    static xmlSecByte last_byte_masks[] =
+                { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
+
+    xmlSecGCryptHmacCtxPtr ctx;
+    xmlSecByte mask;
+
+    xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
+    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->digestCtx != NULL, -1);
+    xmlSecAssert2(ctx->dgstSize > 0, -1);
+
+    /* compare the digest size in bytes */
+    if(dataSize != ((ctx->dgstSize + 7) / 8)){
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data=%d;dgst=%d",
+                    dataSize, ((ctx->dgstSize + 7) / 8));
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    /* we check the last byte separatelly */
+    xmlSecAssert2(dataSize > 0, -1);
+    mask = last_byte_masks[ctx->dgstSize % 8];
+    if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1]  & mask)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match (last byte)");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    /* now check the rest of the digest */
+    if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    transform->status = xmlSecTransformStatusOk;
+    return(0);
+}
+
+static int
+xmlSecGCryptHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptHmacCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecByte* dgst;
+    xmlSecSize dgstSize;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptHmacCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptHmacSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->digestCtx != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last) {
+            /* get the final digest */
+            gcry_md_final(ctx->digestCtx);
+            dgst = gcry_md_read(ctx->digestCtx, ctx->digest);
+            if(dgst == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "gcry_md_read",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* copy it to our internal buffer */
+            dgstSize = gcry_md_get_algo_dlen(ctx->digest);
+            xmlSecAssert2(dgstSize > 0, -1);
+            xmlSecAssert2(dgstSize <= sizeof(ctx->dgst), -1);
+            memcpy(ctx->dgst, dgst, dgstSize);
+
+            /* check/set the result digest size */
+            if(ctx->dgstSize == 0) {
+                ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
+            } else if(ctx->dgstSize <= 8 * dgstSize) {
+                dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+            } else {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_SIZE,
+                            "result-bits=%d;required-bits=%d",
+                            8 * dgstSize, ctx->dgstSize);
+                return(-1);
+            }
+
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "size=%d", transform->status);
+        return(-1);
+    }
+
+    return(0);
+}
+
+#ifndef XMLSEC_NO_SHA1
+/******************************************************************************
+ *
+ * HMAC SHA1
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha1,                         /* const xmlChar* name; */
+    xmlSecHrefHmacSha1,                         /* const xmlChar *href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacSha1GetKlass:
+ *
+ * The HMAC-SHA1 transform klass.
+ *
+ * Returns: the HMAC-SHA1 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacSha1GetKlass(void) {
+    return(&xmlSecGCryptHmacSha1Klass);
+}
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * HMAC SHA256
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha256,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha256,                       /* const xmlChar *href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacSha256GetKlass:
+ *
+ * The HMAC-SHA256 transform klass.
+ *
+ * Returns: the HMAC-SHA256 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacSha256GetKlass(void) {
+    return(&xmlSecGCryptHmacSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * HMAC SHA384
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha384,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha384,                       /* const xmlChar *href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacSha384GetKlass:
+ *
+ * The HMAC-SHA384 transform klass.
+ *
+ * Returns: the HMAC-SHA384 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacSha384GetKlass(void) {
+    return(&xmlSecGCryptHmacSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * HMAC SHA512
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha512,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha512,                       /* const xmlChar *href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacSha512GetKlass:
+ *
+ * The HMAC-SHA512 transform klass.
+ *
+ * Returns: the HMAC-SHA512 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacSha512GetKlass(void) {
+    return(&xmlSecGCryptHmacSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
+
+
+#ifndef XMLSEC_NO_RIPEMD160
+/******************************************************************************
+ *
+ * HMAC Ripemd160
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacRipemd160Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacRipemd160,                    /* const xmlChar* name; */
+    xmlSecHrefHmacRipemd160,                    /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacRipemd160GetKlass:
+ *
+ * The HMAC-RIPEMD160 transform klass.
+ *
+ * Returns: the HMAC-RIPEMD160 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacRipemd160GetKlass(void) {
+    return(&xmlSecGCryptHmacRipemd160Klass);
+}
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * HMAC MD5
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptHmacMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptHmacSize,                       /* xmlSecSize objSize */
+
+    xmlSecNameHmacMd5,                          /* const xmlChar* name; */
+    xmlSecHrefHmacMd5,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptHmacInitialize,                 /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptHmacFinalize,                   /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecGCryptHmacNodeRead,                   /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptHmacSetKeyReq,                  /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptHmacSetKey,                     /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptHmacVerify,                     /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptHmacExecute,                    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformHmacMd5GetKlass:
+ *
+ * The HMAC-MD5 transform klass.
+ *
+ * Returns: the HMAC-MD5 transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformHmacMd5GetKlass(void) {
+    return(&xmlSecGCryptHmacMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+
+#endif /* XMLSEC_NO_HMAC */
diff --git a/src/gcrypt/kw_aes.c b/src/gcrypt/kw_aes.c
new file mode 100644
index 00000000..38ac8956
--- /dev/null
+++ b/src/gcrypt/kw_aes.c
@@ -0,0 +1,593 @@
+/**
+ *
+ * XMLSec library
+ *
+ * AES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_AES
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+#include "../kw_aes_des.h"
+
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ *********************************************************************/
+static int        xmlSecGCryptKWAesBlockEncrypt                 (const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize,
+                                                                 void * context);
+static int        xmlSecGCryptKWAesBlockDecrypt                 (const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize,
+                                                                 void * context);
+static xmlSecKWAesKlass xmlSecGCryptKWAesKlass = {
+    /* callbacks */
+    xmlSecGCryptKWAesBlockEncrypt,          /* xmlSecKWAesBlockEncryptMethod       encrypt; */
+    xmlSecGCryptKWAesBlockDecrypt,          /* xmlSecKWAesBlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL                                    /* void*                               reserved1; */
+};
+
+
+/*********************************************************************
+ *
+ * AES KW transforms
+ *
+ ********************************************************************/
+typedef struct _xmlSecGCryptKWAesCtx              xmlSecGCryptKWAesCtx,
+                                                  *xmlSecGCryptKWAesCtxPtr;
+struct _xmlSecGCryptKWAesCtx {
+    int                 cipher;
+    int                 mode;
+    int                 flags;
+    xmlSecSize          blockSize;
+    xmlSecSize          keyExpectedSize;
+
+    xmlSecBuffer        keyBuffer;
+};
+#define xmlSecGCryptKWAesSize     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptKWAesCtx))
+#define xmlSecGCryptKWAesGetCtx(transform) \
+    ((xmlSecGCryptKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+#define xmlSecGCryptKWAesCheckId(transform) \
+    (xmlSecTransformCheckId((transform), xmlSecGCryptTransformKWAes128Id) || \
+     xmlSecTransformCheckId((transform), xmlSecGCryptTransformKWAes192Id) || \
+     xmlSecTransformCheckId((transform), xmlSecGCryptTransformKWAes256Id))
+
+static int      xmlSecGCryptKWAesInitialize                     (xmlSecTransformPtr transform);
+static void     xmlSecGCryptKWAesFinalize                       (xmlSecTransformPtr transform);
+static int      xmlSecGCryptKWAesSetKeyReq                      (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecGCryptKWAesSetKey                         (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecGCryptKWAesExecute                        (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+static int
+xmlSecGCryptKWAesInitialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptKWAesCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
+
+    ctx = xmlSecGCryptKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes128Id)) {
+        ctx->cipher             = GCRY_CIPHER_AES128;
+        ctx->keyExpectedSize    = XMLSEC_KW_AES128_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes192Id)) {
+        ctx->cipher             = GCRY_CIPHER_AES192;
+        ctx->keyExpectedSize    = XMLSEC_KW_AES192_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWAes256Id)) {
+        ctx->cipher             = GCRY_CIPHER_AES256;
+        ctx->keyExpectedSize    = XMLSEC_KW_AES256_KEY_SIZE;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    ctx->mode           = GCRY_CIPHER_MODE_CBC;
+    ctx->flags          = GCRY_CIPHER_SECURE; /* we are paranoid */
+    ctx->blockSize      = gcry_cipher_get_algo_blklen(ctx->cipher);
+    xmlSecAssert2(ctx->blockSize > 0, -1);
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecGCryptKWAesGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecGCryptKWAesFinalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptKWAesCtxPtr ctx;
+
+    xmlSecAssert(xmlSecGCryptKWAesCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize));
+
+    ctx = xmlSecGCryptKWAesGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
+}
+
+static int
+xmlSecGCryptKWAesSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecGCryptKWAesCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecGCryptKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId    = xmlSecGCryptKeyDataAesId;
+    keyReq->keyType  = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationEncrypt) {
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+    } else {
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+    }
+    keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
+
+    return(0);
+}
+
+static int
+xmlSecGCryptKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecGCryptKWAesCtxPtr ctx;
+    xmlSecBufferPtr buffer;
+    xmlSecSize keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataAesId), -1);
+
+    ctx = xmlSecGCryptKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+    xmlSecAssert2(buffer != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(buffer);
+    if(keySize < ctx->keyExpectedSize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key=%d;expected=%d",
+                    keySize, ctx->keyExpectedSize);
+        return(-1);
+    }
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer),
+                            xmlSecBufferGetData(buffer),
+                            ctx->keyExpectedSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "expected-size=%d", 
+                    ctx->keyExpectedSize);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGCryptKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptKWAesCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize, keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWAesSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+    xmlSecAssert2(outSize == 0, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+        /* just do nothing */
+    } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+        if((inSize % 8) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "size=%d(not 8 bytes aligned)", inSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
+            outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
+                               XMLSEC_KW_AES_BLOCK_SIZE;
+        } else {
+            outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWAesEncode(&xmlSecGCryptKWAesKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWAesDecode(&xmlSecGCryptKWAesKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "inSize%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+    return(0);
+}
+
+
+static xmlSecTransformKlass xmlSecGCryptKWAes128Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptKWAesSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameKWAes128,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes128,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptKWAesInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptKWAesFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptKWAesSetKeyReq,                 /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptKWAesSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptKWAesExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformKWAes128GetKlass:
+ *
+ * The AES-128 kew wrapper transform klass.
+ *
+ * Returns: AES-128 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformKWAes128GetKlass(void) {
+    return(&xmlSecGCryptKWAes128Klass);
+}
+
+static xmlSecTransformKlass xmlSecGCryptKWAes192Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptKWAesSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameKWAes192,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes192,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptKWAesInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptKWAesFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptKWAesSetKeyReq,                 /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptKWAesSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptKWAesExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+
+/**
+ * xmlSecGCryptTransformKWAes192GetKlass:
+ *
+ * The AES-192 kew wrapper transform klass.
+ *
+ * Returns: AES-192 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformKWAes192GetKlass(void) {
+    return(&xmlSecGCryptKWAes192Klass);
+}
+
+static xmlSecTransformKlass xmlSecGCryptKWAes256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptKWAesSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameKWAes256,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes256,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptKWAesInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptKWAesFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptKWAesSetKeyReq,                 /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptKWAesSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptKWAesExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformKWAes256GetKlass:
+ *
+ * The AES-256 kew wrapper transform klass.
+ *
+ * Returns: AES-256 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformKWAes256GetKlass(void) {
+    return(&xmlSecGCryptKWAes256Klass);
+}
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ *********************************************************************/
+static unsigned char g_zero_iv[XMLSEC_KW_AES_BLOCK_SIZE] =
+    { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+static int
+xmlSecGCryptKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize,
+                               void * context) {
+    xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
+    gcry_cipher_hd_t cipherCtx;
+    gcry_error_t err;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize >= ctx->blockSize, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= ctx->blockSize, -1);
+
+    err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags); 
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_setkey(cipherCtx,
+                             xmlSecBufferGetData(&ctx->keyBuffer),
+                             xmlSecBufferGetSize(&ctx->keyBuffer));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* use zero IV and CBC mode to ensure we get result as-is */
+    err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setiv",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_encrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        gcry_cipher_close(cipherCtx);
+        return(-1);
+    }
+    gcry_cipher_close(cipherCtx);
+
+    return(ctx->blockSize);
+}
+
+static int
+xmlSecGCryptKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize,
+                               void * context) {
+    xmlSecGCryptKWAesCtxPtr ctx = (xmlSecGCryptKWAesCtxPtr)context;
+    gcry_cipher_hd_t cipherCtx;
+    gcry_error_t err;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize >= ctx->blockSize, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= ctx->blockSize, -1);
+
+    err = gcry_cipher_open(&cipherCtx, ctx->cipher, ctx->mode, ctx->flags);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_setkey(cipherCtx,
+                             xmlSecBufferGetData(&ctx->keyBuffer),
+                             xmlSecBufferGetSize(&ctx->keyBuffer));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* use zero IV and CBC mode to ensure we get result as-is */
+    err = gcry_cipher_setiv(cipherCtx, g_zero_iv, sizeof(g_zero_iv));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setiv",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_decrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        gcry_cipher_close(cipherCtx);
+        return(-1);
+    }
+    gcry_cipher_close(cipherCtx);
+
+    return(ctx->blockSize);
+}
+
+#endif /* XMLSEC_NO_AES */
diff --git a/src/gcrypt/kw_des.c b/src/gcrypt/kw_des.c
new file mode 100644
index 00000000..b93eb9f5
--- /dev/null
+++ b/src/gcrypt/kw_des.c
@@ -0,0 +1,607 @@
+/**
+ *
+ * XMLSec library
+ *
+ * DES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_DES
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <gcrypt.h>
+
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+#include "../kw_aes_des.h"
+
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int       xmlSecGCryptKWDes3GenerateRandom               (void * context,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int       xmlSecGCryptKWDes3Sha1                         (void * context,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize, 
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecGCryptKWDes3BlockEncrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecGCryptKWDes3BlockDecrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+
+static xmlSecKWDes3Klass xmlSecGCryptKWDes3ImplKlass = {
+    /* callbacks */
+    xmlSecGCryptKWDes3GenerateRandom,       /* xmlSecKWDes3GenerateRandomMethod     generateRandom; */
+    xmlSecGCryptKWDes3Sha1,                 /* xmlSecKWDes3Sha1Method               sha1; */
+    xmlSecGCryptKWDes3BlockEncrypt,         /* xmlSecKWDes3BlockEncryptMethod       encrypt; */
+    xmlSecGCryptKWDes3BlockDecrypt,         /* xmlSecKWDes3BlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL,                                   /* void*                               reserved1; */
+};
+
+static int      xmlSecGCryptKWDes3Encrypt                       (const xmlSecByte *key, 
+                                                                 xmlSecSize keySize,
+                                                                 const xmlSecByte *iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte *in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte *out, 
+                                                                 xmlSecSize outSize, 
+                                                                 int enc);
+
+
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ * key (xmlSecBuffer) is located after xmlSecTransform structure
+ *
+ ********************************************************************/
+typedef struct _xmlSecGCryptKWDes3Ctx              xmlSecGCryptKWDes3Ctx,
+                                                  *xmlSecGCryptKWDes3CtxPtr;
+struct _xmlSecGCryptKWDes3Ctx {
+    xmlSecBuffer        keyBuffer;
+};
+#define xmlSecGCryptKWDes3Size     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptKWDes3Ctx))
+#define xmlSecGCryptKWDes3GetCtx(transform) \
+    ((xmlSecGCryptKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecGCryptKWDes3Initialize                    (xmlSecTransformPtr transform);
+static void     xmlSecGCryptKWDes3Finalize                      (xmlSecTransformPtr transform);
+static int      xmlSecGCryptKWDes3SetKeyReq                     (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecGCryptKWDes3SetKey                        (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecGCryptKWDes3Execute                       (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static xmlSecTransformKlass xmlSecGCryptKWDes3Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptKWDes3Size,                     /* xmlSecSize objSize */
+
+    xmlSecNameKWDes3,                           /* const xmlChar* name; */
+    xmlSecHrefKWDes3,                           /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecGCryptKWDes3Initialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptKWDes3Finalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptKWDes3SetKeyReq,                /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecGCryptKWDes3SetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptKWDes3Execute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformKWDes3GetKlass:
+ *
+ * The Triple DES key wrapper transform klass.
+ *
+ * Returns: Triple DES key wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformKWDes3GetKlass(void) {
+    return(&xmlSecGCryptKWDes3Klass);
+}
+
+static int
+xmlSecGCryptKWDes3Initialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptKWDes3CtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
+
+    ctx = xmlSecGCryptKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecGCryptKWDes3Finalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptKWDes3CtxPtr ctx;
+
+    xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size));
+
+    ctx = xmlSecGCryptKWDes3GetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
+}
+
+static int
+xmlSecGCryptKWDes3SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecGCryptKWDes3CtxPtr ctx;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecGCryptKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId       = xmlSecGCryptKeyDataDesId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationEncrypt) {
+        keyReq->keyUsage= xmlSecKeyUsageEncrypt;
+    } else {
+        keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+    }
+    keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
+    return(0);
+}
+
+static int
+xmlSecGCryptKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecGCryptKWDes3CtxPtr ctx;
+    xmlSecBufferPtr buffer;
+    xmlSecSize keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecGCryptKeyDataDesId), -1);
+
+    ctx = xmlSecGCryptKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+    xmlSecAssert2(buffer != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(buffer);
+    if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key length %d is not enough (%d expected)",
+                    keySize, XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
+    }
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGCryptKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptKWDes3CtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize, keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecGCryptTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptKWDes3Size), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+    xmlSecAssert2(outSize == 0, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+        /* just do nothing */
+    } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+        if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "%d bytes - not %d bytes aligned",
+                        inSize, XMLSEC_KW_DES3_BLOCK_LENGTH);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 16 bytes longer plus one block just in case */
+            outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH;
+        } else {
+            /* just in case, add a block */
+            outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWDes3Encode(&xmlSecGCryptKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Encode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWDes3Decode(&xmlSecGCryptKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Decode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+    return(0);
+}
+
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int
+xmlSecGCryptKWDes3Sha1(void * context,
+                       const xmlSecByte * in, xmlSecSize inSize,
+                       xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+    gcry_md_hd_t digestCtx;
+    unsigned char * res;
+    unsigned int len;
+    gcry_error_t err;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    len = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
+    xmlSecAssert2(outSize >= len, -1);
+
+    err = gcry_md_open(&digestCtx, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_md_open(GCRY_MD_SHA1)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    gcry_md_write(digestCtx, in, inSize);
+
+    err = gcry_md_final(digestCtx);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_md_final",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        gcry_md_close(digestCtx);
+        return(-1);
+    }
+
+    res = gcry_md_read(digestCtx, GCRY_MD_SHA1);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_md_read(GCRY_MD_SHA1)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gcry_md_close(digestCtx);
+        return(-1);
+    }
+
+    /* done */
+    xmlSecAssert2(outSize >= len, -1);
+    memcpy(out, res, len);
+    gcry_md_close(digestCtx);
+    return(len);
+}
+
+static int
+xmlSecGCryptKWDes3GenerateRandom(void * context,
+                                 xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    gcry_randomize(out, outSize, GCRY_STRONG_RANDOM);
+    return((int)outSize);
+}
+
+static int
+xmlSecGCryptKWDes3BlockEncrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    ret = xmlSecGCryptKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)),
+                                    XMLSEC_KW_DES3_KEY_LENGTH,
+                                    iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                    in, inSize,
+                                    out, outSize,
+                                    1); /* encrypt */
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(ret);
+}
+
+static int
+xmlSecGCryptKWDes3BlockDecrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecGCryptKWDes3CtxPtr ctx = (xmlSecGCryptKWDes3CtxPtr)context;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    ret = xmlSecGCryptKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)),
+                                    XMLSEC_KW_DES3_KEY_LENGTH,
+                                    iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                    in, inSize,
+                                    out, outSize,
+                                    0); /* decrypt */
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(ret);
+}
+
+static int
+xmlSecGCryptKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
+                           const xmlSecByte *iv, xmlSecSize ivSize,
+                           const xmlSecByte *in, xmlSecSize inSize,
+                           xmlSecByte *out, xmlSecSize outSize,
+                           int enc) {
+    size_t key_len = gcry_cipher_get_algo_keylen(GCRY_CIPHER_3DES);
+    size_t block_len = gcry_cipher_get_algo_blklen(GCRY_CIPHER_3DES);
+    gcry_cipher_hd_t cipherCtx;
+    gcry_error_t err;
+
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(keySize >= key_len, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= block_len, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    err = gcry_cipher_open(&cipherCtx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_open(GCRY_CIPHER_3DES)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_setkey(cipherCtx, key, keySize);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    err = gcry_cipher_setiv(cipherCtx, iv, ivSize);
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_cipher_setiv",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    if(enc) {
+        err = gcry_cipher_encrypt(cipherCtx, out, outSize, in, inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_cipher_encrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            gcry_cipher_close(cipherCtx);
+            return(-1);
+        }
+    } else {
+        err = gcry_cipher_decrypt(cipherCtx, out, outSize, in, inSize);
+        if(err != GPG_ERR_NO_ERROR) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_cipher_decrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GCRYPT_REPORT_ERROR(err));
+            gcry_cipher_close(cipherCtx);
+            return(-1);
+        }
+    }
+
+    /* done */
+    gcry_cipher_close(cipherCtx);
+    return((int)inSize); /* out size == in size */
+}
+
+
+#endif /* XMLSEC_NO_DES */
+
diff --git a/src/gcrypt/signatures.c b/src/gcrypt/signatures.c
new file mode 100644
index 00000000..c49638e4
--- /dev/null
+++ b/src/gcrypt/signatures.c
@@ -0,0 +1,1490 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gcrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+
+/**************************************************************************
+ *
+ * Forward declarations for actual sign/verify implementations
+ *
+ *****************************************************************************/
+typedef int     (*xmlSecGCryptPkSignMethod)     (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 xmlSecBufferPtr out);
+typedef int     (*xmlSecGCryptPkVerifyMethod)   (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 const xmlSecByte* data,
+                                                 xmlSecSize dataSize);
+
+#ifndef XMLSEC_NO_DSA
+static int      xmlSecGCryptDsaPkSign           (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 xmlSecBufferPtr out);
+static int      xmlSecGCryptDsaPkVerify         (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 const xmlSecByte* data,
+                                                 xmlSecSize dataSize);
+#endif  /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+static int      xmlSecGCryptRsaPkcs1PkSign      (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 xmlSecBufferPtr out);
+static int      xmlSecGCryptRsaPkcs1PkVerify    (int digest,
+                                                 xmlSecKeyDataPtr key_data,
+                                                 const xmlSecByte* dgst,
+                                                 xmlSecSize dgstSize,
+                                                 const xmlSecByte* data,
+                                                 xmlSecSize dataSize);
+#endif  /* XMLSEC_NO_RSA */
+
+
+/**************************************************************************
+ *
+ * Internal GCrypt signatures ctx
+ *
+ *****************************************************************************/
+typedef struct _xmlSecGCryptPkSignatureCtx      xmlSecGCryptPkSignatureCtx,
+                                                *xmlSecGCryptPkSignatureCtxPtr;
+
+
+struct _xmlSecGCryptPkSignatureCtx {
+    int                         digest;
+    xmlSecKeyDataId             keyId;
+    xmlSecGCryptPkSignMethod    sign;
+    xmlSecGCryptPkVerifyMethod  verify;
+
+    gcry_md_hd_t                digestCtx;
+    xmlSecKeyDataPtr            key_data;
+
+    xmlSecByte                  dgst[XMLSEC_GCRYPT_MAX_DIGEST_SIZE];
+    xmlSecSize                  dgstSize;       /* dgst size in bytes */
+};
+
+
+/******************************************************************************
+ *
+ * Pk Signature transforms
+ *
+ * xmlSecGCryptPkSignatureCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecGCryptPkSignatureSize   \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecGCryptPkSignatureCtx))
+#define xmlSecGCryptPkSignatureGetCtx(transform) \
+    ((xmlSecGCryptPkSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecGCryptPkSignatureCheckId                  (xmlSecTransformPtr transform);
+static int      xmlSecGCryptPkSignatureInitialize               (xmlSecTransformPtr transform);
+static void     xmlSecGCryptPkSignatureFinalize                 (xmlSecTransformPtr transform);
+static int      xmlSecGCryptPkSignatureSetKeyReq                (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecGCryptPkSignatureSetKey                   (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecGCryptPkSignatureVerify                   (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecGCryptPkSignatureExecute                  (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+static int
+xmlSecGCryptPkSignatureCheckId(xmlSecTransformPtr transform) {
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformDsaSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaMd5Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaRipemd160Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha384Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+    {
+        return(0);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGCryptPkSignatureInitialize(xmlSecTransformPtr transform) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+    gcry_error_t err;
+
+    xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGCryptPkSignatureCtx));
+
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformDsaSha1Id)) {
+        ctx->digest     = GCRY_MD_SHA1;
+        ctx->keyId      = xmlSecGCryptKeyDataDsaId;
+        ctx->sign       = xmlSecGCryptDsaPkSign;
+        ctx->verify     = xmlSecGCryptDsaPkVerify;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaMd5Id)) {
+        ctx->digest     = GCRY_MD_MD5;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaRipemd160Id)) {
+        ctx->digest     = GCRY_MD_RMD160;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha1Id)) {
+        ctx->digest     = GCRY_MD_SHA1;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha256Id)) {
+        ctx->digest     = GCRY_MD_SHA256;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha384Id)) {
+        ctx->digest     = GCRY_MD_SHA384;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecGCryptTransformRsaSha512Id)) {
+        ctx->digest     = GCRY_MD_SHA512;
+        ctx->keyId      = xmlSecGCryptKeyDataRsaId;
+        ctx->sign       = xmlSecGCryptRsaPkcs1PkSign;
+        ctx->verify     = xmlSecGCryptRsaPkcs1PkVerify;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+    if(1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* create digest ctx */
+    err = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "gcry_md_open",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* done */
+    return(0);
+}
+
+static void
+xmlSecGCryptPkSignatureFinalize(xmlSecTransformPtr transform) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+
+    xmlSecAssert(xmlSecGCryptPkSignatureCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize));
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->key_data != NULL) {
+        xmlSecKeyDataDestroy(ctx->key_data);
+    }
+    if(ctx->digestCtx != NULL) {
+        gcry_md_close(ctx->digestCtx);
+    }
+
+    memset(ctx, 0, sizeof(xmlSecGCryptPkSignatureCtx));
+}
+
+static int
+xmlSecGCryptPkSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+    xmlSecKeyDataPtr key_data;
+
+    xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->keyId != NULL, -1);
+    xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
+
+    key_data = xmlSecKeyGetValue(key);
+    xmlSecAssert2(key_data != NULL, -1);
+
+    if(ctx->key_data != NULL) {
+        xmlSecKeyDataDestroy(ctx->key_data);
+    }
+
+    ctx->key_data = xmlSecKeyDataDuplicate(key_data);
+    if(ctx->key_data == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecKeyDataDuplicate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGCryptPkSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->keyId != NULL, -1);
+
+    keyReq->keyId        = ctx->keyId;
+    if(transform->operation == xmlSecTransformOperationSign) {
+        keyReq->keyType  = xmlSecKeyDataTypePrivate;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
+    } else {
+        keyReq->keyType  = xmlSecKeyDataTypePublic;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
+    }
+    return(0);
+}
+
+
+static int
+xmlSecGCryptPkSignatureVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
+    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
+    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->sign != NULL, -1);
+    xmlSecAssert2(ctx->verify != NULL, -1);
+    xmlSecAssert2(ctx->dgstSize > 0, -1);
+    xmlSecAssert2(ctx->key_data != NULL, -1);
+
+    ret = ctx->verify(ctx->digest, ctx->key_data, ctx->dgst, ctx->dgstSize, data, dataSize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "ctx->verify",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* check result */
+    if(ret == 1) {
+        transform->status = xmlSecTransformStatusOk;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "ctx->verify",
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "signature do not match");
+        transform->status = xmlSecTransformStatusFail;
+    }
+
+    /* done */
+    return(0);
+}
+
+static int
+xmlSecGCryptPkSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecGCryptPkSignatureCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize;
+    xmlSecSize outSize;
+    int ret;
+
+    xmlSecAssert2(xmlSecGCryptPkSignatureCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGCryptPkSignatureSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->sign != NULL, -1);
+    xmlSecAssert2(ctx->verify != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+
+    ctx = xmlSecGCryptPkSignatureGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->key_data != NULL, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        /* do nothing, already initialized */
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        xmlSecAssert2(outSize == 0, -1);
+
+        /* update the digest */
+        if(inSize > 0) {
+            gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+
+        /* generate digest and signature */
+        if(last != 0) {
+            xmlSecByte* buf;
+
+            /* get the final digest */
+            gcry_md_final(ctx->digestCtx);
+            buf = gcry_md_read(ctx->digestCtx, ctx->digest);
+            if(buf == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "gcry_md_read",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* copy it to our internal buffer */
+            ctx->dgstSize = gcry_md_get_algo_dlen(ctx->digest);
+            xmlSecAssert2(ctx->dgstSize > 0, -1);
+            xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
+            memcpy(ctx->dgst, buf, ctx->dgstSize);
+
+            xmlSecAssert2(outSize == 0, -1);
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = ctx->sign(ctx->digest, ctx->key_data, ctx->dgst, ctx->dgstSize, out);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "ctx->sign",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+                }
+            }
+
+            /* done */
+            transform->status = xmlSecTransformStatusFinished;
+        }
+    }
+
+    if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+
+    return(0);
+}
+
+/*****************************************************************************
+ *
+ * Helper
+ *
+ ****************************************************************************/
+static int
+xmlSecGCryptAppendMpi(gcry_mpi_t a, xmlSecBufferPtr out, xmlSecSize min_size) {
+    xmlSecSize outSize;
+    size_t written;
+    gpg_error_t err;
+    int ret;
+
+    xmlSecAssert2(a != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+
+    /* current size */
+    outSize = xmlSecBufferGetSize(out);
+
+    /* figure out how much space we need */
+    written = 0;
+    err = gcry_mpi_print(GCRYMPI_FMT_USG, NULL, 0, &written, a);
+    if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_print",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* add zeros at the beggining (if needed) */
+    if((min_size > 0) && (written < min_size)) {
+        outSize += (min_size - written);
+    }
+
+    /* allocate space */
+    ret = xmlSecBufferSetMaxSize(out, outSize + written + 1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", (int)(outSize + written + 1));
+        return(-1);
+    }
+    xmlSecAssert2(xmlSecBufferGetMaxSize(out) > outSize, -1);
+
+    /* add zeros at the beggining (if needed) */
+    if((min_size > 0) && (written < min_size)) {
+        xmlSecSize ii;
+        xmlSecByte * p = xmlSecBufferGetData(out);
+
+        for(ii = 0; ii < (min_size - written); ++ii) {
+            p[outSize - ii - 1] = 0;
+        }
+    }
+
+    /* write out */
+    written = 0;
+    err = gcry_mpi_print(GCRYMPI_FMT_USG,
+            xmlSecBufferGetData(out) + outSize,
+            xmlSecBufferGetMaxSize(out) - outSize,
+            &written, a);
+    if((err != GPG_ERR_NO_ERROR) || (written == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_print",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* reset size */
+    ret = xmlSecBufferSetSize(out, outSize + written);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d",
+                    (int)(outSize + written));
+        return(-1);
+    }
+
+    /* done */
+    return(0);
+}
+
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+/****************************************************************************
+ *
+ * DSA-SHA1 signature transform
+ *
+ * http://www.w3.org/TR/xmldsig-core/#sec-SignatureAlg:
+ *
+ * The output of the DSA algorithm consists of a pair of integers
+ * usually referred by the pair (r, s). The signature value consists of
+ * the base64 encoding of the concatenation of two octet-streams that
+ * respectively result from the octet-encoding of the values r and s in
+ * that order. Integer to octet-stream conversion must be done according
+ * to the I2OSP operation defined in the RFC 2437 [PKCS1] specification
+ * with a l parameter equal to 20. For example, the SignatureValue element
+ * for a DSA signature (r, s) with values specified in hexadecimal:
+ *
+ *  r = 8BAC1AB6 6410435C B7181F95 B16AB97C 92B341C0
+ *  s = 41E2345F 1F56DF24 58F426D1 55B4BA2D B6DCD8C8
+ *
+ * from the example in Appendix 5 of the DSS standard would be
+ *
+ * <SignatureValue>i6watmQQQ1y3GB+VsWq5fJKzQcBB4jRfH1bfJFj0JtFVtLotttzYyA==</SignatureValue>
+ *
+ ***************************************************************************/
+static int
+xmlSecGCryptDsaPkSign(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
+                      const xmlSecByte* dgst, xmlSecSize dgstSize,
+                      xmlSecBufferPtr out) {
+    gcry_mpi_t m_hash = NULL;
+    gcry_sexp_t s_data = NULL;
+    gcry_sexp_t s_sig = NULL;
+    gcry_sexp_t s_r = NULL;
+    gcry_sexp_t s_s = NULL;
+    gcry_mpi_t m_r = NULL;
+    gcry_mpi_t m_s = NULL;
+    gcry_sexp_t s_tmp;
+    gpg_error_t err;
+    int ret;
+    int res = -1;
+
+    xmlSecAssert2(key_data != NULL, -1);
+    xmlSecAssert2(xmlSecGCryptKeyDataDsaGetPrivateKey(key_data) != NULL, -1);
+    xmlSecAssert2(dgst != NULL, -1);
+    xmlSecAssert2(dgstSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+
+    /* get the current digest, can't use "hash" :( */
+    err = gcry_mpi_scan(&m_hash, GCRYMPI_FMT_USG, dgst, dgstSize, NULL);
+    if((err != GPG_ERR_NO_ERROR) || (m_hash == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan(hash)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    err = gcry_sexp_build (&s_data, NULL,
+                           "(data (flags raw)(value %m))",
+                           m_hash);
+    if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(data)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* create signature */
+    err = gcry_pk_sign(&s_sig, s_data, xmlSecGCryptKeyDataDsaGetPrivateKey(key_data));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_pk_sign",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* find signature value */
+    s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0);
+    if(s_tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(sig-val)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    gcry_sexp_release(s_sig);
+    s_sig = s_tmp;
+
+    s_tmp = gcry_sexp_find_token(s_sig, "dsa", 0);
+    if(s_tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(rsa)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    gcry_sexp_release(s_sig);
+    s_sig = s_tmp;
+
+    /* r */
+    s_r = gcry_sexp_find_token(s_sig, "r", 0);
+    if(s_r == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(r)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    m_r = gcry_sexp_nth_mpi(s_r, 1, GCRYMPI_FMT_USG);
+    if(m_r == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_nth_mpi(r)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* s */
+    s_s = gcry_sexp_find_token(s_sig, "s", 0);
+    if(s_s == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(s)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    m_s = gcry_sexp_nth_mpi(s_s, 1, GCRYMPI_FMT_USG);
+    if(m_s == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_nth_mpi(s)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* write out: r + s */
+    ret = xmlSecGCryptAppendMpi(m_r, out, 20);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppendMpi",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    xmlSecAssert2(xmlSecBufferGetSize(out) == 20, -1);
+    ret = xmlSecGCryptAppendMpi(m_s, out, 20);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppendMpi",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    xmlSecAssert2(xmlSecBufferGetSize(out) == (20 + 20), -1);
+
+    /* done */
+    res = 0;
+
+done:
+    if(m_hash != NULL) {
+        gcry_mpi_release(m_hash);
+    }
+    if(m_r != NULL) {
+        gcry_mpi_release(m_r);
+    }
+    if(m_s != NULL) {
+        gcry_mpi_release(m_s);
+    }
+
+    if(s_data != NULL) {
+        gcry_sexp_release(s_data);
+    }
+    if(s_sig != NULL) {
+        gcry_sexp_release(s_sig);
+    }
+    if(s_r != NULL) {
+        gcry_sexp_release(s_r);
+    }
+    if(s_s != NULL) {
+        gcry_sexp_release(s_s);
+    }
+
+    return(res);
+}
+
+static int
+xmlSecGCryptDsaPkVerify(int digest ATTRIBUTE_UNUSED, xmlSecKeyDataPtr key_data,
+                        const xmlSecByte* dgst, xmlSecSize dgstSize,
+                        const xmlSecByte* data, xmlSecSize dataSize) {
+    gcry_mpi_t m_hash = NULL;
+    gcry_sexp_t s_data = NULL;
+    gcry_mpi_t m_sig_r = NULL;
+    gcry_mpi_t m_sig_s = NULL;
+    gcry_sexp_t s_sig = NULL;
+    gpg_error_t err;
+    int res = -1;
+
+    xmlSecAssert2(key_data != NULL, -1);
+    xmlSecAssert2(xmlSecGCryptKeyDataDsaGetPublicKey(key_data) != NULL, -1);
+    xmlSecAssert2(dgst != NULL, -1);
+    xmlSecAssert2(dgstSize > 0, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize == (20 + 20), -1);
+
+    /* get the current digest, can't use "hash" :( */
+    err = gcry_mpi_scan(&m_hash, GCRYMPI_FMT_USG, dgst, dgstSize, NULL);
+    if((err != GPG_ERR_NO_ERROR) || (m_hash == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan(hash)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    err = gcry_sexp_build (&s_data, NULL,
+                           "(data (flags raw)(value %m))",
+                           m_hash);
+    if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(data)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* get the existing signature */
+    err = gcry_mpi_scan(&m_sig_r, GCRYMPI_FMT_USG, data, 20, NULL);
+    if((err != GPG_ERR_NO_ERROR) || (m_sig_r == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan(r)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+    err = gcry_mpi_scan(&m_sig_s, GCRYMPI_FMT_USG, data + 20, 20, NULL);
+    if((err != GPG_ERR_NO_ERROR) || (m_sig_s == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan(s)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    err = gcry_sexp_build (&s_sig, NULL,
+                           "(sig-val(dsa(r %m)(s %m)))",
+                           m_sig_r, m_sig_s);
+    if((err != GPG_ERR_NO_ERROR) || (s_sig == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(sig-val)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* verify signature */
+    err = gcry_pk_verify(s_sig, s_data, xmlSecGCryptKeyDataDsaGetPublicKey(key_data));
+    if(err == GPG_ERR_NO_ERROR) {
+        res = 1; /* good signature */
+    } else if(err == GPG_ERR_BAD_SIGNATURE) {
+        res = 0; /* bad signature */
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_pk_verify",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* done */
+done:
+    if(m_hash != NULL) {
+        gcry_mpi_release(m_hash);
+    }
+    if(m_sig_r != NULL) {
+        gcry_mpi_release(m_sig_r);
+    }
+    if(m_sig_s != NULL) {
+        gcry_mpi_release(m_sig_s);
+    }
+
+    if(s_data != NULL) {
+        gcry_sexp_release(s_data);
+    }
+    if(s_sig != NULL) {
+        gcry_sexp_release(s_sig);
+    }
+
+    return(res);
+}
+
+
+static xmlSecTransformKlass xmlSecGCryptDsaSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameDsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefDsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformDsaSha1GetKlass:
+ *
+ * The DSA-SHA1 signature transform klass.
+ *
+ * Returns: DSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformDsaSha1GetKlass(void) {
+    return(&xmlSecGCryptDsaSha1Klass);
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+
+/****************************************************************************
+ *
+ * RSA-SHA1 signature transform
+ *
+ * http://www.w3.org/TR/xmldsig-core/#sec-SignatureAlg:
+ *
+ * The SignatureValue content for an RSA signature is the base64 [MIME]
+ * encoding of the octet string computed as per RFC 2437  [PKCS1,
+ * section 8.1.1: Signature generation for the RSASSA-PKCS1-v1_5 signature
+ * scheme]. As specified in the EMSA-PKCS1-V1_5-ENCODE function RFC 2437
+ * [PKCS1, section 9.2.1], the value input to the signature function MUST
+ * contain a pre-pended algorithm object identifier for the hash function,
+ * but the availability of an ASN.1 parser and recognition of OIDs is not
+ * required of a signature verifier. The PKCS#1 v1.5 representation appears
+ * as:
+ *
+ *      CRYPT (PAD (ASN.1 (OID, DIGEST (data))))
+ *
+ * Note that the padded ASN.1 will be of the following form:
+ *
+ *      01 | FF* | 00 | prefix | hash
+ *
+ * where "|" is concatenation, "01", "FF", and "00" are fixed octets of
+ * the corresponding hexadecimal value, "hash" is the SHA1 digest of the
+ * data, and "prefix" is the ASN.1 BER SHA1 algorithm designator prefix
+ * required in PKCS1 [RFC 2437], that is,
+ *
+ *      hex 30 21 30 09 06 05 2B 0E 03 02 1A 05 00 04 14
+ *
+ * This prefix is included to make it easier to use standard cryptographic
+ * libraries. The FF octet MUST be repeated the maximum number of times such
+ * that the value of the quantity being CRYPTed is one octet shorter than 
+ * the RSA modulus.
+ *
+ ***************************************************************************/
+static int
+xmlSecGCryptRsaPkcs1PkSign(int digest, xmlSecKeyDataPtr key_data,
+                           const xmlSecByte* dgst, xmlSecSize dgstSize,
+                           xmlSecBufferPtr out) {
+    gcry_sexp_t s_data = NULL;
+    gcry_mpi_t m_sig = NULL;
+    gcry_sexp_t s_sig = NULL;
+    gcry_sexp_t s_tmp;
+    gpg_error_t err;
+    int ret;
+    int res = -1;
+
+    xmlSecAssert2(key_data != NULL, -1);
+    xmlSecAssert2(xmlSecGCryptKeyDataRsaGetPrivateKey(key_data) != NULL, -1);
+    xmlSecAssert2(dgst != NULL, -1);
+    xmlSecAssert2(dgstSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+
+    /* get the current digest */
+    err = gcry_sexp_build (&s_data, NULL,
+                           "(data (flags pkcs1)(hash %s %b))",
+                           gcry_md_algo_name(digest),
+                           (int)dgstSize, dgst);
+    if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(data)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* create signature */
+    err = gcry_pk_sign(&s_sig, s_data, xmlSecGCryptKeyDataRsaGetPrivateKey(key_data));
+    if(err != GPG_ERR_NO_ERROR) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_pk_sign",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* find signature value */
+    s_tmp = gcry_sexp_find_token(s_sig, "sig-val", 0);
+    if(s_tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(sig-val)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    gcry_sexp_release(s_sig);
+    s_sig = s_tmp;
+
+    s_tmp = gcry_sexp_find_token(s_sig, "rsa", 0);
+    if(s_tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(rsa)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    gcry_sexp_release(s_sig);
+    s_sig = s_tmp;
+
+    s_tmp = gcry_sexp_find_token(s_sig, "s", 0);
+    if(s_tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_find_token(s)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    gcry_sexp_release(s_sig);
+    s_sig = s_tmp;
+
+    m_sig = gcry_sexp_nth_mpi(s_sig, 1, GCRYMPI_FMT_USG);
+    if(m_sig == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_nth_mpi(1)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* write out */
+    ret = xmlSecGCryptAppendMpi(m_sig, out, 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptAppendMpi",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* done */
+    res = 0;
+
+done:
+    if(m_sig != NULL) {
+        gcry_mpi_release(m_sig);
+    }
+
+    if(s_data != NULL) {
+        gcry_sexp_release(s_data);
+    }
+    if(s_sig != NULL) {
+        gcry_sexp_release(s_sig);
+    }
+
+    return(res);
+}
+
+static int
+xmlSecGCryptRsaPkcs1PkVerify(int digest, xmlSecKeyDataPtr key_data,
+                             const xmlSecByte* dgst, xmlSecSize dgstSize,
+                             const xmlSecByte* data, xmlSecSize dataSize) {
+    gcry_sexp_t s_data = NULL;
+    gcry_mpi_t m_sig = NULL;
+    gcry_sexp_t s_sig = NULL;
+    gpg_error_t err;
+    int res = -1;
+
+    xmlSecAssert2(key_data != NULL, -1);
+    xmlSecAssert2(xmlSecGCryptKeyDataRsaGetPublicKey(key_data) != NULL, -1);
+    xmlSecAssert2(dgst != NULL, -1);
+    xmlSecAssert2(dgstSize > 0, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
+
+    /* get the current digest */
+    err = gcry_sexp_build (&s_data, NULL,
+                           "(data (flags pkcs1)(hash %s %b))",
+                           gcry_md_algo_name(digest),
+                           (int)dgstSize, dgst);
+    if((err != GPG_ERR_NO_ERROR) || (s_data == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(data)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* get the existing signature */
+    err = gcry_mpi_scan(&m_sig, GCRYMPI_FMT_USG, data, dataSize, NULL);
+    if((err != GPG_ERR_NO_ERROR) || (m_sig == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_mpi_scan",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    err = gcry_sexp_build (&s_sig, NULL,
+                           "(sig-val(rsa(s %m)))",
+                           m_sig);
+    if((err != GPG_ERR_NO_ERROR) || (s_sig == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(sig-val)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* verify signature */
+    err = gcry_pk_verify(s_sig, s_data, xmlSecGCryptKeyDataRsaGetPublicKey(key_data));
+    if(err == GPG_ERR_NO_ERROR) {
+        res = 1; /* good signature */
+    } else if(err == GPG_ERR_BAD_SIGNATURE) {
+        res = 0; /* bad signature */
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_pk_verify",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GCRYPT_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* done */
+done:
+    if(m_sig != NULL) {
+        gcry_mpi_release(m_sig);
+    }
+
+    if(s_data != NULL) {
+        gcry_sexp_release(s_data);
+    }
+    if(s_sig != NULL) {
+        gcry_sexp_release(s_sig);
+    }
+
+    return(res);
+}
+
+
+#ifndef XMLSEC_NO_MD5
+/****************************************************************************
+ *
+ * RSA-MD5 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaMd5,                           /* const xmlChar* name; */
+    xmlSecHrefRsaMd5,                           /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaMd5GetKlass(void) {
+    return(&xmlSecGCryptRsaMd5Klass);
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+/****************************************************************************
+ *
+ * RSA-RIPEMD160 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaRipemd160Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaRipemd160,                     /* const xmlChar* name; */
+    xmlSecHrefRsaRipemd160,                     /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaRipemd160GetKlass:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ *
+ * Returns: RSA-RIPEMD160 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaRipemd160GetKlass(void) {
+    return(&xmlSecGCryptRsaRipemd160Klass);
+}
+
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/****************************************************************************
+ *
+ * RSA-SHA1 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefRsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaSha1GetKlass:
+ *
+ * The RSA-SHA1 signature transform klass.
+ *
+ * Returns: RSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaSha1GetKlass(void) {
+    return(&xmlSecGCryptRsaSha1Klass);
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * RSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha256,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha256,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaSha256GetKlass(void) {
+    return(&xmlSecGCryptRsaSha256Klass);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * RSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha384,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha384,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaSha384GetKlass(void) {
+    return(&xmlSecGCryptRsaSha384Klass);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * RSA-SHA512 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecGCryptRsaSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecGCryptPkSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha512,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha512,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecGCryptPkSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecGCryptPkSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecGCryptPkSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecGCryptPkSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecGCryptPkSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecGCryptPkSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGCryptTransformRsaSha512GetKlass(void) {
+    return(&xmlSecGCryptRsaSha512Klass);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+
+
diff --git a/src/gcrypt/symkeys.c b/src/gcrypt/symkeys.c
new file mode 100644
index 00000000..88272fe3
--- /dev/null
+++ b/src/gcrypt/symkeys.c
@@ -0,0 +1,441 @@
+/**
+ *
+ * XMLSec library
+ *
+ * DES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gcrypt/crypto.h>
+
+
+/*****************************************************************************
+ *
+ * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
+ *
+ ****************************************************************************/
+static int      xmlSecGCryptSymKeyDataInitialize        (xmlSecKeyDataPtr data);
+static int      xmlSecGCryptSymKeyDataDuplicate         (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void     xmlSecGCryptSymKeyDataFinalize          (xmlSecKeyDataPtr data);
+static int      xmlSecGCryptSymKeyDataXmlRead           (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecGCryptSymKeyDataXmlWrite          (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecGCryptSymKeyDataBinRead           (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         const xmlSecByte* buf,
+                                                         xmlSecSize bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecGCryptSymKeyDataBinWrite          (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlSecByte** buf,
+                                                         xmlSecSize* bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecGCryptSymKeyDataGenerate          (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecGCryptSymKeyDataGetType  (xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecGCryptSymKeyDataGetSize  (xmlSecKeyDataPtr data);
+static void     xmlSecGCryptSymKeyDataDebugDump         (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void     xmlSecGCryptSymKeyDataDebugXmlDump      (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static int      xmlSecGCryptSymKeyDataKlassCheck        (xmlSecKeyDataKlass* klass);
+
+#define xmlSecGCryptSymKeyDataCheckId(data) \
+    (xmlSecKeyDataIsValid((data)) && \
+     xmlSecGCryptSymKeyDataKlassCheck((data)->id))
+
+static int
+xmlSecGCryptSymKeyDataInitialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(data), -1);
+
+    return(xmlSecKeyDataBinaryValueInitialize(data));
+}
+
+static int
+xmlSecGCryptSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(dst), -1);
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(src), -1);
+    xmlSecAssert2(dst->id == src->id, -1);
+
+    return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
+}
+
+static void
+xmlSecGCryptSymKeyDataFinalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecGCryptSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueFinalize(data);
+}
+
+static int
+xmlSecGCryptSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                               xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
+}
+
+static int
+xmlSecGCryptSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
+}
+
+static int
+xmlSecGCryptSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
+}
+
+static int
+xmlSecGCryptSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    xmlSecByte** buf, xmlSecSize* bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
+}
+
+static int
+xmlSecGCryptSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(data), -1);
+    xmlSecAssert2(sizeBits > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    return(xmlSecGCryptGenerateRandom(buffer, (sizeBits + 7) / 8));
+}
+
+static xmlSecKeyDataType
+xmlSecGCryptSymKeyDataGetType(xmlSecKeyDataPtr data) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
+
+    return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
+}
+
+static xmlSecSize
+xmlSecGCryptSymKeyDataGetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecGCryptSymKeyDataCheckId(data), 0);
+
+    return(xmlSecKeyDataBinaryValueGetSize(data));
+}
+
+static void
+xmlSecGCryptSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecGCryptSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueDebugDump(data, output);
+}
+
+static void
+xmlSecGCryptSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecGCryptSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
+}
+
+static int
+xmlSecGCryptSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
+#ifndef XMLSEC_NO_DES
+    if(klass == xmlSecGCryptKeyDataDesId) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+    if(klass == xmlSecGCryptKeyDataAesId) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_AES */
+
+#ifndef XMLSEC_NO_HMAC
+    if(klass == xmlSecGCryptKeyDataHmacId) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_HMAC */
+
+    return(0);
+}
+
+#ifndef XMLSEC_NO_AES
+/**************************************************************************
+ *
+ * <xmlsec:AESKeyValue> processing
+ *
+ *************************************************************************/
+static xmlSecKeyDataKlass xmlSecGCryptKeyDataAesKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecKeyDataBinarySize,
+
+    /* data */
+    xmlSecNameAESKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefAESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeAESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGCryptSymKeyDataInitialize,           /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGCryptSymKeyDataDuplicate,            /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGCryptSymKeyDataFinalize,             /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecGCryptSymKeyDataGenerate,             /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGCryptSymKeyDataGetType,              /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecGCryptSymKeyDataGetSize,              /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGCryptSymKeyDataXmlRead,              /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGCryptSymKeyDataXmlWrite,             /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecGCryptSymKeyDataBinRead,              /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecGCryptSymKeyDataBinWrite,             /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGCryptSymKeyDataDebugDump,            /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGCryptSymKeyDataDebugXmlDump,         /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptKeyDataAesGetKlass:
+ *
+ * The AES key data klass.
+ *
+ * Returns: AES key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGCryptKeyDataAesGetKlass(void) {
+    return(&xmlSecGCryptKeyDataAesKlass);
+}
+
+/**
+ * xmlSecGCryptKeyDataAesSet:
+ * @data:               the pointer to AES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
+ *
+ * Sets the value of AES key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGCryptKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataAesId), -1);
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(bufSize > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    return(xmlSecBufferSetData(buffer, buf, bufSize));
+}
+#endif /* XMLSEC_NO_AES */
+
+#ifndef XMLSEC_NO_DES
+/**************************************************************************
+ *
+ * <xmlsec:DESKeyValue> processing
+ *
+ *************************************************************************/
+static xmlSecKeyDataKlass xmlSecGCryptKeyDataDesKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecKeyDataBinarySize,
+
+    /* data */
+    xmlSecNameDESKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGCryptSymKeyDataInitialize,           /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGCryptSymKeyDataDuplicate,            /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGCryptSymKeyDataFinalize,             /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecGCryptSymKeyDataGenerate,             /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGCryptSymKeyDataGetType,              /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecGCryptSymKeyDataGetSize,              /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGCryptSymKeyDataXmlRead,              /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGCryptSymKeyDataXmlWrite,             /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecGCryptSymKeyDataBinRead,              /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecGCryptSymKeyDataBinWrite,             /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGCryptSymKeyDataDebugDump,            /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGCryptSymKeyDataDebugXmlDump,         /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptKeyDataDesGetKlass:
+ *
+ * The DES key data klass.
+ *
+ * Returns: DES key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGCryptKeyDataDesGetKlass(void) {
+    return(&xmlSecGCryptKeyDataDesKlass);
+}
+
+/**
+ * xmlSecGCryptKeyDataDesSet:
+ * @data:               the pointer to DES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
+ *
+ * Sets the value of DES key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGCryptKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataDesId), -1);
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(bufSize > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    return(xmlSecBufferSetData(buffer, buf, bufSize));
+}
+
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_HMAC
+/**************************************************************************
+ *
+ * <xmlsec:HMACKeyValue> processing
+ *
+ *************************************************************************/
+static xmlSecKeyDataKlass xmlSecGCryptKeyDataHmacKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecKeyDataBinarySize,
+
+    /* data */
+    xmlSecNameHMACKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefHMACKeyValue,                     /* const xmlChar* href; */
+    xmlSecNodeHMACKeyValue,                     /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGCryptSymKeyDataInitialize,           /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGCryptSymKeyDataDuplicate,            /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGCryptSymKeyDataFinalize,             /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecGCryptSymKeyDataGenerate,             /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGCryptSymKeyDataGetType,              /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecGCryptSymKeyDataGetSize,              /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGCryptSymKeyDataXmlRead,              /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGCryptSymKeyDataXmlWrite,             /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecGCryptSymKeyDataBinRead,              /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecGCryptSymKeyDataBinWrite,             /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGCryptSymKeyDataDebugDump,            /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGCryptSymKeyDataDebugXmlDump,         /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGCryptKeyDataHmacGetKlass:
+ *
+ * The HMAC key data klass.
+ *
+ * Returns: HMAC key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGCryptKeyDataHmacGetKlass(void) {
+    return(&xmlSecGCryptKeyDataHmacKlass);
+}
+
+/**
+ * xmlSecGCryptKeyDataHmacSet:
+ * @data:               the pointer to HMAC key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
+ *
+ * Sets the value of HMAC key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGCryptKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGCryptKeyDataHmacId), -1);
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(bufSize > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    return(xmlSecBufferSetData(buffer, buf, bufSize));
+}
+
+#endif /* XMLSEC_NO_HMAC */
+
diff --git a/src/globals.h b/src/globals.h
index 35a238cc..31a57d6b 100644
--- a/src/globals.h
+++ b/src/globals.h
@@ -5,7 +5,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 
@@ -13,7 +13,7 @@
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
diff --git a/src/gnutls/Makefile.am b/src/gnutls/Makefile.am
index 7d639a34..84ce637a 100644
--- a/src/gnutls/Makefile.am
+++ b/src/gnutls/Makefile.am
@@ -24,7 +24,15 @@ libxmlsec1_gnutls_la_SOURCES =\
 	crypto.c \
 	digests.c \
 	hmac.c \
+	kw_aes.c \
+	kw_des.c \
 	symkeys.c \
+	asymkeys.c \
+	signatures.c \
+	x509utils.h \
+	x509utils.c \
+	x509.c \
+	x509vfy.c \
 	globals.h \
 	$(NULL)
 
@@ -32,11 +40,13 @@ if SHAREDLIB_HACK
 libxmlsec1_gnutls_la_SOURCES += ../strings.c
 endif
 
+# xmlsec-gnutls library requires xmlsec-gcrypt
 libxmlsec1_gnutls_la_LIBADD = \
-	../libxmlsec1.la \
 	$(GNUTLS_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
+	../gcrypt/libxmlsec1-gcrypt.la \
 	$(NULL)
 
 libxmlsec1_gnutls_la_DEPENDENCIES = \
diff --git a/src/gnutls/Makefile.in b/src/gnutls/Makefile.in
index f07a4b49..f4351c16 100644
--- a/src/gnutls/Makefile.in
+++ b/src/gnutls/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,10 +38,13 @@ host_triplet = @host@
 subdir = src/gnutls
 DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -66,35 +69,65 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 am__DEPENDENCIES_1 =
 am__libxmlsec1_gnutls_la_SOURCES_DIST = app.c ciphers.c crypto.c \
-	digests.c hmac.c symkeys.c globals.h ../strings.c
+	digests.c hmac.c kw_aes.c kw_des.c symkeys.c asymkeys.c \
+	signatures.c x509utils.h x509utils.c x509.c x509vfy.c \
+	globals.h ../strings.c
 am__objects_1 =
 @SHAREDLIB_HACK_TRUE@am__objects_2 = libxmlsec1_gnutls_la-strings.lo
 am_libxmlsec1_gnutls_la_OBJECTS = libxmlsec1_gnutls_la-app.lo \
 	libxmlsec1_gnutls_la-ciphers.lo libxmlsec1_gnutls_la-crypto.lo \
 	libxmlsec1_gnutls_la-digests.lo libxmlsec1_gnutls_la-hmac.lo \
-	libxmlsec1_gnutls_la-symkeys.lo $(am__objects_1) \
+	libxmlsec1_gnutls_la-kw_aes.lo libxmlsec1_gnutls_la-kw_des.lo \
+	libxmlsec1_gnutls_la-symkeys.lo \
+	libxmlsec1_gnutls_la-asymkeys.lo \
+	libxmlsec1_gnutls_la-signatures.lo \
+	libxmlsec1_gnutls_la-x509utils.lo libxmlsec1_gnutls_la-x509.lo \
+	libxmlsec1_gnutls_la-x509vfy.lo $(am__objects_1) \
 	$(am__objects_2)
 libxmlsec1_gnutls_la_OBJECTS = $(am_libxmlsec1_gnutls_la_OBJECTS)
-libxmlsec1_gnutls_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
-	$(libxmlsec1_gnutls_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_gnutls_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_gnutls_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(libxmlsec1_gnutls_la_SOURCES)
 DIST_SOURCES = $(am__libxmlsec1_gnutls_la_SOURCES_DIST)
 ETAGS = etags
@@ -102,6 +135,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -116,6 +150,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -124,6 +159,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -154,6 +193,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -185,8 +225,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -194,7 +236,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -213,6 +254,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -222,6 +265,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -257,6 +301,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -289,7 +334,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -325,12 +369,17 @@ libxmlsec1_gnutls_la_CPPFLAGS = \
 	$(NULL)
 
 libxmlsec1_gnutls_la_SOURCES = app.c ciphers.c crypto.c digests.c \
-	hmac.c symkeys.c globals.h $(NULL) $(am__append_1)
+	hmac.c kw_aes.c kw_des.c symkeys.c asymkeys.c signatures.c \
+	x509utils.h x509utils.c x509.c x509vfy.c globals.h $(NULL) \
+	$(am__append_1)
+
+# xmlsec-gnutls library requires xmlsec-gcrypt
 libxmlsec1_gnutls_la_LIBADD = \
-	../libxmlsec1.la \
 	$(GNUTLS_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
+	../gcrypt/libxmlsec1-gcrypt.la \
 	$(NULL)
 
 libxmlsec1_gnutls_la_DEPENDENCIES = \
@@ -406,8 +455,8 @@ clean-libLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libxmlsec1-gnutls.la: $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_DEPENDENCIES) 
-	$(libxmlsec1_gnutls_la_LINK) -rpath $(libdir) $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_LIBADD) $(LIBS)
+libxmlsec1-gnutls.la: $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_DEPENDENCIES) $(EXTRA_libxmlsec1_gnutls_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_gnutls_la_LINK) -rpath $(libdir) $(libxmlsec1_gnutls_la_OBJECTS) $(libxmlsec1_gnutls_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -416,82 +465,138 @@ distclean-compile:
 	-rm -f *.tab.c
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-app.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 libxmlsec1_gnutls_la-app.lo: app.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-app.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='app.c' object='libxmlsec1_gnutls_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-app.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='app.c' object='libxmlsec1_gnutls_la-app.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
 
 libxmlsec1_gnutls_la-ciphers.lo: ciphers.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='ciphers.c' object='libxmlsec1_gnutls_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ciphers.c' object='libxmlsec1_gnutls_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
 
 libxmlsec1_gnutls_la-crypto.lo: crypto.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='crypto.c' object='libxmlsec1_gnutls_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='crypto.c' object='libxmlsec1_gnutls_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
 
 libxmlsec1_gnutls_la-digests.lo: digests.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='digests.c' object='libxmlsec1_gnutls_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-digests.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='digests.c' object='libxmlsec1_gnutls_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
 
 libxmlsec1_gnutls_la-hmac.lo: hmac.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='hmac.c' object='libxmlsec1_gnutls_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hmac.c' object='libxmlsec1_gnutls_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+
+libxmlsec1_gnutls_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Tpo -c -o libxmlsec1_gnutls_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_aes.c' object='libxmlsec1_gnutls_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_gnutls_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Tpo -c -o libxmlsec1_gnutls_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_des.c' object='libxmlsec1_gnutls_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
 
 libxmlsec1_gnutls_la-symkeys.lo: symkeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='symkeys.c' object='libxmlsec1_gnutls_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='symkeys.c' object='libxmlsec1_gnutls_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+
+libxmlsec1_gnutls_la-asymkeys.lo: asymkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-asymkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Tpo -c -o libxmlsec1_gnutls_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-asymkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='asymkeys.c' object='libxmlsec1_gnutls_la-asymkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-asymkeys.lo `test -f 'asymkeys.c' || echo '$(srcdir)/'`asymkeys.c
+
+libxmlsec1_gnutls_la-signatures.lo: signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Tpo -c -o libxmlsec1_gnutls_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='signatures.c' object='libxmlsec1_gnutls_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+
+libxmlsec1_gnutls_la-x509utils.lo: x509utils.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509utils.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Tpo -c -o libxmlsec1_gnutls_la-x509utils.lo `test -f 'x509utils.c' || echo '$(srcdir)/'`x509utils.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509utils.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509utils.c' object='libxmlsec1_gnutls_la-x509utils.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509utils.lo `test -f 'x509utils.c' || echo '$(srcdir)/'`x509utils.c
+
+libxmlsec1_gnutls_la-x509.lo: x509.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509.Tpo -c -o libxmlsec1_gnutls_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509.c' object='libxmlsec1_gnutls_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+
+libxmlsec1_gnutls_la-x509vfy.lo: x509vfy.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Tpo -c -o libxmlsec1_gnutls_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509vfy.c' object='libxmlsec1_gnutls_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
 
 libxmlsec1_gnutls_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../strings.c' object='libxmlsec1_gnutls_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_gnutls_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_gnutls_la-strings.Tpo $(DEPDIR)/libxmlsec1_gnutls_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../strings.c' object='libxmlsec1_gnutls_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_gnutls_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_gnutls_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -598,10 +703,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/src/gnutls/README b/src/gnutls/README
index 02c5fbbf..404aa878 100644
--- a/src/gnutls/README
+++ b/src/gnutls/README
@@ -1,9 +1,6 @@
-The xmlsec-gnutls implementation is really limited and is not ready 
-for production use. The only supported crypto transforms are:
+The xmlsec-gnutls uses both libgcrypt and libgnutls because GnuTLS
+does not provide direct access to low-level crypto operations (digests,
+hmac, aes, des, etc.).
+
 
-    - HMAC
-    - Tripple DES
-    - AES [128|192|256]
-    - SHA1
 
-    
\ No newline at end of file
diff --git a/src/gnutls/app.c b/src/gnutls/app.c
index 54da1999..856257f3 100644
--- a/src/gnutls/app.c
+++ b/src/gnutls/app.c
@@ -1,17 +1,15 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <string.h>
 
-#include <gnutls/gnutls.h>
-
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
@@ -19,38 +17,56 @@
 
 #include <xmlsec/gnutls/app.h>
 #include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/x509.h>
+
+#include "x509utils.h"
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+#include <xmlsec/gcrypt/app.h>
+
+static xmlSecKeyPtr     xmlSecGnuTLSAppKeyFromCertLoad          (const char *filename,
+                                                                 xmlSecKeyDataFormat format);
+static xmlSecKeyPtr     xmlSecGnuTLSAppKeyFromCertLoadMemory    (const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecKeyDataFormat format);
 
 /**
  * xmlSecGnuTLSAppInit:
- * @config:		the path to GnuTLS configuration (unused).
- * 
+ * @config:             the path to GnuTLS configuration (unused).
+ *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecGnuTLSAppInit(const char* config ATTRIBUTE_UNUSED) {
-    int ret;
-
-    ret = gnutls_global_init();
-    if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "gnutls_global_init",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "ret=%d", ret);
-	return(-1);
+xmlSecGnuTLSAppInit(const char* config) {
+    int err;
+
+    err = gnutls_global_init();
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_global_init",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(-1);
     }
-    return(0);
+
+    return(xmlSecGCryptAppInit(config));
 }
 
 /**
  * xmlSecGnuTLSAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -58,304 +74,787 @@ xmlSecGnuTLSAppInit(const char* config ATTRIBUTE_UNUSED) {
 int
 xmlSecGnuTLSAppShutdown(void) {
     gnutls_global_deinit();
-    return(0);
+
+    return(xmlSecGCryptAppShutdown());
 }
 
 /**
  * xmlSecGnuTLSAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
- * Reads key from the a file (not implemented yet).
+ * Reads key from the a file.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
 xmlSecKeyPtr
 xmlSecGnuTLSAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-			const char *pwd,
-			void* pwdCallback,
-			void* pwdCallbackCtx) {
+                        const char *pwd,
+                        void* pwdCallback,
+                        void* pwdCallbackCtx) {
+    xmlSecKeyPtr key;
+
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
 
-    if (format == xmlSecKeyDataFormatPkcs12) {
-	return (xmlSecGnuTLSAppPkcs12Load(filename, pwd, pwdCallback,
-			    		  pwdCallbackCtx));
+    switch(format) {
+#ifndef XMLSEC_NO_X509
+    case xmlSecKeyDataFormatPkcs12:
+        key = xmlSecGnuTLSAppPkcs12Load(filename, pwd, pwdCallback, pwdCallbackCtx);
+        break;
+    case xmlSecKeyDataFormatCertPem:
+    case xmlSecKeyDataFormatCertDer:
+        key = xmlSecGnuTLSAppKeyFromCertLoad(filename, format);
+        break;
+#endif /* XMLSEC_NO_X509 */
+    default:
+        key = xmlSecGCryptAppKeyLoad(filename, format, pwd, pwdCallback, pwdCallbackCtx);
+        break;
     }
 
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeyLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL);
+    return(key);
 }
 
 /**
  * xmlSecGnuTLSAppKeyLoadMemory:
- * @data:		the binary key data.
- * @dataSize:		the size of binary key.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the binary key data.
+ * @dataSize:           the size of binary key.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
- * Reads key from the memory buffer (not implemented yet).
+ * Reads key from the memory buffer.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
 xmlSecKeyPtr
-xmlSecGnuTLSAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
-			xmlSecKeyDataFormat format, const char *pwd, 
-			void* pwdCallback, void* pwdCallbackCtx) {
+xmlSecGnuTLSAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecKeyDataFormat format, const char *pwd,
+                        void* pwdCallback, void* pwdCallbackCtx) {
+    xmlSecKeyPtr key;
+
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
-    if (format == xmlSecKeyDataFormatPkcs12) {
-	return (xmlSecGnuTLSAppPkcs12LoadMemory(data, dataSize, pwd, 
-					pwdCallback, pwdCallbackCtx));
+    switch(format) {
+#ifndef XMLSEC_NO_X509
+    case xmlSecKeyDataFormatPkcs12:
+        key = xmlSecGnuTLSAppPkcs12LoadMemory(data, dataSize, pwd, pwdCallback, pwdCallbackCtx);
+        break;
+    case xmlSecKeyDataFormatCertPem:
+    case xmlSecKeyDataFormatCertDer:
+        key = xmlSecGnuTLSAppKeyFromCertLoadMemory(data, dataSize, format);
+        break;
+#endif /* XMLSEC_NO_X509 */
+    default:
+        key = xmlSecGCryptAppKeyLoadMemory(data, dataSize, format, pwd, pwdCallback, pwdCallbackCtx);
+        break;
     }
-
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeyLoadMemory",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL);
+    return(key);
 }
 
 #ifndef XMLSEC_NO_X509
 /**
  * xmlSecGnuTLSAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
+ *
+ * Reads the certificate from $@filename and adds it to key.
  *
- * Reads the certificate from $@filename and adds it to key
- * (not implemented yet).
- * 
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, 
-			  xmlSecKeyDataFormat format) {
+int
+xmlSecGnuTLSAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
+                          xmlSecKeyDataFormat format) {
+    xmlSecBuffer buffer;
+    int ret;
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeyCertLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(-1);
+
+    ret = xmlSecBufferInitialize(&buffer, 4*1024);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferReadFile(&buffer, filename);
+    if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s", 
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSAppKeyCertLoadMemory(key,
+                    xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer),
+                    format);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSAppKeyCertLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
+    }
+
+    /* cleanup */
+    xmlSecBufferFinalize(&buffer);
+    return(0);
 }
 
 /**
  * xmlSecGnuTLSAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ *
+ * Reads the certificate from memory buffer and adds it to key.
  *
- * Reads the certificate from memory buffer and adds it to key (not implemented yet).
- * 
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
-				xmlSecKeyDataFormat format) {
+int
+xmlSecGnuTLSAppKeyCertLoadMemory(xmlSecKeyPtr key,
+                                 const xmlSecByte* data,
+                                 xmlSecSize dataSize,
+                                 xmlSecKeyDataFormat format) {
+    gnutls_x509_crt_t cert;
+    xmlSecKeyDataPtr keyData;
+    int ret;
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeyCertLoadMemory",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(-1);
+    keyData = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
+    if(keyData == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
+    if(cert == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(keyData, cert);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert);
+        return(-1);
+    }
+
+    return(0);
 }
 
 /**
  * xmlSecGnuTLSAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
- * Reads key and all associated certificates from the PKCS12 file
- * (not implemented yet).
+ * Reads key and all associated certificates from the PKCS12 file.
  * For uniformity, call xmlSecGnuTLSAppKeyLoad instead of this function. Pass
  * in format=xmlSecKeyDataFormatPkcs12.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecGnuTLSAppPkcs12Load(const char *filename, 
-			  const char *pwd ATTRIBUTE_UNUSED,
-		          void* pwdCallback ATTRIBUTE_UNUSED, 
-			  void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+xmlSecKeyPtr
+xmlSecGnuTLSAppPkcs12Load(const char *filename,
+                          const char *pwd,
+                          void* pwdCallback,
+                          void* pwdCallbackCtx) {
+    xmlSecKeyPtr key;
+    xmlSecBuffer buffer;
+    int ret;
+
     xmlSecAssert2(filename != NULL, NULL);
 
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppPkcs12Load",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL); 
+    ret = xmlSecBufferInitialize(&buffer, 4*1024);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    ret = xmlSecBufferReadFile(&buffer, filename);
+    if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s", 
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    key = xmlSecGnuTLSAppPkcs12LoadMemory(xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer),
+                    pwd, pwdCallback, pwdCallbackCtx);
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSAppPkcs12LoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    /* cleanup */
+    xmlSecBufferFinalize(&buffer);
+    return(key);
 }
 
 /**
  * xmlSecGnuTLSAppPkcs12LoadMemory:
- * @data:		the PKCS12 binary data.
- * @dataSize:		the PKCS12 binary data size.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the PKCS12 binary data.
+ * @dataSize:           the PKCS12 binary data size.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 data in memory buffer.
  * For uniformity, call xmlSecGnuTLSAppKeyLoadMemory instead of this function. Pass
- * in format=xmlSecKeyDataFormatPkcs12 (not implemented yet).
+ * in format=xmlSecKeyDataFormatPkcs12.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecGnuTLSAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
-			   const char *pwd, void* pwdCallback, 
-			   void* pwdCallbackCtx) {
+xmlSecKeyPtr
+xmlSecGnuTLSAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                                const char *pwd,
+                                void* pwdCallback ATTRIBUTE_UNUSED,
+                                void* pwdCallbackCtx ATTRIBUTE_UNUSED)
+{
+    xmlSecKeyPtr key = NULL;
+    xmlSecKeyPtr res = NULL;
+    xmlSecPtrList certsList;
+    xmlSecKeyDataPtr keyData = NULL;
+    xmlSecKeyDataPtr x509Data = NULL;
+    gnutls_x509_privkey_t priv_key = NULL;
+    gnutls_x509_crt_t key_cert = NULL;
+    xmlSecSize certsSize;
+    int ret;
+
     xmlSecAssert2(data != NULL, NULL);
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppPkcs12LoadMemory",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL); 
+    xmlSecAssert2(dataSize > 0, NULL);
+
+    /* prepare */
+    ret = xmlSecPtrListInitialize(&(certsList), xmlSecGnuTLSX509CrtListId);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "certsList");
+        return(NULL);
+    }
+
+    /* load pkcs12 */
+    ret = xmlSecGnuTLSPkcs12LoadMemory(data, dataSize, pwd, &priv_key, &key_cert, &certsList);
+    if((ret < 0) || (priv_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSPkcs12LoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* create key */
+    key = xmlSecKeyCreate();
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* create key value data */
+    keyData = xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey(priv_key);
+    if(keyData == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    priv_key = NULL; /* owned by keyData now */
+
+    ret = xmlSecKeySetValue(key, keyData);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
+    }
+    keyData = NULL; /* owned by key now */
+
+
+    /* create x509 certs data */
+    certsSize = xmlSecPtrListGetSize(&certsList);
+    if((certsSize > 0) || (key_cert != NULL)) {
+        xmlSecSize ii;
+
+        x509Data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataX509Id);
+        if(x509Data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataX509Id)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+
+        /* set key's cert */
+        if(key_cert != NULL) {
+            ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, key_cert);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSKeyDataX509AdoptKeyCert",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+            key_cert = NULL; /* owned by x509Data now */
+        }
+
+        /* copy all other certs */
+        for(ii = 0; ii < certsSize; ++ii) {
+            gnutls_x509_crt_t cert = xmlSecPtrListRemoveAndReturn(&certsList, ii);
+            if(cert == NULL) {
+                continue;
+            }
+
+            ret = xmlSecGnuTLSKeyDataX509AdoptCert(x509Data, cert);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSKeyDataX509AdoptCert",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                gnutls_x509_crt_deinit(cert);
+                goto done;
+            }
+        }
+
+        /* set in the key */
+        ret = xmlSecKeyAdoptData(key, x509Data);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyAdoptData",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        x509Data = NULL; /* owned by key now */
+    }
+
+    /* success!!! */
+    res = key;
+    key = NULL;
+
+done:
+    if(key_cert != NULL) {
+        gnutls_x509_crt_deinit(key_cert);
+    }
+    if(priv_key != NULL) {
+        gnutls_x509_privkey_deinit(priv_key);
+    }
+    if(keyData != NULL) {
+        xmlSecKeyDataDestroy(keyData);
+    }
+    if(x509Data != NULL) {
+        xmlSecKeyDataDestroy(x509Data);
+    }
+    if(key != NULL) {
+        xmlSecKeyDestroy(key);
+    }
+    xmlSecPtrListFinalize(&certsList);
+    return(res);
+}
+
+static xmlSecKeyPtr
+xmlSecGnuTLSAppKeyFromCertLoad(const char *filename,
+                               xmlSecKeyDataFormat format)
+{
+    xmlSecKeyPtr key;
+    xmlSecBuffer buffer;
+    int ret;
+
+    xmlSecAssert2(filename != NULL, NULL);
+
+    ret = xmlSecBufferInitialize(&buffer, 4*1024);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    ret = xmlSecBufferReadFile(&buffer, filename);
+    if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s", 
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    key = xmlSecGnuTLSAppKeyFromCertLoadMemory(
+                    xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer),
+                    format);
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSAppKeyFromCertLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
+    }
+
+    /* cleanup */
+    xmlSecBufferFinalize(&buffer);
+    return(key);
+}
+
+static xmlSecKeyPtr
+xmlSecGnuTLSAppKeyFromCertLoadMemory(const xmlSecByte* data,
+                                     xmlSecSize dataSize,
+                                     xmlSecKeyDataFormat format)
+{
+    xmlSecKeyPtr key = NULL;
+    xmlSecKeyDataPtr keyData = NULL;
+    xmlSecKeyDataPtr x509Data = NULL;
+    gnutls_x509_crt_t cert = NULL;
+    xmlSecKeyPtr res = NULL;
+    int ret;
+
+    xmlSecAssert2(data != NULL, NULL);
+    xmlSecAssert2(dataSize > 0, NULL);
+    xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
+
+    /* read cert */
+    cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
+    if(cert == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* create key */
+    key = xmlSecKeyCreate();
+    if(key == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* create key value data */
+    keyData = xmlSecGnuTLSX509CertGetKey(cert);
+    if(keyData == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    ret = xmlSecKeySetValue(key, keyData);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
+    }
+    keyData = NULL; /* owned by key now */
+
+    /* create x509 data */
+    x509Data = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
+    if(x509Data == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    ret = xmlSecGnuTLSKeyDataX509AdoptKeyCert(x509Data, cert);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSKeyDataX509AdoptKeyCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    cert = NULL; /* owned by x509Data now */
+
+    /* success */
+    res = key;
+    key = NULL;
+
+done:
+    if(cert != NULL) {
+        gnutls_x509_crt_deinit(cert);
+    }
+    if(keyData != NULL) {
+        xmlSecKeyDataDestroy(keyData);
+    }
+    if(key != NULL) {
+        xmlSecKeyDestroy(key);
+    }
+    return(res);
 }
 
 /**
  * xmlSecGnuTLSAppKeysMngrCertLoad:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
- * untrusted certs in @store (not implemented yet).
+ * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecGnuTLSAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-				xmlSecKeyDataFormat format, 
-				xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+xmlSecGnuTLSAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr,
+                                const char *filename,
+                                xmlSecKeyDataFormat format,
+                                xmlSecKeyDataType type) {
+    xmlSecBuffer buffer;
+    int ret;
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeysMngrCertLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(-1);
+    ret = xmlSecBufferInitialize(&buffer, 4*1024);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferReadFile(&buffer, filename);
+    if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL) || (xmlSecBufferGetSize(&buffer) <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s", 
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSAppKeysMngrCertLoadMemory(mngr,
+                    xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer),
+                    format,
+                    type);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSAppKeysMngrCertLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
+    }
+
+    /* cleanup */
+    xmlSecBufferFinalize(&buffer);
+    return(0);
 }
 
 /**
  * xmlSecGnuTLSAppKeysMngrCertLoadMemory:
- * @mngr: 		the keys manager.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate trusted or not.
+ *
  * Reads cert from binary buffer @data and adds to the list of trusted or known
- * untrusted certs in @store (not implemented yet).
+ * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecGnuTLSAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
-				    xmlSecSize dataSize, xmlSecKeyDataFormat format, 
-				    xmlSecKeyDataType type) {
+xmlSecGnuTLSAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr,
+                                      const xmlSecByte* data,
+                                      xmlSecSize dataSize,
+                                      xmlSecKeyDataFormat format,
+                                      xmlSecKeyDataType type) {
+    xmlSecKeyDataStorePtr x509Store;
+    gnutls_x509_crt_t cert;
+    int ret;
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
-    /* TODO */
-    xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecGnuTLSAppKeysMngrCertLoadMemory",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(-1);
+    x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecGnuTLSX509StoreId);
+    if(x509Store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecGnuTLSX509StoreId");
+        return(-1);
+    }
+
+    cert = xmlSecGnuTLSX509CertRead(data, dataSize, format);
+    if(cert == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSX509StoreAdoptCert(x509Store, cert, type);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509StoreAdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert);
+        return(-1);
+    }
+
+    return(0);
 }
 
 #endif /* XMLSEC_NO_X509 */
 
 /**
  * xmlSecGnuTLSAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default GnuTLS crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecGnuTLSAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
 
-    /* create simple keys store if needed */        
+    /* create simple keys store if needed */
     if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
-	xmlSecKeyStorePtr keysStore;
-
-	keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
-	if(keysStore == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecSimpleKeysStoreId");
-	    return(-1);
-	}
-	
-	ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptKeysStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(keysStore);
-	    return(-1);        
-	}
-    }
-
-    ret = xmlSecGnuTLSKeysMngrInit(mngr);    
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecSimpleKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
+    }
+
+    ret = xmlSecGnuTLSKeysMngrInit(mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecGnuTLSKeysMngrInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1); 
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSKeysMngrInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* TODO */
     mngr->getKey = xmlSecKeysMngrGetKey;
     return(0);
@@ -363,125 +862,125 @@ xmlSecGnuTLSAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
 
 /**
  * xmlSecGnuTLSAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecGnuTLSAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecGnuTLSAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecGnuTLSAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecGnuTLSAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecGnuTLSAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", xmlSecErrorsSafeString(uri));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecGnuTLSAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecGnuTLSAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreSave(store, filename, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreSave",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreSave",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        return(-1);
+    }
+
     return(0);
 }
 
diff --git a/src/gnutls/asymkeys.c b/src/gnutls/asymkeys.c
new file mode 100644
index 00000000..6ac68a78
--- /dev/null
+++ b/src/gnutls/asymkeys.c
@@ -0,0 +1,455 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+#include <gcrypt.h>
+
+static void xmlSecGnuTLSDestroyParams(gnutls_datum_t * params, xmlSecSize num) {
+    xmlSecSize ii;
+
+    xmlSecAssert(params != NULL);
+    for(ii = 0; ii < num; ++ii) {
+        gnutls_free(params[ii].data);
+    }
+}
+
+static void xmlSecGnuTLSDestroyMpis(gcry_mpi_t * mpis, xmlSecSize num) {
+    xmlSecSize ii;
+
+    xmlSecAssert(mpis != NULL);
+    for(ii = 0; ii < num; ++ii) {
+        gcry_mpi_release(mpis[ii]);
+    }
+}
+
+static int xmlSecGnuTLSConvertParamsToMpis(gnutls_datum_t * params, xmlSecSize paramsNum,
+                                           gcry_mpi_t * mpis, xmlSecSize mpisNum) {
+
+    xmlSecSize ii;
+    int rc;
+
+    xmlSecAssert2(params != NULL, -1);
+    xmlSecAssert2(mpis != NULL, -1);
+    xmlSecAssert2(paramsNum == mpisNum, -1);
+
+    for(ii = 0; ii < paramsNum; ++ii) {
+        rc = gcry_mpi_scan(&(mpis[ii]), GCRYMPI_FMT_USG, params[ii].data, params[ii].size, NULL);
+        if((rc != GPG_ERR_NO_ERROR) || (mpis[ii] == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gcry_mpi_scan",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+            xmlSecGnuTLSDestroyMpis(mpis, ii); /* destroy up to now */
+            return(-1);
+        }
+    }
+
+    /* done */
+    return(0);
+}
+
+#ifndef XMLSEC_NO_DSA
+
+/**
+ * xmlSecGnuTLSKeyDataDsaGetKlass:
+ *
+ * The DSA key data klass.
+ *
+ * Returns: pointer to DSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataDsaGetKlass(void) {
+    return (xmlSecGCryptKeyDataDsaGetKlass());
+}
+
+/**
+ * xmlSecGnuTLSKeyDataDsaAdoptPrivateKey:
+ * @data:               the pointer to DSA key data.
+ * @dsa_key:            the pointer to GnuTLS DSA private key.
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataDsaAdoptPrivateKey(xmlSecKeyDataPtr data, gnutls_x509_privkey_t dsa_key) {
+    gnutls_datum_t params[5];
+    gcry_mpi_t mpis[5];
+    gcry_sexp_t priv_key = NULL;
+    gcry_sexp_t pub_key = NULL;
+    int rc;
+    int err;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDsaId), -1);
+    xmlSecAssert2(dsa_key != NULL, -1);
+    xmlSecAssert2(gnutls_x509_privkey_get_pk_algorithm(dsa_key) == GNUTLS_PK_DSA, -1);
+
+    /* get raw values */
+    err = gnutls_x509_privkey_export_dsa_raw(dsa_key,
+            &(params[0]), &(params[1]), &(params[2]),
+            &(params[3]), &(params[4]));
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_privkey_export_dsa_raw",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* convert to mpis */
+    ret = xmlSecGnuTLSConvertParamsToMpis(
+            params, sizeof(params)/sizeof(params[0]),
+            mpis, sizeof(mpis)/sizeof(mpis[0]));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSConvertParamsToMpis",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecGnuTLSDestroyParams(params, sizeof(params)/sizeof(params[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyParams(params, sizeof(params)/sizeof(params[0]));
+
+    /* build expressions */
+    rc = gcry_sexp_build(&(priv_key), NULL, "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
+                        mpis[0], mpis[1], mpis[2], mpis[3], mpis[4]);
+    if((rc != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/dsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    rc = gcry_sexp_build(&(pub_key), NULL, "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+                        mpis[0], mpis[1], mpis[2], mpis[3]);
+    if((rc != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        gcry_sexp_release(priv_key);
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+
+    ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(data, pub_key, priv_key);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKeyDataDsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gcry_sexp_release(pub_key);
+        gcry_sexp_release(priv_key);
+        return(-1);
+    }
+
+    /* done, we "adopted" the key - destroy it! */
+    gnutls_x509_privkey_deinit(dsa_key);
+    return(0);
+}
+
+
+/**
+ * xmlSecGnuTLSKeyDataDsaAdoptPublicKey:
+ * @data:               the pointer to DSA key data.
+ * @p:                  the pointer to p component of the DSA public key
+ * @q:                  the pointer to q component of the DSA public key
+ * @g:                  the pointer to g component of the DSA public key
+ * @y:                  the pointer to y component of the DSA public key
+ *
+ * Sets the value of DSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataDsaAdoptPublicKey(xmlSecKeyDataPtr data,
+                                     gnutls_datum_t * p, gnutls_datum_t * q,
+                                     gnutls_datum_t * g, gnutls_datum_t * y) {
+    gnutls_datum_t params[4];
+    gcry_mpi_t mpis[4];
+    gcry_sexp_t pub_key = NULL;
+    int rc;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDsaId), -1);
+    xmlSecAssert2(p != NULL, -1);
+    xmlSecAssert2(q != NULL, -1);
+    xmlSecAssert2(g != NULL, -1);
+    xmlSecAssert2(y != NULL, -1);
+
+    /* copy */
+    memcpy(&(params[0]), p, sizeof(*p));
+    memcpy(&(params[1]), q, sizeof(*q));
+    memcpy(&(params[2]), g, sizeof(*g));
+    memcpy(&(params[3]), y, sizeof(*y));
+
+    /* convert to mpis */
+    ret = xmlSecGnuTLSConvertParamsToMpis(
+            params, sizeof(params)/sizeof(params[0]),
+            mpis, sizeof(mpis)/sizeof(mpis[0]));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSConvertParamsToMpis",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        /* don't destroy params - we got them from outside !!! */
+        return(-1);
+    }
+    /* don't destroy params - we got them from outside !!! */
+
+    /* build expressions */
+    rc = gcry_sexp_build(&(pub_key), NULL, "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
+                        mpis[0], mpis[1], mpis[2], mpis[3]);
+    if((rc != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+
+    ret = xmlSecGCryptKeyDataDsaAdoptKeyPair(data, pub_key, NULL);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKeyDataDsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gcry_sexp_release(pub_key);
+        return(-1);
+    }
+
+    /* done, we "adopted" the key - destroy it! */
+    gnutls_free(p->data);
+    gnutls_free(q->data);
+    gnutls_free(g->data);
+    gnutls_free(y->data);
+    return(0);
+}
+
+#endif /* XMLSEC_NO_DSA */
+
+
+#ifndef XMLSEC_NO_RSA
+
+/**
+ * xmlSecGnuTLSKeyDataRsaGetKlass:
+ *
+ * The GnuTLS RSA key data klass.
+ *
+ * Returns: pointer to GnuTLS RSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataRsaGetKlass(void) {
+    return (xmlSecGCryptKeyDataRsaGetKlass());
+}
+
+/**
+ * xmlSecGnuTLSKeyDataRsaAdoptPrivateKey:
+ * @data:               the pointer to RSA key data.
+ * @rsa_key:            the pointer to GnuTLS RSA private key.
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataRsaAdoptPrivateKey(xmlSecKeyDataPtr data, gnutls_x509_privkey_t rsa_key) {
+    gnutls_datum_t params[6];
+    gcry_mpi_t mpis[6];
+    gcry_sexp_t priv_key = NULL;
+    gcry_sexp_t pub_key = NULL;
+    int rc;
+    int err;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataRsaId), -1);
+    xmlSecAssert2(rsa_key != NULL, -1);
+    xmlSecAssert2(gnutls_x509_privkey_get_pk_algorithm(rsa_key) == GNUTLS_PK_RSA, -1);
+
+    /* get raw values */
+    err = gnutls_x509_privkey_export_rsa_raw(rsa_key,
+            &(params[0]), &(params[1]), &(params[2]),
+            &(params[3]), &(params[4]), &(params[5]));
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_privkey_export_rsa_raw",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(-1);
+    }
+
+    /* convert to mpis */
+    ret = xmlSecGnuTLSConvertParamsToMpis(
+            params, sizeof(params)/sizeof(params[0]),
+            mpis, sizeof(mpis)/sizeof(mpis[0]));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSConvertParamsToMpis",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecGnuTLSDestroyParams(params, sizeof(params)/sizeof(params[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyParams(params, sizeof(params)/sizeof(params[0]));
+
+    /* build expressions */
+    rc = gcry_sexp_build(&(priv_key), NULL, "(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))",
+                        mpis[0], mpis[1], mpis[2],
+                        mpis[3], mpis[4], mpis[5]);
+    if((rc != GPG_ERR_NO_ERROR) || (priv_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    rc = gcry_sexp_build(&(pub_key), NULL, "(public-key(rsa((n%m)(e%m))))",
+                        mpis[0], mpis[1]);
+    if((rc != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        gcry_sexp_release(priv_key);
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+
+    ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(data, pub_key, priv_key);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKeyDataRsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gcry_sexp_release(pub_key);
+        gcry_sexp_release(priv_key);
+        return(-1);
+    }
+
+    /* done, we "adopted" the key - destroy it! */
+    gnutls_x509_privkey_deinit(rsa_key);
+    return(0);
+}
+
+
+/**
+ * xmlSecGnuTLSKeyDataRsaAdoptPublicKey:
+ * @data:               the pointer to RSA key data.
+ * @m:                  the pointer to m component of the RSA public key
+ * @e:                  the pointer to e component of the RSA public key
+ *
+ * Sets the value of RSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecGnuTLSKeyDataRsaAdoptPublicKey(xmlSecKeyDataPtr data,
+                                     gnutls_datum_t * m, gnutls_datum_t * e) {
+    gnutls_datum_t params[2];
+    gcry_mpi_t mpis[2];
+    gcry_sexp_t pub_key = NULL;
+    int rc;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataRsaId), -1);
+    xmlSecAssert2(m != NULL, -1);
+    xmlSecAssert2(e != NULL, -1);
+
+    /* copy */
+    memcpy(&(params[0]), m, sizeof(*m));
+    memcpy(&(params[1]), e, sizeof(*e));
+
+    /* convert to mpis */
+    ret = xmlSecGnuTLSConvertParamsToMpis(
+            params, sizeof(params)/sizeof(params[0]),
+            mpis, sizeof(mpis)/sizeof(mpis[0]));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSConvertParamsToMpis",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        /* don't destroy params - we got them from outside !!! */
+        return(-1);
+    }
+    /* don't destroy params - we got them from outside !!! */
+
+    /* build expressions */
+    rc = gcry_sexp_build(&(pub_key), NULL, "(public-key(rsa((n%m)(e%m))))",
+                        mpis[0], mpis[1]);
+    if((rc != GPG_ERR_NO_ERROR) || (pub_key == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gcry_sexp_build(private/rsa)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(rc));
+        xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+        return(-1);
+    }
+    xmlSecGnuTLSDestroyMpis(mpis, sizeof(mpis)/sizeof(mpis[0]));
+
+    ret = xmlSecGCryptKeyDataRsaAdoptKeyPair(data, pub_key, NULL);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGCryptKeyDataRsaAdoptKeyPair",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gcry_sexp_release(pub_key);
+        return(-1);
+    }
+
+    /* done, we "adopted" the key - destroy it! */
+    gnutls_free(m->data);
+    gnutls_free(e->data);
+    return(0);
+}
+#endif /* XMLSEC_NO_RSA */
diff --git a/src/gnutls/ciphers.c b/src/gnutls/ciphers.c
index b9421597..eacfede6 100644
--- a/src/gnutls/ciphers.c
+++ b/src/gnutls/ciphers.c
@@ -1,18 +1,15 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <string.h>
 
-#include <gnutls/gnutls.h>
-#include <gcrypt.h>
-
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
@@ -22,839 +19,64 @@
 
 /**************************************************************************
  *
- * Internal GnuTLS Block cipher CTX
- *
- *****************************************************************************/
-typedef struct _xmlSecGnuTLSBlockCipherCtx		xmlSecGnuTLSBlockCipherCtx,
-							*xmlSecGnuTLSBlockCipherCtxPtr;
-struct _xmlSecGnuTLSBlockCipherCtx {
-    int			cipher;
-    int			mode;
-    GcryCipherHd	cipherCtx;
-    xmlSecKeyDataId	keyId;
-    int			keyInitialized;
-    int			ctxInitialized;
-};
-
-static int 	xmlSecGnuTLSBlockCipherCtxInit		(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecGnuTLSBlockCipherCtxUpdate	(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecGnuTLSBlockCipherCtxFinal		(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 
-xmlSecGnuTLSBlockCipherCtxInit(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-				xmlSecBufferPtr in, xmlSecBufferPtr out,
-				int encrypt,
-				const xmlChar* cipherName,
-				xmlSecTransformCtxPtr transformCtx) {
-    int blockLen;
-    int ret;
-
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->cipher != 0, -1);
-    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
-    xmlSecAssert2(ctx->keyInitialized != 0, -1);
-    xmlSecAssert2(ctx->ctxInitialized == 0, -1);
-    xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    /* iv len == block len */
-    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
-    xmlSecAssert2(blockLen > 0, -1);
-    
-    if(encrypt) {
-	xmlSecByte* iv;
-    	xmlSecSize outSize;
-	
-	/* allocate space for IV */	
-	outSize = xmlSecBufferGetSize(out);
-	ret = xmlSecBufferSetSize(out, outSize + blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferSetSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize + blockLen);
-	    return(-1);
-	}
-	iv = xmlSecBufferGetData(out) + outSize;
-	
-	/* generate and use random iv */
-	gcry_randomize(iv, blockLen, GCRY_STRONG_RANDOM);
-	ret = gcry_cipher_setiv(ctx->cipherCtx, iv, blockLen);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_setiv",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-    } else {
-	/* if we don't have enough data, exit and hope that 
-	 * we'll have iv next time */
-	if(xmlSecBufferGetSize(in) < (xmlSecSize)blockLen) {
-	    return(0);
-	}
-	xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
-
-	/* set iv */
-	ret = gcry_cipher_setiv(ctx->cipherCtx, xmlSecBufferGetData(in), blockLen);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_setiv",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-	
-	/* and remove from input */
-	ret = xmlSecBufferRemoveHead(in, blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", blockLen);
-	    return(-1);
-	}
-    }
-
-    ctx->ctxInitialized = 1;
-    return(0);
-}
-
-static int 
-xmlSecGnuTLSBlockCipherCtxUpdate(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-				  xmlSecBufferPtr in, xmlSecBufferPtr out,
-				  int encrypt,
-				  const xmlChar* cipherName,
-				  xmlSecTransformCtxPtr transformCtx) {
-    xmlSecSize inSize, inBlocks, outSize;
-    int blockLen;
-    xmlSecByte* outBuf;
-    int ret;
-    
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->cipher != 0, -1);
-    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
-    xmlSecAssert2(ctx->ctxInitialized != 0, -1);
-    xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
-    xmlSecAssert2(blockLen > 0, -1);
-
-    inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);
-    
-    if(inSize < (xmlSecSize)blockLen) {
-	return(0);
-    }
-
-    if(encrypt) {
-        inBlocks = inSize / ((xmlSecSize)blockLen);
-    } else {
-	/* we want to have the last block in the input buffer 
-	 * for padding check */
-        inBlocks = (inSize - 1) / ((xmlSecSize)blockLen);
-    }
-    inSize = inBlocks * ((xmlSecSize)blockLen);
-
-    /* we write out the input size plus may be one block */
-    ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize + blockLen);
-	return(-1);
-    }
-    outBuf = xmlSecBufferGetData(out) + outSize;
-    
-    if(encrypt) {
-	ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
-				xmlSecBufferGetData(in), inSize);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_encrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-    } else {
-	ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
-				xmlSecBufferGetData(in), inSize);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_decrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-    }
-
-    /* set correct output buffer size */
-    ret = xmlSecBufferSetSize(out, outSize + inSize);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize);
-	return(-1);
-    }
-        
-    /* remove the processed block from input */
-    ret = xmlSecBufferRemoveHead(in, inSize);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
-    }
-    return(0);
-}
-
-static int 
-xmlSecGnuTLSBlockCipherCtxFinal(xmlSecGnuTLSBlockCipherCtxPtr ctx,
-				 xmlSecBufferPtr in,
-				 xmlSecBufferPtr out,
-				 int encrypt,
-				 const xmlChar* cipherName,
-				 xmlSecTransformCtxPtr transformCtx) {
-    xmlSecSize inSize, outSize;
-    int blockLen, outLen = 0;
-    xmlSecByte* inBuf;
-    xmlSecByte* outBuf;
-    int ret;
-    
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->cipher != 0, -1);
-    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
-    xmlSecAssert2(ctx->ctxInitialized != 0, -1);
-    xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    blockLen = gcry_cipher_get_algo_blklen(ctx->cipher);
-    xmlSecAssert2(blockLen > 0, -1);
-
-    inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);
-
-    if(encrypt != 0) {
-        xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);        
-    
-	/* create padding */
-        ret = xmlSecBufferSetMaxSize(in, blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", blockLen);
-	    return(-1);
-	}
-	inBuf = xmlSecBufferGetData(in);
-
-	/* create random padding */
-	if((xmlSecSize)blockLen > (inSize + 1)) {
-    	    gcry_randomize(inBuf + inSize, blockLen - inSize - 1, 
-			GCRY_STRONG_RANDOM); /* as usual, we are paranoid */
-	}
-	inBuf[blockLen - 1] = blockLen - inSize;
-	inSize = blockLen;
-    } else {
-	if(inSize != (xmlSecSize)blockLen) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"data=%d;block=%d", inSize, blockLen);
-	    return(-1);
-	}
-    }
-    
-    /* process last block */
-    ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + 2 * blockLen);
-	return(-1);
-    }
-    outBuf = xmlSecBufferGetData(out) + outSize;
-
-    if(encrypt) {
-	ret = gcry_cipher_encrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
-				xmlSecBufferGetData(in), inSize);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_encrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-    } else {
-	ret = gcry_cipher_decrypt(ctx->cipherCtx, outBuf, inSize + blockLen,
-				xmlSecBufferGetData(in), inSize);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"gcry_cipher_decrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"ret=%d", ret);
-	    return(-1);
-	}
-    }
-
-    if(encrypt == 0) {
-	/* check padding */
-	if(inSize < outBuf[blockLen - 1]) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"padding=%d;buffer=%d",
-			outBuf[blockLen - 1], inSize);
-	    return(-1);	
-	}
-	outLen = inSize - outBuf[blockLen - 1];
-    } else {
-	outLen = inSize;
-    }
-
-    /* set correct output buffer size */
-    ret = xmlSecBufferSetSize(out, outSize + outLen);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
-    }
-        
-    /* remove the processed block from input */
-    ret = xmlSecBufferRemoveHead(in, inSize);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
-    }
-    
-
-    /* set correct output buffer size */
-    ret = xmlSecBufferSetSize(out, outSize + outLen);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
-    }
-
-    /* remove the processed block from input */
-    ret = xmlSecBufferRemoveHead(in, inSize);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
-    }
-
-    return(0);
-}
-
-
-/******************************************************************************
- *
- *  Block Cipher transforms
+ * We use xmlsec-gcrypt for all the basic crypto ops
  *
- * xmlSecGnuTLSBlockCipherCtx block is located after xmlSecTransform structure
- * 
  *****************************************************************************/
-#define xmlSecGnuTLSBlockCipherSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecGnuTLSBlockCipherCtx))
-#define xmlSecGnuTLSBlockCipherGetCtx(transform) \
-    ((xmlSecGnuTLSBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
-static int	xmlSecGnuTLSBlockCipherInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecGnuTLSBlockCipherFinalize		(xmlSecTransformPtr transform);
-static int  	xmlSecGnuTLSBlockCipherSetKeyReq	(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int	xmlSecGnuTLSBlockCipherSetKey		(xmlSecTransformPtr transform,
-							 xmlSecKeyPtr key);
-static int	xmlSecGnuTLSBlockCipherExecute		(xmlSecTransformPtr transform,
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecGnuTLSBlockCipherCheckId		(xmlSecTransformPtr transform);
-							 
-
-
-static int
-xmlSecGnuTLSBlockCipherCheckId(xmlSecTransformPtr transform) {
-#ifndef XMLSEC_NO_DES
-    if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformDes3CbcId)) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_DES */
-
-#ifndef XMLSEC_NO_AES
-    if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformAes128CbcId) ||
-       xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformAes192CbcId) ||
-       xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformAes256CbcId)) {
-       
-       return(1);
-    }
-#endif /* XMLSEC_NO_AES */
-    
-    return(0);
-}
-
-static int 
-xmlSecGnuTLSBlockCipherInitialize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSBlockCipherCtxPtr ctx;
-#ifndef XMLSEC_GNUTLS_OLD
-    gpg_err_code_t ret;
-#endif /* XMLSEC_GNUTLS_OLD */
-    
-    xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize), -1);
-
-    ctx = xmlSecGnuTLSBlockCipherGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    
-    memset(ctx, 0, sizeof(xmlSecGnuTLSBlockCipherCtx));
-
-#ifndef XMLSEC_NO_DES
-    if(transform->id == xmlSecGnuTLSTransformDes3CbcId) {
-	ctx->cipher 	= GCRY_CIPHER_3DES;
-	ctx->mode	= GCRY_CIPHER_MODE_CBC;
-	ctx->keyId 	= xmlSecGnuTLSKeyDataDesId;
-    } else 
-#endif /* XMLSEC_NO_DES */
-
-#ifndef XMLSEC_NO_AES
-    if(transform->id == xmlSecGnuTLSTransformAes128CbcId) {
-	ctx->cipher 	= GCRY_CIPHER_AES128;	
-	ctx->mode	= GCRY_CIPHER_MODE_CBC;
-	ctx->keyId 	= xmlSecGnuTLSKeyDataAesId;
-    } else if(transform->id == xmlSecGnuTLSTransformAes192CbcId) {
-	ctx->cipher 	= GCRY_CIPHER_AES192;	
-	ctx->mode	= GCRY_CIPHER_MODE_CBC;
-	ctx->keyId 	= xmlSecGnuTLSKeyDataAesId;
-    } else if(transform->id == xmlSecGnuTLSTransformAes256CbcId) {
-	ctx->cipher 	= GCRY_CIPHER_AES256;	
-	ctx->mode	= GCRY_CIPHER_MODE_CBC;
-	ctx->keyId 	= xmlSecGnuTLSKeyDataAesId;
-    } else 
-#endif /* XMLSEC_NO_AES */
+#include <xmlsec/gcrypt/crypto.h>
 
-    if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }        
 
-#ifndef XMLSEC_GNUTLS_OLD
-    ret = gcry_cipher_open(&ctx->cipherCtx, ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
-    if(ret != GPG_ERR_NO_ERROR) {
-#else /* XMLSEC_GNUTLS_OLD */ 
-    ctx->cipherCtx = gcry_cipher_open(ctx->cipher, ctx->mode, GCRY_CIPHER_SECURE); /* we are paranoid */
-    if(ctx->cipherCtx == NULL) {
-#endif /* XMLSEC_GNUTLS_OLD */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "gcry_cipher_open",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    return(0);
-}
-
-static void 
-xmlSecGnuTLSBlockCipherFinalize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSBlockCipherCtxPtr ctx;
-
-    xmlSecAssert(xmlSecGnuTLSBlockCipherCheckId(transform));
-    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize));
-
-    ctx = xmlSecGnuTLSBlockCipherGetCtx(transform);
-    xmlSecAssert(ctx != NULL);
-
-    if(ctx->cipherCtx != NULL) {
-	gcry_cipher_close(ctx->cipherCtx);
-    }
-    
-    memset(ctx, 0, sizeof(xmlSecGnuTLSBlockCipherCtx));
-}
-
-static int  
-xmlSecGnuTLSBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
-    xmlSecGnuTLSBlockCipherCtxPtr ctx;
-
-    xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize), -1);
-    xmlSecAssert2(keyReq != NULL, -1);
-
-    ctx = xmlSecGnuTLSBlockCipherGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->cipher != 0, -1);
-    xmlSecAssert2(ctx->keyId != NULL, -1);
-
-    keyReq->keyId 	= ctx->keyId;
-    keyReq->keyType 	= xmlSecKeyDataTypeSymmetric;
-    if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
-    } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
-    }
-
-    keyReq->keyBitsSize = 8 * gcry_cipher_get_algo_keylen(ctx->cipher);
-    return(0);
-}
-
-static int
-xmlSecGnuTLSBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
-    xmlSecGnuTLSBlockCipherCtxPtr ctx;
-    xmlSecBufferPtr buffer;
-    xmlSecSize keySize;
-    int ret;
-    
-    xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize), -1);
-    xmlSecAssert2(key != NULL, -1);
-
-    ctx = xmlSecGnuTLSBlockCipherGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->cipherCtx != NULL, -1);
-    xmlSecAssert2(ctx->cipher != 0, -1);
-    xmlSecAssert2(ctx->keyInitialized == 0, -1);
-    xmlSecAssert2(ctx->keyId != NULL, -1);
-    xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
-
-    keySize = gcry_cipher_get_algo_keylen(ctx->cipher);
-    xmlSecAssert2(keySize > 0, -1);
-
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
-    xmlSecAssert2(buffer != NULL, -1);
-
-    if(xmlSecBufferGetSize(buffer) < keySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "keySize=%d;expected=%d",
-		    xmlSecBufferGetSize(buffer), keySize);
-	return(-1);
-    }
-    
-    xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
-    ret = gcry_cipher_setkey(ctx->cipherCtx, xmlSecBufferGetData(buffer), keySize);
-    if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "gcry_cipher_setkey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "ret=%d", ret);
-	return(-1);
-    }
-    
-    ctx->keyInitialized = 1;
-    return(0);
-}
-
-static int 
-xmlSecGnuTLSBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecGnuTLSBlockCipherCtxPtr ctx;
-    xmlSecBufferPtr in, out;
-    int ret;
-    
-    xmlSecAssert2(xmlSecGnuTLSBlockCipherCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSBlockCipherSize), -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    in = &(transform->inBuf);
-    out = &(transform->outBuf);
-
-    ctx = xmlSecGnuTLSBlockCipherGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-
-    if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    }
-
-    if(transform->status == xmlSecTransformStatusWorking) {
-	if(ctx->ctxInitialized == 0) {
-    	    ret = xmlSecGnuTLSBlockCipherCtxInit(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecGnuTLSBlockCipherCtxInit",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	if((ctx->ctxInitialized == 0) && (last != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"not enough data to initialize transform");
-	    return(-1);
-	}
-	if(ctx->ctxInitialized != 0) {
-	    ret = xmlSecGnuTLSBlockCipherCtxUpdate(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecGnuTLSBlockCipherCtxUpdate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	
-	if(last) {
-	    ret = xmlSecGnuTLSBlockCipherCtxFinal(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecGnuTLSBlockCipherCtxFinal",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	} 
-    } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
-    } else if(transform->status == xmlSecTransformStatusNone) {
-	/* the only way we can get here is if there is no enough data in the input */
-	xmlSecAssert2(last == 0, -1);
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
-    }
-    
-    return(0);
-}
 
 
 #ifndef XMLSEC_NO_AES
-/*********************************************************************
- *
- * AES CBC cipher transforms
- *
- ********************************************************************/
-static xmlSecTransformKlass xmlSecGnuTLSAes128CbcKlass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes128Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes128Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecGnuTLSBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecGnuTLSBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
 /**
  * xmlSecGnuTLSTransformAes128CbcGetKlass:
- * 
+ *
  * AES 128 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 128 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecGnuTLSTransformAes128CbcGetKlass(void) {
-    return(&xmlSecGnuTLSAes128CbcKlass);
+    return (xmlSecGCryptTransformAes128CbcGetKlass());
 }
 
-static xmlSecTransformKlass xmlSecGnuTLSAes192CbcKlass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes192Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes192Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecGnuTLSBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecGnuTLSBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
 /**
  * xmlSecGnuTLSTransformAes192CbcGetKlass:
- * 
+ *
  * AES 192 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 192 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecGnuTLSTransformAes192CbcGetKlass(void) {
-    return(&xmlSecGnuTLSAes192CbcKlass);
+    return (xmlSecGCryptTransformAes192CbcGetKlass());
 }
 
-static xmlSecTransformKlass xmlSecGnuTLSAes256CbcKlass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes256Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes256Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecGnuTLSBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecGnuTLSBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
 /**
  * xmlSecGnuTLSTransformAes256CbcGetKlass:
- * 
+ *
  * AES 256 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 256 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecGnuTLSTransformAes256CbcGetKlass(void) {
-    return(&xmlSecGnuTLSAes256CbcKlass);
+    return (xmlSecGCryptTransformAes256CbcGetKlass());
 }
-
 #endif /* XMLSEC_NO_AES */
 
 #ifndef XMLSEC_NO_DES
-static xmlSecTransformKlass xmlSecGnuTLSDes3CbcKlass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameDes3Cbc,				/* const xmlChar* name; */
-    xmlSecHrefDes3Cbc, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecGnuTLSBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecGnuTLSBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/** 
+/**
  * xmlSecGnuTLSTransformDes3CbcGetKlass:
  *
  * Triple DES CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to Triple DES encryption transform.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecGnuTLSTransformDes3CbcGetKlass(void) {
-    return(&xmlSecGnuTLSDes3CbcKlass);
+    return (xmlSecGCryptTransformDes3CbcGetKlass());
 }
 #endif /* XMLSEC_NO_DES */
 
diff --git a/src/gnutls/crypto.c b/src/gnutls/crypto.c
index dbf69f21..83175e69 100644
--- a/src/gnutls/crypto.c
+++ b/src/gnutls/crypto.c
@@ -1,16 +1,15 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <string.h>
 
-#include <gnutls/gnutls.h>
 #include <gcrypt.h>
 
 #include <xmlsec/xmlsec.h>
@@ -22,6 +21,7 @@
 
 #include <xmlsec/gnutls/app.h>
 #include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/x509.h>
 
 static xmlSecCryptoDLFunctionsPtr gXmlSecGnuTLSFunctions = NULL;
 
@@ -35,79 +35,197 @@ static xmlSecCryptoDLFunctionsPtr gXmlSecGnuTLSFunctions = NULL;
 xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoGetFunctions_gnutls(void) {
     static xmlSecCryptoDLFunctions functions;
-    
+
     if(gXmlSecGnuTLSFunctions != NULL) {
-	return(gXmlSecGnuTLSFunctions);
+        return(gXmlSecGnuTLSFunctions);
     }
 
     memset(&functions, 0, sizeof(functions));
     gXmlSecGnuTLSFunctions = &functions;
 
-    /**  
+    /********************************************************************
+     *
      * Crypto Init/shutdown
-     */
-    gXmlSecGnuTLSFunctions->cryptoInit 			= xmlSecGnuTLSInit;
-    gXmlSecGnuTLSFunctions->cryptoShutdown 		= xmlSecGnuTLSShutdown;
-    gXmlSecGnuTLSFunctions->cryptoKeysMngrInit 		= xmlSecGnuTLSKeysMngrInit;
+     *
+     ********************************************************************/
+    gXmlSecGnuTLSFunctions->cryptoInit                  = xmlSecGnuTLSInit;
+    gXmlSecGnuTLSFunctions->cryptoShutdown              = xmlSecGnuTLSShutdown;
+    gXmlSecGnuTLSFunctions->cryptoKeysMngrInit          = xmlSecGnuTLSKeysMngrInit;
 
-    /**
+    /********************************************************************
+     *
      * Key data ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecGnuTLSFunctions->keyDataAesGetKlass		= xmlSecGnuTLSKeyDataAesGetKlass;
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecGnuTLSFunctions->keyDataAesGetKlass          = xmlSecGnuTLSKeyDataAesGetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecGnuTLSFunctions->keyDataDesGetKlass 		= xmlSecGnuTLSKeyDataDesGetKlass;
+#ifndef XMLSEC_NO_DES
+    gXmlSecGnuTLSFunctions->keyDataDesGetKlass          = xmlSecGnuTLSKeyDataDesGetKlass;
 #endif /* XMLSEC_NO_DES */
 
-#ifndef XMLSEC_NO_HMAC  
-    gXmlSecGnuTLSFunctions->keyDataHmacGetKlass 	= xmlSecGnuTLSKeyDataHmacGetKlass;
-#endif /* XMLSEC_NO_HMAC */    
+#ifndef XMLSEC_NO_DSA
+    gXmlSecGnuTLSFunctions->keyDataDsaGetKlass          = xmlSecGnuTLSKeyDataDsaGetKlass;
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecGnuTLSFunctions->keyDataHmacGetKlass         = xmlSecGnuTLSKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
+
+#ifndef XMLSEC_NO_RSA
+    gXmlSecGnuTLSFunctions->keyDataRsaGetKlass          = xmlSecGnuTLSKeyDataRsaGetKlass;
+#endif /* XMLSEC_NO_RSA */
 
-    /**
+#ifndef XMLSEC_NO_X509
+    gXmlSecGnuTLSFunctions->keyDataX509GetKlass         = xmlSecGnuTLSKeyDataX509GetKlass;
+    gXmlSecGnuTLSFunctions->keyDataRawX509CertGetKlass  = xmlSecGnuTLSKeyDataRawX509CertGetKlass;
+#endif /* XMLSEC_NO_X509 */
+
+    /********************************************************************
+     *
      * Key data store ids
-     */
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_X509
+    gXmlSecGnuTLSFunctions->x509StoreGetKlass           = xmlSecGnuTLSX509StoreGetKlass;
+#endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Crypto transforms ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecGnuTLSFunctions->transformAes128CbcGetKlass 		= xmlSecGnuTLSTransformAes128CbcGetKlass;
-    gXmlSecGnuTLSFunctions->transformAes192CbcGetKlass 		= xmlSecGnuTLSTransformAes192CbcGetKlass;
-    gXmlSecGnuTLSFunctions->transformAes256CbcGetKlass 		= xmlSecGnuTLSTransformAes256CbcGetKlass;
+     *
+     ********************************************************************/
+
+    /******************************* AES ********************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecGnuTLSFunctions->transformAes128CbcGetKlass          = xmlSecGnuTLSTransformAes128CbcGetKlass;
+    gXmlSecGnuTLSFunctions->transformAes192CbcGetKlass          = xmlSecGnuTLSTransformAes192CbcGetKlass;
+    gXmlSecGnuTLSFunctions->transformAes256CbcGetKlass          = xmlSecGnuTLSTransformAes256CbcGetKlass;
+    gXmlSecGnuTLSFunctions->transformKWAes128GetKlass           = xmlSecGnuTLSTransformKWAes128GetKlass;
+    gXmlSecGnuTLSFunctions->transformKWAes192GetKlass           = xmlSecGnuTLSTransformKWAes192GetKlass;
+    gXmlSecGnuTLSFunctions->transformKWAes256GetKlass           = xmlSecGnuTLSTransformKWAes256GetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecGnuTLSFunctions->transformDes3CbcGetKlass 		= xmlSecGnuTLSTransformDes3CbcGetKlass;
+    /******************************* DES ********************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecGnuTLSFunctions->transformDes3CbcGetKlass            = xmlSecGnuTLSTransformDes3CbcGetKlass;
+    gXmlSecGnuTLSFunctions->transformKWDes3GetKlass             = xmlSecGnuTLSTransformKWDes3GetKlass;
 #endif /* XMLSEC_NO_DES */
 
+    /******************************* DSA ********************************/
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGnuTLSFunctions->transformDsaSha1GetKlass            = xmlSecGnuTLSTransformDsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+    /******************************* HMAC ********************************/
 #ifndef XMLSEC_NO_HMAC
-    gXmlSecGnuTLSFunctions->transformHmacSha1GetKlass 		= xmlSecGnuTLSTransformHmacSha1GetKlass;
-    gXmlSecGnuTLSFunctions->transformHmacRipemd160GetKlass 	= xmlSecGnuTLSTransformHmacRipemd160GetKlass;
-    gXmlSecGnuTLSFunctions->transformHmacMd5GetKlass 		= xmlSecGnuTLSTransformHmacMd5GetKlass;
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGnuTLSFunctions->transformHmacMd5GetKlass            = xmlSecGnuTLSTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGnuTLSFunctions->transformHmacRipemd160GetKlass      = xmlSecGnuTLSTransformHmacRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGnuTLSFunctions->transformHmacSha1GetKlass           = xmlSecGnuTLSTransformHmacSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGnuTLSFunctions->transformHmacSha256GetKlass         = xmlSecGnuTLSTransformHmacSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGnuTLSFunctions->transformHmacSha384GetKlass         = xmlSecGnuTLSTransformHmacSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGnuTLSFunctions->transformHmacSha512GetKlass         = xmlSecGnuTLSTransformHmacSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
 #endif /* XMLSEC_NO_HMAC */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecGnuTLSFunctions->transformSha1GetKlass 		= xmlSecGnuTLSTransformSha1GetKlass;
+    /******************************* MD5 ********************************/
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGnuTLSFunctions->transformMd5GetKlass                = xmlSecGnuTLSTransformMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+    /******************************* RIPEMD160 ********************************/
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGnuTLSFunctions->transformRipemd160GetKlass          = xmlSecGnuTLSTransformRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+    /******************************* RSA ********************************/
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecGnuTLSFunctions->transformRsaMd5GetKlass            = xmlSecGnuTLSTransformRsaMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecGnuTLSFunctions->transformRsaRipemd160GetKlass      = xmlSecGnuTLSTransformRsaRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGnuTLSFunctions->transformRsaSha1GetKlass           = xmlSecGnuTLSTransformRsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGnuTLSFunctions->transformRsaSha256GetKlass         = xmlSecGnuTLSTransformRsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGnuTLSFunctions->transformRsaSha384GetKlass         = xmlSecGnuTLSTransformRsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGnuTLSFunctions->transformRsaSha512GetKlass         = xmlSecGnuTLSTransformRsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+    /******************************* SHA ********************************/
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecGnuTLSFunctions->transformSha1GetKlass               = xmlSecGnuTLSTransformSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
 
-    /**
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecGnuTLSFunctions->transformSha256GetKlass             = xmlSecGnuTLSTransformSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecGnuTLSFunctions->transformSha384GetKlass             = xmlSecGnuTLSTransformSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecGnuTLSFunctions->transformSha512GetKlass             = xmlSecGnuTLSTransformSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+
+    /********************************************************************
+     *
      * High level routines form xmlsec command line utility
-     */ 
-    gXmlSecGnuTLSFunctions->cryptoAppInit 			= xmlSecGnuTLSAppInit;
-    gXmlSecGnuTLSFunctions->cryptoAppShutdown 			= xmlSecGnuTLSAppShutdown;
-    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrInit 	= xmlSecGnuTLSAppDefaultKeysMngrInit;
-    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrAdoptKey 	= xmlSecGnuTLSAppDefaultKeysMngrAdoptKey;
-    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrLoad 	= xmlSecGnuTLSAppDefaultKeysMngrLoad;
-    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrSave 	= xmlSecGnuTLSAppDefaultKeysMngrSave;
+     *
+     ********************************************************************/
+    gXmlSecGnuTLSFunctions->cryptoAppInit                       = xmlSecGnuTLSAppInit;
+    gXmlSecGnuTLSFunctions->cryptoAppShutdown                   = xmlSecGnuTLSAppShutdown;
+    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrInit        = xmlSecGnuTLSAppDefaultKeysMngrInit;
+    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrAdoptKey    = xmlSecGnuTLSAppDefaultKeysMngrAdoptKey;
+    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrLoad        = xmlSecGnuTLSAppDefaultKeysMngrLoad;
+    gXmlSecGnuTLSFunctions->cryptoAppDefaultKeysMngrSave        = xmlSecGnuTLSAppDefaultKeysMngrSave;
 #ifndef XMLSEC_NO_X509
-    gXmlSecGnuTLSFunctions->cryptoAppKeysMngrCertLoad 		= xmlSecGnuTLSAppKeysMngrCertLoad;
-    gXmlSecGnuTLSFunctions->cryptoAppPkcs12Load  		= xmlSecGnuTLSAppPkcs12Load; 
-    gXmlSecGnuTLSFunctions->cryptoAppKeyCertLoad 		= xmlSecGnuTLSAppKeyCertLoad;
+    gXmlSecGnuTLSFunctions->cryptoAppKeysMngrCertLoad           = xmlSecGnuTLSAppKeysMngrCertLoad;
+    gXmlSecGnuTLSFunctions->cryptoAppPkcs12Load                 = xmlSecGnuTLSAppPkcs12Load;
+    gXmlSecGnuTLSFunctions->cryptoAppKeyCertLoad                = xmlSecGnuTLSAppKeyCertLoad;
 #endif /* XMLSEC_NO_X509 */
-    gXmlSecGnuTLSFunctions->cryptoAppKeyLoad 			= xmlSecGnuTLSAppKeyLoad; 
-    gXmlSecGnuTLSFunctions->cryptoAppDefaultPwdCallback		= (void*)xmlSecGnuTLSAppGetDefaultPwdCallback();
+    gXmlSecGnuTLSFunctions->cryptoAppKeyLoad                    = xmlSecGnuTLSAppKeyLoad;
+    gXmlSecGnuTLSFunctions->cryptoAppDefaultPwdCallback         = (void*)xmlSecGnuTLSAppGetDefaultPwdCallback();
 
     return(gXmlSecGnuTLSFunctions);
 }
@@ -115,51 +233,51 @@ xmlSecCryptoGetFunctions_gnutls(void) {
 
 /**
  * xmlSecGnuTLSInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecGnuTLSInit (void)  {
     /* Check loaded xmlsec library version */
     if(xmlSecCheckVersionExact() != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCheckVersionExact",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* register our klasses */
     if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_gnutls()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecGnuTLSShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecGnuTLSShutdown(void) {
     return(0);
 }
 
 /**
  * xmlSecGnuTLSKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds GnuTLS specific key data stores in keys manager.
  *
@@ -167,38 +285,66 @@ xmlSecGnuTLSShutdown(void) {
  */
 int
 xmlSecGnuTLSKeysMngrInit(xmlSecKeysMngrPtr mngr) {
+    int ret;
+
     xmlSecAssert2(mngr != NULL, -1);
 
-    /* TODO: add key data stores */
+#ifndef XMLSEC_NO_X509
+    /* create x509 store if needed */
+    if(xmlSecKeysMngrGetDataStore(mngr, xmlSecGnuTLSX509StoreId) == NULL) {
+        xmlSecKeyDataStorePtr x509Store;
+
+        x509Store = xmlSecKeyDataStoreCreate(xmlSecGnuTLSX509StoreId);
+        if(x509Store == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGnuTLSX509StoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptDataStore(mngr, x509Store);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptDataStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDataStoreDestroy(x509Store);
+            return(-1);
+        }
+    }
+#endif /* XMLSEC_NO_X509 */
     return(0);
 }
 
 /**
  * xmlSecGnuTLSGenerateRandom:
- * @buffer:		the destination buffer.
- * @size:		the numer of bytes to generate.
+ * @buffer:             the destination buffer.
+ * @size:               the numer of bytes to generate.
  *
  * Generates @size random bytes and puts result in @buffer.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecGnuTLSGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {	
+xmlSecGnuTLSGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(size > 0, -1);
 
     ret = xmlSecBufferSetSize(buffer, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
     }
-        
+
     /* get random data */
     gcry_randomize(xmlSecBufferGetData(buffer), size, GCRY_STRONG_RANDOM);
     return(0);
diff --git a/src/gnutls/digests.c b/src/gnutls/digests.c
index fb8109de..2df20706 100644
--- a/src/gnutls/digests.c
+++ b/src/gnutls/digests.c
@@ -1,18 +1,15 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <string.h>
 
-#include <gnutls/gnutls.h>
-#include <gcrypt.h>
-
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/keys.h>
 #include <xmlsec/transforms.h>
@@ -21,298 +18,95 @@
 #include <xmlsec/gnutls/app.h>
 #include <xmlsec/gnutls/crypto.h>
 
-#define XMLSEC_GNUTLS_MAX_DIGEST_SIZE		32
-
 /**************************************************************************
  *
- * Internal GNUTLS Digest CTX
+ * We use xmlsec-gcrypt for all the basic crypto ops
  *
  *****************************************************************************/
-typedef struct _xmlSecGnuTLSDigestCtx		xmlSecGnuTLSDigestCtx, *xmlSecGnuTLSDigestCtxPtr;
-struct _xmlSecGnuTLSDigestCtx {
-    int			digest;
-    GcryMDHd		digestCtx;
-    xmlSecByte	 	dgst[XMLSEC_GNUTLS_MAX_DIGEST_SIZE];
-    xmlSecSize		dgstSize;	/* dgst size in bytes */
-};	    
+#include <xmlsec/gcrypt/crypto.h>
 
-/******************************************************************************
- *
- * Digest transforms
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformSha1GetKlass:
  *
- * xmlSecGnuTLSDigestCtx is located after xmlSecTransform
+ * SHA-1 digest transform klass.
  *
- *****************************************************************************/
-#define xmlSecGnuTLSDigestSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecGnuTLSDigestCtx))	
-#define xmlSecGnuTLSDigestGetCtx(transform) \
-    ((xmlSecGnuTLSDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
-static int 	xmlSecGnuTLSDigestInitialize		(xmlSecTransformPtr transform);
-static void 	xmlSecGnuTLSDigestFinalize		(xmlSecTransformPtr transform);
-static int	xmlSecGnuTLSDigestVerify		(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data, 
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecGnuTLSDigestExecute		(xmlSecTransformPtr transform, 
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecGnuTLSDigestCheckId		(xmlSecTransformPtr transform);
-
-static int
-xmlSecGnuTLSDigestCheckId(xmlSecTransformPtr transform) {
-
-#ifndef XMLSEC_NO_SHA1
-    if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformSha1Id)) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_SHA1 */    
-
-    return(0);
+ * Returns: pointer to SHA-1 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformSha1GetKlass(void) {
+    return (xmlSecGCryptTransformSha1GetKlass());
 }
+#endif /* XMLSEC_NO_SHA1 */
 
-static int 
-xmlSecGnuTLSDigestInitialize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSDigestCtxPtr ctx;
-#ifndef XMLSEC_GNUTLS_OLD
-    gpg_err_code_t ret;
-#endif /* XMLSEC_GNUTLS_OLD */
-
-    xmlSecAssert2(xmlSecGnuTLSDigestCheckId(transform), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSDigestSize), -1);
-
-    ctx = xmlSecGnuTLSDigestGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-
-    /* initialize context */
-    memset(ctx, 0, sizeof(xmlSecGnuTLSDigestCtx));
-
-#ifndef XMLSEC_NO_SHA1
-    if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformSha1Id)) {
-	ctx->digest = GCRY_MD_SHA1;
-    } else
-#endif /* XMLSEC_NO_SHA1 */    	
 
-    if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
-#ifndef XMLSEC_GNUTLS_OLD
-    ret = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
-    if(ret != GPG_ERR_NO_ERROR) {
-#else /* XMLSEC_GNUTLS_OLD */
-    ctx->digestCtx = gcry_md_open(ctx->digest, GCRY_MD_FLAG_SECURE); /* we are paranoid */
-    if(ctx->digestCtx == NULL) {
-#endif /* XMLSEC_GNUTLS_OLD */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "gcry_md_open",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    return(0);
+#ifndef XMLSEC_NO_SHA256
+/**
+ * xmlSecGnuTLSTransformSha256GetKlass:
+ *
+ * SHA256 digest transform klass.
+ *
+ * Returns: pointer to SHA256 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformSha256GetKlass(void) {
+    return (xmlSecGCryptTransformSha256GetKlass());
 }
+#endif /* XMLSEC_NO_SHA256 */
 
-static void 
-xmlSecGnuTLSDigestFinalize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSDigestCtxPtr ctx;
-
-    xmlSecAssert(xmlSecGnuTLSDigestCheckId(transform));
-    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGnuTLSDigestSize));
-
-    ctx = xmlSecGnuTLSDigestGetCtx(transform);
-    xmlSecAssert(ctx != NULL);
-    
-    if(ctx->digestCtx != NULL) {
-	gcry_md_close(ctx->digestCtx);
-    }
-    memset(ctx, 0, sizeof(xmlSecGnuTLSDigestCtx));
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGnuTLSTransformSha384GetKlass:
+ *
+ * SHA384 digest transform klass.
+ *
+ * Returns: pointer to SHA384 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformSha384GetKlass(void) {
+      return (xmlSecGCryptTransformSha384GetKlass());
 }
+#endif /* XMLSEC_NO_SHA384 */
 
-static int
-xmlSecGnuTLSDigestVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
-    xmlSecGnuTLSDigestCtxPtr ctx;
-    
-    xmlSecAssert2(xmlSecGnuTLSDigestCheckId(transform), -1);
-    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSDigestSize), -1);
-    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
-    xmlSecAssert2(data != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    ctx = xmlSecGnuTLSDigestGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
-    if(dataSize != ctx->dgstSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest sizes are different (data=%d, dgst=%d)", 
-		    dataSize, ctx->dgstSize);
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
-    }
-    
-    if(memcmp(ctx->dgst, data, dataSize) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
-    }
-    
-    transform->status = xmlSecTransformStatusOk;
-    return(0);
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformSha512GetKlass:
+ *
+ * SHA512 digest transform klass.
+ *
+ * Returns: pointer to SHA512 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformSha512GetKlass(void) {
+        return (xmlSecGCryptTransformSha512GetKlass());
 }
+#endif /* XMLSEC_NO_SHA512 */
 
-static int 
-xmlSecGnuTLSDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecGnuTLSDigestCtxPtr ctx;
-    xmlSecBufferPtr in, out;
-    int ret;
-    
-    xmlSecAssert2(xmlSecGnuTLSDigestCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSDigestSize), -1);
-
-    ctx = xmlSecGnuTLSDigestGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->digest != GCRY_MD_NONE, -1);
-    xmlSecAssert2(ctx->digestCtx != NULL, -1);
-
-    in = &(transform->inBuf);
-    out = &(transform->outBuf);
-
-    if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    }
-    
-    if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {
-	    xmlSecByte* buf;
-	    
-	    /* get the final digest */
-	    gcry_md_final(ctx->digestCtx);
-	    buf = gcry_md_read(ctx->digestCtx, ctx->digest);
-	    if(buf == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "gcry_md_read",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-	    
-	    /* copy it to our internal buffer */
-	    ctx->dgstSize = gcry_md_get_algo_dlen(ctx->digest);
-	    xmlSecAssert2(ctx->dgstSize > 0, -1);
-	    xmlSecAssert2(ctx->dgstSize <= sizeof(ctx->dgst), -1);
-	    memcpy(ctx->dgst, buf, ctx->dgstSize);
-
-	    /* and to the output if needed */
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", ctx->dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
-    } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
-    }
-    
-    return(0);
-}
+#ifndef XMLSEC_NO_MD5
 
-#ifndef XMLSEC_NO_SHA1
-/******************************************************************************
+/**
+ * xmlSecGnuTLSTransformMd5GetKlass:
  *
- * SHA1 Digest transforms
+ * MD5 digest transform klass.
  *
- *****************************************************************************/
-static xmlSecTransformKlass xmlSecGnuTLSSha1Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSDigestSize,			/* xmlSecSize objSize */
-
-    /* data */
-    xmlSecNameSha1,				/* const xmlChar* name; */
-    xmlSecHrefSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    /* methods */
-    xmlSecGnuTLSDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSDigestFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecGnuTLSDigestVerify,			/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSDigestExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
+ * Returns: pointer to MD5 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformMd5GetKlass(void) {
+    return (xmlSecGCryptTransformMd5GetKlass());
+}
+#endif /* XMLSEC_NO_MD5 */
 
-/** 
- * xmlSecGnuTLSTransformSha1GetKlass:
+#ifndef XMLSEC_NO_RIPEMD160
+/**
+ * xmlSecGnuTLSTransformRipemd160GetKlass:
  *
- * SHA-1 digest transform klass.
+ * RIPEMD160 digest transform klass.
  *
- * Returns: pointer to SHA-1 digest transform klass.
+ * Returns: pointer to RIPEMD160 digest transform klass.
  */
-xmlSecTransformId 
-xmlSecGnuTLSTransformSha1GetKlass(void) {
-    return(&xmlSecGnuTLSSha1Klass);
+xmlSecTransformId
+xmlSecGnuTLSTransformRipemd160GetKlass(void) {
+    return (xmlSecGCryptTransformRipemd160GetKlass());
 }
-#endif /* XMLSEC_NO_SHA1 */
-
-
+#endif /* XMLSEC_NO_RIPEMD160 */
diff --git a/src/gnutls/globals.h b/src/gnutls/globals.h
index 272a27b8..b49e2404 100644
--- a/src/gnutls/globals.h
+++ b/src/gnutls/globals.h
@@ -5,14 +5,14 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GLOBALS_H__
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -21,4 +21,11 @@
 #define IN_XMLSEC_CRYPTO
 #define XMLSEC_PRIVATE
 
+#define XMLSEC_GNUTLS_GCRYPT_REPORT_ERROR(err)  \
+        "error code=%d; error message='%s'",    \
+        (int)err, xmlSecErrorsSafeString(gcry_strerror((err)))
+#define XMLSEC_GNUTLS_REPORT_ERROR(err)         \
+        "error code=%d; error message='%s'",    \
+        (int)err, xmlSecErrorsSafeString(gnutls_strerror((err)))
+
 #endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/gnutls/hmac.c b/src/gnutls/hmac.c
index bc106471..5d1acfc2 100644
--- a/src/gnutls/hmac.c
+++ b/src/gnutls/hmac.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef XMLSEC_NO_HMAC
@@ -11,9 +11,6 @@
 
 #include <string.h>
 
-#include <gnutls/gnutls.h>
-#include <gcrypt.h>
-
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/xmltree.h>
 #include <xmlsec/keys.h>
@@ -23,579 +20,122 @@
 #include <xmlsec/gnutls/app.h>
 #include <xmlsec/gnutls/crypto.h>
 
-/* sizes in bits */
-#define XMLSEC_GNUTLS_MIN_HMAC_SIZE		80
-#define XMLSEC_GNUTLS_MAX_HMAC_SIZE		(128 * 8)
-
 /**************************************************************************
  *
- * Configuration
+ * We use xmlsec-gcrypt for all the basic crypto ops
  *
  *****************************************************************************/
-static int g_xmlsec_gnutls_hmac_min_length = XMLSEC_GNUTLS_MIN_HMAC_SIZE;
+#include <xmlsec/gcrypt/crypto.h>
 
 /**
- * xmlSecGnuTLSHmacGetMinOutputLength: 
- * 
+ * xmlSecGnuTLSHmacGetMinOutputLength:
+ *
  * Gets the value of min HMAC length.
- * 
+ *
  * Returns: the min HMAC output length
  */
 int xmlSecGnuTLSHmacGetMinOutputLength(void)
 {
-    return g_xmlsec_gnutls_hmac_min_length;
+    return xmlSecGCryptHmacGetMinOutputLength();
 }
 
 /**
- * xmlSecGnuTLSHmacSetMinOutputLength: 
- * @min_length: the new min length 
- * 
+ * xmlSecGnuTLSHmacSetMinOutputLength:
+ * @min_length: the new min length
+ *
  * Sets the min HMAC output length
  */
 void xmlSecGnuTLSHmacSetMinOutputLength(int min_length)
 {
-    g_xmlsec_gnutls_hmac_min_length = min_length;
+    xmlSecGCryptHmacSetMinOutputLength(min_length);
 }
 
-/**************************************************************************
- *
- * Internal GNUTLS HMAC CTX
- *
- *****************************************************************************/
-typedef struct _xmlSecGnuTLSHmacCtx		xmlSecGnuTLSHmacCtx, *xmlSecGnuTLSHmacCtxPtr;
-struct _xmlSecGnuTLSHmacCtx {
-    int			digest;
-    GcryMDHd		digestCtx;
-    xmlSecByte	 	dgst[XMLSEC_GNUTLS_MAX_HMAC_SIZE / 8];
-    xmlSecSize		dgstSize;	/* dgst size in bits */
-};	    
 
-/******************************************************************************
- *
- * HMAC transforms
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformHmacSha1GetKlass:
  *
- * xmlSecGnuTLSHmacCtx is located after xmlSecTransform
+ * The HMAC-SHA1 transform klass.
  *
- *****************************************************************************/
-#define xmlSecGnuTLSHmacGetCtx(transform) \
-    ((xmlSecGnuTLSHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecGnuTLSHmacSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecGnuTLSHmacCtx))
-#define xmlSecGnuTLSHmacCheckId(transform) \
-    (xmlSecTransformCheckId((transform), xmlSecGnuTLSTransformHmacSha1Id) || \
-     xmlSecTransformCheckId((transform), xmlSecGnuTLSTransformHmacMd5Id) || \
-     xmlSecTransformCheckId((transform), xmlSecGnuTLSTransformHmacRipemd160Id))
-
-static int 	xmlSecGnuTLSHmacInitialize		(xmlSecTransformPtr transform);
-static void 	xmlSecGnuTLSHmacFinalize		(xmlSecTransformPtr transform);
-static int 	xmlSecGnuTLSHmacNodeRead		(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecGnuTLSHmacSetKeyReq		(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecGnuTLSHmacSetKey			(xmlSecTransformPtr transform, 
-							 xmlSecKeyPtr key);
-static int	xmlSecGnuTLSHmacVerify			(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data, 
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecGnuTLSHmacExecute			(xmlSecTransformPtr transform, 
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
-
-static int 
-xmlSecGnuTLSHmacInitialize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-#ifndef XMLSEC_GNUTLS_OLD
-    gpg_err_code_t ret;
-#endif /* XMLSEC_GNUTLS_OLD */
-
-    xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    
-    memset(ctx, 0, sizeof(xmlSecGnuTLSHmacCtx));
-    if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformHmacSha1Id)) {
-        ctx->digest = GCRY_MD_SHA1;
-    } else if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformHmacMd5Id)) {
-        ctx->digest = GCRY_MD_MD5;
-    } else if(xmlSecTransformCheckId(transform, xmlSecGnuTLSTransformHmacRipemd160Id)) {
-        ctx->digest = GCRY_MD_RMD160;
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
-#ifndef XMLSEC_GNUTLS_OLD
-    ret = gcry_md_open(&ctx->digestCtx, ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
-    if(ret != GPG_ERR_NO_ERROR) {
-#else /* XMLSEC_GNUTLS_OLD */
-    ctx->digestCtx = gcry_md_open(ctx->digest, GCRY_MD_FLAG_HMAC | GCRY_MD_FLAG_SECURE); /* we are paranoid */
-    if(ctx->digestCtx == NULL) {
-#endif /* XMLSEC_GNUTLS_OLD */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "gcry_md_open",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
-    return(0);
-}
-
-static void 
-xmlSecGnuTLSHmacFinalize(xmlSecTransformPtr transform) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-
-    xmlSecAssert(xmlSecGnuTLSHmacCheckId(transform));    
-    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize));
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert(ctx != NULL);
-
-    if(ctx->digestCtx != NULL) {
-	gcry_md_close(ctx->digestCtx);
-    }
-    memset(ctx, 0, sizeof(xmlSecGnuTLSHmacCtx));
+ * Returns: the HMAC-SHA1 transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformHmacSha1GetKlass(void) {
+    return (xmlSecGCryptTransformHmacSha1GetKlass());
 }
+#endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
 /**
- * xmlSecGnuTLSHmacNodeRead:
+ * xmlSecGnuTLSTransformHmacSha256GetKlass:
  *
- * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
+ * The HMAC-SHA256 transform klass.
  *
- * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits 
- * as a parameter; if the parameter is not specified then all the bits of the 
- * hash are output. An example of an HMAC SignatureMethod element:  
- * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
- *   <HMACOutputLength>128</HMACOutputLength>
- * </SignatureMethod>
- * 
- * Schema Definition:
- * 
- * <simpleType name="HMACOutputLengthType">
- *   <restriction base="integer"/>
- * </simpleType>
- *     
- * DTD:
- *     
- * <!ELEMENT HMACOutputLength (#PCDATA)>
+ * Returns: the HMAC-SHA256 transform klass.
  */
-static int
-xmlSecGnuTLSHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-    xmlNodePtr cur;
-
-    xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-    xmlSecAssert2(node != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-
-    cur = xmlSecGetNextElementNode(node->children); 
-    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {  
-	xmlChar *content;
-	
-	content = xmlNodeGetContent(cur);
-	if(content != NULL) {
-	    ctx->dgstSize = atoi((char*)content);	    
-	    xmlFree(content);
-	}
-	
-	/* Ensure that HMAC length is greater than min specified.
-	   Otherwise, an attacker can set this lenght to 0 or very 
-	   small value
-	*/
-	if((int)ctx->dgstSize < xmlSecGnuTLSHmacGetMinOutputLength()) {
- 	   xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-		    "HMAC output length is too small");
-	   return(-1);
-	}
-
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-    
-    if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "no nodes expected");
-	return(-1);
-    }
-    return(0); 
+xmlSecTransformId
+xmlSecGnuTLSTransformHmacSha256GetKlass(void) {
+    return (xmlSecGCryptTransformHmacSha256GetKlass());
 }
+#endif /* XMLSEC_NO_SHA256 */
 
-
-static int  
-xmlSecGnuTLSHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-
-    xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
-    xmlSecAssert2(keyReq != NULL, -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-
-    keyReq->keyId  = xmlSecGnuTLSKeyDataHmacId;
-    keyReq->keyType= xmlSecKeyDataTypeSymmetric;
-    if(transform->operation == xmlSecTransformOperationSign) {
-	keyReq->keyUsage = xmlSecKeyUsageSign;
-    } else {
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
-    }
-    
-    return(0);
-}
-
-static int
-xmlSecGnuTLSHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-    xmlSecKeyDataPtr value;
-    xmlSecBufferPtr buffer;    
-    int ret;
-    
-    xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-    xmlSecAssert2(key != NULL, -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->digestCtx != NULL, -1);
-    
-    value = xmlSecKeyGetValue(key);
-    xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecGnuTLSKeyDataHmacId), -1);
-
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
-    xmlSecAssert2(buffer != NULL, -1);
-
-    if(xmlSecBufferGetSize(buffer) == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key is empty");
-	return(-1);    
-    }
-    
-    ret = gcry_md_setkey(ctx->digestCtx, xmlSecBufferGetData(buffer), 
-			xmlSecBufferGetSize(buffer));
-    if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "gcry_md_setkey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "ret=%d", ret);
-	return(-1);
-    }
-    return(0);
-}
-
-static int
-xmlSecGnuTLSHmacVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
-    static xmlSecByte last_byte_masks[] = 	
-		{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
-
-    xmlSecGnuTLSHmacCtxPtr ctx;
-    xmlSecByte mask;
-        
-    xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
-    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
-    xmlSecAssert2(data != NULL, -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->digestCtx != NULL, -1);
-    xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
-    /* compare the digest size in bytes */
-    if(dataSize != ((ctx->dgstSize + 7) / 8)){
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "data=%d;dgst=%d",
-		    dataSize, ((ctx->dgstSize + 7) / 8));
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
-    }
-
-    /* we check the last byte separatelly */
-    xmlSecAssert2(dataSize > 0, -1);
-    mask = last_byte_masks[ctx->dgstSize % 8];
-    if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1]  & mask)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match (last byte)");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
-    }
-
-    /* now check the rest of the digest */
-    if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
-    }
-    
-    transform->status = xmlSecTransformStatusOk;
-    return(0);
-}
-
-static int 
-xmlSecGnuTLSHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecGnuTLSHmacCtxPtr ctx;
-    xmlSecBufferPtr in, out;
-    xmlSecByte* dgst;
-    xmlSecSize dgstSize;
-    int ret;
-    
-    xmlSecAssert2(xmlSecGnuTLSHmacCheckId(transform), -1);
-    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecGnuTLSHmacSize), -1);
-    xmlSecAssert2(transformCtx != NULL, -1);
-
-    ctx = xmlSecGnuTLSHmacGetCtx(transform);
-    xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->digestCtx != NULL, -1);
-
-    in = &(transform->inBuf);
-    out = &(transform->outBuf);
-
-    if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    }
-    
-    if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    gcry_md_write(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {	    
-	    /* get the final digest */
-	    gcry_md_final(ctx->digestCtx);
-	    dgst = gcry_md_read(ctx->digestCtx, ctx->digest);
-	    if(dgst == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "gcry_md_read",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-	    
-	    /* copy it to our internal buffer */
-	    dgstSize = gcry_md_get_algo_dlen(ctx->digest);
-	    xmlSecAssert2(dgstSize > 0, -1);
-	    xmlSecAssert2(dgstSize <= sizeof(ctx->dgst), -1);
-	    memcpy(ctx->dgst, dgst, dgstSize);
-
-	    /* check/set the result digest size */
-	    if(ctx->dgstSize == 0) {
-		ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
-	    } else if(ctx->dgstSize <= 8 * dgstSize) {
-		dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
-	    } else {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_SIZE,
-			    "result-bits=%d;required-bits=%d",
-			    8 * dgstSize, ctx->dgstSize);
-		return(-1);
-	    }
-
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
-    } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "size=%d", transform->status);
-	return(-1);
-    }
-    
-    return(0);
-}
-
-/** 
- * HMAC SHA1
- */
-static xmlSecTransformKlass xmlSecGnuTLSHmacSha1Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha1,				/* const xmlChar* name; */
-    xmlSecHrefHmacSha1, 			/* const xmlChar *href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecGnuTLSHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecGnuTLSHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecGnuTLSHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecGnuTLSHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/** 
- * xmlSecGnuTLSTransformHmacSha1GetKlass:
+#ifndef XMLSEC_NO_SHA384
+/**
+ * xmlSecGnuTLSTransformHmacSha384GetKlass:
  *
- * The HMAC-SHA1 transform klass.
+ * The HMAC-SHA384 transform klass.
  *
- * Returns: the HMAC-SHA1 transform klass.
+ * Returns: the HMAC-SHA384 transform klass.
  */
-xmlSecTransformId 
-xmlSecGnuTLSTransformHmacSha1GetKlass(void) {
-    return(&xmlSecGnuTLSHmacSha1Klass);
+xmlSecTransformId
+xmlSecGnuTLSTransformHmacSha384GetKlass(void) {
+      return (xmlSecGCryptTransformHmacSha384GetKlass());
 }
+#endif /* XMLSEC_NO_SHA384 */
 
-/** 
- * HMAC Ripemd160
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformHmacSha512GetKlass:
+ *
+ * The HMAC-SHA512 transform klass.
+ *
+ * Returns: the HMAC-SHA512 transform klass.
  */
-static xmlSecTransformKlass xmlSecGnuTLSHmacRipemd160Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSHmacSize,			/* xmlSecSize objSize */
+xmlSecTransformId
+xmlSecGnuTLSTransformHmacSha512GetKlass(void) {
+        return (xmlSecGCryptTransformHmacSha512GetKlass());
+}
+#endif /* XMLSEC_NO_SHA512 */
 
-    xmlSecNameHmacRipemd160,			/* const xmlChar* name; */
-    xmlSecHrefHmacRipemd160, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecGnuTLSHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecGnuTLSHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecGnuTLSHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecGnuTLSHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-/** 
+#ifndef XMLSEC_NO_RIPEMD160
+/**
  * xmlSecGnuTLSTransformHmacRipemd160GetKlass:
  *
  * The HMAC-RIPEMD160 transform klass.
  *
  * Returns: the HMAC-RIPEMD160 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecGnuTLSTransformHmacRipemd160GetKlass(void) {
-    return(&xmlSecGnuTLSHmacRipemd160Klass);
+       return (xmlSecGCryptTransformHmacRipemd160GetKlass());
 }
+#endif /* XMLSEC_NO_RIPEMD160 */
 
-/** 
- * HMAC Md5
- */
-static xmlSecTransformKlass xmlSecGnuTLSHmacMd5Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecGnuTLSHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacMd5,				/* const xmlChar* name; */
-    xmlSecHrefHmacMd5, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecGnuTLSHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecGnuTLSHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecGnuTLSHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecGnuTLSHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecGnuTLSHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecGnuTLSHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecGnuTLSHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/** 
+#ifndef XMLSEC_NO_MD5
+/**
  * xmlSecGnuTLSTransformHmacMd5GetKlass:
  *
  * The HMAC-MD5 transform klass.
  *
  * Returns: the HMAC-MD5 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecGnuTLSTransformHmacMd5GetKlass(void) {
-    return(&xmlSecGnuTLSHmacMd5Klass);
+    return (xmlSecGCryptTransformHmacMd5GetKlass());
 }
+#endif /* XMLSEC_NO_MD5 */
 
 
 #endif /* XMLSEC_NO_HMAC */
diff --git a/src/gnutls/kw_aes.c b/src/gnutls/kw_aes.c
new file mode 100644
index 00000000..63f8a6be
--- /dev/null
+++ b/src/gnutls/kw_aes.c
@@ -0,0 +1,72 @@
+/**
+ *
+ * XMLSec library
+ *
+ * AES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_AES
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+
+
+
+/**
+ * xmlSecGnuTLSTransformKWAes128GetKlass:
+ *
+ * The AES-128 kew wrapper transform klass.
+ *
+ * Returns: AES-128 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformKWAes128GetKlass(void) {
+    return(xmlSecGCryptTransformKWAes128GetKlass());
+}
+
+/**
+ * xmlSecGnuTLSTransformKWAes192GetKlass:
+ *
+ * The AES-192 kew wrapper transform klass.
+ *
+ * Returns: AES-192 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformKWAes192GetKlass(void) {
+    return(xmlSecGCryptTransformKWAes192GetKlass());
+}
+
+/**
+ * xmlSecGnuTLSTransformKWAes256GetKlass:
+ *
+ * The AES-256 kew wrapper transform klass.
+ *
+ * Returns: AES-256 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformKWAes256GetKlass(void) {
+    return(xmlSecGCryptTransformKWAes256GetKlass());
+}
+
+#endif /* XMLSEC_NO_AES */
diff --git a/src/gnutls/kw_des.c b/src/gnutls/kw_des.c
new file mode 100644
index 00000000..5d2a2e55
--- /dev/null
+++ b/src/gnutls/kw_des.c
@@ -0,0 +1,51 @@
+/**
+ *
+ * XMLSec library
+ *
+ * DES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_DES
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <gcrypt.h>
+
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+
+
+/**
+ * xmlSecGnuTLSTransformKWDes3GetKlass:
+ *
+ * The Triple DES key wrapper transform klass.
+ *
+ * Returns: Triple DES key wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformKWDes3GetKlass(void) {
+    return(xmlSecGCryptTransformKWDes3GetKlass());
+}
+
+#endif /* XMLSEC_NO_DES */
+
diff --git a/src/gnutls/signatures.c b/src/gnutls/signatures.c
new file mode 100644
index 00000000..98d1f832
--- /dev/null
+++ b/src/gnutls/signatures.c
@@ -0,0 +1,148 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+
+/**************************************************************************
+ *
+ * We use xmlsec-gcrypt for all the basic crypto ops
+ *
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
+#include <gcrypt.h>
+
+
+#ifndef XMLSEC_NO_DSA
+
+#ifndef XMLSEC_NO_SHA1
+
+/**
+ * xmlSecGnuTLSTransformDsaSha1GetKlass:
+ *
+ * The DSA-SHA1 signature transform klass.
+ *
+ * Returns: DSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformDsaSha1GetKlass(void) {
+    return (xmlSecGCryptTransformDsaSha1GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+
+/**
+ * xmlSecGnuTLSTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaMd5GetKlass(void) {
+    return (xmlSecGCryptTransformRsaMd5GetKlass());
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+
+/**
+ * xmlSecGnuTLSTransformRsaRipemd160GetKlass:
+ *
+ * The RSA-RIPEMD160 signature transform klass.
+ *
+ * Returns: RSA-RIPEMD160 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaRipemd160GetKlass(void) {
+    return (xmlSecGCryptTransformRsaRipemd160GetKlass());
+}
+
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/**
+ * xmlSecGnuTLSTransformRsaSha1GetKlass:
+ *
+ * The RSA-SHA1 signature transform klass.
+ *
+ * Returns: RSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha1GetKlass(void) {
+    return (xmlSecGCryptTransformRsaSha1GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+
+/**
+ * xmlSecGnuTLSTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha256GetKlass(void) {
+    return (xmlSecGCryptTransformRsaSha256GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+
+/**
+ * xmlSecGnuTLSTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha384GetKlass(void) {
+      return (xmlSecGCryptTransformRsaSha384GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/**
+ * xmlSecGnuTLSTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecGnuTLSTransformRsaSha512GetKlass(void) {
+    return (xmlSecGCryptTransformRsaSha512GetKlass());
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+
+
diff --git a/src/gnutls/symkeys.c b/src/gnutls/symkeys.c
index 4a11d13a..b1521d62 100644
--- a/src/gnutls/symkeys.c
+++ b/src/gnutls/symkeys.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * DES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -24,236 +24,33 @@
 
 #include <xmlsec/gnutls/crypto.h>
 
-/*****************************************************************************
- * 
- * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
- *
- ****************************************************************************/
-static int	xmlSecGnuTLSSymKeyDataInitialize	(xmlSecKeyDataPtr data);
-static int	xmlSecGnuTLSSymKeyDataDuplicate		(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void	xmlSecGnuTLSSymKeyDataFinalize		(xmlSecKeyDataPtr data);
-static int	xmlSecGnuTLSSymKeyDataXmlRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecGnuTLSSymKeyDataXmlWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecGnuTLSSymKeyDataBinRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 const xmlSecByte* buf,
-							 xmlSecSize bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecGnuTLSSymKeyDataBinWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlSecByte** buf,
-							 xmlSecSize* bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecGnuTLSSymKeyDataGenerate		(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecGnuTLSSymKeyDataGetType	(xmlSecKeyDataPtr data);
-static xmlSecSize	 xmlSecGnuTLSSymKeyDataGetSize	(xmlSecKeyDataPtr data);
-static void	xmlSecGnuTLSSymKeyDataDebugDump		(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void	xmlSecGnuTLSSymKeyDataDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static int	xmlSecGnuTLSSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
-
-#define xmlSecGnuTLSSymKeyDataCheckId(data) \
-    (xmlSecKeyDataIsValid((data)) && \
-     xmlSecGnuTLSSymKeyDataKlassCheck((data)->id))
-
-static int
-xmlSecGnuTLSSymKeyDataInitialize(xmlSecKeyDataPtr data) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(data), -1);
-    
-    return(xmlSecKeyDataBinaryValueInitialize(data));
-}
-
-static int
-xmlSecGnuTLSSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(dst), -1);
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(src), -1);
-    xmlSecAssert2(dst->id == src->id, -1);
-        
-    return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
-}
-
-static void
-xmlSecGnuTLSSymKeyDataFinalize(xmlSecKeyDataPtr data) {
-    xmlSecAssert(xmlSecGnuTLSSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueFinalize(data);
-}
-
-static int
-xmlSecGnuTLSSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			       xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
-}
-
-static int 
-xmlSecGnuTLSSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
-}
-
-static int
-xmlSecGnuTLSSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
-}
-
-static int
-xmlSecGnuTLSSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlSecByte** buf, xmlSecSize* bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
-}
-
-static int
-xmlSecGnuTLSSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
-    xmlSecBufferPtr buffer;
-
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(data), -1);
-    xmlSecAssert2(sizeBits > 0, -1);
-
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, -1);
-    
-    return(xmlSecGnuTLSGenerateRandom(buffer, (sizeBits + 7) / 8));
-}
-
-static xmlSecKeyDataType
-xmlSecGnuTLSSymKeyDataGetType(xmlSecKeyDataPtr data) {
-    xmlSecBufferPtr buffer;
-
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
-
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
-
-    return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
-}
-
-static xmlSecSize 
-xmlSecGnuTLSSymKeyDataGetSize(xmlSecKeyDataPtr data) {
-    xmlSecAssert2(xmlSecGnuTLSSymKeyDataCheckId(data), 0);
-    
-    return(xmlSecKeyDataBinaryValueGetSize(data));
-}
-
-static void 
-xmlSecGnuTLSSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
-    xmlSecAssert(xmlSecGnuTLSSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugDump(data, output);    
-}
-
-static void
-xmlSecGnuTLSSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
-    xmlSecAssert(xmlSecGnuTLSSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);    
-}
-
-static int 
-xmlSecGnuTLSSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {    
-#ifndef XMLSEC_NO_DES
-    if(klass == xmlSecGnuTLSKeyDataDesId) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_DES */
-
-#ifndef XMLSEC_NO_AES
-    if(klass == xmlSecGnuTLSKeyDataAesId) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_AES */
-
-#ifndef XMLSEC_NO_HMAC
-    if(klass == xmlSecGnuTLSKeyDataHmacId) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_HMAC */
-
-    return(0);
-}
-
-#ifndef XMLSEC_NO_AES
 /**************************************************************************
  *
- * <xmlsec:AESKeyValue> processing
+ * We use xmlsec-gcrypt for all the basic crypto ops
  *
- *************************************************************************/
-static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataAesKlass = {
-    sizeof(xmlSecKeyDataKlass),
-    xmlSecKeyDataBinarySize,
-
-    /* data */
-    xmlSecNameAESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefAESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeAESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
-    /* constructors/destructor */
-    xmlSecGnuTLSSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecGnuTLSSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecGnuTLSSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecGnuTLSSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
-    /* get info */
-    xmlSecGnuTLSSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecGnuTLSSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
-
-    /* read/write */
-    xmlSecGnuTLSSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecGnuTLSSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecGnuTLSSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecGnuTLSSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+ *****************************************************************************/
+#include <xmlsec/gcrypt/crypto.h>
 
-    /* debug */
-    xmlSecGnuTLSSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecGnuTLSSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
-    /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-/** 
+#ifndef XMLSEC_NO_AES
+/**
  * xmlSecGnuTLSKeyDataAesGetKlass:
- * 
+ *
  * The AES key data klass.
  *
  * Returns: AES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecGnuTLSKeyDataAesGetKlass(void) {
-    return(&xmlSecGnuTLSKeyDataAesKlass);
+    return (xmlSecGCryptKeyDataAesGetKlass());
 }
 
 /**
  * xmlSecGnuTLSKeyDataAesSet:
- * @data:		the pointer to AES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to AES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of AES key data.
  *
@@ -261,80 +58,28 @@ xmlSecGnuTLSKeyDataAesGetKlass(void) {
  */
 int
 xmlSecGnuTLSKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
-    xmlSecBufferPtr buffer;
-    
-    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataAesId), -1);
-    xmlSecAssert2(buf != NULL, -1);
-    xmlSecAssert2(bufSize > 0, -1);
-    
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, -1);
-    
-    return(xmlSecBufferSetData(buffer, buf, bufSize));
+    return (xmlSecGCryptKeyDataAesSet(data, buf, bufSize));
 }
 #endif /* XMLSEC_NO_AES */
 
 #ifndef XMLSEC_NO_DES
-/**************************************************************************
- *
- * <xmlsec:DESKeyValue> processing
- *
- *************************************************************************/
-static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataDesKlass = {
-    sizeof(xmlSecKeyDataKlass),
-    xmlSecKeyDataBinarySize,
-
-    /* data */
-    xmlSecNameDESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeDESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
-    /* constructors/destructor */
-    xmlSecGnuTLSSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecGnuTLSSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecGnuTLSSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecGnuTLSSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
-    /* get info */
-    xmlSecGnuTLSSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecGnuTLSSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
-
-    /* read/write */
-    xmlSecGnuTLSSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecGnuTLSSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecGnuTLSSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecGnuTLSSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
-
-    /* debug */
-    xmlSecGnuTLSSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecGnuTLSSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
-
-    /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/** 
+/**
  * xmlSecGnuTLSKeyDataDesGetKlass:
- * 
+ *
  * The DES key data klass.
  *
  * Returns: DES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecGnuTLSKeyDataDesGetKlass(void) {
-    return(&xmlSecGnuTLSKeyDataDesKlass);
+    return (xmlSecGCryptKeyDataDesGetKlass());
 }
 
 /**
  * xmlSecGnuTLSKeyDataDesSet:
- * @data:		the pointer to DES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to DES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of DES key data.
  *
@@ -342,81 +87,30 @@ xmlSecGnuTLSKeyDataDesGetKlass(void) {
  */
 int
 xmlSecGnuTLSKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
-    xmlSecBufferPtr buffer;
-    
-    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataDesId), -1);
-    xmlSecAssert2(buf != NULL, -1);
-    xmlSecAssert2(bufSize > 0, -1);
-    
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, -1);
-    
-    return(xmlSecBufferSetData(buffer, buf, bufSize));
+    return (xmlSecGCryptKeyDataDesSet(data, buf, bufSize));
 }
 
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_HMAC
-/**************************************************************************
- *
- * <xmlsec:HMACKeyValue> processing
- *
- *************************************************************************/
-static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataHmacKlass = {
-    sizeof(xmlSecKeyDataKlass),
-    xmlSecKeyDataBinarySize,
-
-    /* data */
-    xmlSecNameHMACKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefHMACKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeHMACKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
-    /* constructors/destructor */
-    xmlSecGnuTLSSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecGnuTLSSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecGnuTLSSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecGnuTLSSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
-    /* get info */
-    xmlSecGnuTLSSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecGnuTLSSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
-
-    /* read/write */
-    xmlSecGnuTLSSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecGnuTLSSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecGnuTLSSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecGnuTLSSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
 
-    /* debug */
-    xmlSecGnuTLSSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecGnuTLSSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
-
-    /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/** 
+/**
  * xmlSecGnuTLSKeyDataHmacGetKlass:
- * 
+ *
  * The HMAC key data klass.
  *
  * Returns: HMAC key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecGnuTLSKeyDataHmacGetKlass(void) {
-    return(&xmlSecGnuTLSKeyDataHmacKlass);
+    return (xmlSecGCryptKeyDataHmacGetKlass());
 }
 
 /**
  * xmlSecGnuTLSKeyDataHmacSet:
- * @data:		the pointer to HMAC key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to HMAC key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of HMAC key data.
  *
@@ -424,16 +118,7 @@ xmlSecGnuTLSKeyDataHmacGetKlass(void) {
  */
 int
 xmlSecGnuTLSKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
-    xmlSecBufferPtr buffer;
-    
-    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataHmacId), -1);
-    xmlSecAssert2(buf != NULL, -1);
-    xmlSecAssert2(bufSize > 0, -1);
-    
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, -1);
-    
-    return(xmlSecBufferSetData(buffer, buf, bufSize));
+    return (xmlSecGCryptKeyDataHmacSet(data, buf, bufSize));
 }
 
 #endif /* XMLSEC_NO_HMAC */
diff --git a/src/gnutls/x509.c b/src/gnutls/x509.c
new file mode 100644
index 00000000..52d46ab4
--- /dev/null
+++ b/src/gnutls/x509.c
@@ -0,0 +1,1960 @@
+/**
+ * XMLSec library
+ *
+ * X509 support
+ *
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#ifndef XMLSEC_NO_X509
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <time.h>
+
+#include <libxml/tree.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/x509.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
+
+#include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/x509.h>
+
+#include "x509utils.h"
+
+/*************************************************************************
+ *
+ * X509 utility functions
+ *
+ ************************************************************************/
+static int              xmlSecGnuTLSX509DataNodeRead            (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509CertificateNodeRead     (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509CertificateNodeWrite    (gnutls_x509_crt_t cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509SubjectNameNodeRead     (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509SubjectNameNodeWrite    (gnutls_x509_crt_t cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509IssuerSerialNodeRead    (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509IssuerSerialNodeWrite   (gnutls_x509_crt_t cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509SKINodeRead             (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509SKINodeWrite            (gnutls_x509_crt_t cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509CRLNodeRead             (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSX509CRLNodeWrite            (gnutls_x509_crl_t crl,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+
+/*************************************************************************
+ *
+ * Internal GnuTLS X509 data CTX
+ *
+ ************************************************************************/
+typedef struct _xmlSecGnuTLSX509DataCtx                         xmlSecGnuTLSX509DataCtx,
+                                                                *xmlSecGnuTLSX509DataCtxPtr;
+struct _xmlSecGnuTLSX509DataCtx {
+    gnutls_x509_crt_t   keyCert;
+    xmlSecPtrList       certsList;
+    xmlSecPtrList       crlsList;
+};
+
+
+/**************************************************************************
+ *
+ * <dsig:X509Data> processing
+ *
+ *
+ * The X509Data  Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
+ *
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
+ * or X509 certificates (or certificates' identifiers or a revocation list).
+ * The content of X509Data is:
+ *
+ *  1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
+ *  2.
+ *    * The X509IssuerSerial element, which contains an X.509 issuer
+ *      distinguished name/serial number pair that SHOULD be compliant
+ *      with RFC2253 [LDAP-DN],
+ *    * The X509SubjectName element, which contains an X.509 subject
+ *      distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
+ *    * The X509SKI element, which contains the base64 encoded plain (i.e.
+ *      non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
+ *    * The X509Certificate element, which contains a base64-encoded [X509v3]
+ *      certificate, and
+ *    * Elements from an external namespace which accompanies/complements any
+ *      of the elements above.
+ *    * The X509CRL element, which contains a base64-encoded certificate
+ *      revocation list (CRL) [X509v3].
+ *
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
+ * MUST refer to the certificate or certificates containing the validation key.
+ * All such elements that refer to a particular individual certificate MUST be
+ * grouped inside a single X509Data element and if the certificate to which
+ * they refer appears, it MUST also be in that X509Data element.
+ *
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
+ * the same key but different certificates MUST be grouped within a single
+ * KeyInfo but MAY occur in multiple X509Data elements.
+ *
+ * All certificates appearing in an X509Data element MUST relate to the
+ * validation key by either containing it or being part of a certification
+ * chain that terminates in a certificate containing the validation key.
+ *
+ * No ordering is implied by the above constraints.
+ *
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
+ * within an X509Data element and multiple X509Data elements can occur in a
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
+ * least one such certificate must contain the public key which verifies the
+ * signature.
+ *
+ * Schema Definition
+ *
+ *  <element name="X509Data" type="ds:X509DataType"/>
+ *  <complexType name="X509DataType">
+ *    <sequence maxOccurs="unbounded">
+ *      <choice>
+ *        <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+ *        <element name="X509SKI" type="base64Binary"/>
+ *        <element name="X509SubjectName" type="string"/>
+ *        <element name="X509Certificate" type="base64Binary"/>
+ *        <element name="X509CRL" type="base64Binary"/>
+ *        <any namespace="##other" processContents="lax"/>
+ *      </choice>
+ *    </sequence>
+ *  </complexType>
+ *  <complexType name="X509IssuerSerialType">
+ *    <sequence>
+ *       <element name="X509IssuerName" type="string"/>
+ *       <element name="X509SerialNumber" type="integer"/>
+ *     </sequence>
+ *  </complexType>
+ *
+ *  DTD
+ *
+ *    <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName |
+ *                          X509Certificate | X509CRL)+ %X509.ANY;)>
+ *    <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) >
+ *    <!ELEMENT X509IssuerName (#PCDATA) >
+ *    <!ELEMENT X509SubjectName (#PCDATA) >
+ *    <!ELEMENT X509SerialNumber (#PCDATA) >
+ *    <!ELEMENT X509SKI (#PCDATA) >
+ *    <!ELEMENT X509Certificate (#PCDATA) >
+ *    <!ELEMENT X509CRL (#PCDATA) >
+ *
+ * -----------------------------------------------------------------------
+ *
+ * xmlSecGnuTLSX509DataCtx is located after xmlSecTransform
+ *
+ *************************************************************************/
+#define xmlSecGnuTLSX509DataSize       \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecGnuTLSX509DataCtx))
+#define xmlSecGnuTLSX509DataGetCtx(data) \
+    ((xmlSecGnuTLSX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
+
+static int              xmlSecGnuTLSKeyDataX509Initialize      (xmlSecKeyDataPtr data);
+static int              xmlSecGnuTLSKeyDataX509Duplicate       (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecGnuTLSKeyDataX509Finalize        (xmlSecKeyDataPtr data);
+static int              xmlSecGnuTLSKeyDataX509XmlRead         (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecGnuTLSKeyDataX509XmlWrite        (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyDataType xmlSecGnuTLSKeyDataX509GetType        (xmlSecKeyDataPtr data);
+static const xmlChar*   xmlSecGnuTLSKeyDataX509GetIdentifier   (xmlSecKeyDataPtr data);
+
+static void             xmlSecGnuTLSKeyDataX509DebugDump       (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecGnuTLSKeyDataX509DebugXmlDump    (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+
+
+
+static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataX509Klass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecGnuTLSX509DataSize,
+
+    /* data */
+    xmlSecNameX509Data,
+    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefX509Data,                         /* const xmlChar* href; */
+    xmlSecNodeX509Data,                         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecGnuTLSKeyDataX509Initialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecGnuTLSKeyDataX509Duplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecGnuTLSKeyDataX509Finalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecGnuTLSKeyDataX509GetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    xmlSecGnuTLSKeyDataX509GetIdentifier,      /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    xmlSecGnuTLSKeyDataX509XmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecGnuTLSKeyDataX509XmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecGnuTLSKeyDataX509DebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecGnuTLSKeyDataX509DebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetKlass:
+ *
+ * The GnuTLS X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
+ *
+ * Returns: the X509 data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataX509GetKlass(void) {
+    return(&xmlSecGnuTLSKeyDataX509Klass);
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetKeyCert:
+ * @data:               the pointer to X509 key data.
+ *
+ * Gets the certificate from which the key was extracted.
+ *
+ * Returns: the key's certificate or NULL if key data was not used for key
+ * extraction or an error occurs.
+ */
+gnutls_x509_crt_t
+xmlSecGnuTLSKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), NULL);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    return(ctx->keyCert);
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509AdoptKeyCert:
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to GnuTLS X509 certificate.
+ *
+ * Sets the key's certificate in @data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGnuTLSKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, gnutls_x509_crt_t cert) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(cert != NULL, -1);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if(ctx->keyCert != NULL) {
+        gnutls_x509_crt_deinit(ctx->keyCert);
+    }
+    ctx->keyCert = cert;
+    return(0);
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509AdoptCert:
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to GnuTLS X509 certificate.
+ *
+ * Adds certificate to the X509 key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGnuTLSKeyDataX509AdoptCert(xmlSecKeyDataPtr data, gnutls_x509_crt_t cert) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(cert != NULL, -1);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    ret = xmlSecPtrListAdd(&(ctx->certsList), cert);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetCert:
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired certificate position.
+ *
+ * Gets a certificate from X509 key data.
+ *
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
+ * number of certificates in @data or an error occurs.
+ */
+gnutls_x509_crt_t
+xmlSecGnuTLSKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), NULL);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    return(xmlSecPtrListGetItem(&(ctx->certsList), pos));
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetCertsSize:
+ * @data:               the pointer to X509 key data.
+ *
+ * Gets the number of certificates in @data.
+ *
+ * Returns: te number of certificates in @data.
+ */
+xmlSecSize
+xmlSecGnuTLSKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), 0);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, 0);
+
+    return(xmlSecPtrListGetSize(&(ctx->certsList)));
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509AdoptCrl:
+ * @data:               the pointer to X509 key data.
+ * @crl:                the pointer to GnuTLS X509 crl.
+ *
+ * Adds crl to the X509 key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGnuTLSKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, gnutls_x509_crl_t crl) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(crl != NULL, -1);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    ret = xmlSecPtrListAdd(&(ctx->crlsList), crl);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetCrl:
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired crl position.
+ *
+ * Gets a crl from X509 key data.
+ *
+ * Returns: the pointer to crl or NULL if @pos is larger than the
+ * number of crls in @data or an error occurs.
+ */
+gnutls_x509_crl_t
+xmlSecGnuTLSKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), NULL);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    return(xmlSecPtrListGetItem(&(ctx->crlsList), pos));
+}
+
+/**
+ * xmlSecGnuTLSKeyDataX509GetCrlsSize:
+ * @data:               the pointer to X509 key data.
+ *
+ * Gets the number of crls in @data.
+ *
+ * Returns: te number of crls in @data.
+ */
+xmlSecSize
+xmlSecGnuTLSKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), 0);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, 0);
+
+    return(xmlSecPtrListGetSize(&(ctx->crlsList)));
+}
+
+
+static int
+xmlSecGnuTLSKeyDataX509Initialize(xmlSecKeyDataPtr data) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGnuTLSX509DataCtx));
+
+    ret = xmlSecPtrListInitialize(&(ctx->certsList), xmlSecGnuTLSX509CrtListId);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "certsList");
+        return(-1);
+    }
+
+    ret = xmlSecPtrListInitialize(&(ctx->crlsList), xmlSecGnuTLSX509CrlListId);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "crlsList");
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecGnuTLSKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecGnuTLSX509DataCtxPtr ctxSrc;
+    xmlSecGnuTLSX509DataCtxPtr ctxDst;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecGnuTLSKeyDataX509Id), -1);
+
+    ctxSrc = xmlSecGnuTLSX509DataGetCtx(src);
+    xmlSecAssert2(ctxSrc != NULL, 0);
+    ctxDst = xmlSecGnuTLSX509DataGetCtx(dst);
+    xmlSecAssert2(ctxDst != NULL, 0);
+
+    /* copy key cert if exist */
+    if(ctxDst->keyCert != NULL) {
+        gnutls_x509_crt_deinit(ctxDst->keyCert);
+        ctxDst->keyCert = NULL;
+    }
+    if(ctxSrc->keyCert != NULL) {
+        ctxDst->keyCert = xmlSecGnuTLSX509CertDup(ctxSrc->keyCert);
+        if(ctxDst->keyCert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecGnuTLSX509CertDup",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    /* copy certsList if exists */
+    xmlSecPtrListEmpty(&(ctxDst->certsList));
+    ret = xmlSecPtrListCopy(&(ctxDst->certsList), &(ctxSrc->certsList));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "certsList");
+        return(-1);
+    }
+
+    /* copy crlsList if exists */
+    xmlSecPtrListEmpty(&(ctxDst->crlsList));
+    ret = xmlSecPtrListCopy(&(ctxDst->crlsList), &(ctxSrc->crlsList));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "crlsList");
+        return(-1);
+    }
+    /* done */
+    return(0);
+}
+
+static void
+xmlSecGnuTLSKeyDataX509Finalize(xmlSecKeyDataPtr data) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id));
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecPtrListFinalize(&(ctx->crlsList));
+    xmlSecPtrListFinalize(&(ctx->certsList));
+    if(ctx->keyCert != NULL) {
+        gnutls_x509_crt_deinit(ctx->keyCert);
+    }
+    memset(ctx, 0, sizeof(xmlSecGnuTLSX509DataCtx));
+}
+
+static int
+xmlSecGnuTLSKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataPtr data;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGnuTLSKeyDataX509Id, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    data = xmlSecKeyEnsureData(key, id);
+    if(data == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSX509DataNodeRead(data, node, keyInfoCtx);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGnuTLSX509DataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
+        ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+    return(0);
+}
+
+static int
+xmlSecGnuTLSKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataPtr data;
+    gnutls_x509_crt_t cert;
+    gnutls_x509_crl_t crl;
+    xmlSecSize size, pos;
+    int content;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGnuTLSKeyDataX509Id, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
+    if (content < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecX509DataGetNodeContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "content=%d", content);
+        return(-1);
+    } else if(content == 0) {
+        /* by default we are writing certificates and crls */
+        content = XMLSEC_X509DATA_DEFAULT;
+    }
+
+    /* get x509 data */
+    data = xmlSecKeyGetData(key, id);
+    if(data == NULL) {
+        /* no x509 data in the key */
+        return(0);
+    }
+
+    /* write certs */
+    size = xmlSecGnuTLSKeyDataX509GetCertsSize(data);
+    for(pos = 0; pos < size; ++pos) {
+        cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecGnuTLSKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+            ret = xmlSecGnuTLSX509CertificateNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSX509CertificateNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+            ret = xmlSecGnuTLSX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSX509SubjectNameNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+            ret = xmlSecGnuTLSX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSX509IssuerSerialNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+            ret = xmlSecGnuTLSX509SKINodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSX509SKINodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
+
+    /* write crls if needed */
+    if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
+        size = xmlSecGnuTLSKeyDataX509GetCrlsSize(data);
+        for(pos = 0; pos < size; ++pos) {
+            crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
+            if(crl == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSKeyDataX509GetCrl",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+
+            ret = xmlSecGnuTLSX509CRLNodeWrite(crl, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecGnuTLSX509CRLNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
+
+    /* done */
+    return(0);
+}
+
+
+static xmlSecKeyDataType
+xmlSecGnuTLSKeyDataX509GetType(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), xmlSecKeyDataTypeUnknown);
+
+    /* TODO: return verified/not verified status */
+    return(xmlSecKeyDataTypeUnknown);
+}
+
+static const xmlChar*
+xmlSecGnuTLSKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), NULL);
+
+    /* TODO */
+    return(NULL);
+}
+
+static void
+xmlSecGnuTLSKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecSize size, pos;
+
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== X509 Data:\n");
+
+    /* key cert */
+    {
+        gnutls_x509_crt_t cert;
+
+        cert = xmlSecGnuTLSKeyDataX509GetKeyCert(data);
+        if(cert != NULL) {
+            fprintf(output, "==== Key Certificate:\n");
+            xmlSecGnuTLSX509CertDebugDump(cert, output);
+        }
+    }
+
+    /* other certs */
+    size = xmlSecGnuTLSKeyDataX509GetCertsSize(data);
+    for(pos = 0; pos < size; ++pos) {
+        gnutls_x509_crt_t cert;
+
+        cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecGnuTLSKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "==== Certificate:\n");
+        xmlSecGnuTLSX509CertDebugDump(cert, output);
+    }
+
+    /* crls */
+    size = xmlSecGnuTLSKeyDataX509GetCrlsSize(data);
+    for(pos = 0; pos < size; ++pos) {
+        gnutls_x509_crl_t crl;
+
+        crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
+        if(crl == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecGnuTLSKeyDataX509GetCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "==== Crl:\n");
+        xmlSecGnuTLSX509CrlDebugDump(crl, output);
+    }
+}
+
+static void
+xmlSecGnuTLSKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecSize size, pos;
+
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<X509Data>\n");
+
+    /* key cert */
+    {
+        gnutls_x509_crt_t cert;
+
+        cert = xmlSecGnuTLSKeyDataX509GetKeyCert(data);
+        if(cert != NULL) {
+            fprintf(output, "<KeyCertificate>\n");
+            xmlSecGnuTLSX509CertDebugXmlDump(cert, output);
+            fprintf(output, "</KeyCertificate>\n");
+        }
+    }
+
+    /* other certs */
+    size = xmlSecGnuTLSKeyDataX509GetCertsSize(data);
+    for(pos = 0; pos < size; ++pos) {
+        gnutls_x509_crt_t cert;
+
+        cert = xmlSecGnuTLSKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecGnuTLSKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "<Certificate>\n");
+        xmlSecGnuTLSX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</Certificate>\n");
+    }
+
+    /* other crls */
+    size = xmlSecGnuTLSKeyDataX509GetCrlsSize(data);
+    for(pos = 0; pos < size; ++pos) {
+        gnutls_x509_crl_t crl;
+
+        crl = xmlSecGnuTLSKeyDataX509GetCrl(data, pos);
+        if(crl == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecGnuTLSKeyDataX509GetCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "<CRL>\n");
+        xmlSecGnuTLSX509CrlDebugXmlDump(crl, output);
+        fprintf(output, "</CRL>\n");
+    }
+
+    /* we don't print out crls */
+    fprintf(output, "</X509Data>\n");
+}
+
+static int
+xmlSecGnuTLSX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlNodePtr cur;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    for(cur = xmlSecGetNextElementNode(node->children);
+        cur != NULL;
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        ret = 0;
+        if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+            ret = xmlSecGnuTLSX509CertificateNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+            ret = xmlSecGnuTLSX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+            ret = xmlSecGnuTLSX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+            ret = xmlSecGnuTLSX509SKINodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+            ret = xmlSecGnuTLSX509CRLNodeRead(data, cur, keyInfoCtx);
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* laxi schema validation: ignore unknown nodes */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "read node failed");
+            return(-1);
+        }
+    }
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlChar *content;
+    gnutls_x509_crt_t cert;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    content = xmlNodeGetContent(node);
+    if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
+    }
+
+    cert = xmlSecGnuTLSX509CertBase64DerRead(content);
+    if(cert == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSX509CertBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert);
+        xmlFree(content);
+        return(-1);
+    }
+
+    xmlFree(content);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509CertificateNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlChar* buf;
+    xmlNodePtr cur;
+
+    xmlSecAssert2(cert != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    /* set base64 lines size from context */
+    buf = xmlSecGnuTLSX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+        xmlFree(buf);
+        return(-1);
+    }
+
+    /* todo: add \n around base64 data - from context */
+    /* todo: add errors check */
+    xmlNodeSetContent(cur, xmlSecStringCR);
+    xmlNodeSetContent(cur, buf);
+    xmlFree(buf);
+    return(0);
+}
+
+
+
+#define XMLSEC_GNUTLS_IS_SPACE(ch) \
+    (((ch) == ' ') || ((ch) == '\r') || ((ch) == '\n'))
+
+static void
+xmlSecGnuTLSX509Trim(xmlChar * str) {
+    xmlChar * p, * q;
+
+    xmlSecAssert(str != NULL);
+
+    /* skip spaces from the beggining */
+    p = str;
+    while(XMLSEC_GNUTLS_IS_SPACE(*p) && ((*p) != '\0')) ++p;
+    if(p != str) {
+        for(q = str; ; ++q, ++p) {
+            (*q) = (*p);
+            if((*p) == '\0') {
+                break;
+            }
+        }
+    }
+
+    /* skip spaces from the end */
+    for(p = str; (*p) != '\0'; ++p);
+    while((p > str) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) *(--p) = '\0';
+}
+
+static int
+xmlSecGnuTLSX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataStorePtr x509Store;
+    xmlChar* subject;
+    gnutls_x509_crt_t cert;
+    gnutls_x509_crt_t cert2;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+    xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+
+    x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
+    if(x509Store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    subject = xmlNodeGetContent(node);
+    if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
+        if(subject != NULL) {
+            xmlFree(subject);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
+    }
+
+    xmlSecGnuTLSX509Trim(subject);
+    cert = xmlSecGnuTLSX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
+    if(cert == NULL){
+
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "subject=%s",
+                        xmlSecErrorsSafeString(subject));
+            xmlFree(subject);
+            return(-1);
+        }
+
+        xmlFree(subject);
+        return(0);
+    }
+
+    cert2 = xmlSecGnuTLSX509CertDup(cert);
+    if(cert2 == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSX509CertDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        xmlFree(subject);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert2);
+        xmlFree(subject);
+        return(-1);
+    }
+
+    xmlFree(subject);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509SubjectNameNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
+    xmlChar* buf = NULL;
+    xmlNodePtr cur = NULL;
+
+    xmlSecAssert2(cert != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+
+    /* add node */
+    cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecAddChild",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            "node=%s",
+            xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+        return(-1);
+    }
+
+    /* get subject */
+    buf = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecGnuTLSX509CertGetSubjectDN",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* set value */
+    xmlSecNodeEncodeAndSetContent(cur, buf);
+
+    /* done */
+    xmlFree(buf);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataStorePtr x509Store;
+    xmlNodePtr cur;
+    xmlChar *issuerName;
+    xmlChar *issuerSerial;
+    gnutls_x509_crt_t cert;
+    gnutls_x509_crt_t cert2;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+    xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+
+    x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
+    if(x509Store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    cur = xmlSecGetNextElementNode(node->children);
+    if(cur == NULL) {
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+        return(0);
+    }
+
+    /* the first is required node X509IssuerName */
+    if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        return(-1);
+    }
+    issuerName = xmlNodeGetContent(cur);
+    if(issuerName == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    /* next is required node X509SerialNumber */
+    if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        xmlFree(issuerName);
+        return(-1);
+    }
+    issuerSerial = xmlNodeGetContent(cur);
+    if(issuerSerial == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        xmlFree(issuerName);
+        return(-1);
+    }
+    cur = xmlSecGetNextElementNode(cur->next);
+
+    if(cur != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
+    }
+
+    xmlSecGnuTLSX509Trim(issuerName);
+    xmlSecGnuTLSX509Trim(issuerSerial);
+    cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
+    if(cert == NULL){
+
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "issuerName=%s;issuerSerial=%s",
+                        xmlSecErrorsSafeString(issuerName),
+                        xmlSecErrorsSafeString(issuerSerial));
+            xmlFree(issuerSerial);
+            xmlFree(issuerName);
+            return(-1);
+        }
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(0);
+    }
+
+    cert2 = xmlSecGnuTLSX509CertDup(cert);
+    if(cert2 == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSX509CertDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert2);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
+    }
+
+    xmlFree(issuerSerial);
+    xmlFree(issuerName);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509IssuerSerialNodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
+    xmlNodePtr cur;
+    xmlNodePtr issuerNameNode;
+    xmlNodePtr issuerNumberNode;
+    xmlChar* buf;
+
+    xmlSecAssert2(cert != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+
+    /* create xml nodes */
+    cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+        return(-1);
+    }
+
+    issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
+    if(issuerNameNode == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
+    }
+
+    issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
+    if(issuerNumberNode == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        return(-1);
+    }
+
+    /* write data */
+    buf = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetIssuerDN",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
+    xmlFree(buf);
+
+    buf = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetIssuerSerial",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
+    xmlFree(buf);
+
+    return(0);
+}
+
+
+static int
+xmlSecGnuTLSX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataStorePtr x509Store;
+    xmlChar* ski;
+    gnutls_x509_crt_t cert;
+    gnutls_x509_crt_t cert2;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+    xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+
+    x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
+    if(x509Store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ski = xmlNodeGetContent(node);
+    if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
+        if(ski != NULL) {
+            xmlFree(ski);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+            return(-1);
+        }
+        return(0);
+    }
+
+    xmlSecGnuTLSX509Trim(ski);
+    cert = xmlSecGnuTLSX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
+    if(cert == NULL){
+        xmlFree(ski);
+
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "ski=%s",
+                        xmlSecErrorsSafeString(ski));
+            return(-1);
+        }
+        return(0);
+    }
+
+    cert2 = xmlSecGnuTLSX509CertDup(cert);
+    if(cert2 == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSX509CertDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(ski);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert2);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert2);
+        xmlFree(ski);
+        return(-1);
+    }
+
+    xmlFree(ski);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509SKINodeWrite(gnutls_x509_crt_t cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
+    xmlChar *buf = NULL;
+    xmlNodePtr cur = NULL;
+
+    xmlSecAssert2(cert != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+
+    /* add node */
+    cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+        return(-1);
+    }
+
+    /* write value */
+    buf = xmlSecGnuTLSX509CertGetSKI(cert);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetSKI",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    xmlSecNodeEncodeAndSetContent(cur, buf);
+    xmlFree(buf);
+
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlChar *content;
+    gnutls_x509_crl_t crl;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    content = xmlNodeGetContent(node);
+    if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
+    }
+
+    crl = xmlSecGnuTLSX509CrlBase64DerRead(content);
+    if(crl == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSX509CrlBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCrl(data, crl);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCrl",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crl_deinit(crl);
+        xmlFree(content);
+        return(-1);
+    }
+
+    xmlFree(content);
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509CRLNodeWrite(gnutls_x509_crl_t crl, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlChar* buf = NULL;
+    xmlNodePtr cur = NULL;
+
+    xmlSecAssert2(crl != NULL, -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    /* set base64 lines size from context */
+    buf = xmlSecGnuTLSX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CrlBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
+    if(cur == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+        xmlFree(buf);
+        return(-1);
+    }
+    /* todo: add \n around base64 data - from context */
+    /* todo: add errors check */
+    xmlNodeSetContent(cur, xmlSecStringCR);
+    xmlNodeSetContent(cur, buf);
+    xmlFree(buf);
+
+    return(0);
+}
+
+
+static int
+xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecGnuTLSX509DataCtxPtr ctx;
+    xmlSecKeyDataStorePtr x509Store;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecGnuTLSKeyDataX509Id), -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+    xmlSecAssert2(keyInfoCtx->keysMngr != NULL, -1);
+
+    ctx = xmlSecGnuTLSX509DataGetCtx(data);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecGnuTLSX509StoreId);
+    if(x509Store == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if((ctx->keyCert == NULL) && (xmlSecPtrListGetSize(&(ctx->certsList)) > 0) && (xmlSecKeyGetValue(key) == NULL)) {
+        gnutls_x509_crt_t cert;
+
+        cert = xmlSecGnuTLSX509StoreVerify(x509Store, &(ctx->certsList), &(ctx->crlsList), keyInfoCtx);
+        if(cert != NULL) {
+            xmlSecKeyDataPtr keyValue;
+
+            ctx->keyCert = xmlSecGnuTLSX509CertDup(cert);
+            if(ctx->keyCert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecGnuTLSX509CertDup",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            keyValue = xmlSecGnuTLSX509CertGetKey(ctx->keyCert);
+            if(keyValue == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecGnuTLSX509CertGetKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* verify that the key matches our expectations */
+            if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeyReqMatchKeyValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            ret = xmlSecKeySetValue(key, keyValue);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeySetValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            /* get expiration time */
+            key->notValidBefore = gnutls_x509_crt_get_activation_time(ctx->keyCert);
+            if(key->notValidBefore == (time_t)-1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "gnutls_x509_crt_get_activation_time",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            key->notValidAfter = gnutls_x509_crt_get_expiration_time(ctx->keyCert);
+            if(key->notValidAfter == (time_t)-1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "gnutls_x509_crt_get_expiration_time",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+    return(0);
+}
+
+/**
+ * xmlSecGnuTLSX509CertGetKey:
+ * @cert:               the certificate.
+ *
+ * Extracts public key from the @cert.
+ *
+ * Returns: public key value or NULL if an error occurs.
+ */
+xmlSecKeyDataPtr
+xmlSecGnuTLSX509CertGetKey(gnutls_x509_crt_t cert) {
+    xmlSecKeyDataPtr data;
+    int alg;
+    unsigned int bits;
+    int err;
+    int ret;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    alg = gnutls_x509_crt_get_pk_algorithm(cert, &bits);
+    if(alg < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_pk_algorithm",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(alg));
+        return(NULL);
+    }
+
+    switch(alg) {
+#ifndef XMLSEC_NO_RSA
+    case GNUTLS_PK_RSA:
+        {
+            gnutls_datum_t m, e;
+
+            data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataRsaId);
+            if(data == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyDataCreate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "xmlSecGnuTLSKeyDataRsaId");
+                return(NULL);
+            }
+
+            err = gnutls_x509_crt_get_pk_rsa_raw(cert, &m, &e);
+            if(err != GNUTLS_E_SUCCESS) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_x509_crt_get_pk_rsa_raw",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(err));
+                return(NULL);
+            }
+
+            ret = xmlSecGnuTLSKeyDataRsaAdoptPublicKey(data, &m, &e);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSKeyDataRsaAdoptPublicKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                gnutls_free(m.data);
+                gnutls_free(e.data);
+                return(NULL);
+            }
+            /* m and e are owned by data now */
+        }
+        break;
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_DSA
+    case GNUTLS_PK_DSA:
+        {
+            gnutls_datum_t p, q, g, y;
+
+            data = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataDsaId);
+            if(data == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyDataCreate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "xmlSecGnuTLSKeyDataDsaId");
+                return(NULL);
+            }
+
+            err = gnutls_x509_crt_get_pk_dsa_raw(cert, &p, &q, &g, &y);
+            if(err != GNUTLS_E_SUCCESS) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_x509_crt_get_pk_dsa_raw",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(err));
+                return(NULL);
+            }
+
+            ret = xmlSecGnuTLSKeyDataDsaAdoptPublicKey(data, &p, &q, &g, &y);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSKeyDataDsaAdoptPublicKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                gnutls_free(p.data);
+                gnutls_free(q.data);
+                gnutls_free(g.data);
+                gnutls_free(y.data);
+                return(NULL);
+            }
+            /* p, q, g and y are owned by data now */
+        }
+        break;
+#endif /* XMLSEC_NO_DSA */
+
+    default:
+        {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_crt_get_pk_algorithm",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "Unsupported algorithm %d", (int)alg);
+            return(NULL);
+        }
+    }
+
+    /* data */
+    return(data);
+}
+
+
+/**************************************************************************
+ *
+ * Raw X509 Certificate processing
+ *
+ *
+ *************************************************************************/
+static int              xmlSecGnuTLSKeyDataRawX509CertBinRead  (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+
+static xmlSecKeyDataKlass xmlSecGnuTLSKeyDataRawX509CertKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    sizeof(xmlSecKeyData),
+
+    /* data */
+    xmlSecNameRawX509Cert,
+    xmlSecKeyDataUsageRetrievalMethodNodeBin,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRawX509Cert,                      /* const xmlChar* href; */
+    NULL,                                       /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    NULL,                                       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,                                       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecGnuTLSKeyDataRawX509CertBinRead,     /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecGnuTLSKeyDataRawX509CertGetKlass:
+ *
+ * The raw X509 certificates key data klass.
+ *
+ * Returns: raw X509 certificates key data klass.
+ */
+xmlSecKeyDataId
+xmlSecGnuTLSKeyDataRawX509CertGetKlass(void) {
+    return(&xmlSecGnuTLSKeyDataRawX509CertKlass);
+}
+
+static int
+xmlSecGnuTLSKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecKeyDataPtr data;
+    gnutls_x509_crt_t cert;
+    int ret;
+
+    xmlSecAssert2(id == xmlSecGnuTLSKeyDataRawX509CertId, -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(bufSize > 0, -1);
+    xmlSecAssert2(keyInfoCtx != NULL, -1);
+
+    cert = xmlSecGnuTLSX509CertRead(buf, bufSize, xmlSecKeyDataFormatCertDer);
+    if(cert == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    data = xmlSecKeyEnsureData(key, xmlSecGnuTLSKeyDataX509Id);
+    if(data == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509AdoptCert(data, cert);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGnuTLSKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        gnutls_x509_crt_deinit(cert);
+        return(-1);
+    }
+
+    ret = xmlSecGnuTLSKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecGnuTLSKeyDataX509VerifyAndExtractKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(0);
+}
+
+#endif /* XMLSEC_NO_X509 */
diff --git a/src/gnutls/x509utils.c b/src/gnutls/x509utils.c
new file mode 100644
index 00000000..0dc70003
--- /dev/null
+++ b/src/gnutls/x509utils.c
@@ -0,0 +1,1687 @@
+/**
+ * XMLSec library
+ *
+ * X509 support
+ *
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#ifndef XMLSEC_NO_X509
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+#include <time.h>
+
+#include <libxml/tree.h>
+
+
+
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+#include <gnutls/pkcs12.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/x509.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/errors.h>
+#include <xmlsec/private.h>
+
+#include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/x509.h>
+
+#include "x509utils.h"
+
+
+/**************************************************************************
+ *
+ * X509 crt list
+ *
+ *****************************************************************************/
+static xmlSecPtr        xmlSecGnuTLSX509CrtListDuplicateItem    (xmlSecPtr ptr);
+static void             xmlSecGnuTLSX509CrtListDestroyItem      (xmlSecPtr ptr);
+static void             xmlSecGnuTLSX509CrtListDebugDumpItem    (xmlSecPtr ptr,
+                                                                 FILE* output);
+static void             xmlSecGnuTLSX509CrtListDebugXmlDumpItem (xmlSecPtr ptr,
+                                                                 FILE* output);
+
+static xmlSecPtrListKlass xmlSecGnuTLSX509CrtListKlass = {
+    BAD_CAST "gnutls-x509-crt-list",
+    xmlSecGnuTLSX509CrtListDuplicateItem,       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    xmlSecGnuTLSX509CrtListDestroyItem,         /* xmlSecPtrDestroyItemMethod destroyItem; */
+    xmlSecGnuTLSX509CrtListDebugDumpItem,       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    xmlSecGnuTLSX509CrtListDebugXmlDumpItem,    /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+};
+
+xmlSecPtrListId
+xmlSecGnuTLSX509CrtListGetKlass(void) {
+    return(&xmlSecGnuTLSX509CrtListKlass);
+}
+
+static xmlSecPtr
+xmlSecGnuTLSX509CrtListDuplicateItem(xmlSecPtr ptr) {
+    xmlSecAssert2(ptr != NULL, NULL);
+
+    return xmlSecGnuTLSX509CertDup((gnutls_x509_crt_t)ptr);
+}
+
+static void
+xmlSecGnuTLSX509CrtListDestroyItem(xmlSecPtr ptr) {
+    xmlSecAssert(ptr != NULL);
+
+    gnutls_x509_crt_deinit((gnutls_x509_crt_t)ptr);
+}
+
+static void
+xmlSecGnuTLSX509CrtListDebugDumpItem(xmlSecPtr ptr, FILE* output) {
+    xmlSecAssert(ptr != NULL);
+    xmlSecAssert(output != NULL);
+
+    xmlSecGnuTLSX509CertDebugDump((gnutls_x509_crt_t)ptr, output);
+}
+
+
+static void
+xmlSecGnuTLSX509CrtListDebugXmlDumpItem(xmlSecPtr ptr, FILE* output) {
+    xmlSecAssert(ptr != NULL);
+    xmlSecAssert(output != NULL);
+
+    xmlSecGnuTLSX509CertDebugXmlDump((gnutls_x509_crt_t)ptr, output);
+}
+
+/**************************************************************************
+ *
+ * X509 crl list
+ *
+ *****************************************************************************/
+static xmlSecPtr        xmlSecGnuTLSX509CrlListDuplicateItem    (xmlSecPtr ptr);
+static void             xmlSecGnuTLSX509CrlListDestroyItem      (xmlSecPtr ptr);
+static void             xmlSecGnuTLSX509CrlListDebugDumpItem    (xmlSecPtr ptr,
+                                                                 FILE* output);
+static void             xmlSecGnuTLSX509CrlListDebugXmlDumpItem (xmlSecPtr ptr,
+                                                                 FILE* output);
+
+static xmlSecPtrListKlass xmlSecGnuTLSX509CrlListKlass = {
+    BAD_CAST "gnutls-x509-crl-list",
+    xmlSecGnuTLSX509CrlListDuplicateItem,       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    xmlSecGnuTLSX509CrlListDestroyItem,         /* xmlSecPtrDestroyItemMethod destroyItem; */
+    xmlSecGnuTLSX509CrlListDebugDumpItem,       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    xmlSecGnuTLSX509CrlListDebugXmlDumpItem,    /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+};
+
+xmlSecPtrListId
+xmlSecGnuTLSX509CrlListGetKlass(void) {
+    return(&xmlSecGnuTLSX509CrlListKlass);
+}
+
+static xmlSecPtr
+xmlSecGnuTLSX509CrlListDuplicateItem(xmlSecPtr ptr) {
+    xmlSecAssert2(ptr != NULL, NULL);
+
+    return xmlSecGnuTLSX509CrlDup((gnutls_x509_crl_t)ptr);
+}
+
+static void
+xmlSecGnuTLSX509CrlListDestroyItem(xmlSecPtr ptr) {
+    xmlSecAssert(ptr != NULL);
+
+    gnutls_x509_crl_deinit((gnutls_x509_crl_t)ptr);
+}
+
+static void
+xmlSecGnuTLSX509CrlListDebugDumpItem(xmlSecPtr ptr, FILE* output) {
+    xmlSecAssert(ptr != NULL);
+    xmlSecAssert(output != NULL);
+
+    xmlSecGnuTLSX509CrlDebugDump((gnutls_x509_crl_t)ptr, output);
+}
+
+
+static void
+xmlSecGnuTLSX509CrlListDebugXmlDumpItem(xmlSecPtr ptr, FILE* output) {
+    xmlSecAssert(ptr != NULL);
+    xmlSecAssert(output != NULL);
+
+    xmlSecGnuTLSX509CrlDebugXmlDump((gnutls_x509_crl_t)ptr, output);
+}
+
+/*************************************************************************
+ *
+ * x509 certs utils/helpers
+ *
+ ************************************************************************/
+
+/* HACK: gnutls doesn't have cert duplicate function, so we simply 
+ write cert out and then read it back */
+gnutls_x509_crt_t
+xmlSecGnuTLSX509CertDup(gnutls_x509_crt_t src) {
+    xmlChar * buf = NULL;
+    gnutls_x509_crt_t res = NULL;
+
+    xmlSecAssert2(src != NULL, NULL);
+
+    buf = xmlSecGnuTLSX509CertBase64DerWrite(src, 0);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+    }
+
+    res = xmlSecGnuTLSX509CertBase64DerRead(buf);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return (NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return (res);
+}
+
+xmlChar *
+xmlSecGnuTLSX509CertGetSubjectDN(gnutls_x509_crt_t cert) {
+    char* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get subject size */
+    err = gnutls_x509_crt_get_dn(cert, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (char *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* finally write it out */
+    err = gnutls_x509_crt_get_dn(cert, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    return(BAD_CAST buf);
+}
+
+xmlChar *
+xmlSecGnuTLSX509CertGetIssuerDN(gnutls_x509_crt_t cert) {
+    char* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get issuer size */
+    err = gnutls_x509_crt_get_issuer_dn(cert, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_issuer_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (char *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* finally write it out */
+    err = gnutls_x509_crt_get_issuer_dn(cert, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_issuer_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    return(BAD_CAST buf);
+}
+
+xmlChar *
+xmlSecGnuTLSX509CertGetIssuerSerial(gnutls_x509_crt_t cert) {
+    xmlChar * res = NULL;
+    unsigned char* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get issuer serial size */
+    err = gnutls_x509_crt_get_serial(cert, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_serial",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (unsigned char *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* write it out */
+    err = gnutls_x509_crt_get_serial(cert, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_serial",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* convert to string */
+    res = xmlSecGnuTLSASN1IntegerWrite(buf, bufSize);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSASN1IntegerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return(res);
+}
+
+xmlChar *
+xmlSecGnuTLSX509CertGetSKI(gnutls_x509_crt_t cert) {
+    xmlChar * res = NULL;
+    xmlSecByte* buf = NULL;
+    size_t bufSize = 0;
+    unsigned int critical = 0;
+    int err;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get ski size */
+    err = gnutls_x509_crt_get_subject_key_id(cert, NULL, &bufSize, &critical);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_subject_key_id",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* write it out */
+    err = gnutls_x509_crt_get_subject_key_id(cert, buf, &bufSize, &critical);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_get_subject_key_id",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* convert to string */
+    res = xmlSecBase64Encode(buf, bufSize, 0);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return(res);
+}
+
+
+gnutls_x509_crt_t
+xmlSecGnuTLSX509CertBase64DerRead(xmlChar* buf) {
+    int ret;
+
+    xmlSecAssert2(buf != NULL, NULL);
+
+    /* usual trick with base64 decoding "in-place" */
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    return(xmlSecGnuTLSX509CertRead((const xmlSecByte*)buf, ret, xmlSecKeyDataFormatCertDer));
+}
+
+gnutls_x509_crt_t
+xmlSecGnuTLSX509CertRead(const xmlSecByte* buf, xmlSecSize size, xmlSecKeyDataFormat format) {
+    gnutls_x509_crt_t cert = NULL;
+    gnutls_x509_crt_fmt_t fmt;
+    gnutls_datum_t data;
+    int err;
+
+    xmlSecAssert2(buf != NULL, NULL);
+    xmlSecAssert2(size > 0, NULL);
+
+    /* figure out format */
+    switch(format) {
+    case xmlSecKeyDataFormatPem:
+    case xmlSecKeyDataFormatCertPem:
+        fmt = GNUTLS_X509_FMT_PEM;
+        break;
+    case xmlSecKeyDataFormatDer:
+    case xmlSecKeyDataFormatCertDer:
+        fmt = GNUTLS_X509_FMT_DER;
+        break;
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
+    }
+
+    /* read cert */
+    err = gnutls_x509_crt_init(&cert);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_init",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    data.data = (unsigned char*)buf;
+    data.size = size;
+    err = gnutls_x509_crt_import(cert, &data, fmt);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_import",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        gnutls_x509_crt_deinit(cert);
+        return(NULL);
+    }
+
+    return(cert);
+}
+
+xmlChar*
+xmlSecGnuTLSX509CertBase64DerWrite(gnutls_x509_crt_t cert, int base64LineWrap) {
+    xmlChar * res = NULL;
+    xmlSecByte* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get size */
+    err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_export(GNUTLS_X509_FMT_DER)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* write it out */
+    err = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crt_export(GNUTLS_X509_FMT_DER)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* convert to string */
+    res = xmlSecBase64Encode(buf, bufSize, base64LineWrap);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return(res);
+}
+
+void
+xmlSecGnuTLSX509CertDebugDump(gnutls_x509_crt_t cert, FILE* output) {
+    xmlChar * buf;
+
+    xmlSecAssert(cert != NULL);
+    xmlSecAssert(output != NULL);
+
+    buf = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+    if(buf != NULL) {
+        fprintf(output, "==== Subject Name: %s\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "==== Subject Name: unknown\n");
+    }
+
+    buf = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+    if(buf != NULL) {
+        fprintf(output, "==== Issuer Name: %s\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "==== Issuer Name: unknown\n");
+    }
+
+    buf = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
+    if(buf != NULL) {
+        fprintf(output, "==== Issuer Serial: %s\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "==== Issuer Serial: unknown\n");
+    }
+}
+
+void
+xmlSecGnuTLSX509CertDebugXmlDump(gnutls_x509_crt_t cert, FILE* output) {
+    xmlChar * buf;
+
+    xmlSecAssert(cert != NULL);
+    xmlSecAssert(output != NULL);
+
+    buf = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+    if(buf != NULL) {
+        fprintf(output, "<SubjectName>%s</SubjectName>\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "<SubjectName>unknown</SubjectName>\n");
+    }
+
+    buf = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+    if(buf != NULL) {
+        fprintf(output, "<IssuerName>%s</IssuerName>\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "<IssuerName>unknown</IssuerName>\n");
+    }
+
+    buf = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
+    if(buf != NULL) {
+        fprintf(output, "<SerialNumber>%s</SerialNumber>\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "<SerialNumber>unknown</SerialNumber>\n");
+    }
+}
+
+/*************************************************************************
+ *
+ * x509 crls utils/helpers
+ *
+ ************************************************************************/
+
+/* HACK: gnutls doesn't have crl duplicate function, so we simply 
+ write crl out and then read it back */
+gnutls_x509_crl_t
+xmlSecGnuTLSX509CrlDup(gnutls_x509_crl_t src) {
+    xmlChar * buf = NULL;
+    gnutls_x509_crl_t res = NULL;
+
+    xmlSecAssert2(src != NULL, NULL);
+
+    buf = xmlSecGnuTLSX509CrlBase64DerWrite(src, 0);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CrlBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+    }
+
+    res = xmlSecGnuTLSX509CrlBase64DerRead(buf);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CrlBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return (NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return (res);
+}
+
+xmlChar *
+xmlSecGnuTLSX509CrlGetIssuerDN(gnutls_x509_crl_t crl) {
+    char* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(crl != NULL, NULL);
+
+    /* get issuer size */
+    err = gnutls_x509_crl_get_issuer_dn(crl, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_get_issuer_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (char *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* finally write it out */
+    err = gnutls_x509_crl_get_issuer_dn(crl, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_get_issuer_dn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    return(BAD_CAST buf);
+}
+
+gnutls_x509_crl_t
+xmlSecGnuTLSX509CrlBase64DerRead(xmlChar* buf) {
+    int ret;
+
+    xmlSecAssert2(buf != NULL, NULL);
+
+    /* usual trick with base64 decoding "in-place" */
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    return(xmlSecGnuTLSX509CrlRead((const xmlSecByte*)buf, ret, xmlSecKeyDataFormatCertDer));
+}
+
+gnutls_x509_crl_t
+xmlSecGnuTLSX509CrlRead(const xmlSecByte* buf, xmlSecSize size, xmlSecKeyDataFormat format) {
+    gnutls_x509_crl_t crl = NULL;
+    gnutls_x509_crt_fmt_t fmt;
+    gnutls_datum_t data;
+    int err;
+
+    xmlSecAssert2(buf != NULL, NULL);
+    xmlSecAssert2(size > 0, NULL);
+
+    /* figure out format */
+    switch(format) {
+    case xmlSecKeyDataFormatPem:
+    case xmlSecKeyDataFormatCertPem:
+        fmt = GNUTLS_X509_FMT_PEM;
+        break;
+    case xmlSecKeyDataFormatDer:
+    case xmlSecKeyDataFormatCertDer:
+        fmt = GNUTLS_X509_FMT_DER;
+        break;
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
+    }
+
+    /* read crl */
+    err = gnutls_x509_crl_init(&crl);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_init",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    data.data = (unsigned char*)buf;
+    data.size = size;
+    err = gnutls_x509_crl_import(crl, &data, fmt);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_import",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        gnutls_x509_crl_deinit(crl);
+        return(NULL);
+    }
+
+    return(crl);
+}
+
+xmlChar*
+xmlSecGnuTLSX509CrlBase64DerWrite(gnutls_x509_crl_t crl, int base64LineWrap) {
+    xmlChar * res = NULL;
+    xmlSecByte* buf = NULL;
+    size_t bufSize = 0;
+    int err;
+
+    xmlSecAssert2(crl != NULL, NULL);
+
+    /* get size */
+    err = gnutls_x509_crl_export(crl, GNUTLS_X509_FMT_DER, NULL, &bufSize);
+    if((err != GNUTLS_E_SHORT_MEMORY_BUFFER) || (bufSize <= 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_export(GNUTLS_X509_FMT_DER)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        return(NULL);
+    }
+
+    /* allocate buffer */
+    buf = (xmlSecByte *)xmlMalloc(bufSize + 1);
+    if(buf == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)bufSize);
+        return(NULL);
+    }
+
+    /* write it out */
+    err = gnutls_x509_crl_export(crl, GNUTLS_X509_FMT_DER, buf, &bufSize);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_crl_export(GNUTLS_X509_FMT_DER)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* convert to string */
+    res = xmlSecBase64Encode(buf, bufSize, base64LineWrap);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(buf);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(buf);
+    return(res);
+}
+
+void
+xmlSecGnuTLSX509CrlDebugDump(gnutls_x509_crl_t crl, FILE* output) {
+    xmlChar * buf;
+
+    xmlSecAssert(crl != NULL);
+    xmlSecAssert(output != NULL);
+
+    buf = xmlSecGnuTLSX509CrlGetIssuerDN(crl);
+    if(buf != NULL) {
+        fprintf(output, "==== Issuer Name: %s\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "==== Issuer Name: unknown\n");
+    }
+}
+
+void
+xmlSecGnuTLSX509CrlDebugXmlDump(gnutls_x509_crl_t crl, FILE* output) {
+    xmlChar * buf;
+
+    xmlSecAssert(crl != NULL);
+    xmlSecAssert(output != NULL);
+
+    buf = xmlSecGnuTLSX509CrlGetIssuerDN(crl);
+    if(buf != NULL) {
+        fprintf(output, "<IssuerName>%s</IssuerName>\n", buf);
+        xmlFree(buf);
+    } else {
+        fprintf(output, "<IssuerName>unknown</IssuerName>\n");
+    }
+}
+
+/*************************************************************************
+ *
+ * Misc. utils/helpers
+ *
+ ************************************************************************/
+xmlChar*
+xmlSecGnuTLSASN1IntegerWrite(const unsigned char * data, size_t len) {
+    xmlChar *res = NULL;
+    int resLen = 64; /* not more than 64 chars */
+    unsigned long long int val = 0;
+    size_t ii = 0;
+    int shift = 0;
+
+    xmlSecAssert2(data != NULL, NULL);
+    xmlSecAssert2(len <= 9, NULL);
+
+    /* HACK : to be fixed after GnuTLS provides a way to read opaque ASN1 integer */
+    for(ii = len; ii > 0; --ii, shift += 8) {
+        val |= ((unsigned long long)data[ii - 1]) << shift;
+    }
+
+    res = (xmlChar*)xmlMalloc(resLen + 1);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)resLen);
+        return (NULL);
+    }
+
+    xmlSecStrPrintf(res, resLen, BAD_CAST "%llu", val);
+    return(res);
+}
+
+/*************************************************************************
+ *
+ * pkcs12 utils/helpers
+ *
+ ************************************************************************/
+int
+xmlSecGnuTLSPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                             const char *pwd,
+                             gnutls_x509_privkey_t * priv_key,
+                             gnutls_x509_crt_t * key_cert,
+                             xmlSecPtrListPtr certsList)
+{
+    gnutls_pkcs12_t pkcs12 = NULL;
+    gnutls_pkcs12_bag_t bag = NULL;
+    gnutls_x509_crt_t cert = NULL;
+    gnutls_datum_t datum;
+    xmlSecSize certsSize;
+    int res = -1;
+    int idx;
+    int err;
+    int ret;
+
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(dataSize > 0, -1);
+    xmlSecAssert2(priv_key != NULL, -1);
+    xmlSecAssert2((*priv_key) == NULL, -1);
+    xmlSecAssert2(key_cert!= NULL, -1);
+    xmlSecAssert2((*key_cert) == NULL, -1);
+    xmlSecAssert2(certsList != NULL, -1);
+
+    /* read pkcs12 in internal structure */
+    err = gnutls_pkcs12_init(&pkcs12);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_pkcs12_init",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        goto done;
+    }
+
+    datum.data = (unsigned char *)data;
+    datum.size = dataSize;
+    err = gnutls_pkcs12_import(pkcs12, &datum, GNUTLS_X509_FMT_DER, 0);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_pkcs12_import",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* verify */
+    err = gnutls_pkcs12_verify_mac(pkcs12, pwd);
+    if(err != GNUTLS_E_SUCCESS) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_pkcs12_verify_mac",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+        goto done;
+    }
+
+    /* scan the pkcs structure and find the first private key */
+    for(idx = 0; ; ++idx) {
+        int bag_type;
+        int elements_in_bag;
+        int ii;
+
+        err = gnutls_pkcs12_bag_init(&bag);
+        if(err != GNUTLS_E_SUCCESS) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_pkcs12_bag_init",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(err));
+            goto done;
+        }
+
+        err = gnutls_pkcs12_get_bag(pkcs12, idx, bag);
+        if(err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
+            /* scanned the whole pkcs12, stop */
+            break;
+        } else if(err != GNUTLS_E_SUCCESS) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_pkcs12_get_bag",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(err));
+            goto done;
+        }
+
+        /* check if we need to decrypt the bag */
+        bag_type = gnutls_pkcs12_bag_get_type(bag, 0);
+        if(bag_type < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_pkcs12_bag_get_type",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(bag_type));
+            goto done;
+        }
+        if(bag_type == GNUTLS_BAG_ENCRYPTED) {
+            err = gnutls_pkcs12_bag_decrypt(bag, pwd);
+            if(err != GNUTLS_E_SUCCESS) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_pkcs12_bag_decrypt",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(err));
+                goto done;
+            }
+        }
+
+        /* scan elements in bag */
+        elements_in_bag = gnutls_pkcs12_bag_get_count(bag);
+        if(elements_in_bag < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_pkcs12_bag_get_count",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(bag_type));
+            goto done;
+        }
+        for(ii = 0; ii < elements_in_bag; ++ii) {
+            bag_type = gnutls_pkcs12_bag_get_type(bag, ii);
+            if(bag_type < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_pkcs12_bag_get_type",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(bag_type));
+                goto done;
+            }
+
+            err = gnutls_pkcs12_bag_get_data(bag, ii, &datum);
+            if(err != GNUTLS_E_SUCCESS) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_pkcs12_bag_get_data",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(err));
+                goto done;
+            }
+
+            switch(bag_type) {
+            case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
+            case GNUTLS_BAG_PKCS8_KEY:
+                /* we want only the first private key */
+                if((*priv_key) == NULL) {
+                    err = gnutls_x509_privkey_init(priv_key);
+                    if(err != GNUTLS_E_SUCCESS) {
+                        xmlSecError(XMLSEC_ERRORS_HERE,
+                                    NULL,
+                                    "gnutls_x509_privkey_init",
+                                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+                        goto done;
+                    }
+
+                    err = gnutls_x509_privkey_import_pkcs8((*priv_key),
+                                &datum, GNUTLS_X509_FMT_DER,
+                                pwd,
+                                (bag_type == GNUTLS_BAG_PKCS8_KEY) ? GNUTLS_PKCS_PLAIN : 0);
+                    if(err != GNUTLS_E_SUCCESS) {
+                        xmlSecError(XMLSEC_ERRORS_HERE,
+                                    NULL,
+                                    "gnutls_x509_privkey_import_pkcs8",
+                                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                    XMLSEC_GNUTLS_REPORT_ERROR(err));
+                        goto done;
+                    }
+                }
+                break;
+            case GNUTLS_BAG_CERTIFICATE:
+                err = gnutls_x509_crt_init(&cert);
+                if(err != GNUTLS_E_SUCCESS) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "gnutls_x509_crt_init",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                XMLSEC_GNUTLS_REPORT_ERROR(err));
+                    goto done;
+                }
+
+                err = gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER);
+                if(err != GNUTLS_E_SUCCESS) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "gnutls_x509_crt_import",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                XMLSEC_GNUTLS_REPORT_ERROR(err));
+                    goto done;
+                }
+
+                ret = xmlSecPtrListAdd(certsList, cert);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecPtrListAdd(certsList)",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
+                }
+                cert = NULL; /* owned by certsList now */
+                break;
+            default:
+                /* ignore unknown bag element */
+                break;
+            }
+        }
+
+        /* done with bag */
+        gnutls_pkcs12_bag_deinit(bag);
+        bag = NULL;
+    }
+
+    /* check we have private key */
+    if((*priv_key) == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "Private key was not found in pkcs12 object");
+        goto done;
+    }
+
+    /* we will search for key cert using the key id */
+    certsSize = xmlSecPtrListGetSize(certsList);
+    if(certsSize > 0) {
+        size_t cert_id_size = 0;
+        size_t key_id_size = 0;
+        xmlSecByte cert_id[100];
+        xmlSecByte key_id[100];
+        xmlSecSize ii;
+
+        key_id_size = sizeof(key_id);
+        err = gnutls_x509_privkey_get_key_id((*priv_key), 0, key_id, &key_id_size);
+        if(err != GNUTLS_E_SUCCESS) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_privkey_get_key_id",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(err));
+            goto done;
+        }
+        for(ii = 0; ii < certsSize; ++ii) {
+            gnutls_x509_crt_t tmp;
+
+            tmp = xmlSecPtrListGetItem(certsList, ii);
+            if(tmp == NULL) {
+                continue;
+            }
+
+            cert_id_size = sizeof(cert_id);
+            err = gnutls_x509_crt_get_key_id(tmp, 0, cert_id, &cert_id_size);
+            if(err != GNUTLS_E_SUCCESS) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "gnutls_x509_crt_get_key_id",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_GNUTLS_REPORT_ERROR(err));
+                goto done;
+            }
+
+            /* if key ids match, then this is THE key cert!!! */
+            if((key_id_size == cert_id_size) && (memcmp(key_id, cert_id, key_id_size) == 0)) {
+                (*key_cert) = xmlSecGnuTLSX509CertDup(tmp);
+                if((*key_cert) == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecGnuTLSX509CertDup",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
+                }
+
+                break;
+            }
+        }
+
+        /* check we have key cert */
+        if((*key_cert) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "Certificate for the private key was not found in pkcs12 object");
+            goto done;
+        }
+    }
+
+
+    /* success!!! */
+    res = 0;
+
+done:
+    if(cert != NULL) {
+        gnutls_x509_crt_deinit(cert);
+    }
+    if(bag != NULL) {
+        gnutls_pkcs12_bag_deinit(bag);
+    }
+    if(pkcs12 != NULL) {
+        gnutls_pkcs12_deinit(pkcs12);
+    }
+    return(res);
+}
+
+xmlSecKeyDataPtr
+xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey(gnutls_x509_privkey_t priv_key) {
+    xmlSecKeyDataPtr res = NULL;
+    int key_alg;
+    int ret;
+
+    xmlSecAssert2(priv_key != NULL, NULL);
+
+    /* create key value data */
+    key_alg = gnutls_x509_privkey_get_pk_algorithm(priv_key);
+    if(key_alg < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_privkey_get_pk_algorithm",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_GNUTLS_REPORT_ERROR(key_alg));
+        return (NULL);
+    }
+    switch(key_alg) {
+#ifndef XMLSEC_NO_RSA
+    case GNUTLS_PK_RSA:
+        res = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataRsaId);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGnuTLSKeyDataRsaId");
+            return(NULL);
+        }
+
+        ret = xmlSecGnuTLSKeyDataRsaAdoptPrivateKey(res, priv_key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGnuTLSKeyDataRsaAdoptPrivateKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGnuTLSKeyDataRsaId");
+            xmlSecKeyDataDestroy(res);
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_DSA
+    case GNUTLS_PK_DSA:
+        res = xmlSecKeyDataCreate(xmlSecGnuTLSKeyDataDsaId);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGnuTLSKeyDataDsaId");
+            return(NULL);
+        }
+
+        ret = xmlSecGnuTLSKeyDataDsaAdoptPrivateKey(res, priv_key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGnuTLSKeyDataDsaAdoptPrivateKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecGnuTLSKeyDataDsaId");
+            xmlSecKeyDataDestroy(res);
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_DSA */
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "gnutls_x509_privkey_get_pk_algorithm",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "Unsupported algorithm %d", (int)key_alg);
+        return(NULL);
+    }
+
+    /* done */
+    return(res);
+}
+
+/*************************************************************************
+ *
+ * LDAP DN parser
+ *
+ ************************************************************************/
+void
+xmlSecGnuTLSDnAttrsInitialize(xmlSecGnuTLSDnAttr * attrs, xmlSecSize attrsSize) {
+    xmlSecAssert(attrs != NULL);
+    xmlSecAssert(attrsSize > 0);
+
+    memset(attrs, 0, attrsSize * sizeof(xmlSecGnuTLSDnAttr));
+}
+
+void
+xmlSecGnuTLSDnAttrsDeinitialize(xmlSecGnuTLSDnAttr * attrs, xmlSecSize attrsSize) {
+    xmlSecSize ii;
+
+    xmlSecAssert(attrs != NULL);
+    xmlSecAssert(attrsSize > 0);
+
+    for(ii = 0; ii < attrsSize; ++ii) {
+        if(attrs[ii].key != NULL) {
+            xmlFree(attrs[ii].key);
+        }
+        if(attrs[ii].value != NULL) {
+            xmlFree(attrs[ii].value);
+        }
+    }
+    memset(attrs, 0, attrsSize * sizeof(xmlSecGnuTLSDnAttr));
+}
+
+const xmlSecGnuTLSDnAttr *
+xmlSecGnuTLSDnAttrrsFind(const xmlSecGnuTLSDnAttr * attrs,
+                         xmlSecSize attrsSize,
+                         const xmlChar * key)
+{
+    xmlSecSize ii;
+
+    xmlSecAssert2(attrs != NULL, NULL);
+    xmlSecAssert2(attrsSize > 0, NULL);
+    xmlSecAssert2(key != NULL, NULL);
+
+    for(ii = 0; ii < attrsSize; ++ii) {
+        /* simple case */
+        if(xmlStrcasecmp(key, attrs[ii].key) == 0) {
+            return(&(attrs[ii]));
+        }
+
+        /* special case for emailAddress (as usual) */
+        if((xmlStrcasecmp(key, BAD_CAST "emailAddress") == 0) &&
+           (xmlStrcasecmp(attrs[ii].key, BAD_CAST "email") == 0))
+        {
+            return(&(attrs[ii]));
+        }
+        if((xmlStrcasecmp(key, BAD_CAST "email") == 0) &&
+           (xmlStrcasecmp(attrs[ii].key, BAD_CAST "emailAddress") == 0))
+        {
+            return(&(attrs[ii]));
+        }
+    }
+
+    /* not found :( */
+    return(NULL);
+}
+
+int
+xmlSecGnuTLSDnAttrsEqual(const xmlSecGnuTLSDnAttr * ll, xmlSecSize llSize,
+                         const xmlSecGnuTLSDnAttr * rr, xmlSecSize rrSize) 
+{
+    xmlSecSize llNum = 0;
+    xmlSecSize rrNum = 0;
+    const xmlSecGnuTLSDnAttr * tmp;
+    xmlSecSize ii;
+
+    xmlSecAssert2(ll != NULL, -1);
+    xmlSecAssert2(llSize > 0, -1);
+    xmlSecAssert2(rr != NULL, -1);
+    xmlSecAssert2(rrSize > 0, -1);
+
+    /* compare number of non-nullattributes */
+    for(ii = 0; ii < llSize; ++ii) {
+        if(ll[ii].key != NULL) {
+            ++llNum;
+        }
+    }
+    for(ii = 0; ii < rrSize; ++ii) {
+        if(rr[ii].key != NULL) {
+            ++rrNum;
+        }
+    }
+    if(llNum != rrNum) {
+        return(0);
+    }
+
+    /* make sure that all ll attrs are equal to rr attrs */
+    for(ii = 0; ii < llSize; ++ii) {
+        if(ll[ii].key == NULL) {
+            continue;
+        }
+
+        tmp = xmlSecGnuTLSDnAttrrsFind(rr, rrSize, ll[ii].key);
+        if(tmp == NULL) {
+            return(0); /* attribute was not found */
+        }
+
+        if(!xmlStrEqual(ll[ii].value, tmp->value)) {
+            return(0); /* different values */
+        }
+    }
+
+    /* good!!! */
+    return(1);
+}
+
+/*
+Distinguished name syntax
+
+The formal syntax for a Distinguished Name (DN) is based on RFC 2253. 
+The Backus Naur Form (BNF) syntax is defined as follows:
+
+    <name> ::= <name-component> ( <spaced-separator> )
+          | <name-component> <spaced-separator> <name>
+
+   <spaced-separator> ::= <optional-space>
+                   <separator>
+                   <optional-space>
+
+   <separator> ::=  "," | ";"
+
+   <optional-space> ::= ( <CR> ) *( " " )
+
+   <name-component> ::= <attribute>
+           | <attribute> <optional-space> "+"
+             <optional-space> <name-component>
+
+   <attribute> ::= <string>
+           | <key> <optional-space> "=" <optional-space> <string>
+
+   <key> ::= 1*( <keychar> ) | "OID." <oid> | "oid." <oid>
+   <keychar> ::= letters, numbers, and space
+
+   <oid> ::= <digitstring> | <digitstring> "." <oid>
+   <digitstring> ::= 1*<digit>
+   <digit> ::= digits 0-9
+
+   <string> ::= *( <stringchar> | <pair> )
+            | '"' *( <stringchar> | <special> | <pair> ) '"'
+            | "#" <hex>
+
+
+   <special> ::= "," | "=" | <CR> | "+" | "<" |  ">"
+            | "#" | ";"
+
+   <pair> ::= "\" ( <special> | "\" | '"')
+   <stringchar> ::= any character except <special> or "\" or '"'
+
+
+   <hex> ::= 2*<hexchar>
+   <hexchar> ::= 0-9, a-f, A-F
+
+A semicolon (;) character can be used to separate RDNs in a distinguished name,
+although the comma (,) character is the typical notation.
+
+White-space characters (spaces) might be present on either side of the comma or
+semicolon. The white-space characters are ignored, and the semicolon is replaced
+with a comma.
+
+In addition, space (' ' ASCII 32) characters may be present either before or 
+after a '+' or '='. These space characters are ignored when parsing.
+*/
+enum xmlSecGnuTLSDnParseState {
+    xmlSecGnuTLSDnParseState_BeforeNameComponent = 0,
+    xmlSecGnuTLSDnParseState_Key,
+    xmlSecGnuTLSDnParseState_BeforeString,
+    xmlSecGnuTLSDnParseState_String,
+    xmlSecGnuTLSDnParseState_QuotedString,
+    xmlSecGnuTLSDnParseState_AfterQuotedString
+};
+
+#define XMLSEC_GNUTLS_IS_SPACE(ch)      \
+        (((ch) == ' ') || ((ch) == '\n') || ((ch) == '\r'))
+
+int
+xmlSecGnuTLSDnAttrsParse(const xmlChar * dn,
+                         xmlSecGnuTLSDnAttr * attrs, xmlSecSize attrsSize)
+{
+    xmlChar * tmp = NULL;
+    xmlChar * p;
+    xmlChar ch;
+    enum xmlSecGnuTLSDnParseState state;
+    int slash;
+    xmlSecSize pos;
+    int res = -1;
+
+    xmlSecAssert2(dn != NULL, -1);
+    xmlSecAssert2(attrs != NULL, -1);
+    xmlSecAssert2(attrsSize > 0, -1);
+
+    /* allocate buffer, we don't need more than string */
+    tmp = (xmlChar *)xmlMalloc(xmlStrlen(dn) + 1);
+    if(tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", (int)(xmlStrlen(dn) + 1));
+        goto done;
+    }
+
+    /* state machine */
+    state = xmlSecGnuTLSDnParseState_BeforeNameComponent;
+    slash = 0;
+    pos = 0;
+    p = tmp;
+    for(ch = (*dn); ; ch = *(++dn)) {
+        switch(state) {
+        case xmlSecGnuTLSDnParseState_BeforeNameComponent:
+            if(!XMLSEC_GNUTLS_IS_SPACE(ch)) {
+                *(p++) = ch; /* we are sure we have enough buffer */
+                state = xmlSecGnuTLSDnParseState_Key;
+            } else {
+                /* just skip space */
+            }
+            break;
+        case xmlSecGnuTLSDnParseState_Key:
+            /* we don't support
+            1) <attribute><optional-space>"+"<optional-space><name-component>
+            2) <attribute> ::= <string>
+            */
+            if(ch != '=') {
+                *(p++) = ch; /* we are sure we have enough buffer */
+            } else {
+                *(p) = '\0';
+                /* remove spaces back */
+                while((p > tmp) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) {
+                    *(--p) = '\0';
+                }
+
+                /* insert into the attrs */
+                if(pos >= attrsSize) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "Not enough space: size=%d", (int)attrsSize);
+                    goto done;
+                }
+                attrs[pos].key = xmlStrdup(tmp);
+                if(attrs[pos].key == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlStrdup",
+                                XMLSEC_ERRORS_R_MALLOC_FAILED,
+                                "size=%d", (int)(xmlStrlen(tmp) + 1));
+                    goto done;
+                }
+
+                state = xmlSecGnuTLSDnParseState_BeforeString;
+                p = tmp;
+            }
+            break;
+        case xmlSecGnuTLSDnParseState_BeforeString:
+            if(!XMLSEC_GNUTLS_IS_SPACE(ch)) {
+                if(ch != '\"') {
+                    state = xmlSecGnuTLSDnParseState_String;
+                    slash = 0;
+                    --dn; /* small hack, so we can look at the same char 
+                           again with the correct state */
+                } else {
+                    state = xmlSecGnuTLSDnParseState_QuotedString;
+                    slash = 0;
+                }
+            } else {
+                /* just skip space */
+            }
+            break;
+        case xmlSecGnuTLSDnParseState_String:
+            if(slash == 1) {
+                *(p++) = ch; /* we are sure we have enough buffer */
+                slash = 0;
+            } else if(ch == '\\') {
+                slash = 1;
+            } else if((ch == ',') || (ch == ';') || (ch == '\0')) {
+                *(p) = '\0';
+                /* remove spaces back */
+                while((p > tmp) && (XMLSEC_GNUTLS_IS_SPACE(*(p - 1)))) {
+                    *(--p) = '\0';
+                }
+
+                attrs[pos].value = xmlStrdup(tmp);
+                if(attrs[pos].value == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlStrdup",
+                                XMLSEC_ERRORS_R_MALLOC_FAILED,
+                                "size=%d", (int)(xmlStrlen(tmp) + 1));
+                    goto done;
+                }
+                state = xmlSecGnuTLSDnParseState_BeforeNameComponent;
+                ++pos;
+                p = tmp;
+            } else {
+                *(p++) = ch; /* we are sure we have enough buffer */
+            }
+            break;
+        case xmlSecGnuTLSDnParseState_QuotedString:
+            if(slash == 1) {
+                *(p++) = ch; /* we are sure we have enough buffer */
+                slash = 0;
+            } else if(ch == '\\') {
+                slash = 1;
+            } else if(ch == '\"') {
+                *(p) = '\0'; 
+                /* don't remove spaces for quoted string */
+
+                attrs[pos].value = xmlStrdup(tmp);
+                if(attrs[pos].value == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlStrdup",
+                                XMLSEC_ERRORS_R_MALLOC_FAILED,
+                                "size=%d", (int)(xmlStrlen(tmp) + 1));
+                    goto done;
+                }
+                state = xmlSecGnuTLSDnParseState_AfterQuotedString;
+                ++pos;
+                p = tmp;
+            } else {
+                *(p++) = ch; /* we are sure we have enough buffer */
+            }
+            break;
+        case xmlSecGnuTLSDnParseState_AfterQuotedString:
+            if(!XMLSEC_GNUTLS_IS_SPACE(ch)) {
+                if((ch == ',') || (ch == ';') || (ch == '\0')) {
+                    state = xmlSecGnuTLSDnParseState_BeforeNameComponent;
+                } else {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "Unexpected character %c (expected space or ',' or ';')",
+                                ch);
+                    goto done;
+                }
+            } else {
+                /* just skip space */
+            }
+            break;
+        }
+
+        if(ch == '\0') {
+            /* done */
+            break;
+        }
+    }
+
+    /* check end state */
+    if(state != xmlSecGnuTLSDnParseState_BeforeNameComponent) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "Unexpected state %d at the end of parsing",
+                    (int)state);
+        goto done;
+    }
+
+    /* debug
+    {
+        xmlSecSize ii;
+        for(ii = 0; ii < attrsSize; ++ii) {
+            if(attrs[ii].key != NULL) {
+                printf("DEBUG: attrs - %s=>%s\n", attrs[ii].key, attrs[ii].value);
+            }
+        }
+    }
+    */
+
+    /* done */
+    res = 0;
+
+done:
+    if(tmp != NULL) {
+        xmlFree(tmp);
+    }
+    return(res);
+}
+
+
+#endif /* XMLSEC_NO_X509 */
+
+
+
diff --git a/src/gnutls/x509utils.h b/src/gnutls/x509utils.h
new file mode 100644
index 00000000..b939b248
--- /dev/null
+++ b/src/gnutls/x509utils.h
@@ -0,0 +1,143 @@
+/*
+ * XML Security Library
+ *
+ * THIS IS A PRIVATE XMLSEC HEADER FILE
+ * DON'T USE IT IN YOUR APPLICATION
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef __XMLSEC_GNUTLS_X509UTILS_H__
+#define __XMLSEC_GNUTLS_X509UTILS_H__
+
+#ifndef XMLSEC_PRIVATE
+#error "gnutls/x509utils.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#ifndef XMLSEC_NO_X509
+
+/**************************************************************************
+ *
+ * X509 certs list
+ *
+ *****************************************************************************/
+#define xmlSecGnuTLSX509CrtListId   \
+        xmlSecGnuTLSX509CrtListGetKlass()
+xmlSecPtrListId         xmlSecGnuTLSX509CrtListGetKlass         (void);
+
+/**************************************************************************
+ *
+ * X509 crls list
+ *
+ *****************************************************************************/
+#define xmlSecGnuTLSX509CrlListId   \
+        xmlSecGnuTLSX509CrlListGetKlass()
+xmlSecPtrListId         xmlSecGnuTLSX509CrlListGetKlass         (void);
+
+/*************************************************************************
+ *
+ * x509 certs utils/helpers
+ *
+ ************************************************************************/
+gnutls_x509_crt_t       xmlSecGnuTLSX509CertDup                 (gnutls_x509_crt_t src);
+xmlChar *               xmlSecGnuTLSX509CertGetSubjectDN        (gnutls_x509_crt_t cert);
+xmlChar *               xmlSecGnuTLSX509CertGetIssuerDN         (gnutls_x509_crt_t cert);
+xmlChar *               xmlSecGnuTLSX509CertGetIssuerSerial     (gnutls_x509_crt_t cert);
+xmlChar *               xmlSecGnuTLSX509CertGetSKI              (gnutls_x509_crt_t cert);
+gnutls_x509_crt_t       xmlSecGnuTLSX509CertRead                (const xmlSecByte* buf,
+                                                                 xmlSecSize size,
+                                                                 xmlSecKeyDataFormat format);
+gnutls_x509_crt_t       xmlSecGnuTLSX509CertBase64DerRead       (xmlChar* buf);
+xmlChar*                xmlSecGnuTLSX509CertBase64DerWrite      (gnutls_x509_crt_t cert,
+                                                                 int base64LineWrap);
+void                    xmlSecGnuTLSX509CertDebugDump           (gnutls_x509_crt_t cert,
+                                                                 FILE* output);
+void                    xmlSecGnuTLSX509CertDebugXmlDump        (gnutls_x509_crt_t cert,
+                                                                 FILE* output);
+
+/*************************************************************************
+ *
+ * x509 crls utils/helpers
+ *
+ ************************************************************************/
+gnutls_x509_crl_t       xmlSecGnuTLSX509CrlDup                  (gnutls_x509_crl_t src);
+xmlChar *               xmlSecGnuTLSX509CrLGetIssuerDN          (gnutls_x509_crl_t crl);
+gnutls_x509_crl_t       xmlSecGnuTLSX509CrlRead                 (const xmlSecByte* buf,
+                                                                 xmlSecSize size,
+                                                                 xmlSecKeyDataFormat format);
+gnutls_x509_crl_t       xmlSecGnuTLSX509CrlBase64DerRead        (xmlChar* buf);
+xmlChar*                xmlSecGnuTLSX509CrlBase64DerWrite       (gnutls_x509_crl_t crl,
+                                                                 int base64LineWrap);
+void                    xmlSecGnuTLSX509CrlDebugDump            (gnutls_x509_crl_t crl,
+                                                                 FILE* output);
+void                    xmlSecGnuTLSX509CrlDebugXmlDump         (gnutls_x509_crl_t crl,
+                                                                 FILE* output);
+
+/*************************************************************************
+ *
+ * Misc. utils/helpers
+ *
+ ************************************************************************/
+xmlChar*                xmlSecGnuTLSASN1IntegerWrite            (const unsigned char * data, 
+                                                                 size_t len);
+
+
+
+/*************************************************************************
+ *
+ * pkcs12 utils/helpers
+ *
+ ************************************************************************/
+int                     xmlSecGnuTLSPkcs12LoadMemory            (const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 const char *pwd,
+                                                                 gnutls_x509_privkey_t * priv_key,
+                                                                 gnutls_x509_crt_t * key_cert,
+                                                                 xmlSecPtrListPtr certsList);
+
+/*************************************************************************
+ *
+ * keydata utils/helpers
+ *
+ ************************************************************************/
+xmlSecKeyDataPtr        xmlSecGnuTLSCreateKeyDataAndAdoptPrivKey(gnutls_x509_privkey_t priv_key);
+
+
+/*************************************************************************
+ *
+ * LDAP DN parser
+ *
+ ************************************************************************/
+typedef struct _xmlSecGnuTLSDnAttr {
+    xmlChar * key;
+    xmlChar * value;
+} xmlSecGnuTLSDnAttr;
+
+void                    xmlSecGnuTLSDnAttrsInitialize           (xmlSecGnuTLSDnAttr * attrs,
+                                                                 xmlSecSize attrsSize);
+void                    xmlSecGnuTLSDnAttrsDeinitialize         (xmlSecGnuTLSDnAttr * attrs,
+                                                                 xmlSecSize attrsSize);
+const xmlSecGnuTLSDnAttr * xmlSecGnuTLSDnAttrrsFind             (const xmlSecGnuTLSDnAttr * attrs,
+                                                                 xmlSecSize attrsSize,
+                                                                 const xmlChar * key);
+int                     xmlSecGnuTLSDnAttrsEqual                (const xmlSecGnuTLSDnAttr * ll,
+                                                                 xmlSecSize llSize,
+                                                                 const xmlSecGnuTLSDnAttr * rr,
+                                                                 xmlSecSize rrSize);
+int                     xmlSecGnuTLSDnAttrsParse                (const xmlChar * dn,
+                                                                 xmlSecGnuTLSDnAttr * attrs,
+                                                                 xmlSecSize attrsSize);
+#endif /* XMLSEC_NO_X509 */
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+
+#endif /* ! __XMLSEC_GNUTLS_X509UTILS_H__ */
diff --git a/src/gnutls/x509vfy.c b/src/gnutls/x509vfy.c
new file mode 100644
index 00000000..fd15c5ac
--- /dev/null
+++ b/src/gnutls/x509vfy.c
@@ -0,0 +1,802 @@
+/**
+ * XMLSec library
+ *
+ * X509 support
+ *
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#ifndef XMLSEC_NO_X509
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <errno.h>
+
+#include <libxml/tree.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/keyinfo.h>
+#include <xmlsec/keysmngr.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/gnutls/crypto.h>
+#include <xmlsec/gnutls/x509.h>
+
+#include "x509utils.h"
+
+/**************************************************************************
+ *
+ * Internal GnuTLS X509 store CTX
+ *
+ *************************************************************************/
+typedef struct _xmlSecGnuTLSX509StoreCtx                xmlSecGnuTLSX509StoreCtx,
+                                                        *xmlSecGnuTLSX509StoreCtxPtr;
+struct _xmlSecGnuTLSX509StoreCtx {
+    xmlSecPtrList certsTrusted;
+    xmlSecPtrList certsUntrusted;
+};
+
+/****************************************************************************
+ *
+ * xmlSecGnuTLSKeyDataStoreX509Id:
+ *
+ * xmlSecGnuTLSX509StoreCtx is located after xmlSecTransform
+ *
+ ***************************************************************************/
+#define xmlSecGnuTLSX509StoreGetCtx(store) \
+    ((xmlSecGnuTLSX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
+                                    sizeof(xmlSecKeyDataStoreKlass)))
+#define xmlSecGnuTLSX509StoreSize      \
+    (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecGnuTLSX509StoreCtx))
+
+static int              xmlSecGnuTLSX509StoreInitialize                 (xmlSecKeyDataStorePtr store);
+static void             xmlSecGnuTLSX509StoreFinalize                   (xmlSecKeyDataStorePtr store);
+
+static xmlSecKeyDataStoreKlass xmlSecGnuTLSX509StoreKlass = {
+    sizeof(xmlSecKeyDataStoreKlass),
+    xmlSecGnuTLSX509StoreSize,
+
+    /* data */
+    xmlSecNameX509Store,                        /* const xmlChar* name; */
+
+    /* constructors/destructor */
+    xmlSecGnuTLSX509StoreInitialize,            /* xmlSecKeyDataStoreInitializeMethod initialize; */
+    xmlSecGnuTLSX509StoreFinalize,              /* xmlSecKeyDataStoreFinalizeMethod finalize; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+static gnutls_x509_crt_t xmlSecGnuTLSX509FindCert                       (xmlSecPtrListPtr certs,
+                                                                         const xmlChar *subjectName,
+                                                                         const xmlChar *issuerName,
+                                                                         const xmlChar *issuerSerial,
+                                                                         const xmlChar *ski);
+static gnutls_x509_crt_t xmlSecGnuTLSX509FindSignedCert                 (xmlSecPtrListPtr certs,
+                                                                         gnutls_x509_crt_t cert);
+static gnutls_x509_crt_t xmlSecGnuTLSX509FindSignerCert                 (xmlSecPtrListPtr certs,
+                                                                         gnutls_x509_crt_t cert);
+
+
+/**
+ * xmlSecGnuTLSX509StoreGetKlass:
+ *
+ * The GnuTLS X509 certificates key data store klass.
+ *
+ * Returns: pointer to GnuTLS X509 certificates key data store klass.
+ */
+xmlSecKeyDataStoreId
+xmlSecGnuTLSX509StoreGetKlass(void) {
+    return(&xmlSecGnuTLSX509StoreKlass);
+}
+
+/**
+ * xmlSecGnuTLSX509StoreFindCert:
+ * @store:              the pointer to X509 key data store klass.
+ * @subjectName:        the desired certificate name.
+ * @issuerName:         the desired certificate issuer name.
+ * @issuerSerial:       the desired certificate issuer serial number.
+ * @ski:                the desired certificate SKI.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Searches @store for a certificate that matches given criteria.
+ *
+ * Returns: pointer to found certificate or NULL if certificate is not found
+ * or an error occurs.
+ */
+gnutls_x509_crt_t
+xmlSecGnuTLSX509StoreFindCert(xmlSecKeyDataStorePtr store,
+                              const xmlChar *subjectName,
+                              const xmlChar *issuerName,
+                              const xmlChar *issuerSerial,
+                              const xmlChar *ski,
+                              const xmlSecKeyInfoCtx* keyInfoCtx) {
+    xmlSecGnuTLSX509StoreCtxPtr ctx;
+    gnutls_x509_crt_t res = NULL;
+
+    xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId), NULL);
+    xmlSecAssert2(keyInfoCtx != NULL, NULL);
+
+    ctx = xmlSecGnuTLSX509StoreGetCtx(store);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    if(res == NULL) {
+        res = xmlSecGnuTLSX509FindCert(&(ctx->certsTrusted), subjectName, issuerName, issuerSerial, ski);
+    }
+    if(res == NULL) {
+        res = xmlSecGnuTLSX509FindCert(&(ctx->certsUntrusted), subjectName, issuerName, issuerSerial, ski);
+    }
+    return(res);
+}
+
+static int
+xmlSecGnuTLSX509CheckTime(const gnutls_x509_crt_t * cert_list,
+                          xmlSecSize cert_list_length,
+                          time_t ts)
+{
+    time_t notValidBefore, notValidAfter;
+    xmlSecSize ii;
+
+    xmlSecAssert2(cert_list != NULL, -1);
+
+    for(ii = 0; ii < cert_list_length; ++ii) {
+        const gnutls_x509_crt_t cert = cert_list[ii];
+        if(cert == NULL) {
+            continue;
+        }
+
+        /* get expiration times */
+        notValidBefore = gnutls_x509_crt_get_activation_time(cert);
+        if(notValidBefore == (time_t)-1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_crt_get_activation_time",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        notValidAfter = gnutls_x509_crt_get_expiration_time(cert);
+        if(notValidAfter == (time_t)-1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_crt_get_expiration_time",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+       }
+
+        /* check */
+        if(ts < notValidBefore) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_YET_VALID,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(0);
+        }
+        if(ts > notValidAfter) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(0);
+        }
+    }
+
+    /* GOOD! */
+    return(1);
+}
+
+/**
+ * xmlSecGnuTLSX509StoreVerify:
+ * @store:              the pointer to X509 key data store klass.
+ * @certs:              the untrusted certificates.
+ * @crls:               the crls.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Verifies @certs list.
+ *
+ * Returns: pointer to the first verified certificate from @certs.
+ */
+gnutls_x509_crt_t
+xmlSecGnuTLSX509StoreVerify(xmlSecKeyDataStorePtr store,
+                            xmlSecPtrListPtr certs,
+                            xmlSecPtrListPtr crls,
+                            const xmlSecKeyInfoCtx* keyInfoCtx) {
+    xmlSecGnuTLSX509StoreCtxPtr ctx;
+    gnutls_x509_crt_t res = NULL;
+    xmlSecSize certs_size = 0;
+    gnutls_x509_crt_t * cert_list = NULL;
+    xmlSecSize cert_list_length;
+    gnutls_x509_crl_t * crl_list = NULL;
+    xmlSecSize crl_list_length;
+    gnutls_x509_crt_t * ca_list = NULL;
+    xmlSecSize ca_list_length;
+    time_t verification_time;
+    unsigned int flags = 0;
+    xmlSecSize ii;
+    int ret;
+    int err;
+
+    xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId), NULL);
+    xmlSecAssert2(certs != NULL, NULL);
+    xmlSecAssert2(crls != NULL, NULL);
+    xmlSecAssert2(keyInfoCtx != NULL, NULL);
+
+    certs_size = xmlSecPtrListGetSize(certs);
+    if(certs_size <= 0) {
+        /* nothing to do */
+        return(NULL);
+    }
+
+    ctx = xmlSecGnuTLSX509StoreGetCtx(store);
+    xmlSecAssert2(ctx != NULL, NULL);
+
+    /* Prepare */
+    cert_list_length = certs_size + xmlSecPtrListGetSize(&(ctx->certsUntrusted));
+    if(cert_list_length > 0) {
+        cert_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * cert_list_length);
+        if(cert_list == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "size=%d", (int)(sizeof(gnutls_x509_crt_t) * cert_list_length));
+            goto done;
+        }
+    }
+    crl_list_length = xmlSecPtrListGetSize(crls);
+    if(crl_list_length > 0) {
+        crl_list = (gnutls_x509_crl_t *)xmlMalloc(sizeof(gnutls_x509_crl_t) * crl_list_length);
+        if(crl_list == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "size=%d", (int)(sizeof(gnutls_x509_crl_t) * crl_list_length));
+            goto done;
+        }
+        for(ii = 0; ii < crl_list_length; ++ii) {
+            crl_list[ii] = xmlSecPtrListGetItem(crls, ii);
+            if(crl_list[ii] == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "xmlSecPtrListGetItem(crls)",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+    }
+
+    ca_list_length = xmlSecPtrListGetSize(&(ctx->certsTrusted));
+    if(ca_list_length > 0) {
+        ca_list = (gnutls_x509_crt_t *)xmlMalloc(sizeof(gnutls_x509_crt_t) * ca_list_length);
+        if(ca_list == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "size=%d", (int)(sizeof(gnutls_x509_crt_t) * ca_list_length));
+            goto done;
+        }
+        for(ii = 0; ii < ca_list_length; ++ii) {
+            ca_list[ii] = xmlSecPtrListGetItem(&(ctx->certsTrusted), ii);
+            if(ca_list[ii] == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "xmlSecPtrListGetItem(certsTrusted)",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+    }
+
+    /* gnutls doesn't allow to specify "verification" timestamp so
+       we have to do it ourselves */
+    verification_time = (keyInfoCtx->certsVerificationTime > 0) ?
+                        keyInfoCtx->certsVerificationTime :
+                        time(0);
+    flags |= GNUTLS_VERIFY_DISABLE_TIME_CHECKS;
+
+    if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0) {
+        flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2;
+        flags |= GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
+    }
+
+    /* We are going to build all possible cert chains and try to verify them */
+    for(ii = 0; (ii < certs_size) && (res == NULL); ++ii) {
+        gnutls_x509_crt_t cert, cert2;
+        xmlSecSize cert_list_cur_length = 0;
+        unsigned int verify = 0;
+
+        cert = xmlSecPtrListGetItem(certs, ii);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlSecPtrListGetItem(certs)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+
+        /* check if we are the "leaf" node in the certs chain */
+        if(xmlSecGnuTLSX509FindSignedCert(certs, cert) != NULL) {
+            continue;
+        }
+
+        /* build the chain */
+        for(cert2 = cert, cert_list_cur_length = 0;
+            (cert2 != NULL) && (cert_list_cur_length < cert_list_length);
+            ++cert_list_cur_length)
+        {
+            gnutls_x509_crt_t tmp;
+
+            /* store */
+            cert_list[cert_list_cur_length] = cert2;
+
+            /* find next */
+            tmp = xmlSecGnuTLSX509FindSignerCert(certs, cert2);
+            if(tmp == NULL) {
+                tmp = xmlSecGnuTLSX509FindSignerCert(&(ctx->certsUntrusted), cert2);
+            }
+            cert2 = tmp;
+        }
+
+        /* try to verify */
+        err = gnutls_x509_crt_list_verify(
+                cert_list, (int)cert_list_cur_length, /* certs chain */
+                ca_list, (int)ca_list_length, /* trusted cas */
+                crl_list, (int)crl_list_length, /* crls */
+                flags, /* flags */
+                &verify);
+        if(err != GNUTLS_E_SUCCESS) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_crt_list_verify",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_GNUTLS_REPORT_ERROR(err));
+            /* don't stop, continue! */
+            continue;
+        } else if(verify != 0){
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "gnutls_x509_crt_list_verify",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "Verification failed: verify=%u", verify);
+            /* don't stop, continue! */
+            continue;
+        }
+
+        /* gnutls doesn't allow to specify "verification" timestamp so
+           we have to do it ourselves */
+        ret = xmlSecGnuTLSX509CheckTime(cert_list, cert_list_cur_length, verification_time);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "Time verification failed");
+            /* don't stop, continue! */
+            continue;
+        }
+
+        /* DONE! */
+        res = cert;
+    }
+
+done:
+    /* cleanup */
+    if(ca_list != NULL) {
+        xmlFree(ca_list);
+    }
+    if(crl_list != NULL) {
+        xmlFree(crl_list);
+    }
+    if(cert_list != NULL) {
+        xmlFree(cert_list);
+    }
+
+    return(res);
+}
+
+/**
+ * xmlSecGnuTLSX509StoreAdoptCert:
+ * @store:              the pointer to X509 key data store klass.
+ * @cert:               the pointer to GnuTLS X509 certificate.
+ * @type:               the certificate type (trusted/untrusted).
+ *
+ * Adds trusted (root) or untrusted certificate to the store.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecGnuTLSX509StoreAdoptCert(xmlSecKeyDataStorePtr store, gnutls_x509_crt_t cert, xmlSecKeyDataType type) {
+    xmlSecGnuTLSX509StoreCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId), -1);
+    xmlSecAssert2(cert != NULL, -1);
+
+    ctx = xmlSecGnuTLSX509StoreGetCtx(store);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if((type & xmlSecKeyDataTypeTrusted) != 0) {
+        ret = xmlSecPtrListAdd(&(ctx->certsTrusted), cert);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlSecPtrListAdd(trusted)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    } else {
+        ret = xmlSecPtrListAdd(&(ctx->certsUntrusted), cert);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "xmlSecPtrListAdd(untrusted)",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    /* done */
+    return(0);
+}
+
+static int
+xmlSecGnuTLSX509StoreInitialize(xmlSecKeyDataStorePtr store) {
+    xmlSecGnuTLSX509StoreCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId), -1);
+
+    ctx = xmlSecGnuTLSX509StoreGetCtx(store);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecGnuTLSX509StoreCtx));
+
+    ret = xmlSecPtrListInitialize(&(ctx->certsTrusted), xmlSecGnuTLSX509CrtListId);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "xmlSecPtrListInitialize(trusted)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecPtrListInitialize(&(ctx->certsUntrusted), xmlSecGnuTLSX509CrtListId);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "xmlSecPtrListInitialize(untrusted)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecGnuTLSX509StoreFinalize(xmlSecKeyDataStorePtr store) {
+    xmlSecGnuTLSX509StoreCtxPtr ctx;
+    xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecGnuTLSX509StoreId));
+
+    ctx = xmlSecGnuTLSX509StoreGetCtx(store);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecPtrListFinalize(&(ctx->certsTrusted));
+    xmlSecPtrListFinalize(&(ctx->certsUntrusted));
+
+    memset(ctx, 0, sizeof(xmlSecGnuTLSX509StoreCtx));
+}
+
+
+/*****************************************************************************
+ *
+ * Low-level x509 functions
+ *
+ *****************************************************************************/
+#define XMLSEC_GNUTLS_DN_ATTRS_SIZE             1024
+static int
+xmlSecGnuTLSX509DnsEqual(const xmlChar * ll, const xmlChar * rr) {
+    xmlSecGnuTLSDnAttr ll_attrs[XMLSEC_GNUTLS_DN_ATTRS_SIZE];
+    xmlSecGnuTLSDnAttr rr_attrs[XMLSEC_GNUTLS_DN_ATTRS_SIZE];
+    int ret;
+    int res = -1;
+
+    xmlSecAssert2(ll != NULL, -1);
+    xmlSecAssert2(rr != NULL, -1);
+
+    /* fast version first */
+    if(xmlStrEqual(ll, rr)) {
+        return(1);
+    }
+
+    /* prepare */
+    xmlSecGnuTLSDnAttrsInitialize(ll_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    xmlSecGnuTLSDnAttrsInitialize(rr_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+
+    /* parse */
+    ret = xmlSecGnuTLSDnAttrsParse(ll, ll_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSDnAttrsParse(ll)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    ret = xmlSecGnuTLSDnAttrsParse(rr, rr_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSDnAttrsParse(rr)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* compare */
+    ret = xmlSecGnuTLSDnAttrsEqual(ll_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE,
+                                   rr_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    if(ret == 1) {
+        res = 1;
+    } else if(ret == 0) {
+        res = 0;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSDnAttrsEqual",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+done:
+    xmlSecGnuTLSDnAttrsDeinitialize(ll_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    xmlSecGnuTLSDnAttrsDeinitialize(rr_attrs, XMLSEC_GNUTLS_DN_ATTRS_SIZE);
+    return(res);
+}
+
+static gnutls_x509_crt_t
+xmlSecGnuTLSX509FindCert(xmlSecPtrListPtr certs,
+                         const xmlChar *subjectName,
+                         const xmlChar *issuerName,
+                         const xmlChar *issuerSerial,
+                         const xmlChar *ski) {
+    xmlSecSize ii, sz;
+
+    xmlSecAssert2(certs != NULL, NULL);
+
+    /* todo: this is not the fastest way to search certs */
+    sz = xmlSecPtrListGetSize(certs);
+    for(ii = 0; (ii < sz); ++ii) {
+        gnutls_x509_crt_t cert = xmlSecPtrListGetItem(certs, ii);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListGetItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%i", (int)ii);
+            return(NULL);
+        }
+
+        if(subjectName != NULL) {
+            xmlChar * tmp;
+
+            tmp = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+            if(tmp == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSX509CertGetSubjectDN",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%i", (int)ii);
+                return(NULL);
+            }
+
+            if(xmlSecGnuTLSX509DnsEqual(subjectName, tmp) == 1) {
+                xmlFree(tmp);
+                return(cert);
+            }
+            xmlFree(tmp);
+        } else if((issuerName != NULL) && (issuerSerial != NULL)) {
+            xmlChar * tmp1;
+            xmlChar * tmp2;
+
+            tmp1 = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+            if(tmp1 == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSX509CertGetIssuerDN",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%i", (int)ii);
+                return(NULL);
+            }
+
+            tmp2 = xmlSecGnuTLSX509CertGetIssuerSerial(cert);
+            if(tmp2 == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSX509CertGetIssuerSerial",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%i", (int)ii);
+                xmlFree(tmp1);
+                return(NULL);
+            }
+
+            if((xmlSecGnuTLSX509DnsEqual(issuerName, tmp1) == 1) && xmlStrEqual(issuerSerial, tmp2)) {
+                xmlFree(tmp1);
+                xmlFree(tmp2);
+                return(cert);
+            }
+            xmlFree(tmp1);
+            xmlFree(tmp2);
+        } else if(ski != NULL) {
+            xmlChar * tmp;
+
+            tmp = xmlSecGnuTLSX509CertGetSKI(cert);
+            if(tmp == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGnuTLSX509CertGetSKI",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%i", (int)ii);
+                return(NULL);
+            }
+
+            if(xmlStrEqual(ski, tmp)) {
+                xmlFree(tmp);
+                return(cert);
+            }
+            xmlFree(tmp);
+        }
+    }
+
+    return(NULL);
+}
+
+/* signed cert has issuer dn equal to our's subject dn */
+static gnutls_x509_crt_t
+xmlSecGnuTLSX509FindSignedCert(xmlSecPtrListPtr certs, gnutls_x509_crt_t cert) {
+    gnutls_x509_crt_t res = NULL;
+    xmlChar * subject = NULL;
+    xmlSecSize ii, sz;
+
+    xmlSecAssert2(certs != NULL, NULL);
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get subject */
+    subject = xmlSecGnuTLSX509CertGetSubjectDN(cert);
+    if(subject == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetSubjectDN",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* todo: this is not the fastest way to search certs */
+    sz = xmlSecPtrListGetSize(certs);
+    for(ii = 0; (ii < sz) && (res == NULL); ++ii) {
+        gnutls_x509_crt_t tmp;
+        xmlChar * issuer;
+
+        tmp = xmlSecPtrListGetItem(certs, ii);
+        if(tmp == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListGetItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%i", (int)ii);
+            goto done;
+        }
+
+        issuer = xmlSecGnuTLSX509CertGetIssuerDN(tmp);
+        if(issuer == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGnuTLSX509CertGetIssuerDN",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%i", (int)ii);
+            goto done;
+        }
+
+        /* are we done? */
+        if(xmlSecGnuTLSX509DnsEqual(subject, issuer) == 1) {
+            res = tmp;
+        }
+        xmlFree(issuer);
+    }
+
+done:
+    if(subject != NULL) {
+        xmlFree(subject);
+    }
+    return(res);
+}
+
+/* signer cert has subject dn equal to our's issuer dn */
+static gnutls_x509_crt_t
+xmlSecGnuTLSX509FindSignerCert(xmlSecPtrListPtr certs, gnutls_x509_crt_t cert) {
+    gnutls_x509_crt_t res = NULL;
+    xmlChar * issuer = NULL;
+    xmlSecSize ii, sz;
+
+    xmlSecAssert2(certs != NULL, NULL);
+    xmlSecAssert2(cert != NULL, NULL);
+
+    /* get issuer */
+    issuer = xmlSecGnuTLSX509CertGetIssuerDN(cert);
+    if(issuer == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGnuTLSX509CertGetIssuerDN",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* todo: this is not the fastest way to search certs */
+    sz = xmlSecPtrListGetSize(certs);
+    for(ii = 0; (ii < sz) && (res == NULL); ++ii) {
+        gnutls_x509_crt_t tmp;
+        xmlChar * subject;
+
+        tmp = xmlSecPtrListGetItem(certs, ii);
+        if(tmp == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListGetItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%i", (int)ii);
+            goto done;
+        }
+
+        subject = xmlSecGnuTLSX509CertGetSubjectDN(tmp);
+        if(subject == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGnuTLSX509CertGetSubjectDN",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%i", (int)ii);
+            goto done;
+        }
+
+        /* are we done? */
+        if((xmlSecGnuTLSX509DnsEqual(issuer, subject) == 1)) {
+            res = tmp;
+        }
+        xmlFree(subject);
+    }
+
+done:
+    if(issuer != NULL) {
+        xmlFree(issuer);
+    }
+    return(res);
+}
+
+#endif /* XMLSEC_NO_X509 */
+
+
diff --git a/src/io.c b/src/io.c
index a691f68b..42e91337 100644
--- a/src/io.c
+++ b/src/io.c
@@ -1,17 +1,17 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Input uri transform and utility functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
-#include <string.h> 
+#include <string.h>
 #include <errno.h>
 
 #include <libxml/uri.h>
@@ -22,7 +22,7 @@
 #include <libxml/nanohttp.h>
 #endif /* LIBXML_HTTP_ENABLED */
 
-#ifdef LIBXML_FTP_ENABLED 
+#ifdef LIBXML_FTP_ENABLED
 #include <libxml/nanoftp.h>
 #endif /* LIBXML_FTP_ENABLED */
 
@@ -45,46 +45,46 @@ typedef struct _xmlSecIOCallback {
     xmlInputCloseCallback closecallback;
 } xmlSecIOCallback, *xmlSecIOCallbackPtr;
 
-static xmlSecIOCallbackPtr	xmlSecIOCallbackCreate	(xmlInputMatchCallback matchFunc,
-							 xmlInputOpenCallback openFunc, 
-							 xmlInputReadCallback readFunc,
-							 xmlInputCloseCallback closeFunc);
-static void			xmlSecIOCallbackDestroy	(xmlSecIOCallbackPtr callbacks);
+static xmlSecIOCallbackPtr      xmlSecIOCallbackCreate  (xmlInputMatchCallback matchFunc,
+                                                         xmlInputOpenCallback openFunc,
+                                                         xmlInputReadCallback readFunc,
+                                                         xmlInputCloseCallback closeFunc);
+static void                     xmlSecIOCallbackDestroy (xmlSecIOCallbackPtr callbacks);
 
-static xmlSecIOCallbackPtr 
-xmlSecIOCallbackCreate(xmlInputMatchCallback matchFunc, xmlInputOpenCallback openFunc, 
-		       xmlInputReadCallback readFunc, xmlInputCloseCallback closeFunc) {
+static xmlSecIOCallbackPtr
+xmlSecIOCallbackCreate(xmlInputMatchCallback matchFunc, xmlInputOpenCallback openFunc,
+                       xmlInputReadCallback readFunc, xmlInputCloseCallback closeFunc) {
     xmlSecIOCallbackPtr callbacks;
-    
+
     xmlSecAssert2(matchFunc != NULL, NULL);
-    
+
     /* Allocate a new xmlSecIOCallback and fill the fields. */
     callbacks = (xmlSecIOCallbackPtr)xmlMalloc(sizeof(xmlSecIOCallback));
     if(callbacks == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecIOCallback)=%d", 
-		    sizeof(xmlSecIOCallback));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecIOCallback)=%d",
+                    sizeof(xmlSecIOCallback));
+        return(NULL);
     }
-    memset(callbacks, 0, sizeof(xmlSecIOCallback));    
+    memset(callbacks, 0, sizeof(xmlSecIOCallback));
 
     callbacks->matchcallback = matchFunc;
     callbacks->opencallback  = openFunc;
     callbacks->readcallback  = readFunc;
     callbacks->closecallback = closeFunc;
-    
+
     return(callbacks);
 }
 
-static void 
+static void
 xmlSecIOCallbackDestroy(xmlSecIOCallbackPtr callbacks) {
     xmlSecAssert(callbacks != NULL);
 
-    memset(callbacks, 0, sizeof(xmlSecIOCallback));    
-    xmlFree(callbacks);    
+    memset(callbacks, 0, sizeof(xmlSecIOCallback));
+    xmlFree(callbacks);
 }
 
 /*******************************************************************
@@ -94,30 +94,30 @@ xmlSecIOCallbackDestroy(xmlSecIOCallbackPtr callbacks) {
  ******************************************************************/
 static xmlSecPtrListKlass xmlSecIOCallbackPtrListKlass = {
     BAD_CAST "io-callbacks-list",
-    NULL, 						/* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    NULL,                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
     (xmlSecPtrDestroyItemMethod)xmlSecIOCallbackDestroy,/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,  					  	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL						/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                               /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL                                                /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
-#define xmlSecIOCallbackPtrListId	xmlSecIOCallbackPtrListGetKlass	()
-static xmlSecPtrListId 			xmlSecIOCallbackPtrListGetKlass	(void);
-static xmlSecIOCallbackPtr		xmlSecIOCallbackPtrListFind	(xmlSecPtrListPtr list,
-									 const char* uri);
+#define xmlSecIOCallbackPtrListId       xmlSecIOCallbackPtrListGetKlass ()
+static xmlSecPtrListId                  xmlSecIOCallbackPtrListGetKlass (void);
+static xmlSecIOCallbackPtr              xmlSecIOCallbackPtrListFind     (xmlSecPtrListPtr list,
+                                                                         const char* uri);
 
 /**
- * xmlSecIOCallbackPtrListGetKlass: 
+ * xmlSecIOCallbackPtrListGetKlass:
  *
  * The keys list klass.
  *
  * Returns: keys list id.
  */
-static xmlSecPtrListId 
+static xmlSecPtrListId
 xmlSecIOCallbackPtrListGetKlass(void) {
     return(&xmlSecIOCallbackPtrListKlass);
 }
 
-static xmlSecIOCallbackPtr 
+static xmlSecIOCallbackPtr
 xmlSecIOCallbackPtrListFind(xmlSecPtrListPtr list, const char* uri) {
     xmlSecIOCallbackPtr callbacks;
     xmlSecSize i, size;
@@ -127,13 +127,13 @@ xmlSecIOCallbackPtrListFind(xmlSecPtrListPtr list, const char* uri) {
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	callbacks = (xmlSecIOCallbackPtr)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(callbacks != NULL, NULL);	
-	xmlSecAssert2(callbacks->matchcallback != NULL, NULL);	
-	
-	if((callbacks->matchcallback(uri)) != 0) {
-	    return(callbacks);
-	}
+        callbacks = (xmlSecIOCallbackPtr)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(callbacks != NULL, NULL);
+        xmlSecAssert2(callbacks->matchcallback != NULL, NULL);
+
+        if((callbacks->matchcallback(uri)) != 0) {
+            return(callbacks);
+        }
     }
     return(NULL);
 }
@@ -147,18 +147,18 @@ static xmlSecPtrList xmlSecAllIOCallbacks;
  * Applications should not call this function directly.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
-xmlSecIOInit(void) {    
+xmlSecIOInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(&xmlSecAllIOCallbacks, xmlSecIOCallbackPtrListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
 
@@ -166,9 +166,9 @@ xmlSecIOInit(void) {
     xmlNanoHTTPInit();
 #endif /* LIBXML_HTTP_ENABLED */
 
-#ifdef LIBXML_FTP_ENABLED       
+#ifdef LIBXML_FTP_ENABLED
     xmlNanoFTPInit();
-#endif /* LIBXML_FTP_ENABLED */ 
+#endif /* LIBXML_FTP_ENABLED */
 
     return(xmlSecIORegisterDefaultCallbacks());
 }
@@ -178,7 +178,7 @@ xmlSecIOInit(void) {
  *
  * The IO clenaup (called from #xmlSecShutdown function).
  * Applications should not call this function directly.
- */ 
+ */
 void
 xmlSecIOShutdown(void) {
 
@@ -186,9 +186,9 @@ xmlSecIOShutdown(void) {
     xmlNanoHTTPCleanup();
 #endif /* LIBXML_HTTP_ENABLED */
 
-#ifdef LIBXML_FTP_ENABLED       
+#ifdef LIBXML_FTP_ENABLED
     xmlNanoFTPCleanup();
-#endif /* LIBXML_FTP_ENABLED */ 
+#endif /* LIBXML_FTP_ENABLED */
 
     xmlSecPtrListFinalize(&xmlSecAllIOCallbacks);
 }
@@ -197,7 +197,7 @@ xmlSecIOShutdown(void) {
  * xmlSecIOCleanupCallbacks:
  *
  * Clears the entire input callback table. this includes the
- * compiled-in I/O. 
+ * compiled-in I/O.
  */
 void
 xmlSecIOCleanupCallbacks(void) {
@@ -206,10 +206,10 @@ xmlSecIOCleanupCallbacks(void) {
 
 /**
  * xmlSecIORegisterCallbacks:
- * @matchFunc:  	the protocol match callback.
- * @openFunc:  		the open stream callback.
- * @readFunc:  		the read from stream callback.
- * @closeFunc:  	the close stream callback.
+ * @matchFunc:          the protocol match callback.
+ * @openFunc:           the open stream callback.
+ * @readFunc:           the read from stream callback.
+ * @closeFunc:          the close stream callback.
  *
  * Register a new set of I/O callback for handling parser input.
  *
@@ -217,32 +217,32 @@ xmlSecIOCleanupCallbacks(void) {
  */
 int
 xmlSecIORegisterCallbacks(xmlInputMatchCallback matchFunc,
-	xmlInputOpenCallback openFunc, xmlInputReadCallback readFunc,
-	xmlInputCloseCallback closeFunc) {
+        xmlInputOpenCallback openFunc, xmlInputReadCallback readFunc,
+        xmlInputCloseCallback closeFunc) {
     xmlSecIOCallbackPtr callbacks;
     int ret;
-    
+
     xmlSecAssert2(matchFunc != NULL, -1);
-    
+
     callbacks = xmlSecIOCallbackCreate(matchFunc, openFunc, readFunc, closeFunc);
     if(callbacks == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecIOCallbackCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecIOCallbackCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecPtrListAdd(&xmlSecAllIOCallbacks, callbacks);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecIOCallbackDestroy(callbacks);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecIOCallbackDestroy(callbacks);
+        return(-1);
     }
     return(0);
 }
@@ -258,42 +258,42 @@ xmlSecIORegisterCallbacks(xmlInputMatchCallback matchFunc,
 int
 xmlSecIORegisterDefaultCallbacks(void) {
     int ret;
-    
+
 #ifdef LIBXML_HTTP_ENABLED
     ret = xmlSecIORegisterCallbacks(xmlIOHTTPMatch, xmlIOHTTPOpen,
-	                      xmlIOHTTPRead, xmlIOHTTPClose);
+                              xmlIOHTTPRead, xmlIOHTTPClose);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecIORegisterCallbacks",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "http");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecIORegisterCallbacks",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "http");
+        return(-1);
     }
 #endif /* LIBXML_HTTP_ENABLED */
 
 #ifdef LIBXML_FTP_ENABLED
     ret = xmlSecIORegisterCallbacks(xmlIOFTPMatch, xmlIOFTPOpen,
-	                      xmlIOFTPRead, xmlIOFTPClose);
+                              xmlIOFTPRead, xmlIOFTPClose);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecIORegisterCallbacks",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "ftp");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecIORegisterCallbacks",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ftp");
+        return(-1);
     }
 #endif /* LIBXML_FTP_ENABLED */
 
     ret = xmlSecIORegisterCallbacks(xmlFileMatch, xmlFileOpen,
-	                      xmlFileRead, xmlFileClose);
+                              xmlFileRead, xmlFileClose);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecIORegisterCallbacks",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "file");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecIORegisterCallbacks",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "file");
+        return(-1);
     }
 
     return(0);
@@ -301,60 +301,60 @@ xmlSecIORegisterDefaultCallbacks(void) {
 
 
 
-								
+
 /**************************************************************
  *
  * Input URI Transform
  *
  * xmlSecInputURICtx is located after xmlSecTransform
- * 
+ *
  **************************************************************/
-typedef struct _xmlSecInputURICtx				xmlSecInputURICtx,
-								*xmlSecInputURICtxPtr;
+typedef struct _xmlSecInputURICtx                               xmlSecInputURICtx,
+                                                                *xmlSecInputURICtxPtr;
 struct _xmlSecInputURICtx {
-    xmlSecIOCallbackPtr		clbks;
-    void*			clbksCtx;
+    xmlSecIOCallbackPtr         clbks;
+    void*                       clbksCtx;
 };
 #define xmlSecTransformInputUriSize \
-	(sizeof(xmlSecTransform) + sizeof(xmlSecInputURICtx))
+        (sizeof(xmlSecTransform) + sizeof(xmlSecInputURICtx))
 #define xmlSecTransformInputUriGetCtx(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecTransformInputUriSize)) ? \
-	(xmlSecInputURICtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlSecInputURICtxPtr)NULL)
+        (xmlSecInputURICtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlSecInputURICtxPtr)NULL)
 
-static int		xmlSecTransformInputURIInitialize	(xmlSecTransformPtr transform);
-static void		xmlSecTransformInputURIFinalize		(xmlSecTransformPtr transform);
-static int		xmlSecTransformInputURIPopBin		(xmlSecTransformPtr transform, 
-								 xmlSecByte* data,
-								 xmlSecSize maxDataSize,
-								 xmlSecSize* dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformInputURIInitialize       (xmlSecTransformPtr transform);
+static void             xmlSecTransformInputURIFinalize         (xmlSecTransformPtr transform);
+static int              xmlSecTransformInputURIPopBin           (xmlSecTransformPtr transform,
+                                                                 xmlSecByte* data,
+                                                                 xmlSecSize maxDataSize,
+                                                                 xmlSecSize* dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecTransformInputURIKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformInputUriSize,		/* xmlSecSize objSize */
-
-    BAD_CAST "input-uri",			/* const xmlChar* name; */
-    NULL,					/* const xmlChar* href; */
-    0,						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformInputURIInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformInputURIFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformInputURIPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformInputUriSize,                /* xmlSecSize objSize */
+
+    BAD_CAST "input-uri",                       /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* href; */
+    0,                                          /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformInputURIInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformInputURIFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformInputURIPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -364,15 +364,15 @@ static xmlSecTransformKlass xmlSecTransformInputURIKlass = {
  *
  * Returns: input URI transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformInputURIGetKlass(void) {
     return(&xmlSecTransformInputURIKlass);
 }
 
-/** 
+/**
  * xmlSecTransformInputURIOpen:
- * @transform: 		the pointer to IO transform.
- * @uri: 		the URL to open.
+ * @transform:          the pointer to IO transform.
+ * @uri:                the URL to open.
  *
  * Opens the given @uri for reading.
  *
@@ -381,7 +381,7 @@ xmlSecTransformInputURIGetKlass(void) {
 int
 xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) {
     xmlSecInputURICtxPtr ctx;
-        
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
     xmlSecAssert2(uri != NULL, -1);
 
@@ -396,16 +396,16 @@ xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) {
      * try with an unescaped version of the uri
      */
     if(ctx->clbks == NULL) {
-	char *unescaped;
-    
+        char *unescaped;
+
         unescaped = xmlURIUnescapeString((char*)uri, 0, NULL);
-	if (unescaped != NULL) {
-	    ctx->clbks = xmlSecIOCallbackPtrListFind(&xmlSecAllIOCallbacks, unescaped);
-	    if(ctx->clbks != NULL) {
-		ctx->clbksCtx = ctx->clbks->opencallback(unescaped);
-	    }
-	    xmlFree(unescaped);
-	}
+        if (unescaped != NULL) {
+            ctx->clbks = xmlSecIOCallbackPtrListFind(&xmlSecAllIOCallbacks, unescaped);
+            if(ctx->clbks != NULL) {
+                ctx->clbksCtx = ctx->clbks->opencallback(unescaped);
+            }
+            xmlFree(unescaped);
+        }
     }
 
     /*
@@ -413,23 +413,23 @@ xmlSecTransformInputURIOpen(xmlSecTransformPtr transform, const xmlChar *uri) {
      * filename
      */
     if (ctx->clbks == NULL) {
-	ctx->clbks = xmlSecIOCallbackPtrListFind(&xmlSecAllIOCallbacks, (char*)uri);
-	if(ctx->clbks != NULL) {
-	    ctx->clbksCtx = ctx->clbks->opencallback((char*)uri);
-	}
+        ctx->clbks = xmlSecIOCallbackPtrListFind(&xmlSecAllIOCallbacks, (char*)uri);
+        if(ctx->clbks != NULL) {
+            ctx->clbksCtx = ctx->clbks->opencallback((char*)uri);
+        }
     }
 
     if((ctx->clbks == NULL) || (ctx->clbksCtx == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "opencallback",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "uri=%s;errno=%d", 
-		    xmlSecErrorsSafeString(uri),
-		    errno);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "opencallback",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "uri=%s;errno=%d",
+                    xmlSecErrorsSafeString(uri),
+                    errno);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -441,7 +441,7 @@ xmlSecTransformInputURIInitialize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecTransformInputUriGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecInputURICtx));
     return(0);
 }
@@ -456,19 +456,19 @@ xmlSecTransformInputURIFinalize(xmlSecTransformPtr transform) {
     xmlSecAssert(ctx != NULL);
 
     if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->closecallback != NULL)) {
-	(ctx->clbks->closecallback)(ctx->clbksCtx);
+        (ctx->clbks->closecallback)(ctx->clbksCtx);
     }
     memset(ctx, 0, sizeof(xmlSecInputURICtx));
 }
 
-static int 
+static int
 xmlSecTransformInputURIPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
-			      xmlSecSize maxDataSize, xmlSecSize* dataSize, 
-			      xmlSecTransformCtxPtr transformCtx) {
+                              xmlSecSize maxDataSize, xmlSecSize* dataSize,
+                              xmlSecTransformCtxPtr transformCtx) {
     xmlSecInputURICtxPtr ctx;
 
     int ret;
-    			    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformInputURIId), -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(dataSize != NULL, -1);
@@ -476,20 +476,20 @@ xmlSecTransformInputURIPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
 
     ctx = xmlSecTransformInputUriGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if((ctx->clbksCtx != NULL) && (ctx->clbks != NULL) && (ctx->clbks->readcallback != NULL)) {
         ret = (ctx->clbks->readcallback)(ctx->clbksCtx, (char*)data, (int)maxDataSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"readcallback",
-			XMLSEC_ERRORS_R_IO_FAILED,
-			"errno=%d", errno);
-	    return(-1);
-	}
-	(*dataSize) = ret;
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "readcallback",
+                        XMLSEC_ERRORS_R_IO_FAILED,
+                        "errno=%d", errno);
+            return(-1);
+        }
+        (*dataSize) = ret;
     } else {
-	(*dataSize) = 0;
+        (*dataSize) = 0;
     }
     return(0);
 }
diff --git a/src/keyinfo.c b/src/keyinfo.c
index 6e327b2b..00390fa7 100644
--- a/src/keyinfo.c
+++ b/src/keyinfo.c
@@ -1,26 +1,26 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
- * <dsig:KeyInfo/> element processing 
+ * <dsig:KeyInfo/> element processing
  * (http://www.w3.org/TR/xmlSec-core/#sec-KeyInfo:
  *
  * The KeyInfo Element
  *
- * KeyInfo is an optional element that enables the recipient(s) to obtain 
- * the key needed to validate the signature.  KeyInfo may contain keys, 
- * names, certificates and other public key management information, such as 
- * in-band key distribution or key agreement data. 
- * 
+ * KeyInfo is an optional element that enables the recipient(s) to obtain
+ * the key needed to validate the signature.  KeyInfo may contain keys,
+ * names, certificates and other public key management information, such as
+ * in-band key distribution or key agreement data.
+ *
  *  Schema Definition:
  *
- *  <element name="KeyInfo" type="ds:KeyInfoType"/> 
+ *  <element name="KeyInfo" type="ds:KeyInfoType"/>
  *  <complexType name="KeyInfoType" mixed="true">
- *    <choice maxOccurs="unbounded"> 
- *       <element ref="ds:KeyName"/> 
- *       <element ref="ds:KeyValue"/> 
- *       <element ref="ds:RetrievalMethod"/> 
- *       <element ref="ds:X509Data"/> 
- *       <element ref="ds:PGPData"/> 
+ *    <choice maxOccurs="unbounded">
+ *       <element ref="ds:KeyName"/>
+ *       <element ref="ds:KeyValue"/>
+ *       <element ref="ds:RetrievalMethod"/>
+ *       <element ref="ds:X509Data"/>
+ *       <element ref="ds:PGPData"/>
  *       <element ref="ds:SPKIData"/>
  *       <element ref="ds:MgmtData"/>
  *       <any processContents="lax" namespace="##other"/>
@@ -28,24 +28,24 @@
  *    </choice>
  *    <attribute name="Id" type="ID" use="optional"/>
  *  </complexType>
- *    
+ *
  * DTD:
- *    
+ *
  * <!ELEMENT KeyInfo (#PCDATA|KeyName|KeyValue|RetrievalMethod|
- *                    X509Data|PGPData|SPKIData|MgmtData %KeyInfo.ANY;)* >      
+ *                    X509Data|PGPData|SPKIData|MgmtData %KeyInfo.ANY;)* >
  * <!ATTLIST KeyInfo  Id  ID   #IMPLIED >
- *  
+ *
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -61,14 +61,14 @@
 
 /**************************************************************************
  *
- * Hi level functions
+ * High-level functions
  *
  *************************************************************************/
 /**
  * xmlSecKeyInfoNodeRead:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @key:		the pointer to result key object.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @key:                the pointer to result key object.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Parses the <dsig:KeyInfo/> element @keyInfoNode, extracts the key data
  * and stores into @key.
@@ -82,123 +82,123 @@ xmlSecKeyInfoNodeRead(xmlNodePtr keyInfoNode, xmlSecKeyPtr key, xmlSecKeyInfoCtx
     xmlSecKeyDataId dataId;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(keyInfoNode != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeRead, -1);
 
-    for(cur = xmlSecGetNextElementNode(keyInfoNode->children); 
-	(cur != NULL) && 
-	(((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND) != 0) || 
-	 (xmlSecKeyIsValid(key) == 0) || 
-	 (xmlSecKeyMatch(key, NULL, &(keyInfoCtx->keyReq)) == 0));
-	cur = xmlSecGetNextElementNode(cur->next)) {
-    
-	/* find data id */
-	nodeName = cur->name;
-	nodeNs = xmlSecGetNodeNsHref(cur);
-	
-	/* use global list only if we don't have a local one */
-	if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	    dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
-			    nodeName, nodeNs, xmlSecKeyDataUsageKeyInfoNodeRead);
-	} else {	
-    	    dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
-			    nodeName, nodeNs, xmlSecKeyDataUsageKeyInfoNodeRead);
-	}
-	if(dataId != xmlSecKeyDataIdUnknown) {
-	    /* read data node */
-	    ret = xmlSecKeyDataXmlRead(dataId, key, cur, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-			    "xmlSecKeyDataXmlRead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "node=%s", 
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-		return(-1);
-	    }
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    /* there is a laxi schema validation but application may
-	     * desire to disable unknown nodes*/
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+    for(cur = xmlSecGetNextElementNode(keyInfoNode->children);
+        (cur != NULL) &&
+        (((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND) != 0) ||
+         (xmlSecKeyIsValid(key) == 0) ||
+         (xmlSecKeyMatch(key, NULL, &(keyInfoCtx->keyReq)) == 0));
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        /* find data id */
+        nodeName = cur->name;
+        nodeNs = xmlSecGetNodeNsHref(cur);
+
+        /* use global list only if we don't have a local one */
+        if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
+            dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
+                            nodeName, nodeNs, xmlSecKeyDataUsageKeyInfoNodeRead);
+        } else {
+            dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
+                            nodeName, nodeNs, xmlSecKeyDataUsageKeyInfoNodeRead);
+        }
+        if(dataId != xmlSecKeyDataIdUnknown) {
+            /* read data node */
+            ret = xmlSecKeyDataXmlRead(dataId, key, cur, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                            "xmlSecKeyDataXmlRead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+                return(-1);
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* there is a laxi schema validation but application may
+             * desire to disable unknown nodes*/
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
-    
-    return(0);    
+
+    return(0);
 }
 
 /**
  * xmlSecKeyInfoNodeWrite:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @key:		the pointer to key object.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @key:                the pointer to key object.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Writes the @key into the <dsig:KeyInfo/> element template @keyInfoNode.
  *
  * Returns: 0 on success or -1 if an error occurs.
  */
-int 
+int
 xmlSecKeyInfoNodeWrite(xmlNodePtr keyInfoNode, xmlSecKeyPtr key, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     const xmlChar* nodeName;
     const xmlChar* nodeNs;
     xmlSecKeyDataId dataId;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(keyInfoNode != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeWrite, -1);
 
-    for(cur = xmlSecGetNextElementNode(keyInfoNode->children); 
-	cur != NULL;
-	cur = xmlSecGetNextElementNode(cur->next)) {
-    
-	/* find data id */
-	nodeName = cur->name;
-	nodeNs = xmlSecGetNodeNsHref(cur);
-
-	/* use global list only if we don't have a local one */
-	if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-        	dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
-			    nodeName, nodeNs, 
-			    xmlSecKeyDataUsageKeyInfoNodeWrite);
-	} else {
-        	dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
-			    nodeName, nodeNs, 
-			    xmlSecKeyDataUsageKeyInfoNodeWrite);
-	}
-	if(dataId != xmlSecKeyDataIdUnknown) {
-	    ret = xmlSecKeyDataXmlWrite(dataId, key, cur, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-			    "xmlSecKeyDataXmlWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "node=%s", 
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-		return(-1);
-	    }
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    /* laxi schema validation but application can disable it*/
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+    for(cur = xmlSecGetNextElementNode(keyInfoNode->children);
+        cur != NULL;
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        /* find data id */
+        nodeName = cur->name;
+        nodeNs = xmlSecGetNodeNsHref(cur);
+
+        /* use global list only if we don't have a local one */
+        if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
+                dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
+                            nodeName, nodeNs,
+                            xmlSecKeyDataUsageKeyInfoNodeWrite);
+        } else {
+                dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
+                            nodeName, nodeNs,
+                            xmlSecKeyDataUsageKeyInfoNodeWrite);
+        }
+        if(dataId != xmlSecKeyDataIdUnknown) {
+            ret = xmlSecKeyDataXmlWrite(dataId, key, cur, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                            "xmlSecKeyDataXmlWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+                return(-1);
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* laxi schema validation but application can disable it*/
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
-    
+
     return(0);
-} 
+}
 
 /**************************************************************************
  *
@@ -207,96 +207,96 @@ xmlSecKeyInfoNodeWrite(xmlNodePtr keyInfoNode, xmlSecKeyPtr key, xmlSecKeyInfoCt
  *************************************************************************/
 /**
  * xmlSecKeyInfoCtxCreate:
- * @keysMngr: 		the pointer to keys manager (may be NULL).
+ * @keysMngr:           the pointer to keys manager (may be NULL).
  *
  * Allocates and initializes <dsig:KeyInfo/> element processing context.
- * Caller is responsible for freeing it by calling #xmlSecKeyInfoCtxDestroy 
+ * Caller is responsible for freeing it by calling #xmlSecKeyInfoCtxDestroy
  * function.
  *
  * Returns: pointer to newly allocated object or NULL if an error occurs.
  */
-xmlSecKeyInfoCtxPtr 
+xmlSecKeyInfoCtxPtr
 xmlSecKeyInfoCtxCreate(xmlSecKeysMngrPtr keysMngr) {
     xmlSecKeyInfoCtxPtr keyInfoCtx;
     int ret;
-    
+
     /* Allocate a new xmlSecKeyInfoCtx and fill the fields. */
     keyInfoCtx = (xmlSecKeyInfoCtxPtr)xmlMalloc(sizeof(xmlSecKeyInfoCtx));
     if(keyInfoCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", sizeof(xmlSecKeyInfoCtx)); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlSecKeyInfoCtx));
+        return(NULL);
     }
-    
+
     ret = xmlSecKeyInfoCtxInitialize(keyInfoCtx, keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyInfoCtxDestroy(keyInfoCtx);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyInfoCtxDestroy(keyInfoCtx);
+        return(NULL);
     }
-    
+
     return(keyInfoCtx);
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxDestroy:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Destroys @keyInfoCtx object created with #xmlSecKeyInfoCtxCreate function.
  */
-void 
+void
 xmlSecKeyInfoCtxDestroy(xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert(keyInfoCtx != NULL);
-    
+
     xmlSecKeyInfoCtxFinalize(keyInfoCtx);
     xmlFree(keyInfoCtx);
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxInitialize:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
- * @keysMngr: 		the pointer to keys manager (may be NULL).
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ * @keysMngr:           the pointer to keys manager (may be NULL).
  *
- * Initializes <dsig:KeyInfo/> element processing context. Caller is 
+ * Initializes <dsig:KeyInfo/> element processing context. Caller is
  * responsible for cleaning it up by #xmlSecKeyInfoCtxFinalize function.
- * 
+ *
  * Returns: 0 on success and a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyInfoCtxInitialize(xmlSecKeyInfoCtxPtr keyInfoCtx, xmlSecKeysMngrPtr keysMngr) {
     int ret;
-    
+
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     memset(keyInfoCtx, 0, sizeof(xmlSecKeyInfoCtx));
     keyInfoCtx->keysMngr = keysMngr;
-    keyInfoCtx->base64LineSize = xmlSecBase64GetDefaultLineSize();    
+    keyInfoCtx->base64LineSize = xmlSecBase64GetDefaultLineSize();
     ret = xmlSecPtrListInitialize(&(keyInfoCtx->enabledKeyData), xmlSecKeyDataIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     keyInfoCtx->maxRetrievalMethodLevel = 1;
     ret = xmlSecTransformCtxInitialize(&(keyInfoCtx->retrievalMethodCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_NO_XMLENC
@@ -309,28 +309,28 @@ xmlSecKeyInfoCtxInitialize(xmlSecKeyInfoCtxPtr keyInfoCtx, xmlSecKeysMngrPtr key
 
     ret = xmlSecKeyReqInitialize(&(keyInfoCtx->keyReq));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyReqInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyReqInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxFinalize:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Cleans up the @keyInfoCtx initialized with #xmlSecKeyInfoCtxInitialize
  * function.
  */
-void 
+void
 xmlSecKeyInfoCtxFinalize(xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert(keyInfoCtx != NULL);
-    
+
     xmlSecPtrListFinalize(&(keyInfoCtx->enabledKeyData));
     xmlSecTransformCtxFinalize(&(keyInfoCtx->retrievalMethodCtx));
     xmlSecKeyReqFinalize(&(keyInfoCtx->keyReq));
@@ -344,281 +344,281 @@ xmlSecKeyInfoCtxFinalize(xmlSecKeyInfoCtxPtr keyInfoCtx) {
     memset(keyInfoCtx, 0, sizeof(xmlSecKeyInfoCtx));
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxReset:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
- * 
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
  * Resets the @keyInfoCtx state. User settings are not changed.
  */
-void 
+void
 xmlSecKeyInfoCtxReset(xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert(keyInfoCtx != NULL);
-    
+
     xmlSecTransformCtxReset(&(keyInfoCtx->retrievalMethodCtx));
     keyInfoCtx->curRetrievalMethodLevel = 0;
 
 #ifndef XMLSEC_NO_XMLENC
-    if(keyInfoCtx->encCtx != NULL) { 	   
+    if(keyInfoCtx->encCtx != NULL) {
         xmlSecEncCtxReset(keyInfoCtx->encCtx);
     }
     keyInfoCtx->curEncryptedKeyLevel = 0;
 #endif /* XMLSEC_NO_XMLENC */
-    
+
     xmlSecKeyReqReset(&(keyInfoCtx->keyReq));
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxCreateEncCtx:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
- * 
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
  * Creates encryption context form processing <enc:EncryptedKey/> child
  * of <dsig:KeyInfo/> element.
- * 
+ *
  * Returns: 0 on success and a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyInfoCtxCreateEncCtx(xmlSecKeyInfoCtxPtr keyInfoCtx) {
 #ifndef XMLSEC_NO_XMLENC
     xmlSecEncCtxPtr tmp;
     int ret;
-    
+
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->encCtx == NULL, -1);
 
-    /* we have to use tmp variable to avoid a recursive loop */ 
+    /* we have to use tmp variable to avoid a recursive loop */
     tmp = xmlSecEncCtxCreate(keyInfoCtx->keysMngr);
     if(tmp == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     tmp->mode = xmlEncCtxModeEncryptedKey;
-        
+
     /* copy user preferences from our current ctx */
     switch(keyInfoCtx->mode) {
-	case xmlSecKeyInfoModeRead:
-	    ret = xmlSecKeyInfoCtxCopyUserPref(&(tmp->keyInfoReadCtx), keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecKeyInfoCtxCopyUserPref",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecEncCtxDestroy(tmp);
-		return(-1);
-	    }    
-	    break;
-	case xmlSecKeyInfoModeWrite:
-	    ret = xmlSecKeyInfoCtxCopyUserPref(&(tmp->keyInfoWriteCtx), keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecKeyInfoCtxCopyUserPref",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecEncCtxDestroy(tmp);
-		return(-1);
-	    }
-	    break;
-    }    
+        case xmlSecKeyInfoModeRead:
+            ret = xmlSecKeyInfoCtxCopyUserPref(&(tmp->keyInfoReadCtx), keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyInfoCtxCopyUserPref",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecEncCtxDestroy(tmp);
+                return(-1);
+            }
+            break;
+        case xmlSecKeyInfoModeWrite:
+            ret = xmlSecKeyInfoCtxCopyUserPref(&(tmp->keyInfoWriteCtx), keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyInfoCtxCopyUserPref",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecEncCtxDestroy(tmp);
+                return(-1);
+            }
+            break;
+    }
     keyInfoCtx->encCtx = tmp;
-        
+
     return(0);
-#else /* XMLSEC_NO_XMLENC */    
+#else /* XMLSEC_NO_XMLENC */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xml encryption",
-		XMLSEC_ERRORS_R_DISABLED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xml encryption",
+                XMLSEC_ERRORS_R_DISABLED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
-#endif /* XMLSEC_NO_XMLENC */    
+#endif /* XMLSEC_NO_XMLENC */
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxCopyUserPref:
- * @dst:		the pointer to destination context object.
- * @src:		the pointer to source context object.
+ * @dst:                the pointer to destination context object.
+ * @src:                the pointer to source context object.
  *
  * Copies user preferences from @src context to @dst context.
- *  
+ *
  * Returns: 0 on success and a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyInfoCtxCopyUserPref(xmlSecKeyInfoCtxPtr dst, xmlSecKeyInfoCtxPtr src) {
     int ret;
-    
+
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
-    
-    dst->userData 	= src->userData;
-    dst->flags		= src->flags;
-    dst->flags2		= src->flags2;
-    dst->keysMngr	= src->keysMngr;
-    dst->mode		= src->mode;
-    dst->base64LineSize	= src->base64LineSize;
+
+    dst->userData       = src->userData;
+    dst->flags          = src->flags;
+    dst->flags2         = src->flags2;
+    dst->keysMngr       = src->keysMngr;
+    dst->mode           = src->mode;
+    dst->base64LineSize = src->base64LineSize;
 
     ret = xmlSecPtrListCopy(&(dst->enabledKeyData), &(src->enabledKeyData));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "enabledKeyData");    
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "enabledKeyData");
+        return(-1);
     }
-    
+
     /* <dsig:RetrievalMethod/> */
     dst->maxRetrievalMethodLevel= src->maxRetrievalMethodLevel;
-    ret = xmlSecTransformCtxCopyUserPref(&(dst->retrievalMethodCtx), 
-					 &(src->retrievalMethodCtx));
+    ret = xmlSecTransformCtxCopyUserPref(&(dst->retrievalMethodCtx),
+                                         &(src->retrievalMethodCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "enabledKeyData");    
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "enabledKeyData");
+        return(-1);
     }
 
-    /* <enc:EncryptedContext /> */    
+    /* <enc:EncryptedContext /> */
 #ifndef XMLSEC_NO_XMLENC
     xmlSecAssert2(dst->encCtx == NULL, -1);
-    if(src->encCtx != NULL) { 	   	
-	dst->encCtx = xmlSecEncCtxCreate(dst->keysMngr);
-	if(dst->encCtx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecEncCtxCreate",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	dst->encCtx->mode = xmlEncCtxModeEncryptedKey;
+    if(src->encCtx != NULL) {
+        dst->encCtx = xmlSecEncCtxCreate(dst->keysMngr);
+        if(dst->encCtx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecEncCtxCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        dst->encCtx->mode = xmlEncCtxModeEncryptedKey;
         ret = xmlSecEncCtxCopyUserPref(dst->encCtx, src->encCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecEncCtxCopyUserPref",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecEncCtxCopyUserPref",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
-    dst->maxEncryptedKeyLevel	= src->maxEncryptedKeyLevel;
+    dst->maxEncryptedKeyLevel   = src->maxEncryptedKeyLevel;
 #endif /* XMLSEC_NO_XMLENC */
 
-    /* <dsig:X509Data /> */    
+    /* <dsig:X509Data /> */
 #ifndef XMLSEC_NO_X509
-    dst->certsVerificationTime	= src->certsVerificationTime;
-    dst->certsVerificationDepth	= src->certsVerificationDepth;
+    dst->certsVerificationTime  = src->certsVerificationTime;
+    dst->certsVerificationDepth = src->certsVerificationDepth;
 #endif /* XMLSEC_NO_X509 */
-    
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxDebugDump:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
- * @output:		the output file pointer.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ * @output:             the output file pointer.
  *
  * Prints user settings and current context state to @output.
  */
-void 
+void
 xmlSecKeyInfoCtxDebugDump(xmlSecKeyInfoCtxPtr keyInfoCtx, FILE* output) {
     xmlSecAssert(keyInfoCtx != NULL);
     xmlSecAssert(output != NULL);
 
     switch(keyInfoCtx->mode) {
-	case xmlSecKeyInfoModeRead:
-	    fprintf(output, "= KEY INFO READ CONTEXT\n");
-	    break;
-	case xmlSecKeyInfoModeWrite:
-	    fprintf(output, "= KEY INFO WRITE CONTEXT\n");
-	    break;
+        case xmlSecKeyInfoModeRead:
+            fprintf(output, "= KEY INFO READ CONTEXT\n");
+            break;
+        case xmlSecKeyInfoModeWrite:
+            fprintf(output, "= KEY INFO WRITE CONTEXT\n");
+            break;
     }
-    
+
     fprintf(output, "== flags: 0x%08x\n", keyInfoCtx->flags);
     fprintf(output, "== flags2: 0x%08x\n", keyInfoCtx->flags2);
     if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	fprintf(output, "== enabled key data: ");
-	xmlSecKeyDataIdListDebugDump(&(keyInfoCtx->enabledKeyData), output);
+        fprintf(output, "== enabled key data: ");
+        xmlSecKeyDataIdListDebugDump(&(keyInfoCtx->enabledKeyData), output);
     } else {
-	fprintf(output, "== enabled key data: all\n");
+        fprintf(output, "== enabled key data: all\n");
     }
     fprintf(output, "== RetrievalMethod level (cur/max): %d/%d\n",
-	    keyInfoCtx->curRetrievalMethodLevel, 
-	    keyInfoCtx->maxRetrievalMethodLevel);
+            keyInfoCtx->curRetrievalMethodLevel,
+            keyInfoCtx->maxRetrievalMethodLevel);
     xmlSecTransformCtxDebugDump(&(keyInfoCtx->retrievalMethodCtx), output);
-    
+
 #ifndef XMLSEC_NO_XMLENC
     fprintf(output, "== EncryptedKey level (cur/max): %d/%d\n",
-	    keyInfoCtx->curEncryptedKeyLevel, 
-	    keyInfoCtx->maxEncryptedKeyLevel);
+            keyInfoCtx->curEncryptedKeyLevel,
+            keyInfoCtx->maxEncryptedKeyLevel);
     if(keyInfoCtx->encCtx != NULL) {
-	xmlSecEncCtxDebugDump(keyInfoCtx->encCtx, output);
+        xmlSecEncCtxDebugDump(keyInfoCtx->encCtx, output);
     }
 #endif /* XMLSEC_NO_XMLENC */
 
     xmlSecKeyReqDebugDump(&(keyInfoCtx->keyReq), output);
 }
 
-/** 
+/**
  * xmlSecKeyInfoCtxDebugXmlDump:
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
- * @output:		the output file pointer.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ * @output:             the output file pointer.
  *
- * Prints user settings and current context state in XML format to @output. 
+ * Prints user settings and current context state in XML format to @output.
  */
-void 
+void
 xmlSecKeyInfoCtxDebugXmlDump(xmlSecKeyInfoCtxPtr keyInfoCtx, FILE* output) {
     xmlSecAssert(keyInfoCtx != NULL);
     xmlSecAssert(output != NULL);
 
     switch(keyInfoCtx->mode) {
-	case xmlSecKeyInfoModeRead:
-	    fprintf(output, "<KeyInfoReadContext>\n");
-	    break;
-	case xmlSecKeyInfoModeWrite:
-	    fprintf(output, "<KeyInfoWriteContext>\n");
-	    break;
+        case xmlSecKeyInfoModeRead:
+            fprintf(output, "<KeyInfoReadContext>\n");
+            break;
+        case xmlSecKeyInfoModeWrite:
+            fprintf(output, "<KeyInfoWriteContext>\n");
+            break;
     }
-    	    
+
     fprintf(output, "<Flags>%08x</Flags>\n", keyInfoCtx->flags);
     fprintf(output, "<Flags2>%08x</Flags2>\n", keyInfoCtx->flags2);
     if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	fprintf(output, "<EnabledKeyData>\n");
-	xmlSecKeyDataIdListDebugXmlDump(&(keyInfoCtx->enabledKeyData), output);
-	fprintf(output, "</EnabledKeyData>\n");
+        fprintf(output, "<EnabledKeyData>\n");
+        xmlSecKeyDataIdListDebugXmlDump(&(keyInfoCtx->enabledKeyData), output);
+        fprintf(output, "</EnabledKeyData>\n");
     } else {
-	fprintf(output, "<EnabledKeyData>all</EnabledKeyData>\n");
+        fprintf(output, "<EnabledKeyData>all</EnabledKeyData>\n");
     }
 
     fprintf(output, "<RetrievalMethodLevel cur=\"%d\" max=\"%d\" />\n",
-	    keyInfoCtx->curRetrievalMethodLevel, 
-	    keyInfoCtx->maxRetrievalMethodLevel);
+            keyInfoCtx->curRetrievalMethodLevel,
+            keyInfoCtx->maxRetrievalMethodLevel);
     xmlSecTransformCtxDebugXmlDump(&(keyInfoCtx->retrievalMethodCtx), output);
 
 #ifndef XMLSEC_NO_XMLENC
     fprintf(output, "<EncryptedKeyLevel cur=\"%d\" max=\"%d\" />\n",
-	    keyInfoCtx->curEncryptedKeyLevel, 
-	    keyInfoCtx->maxEncryptedKeyLevel);
+            keyInfoCtx->curEncryptedKeyLevel,
+            keyInfoCtx->maxEncryptedKeyLevel);
     if(keyInfoCtx->encCtx != NULL) {
-	xmlSecEncCtxDebugXmlDump(keyInfoCtx->encCtx, output);
+        xmlSecEncCtxDebugXmlDump(keyInfoCtx->encCtx, output);
     }
 #endif /* XMLSEC_NO_XMLENC */
-    
+
     xmlSecKeyReqDebugXmlDump(&(keyInfoCtx->keyReq), output);
     switch(keyInfoCtx->mode) {
-	case xmlSecKeyInfoModeRead:
-	    fprintf(output, "</KeyInfoReadContext>\n");
-	    break;
-	case xmlSecKeyInfoModeWrite:
-	    fprintf(output, "</KeyInfoWriteContext>\n");
-	    break;
+        case xmlSecKeyInfoModeRead:
+            fprintf(output, "</KeyInfoReadContext>\n");
+            break;
+        case xmlSecKeyInfoModeWrite:
+            fprintf(output, "</KeyInfoWriteContext>\n");
+            break;
     }
 }
 
@@ -627,14 +627,14 @@ xmlSecKeyInfoCtxDebugXmlDump(xmlSecKeyInfoCtxPtr keyInfoCtx, FILE* output) {
  * <dsig:KeyName/> processing
  *
  *************************************************************************/
-static int			xmlSecKeyDataNameXmlRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int			xmlSecKeyDataNameXmlWrite	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataNameXmlRead        (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataNameXmlWrite       (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyDataKlass xmlSecKeyDataNameKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -642,59 +642,59 @@ static xmlSecKeyDataKlass xmlSecKeyDataNameKlass = {
 
     /* data */
     xmlSecNameKeyName,
-    xmlSecKeyDataUsageKeyInfoNode, 		/* xmlSecKeyDataUsage usage; */
-    NULL,					/* const xmlChar* href; */
-    xmlSecNodeKeyName,				/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode,              /* xmlSecKeyDataUsage usage; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecNodeKeyName,                          /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
-    
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    NULL,					/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecKeyDataNameXmlRead,			/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecKeyDataNameXmlWrite,   		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecKeyDataNameXmlRead,                   /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecKeyDataNameXmlWrite,                  /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecKeyDataNameGetKlass:
  *
- * The <dsig:KeyName/> element key data klass 
+ * The <dsig:KeyName/> element key data klass
  * (http://www.w3.org/TR/xmldsig-core/#sec-KeyName):
  *
- * The KeyName element contains a string value (in which white space is 
- * significant) which may be used by the signer to communicate a key 
- * identifier to the recipient. Typically, KeyName contains an identifier 
- * related to the key pair used to sign the message, but it may contain 
- * other protocol-related information that indirectly identifies a key pair. 
- * (Common uses of KeyName include simple string names for keys, a key index, 
- * a distinguished name (DN), an email address, etc.) 
+ * The KeyName element contains a string value (in which white space is
+ * significant) which may be used by the signer to communicate a key
+ * identifier to the recipient. Typically, KeyName contains an identifier
+ * related to the key pair used to sign the message, but it may contain
+ * other protocol-related information that indirectly identifies a key pair.
+ * (Common uses of KeyName include simple string names for keys, a key index,
+ * a distinguished name (DN), an email address, etc.)
  *
  * Returns: the <dsig:KeyName/> element processing key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataNameGetKlass(void) {
     return(&xmlSecKeyDataNameKlass);
 }
 
-static int 
+static int
 xmlSecKeyDataNameXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     const xmlChar* oldName;
     xmlChar* newName;
@@ -709,65 +709,65 @@ xmlSecKeyDataNameXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
     oldName = xmlSecKeyGetName(key);
     newName = xmlNodeGetContent(node);
     if(newName == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     /* TODO: do we need to decode the name? */
-    
+
     /* compare name values */
     if((oldName != NULL) && !xmlStrEqual(oldName, newName)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "key name is already specified",
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(newName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "key name is already specified",
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(newName);
+        return(-1);
     }
 
     /* try to find key in the manager */
     if((xmlSecKeyGetValue(key) == NULL) && (keyInfoCtx->keysMngr != NULL)) {
-	xmlSecKeyPtr tmpKey;
-
-	tmpKey = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, newName, keyInfoCtx);
-	if(tmpKey != NULL) {
-	    /* erase any current information in the key */
-	    xmlSecKeyEmpty(key);
-
-	    /* TODO: since we will destroy tmpKey anyway, we can easily
-	     * just re-assign key data values. It'll save use some memory
-	     * malloc/free 
-	     */
-	     
-	    /* and copy what we've found */
-	    ret = xmlSecKeyCopy(key, tmpKey);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecKeyCopy",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE); 
-		xmlSecKeyDestroy(tmpKey);
-		xmlFree(newName);
-		return(-1);
-	    }
-	    xmlSecKeyDestroy(tmpKey);
-	}
-    }		
-    
+        xmlSecKeyPtr tmpKey;
+
+        tmpKey = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, newName, keyInfoCtx);
+        if(tmpKey != NULL) {
+            /* erase any current information in the key */
+            xmlSecKeyEmpty(key);
+
+            /* TODO: since we will destroy tmpKey anyway, we can easily
+             * just re-assign key data values. It'll save use some memory
+             * malloc/free
+             */
+
+            /* and copy what we've found */
+            ret = xmlSecKeyCopy(key, tmpKey);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecKeyCopy",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDestroy(tmpKey);
+                xmlFree(newName);
+                return(-1);
+            }
+            xmlSecKeyDestroy(tmpKey);
+        }
+    }
+
     /* finally set key name if it is not there */
     if(xmlSecKeyGetName(key) == NULL) {
-	xmlSecKeySetName(key, newName);
+        xmlSecKeySetName(key, newName);
     }
     xmlFree(newName);
     return(0);
 }
 
-static int 
+static int
 xmlSecKeyDataNameXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     const xmlChar* name;
 
@@ -779,7 +779,7 @@ xmlSecKeyDataNameXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
 
     name = xmlSecKeyGetName(key);
     if(name != NULL) {
-	    xmlSecNodeEncodeAndSetContent(node, name);
+            xmlSecNodeEncodeAndSetContent(node, name);
     }
     return(0);
 }
@@ -789,14 +789,14 @@ xmlSecKeyDataNameXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
  * <dsig:KeyValue/> processing
  *
  *************************************************************************/
-static int			xmlSecKeyDataValueXmlRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int			xmlSecKeyDataValueXmlWrite	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataValueXmlRead       (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataValueXmlWrite      (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyDataKlass xmlSecKeyDataValueKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -804,54 +804,54 @@ static xmlSecKeyDataKlass xmlSecKeyDataValueKlass = {
 
     /* data */
     xmlSecNameKeyValue,
-    xmlSecKeyDataUsageKeyInfoNode, 		/* xmlSecKeyDataUsage usage; */
-    NULL,					/* const xmlChar* href; */
-    xmlSecNodeKeyValue,				/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode,              /* xmlSecKeyDataUsage usage; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecNodeKeyValue,                         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
-    
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    NULL,					/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecKeyDataValueXmlRead,			/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecKeyDataValueXmlWrite, 	  	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecKeyDataValueXmlRead,                  /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecKeyDataValueXmlWrite,                 /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecKeyDataValueGetKlass:
  *
- * The <dsig:KeyValue/> element key data klass 
+ * The <dsig:KeyValue/> element key data klass
  * (http://www.w3.org/TR/xmldsig-core/#sec-KeyValue):
  *
- * The KeyValue element contains a single public key that may be useful in 
- * validating the signature. 
- * 
+ * The KeyValue element contains a single public key that may be useful in
+ * validating the signature.
+ *
  * Returns: the <dsig:KeyValue/> element processing key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataValueGetKlass(void) {
     return(&xmlSecKeyDataValueKlass);
 }
 
-static int 
+static int
 xmlSecKeyDataValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     const xmlChar* nodeName;
     const xmlChar* nodeNs;
@@ -867,8 +867,8 @@ xmlSecKeyDataValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
 
     cur = xmlSecGetNextElementNode(node->children);
     if(cur == NULL) {
-	/* just an empty node */
-	return(0);
+        /* just an empty node */
+        return(0);
     }
 
     /* find data id */
@@ -877,105 +877,105 @@ xmlSecKeyDataValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node,
 
     /* use global list only if we don't have a local one */
     if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
-			    nodeName, nodeNs, xmlSecKeyDataUsageKeyValueNodeRead);
-    } else {	
-    	dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
-			    nodeName, nodeNs, xmlSecKeyDataUsageKeyValueNodeRead);
+        dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
+                            nodeName, nodeNs, xmlSecKeyDataUsageKeyValueNodeRead);
+    } else {
+        dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
+                            nodeName, nodeNs, xmlSecKeyDataUsageKeyValueNodeRead);
     }
     if(dataId != xmlSecKeyDataIdUnknown) {
-	/* read data node */
-	ret = xmlSecKeyDataXmlRead(dataId, key, cur, keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecKeyDataXmlRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
+        /* read data node */
+        ret = xmlSecKeyDataXmlRead(dataId, key, cur, keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecKeyDataXmlRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
     } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD) != 0) {
-	/* laxi schema validation but application can disable it */
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        /* laxi schema validation but application can disable it */
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* <dsig:KeyValue/> might have only one node */
-    cur = xmlSecGetNextElementNode(cur->next);  
+    cur = xmlSecGetNextElementNode(cur->next);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecKeyDataValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     const xmlChar* nodeName;
-    const xmlChar* nodeNs;  
+    const xmlChar* nodeNs;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecKeyDataValueId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeWrite, -1);
 
-    if(!xmlSecKeyDataIsValid(key->value) || 
+    if(!xmlSecKeyDataIsValid(key->value) ||
        !xmlSecKeyDataCheckUsage(key->value, xmlSecKeyDataUsageKeyValueNodeWrite)){
-	/* nothing to write */
-	return(0);
+        /* nothing to write */
+        return(0);
     }
-    if((xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) && 
+    if((xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) &&
         (xmlSecKeyDataIdListFind(&(keyInfoCtx->enabledKeyData), id) != 1)) {
 
-	/* we are not enabled to write out key data with this id */
-	return(0);
+        /* we are not enabled to write out key data with this id */
+        return(0);
     }
     if(xmlSecKeyReqMatchKey(&(keyInfoCtx->keyReq), key) != 1) {
-	/* we are not allowed to write out this key */
-	return(0);
+        /* we are not allowed to write out this key */
+        return(0);
     }
 
     nodeName = key->value->id->dataNodeName;
     nodeNs = key->value->id->dataNodeNs;
     xmlSecAssert2(nodeName != NULL, -1);
-    
+
     /* remove all existing key value */
     xmlNodeSetContent(node, NULL);
-    
+
     /* create key node */
     cur = xmlSecAddChild(node, nodeName, nodeNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+        return(-1);
     }
 
     ret = xmlSecKeyDataXmlWrite(key->value->id, key, cur, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataXmlWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataXmlWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        return(-1);
     }
 
     return(0);
@@ -986,14 +986,14 @@ xmlSecKeyDataValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node
  * <dsig:RetrievalMethod/> processing
  *
  *************************************************************************/
-static int			xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int			xmlSecKeyDataRetrievalMethodXmlWrite(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataRetrievalMethodXmlWrite(xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 
 
@@ -1003,67 +1003,67 @@ static xmlSecKeyDataKlass xmlSecKeyDataRetrievalMethodKlass = {
 
     /* data */
     xmlSecNameRetrievalMethod,
-    xmlSecKeyDataUsageKeyInfoNode, 		/* xmlSecKeyDataUsage usage; */
-    NULL,					/* const xmlChar* href; */
-    xmlSecNodeRetrievalMethod,			/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode,              /* xmlSecKeyDataUsage usage; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecNodeRetrievalMethod,                  /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
-    
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    NULL,					/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecKeyDataRetrievalMethodXmlRead,	/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecKeyDataRetrievalMethodXmlWrite,   	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecKeyDataRetrievalMethodXmlRead,        /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecKeyDataRetrievalMethodXmlWrite,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-static int			xmlSecKeyDataRetrievalMethodReadXmlResult(xmlSecKeyDataId typeId,
-								 xmlSecKeyPtr key,
-								 const xmlChar* buffer,
-								 xmlSecSize bufferSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecKeyDataRetrievalMethodReadXmlResult(xmlSecKeyDataId typeId,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlChar* buffer,
+                                                                 xmlSecSize bufferSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
-/** 
+/**
  * xmlSecKeyDataRetrievalMethodGetKlass:
  *
- * The <dsig:RetrievalMethod/> element key data klass 
+ * The <dsig:RetrievalMethod/> element key data klass
  * (http://www.w3.org/TR/xmldsig-core/#sec-RetrievalMethod):
- * A RetrievalMethod element within KeyInfo is used to convey a reference to 
- * KeyInfo information that is stored at another location. For example, 
- * several signatures in a document might use a key verified by an X.509v3 
- * certificate chain appearing once in the document or remotely outside the 
- * document; each signature's KeyInfo can reference this chain using a single 
- * RetrievalMethod element instead of including the entire chain with a 
+ * A RetrievalMethod element within KeyInfo is used to convey a reference to
+ * KeyInfo information that is stored at another location. For example,
+ * several signatures in a document might use a key verified by an X.509v3
+ * certificate chain appearing once in the document or remotely outside the
+ * document; each signature's KeyInfo can reference this chain using a single
+ * RetrievalMethod element instead of including the entire chain with a
  * sequence of X509Certificate elements.
  *
- * RetrievalMethod uses the same syntax and dereferencing behavior as 
+ * RetrievalMethod uses the same syntax and dereferencing behavior as
  * Reference's URI and The Reference Processing Model.
- * 
+ *
  * Returns: the <dsig:RetrievalMethod/> element processing key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataRetrievalMethodGetKlass(void) {
     return(&xmlSecKeyDataRetrievalMethodKlass);
 }
 
-static int 
+static int
 xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataId dataId = xmlSecKeyDataIdUnknown;
     xmlChar *retrType = NULL;
@@ -1071,7 +1071,7 @@ xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNod
     xmlNodePtr cur;
     int res = -1;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecKeyDataRetrievalMethodId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -1081,41 +1081,41 @@ xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNod
 
     /* check retrieval level */
     if(keyInfoCtx->curRetrievalMethodLevel >= keyInfoCtx->maxRetrievalMethodLevel) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL,
-		    "cur=%d;max=%d", 
-		    keyInfoCtx->curRetrievalMethodLevel,
-		    keyInfoCtx->maxRetrievalMethodLevel);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL,
+                    "cur=%d;max=%d",
+                    keyInfoCtx->curRetrievalMethodLevel,
+                    keyInfoCtx->maxRetrievalMethodLevel);
+        goto done;
     }
     ++keyInfoCtx->curRetrievalMethodLevel;
 
     retrType = xmlGetProp(node, xmlSecAttrType);
     if(retrType != NULL) {
-	/* use global list only if we don't have a local one */
-	if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	    dataId = xmlSecKeyDataIdListFindByHref(&(keyInfoCtx->enabledKeyData),
-			    retrType, xmlSecKeyDataUsageRetrievalMethodNode);
-	} else {	
-    	    dataId = xmlSecKeyDataIdListFindByHref(xmlSecKeyDataIdsGet(),
-			    retrType, xmlSecKeyDataUsageRetrievalMethodNode);
-	}
+        /* use global list only if we don't have a local one */
+        if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
+            dataId = xmlSecKeyDataIdListFindByHref(&(keyInfoCtx->enabledKeyData),
+                            retrType, xmlSecKeyDataUsageRetrievalMethodNode);
+        } else {
+            dataId = xmlSecKeyDataIdListFindByHref(xmlSecKeyDataIdsGet(),
+                            retrType, xmlSecKeyDataUsageRetrievalMethodNode);
+        }
     }
 
     /* laxi schema validation but aplication can disable it */
     if(dataId == xmlSecKeyDataIdUnknown) {
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecAttrType),
-			XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-			"value=%s", xmlSecErrorsSafeString(retrType));
-	} else {
-	    res = 0;
-	}
-	goto done;
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecAttrType),
+                        XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                        "value=%s", xmlSecErrorsSafeString(retrType));
+        } else {
+            res = 0;
+        }
+        goto done;
     }
 
     /* destroy prev retrieval method context */
@@ -1125,100 +1125,100 @@ xmlSecKeyDataRetrievalMethodXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNod
     uri = xmlGetProp(node, xmlSecAttrURI);
     ret = xmlSecTransformCtxSetUri(&(keyInfoCtx->retrievalMethodCtx), uri, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecTransformCtxSetUri",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(uri));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecTransformCtxSetUri",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        goto done;
     }
 
     /* the only one node is optional Transforms node */
     cur = xmlSecGetNextElementNode(node->children);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeTransforms, xmlSecDSigNs))) {
-	ret = xmlSecTransformCtxNodesListRead(&(keyInfoCtx->retrievalMethodCtx), 
-					    cur, xmlSecTransformUsageDSigTransform);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecTransformCtxNodesListRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    goto done;
-	}	
+        ret = xmlSecTransformCtxNodesListRead(&(keyInfoCtx->retrievalMethodCtx),
+                                            cur, xmlSecTransformUsageDSigTransform);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecTransformCtxNodesListRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            goto done;
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     /* finally get transforms results */
     ret = xmlSecTransformCtxExecute(&(keyInfoCtx->retrievalMethodCtx), node->doc);
-    if((ret < 0) || 
+    if((ret < 0) ||
        (keyInfoCtx->retrievalMethodCtx.result == NULL) ||
        (xmlSecBufferGetData(keyInfoCtx->retrievalMethodCtx.result) == NULL)) {
 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecTransformCtxExecute",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecTransformCtxExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
 
-    /* assume that the data is in XML if we could not find id */    
-    if((dataId == xmlSecKeyDataIdUnknown) || 
+    /* assume that the data is in XML if we could not find id */
+    if((dataId == xmlSecKeyDataIdUnknown) ||
        ((dataId->usage & xmlSecKeyDataUsageRetrievalMethodNodeXml) != 0)) {
 
-	ret = xmlSecKeyDataRetrievalMethodReadXmlResult(dataId, key,
-		    xmlSecBufferGetData(keyInfoCtx->retrievalMethodCtx.result),
+        ret = xmlSecKeyDataRetrievalMethodReadXmlResult(dataId, key,
+                    xmlSecBufferGetData(keyInfoCtx->retrievalMethodCtx.result),
                     xmlSecBufferGetSize(keyInfoCtx->retrievalMethodCtx.result),
-		    keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecKeyDataRetrievalMethodReadXmlResult",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}    
+                    keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecKeyDataRetrievalMethodReadXmlResult",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
     } else {
-	ret = xmlSecKeyDataBinRead(dataId, key, 
-		    xmlSecBufferGetData(keyInfoCtx->retrievalMethodCtx.result),
+        ret = xmlSecKeyDataBinRead(dataId, key,
+                    xmlSecBufferGetData(keyInfoCtx->retrievalMethodCtx.result),
                     xmlSecBufferGetSize(keyInfoCtx->retrievalMethodCtx.result),
-		    keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecKeyDataBinRead",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}    
+                    keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecKeyDataBinRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
     }
     --keyInfoCtx->curRetrievalMethodLevel;
-    
-    res = 0;    
+
+    res = 0;
 done:
     if(uri != NULL) {
-	xmlFree(uri);
+        xmlFree(uri);
     }
     if(retrType != NULL) {
-	xmlFree(retrType);
+        xmlFree(retrType);
     }
     return(res);
 }
 
-static int 
+static int
 xmlSecKeyDataRetrievalMethodXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(id == xmlSecKeyDataRetrievalMethodId, -1);
     xmlSecAssert2(key != NULL, -1);
@@ -1232,40 +1232,40 @@ xmlSecKeyDataRetrievalMethodXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNo
 
 static int
 xmlSecKeyDataRetrievalMethodReadXmlResult(xmlSecKeyDataId typeId, xmlSecKeyPtr key,
-					  const xmlChar* buffer, xmlSecSize bufferSize,
-					  xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                          const xmlChar* buffer, xmlSecSize bufferSize,
+                                          xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlDocPtr doc;
     xmlNodePtr cur;
     const xmlChar* nodeName;
     const xmlChar* nodeNs;
     xmlSecKeyDataId dataId;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(buffer != NULL, -1);
-    xmlSecAssert2(bufferSize > 0, -1); 
+    xmlSecAssert2(bufferSize > 0, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeRead, -1);
 
     doc = xmlRecoverMemory((const char*)buffer, bufferSize);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
-		    "xmlRecoverMemory",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
+                    "xmlRecoverMemory",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-	
+
     cur = xmlDocGetRootElement(doc);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
-		    "xmlDocGetRootElement",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
+                    "xmlDocGetRootElement",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
     }
 
     nodeName = cur->name;
@@ -1273,50 +1273,50 @@ xmlSecKeyDataRetrievalMethodReadXmlResult(xmlSecKeyDataId typeId, xmlSecKeyPtr k
 
     /* use global list only if we don't have a local one */
     if(xmlSecPtrListGetSize(&(keyInfoCtx->enabledKeyData)) > 0) {
-	dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
-			    nodeName, nodeNs, xmlSecKeyDataUsageRetrievalMethodNodeXml);
-    } else {	
-    	dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
-			    nodeName, nodeNs, xmlSecKeyDataUsageRetrievalMethodNodeXml);
+        dataId = xmlSecKeyDataIdListFindByNode(&(keyInfoCtx->enabledKeyData),
+                            nodeName, nodeNs, xmlSecKeyDataUsageRetrievalMethodNodeXml);
+    } else {
+        dataId = xmlSecKeyDataIdListFindByNode(xmlSecKeyDataIdsGet(),
+                            nodeName, nodeNs, xmlSecKeyDataUsageRetrievalMethodNodeXml);
     }
     if(dataId == xmlSecKeyDataIdUnknown) {
-	xmlFreeDoc(doc);
-
-	/* laxi schema validation but application can disable it */
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        xmlFreeDoc(doc);
+
+        /* laxi schema validation but application can disable it */
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     } else if((typeId != xmlSecKeyDataIdUnknown) && (typeId != dataId) &&
-	      ((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF) != 0)) {
-	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),		    
-		    XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);
+              ((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF) != 0)) {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
     }
 
     /* read data node */
     ret = xmlSecKeyDataXmlRead(dataId, key, cur, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
-		    "xmlSecKeyDataXmlRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	xmlFreeDoc(doc);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(typeId)),
+                    "xmlSecKeyDataXmlRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        xmlFreeDoc(doc);
+        return(-1);
     }
-    
+
     xmlFreeDoc(doc);
     return(0);
 }
@@ -1328,14 +1328,14 @@ xmlSecKeyDataRetrievalMethodReadXmlResult(xmlSecKeyDataId typeId, xmlSecKeyPtr k
  * <enc:EncryptedKey/> processing
  *
  *************************************************************************/
-static int	xmlSecKeyDataEncryptedKeyXmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecKeyDataEncryptedKeyXmlWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecKeyDataEncryptedKeyXmlRead        (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecKeyDataEncryptedKeyXmlWrite       (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 
 
@@ -1345,60 +1345,60 @@ static xmlSecKeyDataKlass xmlSecKeyDataEncryptedKeyKlass = {
 
     /* data */
     xmlSecNameEncryptedKey,
-    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 		
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefEncryptedKey,			/* const xmlChar* href; */
-    xmlSecNodeEncryptedKey,			/* const xmlChar* dataNodeName; */
-    xmlSecEncNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefEncryptedKey,                     /* const xmlChar* href; */
+    xmlSecNodeEncryptedKey,                     /* const xmlChar* dataNodeName; */
+    xmlSecEncNs,                                /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
-    
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    NULL,					/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecKeyDataEncryptedKeyXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecKeyDataEncryptedKeyXmlWrite,   	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecKeyDataEncryptedKeyXmlRead,           /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecKeyDataEncryptedKeyXmlWrite,          /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecKeyDataEncryptedKeyGetKlass:
  *
- * The <enc:EncryptedKey/> element key data klass 
+ * The <enc:EncryptedKey/> element key data klass
  * (http://www.w3.org/TR/xmlenc-core/#sec-EncryptedKey):
  *
- * The EncryptedKey element is used to transport encryption keys from 
- * the originator to a known recipient(s). It may be used as a stand-alone 
- * XML document, be placed within an application document, or appear inside 
- * an EncryptedData element as a child of a ds:KeyInfo element. The key value 
- * is always encrypted to the recipient(s). When EncryptedKey is decrypted the 
- * resulting octets are made available to the EncryptionMethod algorithm 
+ * The EncryptedKey element is used to transport encryption keys from
+ * the originator to a known recipient(s). It may be used as a stand-alone
+ * XML document, be placed within an application document, or appear inside
+ * an EncryptedData element as a child of a ds:KeyInfo element. The key value
+ * is always encrypted to the recipient(s). When EncryptedKey is decrypted the
+ * resulting octets are made available to the EncryptionMethod algorithm
  * without any additional processing.
- * 
+ *
  * Returns: the <enc:EncryptedKey/> element processing key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecKeyDataEncryptedKeyGetKlass(void) {
     return(&xmlSecKeyDataEncryptedKeyKlass);
 }
 
-static int 
+static int
 xmlSecKeyDataEncryptedKeyXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecBufferPtr result;
     int ret;
@@ -1409,70 +1409,70 @@ xmlSecKeyDataEncryptedKeyXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePt
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeRead, -1);
 
-    /* check the enc level */    
+    /* check the enc level */
     if(keyInfoCtx->curEncryptedKeyLevel >= keyInfoCtx->maxEncryptedKeyLevel) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL,
-		    "cur=%d;max=%d", 
-		    keyInfoCtx->curEncryptedKeyLevel,
-		    keyInfoCtx->maxEncryptedKeyLevel);
-	return(-1);
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL,
+                    "cur=%d;max=%d",
+                    keyInfoCtx->curEncryptedKeyLevel,
+                    keyInfoCtx->maxEncryptedKeyLevel);
+        return(-1);
     }
     ++keyInfoCtx->curEncryptedKeyLevel;
 
-    /* init Enc context */    
+    /* init Enc context */
     if(keyInfoCtx->encCtx != NULL) {
-	xmlSecEncCtxReset(keyInfoCtx->encCtx);
+        xmlSecEncCtxReset(keyInfoCtx->encCtx);
     } else {
-	ret = xmlSecKeyInfoCtxCreateEncCtx(keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		        "xmlSecKeyInfoCtxCreateEncCtx",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);		
+        ret = xmlSecKeyInfoCtxCreateEncCtx(keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecKeyInfoCtxCreateEncCtx",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
     }
     xmlSecAssert2(keyInfoCtx->encCtx != NULL, -1);
-    
+
     result = xmlSecEncCtxDecryptToBuffer(keyInfoCtx->encCtx, node);
     if((result == NULL) || (xmlSecBufferGetData(result) == NULL)) {
-	/* We might have multiple EncryptedKey elements, encrypted 
-	 * for different receipints but application can enforce
-	 * correct enc key.
-	 */
+        /* We might have multiple EncryptedKey elements, encrypted
+         * for different receipints but application can enforce
+         * correct enc key.
+         */
         if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecEncCtxDecryptToBuffer",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecEncCtxDecryptToBuffer",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
-	 
+
     ret = xmlSecKeyDataBinRead(keyInfoCtx->keyReq.keyId, key,
-			   xmlSecBufferGetData(result),
-			   xmlSecBufferGetSize(result),
-			   keyInfoCtx);
+                           xmlSecBufferGetData(result),
+                           xmlSecBufferGetSize(result),
+                           keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataBinRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }			   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataBinRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     --keyInfoCtx->curEncryptedKeyLevel;
 
     return(0);
 }
 
-static int 
+static int
 xmlSecKeyDataEncryptedKeyXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyInfoCtx keyInfoCtx2;
     xmlSecByte *keyBuf = NULL;
@@ -1486,73 +1486,73 @@ xmlSecKeyDataEncryptedKeyXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodeP
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
     xmlSecAssert2(keyInfoCtx->mode == xmlSecKeyInfoModeWrite, -1);
-    
+
     /* dump key to a binary buffer */
     ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx2, NULL);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
-    
+
     ret = xmlSecKeyInfoCtxCopyUserPref(&keyInfoCtx2, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyInfoCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx2);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyInfoCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx2);
+        goto done;
     }
 
     keyInfoCtx2.keyReq.keyType = xmlSecKeyDataTypeAny;
     ret = xmlSecKeyDataBinWrite(key->value->id, key, &keyBuf, &keySize, &keyInfoCtx2);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataBinWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx2);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataBinWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx2);
+        goto done;
     }
     xmlSecKeyInfoCtxFinalize(&keyInfoCtx2);
-    
-    /* init Enc context */    
+
+    /* init Enc context */
     if(keyInfoCtx->encCtx != NULL) {
-	xmlSecEncCtxReset(keyInfoCtx->encCtx);
+        xmlSecEncCtxReset(keyInfoCtx->encCtx);
     } else {
-	ret = xmlSecKeyInfoCtxCreateEncCtx(keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecKeyInfoCtxCreateEncCtx",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-    	    goto done;	
-	}
+        ret = xmlSecKeyInfoCtxCreateEncCtx(keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecKeyInfoCtxCreateEncCtx",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
     }
     xmlSecAssert2(keyInfoCtx->encCtx != NULL, -1);
 
     ret = xmlSecEncCtxBinaryEncrypt(keyInfoCtx->encCtx, node, keyBuf, keySize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecEncCtxBinaryEncrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecEncCtxBinaryEncrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
-    
+
     res = 0;
 done:
     if(keyBuf != NULL) {
-	memset(keyBuf, 0, keySize);
-	xmlFree(keyBuf); keyBuf = NULL;
+        memset(keyBuf, 0, keySize);
+        xmlFree(keyBuf); keyBuf = NULL;
     }
     return(res);
 }
diff --git a/src/keys.c b/src/keys.c
index 44522aa1..1d2f7331 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Keys.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -29,15 +29,15 @@
  * xmlSecKeyUseWith
  *
  *************************************************************************/
-/** 
+/**
  * xmlSecKeyUseWithInitialize:
  * @keyUseWith:         the pointer to information about key application/user.
- * 
+ *
  * Initializes @keyUseWith object.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyUseWithInitialize(xmlSecKeyUseWithPtr keyUseWith) {
     xmlSecAssert2(keyUseWith != NULL, -1);
 
@@ -45,34 +45,34 @@ xmlSecKeyUseWithInitialize(xmlSecKeyUseWithPtr keyUseWith) {
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithFinalize:
  * @keyUseWith:         the pointer to information about key application/user.
  *
  * Finalizes @keyUseWith object.
  */
-void 
+void
 xmlSecKeyUseWithFinalize(xmlSecKeyUseWithPtr keyUseWith) {
     xmlSecAssert(keyUseWith != NULL);
-    
+
     xmlSecKeyUseWithReset(keyUseWith);
     memset(keyUseWith, 0, sizeof(xmlSecKeyUseWith));
 }
 
-/** 
+/**
  * xmlSecKeyUseWithReset:
  * @keyUseWith:         the pointer to information about key application/user.
- * 
+ *
  * Resets the @keyUseWith to its state after initialization.
  */
-void 
+void
 xmlSecKeyUseWithReset(xmlSecKeyUseWithPtr keyUseWith) {
     xmlSecAssert(keyUseWith != NULL);
 
     xmlSecKeyUseWithSet(keyUseWith, NULL, NULL);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithCopy:
  * @dst:         the pointer to destination object.
  * @src:         the pointer to source object.
@@ -81,15 +81,15 @@ xmlSecKeyUseWithReset(xmlSecKeyUseWithPtr keyUseWith) {
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyUseWithCopy(xmlSecKeyUseWithPtr dst, xmlSecKeyUseWithPtr src) {
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
-    
+
     return(xmlSecKeyUseWithSet(dst, src->application, src->identifier));
 }
 
-/** 
+/**
  * xmlSecKeyUseWithCreate:
  * @application:        the application value.
  * @identifier:         the identifier value.
@@ -99,7 +99,7 @@ xmlSecKeyUseWithCopy(xmlSecKeyUseWithPtr dst, xmlSecKeyUseWithPtr src) {
  *
  * Returns: pointer to newly created object or NULL if an error occurs.
  */
-xmlSecKeyUseWithPtr 
+xmlSecKeyUseWithPtr
 xmlSecKeyUseWithCreate(const xmlChar* application, const xmlChar* identifier) {
     xmlSecKeyUseWithPtr keyUseWith;
     int ret;
@@ -107,42 +107,42 @@ xmlSecKeyUseWithCreate(const xmlChar* application, const xmlChar* identifier) {
     /* Allocate a new xmlSecKeyUseWith and fill the fields. */
     keyUseWith = (xmlSecKeyUseWithPtr)xmlMalloc(sizeof(xmlSecKeyUseWith));
     if(keyUseWith == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecKeyUseWith)=%d", 
-		    sizeof(xmlSecKeyUseWith));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecKeyUseWith)=%d",
+                    sizeof(xmlSecKeyUseWith));
+        return(NULL);
     }
-    memset(keyUseWith, 0, sizeof(xmlSecKeyUseWith));    
+    memset(keyUseWith, 0, sizeof(xmlSecKeyUseWith));
 
     ret = xmlSecKeyUseWithInitialize(keyUseWith);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyUseWithInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyUseWithInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         xmlSecKeyUseWithDestroy(keyUseWith);
-        return(NULL);        
+        return(NULL);
     }
 
     ret = xmlSecKeyUseWithSet(keyUseWith, application, identifier);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyUseWithSet",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyUseWithSet",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         xmlSecKeyUseWithDestroy(keyUseWith);
-        return(NULL);        
+        return(NULL);
     }
 
     return(keyUseWith);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithDuplicate:
  * @keyUseWith:         the pointer to information about key application/user.
  *
@@ -151,7 +151,7 @@ xmlSecKeyUseWithCreate(const xmlChar* application, const xmlChar* identifier) {
  *
  * Returns: pointer to newly created object or NULL if an error occurs.
  */
-xmlSecKeyUseWithPtr 
+xmlSecKeyUseWithPtr
 xmlSecKeyUseWithDuplicate(xmlSecKeyUseWithPtr keyUseWith) {
     int ret;
 
@@ -161,36 +161,36 @@ xmlSecKeyUseWithDuplicate(xmlSecKeyUseWithPtr keyUseWith) {
 
     newKeyUseWith = xmlSecKeyUseWithCreate(NULL, NULL);
     if(newKeyUseWith == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyUseWithCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-        return(NULL);        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyUseWithCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     ret = xmlSecKeyUseWithCopy(newKeyUseWith, keyUseWith);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyUseWithCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyUseWithCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         xmlSecKeyUseWithDestroy(keyUseWith);
-        return(NULL);        
+        return(NULL);
     }
 
     return(newKeyUseWith);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithDestroy:
  * @keyUseWith:         the pointer to information about key application/user.
  *
  * Destroys @keyUseWith created with @xmlSecKeyUseWithCreate or @xmlSecKeyUseWithDuplicate
  * functions.
  */
-void 
+void
 xmlSecKeyUseWithDestroy(xmlSecKeyUseWithPtr keyUseWith) {
     xmlSecAssert(keyUseWith != NULL);
 
@@ -198,82 +198,82 @@ xmlSecKeyUseWithDestroy(xmlSecKeyUseWithPtr keyUseWith) {
     xmlFree(keyUseWith);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithSet:
  * @keyUseWith:         the pointer to information about key application/user.
  * @application:        the new application value.
  * @identifier:         the new identifier value.
- * 
+ *
  * Sets @application and @identifier in the @keyUseWith.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyUseWithSet(xmlSecKeyUseWithPtr keyUseWith, const xmlChar* application, const xmlChar* identifier) {
     xmlSecAssert2(keyUseWith != NULL, -1);
-    
+
     if(keyUseWith->application != NULL) {
-	xmlFree(keyUseWith->application); 
-	keyUseWith->application = NULL;
+        xmlFree(keyUseWith->application);
+        keyUseWith->application = NULL;
     }
     if(keyUseWith->identifier != NULL) {
-	xmlFree(keyUseWith->identifier); 
-	keyUseWith->identifier = NULL;
+        xmlFree(keyUseWith->identifier);
+        keyUseWith->identifier = NULL;
     }
-    
+
     if(application != NULL) {
-	keyUseWith->application = xmlStrdup(application);
-	if(keyUseWith->application == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			NULL,
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			"xmlStrlen(application)=%d", 
-			xmlStrlen(application));
-	    return(-1);
-	}
+        keyUseWith->application = xmlStrdup(application);
+        if(keyUseWith->application == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "xmlStrlen(application)=%d",
+                        xmlStrlen(application));
+            return(-1);
+        }
     }
     if(identifier != NULL) {
-	keyUseWith->identifier = xmlStrdup(identifier);
-	if(keyUseWith->identifier == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			NULL,
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			"xmlStrlen(identifier)=%d", 
-			xmlStrlen(identifier));
-	    return(-1);
-	}
+        keyUseWith->identifier = xmlStrdup(identifier);
+        if(keyUseWith->identifier == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "xmlStrlen(identifier)=%d",
+                        xmlStrlen(identifier));
+            return(-1);
+        }
     }
-    
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyUseWithDebugDump:
  * @keyUseWith:         the pointer to information about key application/user.
  * @output:             the pointer to output FILE.
  *
  * Prints xmlSecKeyUseWith debug information to a file @output.
  */
-void 
+void
 xmlSecKeyUseWithDebugDump(xmlSecKeyUseWithPtr keyUseWith, FILE* output) {
     xmlSecAssert(keyUseWith != NULL);
     xmlSecAssert(output != NULL);
 
-    fprintf(output, "=== KeyUseWith: application=\"%s\",identifier=\"%s\"\n", 
+    fprintf(output, "=== KeyUseWith: application=\"%s\",identifier=\"%s\"\n",
                 (keyUseWith->application) ? keyUseWith->application : BAD_CAST "",
-                (keyUseWith->identifier) ? keyUseWith->identifier : BAD_CAST "");    
+                (keyUseWith->identifier) ? keyUseWith->identifier : BAD_CAST "");
 }
 
-/** 
+/**
  * xmlSecKeyUseWithDebugXmlDump:
  * @keyUseWith:         the pointer to information about key application/user.
  * @output:             the pointer to output FILE.
  *
  * Prints xmlSecKeyUseWith debug information to a file @output in XML format.
  */
-void 
+void
 xmlSecKeyUseWithDebugXmlDump(xmlSecKeyUseWithPtr keyUseWith, FILE* output) {
     xmlSecAssert(keyUseWith != NULL);
     xmlSecAssert(output != NULL);
@@ -287,7 +287,7 @@ xmlSecKeyUseWithDebugXmlDump(xmlSecKeyUseWithPtr keyUseWith, FILE* output) {
     fprintf(output, "<Identifier>");
     xmlSecPrintXmlString(output, keyUseWith->identifier);
     fprintf(output, "</Identifier>");
-    
+
     fprintf(output, "</KeyUseWith>\n");
 }
 
@@ -298,20 +298,20 @@ xmlSecKeyUseWithDebugXmlDump(xmlSecKeyUseWithPtr keyUseWith, FILE* output) {
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecKeyUseWithPtrListKlass = {
     BAD_CAST "key-use-with-list",
-    (xmlSecPtrDuplicateItemMethod)xmlSecKeyUseWithDuplicate, 	/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecKeyUseWithDestroy,	/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyUseWithDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyUseWithDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    (xmlSecPtrDuplicateItemMethod)xmlSecKeyUseWithDuplicate,    /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecKeyUseWithDestroy,        /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyUseWithDebugDump,    /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyUseWithDebugXmlDump, /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecKeyUseWithPtrListGetKlass:
- * 
+ *
  * The key data list klass.
  *
  * Returns: pointer to the key data list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecKeyUseWithPtrListGetKlass(void) {
     return(&xmlSecKeyUseWithPtrListKlass);
 }
@@ -321,41 +321,41 @@ xmlSecKeyUseWithPtrListGetKlass(void) {
  * xmlSecKeyReq - what key are we looking for?
  *
  *************************************************************************/
-/** 
+/**
  * xmlSecKeyReqInitialize:
- * @keyReq:		the pointer to key requirements object.
+ * @keyReq:             the pointer to key requirements object.
  *
  * Initialize key requirements object. Caller is responsible for
  * cleaning it with #xmlSecKeyReqFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyReqInitialize(xmlSecKeyReqPtr keyReq) {
     int ret;
-    
+
     xmlSecAssert2(keyReq != NULL, -1);
-    
+
     memset(keyReq, 0, sizeof(xmlSecKeyReq));
-    
-    keyReq->keyUsage	= xmlSecKeyUsageAny;	/* by default you can do whatever you want with the key */
-    ret = xmlSecPtrListInitialize(&keyReq->keyUseWithList, xmlSecKeyUseWithPtrListId);    
+
+    keyReq->keyUsage    = xmlSecKeyUsageAny;    /* by default you can do whatever you want with the key */
+    ret = xmlSecPtrListInitialize(&keyReq->keyUseWithList, xmlSecKeyUseWithPtrListId);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    
+
     return(0);
 }
 
 /**
  * xmlSecKeyReqFinalize:
- * @keyReq:		the pointer to key requirements object.
+ * @keyReq:             the pointer to key requirements object.
  *
  * Cleans the key requirements object initialized with #xmlSecKeyReqInitialize
  * function.
@@ -364,56 +364,56 @@ void
 xmlSecKeyReqFinalize(xmlSecKeyReqPtr keyReq) {
     xmlSecAssert(keyReq != NULL);
 
-    xmlSecPtrListFinalize(&keyReq->keyUseWithList);    
+    xmlSecPtrListFinalize(&keyReq->keyUseWithList);
     memset(keyReq, 0, sizeof(xmlSecKeyReq));
 }
 
-/** 
+/**
  * xmlSecKeyReqReset:
- * @keyReq:		the pointer to key requirements object.
+ * @keyReq:             the pointer to key requirements object.
  *
  * Resets key requirements object for new key search.
  */
-void 
+void
 xmlSecKeyReqReset(xmlSecKeyReqPtr keyReq) {
     xmlSecAssert(keyReq != NULL);
 
     xmlSecPtrListEmpty(&keyReq->keyUseWithList);
-    keyReq->keyId	= NULL;
-    keyReq->keyType	= 0;
-    keyReq->keyUsage	= xmlSecKeyUsageAny;
-    keyReq->keyBitsSize	= 0;
+    keyReq->keyId       = NULL;
+    keyReq->keyType     = 0;
+    keyReq->keyUsage    = xmlSecKeyUsageAny;
+    keyReq->keyBitsSize = 0;
 }
 
 /**
  * xmlSecKeyReqCopy:
- * @dst:		the pointer to destination object.
- * @src:		the pointer to source object.
+ * @dst:                the pointer to destination object.
+ * @src:                the pointer to source object.
  *
  * Copies key requirements from @src object to @dst object.
- * 
+ *
  * Returns: 0 on success and a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyReqCopy(xmlSecKeyReqPtr dst, xmlSecKeyReqPtr src) {
     int ret;
-    
+
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
 
-    dst->keyId		= src->keyId;
-    dst->keyType	= src->keyType;
-    dst->keyUsage	= src->keyUsage;
-    dst->keyBitsSize	= src->keyBitsSize;
+    dst->keyId          = src->keyId;
+    dst->keyType        = src->keyType;
+    dst->keyUsage       = src->keyUsage;
+    dst->keyBitsSize    = src->keyBitsSize;
 
     ret = xmlSecPtrListCopy(&dst->keyUseWithList, &src->keyUseWithList);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -421,24 +421,24 @@ xmlSecKeyReqCopy(xmlSecKeyReqPtr dst, xmlSecKeyReqPtr src) {
 
 /**
  * xmlSecKeyReqMatchKey:
- * @keyReq:		the pointer to key requirements object.
- * @key:		the pointer to key.
+ * @keyReq:             the pointer to key requirements object.
+ * @key:                the pointer to key.
  *
  * Checks whether @key matches key requirements @keyReq.
  *
  * Returns: 1 if key matches requirements, 0 if not and a negative value
  * if an error occurs.
  */
-int 
+int
 xmlSecKeyReqMatchKey(xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key) {
     xmlSecAssert2(keyReq != NULL, -1);
     xmlSecAssert2(xmlSecKeyIsValid(key), -1);
 
     if((keyReq->keyType != xmlSecKeyDataTypeUnknown) && ((xmlSecKeyGetType(key) & keyReq->keyType) == 0)) {
-	 return(0);
+         return(0);
     }
     if((keyReq->keyUsage != xmlSecKeyDataUsageUnknown) && ((keyReq->keyUsage & key->usage) == 0)) {
-	return(0);
+        return(0);
     }
 
     return(xmlSecKeyReqMatchKeyValue(keyReq, xmlSecKeyGetValue(key)));
@@ -446,64 +446,64 @@ xmlSecKeyReqMatchKey(xmlSecKeyReqPtr keyReq, xmlSecKeyPtr key) {
 
 /**
  * xmlSecKeyReqMatchKeyValue:
- * @keyReq:		the pointer to key requirements.
- * @value:		the pointer to key value.
+ * @keyReq:             the pointer to key requirements.
+ * @value:              the pointer to key value.
  *
  * Checks whether @keyValue matches key requirements @keyReq.
  *
  * Returns: 1 if key value matches requirements, 0 if not and a negative value
  * if an error occurs.
  */
-int 
+int
 xmlSecKeyReqMatchKeyValue(xmlSecKeyReqPtr keyReq, xmlSecKeyDataPtr value) {
     xmlSecAssert2(keyReq != NULL, -1);
     xmlSecAssert2(value != NULL, -1);
-    
-    if((keyReq->keyId != xmlSecKeyDataIdUnknown) && 
+
+    if((keyReq->keyId != xmlSecKeyDataIdUnknown) &&
        (!xmlSecKeyDataCheckId(value, keyReq->keyId))) {
 
-	return(0);
+        return(0);
     }
-    if((keyReq->keyBitsSize > 0) && 
-       (xmlSecKeyDataGetSize(value) > 0) && 
+    if((keyReq->keyBitsSize > 0) &&
+       (xmlSecKeyDataGetSize(value) > 0) &&
        (xmlSecKeyDataGetSize(value) < keyReq->keyBitsSize)) {
-	
-	return(0);
+
+        return(0);
     }
     return(1);
 }
 
-/** 
+/**
  * xmlSecKeyReqDebugDump:
- * @keyReq:		the pointer to key requirements object.
- * @output: 		the pointer to output FILE.
+ * @keyReq:             the pointer to key requirements object.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @keyReq into @output.
- */ 
-void 
+ */
+void
 xmlSecKeyReqDebugDump(xmlSecKeyReqPtr keyReq, FILE* output) {
     xmlSecAssert(keyReq != NULL);
     xmlSecAssert(output != NULL);
 
     fprintf(output, "=== KeyReq:\n");
-    fprintf(output, "==== keyId: %s\n", 
-	    (xmlSecKeyDataKlassGetName(keyReq->keyId)) ? 
-		xmlSecKeyDataKlassGetName(keyReq->keyId) : 
-		BAD_CAST "NULL");
+    fprintf(output, "==== keyId: %s\n",
+            (xmlSecKeyDataKlassGetName(keyReq->keyId)) ?
+                xmlSecKeyDataKlassGetName(keyReq->keyId) :
+                BAD_CAST "NULL");
     fprintf(output, "==== keyType: 0x%08x\n", keyReq->keyType);
     fprintf(output, "==== keyUsage: 0x%08x\n", keyReq->keyUsage);
     fprintf(output, "==== keyBitsSize: %d\n", keyReq->keyBitsSize);
     xmlSecPtrListDebugDump(&(keyReq->keyUseWithList), output);
 }
 
-/** 
+/**
  * xmlSecKeyReqDebugXmlDump:
- * @keyReq:		the pointer to key requirements object.
- * @output: 		the pointer to output FILE.
+ * @keyReq:             the pointer to key requirements object.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @keyReq into @output in XML format.
- */ 
-void 
+ */
+void
 xmlSecKeyReqDebugXmlDump(xmlSecKeyReqPtr keyReq, FILE* output) {
     xmlSecAssert(keyReq != NULL);
     xmlSecAssert(output != NULL);
@@ -530,124 +530,124 @@ xmlSecKeyReqDebugXmlDump(xmlSecKeyReqPtr keyReq, FILE* output) {
 /**
  * xmlSecKeyCreate:
  *
- * Allocates and initializes new key. Caller is responsible for 
+ * Allocates and initializes new key. Caller is responsible for
  * freeing returned object with #xmlSecKeyDestroy function.
  *
  * Returns: the pointer to newly allocated @xmlSecKey structure
  * or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecKeyCreate(void)  {
     xmlSecKeyPtr key;
-    
+
     /* Allocate a new xmlSecKey and fill the fields. */
     key = (xmlSecKeyPtr)xmlMalloc(sizeof(xmlSecKey));
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecKey)=%d", 
-		    sizeof(xmlSecKey));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecKey)=%d",
+                    sizeof(xmlSecKey));
+        return(NULL);
     }
-    memset(key, 0, sizeof(xmlSecKey));    
-    key->usage = xmlSecKeyUsageAny;	
+    memset(key, 0, sizeof(xmlSecKey));
+    key->usage = xmlSecKeyUsageAny;
     return(key);
 }
 
 /**
  * xmlSecKeyEmpty:
- * @key:		the pointer to key.
+ * @key:                the pointer to key.
  *
  * Clears the @key data.
  */
 void
 xmlSecKeyEmpty(xmlSecKeyPtr key) {
-    xmlSecAssert(key != NULL);    
-    
+    xmlSecAssert(key != NULL);
+
     if(key->value != NULL) {
-	xmlSecKeyDataDestroy(key->value);
+        xmlSecKeyDataDestroy(key->value);
     }
     if(key->name != NULL) {
-	xmlFree(key->name);
+        xmlFree(key->name);
     }
     if(key->dataList != NULL) {
-	xmlSecPtrListDestroy(key->dataList);
+        xmlSecPtrListDestroy(key->dataList);
     }
-    
+
     memset(key, 0, sizeof(xmlSecKey));
 }
 
 /**
  * xmlSecKeyDestroy:
- * @key: 		the pointer to key.
+ * @key:                the pointer to key.
  *
- * Destroys the key created using #xmlSecKeyCreate function. 
+ * Destroys the key created using #xmlSecKeyCreate function.
  */
 void
 xmlSecKeyDestroy(xmlSecKeyPtr key) {
-    xmlSecAssert(key != NULL);    
+    xmlSecAssert(key != NULL);
 
     xmlSecKeyEmpty(key);
     xmlFree(key);
 }
 
-/** 
+/**
  * xmlSecKeyCopy:
- * @keyDst:		the destination key.
- * @keySrc:		the source key.
+ * @keyDst:             the destination key.
+ * @keySrc:             the source key.
  *
  * Copies key data from @keySrc to @keyDst.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyCopy(xmlSecKeyPtr keyDst, xmlSecKeyPtr keySrc) {
-    xmlSecAssert2(keyDst != NULL, -1);    
-    xmlSecAssert2(keySrc != NULL, -1);    
-    
+    xmlSecAssert2(keyDst != NULL, -1);
+    xmlSecAssert2(keySrc != NULL, -1);
+
     /* empty destination */
     xmlSecKeyEmpty(keyDst);
 
-    /* copy everything */    
+    /* copy everything */
     if(keySrc->name != NULL) {
-	keyDst->name = xmlStrdup(keySrc->name);
-	if(keyDst->name == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-		        XMLSEC_ERRORS_R_STRDUP_FAILED,
-			"len=%d", xmlStrlen(keySrc->name));
-	    return(-1);	
+        keyDst->name = xmlStrdup(keySrc->name);
+        if(keyDst->name == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_STRDUP_FAILED,
+                        "len=%d", xmlStrlen(keySrc->name));
+            return(-1);
         }
     }
 
     if(keySrc->value != NULL) {
-	keyDst->value = xmlSecKeyDataDuplicate(keySrc->value);
-	if(keyDst->value == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataDuplicate",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	
+        keyDst->value = xmlSecKeyDataDuplicate(keySrc->value);
+        if(keyDst->value == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataDuplicate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
     }
-    
+
     if(keySrc->dataList != NULL) {
-	keyDst->dataList = xmlSecPtrListDuplicate(keySrc->dataList);
-	if(keyDst->dataList == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListDuplicate",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+        keyDst->dataList = xmlSecPtrListDuplicate(keySrc->dataList);
+        if(keyDst->dataList == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListDuplicate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
     }
-    
-    keyDst->usage 	   = keySrc->usage;
+
+    keyDst->usage          = keySrc->usage;
     keyDst->notValidBefore = keySrc->notValidBefore;
     keyDst->notValidAfter  = keySrc->notValidAfter;
     return(0);
@@ -655,50 +655,50 @@ xmlSecKeyCopy(xmlSecKeyPtr keyDst, xmlSecKeyPtr keySrc) {
 
 /**
  * xmlSecKeyDuplicate:
- * @key: 		the pointer to the #xmlSecKey structure.
+ * @key:                the pointer to the #xmlSecKey structure.
  *
  * Creates a duplicate of the given @key.
  *
  * Returns: the pointer to newly allocated #xmlSecKey structure
  * or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecKeyDuplicate(xmlSecKeyPtr key) {
     xmlSecKeyPtr newKey;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, NULL);
-    
+
     newKey = xmlSecKeyCreate();
     if(newKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     ret = xmlSecKeyCopy(newKey, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(newKey);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(newKey);
+        return(NULL);
     }
-    
+
     return(newKey);
 }
 
 /**
  * xmlSecKeyMatch:
- * @key: 		the pointer to key.
- * @name: 		the pointer to key name (may be NULL).
- * @keyReq:		the pointer to key requirements.
- * 
+ * @key:                the pointer to key.
+ * @name:               the pointer to key name (may be NULL).
+ * @keyReq:             the pointer to key requirements.
+ *
  * Checks whether the @key matches the given criteria.
  *
  * Returns: 1 if the key satisfies the given criteria or 0 otherwise.
@@ -707,256 +707,256 @@ int
 xmlSecKeyMatch(xmlSecKeyPtr key, const xmlChar *name, xmlSecKeyReqPtr keyReq) {
     xmlSecAssert2(xmlSecKeyIsValid(key), -1);
     xmlSecAssert2(keyReq != NULL, -1);
-    
+
     if((name != NULL) && (!xmlStrEqual(xmlSecKeyGetName(key), name))) {
-	return(0);
+        return(0);
     }
     return(xmlSecKeyReqMatchKey(keyReq, key));
 }
 
-/** 
+/**
  * xmlSecKeyGetType:
- * @key:		the pointer to key.
+ * @key:                the pointer to key.
  *
  * Gets @key type.
  *
  * Returns: key type.
  */
-xmlSecKeyDataType 
+xmlSecKeyDataType
 xmlSecKeyGetType(xmlSecKeyPtr key) {
     xmlSecKeyDataPtr data;
-    
+
     xmlSecAssert2(key != NULL, xmlSecKeyDataTypeUnknown);
 
     data = xmlSecKeyGetValue(key);
     if(data == NULL) {
-	return(xmlSecKeyDataTypeUnknown);
+        return(xmlSecKeyDataTypeUnknown);
     }
     return(xmlSecKeyDataGetType(data));
 }
 
-/** 
+/**
  * xmlSecKeyGetName:
- * @key:		the pointer to key.
+ * @key:                the pointer to key.
  *
  * Gets key name (see also #xmlSecKeySetName function).
  *
  * Returns: key name.
  */
-const xmlChar*	
+const xmlChar*
 xmlSecKeyGetName(xmlSecKeyPtr key) {
     xmlSecAssert2(key != NULL, NULL);
 
     return(key->name);
 }
 
-/** 
+/**
  * xmlSecKeySetName:
- * @key:		the pointer to key.
- * @name:		the new key name.
+ * @key:                the pointer to key.
+ * @name:               the new key name.
  *
  * Sets key name (see also #xmlSecKeyGetName function).
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeySetName(xmlSecKeyPtr key, const xmlChar* name) {
     xmlSecAssert2(key != NULL, -1);
 
     if(key->name != NULL) {
-	xmlFree(key->name);
-	key->name = NULL;
+        xmlFree(key->name);
+        key->name = NULL;
     }
-    
+
     if(name != NULL) {
-	key->name = xmlStrdup(name);
-	if(key->name == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-		        XMLSEC_ERRORS_R_STRDUP_FAILED,
-			"len=%d", xmlStrlen(name));
-	    return(-1);	    
-	}	
+        key->name = xmlStrdup(name);
+        if(key->name == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_STRDUP_FAILED,
+                        "len=%d", xmlStrlen(name));
+            return(-1);
+        }
     }
-    
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyGetValue:
- * @key:		the pointer to key.
+ * @key:                the pointer to key.
  *
  * Gets key value (see also #xmlSecKeySetValue function).
  *
  * Returns: key value (crypto material).
  */
-xmlSecKeyDataPtr 
+xmlSecKeyDataPtr
 xmlSecKeyGetValue(xmlSecKeyPtr key) {
     xmlSecAssert2(key != NULL, NULL);
 
     return(key->value);
 }
 
-/** 
+/**
  * xmlSecKeySetValue:
- * @key:		the pointer to key.
- * @value:		the new value.
+ * @key:                the pointer to key.
+ * @value:              the new value.
  *
  * Sets key value (see also #xmlSecKeyGetValue function).
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeySetValue(xmlSecKeyPtr key, xmlSecKeyDataPtr value) {
     xmlSecAssert2(key != NULL, -1);
 
     if(key->value != NULL) {
-	xmlSecKeyDataDestroy(key->value);
-	key->value = NULL;
+        xmlSecKeyDataDestroy(key->value);
+        key->value = NULL;
     }
     key->value = value;
-    
+
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyGetData:
- * @key:		the pointer to key.
- * @dataId:		the requested data klass.
+ * @key:                the pointer to key.
+ * @dataId:             the requested data klass.
  *
  * Gets key's data.
  *
- * Returns: additional data associated with the @key (see also 
+ * Returns: additional data associated with the @key (see also
  * #xmlSecKeyAdoptData function).
  */
-xmlSecKeyDataPtr 
+xmlSecKeyDataPtr
 xmlSecKeyGetData(xmlSecKeyPtr key, xmlSecKeyDataId dataId) {
-    
+
     xmlSecAssert2(key != NULL, NULL);
     xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, NULL);
 
     /* special cases */
     if(dataId == xmlSecKeyDataValueId) {
-	return(key->value);
+        return(key->value);
     } else if(key->dataList != NULL) {
-	xmlSecKeyDataPtr tmp;
-	xmlSecSize pos, size;
-	
-	size = xmlSecPtrListGetSize(key->dataList);
-	for(pos = 0; pos < size; ++pos) {
-	    tmp = (xmlSecKeyDataPtr)xmlSecPtrListGetItem(key->dataList, pos);
-	    if((tmp != NULL) && (tmp->id == dataId)) {	
-		return(tmp);
-	    }
-	}
+        xmlSecKeyDataPtr tmp;
+        xmlSecSize pos, size;
+
+        size = xmlSecPtrListGetSize(key->dataList);
+        for(pos = 0; pos < size; ++pos) {
+            tmp = (xmlSecKeyDataPtr)xmlSecPtrListGetItem(key->dataList, pos);
+            if((tmp != NULL) && (tmp->id == dataId)) {
+                return(tmp);
+            }
+        }
     }
     return(NULL);
 }
 
 /**
  * xmlSecKeyEnsureData:
- * @key:		the pointer to key.
- * @dataId:		the requested data klass.
- * 
+ * @key:                the pointer to key.
+ * @dataId:             the requested data klass.
+ *
  * If necessary, creates key data of @dataId klass and adds to @key.
  *
  * Returns: pointer to key data or NULL if an error occurs.
  */
-xmlSecKeyDataPtr 
+xmlSecKeyDataPtr
 xmlSecKeyEnsureData(xmlSecKeyPtr key, xmlSecKeyDataId dataId) {
     xmlSecKeyDataPtr data;
     int ret;
-        
+
     xmlSecAssert2(key != NULL, NULL);
     xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, NULL);
 
     data = xmlSecKeyGetData(key, dataId);
     if(data != NULL) {
-	return(data);
+        return(data);
     }
-    
+
     data = xmlSecKeyDataCreate(dataId);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataId=%s", 
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataId=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)));
+        return(NULL);
     }
-	
+
     ret = xmlSecKeyAdoptData(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyAdoptData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataId=%s", 
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)));
-	xmlSecKeyDataDestroy(data);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyAdoptData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataId=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)));
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
-    
+
     return(data);
 }
 
 /**
  * xmlSecKeyAdoptData:
- * @key:		the pointer to key.
- * @data:		the pointer to key data.
+ * @key:                the pointer to key.
+ * @data:               the pointer to key data.
  *
  * Adds @data to the @key. The @data object will be destroyed
  * by @key.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecKeyAdoptData(xmlSecKeyPtr key, xmlSecKeyDataPtr data) {
     xmlSecKeyDataPtr tmp;
     xmlSecSize pos, size;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
 
     /* special cases */
     if(data->id == xmlSecKeyDataValueId) {
-	if(key->value != NULL) {
-	    xmlSecKeyDataDestroy(key->value);
-	}
-	key->value = data;
-	return(0);
+        if(key->value != NULL) {
+            xmlSecKeyDataDestroy(key->value);
+        }
+        key->value = data;
+        return(0);
     }
-    
+
     if(key->dataList == NULL) {
-	key->dataList = xmlSecPtrListCreate(xmlSecKeyDataListId);
-	if(key->dataList == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListCreate",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        key->dataList = xmlSecPtrListCreate(xmlSecKeyDataListId);
+        if(key->dataList == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
-	
+
     size = xmlSecPtrListGetSize(key->dataList);
     for(pos = 0; pos < size; ++pos) {
-	tmp = (xmlSecKeyDataPtr)xmlSecPtrListGetItem(key->dataList, pos);
-	if((tmp != NULL) && (tmp->id == data->id)) {	
-	    return(xmlSecPtrListSet(key->dataList, data, pos));
-	}
+        tmp = (xmlSecKeyDataPtr)xmlSecPtrListGetItem(key->dataList, pos);
+        if((tmp != NULL) && (tmp->id == data->id)) {
+            return(xmlSecPtrListSet(key->dataList, data, pos));
+        }
     }
-    
+
     return(xmlSecPtrListAdd(key->dataList, data));
 }
 
-/** 
+/**
  * xmlSecKeyDebugDump:
- * @key:		the pointer to key.
- * @output: 		the pointer to output FILE.
+ * @key:                the pointer to key.
+ * @output:             the pointer to output FILE.
  *
  * Prints the information about the @key to the @output.
  */
@@ -964,43 +964,43 @@ void
 xmlSecKeyDebugDump(xmlSecKeyPtr key, FILE *output) {
     xmlSecAssert(xmlSecKeyIsValid(key));
     xmlSecAssert(output != NULL);
-    
+
     fprintf(output, "== KEY\n");
-    fprintf(output, "=== method: %s\n", 
-	    (key->value->id->dataNodeName != NULL) ? 
-	    (char*)(key->value->id->dataNodeName) : "NULL"); 
+    fprintf(output, "=== method: %s\n",
+            (key->value->id->dataNodeName != NULL) ?
+            (char*)(key->value->id->dataNodeName) : "NULL");
 
     fprintf(output, "=== key type: ");
     if((xmlSecKeyGetType(key) & xmlSecKeyDataTypeSymmetric) != 0) {
-	fprintf(output, "Symmetric\n");
+        fprintf(output, "Symmetric\n");
     } else if((xmlSecKeyGetType(key) & xmlSecKeyDataTypePrivate) != 0) {
-	fprintf(output, "Private\n");
+        fprintf(output, "Private\n");
     } else if((xmlSecKeyGetType(key) & xmlSecKeyDataTypePublic) != 0) {
-	fprintf(output, "Public\n");
+        fprintf(output, "Public\n");
     } else {
-	fprintf(output, "Unknown\n");
-    } 
+        fprintf(output, "Unknown\n");
+    }
 
     if(key->name != NULL) {
-	fprintf(output, "=== key name: %s\n", key->name);
+        fprintf(output, "=== key name: %s\n", key->name);
     }
     fprintf(output, "=== key usage: %d\n", key->usage);
     if(key->notValidBefore < key->notValidAfter) {
         fprintf(output, "=== key not valid before: %ld\n", (unsigned long)key->notValidBefore);
-	fprintf(output, "=== key not valid after: %ld\n", (unsigned long)key->notValidAfter);
+        fprintf(output, "=== key not valid after: %ld\n", (unsigned long)key->notValidAfter);
     }
     if(key->value != NULL) {
-	xmlSecKeyDataDebugDump(key->value, output);
+        xmlSecKeyDataDebugDump(key->value, output);
     }
     if(key->dataList != NULL) {
-	xmlSecPtrListDebugDump(key->dataList, output);
+        xmlSecPtrListDebugDump(key->dataList, output);
     }
 }
 
-/** 
+/**
  * xmlSecKeyDebugXmlDump:
- * @key:		the pointer to key.
- * @output: 		the pointer to output FILE.
+ * @key:                the pointer to key.
+ * @output:             the pointer to output FILE.
  *
  * Prints the information about the @key to the @output in XML format.
  */
@@ -1008,23 +1008,23 @@ void
 xmlSecKeyDebugXmlDump(xmlSecKeyPtr key, FILE *output) {
     xmlSecAssert(xmlSecKeyIsValid(key));
     xmlSecAssert(output != NULL);
-    
+
     fprintf(output, "<KeyInfo>\n");
 
     fprintf(output, "<KeyMethod>");
-    xmlSecPrintXmlString(output, key->value->id->dataNodeName); 
+    xmlSecPrintXmlString(output, key->value->id->dataNodeName);
     fprintf(output, "</KeyMethod>\n");
 
     fprintf(output, "<KeyType>");
     if((xmlSecKeyGetType(key) & xmlSecKeyDataTypeSymmetric) != 0) {
-	fprintf(output, "Symmetric\n");
+        fprintf(output, "Symmetric\n");
     } else if((xmlSecKeyGetType(key) & xmlSecKeyDataTypePrivate) != 0) {
-	fprintf(output, "Private\n");
+        fprintf(output, "Private\n");
     } else if((xmlSecKeyGetType(key) & xmlSecKeyDataTypePublic) != 0) {
-	fprintf(output, "Public\n");
+        fprintf(output, "Public\n");
     } else {
-	fprintf(output, "Unknown\n");
-    } 
+        fprintf(output, "Unknown\n");
+    }
     fprintf(output, "</KeyType>\n");
 
     fprintf(output, "<KeyName>");
@@ -1033,25 +1033,25 @@ xmlSecKeyDebugXmlDump(xmlSecKeyPtr key, FILE *output) {
 
     if(key->notValidBefore < key->notValidAfter) {
         fprintf(output, "<KeyValidity notValidBefore=\"%ld\" notValidAfter=\"%ld\"/>\n",
-		(unsigned long)key->notValidBefore, 
-		(unsigned long)key->notValidAfter);
+                (unsigned long)key->notValidBefore,
+                (unsigned long)key->notValidAfter);
     }
 
     if(key->value != NULL) {
-	xmlSecKeyDataDebugXmlDump(key->value, output);
+        xmlSecKeyDataDebugXmlDump(key->value, output);
     }
     if(key->dataList != NULL) {
-	xmlSecPtrListDebugXmlDump(key->dataList, output);
+        xmlSecPtrListDebugXmlDump(key->dataList, output);
     }
 
-    fprintf(output, "</KeyInfo>\n"); 
+    fprintf(output, "</KeyInfo>\n");
 }
 
-/** 
+/**
  * xmlSecKeyGenerate:
- * @dataId:		the requested key klass (rsa, dsa, aes, ...).
- * @sizeBits:		the new key size (in bits!).
- * @type:		the new key type (session, permanent, ...).
+ * @dataId:             the requested key klass (rsa, dsa, aes, ...).
+ * @sizeBits:           the new key size (in bits!).
+ * @type:               the new key type (session, permanent, ...).
  *
  * Generates new key of requested klass @dataId and @type.
  *
@@ -1064,59 +1064,59 @@ xmlSecKeyGenerate(xmlSecKeyDataId dataId, xmlSecSize sizeBits, xmlSecKeyDataType
     int ret;
 
     xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, NULL);
-    
+
     data = xmlSecKeyDataCreate(dataId);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     ret = xmlSecKeyDataGenerate(data, sizeBits, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyDataGenerate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d;type=%d", sizeBits, type);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyDataGenerate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d;type=%d", sizeBits, type);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
-        
+
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
-    
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	xmlSecKeyDestroy(key);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        xmlSecKeyDestroy(key);
+        return(NULL);
     }
-    
+
     return(key);
 }
 
-/** 
+/**
  * xmlSecKeyGenerateByName:
- * @name:		the requested key klass name (rsa, dsa, aes, ...).
- * @sizeBits:		the new key size (in bits!).
- * @type:		the new key type (session, permanent, ...).
+ * @name:               the requested key klass name (rsa, dsa, aes, ...).
+ * @sizeBits:           the new key size (in bits!).
+ * @type:               the new key type (session, permanent, ...).
  *
  * Generates new key of requested @klass and @type.
  *
@@ -1127,30 +1127,30 @@ xmlSecKeyGenerateByName(const xmlChar* name, xmlSecSize sizeBits, xmlSecKeyDataT
     xmlSecKeyDataId dataId;
 
     xmlSecAssert2(name != NULL, NULL);
-    
+
     dataId = xmlSecKeyDataIdListFindByName(xmlSecKeyDataIdsGet(), name, xmlSecKeyDataUsageAny);
     if(dataId == xmlSecKeyDataIdUnknown) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(name),
-		    XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(name),
+                    XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     return(xmlSecKeyGenerate(dataId, sizeBits, type));
 }
 
 /**
  * xmlSecKeyReadBuffer:
- * @dataId:		the key value data klass.
- * @buffer:		the buffer that contains the binary data.
+ * @dataId:             the key value data klass.
+ * @buffer:             the buffer that contains the binary data.
  *
  * Reads the key value of klass @dataId from a buffer.
  *
  * Returns: pointer to newly created key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecKeyReadBuffer(xmlSecKeyDataId dataId, xmlSecBuffer* buffer) {
     xmlSecKeyInfoCtx keyInfoCtx;
     xmlSecKeyPtr key;
@@ -1162,96 +1162,96 @@ xmlSecKeyReadBuffer(xmlSecKeyDataId dataId, xmlSecBuffer* buffer) {
     /* create key data */
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
-    ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);    
+    ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(NULL);
     }
-    
+
     keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
-    ret = xmlSecKeyDataBinRead(dataId, key, 
-			xmlSecBufferGetData(buffer),
-			xmlSecBufferGetSize(buffer),
-			&keyInfoCtx);	
+    ret = xmlSecKeyDataBinRead(dataId, key,
+                        xmlSecBufferGetData(buffer),
+                        xmlSecBufferGetSize(buffer),
+                        &keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyDataBinRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	xmlSecKeyDestroy(key);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyDataBinRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+        xmlSecKeyDestroy(key);
+        return(NULL);
     }
     xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-    
+
     return(key);
 }
 
 /**
  * xmlSecKeyReadBinaryFile:
- * @dataId:		the key value data klass.
- * @filename:		the key binary filename.
+ * @dataId:             the key value data klass.
+ * @filename:           the key binary filename.
  *
  * Reads the key value of klass @dataId from a binary file @filename.
  *
  * Returns: pointer to newly created key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecKeyReadBinaryFile(xmlSecKeyDataId dataId, const char* filename) {
     xmlSecKeyPtr key;
     xmlSecBuffer buffer;
     int ret;
-    
+
     xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, NULL);
     xmlSecAssert2(filename != NULL, NULL);
 
     /* read file to buffer */
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     ret = xmlSecBufferReadFile(&buffer, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecBufferReadFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
 
     key = xmlSecKeyReadBuffer(dataId, &buffer);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyReadBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyReadBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
 
     xmlSecBufferFinalize(&buffer);
@@ -1260,15 +1260,15 @@ xmlSecKeyReadBinaryFile(xmlSecKeyDataId dataId, const char* filename) {
 
 /**
  * xmlSecKeyReadMemory:
- * @dataId:		the key value data klass.
- * @data:		the memory containing the key
- * @dataSize: 		the size of the memory block
+ * @dataId:             the key value data klass.
+ * @data:               the memory containing the key
+ * @dataSize:           the size of the memory block
  *
  * Reads the key value of klass @dataId from a memory block @data.
  *
  * Returns: pointer to newly created key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecKeyReadMemory(xmlSecKeyDataId dataId, const xmlSecByte* data, xmlSecSize dataSize) {
     xmlSecBuffer buffer;
     xmlSecKeyPtr key;
@@ -1281,33 +1281,33 @@ xmlSecKeyReadMemory(xmlSecKeyDataId dataId, const xmlSecByte* data, xmlSecSize d
     /* read file to buffer */
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     if (xmlSecBufferAppend(&buffer, data, dataSize) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecBufferAppend",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecBufferAppend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
 
     key = xmlSecKeyReadBuffer(dataId, &buffer);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
-		    "xmlSecKeyReadBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(dataId)),
+                    "xmlSecKeyReadBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
 
     xmlSecBufferFinalize(&buffer);
@@ -1316,75 +1316,75 @@ xmlSecKeyReadMemory(xmlSecKeyDataId dataId, const xmlSecByte* data, xmlSecSize d
 
 /**
  * xmlSecKeysMngrGetKey:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> node processing context.	
- * 
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> node processing context.
+ *
  * Reads the <dsig:KeyInfo/> node @keyInfoNode and extracts the key.
  *
- * Returns: the pointer to key or NULL if the key is not found or 
+ * Returns: the pointer to key or NULL if the key is not found or
  * an error occurs.
  */
-xmlSecKeyPtr 		
+xmlSecKeyPtr
 xmlSecKeysMngrGetKey(xmlNodePtr keyInfoNode, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyPtr key;
     int ret;
-    
+
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
 
-    
+
     /* first try to read data from <dsig:KeyInfo/> node */
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     if(keyInfoNode != NULL) {
-	ret = xmlSecKeyInfoNodeRead(keyInfoNode, key, keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyInfoNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(keyInfoNode)));
-	    xmlSecKeyDestroy(key);
-	    return(NULL);
-	}
-
-	if((xmlSecKeyGetValue(key) != NULL) &&
+        ret = xmlSecKeyInfoNodeRead(keyInfoNode, key, keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyInfoNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(keyInfoNode)));
+            xmlSecKeyDestroy(key);
+            return(NULL);
+        }
+
+        if((xmlSecKeyGetValue(key) != NULL) &&
            (xmlSecKeyMatch(key, NULL, &(keyInfoCtx->keyReq)) != 0)) {
             return(key);
         }
-    }	
+    }
     xmlSecKeyDestroy(key);
-    
+
     /* if we have keys manager, try it */
     if(keyInfoCtx->keysMngr != NULL) {
-	key = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL, keyInfoCtx);
-	if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrFindKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}
-	if(xmlSecKeyGetValue(key) != NULL) {
-	    return(key);
-	}
-	xmlSecKeyDestroy(key);
+        key = xmlSecKeysMngrFindKey(keyInfoCtx->keysMngr, NULL, keyInfoCtx);
+        if(key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrFindKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        if(xmlSecKeyGetValue(key) != NULL) {
+            return(key);
+        }
+        xmlSecKeyDestroy(key);
     }
-    
+
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		NULL,
-		XMLSEC_ERRORS_R_KEY_NOT_FOUND,
-		XMLSEC_ERRORS_NO_MESSAGE);    
+                NULL,
+                NULL,
+                XMLSEC_ERRORS_R_KEY_NOT_FOUND,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(NULL);
 }
 
@@ -1395,20 +1395,20 @@ xmlSecKeysMngrGetKey(xmlNodePtr keyInfoNode, xmlSecKeyInfoCtxPtr keyInfoCtx) {
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecKeyPtrListKlass = {
     BAD_CAST "keys-list",
-    (xmlSecPtrDuplicateItemMethod)xmlSecKeyDuplicate, 	/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecKeyDestroy,	/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDuplicateItemMethod)xmlSecKeyDuplicate,   /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecKeyDestroy,       /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDebugDump,   /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
     (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDebugXmlDump,/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
- * xmlSecKeyPtrListGetKlass: 
+ * xmlSecKeyPtrListGetKlass:
  *
  * The keys list klass.
  *
  * Returns: keys list id.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecKeyPtrListGetKlass(void) {
     return(&xmlSecKeyPtrListKlass);
 }
diff --git a/src/keysdata.c b/src/keysdata.c
index 1101f7f8..de854ba6 100644
--- a/src/keysdata.c
+++ b/src/keysdata.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Key data.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 
@@ -13,7 +13,7 @@
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -33,11 +33,11 @@
  *************************************************************************/
 static xmlSecPtrList xmlSecAllKeyDataIds;
 
-/** 
+/**
  * xmlSecKeyDataIdsGet:
  *
  * Gets global registered key data klasses list.
- * 
+ *
  * Returns: the pointer to list of all registered key data klasses.
  */
 xmlSecPtrListPtr
@@ -45,45 +45,45 @@ xmlSecKeyDataIdsGet(void) {
     return(&xmlSecAllKeyDataIds);
 }
 
-/** 
+/**
  * xmlSecKeyDataIdsInit:
  *
- * Initializes the key data klasses. This function is called from the 
+ * Initializes the key data klasses. This function is called from the
  * #xmlSecInit function and the application should not call it directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyDataIdsInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(xmlSecKeyDataIdsGet(), xmlSecKeyDataIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataIdListId");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataIdListId");
         return(-1);
     }
-    
+
     ret = xmlSecKeyDataIdsRegisterDefault();
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsRegisterDefault",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsRegisterDefault",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecKeyDataIdsShutdown:
- * 
- * Shuts down the keys data klasses. This function is called from the 
+ *
+ * Shuts down the keys data klasses. This function is called from the
  * #xmlSecShutdown function and the application should not call it directly.
  */
 void
@@ -91,83 +91,83 @@ xmlSecKeyDataIdsShutdown(void) {
     xmlSecPtrListFinalize(xmlSecKeyDataIdsGet());
 }
 
-/** 
+/**
  * xmlSecKeyDataIdsRegister:
- * @id:			the key data klass.
+ * @id:                 the key data klass.
  *
  * Registers @id in the global list of key data klasses.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyDataIdsRegister(xmlSecKeyDataId id) {
     int ret;
-        
+
     xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1);
-    
+
     ret = xmlSecPtrListAdd(xmlSecKeyDataIdsGet(), (xmlSecPtr)id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataId=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataId=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)));
         return(-1);
     }
-    
-    return(0);    
+
+    return(0);
 }
 
 /**
  * xmlSecKeyDataIdsRegisterDefault:
  *
  * Registers default (implemented by XML Security Library)
- * key data klasses: <dsig:KeyName/> element processing klass, 
+ * key data klasses: <dsig:KeyName/> element processing klass,
  * <dsig:KeyValue/> element processing klass, ...
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecKeyDataIdsRegisterDefault(void) {
     if(xmlSecKeyDataIdsRegister(xmlSecKeyDataNameId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataNameId");
-        return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataNameId");
+        return(-1);
     }
 
     if(xmlSecKeyDataIdsRegister(xmlSecKeyDataValueId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataValueId");
-        return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataValueId");
+        return(-1);
     }
 
     if(xmlSecKeyDataIdsRegister(xmlSecKeyDataRetrievalMethodId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataRetrievalMethodId");
-        return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataRetrievalMethodId");
+        return(-1);
     }
 
 #ifndef XMLSEC_NO_XMLENC
     if(xmlSecKeyDataIdsRegister(xmlSecKeyDataEncryptedKeyId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsRegister",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataEncryptedKeyId");
-        return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataEncryptedKeyId");
+        return(-1);
     }
 #endif /* XMLSEC_NO_XMLENC */
-    
+
     return(0);
 }
 
@@ -178,65 +178,65 @@ xmlSecKeyDataIdsRegisterDefault(void) {
  *************************************************************************/
 /**
  * xmlSecKeyDataCreate:
- * @id: 		the data id.
+ * @id:                 the data id.
  *
  * Allocates and initializes new key data of the specified type @id.
- * Caller is responsible for destroing returend object with 
+ * Caller is responsible for destroying returned object with
  * #xmlSecKeyDataDestroy function.
  *
  * Returns: the pointer to newly allocated key data structure
  * or NULL if an error occurs.
  */
-xmlSecKeyDataPtr	
+xmlSecKeyDataPtr
 xmlSecKeyDataCreate(xmlSecKeyDataId id)  {
     xmlSecKeyDataPtr data;
     int ret;
-        
+
     xmlSecAssert2(id != NULL, NULL);
     xmlSecAssert2(id->klassSize >= sizeof(xmlSecKeyDataKlass), NULL);
     xmlSecAssert2(id->objSize >= sizeof(xmlSecKeyData), NULL);
     xmlSecAssert2(id->name != NULL, NULL);
-        
+
     /* Allocate a new xmlSecKeyData and fill the fields. */
     data = (xmlSecKeyDataPtr)xmlMalloc(id->objSize);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", id->objSize); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", id->objSize);
+        return(NULL);
     }
-    memset(data, 0, id->objSize);    
+    memset(data, 0, id->objSize);
     data->id = id;
 
     if(id->initialize != NULL) {
-	ret = (id->initialize)(data);
+        ret = (id->initialize)(data);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"id->initialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDataDestroy(data);
-	    return(NULL);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "id->initialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDataDestroy(data);
+            return(NULL);
+        }
     }
-    
+
     return(data);
 }
 
 /**
  * xmlSecKeyDataDuplicate:
- * @data: 		the pointer to the key data.
+ * @data:               the pointer to the key data.
  *
- * Creates a duplicate of the given @data. Caller is responsible for 
- * destroing returend object with #xmlSecKeyDataDestroy function.
+ * Creates a duplicate of the given @data. Caller is responsible for
+ * destroying returned object with #xmlSecKeyDataDestroy function.
  *
  * Returns: the pointer to newly allocated key data structure
  * or NULL if an error occurs.
  */
-xmlSecKeyDataPtr	
+xmlSecKeyDataPtr
 xmlSecKeyDataDuplicate(xmlSecKeyDataPtr data) {
     xmlSecKeyDataPtr newData;
     int ret;
@@ -246,41 +246,41 @@ xmlSecKeyDataDuplicate(xmlSecKeyDataPtr data) {
 
     newData = xmlSecKeyDataCreate(data->id);
     if(newData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     ret = (data->id->duplicate)(newData, data);
     if(newData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "id->duplicate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(newData);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "id->duplicate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(newData);
+        return(NULL);
     }
-    
+
     return(newData);
 }
 
 /**
  * xmlSecKeyDataDestroy:
- * @data: 		the pointer to the key data.
+ * @data:               the pointer to the key data.
  *
- * Destroys the data and frees all allocated memory. 
+ * Destroys the data and frees all allocated memory.
  */
 void
 xmlSecKeyDataDestroy(xmlSecKeyDataPtr data) {
-    xmlSecAssert(xmlSecKeyDataIsValid(data));    
+    xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(data->id->objSize > 0);
-    
-    if(data->id->finalize != NULL) { 
-	(data->id->finalize)(data);
+
+    if(data->id->finalize != NULL) {
+        (data->id->finalize)(data);
     }
     memset(data, 0, data->id->objSize);
     xmlFree(data);
@@ -289,11 +289,11 @@ xmlSecKeyDataDestroy(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecKeyDataXmlRead:
- * @id: 		the data klass.
- * @key: 		the destination key.
- * @node: 		the pointer to an XML node.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
- * 
+ * @id:                 the data klass.
+ * @key:                the destination key.
+ * @node:               the pointer to an XML node.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
  * Reads the key data of klass @id from XML @node and adds them to @key.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -310,11 +310,11 @@ xmlSecKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xmlS
 
 /**
  * xmlSecKeyDataXmlWrite:
- * @id: 		the data klass.
- * @key: 		the source key.
- * @node: 		the pointer to an XML node.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
- * 
+ * @id:                 the data klass.
+ * @key:                the source key.
+ * @node:               the pointer to an XML node.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
  * Writes the key data of klass @id from @key to an XML @node.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -329,22 +329,22 @@ xmlSecKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, xmlNodePtr node, xml
     return((id->xmlWrite)(id, key, node, keyInfoCtx));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinRead:
- * @id: 		the data klass.
- * @key: 		the destination key.
- * @buf: 		the input binary buffer.
- * @bufSize: 		the input buffer size.
- * @keyInfoCtx: 	the <dsig:KeyInfo/> node processing context.
+ * @id:                 the data klass.
+ * @key:                the destination key.
+ * @buf:                the input binary buffer.
+ * @bufSize:            the input buffer size.
+ * @keyInfoCtx:         the <dsig:KeyInfo/> node processing context.
  *
  * Reads the key data of klass @id from binary buffer @buf to @key.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
 int
-xmlSecKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-		    const xmlSecByte* buf, xmlSecSize bufSize, 
-		    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                    const xmlSecByte* buf, xmlSecSize bufSize,
+                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(id != NULL, -1);
     xmlSecAssert2(id->binRead != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
@@ -353,22 +353,22 @@ xmlSecKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     return((id->binRead)(id, key, buf, bufSize, keyInfoCtx));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinWrite:
- * @id: 		the data klass.
- * @key: 		the source key.
- * @buf: 		the output binary buffer.
- * @bufSize: 		the output buffer size.
- * @keyInfoCtx: 	the <dsig:KeyInfo/> node processing context.
- *
- * Writes the key data of klass @id from the @key to a binary buffer @buf. 
- * 
+ * @id:                 the data klass.
+ * @key:                the source key.
+ * @buf:                the output binary buffer.
+ * @bufSize:            the output buffer size.
+ * @keyInfoCtx:         the <dsig:KeyInfo/> node processing context.
+ *
+ * Writes the key data of klass @id from the @key to a binary buffer @buf.
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
 int
-xmlSecKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-		    xmlSecByte** buf, xmlSecSize* bufSize, 
-		    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                    xmlSecByte** buf, xmlSecSize* bufSize,
+                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(id != NULL, -1);
     xmlSecAssert2(id->binWrite != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
@@ -377,56 +377,56 @@ xmlSecKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     return((id->binWrite)(id, key, buf, bufSize, keyInfoCtx));
 }
 
-/** 
+/**
  * xmlSecKeyDataGenerate:
- * @data: 		the pointer to key data.
- * @sizeBits: 		the desired key data size (in bits).
- * @type:		the desired key data type.
+ * @data:               the pointer to key data.
+ * @sizeBits:           the desired key data size (in bits).
+ * @type:               the desired key data type.
  *
  * Generates new key data of given size and type.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, 
-		      xmlSecKeyDataType type) {
+xmlSecKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
+                      xmlSecKeyDataType type) {
     int ret;
 
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
     xmlSecAssert2(data->id->generate != NULL, -1);
-    
+
     /* write data */
     ret = data->id->generate(data, sizeBits, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "id->generate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", sizeBits);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "id->generate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", sizeBits);
+        return(-1);
     }
-    return(0);    
+    return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataGetType:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Gets key data type.
  *
  * Returns: key data type.
- */  
-xmlSecKeyDataType	
+ */
+xmlSecKeyDataType
 xmlSecKeyDataGetType(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
     xmlSecAssert2(data->id->getType != NULL, xmlSecKeyDataTypeUnknown);
-    
+
     return(data->id->getType(data));
 }
 
-/** 
+/**
  * xmlSecKeyDataGetSize:
- * @data: 		the pointer to key data.
+ * @data:               the pointer to key data.
  *
  * Gets key data size.
  *
@@ -436,14 +436,14 @@ xmlSecSize
 xmlSecKeyDataGetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
     xmlSecAssert2(data->id->getSize != NULL, 0);
-    
+
     return(data->id->getSize(data));
 }
 
 /**
  * xmlSecKeyDataGetIdentifier:
- * @data: 		the pointer to key data.
- * 
+ * @data:               the pointer to key data.
+ *
  * Gets key data identifier string.
  *
  * Returns: key data id string.
@@ -452,14 +452,14 @@ const xmlChar*
 xmlSecKeyDataGetIdentifier(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataIsValid(data), NULL);
     xmlSecAssert2(data->id->getIdentifier != NULL, NULL);
-    
+
     return(data->id->getIdentifier(data));
 }
 
-/** 
+/**
  * xmlSecKeyDataDebugDump:
- * @data: 		the pointer to key data.
- * @output: 		the pointer to output FILE.
+ * @data:               the pointer to key data.
+ * @output:             the pointer to output FILE.
  *
  * Prints key data debug info.
  */
@@ -468,23 +468,23 @@ xmlSecKeyDataDebugDump(xmlSecKeyDataPtr data, FILE *output) {
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(data->id->debugDump != NULL);
     xmlSecAssert(output != NULL);
-    
+
     data->id->debugDump(data, output);
 }
 
-/** 
+/**
  * xmlSecKeyDataDebugXmlDump:
- * @data: 		the pointer to key data.
- * @output: 		the pointer to output FILE.
+ * @data:               the pointer to key data.
+ * @output:             the pointer to output FILE.
  *
  * Prints key data debug info in XML format.
- */ 
-void 
+ */
+void
 xmlSecKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE *output) {
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(data->id->debugXmlDump != NULL);
     xmlSecAssert(output != NULL);
-    
+
     data->id->debugXmlDump(data, output);
 }
 
@@ -495,53 +495,53 @@ xmlSecKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE *output) {
  * key (xmlSecBuffer) is located after xmlSecKeyData structure
  *
  *************************************************************************/
-/** 
+/**
  * xmlSecKeyDataBinaryValueInitialize:
- * @data: 		the pointer to binary key data.
+ * @data:               the pointer to binary key data.
  *
  * Initializes key data.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
 xmlSecKeyDataBinaryValueInitialize(xmlSecKeyDataPtr data) {
     xmlSecBufferPtr buffer;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), -1);
-        
+
     /* initialize buffer */
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     ret = xmlSecBufferInitialize(buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
-    return(0);    
+
+    return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueDuplicate:
- * @dst: 		the pointer to destination binary key data.
- * @src: 		the pointer to source binary key data.
+ * @dst:                the pointer to destination binary key data.
+ * @src:                the pointer to source binary key data.
  *
  * Copies binary key data from @src to @dst.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
 xmlSecKeyDataBinaryValueDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecBufferPtr buffer;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataIsValid(dst), -1);
     xmlSecAssert2(xmlSecKeyDataCheckSize(dst, xmlSecKeyDataBinarySize), -1);
     xmlSecAssert2(xmlSecKeyDataIsValid(src), -1);
@@ -549,62 +549,62 @@ xmlSecKeyDataBinaryValueDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(src);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     /* copy data */
     ret = xmlSecKeyDataBinaryValueSetBuffer(dst,
-		    xmlSecBufferGetData(buffer),
-		    xmlSecBufferGetSize(buffer));
+                    xmlSecBufferGetData(buffer),
+                    xmlSecBufferGetSize(buffer));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-		    "xmlSecKeyDataBinaryValueSetBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                    "xmlSecKeyDataBinaryValueSetBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueFinalize:
- * @data: 		the pointer to binary key data.
+ * @data:               the pointer to binary key data.
  *
  * Cleans up binary key data.
  */
-void 
+void
 xmlSecKeyDataBinaryValueFinalize(xmlSecKeyDataPtr data) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize));
-    
+
     /* initialize buffer */
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert(buffer != NULL);
-    
-    xmlSecBufferFinalize(buffer);    
+
+    xmlSecBufferFinalize(buffer);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueXmlRead:
- * @id: 		the data klass.
- * @key:		the pointer to destination key.
- * @node: 		the pointer to an XML node.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
+ * @id:                 the data klass.
+ * @key:                the pointer to destination key.
+ * @node:               the pointer to an XML node.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Reads binary key data from @node to the key by base64 decoding the @node content.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
-xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+int
+xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar* str;
     xmlSecSize len;
     xmlSecKeyDataPtr data;
     int ret;
-    
+
     xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -612,148 +612,148 @@ xmlSecKeyDataBinaryValueXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     str = xmlNodeGetContent(node);
     if(str == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* usual trick: decode into the same buffer */
     ret = xmlSecBase64Decode(str, (xmlSecByte*)str, xmlStrlen(str));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(str);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(str);
+        return(-1);
     }
     len = ret;
 
     /* check do we have a key already */
     data = xmlSecKeyGetValue(key);
     if(data != NULL) {
-	xmlSecBufferPtr buffer;
-	
-	if(!xmlSecKeyDataCheckId(data, id)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(str);
-	    return(-1);	
-	}
-	
-	buffer = xmlSecKeyDataBinaryValueGetBuffer(data);	
-	if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != len)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			"cur-data-size=%d;new-data-size=%d",
-			xmlSecBufferGetSize(buffer), len);
-	    xmlFree(str);
-	    return(-1);		
-	}
-	if((buffer != NULL) && (len > 0) && (memcmp(xmlSecBufferGetData(buffer), str, len) != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			"key already has a different value");
-	    xmlFree(str);
-	    return(-1);		
-	}
-	if(buffer != NULL) {
-	    /* we already have exactly the same key */
-    	    xmlFree(str);
-	    return(0);
-	}
-	
-	/* we have binary key value with empty buffer */
+        xmlSecBufferPtr buffer;
+
+        if(!xmlSecKeyDataCheckId(data, id)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(str);
+            return(-1);
+        }
+
+        buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+        if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != len)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        "cur-data-size=%d;new-data-size=%d",
+                        xmlSecBufferGetSize(buffer), len);
+            xmlFree(str);
+            return(-1);
+        }
+        if((buffer != NULL) && (len > 0) && (memcmp(xmlSecBufferGetData(buffer), str, len) != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        "key already has a different value");
+            xmlFree(str);
+            return(-1);
+        }
+        if(buffer != NULL) {
+            /* we already have exactly the same key */
+            xmlFree(str);
+            return(0);
+        }
+
+        /* we have binary key value with empty buffer */
     }
 
-    
+
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(str);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(str);
+        return(-1);
     }
-        
+
     ret = xmlSecKeyDataBinaryValueSetBuffer(data, (xmlSecByte*)str, len);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataBinaryValueSetBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", len);
-	xmlSecKeyDataDestroy(data);
-	xmlFree(str);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataBinaryValueSetBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", len);
+        xmlSecKeyDataDestroy(data);
+        xmlFree(str);
+        return(-1);
     }
     xmlFree(str);
 
     if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyReqMatchKeyValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyReqMatchKeyValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(0);
     }
-    
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueXmlWrite:
- * @id: 		the data klass.
- * @key:		the pointer to source key.
- * @node: 		the pointer to an XML node.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
- *
- * Base64 encodes binary key data of klass @id from the @key and 
- * sets to the @node content. 
- * 
+ * @id:                 the data klass.
+ * @key:                the pointer to source key.
+ * @node:               the pointer to an XML node.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
+ *
+ * Base64 encodes binary key data of klass @id from the @key and
+ * sets to the @node content.
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
-xmlSecKeyDataBinaryValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-			    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+int
+xmlSecKeyDataBinaryValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                            xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecBufferPtr buffer;
     xmlSecKeyDataPtr value;
     xmlChar* str;
-    
+
     xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if((xmlSecKeyDataTypeSymmetric & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only symmetric key */
-	return(0);
-    }    
+        /* we can have only symmetric key */
+        return(0);
+    }
 
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(xmlSecKeyDataIsValid(value), -1);
@@ -762,40 +762,40 @@ xmlSecKeyDataBinaryValueXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(buffer != NULL, -1);
 
     str = xmlSecBase64Encode(xmlSecBufferGetData(buffer),
-			     xmlSecBufferGetSize(buffer),
-			     keyInfoCtx->base64LineSize);
+                             xmlSecBufferGetSize(buffer),
+                             keyInfoCtx->base64LineSize);
     if(str == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     xmlNodeSetContent(node, str);
     xmlFree(str);
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueBinRead:
- * @id: 		the data klass.
- * @key:		the pointer to destination key.
- * @buf:		the source binary buffer.
- * @bufSize:		the source binary buffer size.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
+ * @id:                 the data klass.
+ * @key:                the pointer to destination key.
+ * @buf:                the source binary buffer.
+ * @bufSize:            the source binary buffer size.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Reads binary key data of the klass @id from @buf to the @key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
-xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-				const xmlSecByte* buf, xmlSecSize bufSize, 
-				xmlSecKeyInfoCtxPtr keyInfoCtx) {
+int
+xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                const xmlSecByte* buf, xmlSecSize bufSize,
+                                xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     int ret;
-    
+
     xmlSecAssert2(id != xmlSecKeyDataIdUnknown, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
@@ -805,104 +805,104 @@ xmlSecKeyDataBinaryValueBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     /* check do we have a key already */
     data = xmlSecKeyGetValue(key);
     if(data != NULL) {
-	xmlSecBufferPtr buffer;
-	
-	if(!xmlSecKeyDataCheckId(data, id)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-    			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	
-	}
-	
-	buffer = xmlSecKeyDataBinaryValueGetBuffer(data);	
-	if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != bufSize)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			"cur-data-size=%d;new-data-size=%d",
-			xmlSecBufferGetSize(buffer), bufSize);
-	    return(-1);		
-	}
-	if((buffer != NULL) && (bufSize > 0) && (memcmp(xmlSecBufferGetData(buffer), buf, bufSize) != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
-			"key already has a different value");
-	    return(-1);		
-	}
-	if(buffer != NULL) {
-	    /* we already have exactly the same key */
-	    return(0);
-	}
-	
-	/* we have binary key value with empty buffer */
+        xmlSecBufferPtr buffer;
+
+        if(!xmlSecKeyDataCheckId(data, id)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+        if((buffer != NULL) && ((xmlSecSize)xmlSecBufferGetSize(buffer) != bufSize)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        "cur-data-size=%d;new-data-size=%d",
+                        xmlSecBufferGetSize(buffer), bufSize);
+            return(-1);
+        }
+        if((buffer != NULL) && (bufSize > 0) && (memcmp(xmlSecBufferGetData(buffer), buf, bufSize) != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST,
+                        "key already has a different value");
+            return(-1);
+        }
+        if(buffer != NULL) {
+            /* we already have exactly the same key */
+            return(0);
+        }
+
+        /* we have binary key value with empty buffer */
     }
-    
+
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     ret = xmlSecKeyDataBinaryValueSetBuffer(data, buf, bufSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataBinaryValueSetBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", bufSize);
-	xmlSecKeyDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataBinaryValueSetBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", bufSize);
+        xmlSecKeyDataDestroy(data);
+        return(-1);
     }
 
     if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), data) != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyReqMatchKeyValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyReqMatchKeyValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(0);
     }
-    
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueBinWrite:
- * @id: 		the data klass.
- * @key:		the pointer to source key.
- * @buf:		the destination binary buffer.
- * @bufSize:		the destination binary buffer size.
- * @keyInfoCtx: 	the pointer to <dsig:KeyInfo/> element processing context.
+ * @id:                 the data klass.
+ * @key:                the pointer to source key.
+ * @buf:                the destination binary buffer.
+ * @bufSize:            the destination binary buffer size.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Writes binary key data of klass @id from the @key to @buf.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
-xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, 
-				xmlSecByte** buf, xmlSecSize* bufSize, 
-				xmlSecKeyInfoCtxPtr keyInfoCtx) {
+int
+xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                xmlSecByte** buf, xmlSecSize* bufSize,
+                                xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr value;
     xmlSecBufferPtr buffer;
 
@@ -913,9 +913,9 @@ xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if((xmlSecKeyDataTypeSymmetric & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only symmetric key */
-	return(0);
-    }    
+        /* we can have only symmetric key */
+        return(0);
+    }
 
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(xmlSecKeyDataIsValid(value), -1);
@@ -926,28 +926,28 @@ xmlSecKeyDataBinaryValueBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     (*bufSize) = xmlSecBufferGetSize(buffer);
     (*buf) = (xmlSecByte*) xmlMalloc((*bufSize));
     if((*buf) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    memcpy((*buf), xmlSecBufferGetData(buffer), (*bufSize));    
+    memcpy((*buf), xmlSecBufferGetData(buffer), (*bufSize));
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueDebugDump:
- * @data: 		the pointer to binary key data.
- * @output:		the pointer to output FILE.
- * 
+ * @data:               the pointer to binary key data.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary key data debug information to @output.
  */
-void 
+void
 xmlSecKeyDataBinaryValueDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize));
     xmlSecAssert(data->id->dataNodeName != NULL);
@@ -956,19 +956,19 @@ xmlSecKeyDataBinaryValueDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert(buffer != NULL);
 
-    /* print only size, everything else is sensitive */    
-    fprintf(output, "=== %s: size=%d\n", data->id->dataNodeName, 
-					 xmlSecKeyDataGetSize(data));
+    /* print only size, everything else is sensitive */
+    fprintf(output, "=== %s: size=%d\n", data->id->dataNodeName,
+                                         xmlSecKeyDataGetSize(data));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueDebugXmlDump:
- * @data: 		the pointer to binary key data.
- * @output:		the pointer to output FILE.
- * 
+ * @data:               the pointer to binary key data.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary key data debug information to @output in XML format.
  */
-void 
+void
 xmlSecKeyDataBinaryValueDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecBufferPtr buffer;
 
@@ -979,15 +979,15 @@ xmlSecKeyDataBinaryValueDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert(buffer != NULL);
-    
-    /* print only size, everything else is sensitive */    
-    fprintf(output, "<%s size=\"%d\" />\n", data->id->dataNodeName, 
-					    xmlSecKeyDataGetSize(data));
+
+    /* print only size, everything else is sensitive */
+    fprintf(output, "<%s size=\"%d\" />\n", data->id->dataNodeName,
+                                            xmlSecKeyDataGetSize(data));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueGetSize:
- * @data: 		the pointer to binary key data.
+ * @data:               the pointer to binary key data.
  *
  * Gets the binary key data size.
  *
@@ -1003,19 +1003,19 @@ xmlSecKeyDataBinaryValueGetSize(xmlSecKeyDataPtr data) {
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, 0);
 
-    /* return size in bits */    
-    return(8 * xmlSecBufferGetSize(buffer));    
+    /* return size in bits */
+    return(8 * xmlSecBufferGetSize(buffer));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueGetBuffer:
- * @data: 		the pointer to binary key data.
+ * @data:               the pointer to binary key data.
  *
  * Gets the binary key data buffer.
  *
  * Returns: pointer to binary key data buffer.
  */
-xmlSecBufferPtr 
+xmlSecBufferPtr
 xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataIsValid(data), NULL);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecKeyDataBinarySize), NULL);
@@ -1024,19 +1024,19 @@ xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyDataPtr data) {
     return((xmlSecBufferPtr)(((xmlSecByte*)data) + sizeof(xmlSecKeyData)));
 }
 
-/** 
+/**
  * xmlSecKeyDataBinaryValueSetBuffer:
- * @data: 		the pointer to binary key data.
- * @buf: 		the pointer to binary buffer.
- * @bufSize:		the binary buffer size.
+ * @data:               the pointer to binary key data.
+ * @buf:                the pointer to binary buffer.
+ * @bufSize:            the binary buffer size.
  *
  * Sets the value of @data to @buf.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecKeyDataBinaryValueSetBuffer(xmlSecKeyDataPtr data, 
-			const xmlSecByte* buf, xmlSecSize bufSize) {
+xmlSecKeyDataBinaryValueSetBuffer(xmlSecKeyDataPtr data,
+                        const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
 
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
@@ -1057,20 +1057,20 @@ xmlSecKeyDataBinaryValueSetBuffer(xmlSecKeyDataPtr data,
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecKeyDataListKlass = {
     BAD_CAST "key-data-list",
-    (xmlSecPtrDuplicateItemMethod)xmlSecKeyDataDuplicate, 	/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecKeyDataDestroy,		/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    (xmlSecPtrDuplicateItemMethod)xmlSecKeyDataDuplicate,       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecKeyDataDestroy,           /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugDump,       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecKeyDataDebugXmlDump,    /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecKeyDataListGetKlass:
- * 
+ *
  * The key data list klass.
  *
  * Returns: pointer to the key data list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecKeyDataListGetKlass(void) {
     return(&xmlSecKeyDataListKlass);
 }
@@ -1083,190 +1083,190 @@ xmlSecKeyDataListGetKlass(void) {
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecKeyDataIdListKlass = {
     BAD_CAST "key-data-ids-list",
-    NULL, 							/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    NULL,							/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    NULL,                                                       /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecKeyDataIdListGetKlass:
- * 
+ *
  * The key data id list klass.
  *
  * Returns: pointer to the key data id list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecKeyDataIdListGetKlass(void) {
     return(&xmlSecKeyDataIdListKlass);
 }
 
 /**
  * xmlSecKeyDataIdListFind:
- * @list:		the pointer to key data ids list.
- * @dataId:		the key data klass.
+ * @list:               the pointer to key data ids list.
+ * @dataId:             the key data klass.
  *
  * Lookups @dataId in @list.
  *
  * Returns: 1 if @dataId is found in the @list, 0 if not and a negative
  * value if an error occurs.
  */
-int 
+int
 xmlSecKeyDataIdListFind(xmlSecPtrListPtr list, xmlSecKeyDataId dataId) {
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), 0);
     xmlSecAssert2(dataId != NULL, 0);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	if((xmlSecKeyDataId)xmlSecPtrListGetItem(list, i) == dataId) {
-	    return(1);
-	}
+        if((xmlSecKeyDataId)xmlSecPtrListGetItem(list, i) == dataId) {
+            return(1);
+        }
     }
     return(0);
 }
 
-/** 
+/**
  * xmlSecKeyDataIdListFindByNode:
- * @list:		the pointer to key data ids list.
- * @nodeName:		the desired key data klass XML node name.
- * @nodeNs:		the desired key data klass XML node namespace.
- * @usage:		the desired key data usage.
+ * @list:               the pointer to key data ids list.
+ * @nodeName:           the desired key data klass XML node name.
+ * @nodeNs:             the desired key data klass XML node namespace.
+ * @usage:              the desired key data usage.
  *
- * Lookups data klass in the list with given @nodeName, @nodeNs and 
+ * Lookups data klass in the list with given @nodeName, @nodeNs and
  * @usage in the @list.
  *
  * Returns: key data klass is found and NULL otherwise.
- */ 
-xmlSecKeyDataId	
+ */
+xmlSecKeyDataId
 xmlSecKeyDataIdListFindByNode(xmlSecPtrListPtr list, const xmlChar* nodeName,
-			    const xmlChar* nodeNs, xmlSecKeyDataUsage usage) {
+                            const xmlChar* nodeNs, xmlSecKeyDataUsage usage) {
     xmlSecKeyDataId dataId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
     xmlSecAssert2(nodeName != NULL, xmlSecKeyDataIdUnknown);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
-
-	if(((usage & dataId->usage) != 0) &&
-	   xmlStrEqual(nodeName, dataId->dataNodeName) &&
-	   xmlStrEqual(nodeNs, dataId->dataNodeNs)) {
-	    
-	   return(dataId);	   
-	}
+        dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+        if(((usage & dataId->usage) != 0) &&
+           xmlStrEqual(nodeName, dataId->dataNodeName) &&
+           xmlStrEqual(nodeNs, dataId->dataNodeNs)) {
+
+           return(dataId);
+        }
     }
     return(xmlSecKeyDataIdUnknown);
 }
 
-/** 
+/**
  * xmlSecKeyDataIdListFindByHref:
- * @list:		the pointer to key data ids list.
- * @href:		the desired key data klass href.
- * @usage:		the desired key data usage.
+ * @list:               the pointer to key data ids list.
+ * @href:               the desired key data klass href.
+ * @usage:              the desired key data usage.
  *
  * Lookups data klass in the list with given @href and @usage in @list.
  *
  * Returns: key data klass is found and NULL otherwise.
- */ 
-xmlSecKeyDataId	
+ */
+xmlSecKeyDataId
 xmlSecKeyDataIdListFindByHref(xmlSecPtrListPtr list, const xmlChar* href,
-			    xmlSecKeyDataUsage usage) {
+                            xmlSecKeyDataUsage usage) {
     xmlSecKeyDataId dataId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
     xmlSecAssert2(href != NULL, xmlSecKeyDataIdUnknown);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
-
-	if(((usage & dataId->usage) != 0) && (dataId->href != NULL) &&
-	   xmlStrEqual(href, dataId->href)) {
-	   
-	   return(dataId);	   
-	}
+        dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+        if(((usage & dataId->usage) != 0) && (dataId->href != NULL) &&
+           xmlStrEqual(href, dataId->href)) {
+
+           return(dataId);
+        }
     }
     return(xmlSecKeyDataIdUnknown);
 }
 
-/** 
+/**
  * xmlSecKeyDataIdListFindByName:
- * @list:		the pointer to key data ids list.
- * @name:		the desired key data klass name.
- * @usage:		the desired key data usage.
+ * @list:               the pointer to key data ids list.
+ * @name:               the desired key data klass name.
+ * @usage:              the desired key data usage.
  *
  * Lookups data klass in the list with given @name and @usage in @list.
  *
  * Returns: key data klass is found and NULL otherwise.
- */ 
-xmlSecKeyDataId	
-xmlSecKeyDataIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name, 
-			    xmlSecKeyDataUsage usage) {
+ */
+xmlSecKeyDataId
+xmlSecKeyDataIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name,
+                            xmlSecKeyDataUsage usage) {
     xmlSecKeyDataId dataId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId), xmlSecKeyDataIdUnknown);
     xmlSecAssert2(name != NULL, xmlSecKeyDataIdUnknown);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
-
-	if(((usage & dataId->usage) != 0) && (dataId->name != NULL) && 
-	   xmlStrEqual(name, BAD_CAST dataId->name)) {
-	   
-	   return(dataId);	   
-	}
+        dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, xmlSecKeyDataIdUnknown);
+
+        if(((usage & dataId->usage) != 0) && (dataId->name != NULL) &&
+           xmlStrEqual(name, BAD_CAST dataId->name)) {
+
+           return(dataId);
+        }
     }
     return(xmlSecKeyDataIdUnknown);
 }
 
-/** 
+/**
  * xmlSecKeyDataIdListDebugDump:
- * @list:		the pointer to key data ids list.
- * @output:		the pointer to output FILE.
- * 
+ * @list:               the pointer to key data ids list.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary key data debug information to @output.
  */
-void 
+void
 xmlSecKeyDataIdListDebugDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecKeyDataId dataId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert(xmlSecPtrListCheckId(list, xmlSecKeyDataIdListId));
     xmlSecAssert(output != NULL);
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert(dataId != NULL);
-	xmlSecAssert(dataId->name != NULL);
-	    
-	if(i > 0) {
-	    fprintf(output, ",\"%s\"", dataId->name);
-	} else {
-	    fprintf(output, "\"%s\"", dataId->name);
-	}	    
+        dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert(dataId != NULL);
+        xmlSecAssert(dataId->name != NULL);
+
+        if(i > 0) {
+            fprintf(output, ",\"%s\"", dataId->name);
+        } else {
+            fprintf(output, "\"%s\"", dataId->name);
+        }
     }
     fprintf(output, "\n");
 }
 
-/** 
+/**
  * xmlSecKeyDataIdListDebugXmlDump:
- * @list:		the pointer to key data ids list.
- * @output:		the pointer to output FILE.
- * 
+ * @list:               the pointer to key data ids list.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary key data debug information to @output in XML format.
  */
-void 
+void
 xmlSecKeyDataIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecKeyDataId dataId;
     xmlSecSize i, size;
@@ -1277,11 +1277,11 @@ xmlSecKeyDataIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
     fprintf(output, "<KeyDataIdsList>\n");
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert(dataId != NULL);
-	xmlSecAssert(dataId->name != NULL);
-	    
-	fprintf(output, "<DataId name=\"");
+        dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert(dataId != NULL);
+        xmlSecAssert(dataId->name != NULL);
+
+        fprintf(output, "<DataId name=\"");
         xmlSecPrintXmlString(output, dataId->name);
         fprintf(output, "\"/>");
     }
@@ -1295,64 +1295,64 @@ xmlSecKeyDataIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
  *************************************************************************/
 /**
  * xmlSecKeyDataStoreCreate:
- * @id: 		the store id.
+ * @id:                 the store id.
  *
  * Creates new key data store of the specified klass @id. Caller is responsible
- * for freeng returned object with #xmlSecKeyDataStoreDestroy function.
+ * for freeing returned object with #xmlSecKeyDataStoreDestroy function.
  *
  * Returns: the pointer to newly allocated key data store structure
  * or NULL if an error occurs.
  */
-xmlSecKeyDataStorePtr	
+xmlSecKeyDataStorePtr
 xmlSecKeyDataStoreCreate(xmlSecKeyDataStoreId id)  {
     xmlSecKeyDataStorePtr store;
     int ret;
-        
+
     xmlSecAssert2(id != NULL, NULL);
     xmlSecAssert2(id->objSize > 0, NULL);
-        
+
     /* Allocate a new xmlSecKeyDataStore and fill the fields. */
     store = (xmlSecKeyDataStorePtr)xmlMalloc(id->objSize);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", id->objSize); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", id->objSize);
+        return(NULL);
     }
-    memset(store, 0, id->objSize);    
+    memset(store, 0, id->objSize);
     store->id = id;
 
     if(id->initialize != NULL) {
-	ret = (id->initialize)(store);
+        ret = (id->initialize)(store);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreKlassGetName(id)),
-			"id->initialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDataStoreDestroy(store);
-	    return(NULL);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreKlassGetName(id)),
+                        "id->initialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDataStoreDestroy(store);
+            return(NULL);
+        }
     }
-    
+
     return(store);
 }
 
 /**
  * xmlSecKeyDataStoreDestroy:
- * @store: 		the pointer to the key data store..
+ * @store:              the pointer to the key data store..
  *
  * Destroys the key data store created with #xmlSecKeyDataStoreCreate
  * function.
  */
 void
 xmlSecKeyDataStoreDestroy(xmlSecKeyDataStorePtr store) {
-    xmlSecAssert(xmlSecKeyDataStoreIsValid(store));    
+    xmlSecAssert(xmlSecKeyDataStoreIsValid(store));
     xmlSecAssert(store->id->objSize > 0);
-    
-    if(store->id->finalize != NULL) {  
+
+    if(store->id->finalize != NULL) {
         (store->id->finalize)(store);
     }
     memset(store, 0, store->id->objSize);
@@ -1366,20 +1366,20 @@ xmlSecKeyDataStoreDestroy(xmlSecKeyDataStorePtr store) {
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecKeyDataStorePtrListKlass = {
     BAD_CAST "keys-data-store-list",
-    NULL, 							/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecKeyDataStoreDestroy,	/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecKeyDataStoreDestroy,      /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecKeyDataStorePtrListGetKlass:
- * 
+ *
  * Key data stores list.
  *
  * Returns: key data stores list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecKeyDataStorePtrListGetKlass(void) {
     return(&xmlSecKeyDataStorePtrListKlass);
 }
diff --git a/src/keysmngr.c b/src/keysmngr.c
index e93cbb49..31a03e97 100644
--- a/src/keysmngr.c
+++ b/src/keysmngr.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
- * Keys Manager
- * 
+ * Keys Manager.
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -31,49 +31,49 @@
  * Keys Manager
  *
  ***************************************************************************/
-/** 
+/**
  * xmlSecKeysMngrCreate:
- * 
- * Creates new keys manager. Caller is responsible for freeing it with 
+ *
+ * Creates new keys manager. Caller is responsible for freeing it with
  * #xmlSecKeysMngrDestroy function.
- * 
- * Returns: the pointer to newly allocated keys manager or NULL if 
+ *
+ * Returns: the pointer to newly allocated keys manager or NULL if
  * an error occurs.
  */
-xmlSecKeysMngrPtr 
+xmlSecKeysMngrPtr
 xmlSecKeysMngrCreate(void) {
     xmlSecKeysMngrPtr mngr;
     int ret;
-    
+
     /* Allocate a new xmlSecKeysMngr and fill the fields. */
     mngr = (xmlSecKeysMngrPtr)xmlMalloc(sizeof(xmlSecKeysMngr));
     if(mngr == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecKeysMngr)=%d", 
-		    sizeof(xmlSecKeysMngr));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecKeysMngr)=%d",
+                    sizeof(xmlSecKeysMngr));
+        return(NULL);
     }
-    memset(mngr, 0, sizeof(xmlSecKeysMngr));    
+    memset(mngr, 0, sizeof(xmlSecKeysMngr));
 
     ret = xmlSecPtrListInitialize(&(mngr->storesList), xmlSecKeyDataStorePtrListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyDataStorePtrListId");
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyDataStorePtrListId");
+        return(NULL);
     }
 
-    return(mngr);    
+    return(mngr);
 }
 
-/** 
+/**
  * xmlSecKeysMngrDestroy:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Destroys keys manager created with #xmlSecKeysMngrCreate function.
  */
@@ -83,23 +83,23 @@ xmlSecKeysMngrDestroy(xmlSecKeysMngrPtr mngr) {
 
     /* destroy keys store */
     if(mngr->keysStore != NULL) {
-	xmlSecKeyStoreDestroy(mngr->keysStore);
+        xmlSecKeyStoreDestroy(mngr->keysStore);
     }
-    
+
     /* destroy other data stores */
     xmlSecPtrListFinalize(&(mngr->storesList));
 
-    memset(mngr, 0, sizeof(xmlSecKeysMngr));    
-    xmlFree(mngr);    
+    memset(mngr, 0, sizeof(xmlSecKeysMngr));
+    xmlFree(mngr);
 }
 
 /**
  * xmlSecKeysMngrFindKey:
- * @mngr:		the pointer to keys manager.
- * @name:		the desired key name.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> node processing context.
+ * @mngr:               the pointer to keys manager.
+ * @name:               the desired key name.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> node processing context.
  *
- * Lookups key in the keys manager keys store. The caller is responsible 
+ * Lookups key in the keys manager keys store. The caller is responsible
  * for destroying the returned key using #xmlSecKeyDestroy method.
  *
  * Returns: the pointer to a key or NULL if key is not found or an error occurs.
@@ -107,23 +107,23 @@ xmlSecKeysMngrDestroy(xmlSecKeysMngrPtr mngr) {
 xmlSecKeyPtr
 xmlSecKeysMngrFindKey(xmlSecKeysMngrPtr mngr, const xmlChar* name, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyStorePtr store;
-    
+
     xmlSecAssert2(mngr != NULL, NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	/* no store. is it an error? */
-	return(NULL);
+        /* no store. is it an error? */
+        return(NULL);
     }
-    
+
     return(xmlSecKeyStoreFindKey(store, name, keyInfoCtx));
 }
 
 /**
  * xmlSecKeysMngrAdoptKeysStore:
- * @mngr:		the pointer to keys manager.
- * @store:		the pointer to keys store.
+ * @mngr:               the pointer to keys manager.
+ * @store:              the pointer to keys store.
  *
  * Adopts keys store in the keys manager @mngr.
  *
@@ -133,35 +133,35 @@ int
 xmlSecKeysMngrAdoptKeysStore(xmlSecKeysMngrPtr mngr, xmlSecKeyStorePtr store) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(xmlSecKeyStoreIsValid(store), -1);
-    
+
     if(mngr->keysStore != NULL) {
-	xmlSecKeyStoreDestroy(mngr->keysStore);
+        xmlSecKeyStoreDestroy(mngr->keysStore);
     }
     mngr->keysStore = store;
-    
+
     return(0);
 }
 
 /**
  * xmlSecKeysMngrGetKeysStore:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Gets the keys store.
  *
- * Returns: the keys store in the keys manager @mngr or NULL if 
+ * Returns: the keys store in the keys manager @mngr or NULL if
  * there is no store or an error occurs.
  */
 xmlSecKeyStorePtr
 xmlSecKeysMngrGetKeysStore(xmlSecKeysMngrPtr mngr) {
     xmlSecAssert2(mngr != NULL, NULL);
-    
+
     return(mngr->keysStore);
 }
 
 /**
  * xmlSecKeysMngrAdoptDataStore:
- * @mngr:		the pointer to keys manager.
- * @store:		the pointer to data store.
+ * @mngr:               the pointer to keys manager.
+ * @store:              the pointer to data store.
  *
  * Adopts data store in the keys manager.
  *
@@ -171,48 +171,48 @@ int
 xmlSecKeysMngrAdoptDataStore(xmlSecKeysMngrPtr mngr, xmlSecKeyDataStorePtr store) {
     xmlSecKeyDataStorePtr tmp;
     xmlSecSize pos, size;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataStoreIsValid(store), -1);
 
     size = xmlSecPtrListGetSize(&(mngr->storesList));
     for(pos = 0; pos < size; ++pos) {
-	tmp = (xmlSecKeyDataStorePtr)xmlSecPtrListGetItem(&(mngr->storesList), pos);
-	if((tmp != NULL) && (tmp->id == store->id)) {	
-	    return(xmlSecPtrListSet(&(mngr->storesList), store, pos));
-	}
+        tmp = (xmlSecKeyDataStorePtr)xmlSecPtrListGetItem(&(mngr->storesList), pos);
+        if((tmp != NULL) && (tmp->id == store->id)) {
+            return(xmlSecPtrListSet(&(mngr->storesList), store, pos));
+        }
     }
-    
+
     return(xmlSecPtrListAdd(&(mngr->storesList), store));
 }
 
 
 /**
  * xmlSecKeysMngrGetDataStore:
- * @mngr:		the pointer to keys manager.
- * @id:			the desired data store klass.
+ * @mngr:               the pointer to keys manager.
+ * @id:                 the desired data store klass.
  *
  * Lookups the data store of given klass @id in the keys manager.
  *
  * Returns: pointer to data store or NULL if it is not found or an error
  * occurs.
  */
-xmlSecKeyDataStorePtr 
+xmlSecKeyDataStorePtr
 xmlSecKeysMngrGetDataStore(xmlSecKeysMngrPtr mngr, xmlSecKeyDataStoreId id) {
     xmlSecKeyDataStorePtr tmp;
     xmlSecSize pos, size;
-    
+
     xmlSecAssert2(mngr != NULL, NULL);
     xmlSecAssert2(id != xmlSecKeyDataStoreIdUnknown, NULL);
 
     size = xmlSecPtrListGetSize(&(mngr->storesList));
     for(pos = 0; pos < size; ++pos) {
-	tmp = (xmlSecKeyDataStorePtr)xmlSecPtrListGetItem(&(mngr->storesList), pos);
-	if((tmp != NULL) && (tmp->id == id)) {	
-	    return(tmp);
-	}
+        tmp = (xmlSecKeyDataStorePtr)xmlSecPtrListGetItem(&(mngr->storesList), pos);
+        if((tmp != NULL) && (tmp->id == id)) {
+            return(tmp);
+        }
     }
-    
+
     return(NULL);
 }
 
@@ -223,62 +223,62 @@ xmlSecKeysMngrGetDataStore(xmlSecKeysMngrPtr mngr, xmlSecKeyDataStoreId id) {
  *************************************************************************/
 /**
  * xmlSecKeyStoreCreate:
- * @id: 		the key store klass.
+ * @id:                 the key store klass.
  *
  * Creates new store of the specified klass @klass. Caller is responsible
  * for freeing the returned store by calling #xmlSecKeyStoreDestroy function.
  *
  * Returns: the pointer to newly allocated keys store or NULL if an error occurs.
  */
-xmlSecKeyStorePtr	
+xmlSecKeyStorePtr
 xmlSecKeyStoreCreate(xmlSecKeyStoreId id)  {
     xmlSecKeyStorePtr store;
     int ret;
-        
+
     xmlSecAssert2(id != NULL, NULL);
     xmlSecAssert2(id->objSize > 0, NULL);
-        
+
     /* Allocate a new xmlSecKeyStore and fill the fields. */
     store = (xmlSecKeyStorePtr)xmlMalloc(id->objSize);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", id->objSize); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", id->objSize);
+        return(NULL);
     }
-    memset(store, 0, id->objSize);    
+    memset(store, 0, id->objSize);
     store->id = id;
 
     if(id->initialize != NULL) {
-	ret = (id->initialize)(store);
+        ret = (id->initialize)(store);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
-			"id->initialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(store);
-	    return(NULL);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreKlassGetName(id)),
+                        "id->initialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(store);
+            return(NULL);
+        }
     }
-    
+
     return(store);
 }
 
 /**
  * xmlSecKeyStoreDestroy:
- * @store: 		the pointer to keys store. 
+ * @store:              the pointer to keys store.
  *
  * Destroys the store created with #xmlSecKeyStoreCreate function.
  */
 void
 xmlSecKeyStoreDestroy(xmlSecKeyStorePtr store) {
-    xmlSecAssert(xmlSecKeyStoreIsValid(store));    
+    xmlSecAssert(xmlSecKeyStoreIsValid(store));
     xmlSecAssert(store->id->objSize > 0);
-    
-    if(store->id->finalize != NULL) {  
+
+    if(store->id->finalize != NULL) {
         (store->id->finalize)(store);
     }
     memset(store, 0, store->id->objSize);
@@ -287,18 +287,18 @@ xmlSecKeyStoreDestroy(xmlSecKeyStorePtr store) {
 
 /**
  * xmlSecKeyStoreFindKey:
- * @store:		the pointer to keys store.
- * @name:		the desired key name.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> node processing context.
+ * @store:              the pointer to keys store.
+ * @name:               the desired key name.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> node processing context.
  *
- * Lookups key in the store. The caller is responsible for destroying 
+ * Lookups key in the store. The caller is responsible for destroying
  * the returned key using #xmlSecKeyDestroy method.
  *
  * Returns: the pointer to a key or NULL if key is not found or an error occurs.
  */
 xmlSecKeyPtr
 xmlSecKeyStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecKeyStoreIsValid(store), NULL);    
+    xmlSecAssert2(xmlSecKeyStoreIsValid(store), NULL);
     xmlSecAssert2(store->id->findKey != NULL, NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
 
@@ -308,66 +308,66 @@ xmlSecKeyStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, xmlSecKeyInf
 /****************************************************************************
  *
  * Simple Keys Store
- * 
+ *
  * keys list (xmlSecPtrList) is located after xmlSecKeyStore
  *
  ***************************************************************************/
 #define xmlSecSimpleKeysStoreSize \
-	(sizeof(xmlSecKeyStore) + sizeof(xmlSecPtrList))
+        (sizeof(xmlSecKeyStore) + sizeof(xmlSecPtrList))
 #define xmlSecSimpleKeysStoreGetList(store) \
     ((xmlSecKeyStoreCheckSize((store), xmlSecSimpleKeysStoreSize)) ? \
-	(xmlSecPtrListPtr)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
-	(xmlSecPtrListPtr)NULL)
+        (xmlSecPtrListPtr)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
+        (xmlSecPtrListPtr)NULL)
 
-static int			xmlSecSimpleKeysStoreInitialize	(xmlSecKeyStorePtr store);
-static void			xmlSecSimpleKeysStoreFinalize	(xmlSecKeyStorePtr store);
-static xmlSecKeyPtr 		xmlSecSimpleKeysStoreFindKey	(xmlSecKeyStorePtr store, 
-								 const xmlChar* name, 
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecSimpleKeysStoreInitialize (xmlSecKeyStorePtr store);
+static void                     xmlSecSimpleKeysStoreFinalize   (xmlSecKeyStorePtr store);
+static xmlSecKeyPtr             xmlSecSimpleKeysStoreFindKey    (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyStoreKlass xmlSecSimpleKeysStoreKlass = {
     sizeof(xmlSecKeyStoreKlass),
     xmlSecSimpleKeysStoreSize,
 
     /* data */
-    BAD_CAST "simple-keys-store",		/* const xmlChar* name; */ 
-        
+    BAD_CAST "simple-keys-store",               /* const xmlChar* name; */
+
     /* constructors/destructor */
-    xmlSecSimpleKeysStoreInitialize,		/* xmlSecKeyStoreInitializeMethod initialize; */
-    xmlSecSimpleKeysStoreFinalize,		/* xmlSecKeyStoreFinalizeMethod finalize; */
-    xmlSecSimpleKeysStoreFindKey,		/* xmlSecKeyStoreFindKeyMethod findKey; */
+    xmlSecSimpleKeysStoreInitialize,            /* xmlSecKeyStoreInitializeMethod initialize; */
+    xmlSecSimpleKeysStoreFinalize,              /* xmlSecKeyStoreFinalizeMethod finalize; */
+    xmlSecSimpleKeysStoreFindKey,               /* xmlSecKeyStoreFindKeyMethod findKey; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecSimpleKeysStoreGetKlass:
- * 
+ *
  * The simple list based keys store klass.
  *
  * Returns: simple list based keys store klass.
  */
-xmlSecKeyStoreId 
+xmlSecKeyStoreId
 xmlSecSimpleKeysStoreGetKlass(void) {
     return(&xmlSecSimpleKeysStoreKlass);
 }
 
 /**
  * xmlSecSimpleKeysStoreAdoptKey:
- * @store:		the pointer to simple keys store.
- * @key:		the pointer to key.
- * 
- * Adds @key to the @store. 
+ * @store:              the pointer to simple keys store.
+ * @key:                the pointer to key.
+ *
+ * Adds @key to the @store.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecSimpleKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
     xmlSecPtrListPtr list;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
     xmlSecAssert2(key != NULL, -1);
 
@@ -376,30 +376,30 @@ xmlSecSimpleKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
 
     ret = xmlSecPtrListAdd(list, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
+/**
  * xmlSecSimpleKeysStoreLoad:
- * @store:		the pointer to simple keys store.
- * @uri:		the filename.
- * @keysMngr:		the pointer to associated keys manager. 
- * 
+ * @store:              the pointer to simple keys store.
+ * @uri:                the filename.
+ * @keysMngr:           the pointer to associated keys manager.
+ *
  * Reads keys from an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
 int
-xmlSecSimpleKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, 
-			    xmlSecKeysMngrPtr keysMngr) {
+xmlSecSimpleKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
+                            xmlSecKeysMngrPtr keysMngr) {
     xmlDocPtr doc;
     xmlNodePtr root;
     xmlNodePtr cur;
@@ -408,118 +408,118 @@ xmlSecSimpleKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
     int ret;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
-    xmlSecAssert2(uri != NULL, -1);    
+    xmlSecAssert2(uri != NULL, -1);
 
     doc = xmlParseFile(uri);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlParseFile",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "uri=%s", 
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlParseFile",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
-    
+
     root = xmlDocGetRootElement(doc);
     if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected-node=<xmlsec:Keys>");
-	xmlFreeDoc(doc);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected-node=<xmlsec:Keys>");
+        xmlFreeDoc(doc);
+        return(-1);
     }
-        
+
     cur = xmlSecGetNextElementNode(root->children);
-    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {  
-	key = xmlSecKeyCreate();
-	if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			"expected-node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-
-	ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoCtxInitialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	
-	keyInfoCtx.mode 	  = xmlSecKeyInfoModeRead;
-	keyInfoCtx.keysMngr	  = keysMngr;
-	keyInfoCtx.flags 	  = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
-				    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
-        keyInfoCtx.keyReq.keyId	  = xmlSecKeyDataIdUnknown;
-	keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
-	keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
-	ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	
-	if(xmlSecKeyIsValid(key)) {
-    	    ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			    "xmlSecSimpleKeysStoreAdoptKey",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDestroy(key);
-		xmlFreeDoc(doc);
-		return(-1);
-	    }
-	} else {
-	    /* we have an unknown key in our file, just ignore it */
-	    xmlSecKeyDestroy(key);
-	}
+    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
+        key = xmlSecKeyCreate();
+        if(key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        "expected-node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoCtxInitialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        keyInfoCtx.mode           = xmlSecKeyInfoModeRead;
+        keyInfoCtx.keysMngr       = keysMngr;
+        keyInfoCtx.flags          = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
+                                    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
+        keyInfoCtx.keyReq.keyId   = xmlSecKeyDataIdUnknown;
+        keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
+        keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
+
+        ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+
+        if(xmlSecKeyIsValid(key)) {
+            ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            "xmlSecSimpleKeysStoreAdoptKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDestroy(key);
+                xmlFreeDoc(doc);
+                return(-1);
+            }
+        } else {
+            /* we have an unknown key in our file, just ignore it */
+            xmlSecKeyDestroy(key);
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
     }
-    
+
     xmlFreeDoc(doc);
     return(0);
 
 }
 
-/** 
+/**
  * xmlSecSimpleKeysStoreSave:
- * @store:		the pointer to simple keys store.
- * @filename:		the filename.
- * @type:		the saved keys type (public, private, ...).
- * 
+ * @store:              the pointer to simple keys store.
+ * @filename:           the filename.
+ * @type:               the saved keys type (public, private, ...).
+ *
  * Writes keys from @store to an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -529,7 +529,7 @@ xmlSecSimpleKeysStoreSave(xmlSecKeyStorePtr store, const char *filename, xmlSecK
     xmlSecKeyInfoCtx keyInfoCtx;
     xmlSecPtrListPtr list;
     xmlSecKeyPtr key;
-    xmlSecSize i, keysSize;    
+    xmlSecSize i, keysSize;
     xmlDocPtr doc;
     xmlNodePtr cur;
     xmlSecKeyDataPtr data;
@@ -539,7 +539,7 @@ xmlSecSimpleKeysStoreSave(xmlSecKeyStorePtr store, const char *filename, xmlSecK
     int ret;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId), -1);
-    xmlSecAssert2(filename != NULL, -1);    
+    xmlSecAssert2(filename != NULL, -1);
 
     list = xmlSecSimpleKeysStoreGetList(store);
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecKeyPtrListId), -1);
@@ -547,133 +547,133 @@ xmlSecSimpleKeysStoreSave(xmlSecKeyStorePtr store, const char *filename, xmlSecK
     /* create doc */
     doc = xmlSecCreateTree(BAD_CAST "Keys", xmlSecNs);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSecCreateTree",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSecCreateTree",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
-    idsList = xmlSecKeyDataIdsGet();	
+
+    idsList = xmlSecKeyDataIdsGet();
     xmlSecAssert2(idsList != NULL, -1);
-	
+
     keysSize = xmlSecPtrListGetSize(list);
     idsSize = xmlSecPtrListGetSize(idsList);
     for(i = 0; i < keysSize; ++i) {
-	key = (xmlSecKeyPtr)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(key != NULL, -1);
-	    
-    	cur = xmlSecAddChild(xmlDocGetRootElement(doc), xmlSecNodeKeyInfo, xmlSecDSigNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    xmlFreeDoc(doc); 
-	    return(-1);
-	}
-
-	/* special data key name */
-	if(xmlSecKeyGetName(key) != NULL) {
-    	    if(xmlSecAddChild(cur, xmlSecNodeKeyName, xmlSecDSigNs) == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			    "xmlSecAddChild",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "node=%s",
-			    xmlSecErrorsSafeString(xmlSecNodeKeyName));
-		xmlFreeDoc(doc); 
-		return(-1);
-	    }
-	}
-    
-	/* create nodes for other keys data */
-	for(j = 0; j < idsSize; ++j) {
-	    dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(idsList, j);
-	    xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, -1);
-
-	    if(dataId->dataNodeName == NULL) {
-		continue;
-	    }
-	    
-	    data = xmlSecKeyGetData(key, dataId);
-	    if(data == NULL) {
-		continue;
-	    }
-
-	    if(xmlSecAddChild(cur, dataId->dataNodeName, dataId->dataNodeNs) == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			    "xmlSecAddChild",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "node=%s", 
-			    xmlSecErrorsSafeString(dataId->dataNodeName));
-		xmlFreeDoc(doc); 
-	        return(-1);
-	    }
-	}
-
-    	ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoCtxInitialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-
-	keyInfoCtx.mode 		= xmlSecKeyInfoModeWrite;
-    	keyInfoCtx.keyReq.keyId		= xmlSecKeyDataIdUnknown;
-	keyInfoCtx.keyReq.keyType	= type;
-	keyInfoCtx.keyReq.keyUsage 	= xmlSecKeyDataUsageAny;
-
-	/* finally write key in the node */
-	ret = xmlSecKeyInfoNodeWrite(cur, key, &keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoNodeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	    xmlFreeDoc(doc); 
-	    return(-1);
-	}		
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+        key = (xmlSecKeyPtr)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(key != NULL, -1);
+
+        cur = xmlSecAddChild(xmlDocGetRootElement(doc), xmlSecNodeKeyInfo, xmlSecDSigNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        /* special data key name */
+        if(xmlSecKeyGetName(key) != NULL) {
+            if(xmlSecAddChild(cur, xmlSecNodeKeyName, xmlSecDSigNs) == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            "xmlSecAddChild",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeKeyName));
+                xmlFreeDoc(doc);
+                return(-1);
+            }
+        }
+
+        /* create nodes for other keys data */
+        for(j = 0; j < idsSize; ++j) {
+            dataId = (xmlSecKeyDataId)xmlSecPtrListGetItem(idsList, j);
+            xmlSecAssert2(dataId != xmlSecKeyDataIdUnknown, -1);
+
+            if(dataId->dataNodeName == NULL) {
+                continue;
+            }
+
+            data = xmlSecKeyGetData(key, dataId);
+            if(data == NULL) {
+                continue;
+            }
+
+            if(xmlSecAddChild(cur, dataId->dataNodeName, dataId->dataNodeNs) == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            "xmlSecAddChild",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(dataId->dataNodeName));
+                xmlFreeDoc(doc);
+                return(-1);
+            }
+        }
+
+        ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoCtxInitialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        keyInfoCtx.mode                 = xmlSecKeyInfoModeWrite;
+        keyInfoCtx.keyReq.keyId         = xmlSecKeyDataIdUnknown;
+        keyInfoCtx.keyReq.keyType       = type;
+        keyInfoCtx.keyReq.keyUsage      = xmlSecKeyDataUsageAny;
+
+        /* finally write key in the node */
+        ret = xmlSecKeyInfoNodeWrite(cur, key, &keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
     }
-    
+
     /* now write result */
     ret = xmlSaveFormatFile(filename, doc, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSaveFormatFile",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlFreeDoc(doc); 
-	return(-1);
-    }	   
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSaveFormatFile",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlFreeDoc(doc);
+        return(-1);
+    }
+
     xmlFreeDoc(doc);
     return(0);
 }
 
-/** 
+/**
  * xmlSecSimpleKeysStoreGetKeys:
- * @store:		the pointer to simple keys store.
- * 
+ * @store:              the pointer to simple keys store.
+ *
  * Gets list of keys from simple keys store.
- * 
+ *
  * Returns: pointer to the list of keys stored in the keys store or NULL
  * if an error occurs.
  */
-xmlSecPtrListPtr 
+xmlSecPtrListPtr
 xmlSecSimpleKeysStoreGetKeys(xmlSecKeyStorePtr store) {
     xmlSecPtrListPtr list;
 
@@ -694,35 +694,35 @@ xmlSecSimpleKeysStoreInitialize(xmlSecKeyStorePtr store) {
 
     list = xmlSecSimpleKeysStoreGetList(store);
     xmlSecAssert2(list != NULL, -1);
-    
+
     ret = xmlSecPtrListInitialize(list, xmlSecKeyPtrListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecKeyPtrListId");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecKeyPtrListId");
+        return(-1);
     }
 
-    return(0);    
+    return(0);
 }
 
 static void
 xmlSecSimpleKeysStoreFinalize(xmlSecKeyStorePtr store) {
     xmlSecPtrListPtr list;
-    
+
     xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecSimpleKeysStoreId));
-    
+
     list = xmlSecSimpleKeysStoreGetList(store);
     xmlSecAssert(list != NULL);
-    
+
     xmlSecPtrListFinalize(list);
 }
 
-static xmlSecKeyPtr 
-xmlSecSimpleKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, 
-			    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+static xmlSecKeyPtr
+xmlSecSimpleKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
+                            xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecPtrListPtr list;
     xmlSecKeyPtr key;
     xmlSecSize pos, size;
@@ -735,10 +735,10 @@ xmlSecSimpleKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
 
     size = xmlSecPtrListGetSize(list);
     for(pos = 0; pos < size; ++pos) {
-	key = (xmlSecKeyPtr)xmlSecPtrListGetItem(list, pos);
-	if((key != NULL) && (xmlSecKeyMatch(key, name, &(keyInfoCtx->keyReq)) == 1)) {
-	    return(xmlSecKeyDuplicate(key));
-	}
+        key = (xmlSecKeyPtr)xmlSecPtrListGetItem(list, pos);
+        if((key != NULL) && (xmlSecKeyMatch(key, name, &(keyInfoCtx->keyReq)) == 1)) {
+            return(xmlSecKeyDuplicate(key));
+        }
     }
     return(NULL);
 }
diff --git a/src/kw_aes_des.c b/src/kw_aes_des.c
new file mode 100644
index 00000000..022e720a
--- /dev/null
+++ b/src/kw_aes_des.c
@@ -0,0 +1,493 @@
+/**
+ * XML Security Library (http://www.aleksey.com/xmlsec).
+ *
+ * Implementation of AES/DES Key Transport algorithm
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <libxml/tree.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/errors.h>
+
+#include "kw_aes_des.h"
+
+#ifndef XMLSEC_NO_DES
+
+static int      xmlSecKWDes3BufferReverse                       (xmlSecByte *buf, 
+                                                                 xmlSecSize size);
+
+/********************************************************************
+ *
+ * CMS Triple DES Key Wrap
+ *
+ * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
+ *
+ * The following algorithm wraps (encrypts) a key (the wrapped key, WK)
+ * under a TRIPLEDES key-encryption-key (KEK) as specified in [CMS-Algorithms]:
+ *
+ * 1. Represent the key being wrapped as an octet sequence. If it is a
+ *    TRIPLEDES key, this is 24 octets (192 bits) with odd parity bit as
+ *    the bottom bit of each octet.
+ * 2. Compute the CMS key checksum (section 5.6.1) call this CKS.
+ * 3. Let WKCKS = WK || CKS, where || is concatenation.
+ * 4. Generate 8 random octets [RANDOM] and call this IV.
+ * 5. Encrypt WKCKS in CBC mode using KEK as the key and IV as the
+ *    initialization vector. Call the results TEMP1.
+ * 6. Left TEMP2 = IV || TEMP1.
+ * 7. Reverse the order of the octets in TEMP2 and call the result TEMP3.
+ * 8. Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
+ *    of 0x4adda22c79e82105. The resulting cipher text is the desired result.
+ *    It is 40 octets long if a 168 bit key is being wrapped.
+ *
+ * The following algorithm unwraps (decrypts) a key as specified in
+ * [CMS-Algorithms]:
+ *
+ * 1. Check if the length of the cipher text is reasonable given the key type.
+ *    It must be 40 bytes for a 168 bit key and either 32, 40, or 48 bytes for
+ *    a 128, 192, or 256 bit key. If the length is not supported or inconsistent
+ *    with the algorithm for which the key is intended, return error.
+ * 2. Decrypt the cipher text with TRIPLEDES in CBC mode using the KEK and
+ *    an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
+ * 3. Reverse the order of the octets in TEMP3 and call the result TEMP2.
+ * 4. Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining
+ *    octets.
+ * 5. Decrypt TEMP1 using TRIPLEDES in CBC mode using the KEK and the IV found
+ *    in the previous step. Call the result WKCKS.
+ * 6. Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are
+ *    those octets before the CKS.
+ * 7. Calculate a CMS key checksum (section 5.6.1) over the WK and compare
+ *    with the CKS extracted in the above step. If they are not equal, return
+ *    error.
+ * 8. WK is the wrapped key, now extracted for use in data decryption.
+ *
+ ********************************************************************/
+static xmlSecByte xmlSecKWDes3Iv[XMLSEC_KW_DES3_IV_LENGTH] = {
+    0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05
+};
+
+int
+xmlSecKWDes3Encode(xmlSecKWDes3Id kwDes3Id, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize) {
+    xmlSecByte sha1[XMLSEC_KW_DES3_SHA_DIGEST_LENGTH];
+    xmlSecByte iv[XMLSEC_KW_DES3_IV_LENGTH];
+    xmlSecSize s;
+    int ret;
+
+    xmlSecAssert2(xmlSecKWDes3CheckId(kwDes3Id), -1);
+    xmlSecAssert2(context != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize + XMLSEC_KW_DES3_BLOCK_LENGTH + XMLSEC_KW_DES3_IV_LENGTH, -1);
+
+    /* step 2: calculate sha1 and CMS */
+    ret = kwDes3Id->sha1(context, in, inSize, sha1, sizeof(sha1));
+    if((ret < 0) || (ret != sizeof(sha1))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->sha1",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* step 3: construct WKCKS as WK || CKS */
+    memcpy(out, in, inSize);
+    memcpy(out + inSize, sha1, XMLSEC_KW_DES3_BLOCK_LENGTH);
+
+    /* step 4: generate random iv */
+    ret = kwDes3Id->generateRandom(context, iv, sizeof(iv));
+    if((ret < 0) || (ret != sizeof(iv))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->generateRandom",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* step 5: first encryption, result is TEMP1 */
+    ret = kwDes3Id->encrypt(context,
+                           iv, sizeof(iv),
+                           out, inSize + XMLSEC_KW_DES3_BLOCK_LENGTH,
+                           out, outSize);
+    if((ret < 0) || ((xmlSecSize)ret != inSize + XMLSEC_KW_DES3_BLOCK_LENGTH)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* step 6: construct TEMP2=IV || TEMP1 */
+    memmove(out + XMLSEC_KW_DES3_IV_LENGTH, out, inSize + XMLSEC_KW_DES3_BLOCK_LENGTH);
+    memcpy(out, iv, XMLSEC_KW_DES3_IV_LENGTH);
+    s = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH + XMLSEC_KW_DES3_IV_LENGTH;
+
+    /* step 7: reverse octets order, result is TEMP3 */
+    ret = xmlSecKWDes3BufferReverse(out, s);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKWDes3BufferReverse",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* step 8: second encryption with static IV */
+    ret = kwDes3Id->encrypt(context,
+                           xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
+                           out, s,
+                           out, outSize);
+    if((ret < 0) || ((xmlSecSize)ret != s)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    s = ret;
+    return(s);
+}
+
+int
+xmlSecKWDes3Decode(xmlSecKWDes3Id kwDes3Id, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize) 
+{
+    xmlSecByte sha1[XMLSEC_KW_DES3_SHA_DIGEST_LENGTH];
+    xmlSecSize s;
+    int ret;
+
+    xmlSecAssert2(xmlSecKWDes3CheckId(kwDes3Id), -1);
+    xmlSecAssert2(context != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+
+    /* step 2: first decryption with static IV, result is TEMP3 */
+    ret = kwDes3Id->decrypt(context,
+                           xmlSecKWDes3Iv, sizeof(xmlSecKWDes3Iv),
+                           in, inSize, 
+                           out, outSize);
+    if((ret < 0) || (ret < XMLSEC_KW_DES3_IV_LENGTH)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->decrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+    s = ret;
+
+    /* step 3: reverse octets order in TEMP3, result is TEMP2 */
+    ret = xmlSecKWDes3BufferReverse(out, s);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKWDes3BufferReverse",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* steps 4 and 5: get IV and decrypt second time, result is WKCKS */
+    ret = kwDes3Id->decrypt(context,
+                           out, XMLSEC_KW_DES3_IV_LENGTH,
+                           out + XMLSEC_KW_DES3_IV_LENGTH, s - XMLSEC_KW_DES3_IV_LENGTH,
+                           out, outSize);
+    if((ret < 0) || (ret < XMLSEC_KW_DES3_BLOCK_LENGTH)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->decrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+    s = ret - XMLSEC_KW_DES3_BLOCK_LENGTH;
+
+    /* steps 6 and 7: calculate SHA1 and validate it */
+    ret = kwDes3Id->sha1(context,
+                        out, s,
+                        sha1, sizeof(sha1));
+    if((ret < 0) || (ret != sizeof(sha1))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "kwDes3Id->sha1",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ret=%d", ret);
+        return(-1);
+    }
+
+    /* check sha1 */
+    xmlSecAssert2(XMLSEC_KW_DES3_BLOCK_LENGTH <= sizeof(sha1), -1);
+    if(memcmp(sha1, out + s, XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "SHA1 does not match");
+        return(-1);
+    }
+
+    /* done */
+    return(s);
+}
+
+static int
+xmlSecKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size) 
+{
+    xmlSecByte * p;

+    xmlSecByte ch;

+

+    xmlSecAssert2(buf != NULL, -1);

+    xmlSecAssert2(size > 0, -1);

+

+    for(p = buf + size - 1; p >= buf; ++buf, --p) {

+        ch = (*p);

+        (*p) = (*buf);

+        (*buf) = ch;

+    }

+    return (0);

+}
+
+#endif /* XMLSEC_NO_DES */
+
+
+
+#ifndef XMLSEC_NO_AES
+/********************************************************************
+ *
+ * KT AES
+ *
+ * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap:
+ *
+ * Assume that the data to be wrapped consists of N 64-bit data blocks
+ * denoted P(1), P(2), P(3) ... P(N). The result of wrapping will be N+1
+ * 64-bit blocks denoted C(0), C(1), C(2), ... C(N). The key encrypting
+ * key is represented by K. Assume integers i, j, and t and intermediate
+ * 64-bit register A, 128-bit register B, and array of 64-bit quantities
+ * R(1) through R(N).
+ *
+ * "|" represents concatentation so x|y, where x and y and 64-bit quantities,
+ * is the 128-bit quantity with x in the most significant bits and y in the
+ * least significant bits. AES(K)enc(x) is the operation of AES encrypting
+ * the 128-bit quantity x under the key K. AES(K)dec(x) is the corresponding
+ * decryption opteration. XOR(x,y) is the bitwise exclusive or of x and y.
+ * MSB(x) and LSB(y) are the most significant 64 bits and least significant
+ * 64 bits of x and y respectively.
+ *
+ * If N is 1, a single AES operation is performed for wrap or unwrap.
+ * If N>1, then 6*N AES operations are performed for wrap or unwrap.
+ *
+ * The key wrap algorithm is as follows:
+ *
+ *   1. If N is 1:
+ *          * B=AES(K)enc(0xA6A6A6A6A6A6A6A6|P(1))
+ *          * C(0)=MSB(B)
+ *          * C(1)=LSB(B)
+ *      If N>1, perform the following steps:
+ *   2. Initialize variables:
+ *          * Set A to 0xA6A6A6A6A6A6A6A6
+ *          * Fori=1 to N,
+ *            R(i)=P(i)
+ *   3. Calculate intermediate values:
+ *          * Forj=0 to 5,
+ *                o For i=1 to N,
+ *                  t= i + j*N
+ *                  B=AES(K)enc(A|R(i))
+ *                  A=XOR(t,MSB(B))
+ *                  R(i)=LSB(B)
+ *   4. Output the results:
+ *          * Set C(0)=A
+ *          * For i=1 to N,
+ *            C(i)=R(i)
+ *
+ * The key unwrap algorithm is as follows:
+ *
+ *   1. If N is 1:
+ *          * B=AES(K)dec(C(0)|C(1))
+ *          * P(1)=LSB(B)
+ *          * If MSB(B) is 0xA6A6A6A6A6A6A6A6, return success. Otherwise,
+ *            return an integrity check failure error.
+ *      If N>1, perform the following steps:
+ *   2. Initialize the variables:
+ *          * A=C(0)
+ *          * For i=1 to N,
+ *            R(i)=C(i)
+ *   3. Calculate intermediate values:
+ *          * For j=5 to 0,
+ *                o For i=N to 1,
+ *                  t= i + j*N
+ *                  B=AES(K)dec(XOR(t,A)|R(i))
+ *                  A=MSB(B)
+ *                  R(i)=LSB(B)
+ *   4. Output the results:
+ *          * For i=1 to N,
+ *            P(i)=R(i)
+ *          * If A is 0xA6A6A6A6A6A6A6A6, return success. Otherwise, return
+ *            an integrity check failure error.
+ ********************************************************************/
+static const xmlSecByte xmlSecKWAesMagicBlock[XMLSEC_KW_AES_MAGIC_BLOCK_SIZE] = {
+    0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6
+};
+
+int
+xmlSecKWAesEncode(xmlSecKWAesId kwAesId, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize) {
+    xmlSecByte block[XMLSEC_KW_AES_BLOCK_SIZE];
+    xmlSecByte *p;
+    int N, i, j, t;
+    int ret;
+
+    xmlSecAssert2(kwAesId != NULL, -1);
+    xmlSecAssert2(kwAesId->encrypt != NULL, -1);
+    xmlSecAssert2(kwAesId->decrypt != NULL, -1);
+    xmlSecAssert2(context != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, -1);
+
+    /* prepend magic block */
+    if(in != out) {
+        memcpy(out + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, in, inSize);
+    } else {
+        memmove(out + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, out, inSize);
+    }
+    memcpy(out, xmlSecKWAesMagicBlock, XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
+
+    N = (inSize / 8);
+    if(N == 1) {
+        ret = kwAesId->encrypt(out, inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, out, outSize, context);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "kwAesId->encrypt",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    } else {
+        for(j = 0; j <= 5; ++j) {
+            for(i = 1; i <= N; ++i) {
+                t = i + (j * N);
+                p = out + i * 8;
+
+                memcpy(block, out, 8);
+                memcpy(block + 8, p, 8);
+
+                ret = kwAesId->encrypt(block, sizeof(block), block, sizeof(block), context);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "kwAesId->encrypt",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+                }
+                block[7] ^=  t;
+                memcpy(out, block, 8);
+                memcpy(p, block + 8, 8);
+            }
+        }
+    }
+
+    return(inSize + 8);
+}
+
+int
+xmlSecKWAesDecode(xmlSecKWAesId kwAesId, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize) {
+    xmlSecByte block[XMLSEC_KW_AES_BLOCK_SIZE];
+    xmlSecByte *p;
+    int N, i, j, t;
+    int ret;
+
+    xmlSecAssert2(kwAesId != NULL, -1);
+    xmlSecAssert2(kwAesId->encrypt != NULL, -1);
+    xmlSecAssert2(kwAesId->decrypt != NULL, -1);
+    xmlSecAssert2(context != NULL, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    /* copy input */
+    if(in != out) {
+        memcpy(out, in, inSize);
+    }
+
+    N = (inSize / 8) - 1;
+    if(N == 1) {
+        ret = kwAesId->decrypt(out, inSize, out, outSize, context);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "kwAesId->decrypt",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    } else {
+        for(j = 5; j >= 0; --j) {
+            for(i = N; i > 0; --i) {
+                t = i + (j * N);
+                p = out + i * 8;
+
+                memcpy(block, out, 8);
+                memcpy(block + 8, p, 8);
+                block[7] ^= t;
+
+                ret = kwAesId->decrypt(block, sizeof(block), block, sizeof(block), context);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "kwAesId->decrypt",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+                }
+                memcpy(out, block, 8);
+                memcpy(p, block + 8, 8);
+            }
+        }
+    }
+    /* do not left data in memory */
+    memset(block, 0, sizeof(block));
+
+    /* check the output */
+    if(memcmp(xmlSecKWAesMagicBlock, out, XMLSEC_KW_AES_MAGIC_BLOCK_SIZE) != 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "bad magic block");
+        return(-1);
+    }
+
+    /* get rid of magic block */
+    memmove(out, out + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE, inSize - XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
+    return(inSize - XMLSEC_KW_AES_MAGIC_BLOCK_SIZE);
+}
+
+#endif /* XMLSEC_NO_AES */
+
diff --git a/src/kw_aes_des.h b/src/kw_aes_des.h
new file mode 100644
index 00000000..46e85273
--- /dev/null
+++ b/src/kw_aes_des.h
@@ -0,0 +1,148 @@
+/**
+ * XMLSec library
+ *
+ * THIS IS A PRIVATE XMLSEC HEADER FILE
+ * DON'T USE IT IN YOUR APPLICATION
+ *
+ * Implementation of AES/DES Key Transport algorithm
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
+ */
+#ifndef __XMLSEC_KT_AES_DES_H__
+#define __XMLSEC_KT_AES_DES_H__
+
+#ifndef XMLSEC_PRIVATE
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#ifndef XMLSEC_NO_DES
+/********************************************************************
+ *
+ * KT DES
+ *
+ ********************************************************************/
+#define XMLSEC_KW_DES3_KEY_LENGTH                   24
+#define XMLSEC_KW_DES3_IV_LENGTH                    8
+#define XMLSEC_KW_DES3_BLOCK_LENGTH                 8
+#define XMLSEC_KW_DES3_SHA_DIGEST_LENGTH            20
+
+
+typedef int  (*xmlSecKWDes3Sha1Method)              (void * context,
+                                                     const xmlSecByte * in,
+                                                     xmlSecSize inSize,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize);
+typedef int  (*xmlSecKWDes3GenerateRandomMethod)    (void * context,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize);
+typedef int  (*xmlSecKWDes3BlockEncryptMethod)      (void * context,
+                                                     const xmlSecByte * iv,
+                                                     xmlSecSize ivSize,
+                                                     const xmlSecByte * in,
+                                                     xmlSecSize inSize,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize);
+typedef int  (*xmlSecKWDes3BlockDecryptMethod)      (void * context,
+                                                     const xmlSecByte * iv,
+                                                     xmlSecSize ivSize,
+                                                     const xmlSecByte * in,
+                                                     xmlSecSize inSize,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize);
+
+
+struct _xmlSecKWDes3Klass {
+    /* callbacks */
+    xmlSecKWDes3GenerateRandomMethod    generateRandom;
+    xmlSecKWDes3Sha1Method              sha1;
+    xmlSecKWDes3BlockEncryptMethod      encrypt;
+    xmlSecKWDes3BlockDecryptMethod      decrypt;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+}; 
+typedef const struct _xmlSecKWDes3Klass              xmlSecKWDes3Klass,
+                                                    *xmlSecKWDes3Id;
+
+#define xmlSecKWDes3CheckId(id) \
+    ( \
+     ((id) != NULL) && \
+     ((id)->generateRandom != NULL) && \
+     ((id)->sha1 != NULL) && \
+     ((id)->encrypt != NULL) && \
+     ((id)->decrypt != NULL) \
+    )
+
+XMLSEC_EXPORT int
+xmlSecKWDes3Encode(xmlSecKWDes3Id kwDes3Id, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize);
+
+XMLSEC_EXPORT int
+xmlSecKWDes3Decode(xmlSecKWDes3Id kwDes3Id, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize);
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+/********************************************************************
+ *
+ * KT AES
+ *
+ ********************************************************************/
+#define XMLSEC_KW_AES_MAGIC_BLOCK_SIZE              8
+#define XMLSEC_KW_AES_BLOCK_SIZE                    16
+#define XMLSEC_KW_AES128_KEY_SIZE                   16
+#define XMLSEC_KW_AES192_KEY_SIZE                   24
+#define XMLSEC_KW_AES256_KEY_SIZE                   32
+
+typedef int  (*xmlSecKWAesBlockEncryptMethod)       (const xmlSecByte * in,
+                                                     xmlSecSize inSize,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize,
+                                                     void * context);
+typedef int  (*xmlSecKWAesBlockDecryptMethod)       (const xmlSecByte * in,
+                                                     xmlSecSize inSize,
+                                                     xmlSecByte * out,
+                                                     xmlSecSize outSize,
+                                                     void * context);
+
+
+struct _xmlSecKWAesKlass {
+    /* callbacks */
+    xmlSecKWAesBlockEncryptMethod       encrypt;
+    xmlSecKWAesBlockDecryptMethod       decrypt;
+
+    /* for the future */
+    void*                               reserved0;
+    void*                               reserved1;
+}; 
+typedef const struct _xmlSecKWAesKlass              xmlSecKWAesKlass,
+                                                    *xmlSecKWAesId;
+
+XMLSEC_EXPORT int
+xmlSecKWAesEncode(xmlSecKWAesId kwAesId, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize);
+
+XMLSEC_EXPORT int
+xmlSecKWAesDecode(xmlSecKWAesId kwAesId, void *context,
+                  const xmlSecByte *in, xmlSecSize inSize,
+                  xmlSecByte *out, xmlSecSize outSize);
+
+#endif /* XMLSEC_NO_AES */
+
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_KT_AES_DES_H__ */
diff --git a/src/list.c b/src/list.c
index a4b6ad54..d1a00533 100644
--- a/src/list.c
+++ b/src/list.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * List of pointers.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -20,76 +20,76 @@
 #include <xmlsec/errors.h>
 
 
-static int		xmlSecPtrListEnsureSize			(xmlSecPtrListPtr list,
-								 xmlSecSize size);
-								 
+static int              xmlSecPtrListEnsureSize                 (xmlSecPtrListPtr list,
+                                                                 xmlSecSize size);
+
 static xmlSecAllocMode gAllocMode = xmlSecAllocModeDouble;
 static xmlSecSize gInitialSize = 64;
 
-/** 
+/**
  * xmlSecPtrListSetDefaultAllocMode:
- * @defAllocMode:	the new default memory allocation mode.
- * @defInitialSize:	the new default minimal initial size.
+ * @defAllocMode:       the new default memory allocation mode.
+ * @defInitialSize:     the new default minimal initial size.
  *
  * Sets new default allocation mode and minimal initial list size.
  */
-void 
+void
 xmlSecPtrListSetDefaultAllocMode(xmlSecAllocMode defAllocMode, xmlSecSize defInitialSize) {
     xmlSecAssert(defInitialSize > 0);
-    
+
     gAllocMode = defAllocMode;
     gInitialSize = defInitialSize;
 }
 
 /**
  * xmlSecPtrListCreate:
- * @id:			the list klass.
- * 
+ * @id:                 the list klass.
+ *
  * Creates new list object. Caller is responsible for freeing returned list
  * by calling #xmlSecPtrListDestroy function.
  *
  * Returns: pointer to newly allocated list or NULL if an error occurs.
  */
-xmlSecPtrListPtr 
+xmlSecPtrListPtr
 xmlSecPtrListCreate(xmlSecPtrListId id) {
     xmlSecPtrListPtr list;
     int ret;
-    
+
     xmlSecAssert2(id != xmlSecPtrListIdUnknown, NULL);
-    
+
     /* Allocate a new xmlSecPtrList and fill the fields. */
     list = (xmlSecPtrListPtr)xmlMalloc(sizeof(xmlSecPtrList));
     if(list == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecPtrList)=%d", 
-		    sizeof(xmlSecPtrList));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecPtrList)=%d",
+                    sizeof(xmlSecPtrList));
+        return(NULL);
     }
-    
+
     ret = xmlSecPtrListInitialize(list, id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListKlassGetName(id)),
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(list);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListKlassGetName(id)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(list);
+        return(NULL);
     }
-    
-    return(list);    
+
+    return(list);
 }
 
 /**
  * xmlSecPtrListDestroy:
- * @list:		the pointer to list.
+ * @list:               the pointer to list.
  *
  * Destroys @list created with #xmlSecPtrListCreate function.
  */
-void 
+void
 xmlSecPtrListDestroy(xmlSecPtrListPtr list) {
     xmlSecAssert(xmlSecPtrListIsValid(list));
     xmlSecPtrListFinalize(list);
@@ -98,30 +98,30 @@ xmlSecPtrListDestroy(xmlSecPtrListPtr list) {
 
 /**
  * xmlSecPtrListInitialize:
- * @list:		the pointer to list.
- * @id:			the list klass.
+ * @list:               the pointer to list.
+ * @id:                 the list klass.
  *
- * Initializes the list of given klass. Caller is responsible 
+ * Initializes the list of given klass. Caller is responsible
  * for cleaning up by calling #xmlSecPtrListFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecPtrListInitialize(xmlSecPtrListPtr list, xmlSecPtrListId id) {
     xmlSecAssert2(id != xmlSecPtrListIdUnknown, -1);
     xmlSecAssert2(list != NULL, -1);
 
-    memset(list, 0, sizeof(xmlSecPtrList));    
+    memset(list, 0, sizeof(xmlSecPtrList));
     list->id = id;
     list->allocMode = gAllocMode;
-    
+
     return(0);
 }
 
 /**
  * xmlSecPtrListFinalize:
- * @list:		the pointer to list.
- *  
+ * @list:               the pointer to list.
+ *
  * Cleans up the list initialized with #xmlSecPtrListInitialize
  * function.
  */
@@ -130,34 +130,34 @@ xmlSecPtrListFinalize(xmlSecPtrListPtr list) {
     xmlSecAssert(xmlSecPtrListIsValid(list));
 
     xmlSecPtrListEmpty(list);
-    memset(list, 0, sizeof(xmlSecPtrList));    
+    memset(list, 0, sizeof(xmlSecPtrList));
 }
 
 /**
  * xmlSecPtrListEmpty:
- * @list:		the pointer to list.
+ * @list:               the pointer to list.
  *
  * Remove all items from @list (if any).
  */
-void 
+void
 xmlSecPtrListEmpty(xmlSecPtrListPtr list) {
     xmlSecAssert(xmlSecPtrListIsValid(list));
 
     if(list->id->destroyItem != NULL) {
-	xmlSecSize pos;
-	
-	for(pos = 0; pos < list->use; ++pos) {
-	    xmlSecAssert(list->data != NULL);
-	    if(list->data[pos] != NULL) {
-		list->id->destroyItem(list->data[pos]);
-	    }
-	}
+        xmlSecSize pos;
+
+        for(pos = 0; pos < list->use; ++pos) {
+            xmlSecAssert(list->data != NULL);
+            if(list->data[pos] != NULL) {
+                list->id->destroyItem(list->data[pos]);
+            }
+        }
     }
     if(list->max > 0) {
-	xmlSecAssert(list->data != NULL);
+        xmlSecAssert(list->data != NULL);
 
-	memset(list->data, 0, sizeof(xmlSecPtr) * list->use);
-	xmlFree(list->data);
+        memset(list->data, 0, sizeof(xmlSecPtr) * list->use);
+        xmlFree(list->data);
     }
     list->max = list->use = 0;
     list->data = NULL;
@@ -165,11 +165,11 @@ xmlSecPtrListEmpty(xmlSecPtrListPtr list) {
 
 /**
  * xmlSecPtrListCopy:
- * @dst:		the pointer to destination list.
- * @src:		the pointer to source list.
+ * @dst:                the pointer to destination list.
+ * @src:                the pointer to source list.
  *
  * Copies @src list items to @dst list using #duplicateItem method
- * of the list klass. If #duplicateItem method is NULL then 
+ * of the list klass. If #duplicateItem method is NULL then
  * we jsut copy pointers to items.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -178,109 +178,109 @@ int
 xmlSecPtrListCopy(xmlSecPtrListPtr dst, xmlSecPtrListPtr src) {
     xmlSecSize i;
     int ret;
-    
+
     xmlSecAssert2(xmlSecPtrListIsValid(dst), -1);
     xmlSecAssert2(xmlSecPtrListIsValid(src), -1);
     xmlSecAssert2(dst->id == src->id, -1);
-    
+
     /* allocate memory */
     ret = xmlSecPtrListEnsureSize(dst, dst->use + src->use);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListGetName(src)),
-		    "xmlSecPtrListEnsureSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", src->use);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListGetName(src)),
+                    "xmlSecPtrListEnsureSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", src->use);
+        return(-1);
     }
 
-    /* copy one item after another */    
+    /* copy one item after another */
     for(i = 0; i < src->use; ++i, ++dst->use) {
-	xmlSecAssert2(src->data != NULL, -1);
-	xmlSecAssert2(dst->data != NULL, -1);
-	
-	if((dst->id->duplicateItem != NULL) && (src->data[i] != NULL)) {
-	    dst->data[dst->use] = dst->id->duplicateItem(src->data[i]);
-	    if(dst->data[dst->use] == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecPtrListGetName(src)),
-			    "duplicateItem",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	} else {
-	    dst->data[dst->use] = src->data[i];
-	}
+        xmlSecAssert2(src->data != NULL, -1);
+        xmlSecAssert2(dst->data != NULL, -1);
+
+        if((dst->id->duplicateItem != NULL) && (src->data[i] != NULL)) {
+            dst->data[dst->use] = dst->id->duplicateItem(src->data[i]);
+            if(dst->data[dst->use] == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecPtrListGetName(src)),
+                            "duplicateItem",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } else {
+            dst->data[dst->use] = src->data[i];
+        }
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecPtrListDuplicate:
- * @list:		the pointer to list.
- *  
+ * @list:               the pointer to list.
+ *
  * Creates a new copy of @list and all its items.
  *
  * Returns: pointer to newly allocated list or NULL if an error occurs.
  */
-xmlSecPtrListPtr 
+xmlSecPtrListPtr
 xmlSecPtrListDuplicate(xmlSecPtrListPtr list) {
     xmlSecPtrListPtr newList;
     int ret;
-    
+
     xmlSecAssert2(xmlSecPtrListIsValid(list), NULL);
-    
+
     newList = xmlSecPtrListCreate(list->id);
     if(newList == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
-		    "xmlSecPtrListCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
+                    "xmlSecPtrListCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     ret = xmlSecPtrListCopy(newList, list);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecPtrListDestroy(newList);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecPtrListDestroy(newList);
+        return(NULL);
     }
     return(newList);
 }
 
 /**
  * xmlSecPtrListGetSize:
- * @list:		the pointer to list.
+ * @list:               the pointer to list.
  *
  * Gets list size.
- * 
+ *
  * Returns: the number of itmes in @list.
  */
-xmlSecSize	
+xmlSecSize
 xmlSecPtrListGetSize(xmlSecPtrListPtr list) {
     xmlSecAssert2(xmlSecPtrListIsValid(list), 0);
-    
+
     return(list->use);
 }
 
 /**
  * xmlSecPtrListGetItem:
- * @list:		the pointer to list.
- * @pos:		the item position.
+ * @list:               the pointer to list.
+ * @pos:                the item position.
  *
  * Gets item from the list.
  *
  * Returns: the list item at position @pos or NULL if @pos is greater
  * than the number of items in the list or an error occurs.
  */
-xmlSecPtr 
+xmlSecPtr
 xmlSecPtrListGetItem(xmlSecPtrListPtr list, xmlSecSize pos) {
     xmlSecAssert2(xmlSecPtrListIsValid(list), NULL);
     xmlSecAssert2(list->data != NULL, NULL);
@@ -291,52 +291,52 @@ xmlSecPtrListGetItem(xmlSecPtrListPtr list, xmlSecSize pos) {
 
 /**
  * xmlSecPtrListAdd:
- * @list:		the pointer to list.
- * @item:		the item.
+ * @list:               the pointer to list.
+ * @item:               the item.
  *
  * Adds @item to the end of the @list.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecPtrListAdd(xmlSecPtrListPtr list, xmlSecPtr item) {
     int ret;
-    
+
     xmlSecAssert2(xmlSecPtrListIsValid(list), -1);
-    
+
     ret = xmlSecPtrListEnsureSize(list, list->use + 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", list->use + 1);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", list->use + 1);
+        return(-1);
     }
-    
+
     list->data[list->use++] = item;
     return(0);
 }
 
 /**
  * xmlSecPtrListSet:
- * @list:		the pointer to list.
- * @item:		the item.
- * @pos:		the pos.
+ * @list:               the pointer to list.
+ * @item:               the item.
+ * @pos:                the pos.
  *
  * Sets the value of list item at position @pos. The old value
  * is destroyed.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecPtrListSet(xmlSecPtrListPtr list, xmlSecPtr item, xmlSecSize pos) {
     xmlSecAssert2(xmlSecPtrListIsValid(list), -1);
     xmlSecAssert2(list->data != NULL, -1);
     xmlSecAssert2(pos < list->use, -1);
 
     if((list->id->destroyItem != NULL) && (list->data[pos] != NULL)) {
-	list->id->destroyItem(list->data[pos]);
+        list->id->destroyItem(list->data[pos]);
     }
     list->data[pos] = item;
     return(0);
@@ -344,122 +344,148 @@ xmlSecPtrListSet(xmlSecPtrListPtr list, xmlSecPtr item, xmlSecSize pos) {
 
 /**
  * xmlSecPtrListRemove:
- * @list:		the pointer to list.
- * @pos:		the position.
+ * @list:               the pointer to list.
+ * @pos:                the position.
  *
  * Destroys list item at the position @pos and sets it value to NULL.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecPtrListRemove(xmlSecPtrListPtr list, xmlSecSize pos) {
     xmlSecAssert2(xmlSecPtrListIsValid(list), -1);
     xmlSecAssert2(list->data != NULL, -1);
     xmlSecAssert2(pos < list->use, -1);
 
     if((list->id->destroyItem != NULL) && (list->data[pos] != NULL)) {
-	list->id->destroyItem(list->data[pos]);
+        list->id->destroyItem(list->data[pos]);
     }
     list->data[pos] = NULL;
     if(pos == list->use - 1) {
-	--list->use;
+        --list->use;
     }
     return(0);
 }
 
 /**
+ * xmlSecPtrListRemoveAndReturn:
+ * @list:               the pointer to list.
+ * @pos:                the position.
+ *
+ * Remove the list item at the position @pos and return it back.
+ *
+ * Returns: the pointer to the list item.
+ */
+xmlSecPtr
+xmlSecPtrListRemoveAndReturn(xmlSecPtrListPtr list, xmlSecSize pos) {
+    xmlSecPtr res;
+
+    xmlSecAssert2(xmlSecPtrListIsValid(list), NULL);
+    xmlSecAssert2(list->data != NULL, NULL);
+    xmlSecAssert2(pos < list->use, NULL);
+
+    res = list->data[pos];
+    list->data[pos] = NULL;
+    if(pos == list->use - 1) {
+        --list->use;
+    }
+    return(res);
+}
+
+
+/**
  * xmlSecPtrListDebugDump:
- * @list:		the pointer to list.
- * @output:		the pointer to output FILE.
+ * @list:               the pointer to list.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @list to the @output.
  */
-void 
+void
 xmlSecPtrListDebugDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecAssert(xmlSecPtrListIsValid(list));
     xmlSecAssert(output != NULL);
 
-    fprintf(output, "=== list size: %d\n", list->use);    
+    fprintf(output, "=== list size: %d\n", list->use);
     if(list->id->debugDumpItem != NULL) {
-	xmlSecSize pos;
-	
-	for(pos = 0; pos < list->use; ++pos) {
-	    xmlSecAssert(list->data != NULL);
-	    if(list->data[pos] != NULL) {
-		list->id->debugDumpItem(list->data[pos], output);
-	    }
-	}	
+        xmlSecSize pos;
+
+        for(pos = 0; pos < list->use; ++pos) {
+            xmlSecAssert(list->data != NULL);
+            if(list->data[pos] != NULL) {
+                list->id->debugDumpItem(list->data[pos], output);
+            }
+        }
     }
 }
 
 /**
  * xmlSecPtrListDebugXmlDump:
- * @list:		the pointer to list.
- * @output:		the pointer to output FILE.
+ * @list:               the pointer to list.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @list to the @output in XML format.
  */
-void 
+void
 xmlSecPtrListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecAssert(xmlSecPtrListIsValid(list));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "<List size=\"%d\">\n", list->use);    
+
+    fprintf(output, "<List size=\"%d\">\n", list->use);
     if(list->id->debugXmlDumpItem != NULL) {
-	xmlSecSize pos;
-	
-	for(pos = 0; pos < list->use; ++pos) {
-	    xmlSecAssert(list->data != NULL);
-	    if(list->data[pos] != NULL) {
-		list->id->debugXmlDumpItem(list->data[pos], output);
-	    }
-	}	
+        xmlSecSize pos;
+
+        for(pos = 0; pos < list->use; ++pos) {
+            xmlSecAssert(list->data != NULL);
+            if(list->data[pos] != NULL) {
+                list->id->debugXmlDumpItem(list->data[pos], output);
+            }
+        }
     }
-    fprintf(output, "</List>\n");    
+    fprintf(output, "</List>\n");
 }
 
-static int 
+static int
 xmlSecPtrListEnsureSize(xmlSecPtrListPtr list, xmlSecSize size) {
     xmlSecPtr* newData;
     xmlSecSize newSize = 0;
 
     xmlSecAssert2(xmlSecPtrListIsValid(list), -1);
-    
+
     if(size < list->max) {
-	return(0);
+        return(0);
     }
 
     switch(list->allocMode) {
-	case xmlSecAllocModeExact:
-	    newSize = size + 8;
-	    break;
-	case xmlSecAllocModeDouble:
-	    newSize = 2 * size + 32;
-	    break;
+        case xmlSecAllocModeExact:
+            newSize = size + 8;
+            break;
+        case xmlSecAllocModeDouble:
+            newSize = 2 * size + 32;
+            break;
     }
-    
+
     if(newSize < gInitialSize) {
-	newSize = gInitialSize;
+        newSize = gInitialSize;
     }
-    
+
     if(list->data != NULL) {
-    	newData = (xmlSecPtr*)xmlRealloc(list->data, sizeof(xmlSecPtr) * newSize);
+        newData = (xmlSecPtr*)xmlRealloc(list->data, sizeof(xmlSecPtr) * newSize);
     } else {
-    	newData = (xmlSecPtr*)xmlMalloc(sizeof(xmlSecPtr) * newSize);
+        newData = (xmlSecPtr*)xmlMalloc(sizeof(xmlSecPtr) * newSize);
     }
     if(newData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecPtr)*%d=%d", 
-		    newSize, sizeof(xmlSecPtr) * newSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecPtrListGetName(list)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecPtr)*%d=%d",
+                    newSize, sizeof(xmlSecPtr) * newSize);
+        return(-1);
     }
-    
+
     list->data = newData;
     list->max = newSize;
-    
+
     return(0);
 }
 
@@ -468,40 +494,40 @@ xmlSecPtrListEnsureSize(xmlSecPtrListPtr list, xmlSecSize size) {
  * strings list
  *
  **********************************************************************/
-static xmlSecPtr 	xmlSecStringListDuplicateItem		(xmlSecPtr ptr);
-static void		xmlSecStringListDestroyItem		(xmlSecPtr ptr);
+static xmlSecPtr        xmlSecStringListDuplicateItem           (xmlSecPtr ptr);
+static void             xmlSecStringListDestroyItem             (xmlSecPtr ptr);
 
 static xmlSecPtrListKlass xmlSecStringListKlass = {
     BAD_CAST "strings-list",
-    xmlSecStringListDuplicateItem,		/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    xmlSecStringListDestroyItem,		/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,					/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,					/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    xmlSecStringListDuplicateItem,              /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    xmlSecStringListDestroyItem,                /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                       /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecStringListGetKlass:
- * 
+ *
  * The strins list class.
  *
  * Returns: strings list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecStringListGetKlass(void) {
     return(&xmlSecStringListKlass);
 }
 
-static xmlSecPtr 
+static xmlSecPtr
 xmlSecStringListDuplicateItem(xmlSecPtr ptr) {
     xmlSecAssert2(ptr != NULL, NULL);
-    
+
     return(xmlStrdup((xmlChar*)ptr));
 }
 
-static void 
+static void
 xmlSecStringListDestroyItem(xmlSecPtr ptr) {
     xmlSecAssert(ptr != NULL);
-    
+
     xmlFree(ptr);
 }
 
diff --git a/src/membuf.c b/src/membuf.c
index 55053253..eb78156c 100644
--- a/src/membuf.c
+++ b/src/membuf.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Memory buffer transform
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -28,78 +28,78 @@
 /*****************************************************************************
  *
  * Memory Buffer Transform
- * 
+ *
  * xmlSecBuffer is located after xmlSecTransform
- * 
+ *
  ****************************************************************************/
 #define xmlSecTransformMemBufSize \
-	(sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
+        (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
 #define xmlSecTransformMemBufGetBuf(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecTransformMemBufSize)) ? \
-	(xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlSecBufferPtr)NULL)
-
-static int		xmlSecTransformMemBufInitialize		(xmlSecTransformPtr transform);
-static void		xmlSecTransformMemBufFinalize		(xmlSecTransformPtr transform);
-static int  		xmlSecTransformMemBufExecute		(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
+        (xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlSecBufferPtr)NULL)
+
+static int              xmlSecTransformMemBufInitialize         (xmlSecTransformPtr transform);
+static void             xmlSecTransformMemBufFinalize           (xmlSecTransformPtr transform);
+static int              xmlSecTransformMemBufExecute            (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 static xmlSecTransformKlass xmlSecTransformMemBufKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecTransformMemBufSize,			/* xmlSecSize objSize */
-
-    xmlSecNameMemBuf,				/* const xmlChar* name; */
-    NULL,					/* const xmlChar* href; */
-    0,						/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecTransformMemBufInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformMemBufFinalize,		/* xmlSecTransformFianlizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformMemBufExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecTransformMemBufSize,                  /* xmlSecSize objSize */
+
+    xmlSecNameMemBuf,                           /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* href; */
+    0,                                          /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecTransformMemBufInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformMemBufFinalize,              /* xmlSecTransformFianlizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformMemBufExecute,               /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformMemBufGetKlass:
- * 
+ *
  * The memory buffer transorm (used to store the data that go through it).
  *
  * Returns: memory buffer transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformMemBufGetKlass(void) {
     return(&xmlSecTransformMemBufKlass);
 }
 
 /**
  * xmlSecTransformMemBufGetBuffer:
- * @transform: 		the pointer to memory buffer transform.
- * 
- * Gets the pointer to memory buffer transform buffer. 
+ * @transform:          the pointer to memory buffer transform.
  *
- * Returns: pointer to the transform's #xmlSecBuffer. 
+ * Gets the pointer to memory buffer transform buffer.
+ *
+ * Returns: pointer to the transform's #xmlSecBuffer.
  */
 xmlSecBufferPtr
 xmlSecTransformMemBufGetBuffer(xmlSecTransformPtr transform) {
     xmlSecBufferPtr buffer;
 
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId), NULL);
-    
+
     buffer = xmlSecTransformMemBufGetBuf(transform);
     xmlSecAssert2(buffer != NULL, NULL);
-    
+
     return(buffer);
 }
 
@@ -107,7 +107,7 @@ static int
 xmlSecTransformMemBufInitialize(xmlSecTransformPtr transform) {
     xmlSecBufferPtr buffer;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformMemBufId), -1);
 
     buffer = xmlSecTransformMemBufGetBuf(transform);
@@ -115,14 +115,14 @@ xmlSecTransformMemBufInitialize(xmlSecTransformPtr transform) {
 
     ret = xmlSecBufferInitialize(buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    return(0);    
+    return(0);
 }
 
 static void
@@ -133,11 +133,11 @@ xmlSecTransformMemBufFinalize(xmlSecTransformPtr transform) {
 
     buffer = xmlSecTransformMemBufGetBuf(transform);
     xmlSecAssert(buffer != NULL);
-    
-    xmlSecBufferFinalize(xmlSecTransformMemBufGetBuf(transform)); 
+
+    xmlSecBufferFinalize(xmlSecTransformMemBufGetBuf(transform));
 }
 
-static int 
+static int
 xmlSecTransformMemBufExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecBufferPtr buffer;
     xmlSecBufferPtr in, out;
@@ -149,60 +149,60 @@ xmlSecTransformMemBufExecute(xmlSecTransformPtr transform, int last, xmlSecTrans
 
     buffer = xmlSecTransformMemBufGetBuf(transform);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     in = &(transform->inBuf);
-    out = &(transform->outBuf);    
+    out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
-    if(transform->status == xmlSecTransformStatusWorking) {	
-	/* just copy everything from in to our buffer and out */
-	ret = xmlSecBufferAppend(buffer, xmlSecBufferGetData(in), inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferAppend(out, xmlSecBufferGetData(in), inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	    
-	if(last != 0) {
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        /* just copy everything from in to our buffer and out */
+        ret = xmlSecBufferAppend(buffer, xmlSecBufferGetData(in), inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferAppend(out, xmlSecBufferGetData(in), inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        if(last != 0) {
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(inSize == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(inSize == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
diff --git a/src/mscrypto/Makefile.am b/src/mscrypto/Makefile.am
index 318af513..5cea654b 100644
--- a/src/mscrypto/Makefile.am
+++ b/src/mscrypto/Makefile.am
@@ -20,12 +20,17 @@ libxmlsec1_mscrypto_la_CPPFLAGS = \
 	$(NULL)
 
 libxmlsec1_mscrypto_la_SOURCES =\
+	globals.h \
+	private.h \
 	app.c \
 	certkeys.c \
 	ciphers.c \
 	crypto.c \
 	digests.c \
+	hmac.c \
 	keysstore.c \
+	kw_aes.c \
+	kw_des.c \
 	kt_rsa.c \
 	signatures.c \
 	symkeys.c \
@@ -33,7 +38,6 @@ libxmlsec1_mscrypto_la_SOURCES =\
 	x509vfy.c \
 	csp_calg.h \
 	csp_oid.h \
-	globals.h \
 	xmlsec-mingw.h \
 	$(NULL)
 
@@ -42,10 +46,10 @@ libxmlsec1_mscrypto_la_SOURCES += ../strings.c
 endif
 
 libxmlsec1_mscrypto_la_LIBADD = \
-	../libxmlsec1.la \
 	$(MSCRYPTO_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_mscrypto_la_DEPENDENCIES = \
diff --git a/src/mscrypto/Makefile.in b/src/mscrypto/Makefile.in
index 61a9b6f3..83c8f03a 100644
--- a/src/mscrypto/Makefile.in
+++ b/src/mscrypto/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,10 +38,13 @@ host_triplet = @host@
 subdir = src/mscrypto
 DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -66,13 +69,19 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 am__DEPENDENCIES_1 =
-am__libxmlsec1_mscrypto_la_SOURCES_DIST = app.c certkeys.c ciphers.c \
-	crypto.c digests.c keysstore.c kt_rsa.c signatures.c symkeys.c \
-	x509.c x509vfy.c csp_calg.h csp_oid.h globals.h xmlsec-mingw.h \
-	../strings.c
+am__libxmlsec1_mscrypto_la_SOURCES_DIST = globals.h private.h app.c \
+	certkeys.c ciphers.c crypto.c digests.c hmac.c keysstore.c \
+	kw_aes.c kw_des.c kt_rsa.c signatures.c symkeys.c x509.c \
+	x509vfy.c csp_calg.h csp_oid.h xmlsec-mingw.h ../strings.c
 am__objects_1 =
 @SHAREDLIB_HACK_TRUE@am__objects_2 =  \
 @SHAREDLIB_HACK_TRUE@	libxmlsec1_mscrypto_la-strings.lo
@@ -81,7 +90,10 @@ am_libxmlsec1_mscrypto_la_OBJECTS = libxmlsec1_mscrypto_la-app.lo \
 	libxmlsec1_mscrypto_la-ciphers.lo \
 	libxmlsec1_mscrypto_la-crypto.lo \
 	libxmlsec1_mscrypto_la-digests.lo \
+	libxmlsec1_mscrypto_la-hmac.lo \
 	libxmlsec1_mscrypto_la-keysstore.lo \
+	libxmlsec1_mscrypto_la-kw_aes.lo \
+	libxmlsec1_mscrypto_la-kw_des.lo \
 	libxmlsec1_mscrypto_la-kt_rsa.lo \
 	libxmlsec1_mscrypto_la-signatures.lo \
 	libxmlsec1_mscrypto_la-symkeys.lo \
@@ -89,22 +101,39 @@ am_libxmlsec1_mscrypto_la_OBJECTS = libxmlsec1_mscrypto_la-app.lo \
 	libxmlsec1_mscrypto_la-x509vfy.lo $(am__objects_1) \
 	$(am__objects_2)
 libxmlsec1_mscrypto_la_OBJECTS = $(am_libxmlsec1_mscrypto_la_OBJECTS)
-libxmlsec1_mscrypto_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
-	$(libxmlsec1_mscrypto_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_mscrypto_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_mscrypto_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(libxmlsec1_mscrypto_la_SOURCES)
 DIST_SOURCES = $(am__libxmlsec1_mscrypto_la_SOURCES_DIST)
 ETAGS = etags
@@ -112,6 +141,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -126,6 +156,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -134,6 +165,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -164,6 +199,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -195,8 +231,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -204,7 +242,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -223,6 +260,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -232,6 +271,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -267,6 +307,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -299,7 +340,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -335,15 +375,15 @@ libxmlsec1_mscrypto_la_CPPFLAGS = \
 	$(LIBXML_CFLAGS) \
 	$(NULL)
 
-libxmlsec1_mscrypto_la_SOURCES = app.c certkeys.c ciphers.c crypto.c \
-	digests.c keysstore.c kt_rsa.c signatures.c symkeys.c x509.c \
-	x509vfy.c csp_calg.h csp_oid.h globals.h xmlsec-mingw.h \
-	$(NULL) $(am__append_1)
+libxmlsec1_mscrypto_la_SOURCES = globals.h private.h app.c certkeys.c \
+	ciphers.c crypto.c digests.c hmac.c keysstore.c kw_aes.c \
+	kw_des.c kt_rsa.c signatures.c symkeys.c x509.c x509vfy.c \
+	csp_calg.h csp_oid.h xmlsec-mingw.h $(NULL) $(am__append_1)
 libxmlsec1_mscrypto_la_LIBADD = \
-	../libxmlsec1.la \
 	$(MSCRYPTO_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_mscrypto_la_DEPENDENCIES = \
@@ -420,8 +460,8 @@ clean-libLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libxmlsec1-mscrypto.la: $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_DEPENDENCIES) 
-	$(libxmlsec1_mscrypto_la_LINK) -rpath $(libdir) $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_LIBADD) $(LIBS)
+libxmlsec1-mscrypto.la: $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_DEPENDENCIES) $(EXTRA_libxmlsec1_mscrypto_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_mscrypto_la_LINK) -rpath $(libdir) $(libxmlsec1_mscrypto_la_OBJECTS) $(libxmlsec1_mscrypto_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -434,8 +474,11 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo@am__quote@
@@ -443,109 +486,130 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 libxmlsec1_mscrypto_la-app.lo: app.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='app.c' object='libxmlsec1_mscrypto_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-app.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='app.c' object='libxmlsec1_mscrypto_la-app.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
 
 libxmlsec1_mscrypto_la-certkeys.lo: certkeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-certkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='certkeys.c' object='libxmlsec1_mscrypto_la-certkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-certkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-certkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='certkeys.c' object='libxmlsec1_mscrypto_la-certkeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-certkeys.lo `test -f 'certkeys.c' || echo '$(srcdir)/'`certkeys.c
 
 libxmlsec1_mscrypto_la-ciphers.lo: ciphers.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='ciphers.c' object='libxmlsec1_mscrypto_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ciphers.c' object='libxmlsec1_mscrypto_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
 
 libxmlsec1_mscrypto_la-crypto.lo: crypto.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='crypto.c' object='libxmlsec1_mscrypto_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='crypto.c' object='libxmlsec1_mscrypto_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
 
 libxmlsec1_mscrypto_la-digests.lo: digests.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='digests.c' object='libxmlsec1_mscrypto_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='digests.c' object='libxmlsec1_mscrypto_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+
+libxmlsec1_mscrypto_la-hmac.lo: hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Tpo -c -o libxmlsec1_mscrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hmac.c' object='libxmlsec1_mscrypto_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
 
 libxmlsec1_mscrypto_la-keysstore.lo: keysstore.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='keysstore.c' object='libxmlsec1_mscrypto_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-keysstore.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='keysstore.c' object='libxmlsec1_mscrypto_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+
+libxmlsec1_mscrypto_la-kw_aes.lo: kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Tpo -c -o libxmlsec1_mscrypto_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_aes.c' object='libxmlsec1_mscrypto_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+
+libxmlsec1_mscrypto_la-kw_des.lo: kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Tpo -c -o libxmlsec1_mscrypto_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_des.c' object='libxmlsec1_mscrypto_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
 
 libxmlsec1_mscrypto_la-kt_rsa.lo: kt_rsa.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kt_rsa.c' object='libxmlsec1_mscrypto_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-kt_rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kt_rsa.c' object='libxmlsec1_mscrypto_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
 
 libxmlsec1_mscrypto_la-signatures.lo: signatures.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='signatures.c' object='libxmlsec1_mscrypto_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='signatures.c' object='libxmlsec1_mscrypto_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
 
 libxmlsec1_mscrypto_la-symkeys.lo: symkeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='symkeys.c' object='libxmlsec1_mscrypto_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='symkeys.c' object='libxmlsec1_mscrypto_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
 
 libxmlsec1_mscrypto_la-x509.lo: x509.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509.c' object='libxmlsec1_mscrypto_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509.c' object='libxmlsec1_mscrypto_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
 
 libxmlsec1_mscrypto_la-x509vfy.lo: x509vfy.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509vfy.c' object='libxmlsec1_mscrypto_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509vfy.c' object='libxmlsec1_mscrypto_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
 
 libxmlsec1_mscrypto_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../strings.c' object='libxmlsec1_mscrypto_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_mscrypto_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Tpo $(DEPDIR)/libxmlsec1_mscrypto_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../strings.c' object='libxmlsec1_mscrypto_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_mscrypto_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_mscrypto_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -652,10 +716,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/src/mscrypto/README b/src/mscrypto/README
index f7d45636..0b3f4b6b 100644
--- a/src/mscrypto/README
+++ b/src/mscrypto/README
@@ -1,28 +1,28 @@
 WHAT VERSION OF WINDOWS?
 ------------------------------------------------------------------------
 
-The xmlsec-mscrypto lib is developed on a windows XP machine with MS Visual 
-Studio (6 and .NET). The MS Crypto API has been evolving a lot with the 
+The xmlsec-mscrypto lib is developed on a windows XP machine with MS Visual
+Studio (6 and .NET). The MS Crypto API has been evolving a lot with the
 new releases of windows and internet explorer. MS CryptoAPI libraries
-are distributed with ie and with the windows OS. Full functionality will 
-only be achieved on windows XP. AES is for example not supported on pre 
-XP versions of Windows (workarounds for this are possible, I believe). 
-Direct RSA de/encryption, used by xmlsec-mscrypto, is only possible from 
-Win 2000 (possibly also with a newer version of ie, with strong encryption 
+are distributed with ie and with the windows OS. Full functionality will
+only be achieved on windows XP. AES is for example not supported on pre
+XP versions of Windows (workarounds for this are possible, I believe).
+Direct RSA de/encryption, used by xmlsec-mscrypto, is only possible from
+Win 2000 (possibly also with a newer version of ie, with strong encryption
 patch installed). It's very likely more of these issues are lying around, a
 nd until it is tested on older windows systems it is uncertain what will work.
 
-KEYS MANAGER with MS Certificate store support. 
+KEYS MANAGER with MS Certificate store support.
 ------------------------------------------------------------------------
 
-The default xmlsec-mscrypto keys manager is based upon the simple keys 
-store, found in the xmlsec core library. If keys are not found in the 
-simple keys store, than MS Certificate store is used to lookup keys. 
-The certificate store is only used on a READONLY base, so it is not possible 
-to store keys via the keys store into the MS certificate store. There are enough 
+The default xmlsec-mscrypto keys manager is based upon the simple keys
+store, found in the xmlsec core library. If keys are not found in the
+simple keys store, than MS Certificate store is used to lookup keys.
+The certificate store is only used on a READONLY base, so it is not possible
+to store keys via the keys store into the MS certificate store. There are enough
 other tools that can do that for you.
 
-When the xmlsec application is started, with the config parameter the name of 
+When the xmlsec application is started, with the config parameter the name of
 the (system) keystore can be given. That keystore will be used for certificates
 and keys lookup. With the keyname now two types of values can be given:
     - simple name (called friendly name with MS);
@@ -33,20 +33,7 @@ KNOWN ISSUES.
 1) Default keys manager don't use trusted certs in MS Crypto Store
 (http://bugzilla.gnome.org/show_bug.cgi?id=123668).
 
-2) Missing crypto functionality:
-  - HMAC (http://bugzilla.gnome.org/show_bug.cgi?id=123670): does not look 
-  like MS would support it soon.
-  - RSA-OAEP (http://bugzilla.gnome.org/show_bug.cgi?id=123671): MS says 
-  that they will support this in the near future.
-  - AES KW (http://bugzilla.gnome.org/show_bug.cgi?id=123672): no native
-  support, might be possible to implement on top of AES cipher itself
-  - DES KW (http://bugzilla.gnome.org/show_bug.cgi?id=123673): no native
-  support, might be possible to implement on top of AES cipher itself
-
-3) Actual AES Crypto provider name is different from the "official" one
-(http://bugzilla.gnome.org/show_bug.cgi?id=123674).
-
-4) The only supported file formats are PKCS#12 and DER certificates
+2) The only supported file formats are PKCS#12 and DER certificates
 (http://bugzilla.gnome.org/show_bug.cgi?id=123675).
 
 
diff --git a/src/mscrypto/app.c b/src/mscrypto/app.c
index c3a4b0d8..92894d90 100644
--- a/src/mscrypto/app.c
+++ b/src/mscrypto/app.c
@@ -1,10 +1,10 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -24,22 +24,20 @@
 #include <xmlsec/mscrypto/certkeys.h>
 #include <xmlsec/mscrypto/keysstore.h>
 #include <xmlsec/mscrypto/x509.h>
+#include "private.h"
 
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
 
-/* I don't see any other way then to use a global var to get the 
- * config info to the mscrypto keysstore :(  WK 
+/* I don't see any other way then to use a global var to get the
+ * config info to the mscrypto keysstore :(  WK
  */
-static char *gXmlSecMSCryptoAppCertStoreName = NULL;
+static LPTSTR gXmlSecMSCryptoAppCertStoreName = NULL;
 
 /**
  * xmlSecMSCryptoAppInit:
- * @config:		the name of another then the default ms certificate store.
- * 
+ * @config:             the name of another then the default ms certificate store.
+ *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -48,21 +46,44 @@ int
 xmlSecMSCryptoAppInit(const char* config) {
     /* initialize MSCrypto crypto engine */
 
-    /* config parameter can contain *another* ms certs store name 
+    /* config parameter can contain *another* ms certs store name
      * then the default (MY)
      */
     if (NULL != config && strlen(config) > 0) {
-	if (gXmlSecMSCryptoAppCertStoreName) {
-	    /* This should not happen, initialize twice */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"config=%s, config already set", 
-			xmlSecErrorsSafeString(config));
-	    return (-1);
-	}
-	gXmlSecMSCryptoAppCertStoreName = xmlStrdup(config);
+        if (gXmlSecMSCryptoAppCertStoreName != NULL) {
+            /* This should not happen, initialize twice */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "config=%s, config already set",
+                        xmlSecErrorsSafeString(config));
+            return (-1);
+        }
+
+#ifdef UNICODE
+        gXmlSecMSCryptoAppCertStoreName = xmlSecMSCryptoConvertLocaleToUnicode(config);
+        if (gXmlSecMSCryptoAppCertStoreName == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        "xmlSecMSCryptoConvertLocaleToUnicode",
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "config=%s",
+                        xmlSecErrorsSafeString(config));
+            return (-1);
+        }
+#else  /* UNICODE */
+        gXmlSecMSCryptoAppCertStoreName = xmlStrdup(config);
+        if (gXmlSecMSCryptoAppCertStoreName == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        "xmlStrdup",
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "config=%s",
+                        xmlSecErrorsSafeString(config));
+            return (-1);
+        }
+#endif /* UNICODE */
     }
 
     return(0);
@@ -70,9 +91,9 @@ xmlSecMSCryptoAppInit(const char* config) {
 
 /**
  * xmlSecMSCryptoAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -81,8 +102,8 @@ int
 xmlSecMSCryptoAppShutdown(void) {
     /* shutdown MSCrypto crypto engine */
     if (NULL != gXmlSecMSCryptoAppCertStoreName) {
-	xmlFree(gXmlSecMSCryptoAppCertStoreName);
-	gXmlSecMSCryptoAppCertStoreName = NULL;
+        xmlFree(gXmlSecMSCryptoAppCertStoreName);
+        gXmlSecMSCryptoAppCertStoreName = NULL;
     }
     return(0);
 }
@@ -94,22 +115,22 @@ xmlSecMSCryptoAppShutdown(void) {
  *
  * Returns: the MS Crypto certs name used by xmlsec-mscrypto.
  */
-const char*
+LPCTSTR
 xmlSecMSCryptoAppGetCertStoreName(void) {
     return(gXmlSecMSCryptoAppCertStoreName);
 }
 
 /*************************************************************************************
- * Keys 
+ * Keys
  *************************************************************************************/
 
 /**
  * xmlSecMSCryptoAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file.
  *
@@ -117,24 +138,24 @@ xmlSecMSCryptoAppGetCertStoreName(void) {
  */
 xmlSecKeyPtr
 xmlSecMSCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-			 const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                         const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     xmlSecBuffer buffer;
     xmlSecKeyPtr key = NULL;
-    int ret;    
-    
+    int ret;
+
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
+
     switch (format) {
     case xmlSecKeyDataFormatPkcs12:
-	key = xmlSecMSCryptoAppPkcs12Load(filename, pwd, pwdCallback, pwdCallbackCtx);
+        key = xmlSecMSCryptoAppPkcs12Load(filename, pwd, pwdCallback, pwdCallbackCtx);
         if(key == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlSecMSCryptoAppPkcs12Load",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         XMLSEC_ERRORS_NO_MESSAGE);
-            return(NULL);	
+            return(NULL);
         }
         break;
     case xmlSecKeyDataFormatCertDer:
@@ -145,7 +166,7 @@ xmlSecMSCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
                         "xmlSecBufferInitialize",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         XMLSEC_ERRORS_NO_MESSAGE);
-            return(NULL);	
+            return(NULL);
         }
 
         ret = xmlSecBufferReadFile(&buffer, filename);
@@ -154,26 +175,26 @@ xmlSecMSCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
                         NULL,
                         "xmlSecBufferReadFile",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                        "filename=%s", 
+                        "filename=%s",
                         xmlSecErrorsSafeString(filename));
-	    xmlSecBufferFinalize(&buffer);
+            xmlSecBufferFinalize(&buffer);
             return (NULL);
         }
-	
-	key = xmlSecMSCryptoAppKeyLoadMemory(xmlSecBufferGetData(&buffer),
-					xmlSecBufferGetSize(&buffer), format,
-					pwd, pwdCallback, pwdCallbackCtx);
+
+        key = xmlSecMSCryptoAppKeyLoadMemory(xmlSecBufferGetData(&buffer),
+                                        xmlSecBufferGetSize(&buffer), format,
+                                        pwd, pwdCallback, pwdCallbackCtx);
         if(key == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlSecMSCryptoAppKeyLoadMemory",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecBufferFinalize(&buffer);
-            return(NULL);	
+            xmlSecBufferFinalize(&buffer);
+            return(NULL);
         }
-	xmlSecBufferFinalize(&buffer);
-	break;
+        xmlSecBufferFinalize(&buffer);
+        break;
     default:
         /* Any other format like PEM keys is currently not supported */
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -181,7 +202,7 @@ xmlSecMSCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
                     NULL,
                     XMLSEC_ERRORS_R_INVALID_FORMAT,
                     "format=%d", format);
-	return(NULL);
+        return(NULL);
     }
 
     return(key);
@@ -189,20 +210,20 @@ xmlSecMSCryptoAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 
 /**
  * xmlSecMSCryptoAppKeyLoadMemory:
- * @data:		the key binary data.
- * @dataSize:		the key data size.
- * @format:		the key format.
- * @pwd:		the key password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key binary data.
+ * @dataSize:           the key data size.
+ * @format:             the key format.
+ * @pwd:                the key password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecMSCryptoAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
-			       const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                               const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     PCCERT_CONTEXT pCert = NULL;
     PCCERT_CONTEXT tmpcert = NULL;
     xmlSecKeyDataPtr x509Data = NULL;
@@ -217,91 +238,91 @@ xmlSecMSCryptoAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlS
 
     pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, data, dataSize);
     if (NULL == pCert) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertCreateCertificateContext",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertCreateCertificateContext",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     x509Data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataX509Id);
     if(x509Data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
+        goto done;
     }
 
     tmpcert = CertDuplicateCertificateContext(pCert);
     if(tmpcert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertDuplicateCertificateContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertDuplicateCertificateContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
     }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(x509Data, tmpcert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	CertFreeCertificateContext(tmpcert);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        CertFreeCertificateContext(tmpcert);
+        goto done;
     }
     tmpcert = NULL;
 
     keyData = xmlSecMSCryptoCertAdopt(pCert, xmlSecKeyDataTypePublic);
     if(keyData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoCertAdopt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoCertAdopt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
-    pCert = NULL;    
+    pCert = NULL;
 
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = xmlSecKeySetValue(key, keyData);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
     }
     keyData = NULL;
 
     ret = xmlSecKeyAdoptData(key, x509Data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyAdoptData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyAdoptData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
     }
     x509Data = NULL;
 
@@ -310,21 +331,21 @@ xmlSecMSCryptoAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlS
     key = NULL;
 done:
     if(pCert != NULL) {
-	CertFreeCertificateContext(pCert);
+        CertFreeCertificateContext(pCert);
     }
     if(tmpcert != NULL) {
-	CertFreeCertificateContext(tmpcert);
+        CertFreeCertificateContext(tmpcert);
     }
     if(x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if(keyData != NULL) {
         xmlSecKeyDataDestroy(keyData);
     }
     if(key != NULL) {
-	xmlSecKeyDestroy(key);
+        xmlSecKeyDestroy(key);
     }
-    return(res); 
+    return(res);
 }
 
 
@@ -336,94 +357,94 @@ done:
 
 /**
  * xmlSecMSCryptoAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@filename and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
 
-int		
-xmlSecMSCryptoAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, 
-			     xmlSecKeyDataFormat format) {
+int
+xmlSecMSCryptoAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
+                             xmlSecKeyDataFormat format) {
     xmlSecBuffer buffer;
     int ret;
 
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-									
+
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecBufferReadFile(&buffer, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferReadFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return (-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return (-1);
     }
-    
-    ret = xmlSecMSCryptoAppKeyCertLoadMemory(key, xmlSecBufferGetData(&buffer), 
-    		    xmlSecBufferGetSize(&buffer), format);
+
+    ret = xmlSecMSCryptoAppKeyCertLoadMemory(key, xmlSecBufferGetData(&buffer),
+                    xmlSecBufferGetSize(&buffer), format);
     if (ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoAppKeyCertLoadMemory",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoAppKeyCertLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
     }
-    
+
     xmlSecBufferFinalize(&buffer);
-    return(0);        
+    return(0);
 }
 
 /**
  * xmlSecMSCryptoAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the binary certificate.
+ * @key:                the pointer to key.
+ * @data:               the binary certificate.
  * @dataSize:           size of certificate binary (data)
- * @format:		the certificate file format.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@data and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
-				   xmlSecKeyDataFormat format) {
+int
+xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
+                                   xmlSecKeyDataFormat format) {
     PCCERT_CONTEXT pCert;
     xmlSecKeyDataPtr kdata;
     int ret;
-        
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     kdata = xmlSecKeyEnsureData(key, xmlSecMSCryptoKeyDataX509Id);
     if(kdata == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-	    	    "xmlSecKeyEnsureData",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
+        return(-1);
     }
 
     /* For now only DER certificates are supported */
@@ -435,11 +456,11 @@ xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xml
         if (NULL == pCert) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "CertCreateCertificateContext", 
+                        "CertCreateCertificateContext",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         "format=%d", format);
-            return(-1);    
-        }    	
+            return(-1);
+        }
 
         ret = xmlSecMSCryptoKeyDataX509AdoptCert(kdata, pCert);
         if(ret < 0) {
@@ -450,37 +471,37 @@ xmlSecMSCryptoAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xml
                         "data=%s",
                         xmlSecErrorsSafeString(xmlSecKeyDataGetName(kdata)));
             CertFreeCertificateContext(pCert);
-            return(-1);    
+            return(-1);
         }
-	break;
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", (int)format);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", (int)format);
+        return(-1);
     }
-    
-    return(0);        
+
+    return(0);
 }
 
 /**
  * xmlSecMSCryptoAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecMSCryptoAppPkcs12Load(const char *filename, 
-			    const char *pwd,
-			    void* pwdCallback ATTRIBUTE_UNUSED, 
-			    void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+xmlSecKeyPtr
+xmlSecMSCryptoAppPkcs12Load(const char *filename,
+                            const char *pwd,
+                            void* pwdCallback ATTRIBUTE_UNUSED,
+                            void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     xmlSecBuffer buffer;
     xmlSecKeyPtr key;
     int ret;
@@ -490,71 +511,70 @@ xmlSecMSCryptoAppPkcs12Load(const char *filename,
 
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     ret = xmlSecBufferReadFile(&buffer, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferReadFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return (NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return (NULL);
     }
     if(xmlSecBufferGetData(&buffer) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
 
-    key = xmlSecMSCryptoAppPkcs12LoadMemory(xmlSecBufferGetData(&buffer), 
-					    xmlSecBufferGetSize(&buffer), pwd,
-					    pwdCallback, pwdCallbackCtx);
+    key = xmlSecMSCryptoAppPkcs12LoadMemory(xmlSecBufferGetData(&buffer),
+                                            xmlSecBufferGetSize(&buffer), pwd,
+                                            pwdCallback, pwdCallbackCtx);
     if (key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoAppPkcs12LoadMemory",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoAppPkcs12LoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
-    
+
     xmlSecBufferFinalize(&buffer);
-    return(key);        
+    return(key);
 }
 
 /**
  * xmlSecMSCryptoAppPkcs12LoadMemory:
- * @data:		the binary PKCS12 key in data.
+ * @data:               the binary PKCS12 key in data.
  * @dataSize:           size of binary pkcs12 data
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 binary
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
-				  xmlSecSize dataSize, 
-				  const char *pwd,
-				  void* pwdCallback ATTRIBUTE_UNUSED, 
-				  void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
-    int ret, len;
+                                  xmlSecSize dataSize,
+                                  const char *pwd,
+                                  void* pwdCallback ATTRIBUTE_UNUSED,
+                                  void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     CRYPT_DATA_BLOB pfx;
     HCERTSTORE hCertStore = NULL;
     PCCERT_CONTEXT tmpcert = NULL;
@@ -563,6 +583,7 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
     xmlSecKeyDataPtr x509Data = NULL;
     xmlSecKeyDataPtr keyData = NULL;
     xmlSecKeyPtr key = NULL;
+        int ret;
 
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(dataSize > 1, NULL);
@@ -573,196 +594,176 @@ xmlSecMSCryptoAppPkcs12LoadMemory(const xmlSecByte* data,
     pfx.cbData = dataSize;
 
     if(FALSE == PFXIsPFXBlob(&pfx)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PFXIsPFXBlob",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%ld",
-		    pfx.cbData);
-	goto done;
-    }
-
-    len = MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, pwd, -1, NULL, 0);
-    if(len <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "MultiByteToWideChar",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    wcPwd = (WCHAR *)xmlMalloc((len + 1) * sizeof(WCHAR));
-    if(wcPwd == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "len=%d", len);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PFXIsPFXBlob",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%ld",
+                    pfx.cbData);
+        goto done;
     }
 
-    ret = MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, pwd, -1, wcPwd, len);
-    if (ret <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "MultiByteToWideChar",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+    wcPwd = xmlSecMSCryptoConvertLocaleToUnicode(pwd);
+    if (wcPwd == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoConvertLocaleToUnicode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "wcPwd");
+        goto done;
     }
 
     if (FALSE == PFXVerifyPassword(&pfx, wcPwd, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PFXVerifyPassword",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PFXVerifyPassword",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     hCertStore = PFXImportCertStore(&pfx, wcPwd, CRYPT_EXPORTABLE);
     if (NULL == hCertStore) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PFXImportCertStore",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PFXImportCertStore",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
-    
+
     x509Data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataX509Id);
     if(x509Data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecMSCryptoKeyDataX509Id)));
+        goto done;
     }
 
     while (pCert = CertEnumCertificatesInStore(hCertStore, pCert)) {
-	DWORD dwData = 0;
+        DWORD dwData = 0;
         DWORD dwDataLen = sizeof(DWORD);
 
-	/* Find the certificate that has the private key */
-	if((TRUE == CertGetCertificateContextProperty(pCert, CERT_KEY_SPEC_PROP_ID, &dwData, &dwDataLen)) && (dwData > 0)) {
-	    tmpcert = CertDuplicateCertificateContext(pCert);
-	    if(tmpcert == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CertDuplicateCertificateContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "data=%s",
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-		goto done;
-	    }
-
-	    keyData = xmlSecMSCryptoCertAdopt(tmpcert, xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
-	    if(keyData == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecMSCryptoCertAdopt",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
+        /* Find the certificate that has the private key */
+        if((TRUE == CertGetCertificateContextProperty(pCert, CERT_KEY_SPEC_PROP_ID, &dwData, &dwDataLen)) && (dwData > 0)) {
+            tmpcert = CertDuplicateCertificateContext(pCert);
+            if(tmpcert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CertDuplicateCertificateContext",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "data=%s",
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+                goto done;
+            }
+
+            keyData = xmlSecMSCryptoCertAdopt(tmpcert, xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+            if(keyData == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecMSCryptoCertAdopt",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
         tmpcert = NULL;
-	
-	    tmpcert = CertDuplicateCertificateContext(pCert);
-	    if(tmpcert == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CertDuplicateCertificateContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "data=%s",
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-		goto done;
-	    }
-
-	    ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(x509Data, tmpcert);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-		goto done;
-	    }
-	    tmpcert = NULL;
-	}
-
-	/* load certificate in the x509 key data */
-	tmpcert = CertDuplicateCertificateContext(pCert);
+
+            tmpcert = CertDuplicateCertificateContext(pCert);
+            if(tmpcert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CertDuplicateCertificateContext",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "data=%s",
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+                goto done;
+            }
+
+            ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(x509Data, tmpcert);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+                goto done;
+            }
+            tmpcert = NULL;
+        }
+
+        /* load certificate in the x509 key data */
+        tmpcert = CertDuplicateCertificateContext(pCert);
         if(tmpcert == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CertDuplicateCertificateContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;	
-	}
-
-	ret = xmlSecMSCryptoKeyDataX509AdoptCert(x509Data, tmpcert);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecMSCryptoKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	tmpcert = NULL;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptCert(x509Data, tmpcert);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        tmpcert = NULL;
     }
 
     if (keyData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoAppPkcs12Load",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "private key not found in PKCS12 file");
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoAppPkcs12Load",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "private key not found in PKCS12 file");
+        goto done;
     }
 
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = xmlSecKeySetValue(key, keyData);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     keyData = NULL;
 
     ret = xmlSecKeyAdoptData(key, x509Data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyAdoptData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyAdoptData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     x509Data = NULL;
 
@@ -774,88 +775,88 @@ done:
         xmlFree(wcPwd);
     }
     if(x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if(keyData != NULL) {
         xmlSecKeyDataDestroy(keyData);
     }
     if(tmpcert != NULL) {
-	CertFreeCertificateContext(tmpcert);
+        CertFreeCertificateContext(tmpcert);
     }
-    return(key); 
+    return(key);
 }
 
 /**
  * xmlSecMSCryptoAppKeysMngrCertLoad:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store (not implemented yet).
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecMSCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-				xmlSecKeyDataFormat format, 
-				xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+xmlSecMSCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+                                xmlSecKeyDataFormat format,
+                                xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     xmlSecBuffer buffer;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecBufferReadFile(&buffer, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferReadFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return (-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferReadFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return (-1);
     }
 
     ret = xmlSecMSCryptoAppKeysMngrCertLoadMemory(mngr, xmlSecBufferGetData(&buffer),
         xmlSecBufferGetSize(&buffer), format, type);
     if (ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoAppKeysMngrCertLoadMemory",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	xmlSecBufferFinalize(&buffer);
-	return(-1);
+                    NULL,
+                    "xmlSecMSCryptoAppKeysMngrCertLoadMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
     }
-    
+
     xmlSecBufferFinalize(&buffer);
-    return(ret);                         
+    return(ret);
 }
 
 /**
  * xmlSecMSCryptoAppKeysMngrCertLoadMemory:
- * @mngr: 		the keys manager.
- * @data: 		the binary certificate.
+ * @mngr:               the keys manager.
+ * @data:               the binary certificate.
  * @dataSize:           size of binary certificate (data)
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
  *
  * Reads cert from @data and adds to the list of trusted or known
  * untrusted certs in @store.
@@ -864,7 +865,7 @@ xmlSecMSCryptoAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
  */
 int
 xmlSecMSCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
-                                        xmlSecSize dataSize, xmlSecKeyDataFormat format, 
+                                        xmlSecSize dataSize, xmlSecKeyDataFormat format,
                                         xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     xmlSecKeyDataStorePtr x509Store;
     PCCERT_CONTEXT pCert = NULL;
@@ -877,35 +878,35 @@ xmlSecMSCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte
 
     x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecMSCryptoX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetDataStore",
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetDataStore",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
                     "xmlSecMSCryptoX509StoreId");
         return(-1);
     }
 
     switch (format) {
-	case xmlSecKeyDataFormatDer:
-	case xmlSecKeyDataFormatCertDer:
-	    pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-						 data, dataSize);
-	    if (NULL == pCert) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CertCreateCertificateContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-	    		    XMLSEC_ERRORS_NO_MESSAGE);
-		return (-1);
-	    }
-	    break;
-	default:
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_FORMAT,
-			"format=%d", format); 
-	    return(-1);
+        case xmlSecKeyDataFormatDer:
+        case xmlSecKeyDataFormatCertDer:
+            pCert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+                                                 data, dataSize);
+            if (NULL == pCert) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CertCreateCertificateContext",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return (-1);
+            }
+            break;
+        default:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_FORMAT,
+                        "format=%d", format);
+            return(-1);
     }
 
     xmlSecAssert2(pCert != NULL, -1);
@@ -915,56 +916,56 @@ xmlSecMSCryptoAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte
                     NULL,
                     "xmlSecMSCryptoX509StoreAdoptCert",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(pCert);
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(pCert);
         return(-1);
     }
 
     return(0);
 }
 
-/** 
- * xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore: 
- * @mngr: 		        the keys manager.
+/**
+ * xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore:
+ * @mngr:                       the keys manager.
  * @keyStore:           the pointer to keys store.
  *
  * Adds @keyStore to the list of key stores in the keys manager @mngr.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore(xmlSecKeysMngrPtr mngr, HCERTSTORE keyStore)
 {
-	xmlSecKeyDataStorePtr x509Store ;
+        xmlSecKeyDataStorePtr x509Store ;
 
-	xmlSecAssert2( mngr != NULL, -1 ) ;
-	xmlSecAssert2( keyStore != NULL, -1 ) ;
+        xmlSecAssert2( mngr != NULL, -1 ) ;
+        xmlSecAssert2( keyStore != NULL, -1 ) ;
 
     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId) ;
-	if( x509Store == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecKeysMngrGetDataStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1) ;
-	}
-
-	if( xmlSecMSCryptoX509StoreAdoptKeyStore( x509Store, keyStore ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
-			"xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1) ;
-	}
-
-	return (0) ;
+        if( x509Store == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecKeysMngrGetDataStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1) ;
+        }
+
+        if( xmlSecMSCryptoX509StoreAdoptKeyStore( x509Store, keyStore ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
+                        "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1) ;
+        }
+
+        return (0) ;
 }
 
-/** 
- * xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore: 
- * @mngr: 		        the keys manager.
+/**
+ * xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore:
+ * @mngr:                       the keys manager.
  * @trustedStore:       the pointer to certs store.
  *
  * Adds @trustedStore to the list of trusted cert stores in the keys manager @mngr.
@@ -974,36 +975,36 @@ xmlSecMSCryptoAppDefaultKeysMngrAdoptKeyStore(xmlSecKeysMngrPtr mngr, HCERTSTORE
 int
 xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore(xmlSecKeysMngrPtr mngr, HCERTSTORE trustedStore)
 {
-	xmlSecKeyDataStorePtr x509Store ;
+        xmlSecKeyDataStorePtr x509Store ;
 
-	xmlSecAssert2( mngr != NULL, -1 ) ;
-	xmlSecAssert2( trustedStore != NULL, -1 ) ;
+        xmlSecAssert2( mngr != NULL, -1 ) ;
+        xmlSecAssert2( trustedStore != NULL, -1 ) ;
 
     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId ) ;
-	if( x509Store == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecKeysMngrGetDataStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1) ;
-	}
-
-	if( xmlSecMSCryptoX509StoreAdoptTrustedStore( x509Store, trustedStore ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
-			"xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1) ;
-	}
-
-	return(0);
+        if( x509Store == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecKeysMngrGetDataStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1) ;
+        }
+
+        if( xmlSecMSCryptoX509StoreAdoptTrustedStore( x509Store, trustedStore ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
+                        "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1) ;
+        }
+
+        return(0);
 }
 
-/** 
- * xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore: 
- * @mngr: 		        the keys manager.
+/**
+ * xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore:
+ * @mngr:                       the keys manager.
  * @untrustedStore:     the pointer to certs store.
  *
  * Adds @trustedStore to the list of un-trusted cert stores in the keys manager @mngr.
@@ -1013,222 +1014,222 @@ xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore(xmlSecKeysMngrPtr mngr, HCERTS
 int
 xmlSecMSCryptoAppDefaultKeysMngrAdoptUntrustedStore(xmlSecKeysMngrPtr mngr, HCERTSTORE untrustedStore)
 {
-	xmlSecKeyDataStorePtr x509Store ;
+        xmlSecKeyDataStorePtr x509Store ;
 
-	xmlSecAssert2( mngr != NULL, -1 ) ;
-	xmlSecAssert2( untrustedStore != NULL, -1 ) ;
+        xmlSecAssert2( mngr != NULL, -1 ) ;
+        xmlSecAssert2( untrustedStore != NULL, -1 ) ;
 
     x509Store = xmlSecKeysMngrGetDataStore( mngr, xmlSecMSCryptoX509StoreId);
-	if( x509Store == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecKeysMngrGetDataStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);
-	}
-
-	if( xmlSecMSCryptoX509StoreAdoptUntrustedStore( x509Store, untrustedStore ) < 0) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
-			"xmlSecMSCryptoX509StoreAdoptKeyStore" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);
-	}
-
-	return(0) ;
+        if( x509Store == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecKeysMngrGetDataStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        if( xmlSecMSCryptoX509StoreAdoptUntrustedStore( x509Store, untrustedStore ) < 0) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        xmlSecErrorsSafeString( xmlSecKeyDataStoreGetName( x509Store ) ) ,
+                        "xmlSecMSCryptoX509StoreAdoptKeyStore" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        return(0) ;
 }
 
 #endif /* XMLSEC_NO_X509 */
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default MSCrypto crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecMSCryptoAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
 
-    /* create MSCrypto keys store if needed */        
+    /* create MSCrypto keys store if needed */
     if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
-	xmlSecKeyStorePtr keysStore;
-
-	keysStore = xmlSecKeyStoreCreate(xmlSecMSCryptoKeysStoreId);
-	if(keysStore == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecMSCryptoKeysStoreId");
-	    return(-1);
-	}
-	
-	ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptKeysStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(keysStore);
-	    return(-1);        
-	}
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecMSCryptoKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecMSCryptoKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
     }
 
-    ret = xmlSecMSCryptoKeysMngrInit(mngr);    
+    ret = xmlSecMSCryptoKeysMngrInit(mngr);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecMSCryptoKeysMngrInit",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-        return(-1); 
+                        NULL,
+                        "xmlSecMSCryptoKeysMngrInit",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     mngr->getKey = xmlSecKeysMngrGetKey;
     return(0);
 }
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecMSCryptoAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecMSCryptoAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecMSCryptoKeysStoreAdoptKey(store, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoKeysStoreAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecMSCryptoAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecMSCryptoAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecMSCryptoKeysStoreLoad(store, uri, mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoKeysStoreLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  * @filename:   the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecMSCryptoAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecKeysMngrGetKeysStore",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
+                        NULL,
+                        "xmlSecKeysMngrGetKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     ret = xmlSecMSCryptoKeysStoreSave(store, filename, type);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecMSCryptoKeysStoreSave",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "filename%s", xmlSecErrorsSafeString(filename));
+                        NULL,
+                        "xmlSecMSCryptoKeysStoreSave",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "filename%s", xmlSecErrorsSafeString(filename));
         return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  * @hKey:       the key handle.
- *  
+ *
  * Adds private key @hKey to the keys manager @mngr.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad(xmlSecKeysMngrPtr mngr, HCRYPTKEY hKey) {
     xmlSecAssert2(mngr != NULL, -1);
@@ -1240,14 +1241,14 @@ xmlSecMSCryptoAppDefaultKeysMngrPrivateKeyLoad(xmlSecKeysMngrPtr mngr, HCRYPTKEY
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  * @hKey:       the key handle.
- *  
+ *
  * Adds public key @hKey to the keys manager @mngr.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad(xmlSecKeysMngrPtr mngr, HCRYPTKEY hKey) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(hKey != 0, -1);
@@ -1258,14 +1259,14 @@ xmlSecMSCryptoAppDefaultKeysMngrPublicKeyLoad(xmlSecKeysMngrPtr mngr, HCRYPTKEY
 
 /**
  * xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  * @hKey:       the key handle.
- *  
+ *
  * Adds symmetric key @hKey to the keys manager @mngr.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecMSCryptoAppDefaultKeysMngrSymKeyLoad(xmlSecKeysMngrPtr mngr, HCRYPTKEY hKey) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(hKey != 0, -1);
diff --git a/src/mscrypto/certkeys.c b/src/mscrypto/certkeys.c
index 73a6c260..12c2e404 100644
--- a/src/mscrypto/certkeys.c
+++ b/src/mscrypto/certkeys.c
@@ -1,10 +1,10 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -30,10 +30,7 @@
 #include <xmlsec/mscrypto/certkeys.h>
 #include <xmlsec/mscrypto/crypto.h>
 #include <xmlsec/mscrypto/x509.h>
-
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
+#include "private.h"
 
 // GOST CSP don't support keys duplicating, so we use NT4 analogs for these...
 #ifndef XMLSEC_NO_GOST
@@ -42,15 +39,14 @@
 #endif
 #endif
 
-#define XMLSEC_CONTAINER_NAME "xmlsec-key-container"
 
 /**************************************************************************
  *
  * Internal MSCrypto PCCERT_CONTEXT key CTX
  *
  *************************************************************************/
-typedef struct _xmlSecMSCryptoKeyDataCtx xmlSecMSCryptoKeyDataCtx, 
-						*xmlSecMSCryptoKeyDataCtxPtr;
+typedef struct _xmlSecMSCryptoKeyDataCtx xmlSecMSCryptoKeyDataCtx,
+                                                *xmlSecMSCryptoKeyDataCtxPtr;
 
 #ifdef XMLSEC_MSCRYPTO_NT4
 /*-
@@ -59,8 +55,8 @@ typedef struct _xmlSecMSCryptoKeyDataCtx xmlSecMSCryptoKeyDataCtx,
  * by WINNT 4.0, the wrapper will enable the library work on WINNT 4.0
  */
 struct _mscrypt_key {
-	HCRYPTKEY hKey ;
-	volatile LONG refcnt ;
+        HCRYPTKEY hKey ;
+        volatile LONG refcnt ;
 } ;
 
 /*-
@@ -69,9 +65,9 @@ struct _mscrypt_key {
  * by WINNT 4.0, the wrapper will enable the library work on WINNT 4.0
  */
 struct _mscrypt_prov {
-	HCRYPTPROV hProv ;
+        HCRYPTPROV hProv ;
     BOOL fCallerFreeProv ;
-	volatile LONG refcnt ;
+        volatile LONG refcnt ;
 } ;
 #endif /* XMLSEC_MSCRYPTO_NT4 */
 
@@ -84,19 +80,18 @@ struct _mscrypt_prov {
  */
 struct _xmlSecMSCryptoKeyDataCtx {
 #ifndef XMLSEC_MSCRYPTO_NT4
-    HCRYPTPROV		hProv;
-    BOOL		    fCallerFreeProv;
-    HCRYPTKEY		hKey;
+    HCRYPTPROV                          hProv;
+    BOOL                                fCallerFreeProv;
+    HCRYPTKEY                           hKey;
 #else /* XMLSEC_MSCRYPTO_NT4 */
-	struct _mscrypt_prov* p_prov ;
-    struct _mscrypt_key*  p_key ;   
+    struct _mscrypt_prov*               p_prov ;
+    struct _mscrypt_key*                p_key ;
 #endif /* XMLSEC_MSCRYPTO_NT4 */
-    PCCERT_CONTEXT	pCert;
-    LPCTSTR		    providerName;
-    DWORD		    providerType;
-    DWORD		    dwKeySpec;
-    xmlSecKeyDataType	type;
-};	    
+    PCCERT_CONTEXT                      pCert;
+    const xmlSecMSCryptoProviderInfo  * providers;
+    DWORD                               dwKeySpec;
+    xmlSecKeyDataType   type;
+};
 
 #ifndef XMLSEC_MSCRYPTO_NT4
 
@@ -107,28 +102,28 @@ static void
 xmlSecMSCryptoKeyDataCtxCreateProvider(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
 
-	ctx->hProv = 0;
-	ctx->fCallerFreeProv = FALSE;
+        ctx->hProv = 0;
+        ctx->fCallerFreeProv = FALSE;
 }
 
 static void
 xmlSecMSCryptoKeyDataCtxDestroyProvider(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
- 
+
     if ((ctx->hProv != 0) && (ctx->fCallerFreeProv)) {
-	    CryptReleaseContext(ctx->hProv, 0);
+            CryptReleaseContext(ctx->hProv, 0);
     }
-	ctx->hProv = 0;
-	ctx->fCallerFreeProv = FALSE;
+        ctx->hProv = 0;
+        ctx->fCallerFreeProv = FALSE;
 }
 
 static void
 xmlSecMSCryptoKeyDataCtxSetProvider(xmlSecMSCryptoKeyDataCtxPtr ctx, HCRYPTPROV hProv, BOOL fCallerFreeProv)
 {
     xmlSecAssert(ctx != NULL);
- 
+
     xmlSecMSCryptoKeyDataCtxDestroyProvider(ctx);
-    ctx->hProv		     = hProv;
+    ctx->hProv               = hProv;
     ctx->fCallerFreeProv = fCallerFreeProv;
 }
 
@@ -141,20 +136,21 @@ xmlSecMSCryptoKeyDataCtxDuplicateProvider(xmlSecMSCryptoKeyDataCtxPtr ctxDst, xm
 
     if(ctxSrc->hProv != 0) {
         if(!CryptContextAddRef(ctxSrc->hProv, NULL, 0)) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptContextAddRef",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptContextAddRef",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
             return(-1);
         }
 
-	    ctxDst->hProv		    = ctxSrc->hProv;
-	    ctxDst->fCallerFreeProv = TRUE;
+            ctxDst->hProv                   = ctxSrc->hProv;
+            ctxDst->fCallerFreeProv = TRUE;
     }
     return(0);
 }
 
+
 /******************************** Key *****************************************/
 #define xmlSecMSCryptoKeyDataCtxGetKey(ctx)            ((ctx)->hKey)
 
@@ -168,9 +164,9 @@ xmlSecMSCryptoKeyDataCtxCreateKey(xmlSecMSCryptoKeyDataCtxPtr ctx) {
 static void
 xmlSecMSCryptoKeyDataCtxDestroyKey(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     if (ctx->hKey != 0) {
-	    CryptDestroyKey(ctx->hKey);
+            CryptDestroyKey(ctx->hKey);
     }
     ctx->hKey = 0;
 }
@@ -190,14 +186,14 @@ xmlSecMSCryptoKeyDataCtxDuplicateKey(xmlSecMSCryptoKeyDataCtxPtr ctxDst, xmlSecM
 
     xmlSecMSCryptoKeyDataCtxDestroyKey(ctxDst);
     if (ctxSrc->hKey != 0) {
-	    if (!CryptDuplicateKey(ctxSrc->hKey, NULL, 0, &(ctxDst->hKey))) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptDuplicateKey",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
+            if (!CryptDuplicateKey(ctxSrc->hKey, NULL, 0, &(ctxDst->hKey))) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptDuplicateKey",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
     }
 
     return(0);
@@ -212,45 +208,45 @@ static void
 xmlSecMSCryptoKeyDataCtxCreateProvider(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
 
-	ctx->p_prov = (struct _mscrypt_prov*)xmlMalloc(sizeof(struct _mscrypt_prov));
-	if(ctx->p_prov == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE,
-			"mscrypt_create_prov" ,
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE
-		);
-	}
+        ctx->p_prov = (struct _mscrypt_prov*)xmlMalloc(sizeof(struct _mscrypt_prov));
+        if(ctx->p_prov == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE,
+                        "mscrypt_create_prov" ,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE
+                );
+        }
     memset(ctx->p_prov, 0, sizeof(struct _mscrypt_prov));
 }
 
 static void
 xmlSecMSCryptoKeyDataCtxDestroyProvider(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
- 
-	if(ctx->p_prov != NULL) {
-		if(InterlockedDecrement(&(ctx->p_prov->refcnt)) <= 0) {
-			if((ctx->p_prov->hProv != 0) && (ctx->p_prov->fCallerFreeProv)) {
-				CryptReleaseContext(ctx->p_prov->hProv, 0) ;
-			}
+
+        if(ctx->p_prov != NULL) {
+                if(InterlockedDecrement(&(ctx->p_prov->refcnt)) <= 0) {
+                        if((ctx->p_prov->hProv != 0) && (ctx->p_prov->fCallerFreeProv)) {
+                                CryptReleaseContext(ctx->p_prov->hProv, 0) ;
+                        }
             memset(ctx->p_prov, 0, sizeof(struct _mscrypt_prov));
-			xmlFree(ctx->p_prov) ;
-		}
+                        xmlFree(ctx->p_prov) ;
+                }
         ctx->p_prov = NULL;
-	}
+        }
 }
 
 static void
 xmlSecMSCryptoKeyDataCtxSetProvider(xmlSecMSCryptoKeyDataCtxPtr ctx, HCRYPTPROV hProv, BOOL fCallerFreeProv)
 {
     xmlSecAssert(ctx != NULL);
- 
+
     xmlSecMSCryptoKeyDataCtxDestroyProvider(ctx);
 
     if((ctx->p_prov != NULL) && (ctx->p_prov->refcnt == 1)) {
-		if((ctx->p_prov->hProv != 0) && (ctx->p_prov->fCallerFreeProv)) {
-			CryptReleaseContext(ctx->p_prov->hProv, 0) ;
-		}
+                if((ctx->p_prov->hProv != 0) && (ctx->p_prov->fCallerFreeProv)) {
+                        CryptReleaseContext(ctx->p_prov->hProv, 0) ;
+                }
         memset(ctx->p_prov, 0, sizeof(struct _mscrypt_prov));
     } else {
         xmlSecMSCryptoKeyDataCtxDestroyProvider(ctx);
@@ -284,32 +280,32 @@ static void
 xmlSecMSCryptoKeyDataCtxCreateKey(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
 
-	ctx->p_key = (struct _mscrypt_key*)xmlMalloc(sizeof(struct _mscrypt_key));
-	if(ctx->p_key == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE,
-			"mscrypt_create_key" ,
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE
-		);
-	}
+        ctx->p_key = (struct _mscrypt_key*)xmlMalloc(sizeof(struct _mscrypt_key));
+        if(ctx->p_key == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE,
+                        "mscrypt_create_key" ,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE
+                );
+        }
     memset(ctx->p_key, 0, sizeof(struct _mscrypt_key));
 }
 
 static void
 xmlSecMSCryptoKeyDataCtxDestroyKey(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
-	if(ctx->p_key != NULL) {
-		if(InterlockedDecrement(&(ctx->p_key->refcnt)) <= 0) {
-			if(ctx->p_key->hKey != 0) {
-				CryptDestroyKey(ctx->p_key->hKey) ;
-			}
+
+        if(ctx->p_key != NULL) {
+                if(InterlockedDecrement(&(ctx->p_key->refcnt)) <= 0) {
+                        if(ctx->p_key->hKey != 0) {
+                                CryptDestroyKey(ctx->p_key->hKey) ;
+                        }
             memset(ctx->p_key, 0, sizeof(struct _mscrypt_key));
-			xmlFree(ctx->p_key) ;
-		}
+                        xmlFree(ctx->p_key) ;
+                }
         ctx->p_key = NULL;
-	}
+        }
 }
 
 static void
@@ -317,9 +313,9 @@ xmlSecMSCryptoKeyDataCtxSetKey(xmlSecMSCryptoKeyDataCtxPtr ctx, HCRYPTKEY hKey)
     xmlSecAssert(ctx != NULL);
 
     if((ctx->p_key != NULL) && (ctx->p_key->refcnt == 1)) {
-		if(ctx->p_key->hKey != 0) {
-			CryptDestroyKey(ctx->p_key->hKey) ;
-		}
+                if(ctx->p_key->hKey != 0) {
+                        CryptDestroyKey(ctx->p_key->hKey) ;
+                }
         memset(ctx->p_key, 0, sizeof(struct _mscrypt_key));
     } else {
         xmlSecMSCryptoKeyDataCtxDestroyKey(ctx);
@@ -358,9 +354,9 @@ xmlSecMSCryptoKeyDataCtxCreateCert(xmlSecMSCryptoKeyDataCtxPtr ctx) {
 static void
 xmlSecMSCryptoKeyDataCtxDestroyCert(xmlSecMSCryptoKeyDataCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->pCert != NULL) {
-	    CertFreeCertificateContext(ctx->pCert);
+            CertFreeCertificateContext(ctx->pCert);
     }
     ctx->pCert = NULL;
 }
@@ -378,18 +374,18 @@ xmlSecMSCryptoKeyDataCtxDuplicateCert(xmlSecMSCryptoKeyDataCtxPtr ctxDst, xmlSec
     xmlSecAssert2(ctxDst != NULL, -1);
     xmlSecAssert2(ctxSrc != NULL, -1);
 
-    xmlSecMSCryptoKeyDataCtxDestroyCert(ctxDst);  
+    xmlSecMSCryptoKeyDataCtxDestroyCert(ctxDst);
     if(ctxSrc->pCert != NULL) {
-	    ctxDst->pCert = xmlSecMSCryptoCertDup(ctxSrc->pCert);
-	    if(ctxDst->pCert == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecMSCryptoPCCDup",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-    } 
+            ctxDst->pCert = xmlSecMSCryptoCertDup(ctxSrc->pCert);
+            if(ctxDst->pCert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecMSCryptoPCCDup",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+    }
     return(0);
 }
 
@@ -398,25 +394,25 @@ xmlSecMSCryptoKeyDataCtxDuplicateCert(xmlSecMSCryptoKeyDataCtxPtr ctxDst, xmlSec
  * xmlSecMSCryptoKeyDataCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecMSCryptoKeyDataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoKeyDataCtx))	
+#define xmlSecMSCryptoKeyDataSize       \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoKeyDataCtx))
 #define xmlSecMSCryptoKeyDataGetCtx(data) \
     ((xmlSecMSCryptoKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
-static int     	xmlSecMSCryptoKeyDataDuplicate	(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
-static void		xmlSecMSCryptoKeyDataFinalize	(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataGetSize	(xmlSecKeyDataPtr data);
+static int      xmlSecMSCryptoKeyDataDuplicate  (xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
+static void             xmlSecMSCryptoKeyDataFinalize   (xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataGetSize    (xmlSecKeyDataPtr data);
 
 /**
  * xmlSecMSCryptoKeyDataAdoptCert:
- * @data:		the pointer to MSCrypto pccert data.
- * @pCert:		the pointer to PCCERT key.
+ * @data:               the pointer to MSCrypto pccert data.
+ * @pCert:              the pointer to PCCERT key.
  *
  * Sets the value of key data.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-static int 
+static int
 xmlSecMSCryptoKeyDataAdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT pCert, xmlSecKeyDataType type) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
     HCRYPTKEY hKey = 0;
@@ -443,43 +439,41 @@ xmlSecMSCryptoKeyDataAdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT pCert, xmlS
         HCRYPTPROV hProv = 0;
         BOOL fCallerFreeProv = FALSE;
 
-        if (!CryptAcquireCertificatePrivateKey(pCert, 
-					       CRYPT_ACQUIRE_COMPARE_KEY_FLAG, 
-					       NULL, 
-					       &hProv, 
-					       &(ctx->dwKeySpec), 
-					       &fCallerFreeProv)) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptAcquireCertificatePrivateKey",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
+        if (!CryptAcquireCertificatePrivateKey(pCert,
+                    CRYPT_ACQUIRE_COMPARE_KEY_FLAG,
+                    NULL,
+                    &hProv,
+                    &(ctx->dwKeySpec),
+                    &fCallerFreeProv)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptAcquireCertificatePrivateKey",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+        }
         xmlSecMSCryptoKeyDataCtxSetProvider(ctx, hProv, fCallerFreeProv);
     } else if((type & xmlSecKeyDataTypePublic) != 0){
-        HCRYPTPROV hProv = 0;
-        if (!CryptAcquireContext(&hProv, 
-				    NULL, 
-				    NULL, /* ctx->providerName, */
-				    ctx->providerType, 
-				    CRYPT_VERIFYCONTEXT)) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
+        HCRYPTPROV hProv;
+
+        hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, FALSE);
+        if (hProv == 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoFindProvider",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
         xmlSecMSCryptoKeyDataCtxSetProvider(ctx, hProv, TRUE);
-	    ctx->dwKeySpec = 0;
+        ctx->dwKeySpec = 0;
     } else {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        NULL,
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "Unsupported keytype");
-	    return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "Unsupported keytype");
+        return(-1);
     }
 
     /* CryptImportPublicKeyInfo is only needed when a real key handle
@@ -489,37 +483,37 @@ xmlSecMSCryptoKeyDataAdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT pCert, xmlS
      * so no unnessecary calls to CryptImportPublicKeyInfo are being
      * made. WK
      */
-    if(!CryptImportPublicKeyInfo(xmlSecMSCryptoKeyDataCtxGetProvider(ctx), 
-	        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 
-	        &(pCert->pCertInfo->SubjectPublicKeyInfo), 
-	        &hKey)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CryptImportPublicKeyInfo",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-    }
-    
+    if(!CryptImportPublicKeyInfo(xmlSecMSCryptoKeyDataCtxGetProvider(ctx),
+                X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+                &(pCert->pCertInfo->SubjectPublicKeyInfo),
+                &hKey)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptImportPublicKeyInfo",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+    }
+
     xmlSecMSCryptoKeyDataCtxSetKey(ctx, hKey);
     xmlSecMSCryptoKeyDataCtxSetCert(ctx, pCert);
     return(0);
 }
 
-static int 
-xmlSecMSCryptoKeyDataAdoptKey(xmlSecKeyDataPtr data, 
-			      HCRYPTPROV hProv,
-			      BOOL fCallerFreeProv,
-			      HCRYPTKEY hKey, 
-			      DWORD dwKeySpec,
-			      xmlSecKeyDataType type) {
+static int
+xmlSecMSCryptoKeyDataAdoptKey(xmlSecKeyDataPtr data,
+                              HCRYPTPROV hProv,
+                              BOOL fCallerFreeProv,
+                              HCRYPTKEY hKey,
+                              DWORD dwKeySpec,
+                              xmlSecKeyDataType type) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
 
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), -1);
     xmlSecAssert2(hKey != 0, -1);
     xmlSecAssert2(type & (xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate), -1);
-    
+
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
 
@@ -527,20 +521,20 @@ xmlSecMSCryptoKeyDataAdoptKey(xmlSecKeyDataPtr data,
     xmlSecMSCryptoKeyDataCtxSetKey(ctx, hKey);
     xmlSecMSCryptoKeyDataCtxSetCert(ctx, NULL);
 
-    ctx->dwKeySpec	 = dwKeySpec;
-    ctx->type		 = type;
+    ctx->dwKeySpec       = dwKeySpec;
+    ctx->type            = type;
 
     return(0);
 }
 
 /**
  * xmlSecMSCryptoKeyDataGetKey:
- * @data:		the key data to retrieve certificate from.
+ * @data:               the key data to retrieve certificate from.
  * @type:              type of key requested (public/private)
  *
- * Native MSCrypto key retrieval from xmlsec keydata. The 
+ * Native MSCrypto key retrieval from xmlsec keydata. The
  * returned HKEY must not be destroyed by the caller.
- * 
+ *
  * Returns: HKEY on success or NULL otherwise.
  */
 HCRYPTKEY
@@ -552,14 +546,14 @@ xmlSecMSCryptoKeyDataGetKey(xmlSecKeyDataPtr data, xmlSecKeyDataType type) {
 
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, 0);
- 
+
     return(xmlSecMSCryptoKeyDataCtxGetKey(ctx));
 }
 
 /**
  * xmlSecMSCryptoKeyDataGetDecryptKey:
- * @data: 	the key data pointer
- * 
+ * @data:       the key data pointer
+ *
  * Native MSCrypto decrypt key retrieval from xmlsec keydata. The
  * returned HKEY must not be destroyed by the caller.
  *
@@ -567,33 +561,33 @@ xmlSecMSCryptoKeyDataGetKey(xmlSecKeyDataPtr data, xmlSecKeyDataType type) {
  */
 HCRYPTKEY
 xmlSecMSCryptoKeyDataGetDecryptKey(xmlSecKeyDataPtr data) {
-	xmlSecMSCryptoKeyDataCtxPtr ctx;
-	HCRYPTKEY hKey;
-
-	xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
-	xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), 0);
-
-	ctx = xmlSecMSCryptoKeyDataGetCtx(data);
-	xmlSecAssert2(ctx != NULL, 0);
-
-	if( !CryptGetUserKey(xmlSecMSCryptoKeyDataCtxGetProvider(ctx), AT_KEYEXCHANGE, &(hKey))) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CryptGetUserKey",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-		return(0);
-	}
-	return (hKey);
+        xmlSecMSCryptoKeyDataCtxPtr ctx;
+        HCRYPTKEY hKey;
+
+        xmlSecAssert2(xmlSecKeyDataIsValid(data), 0);
+        xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), 0);
+
+        ctx = xmlSecMSCryptoKeyDataGetCtx(data);
+        xmlSecAssert2(ctx != NULL, 0);
+
+        if( !CryptGetUserKey(xmlSecMSCryptoKeyDataCtxGetProvider(ctx), AT_KEYEXCHANGE, &(hKey))) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptGetUserKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+                return(0);
+        }
+        return (hKey);
 }
 
 /**
  * xmlSecMSCryptoKeyDataGetCert:
- * @data:		the key data to retrieve certificate from.
- * 
- * Native MSCrypto certificate retrieval from xmlsec keydata. The 
+ * @data:               the key data to retrieve certificate from.
+ *
+ * Native MSCrypto certificate retrieval from xmlsec keydata. The
  * returned PCCERT_CONTEXT must not be released by the caller.
- * 
+ *
  * Returns: PCCERT_CONTEXT on success or NULL otherwise.
  */
 PCCERT_CONTEXT
@@ -605,10 +599,18 @@ xmlSecMSCryptoKeyDataGetCert(xmlSecKeyDataPtr data) {
 
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, 0);
- 
+
     return(xmlSecMSCryptoKeyDataCtxGetCert(ctx));
 }
 
+/**
+ * xmlSecMSCryptoKeyDataGetMSCryptoProvider:
+ * @data:              the key data
+ *
+ * Gets crypto provider handle
+ *
+ * Returns: the crypto provider handler or 0 if there is an error.
+ */
 HCRYPTPROV
 xmlSecMSCryptoKeyDataGetMSCryptoProvider(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
@@ -622,6 +624,14 @@ xmlSecMSCryptoKeyDataGetMSCryptoProvider(xmlSecKeyDataPtr data) {
     return(xmlSecMSCryptoKeyDataCtxGetProvider(ctx));
 }
 
+/**
+ * xmlSecMSCryptoKeyDataGetMSCryptoKeySpec:
+ * @data:              the key data
+ *
+ * Gets key spec info.
+ *
+ * Returns: the key spec info from key data
+ */
 DWORD
 xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
@@ -635,7 +645,7 @@ xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(xmlSecKeyDataPtr data) {
     return(ctx->dwKeySpec);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecMSCryptoKeyDataCtxPtr ctxDst;
     xmlSecMSCryptoKeyDataCtxPtr ctxSrc;
@@ -652,43 +662,42 @@ xmlSecMSCryptoKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(ctxSrc != NULL, -1);
 
     if(xmlSecMSCryptoKeyDataCtxDuplicateProvider(ctxDst, ctxSrc) < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataCtxDuplicateProvider",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataCtxDuplicateProvider",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
     }
 
     if(xmlSecMSCryptoKeyDataCtxDuplicateKey(ctxDst, ctxSrc) < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataCtxDuplicateKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataCtxDuplicateKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
     }
 
     if(xmlSecMSCryptoKeyDataCtxDuplicateCert(ctxDst, ctxSrc) < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataCtxDuplicateCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-    }
-    
-    ctxDst->dwKeySpec	    = ctxSrc->dwKeySpec;
-    ctxDst->providerName    = ctxSrc->providerName;
-    ctxDst->providerType    = ctxSrc->providerType;
-    ctxDst->type	    = ctxSrc->type;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataCtxDuplicateCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+    }
+
+    ctxDst->dwKeySpec       = ctxSrc->dwKeySpec;
+    ctxDst->providers       = ctxSrc->providers;
+    ctxDst->type            = ctxSrc->type;
 
     return(0);
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataInitialize(xmlSecKeyDataPtr data) {
-    xmlSecMSCryptoKeyDataCtxPtr ctx;    
+    xmlSecMSCryptoKeyDataCtxPtr ctx;
 
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize));
@@ -703,16 +712,16 @@ xmlSecMSCryptoKeyDataInitialize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxCreateCert(ctx);
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataFinalize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize));
 
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecMSCryptoKeyDataCtxDestroyKey(ctx);
     xmlSecMSCryptoKeyDataCtxDestroyCert(ctx);
     xmlSecMSCryptoKeyDataCtxDestroyProvider(ctx);
@@ -720,7 +729,7 @@ xmlSecMSCryptoKeyDataFinalize(xmlSecKeyDataPtr data) {
     memset(ctx, 0, sizeof(xmlSecMSCryptoKeyDataCtx));
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataGetSize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
 
@@ -732,30 +741,30 @@ xmlSecMSCryptoKeyDataGetSize(xmlSecKeyDataPtr data) {
 
     if(xmlSecMSCryptoKeyDataCtxGetCert(ctx) != NULL) {
         xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetCert(ctx)->pCertInfo != NULL, 0);
-	return (CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 
-		    &(xmlSecMSCryptoKeyDataCtxGetCert(ctx)->pCertInfo->SubjectPublicKeyInfo)));
+        return (CertGetPublicKeyLength(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+                    &(xmlSecMSCryptoKeyDataCtxGetCert(ctx)->pCertInfo->SubjectPublicKeyInfo)));
     } else if (xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0) {
         DWORD length = 0;
-	    DWORD lenlen = sizeof(DWORD);
-	
-	if (!CryptGetKeyParam(xmlSecMSCryptoKeyDataCtxGetKey(ctx), KP_KEYLEN, (BYTE *)&length, &lenlen, 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CertDuplicateCertificateContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(0);
-	}
-	return(length);
-    }
-    
+            DWORD lenlen = sizeof(DWORD);
+
+        if (!CryptGetKeyParam(xmlSecMSCryptoKeyDataCtxGetKey(ctx), KP_KEYLEN, (BYTE *)&length, &lenlen, 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(0);
+        }
+        return(length);
+    }
+
     return (0);
 }
 
-static xmlSecKeyDataType 
+static xmlSecKeyDataType
 xmlSecMSCryptoKeyDataGetType(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataIsValid(data), xmlSecKeyDataTypeUnknown);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecMSCryptoKeyDataSize), xmlSecKeyDataTypeUnknown);
 
@@ -763,7 +772,7 @@ xmlSecMSCryptoKeyDataGetType(xmlSecKeyDataPtr data) {
     xmlSecAssert2(ctx != NULL, xmlSecKeyDataTypeUnknown);
 
     /* We could make a call to CryptFindCertificateKeyProvInfo here, to find out if
-     * we *really* have a private key or not. However if the certificate is not 
+     * we *really* have a private key or not. However if the certificate is not
      * linked to a private key, the call takes an ridiculous amount of time.
      * the way it is now is better I think. WK.
      */
@@ -772,11 +781,11 @@ xmlSecMSCryptoKeyDataGetType(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecMSCryptoCertDup:
- * @pCert: 		the pointer to cert.
- * 
+ * @pCert:              the pointer to cert.
+ *
  * Duplicates the @pCert.
  *
- * Returns: pointer to newly created PCCERT_CONTEXT object or 
+ * Returns: pointer to newly created PCCERT_CONTEXT object or
  * NULL if an error occurs.
  */
 PCCERT_CONTEXT xmlSecMSCryptoCertDup(PCCERT_CONTEXT pCert) {
@@ -786,100 +795,100 @@ PCCERT_CONTEXT xmlSecMSCryptoCertDup(PCCERT_CONTEXT pCert) {
 
     ret = CertDuplicateCertificateContext(pCert);
     if(ret == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertDuplicateCertificateContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);		    	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertDuplicateCertificateContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(ret);
 }
 
 
 /**
  * xmlSecMSCryptoCertAdopt:
- * @pCert: 		the pointer to cert.
- * @type:		the expected key type.
+ * @pCert:              the pointer to cert.
+ * @type:               the expected key type.
  *
  * Creates key data value from the cert.
  *
  * Returns: pointer to newly created xmlsec key or NULL if an error occurs.
  */
-xmlSecKeyDataPtr 
+xmlSecKeyDataPtr
 xmlSecMSCryptoCertAdopt(PCCERT_CONTEXT pCert, xmlSecKeyDataType type) {
     xmlSecKeyDataPtr data = NULL;
     int ret;
-    
+
     xmlSecAssert2(pCert != NULL, NULL);
     xmlSecAssert2(pCert->pCertInfo != NULL, NULL);
     xmlSecAssert2(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId != NULL, NULL);
 
 #ifndef XMLSEC_NO_RSA
     if (!strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId, szOID_RSA_RSA)) {
-	data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataRsaId);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecMSCryptoDataRsaId");
-	    return(NULL);	    
-	}
-    }
-#endif /* XMLSEC_NO_RSA */	
+        data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataRsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecMSCryptoDataRsaId");
+            return(NULL);
+        }
+    }
+#endif /* XMLSEC_NO_RSA */
 
 #ifndef XMLSEC_NO_DSA
     if (!strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId, szOID_X957_DSA /*szOID_DSALG_SIGN*/)) {
-	data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataDsaId);
-	if(data == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-	    		    NULL,
-			    "xmlSecKeyDataCreate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "xmlSecMSCryptoKeyDataDsaId");
-		return(NULL);	    
-	}
-    }
-#endif /* XMLSEC_NO_DSA */	
+        data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataDsaId);
+        if(data == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyDataCreate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "xmlSecMSCryptoKeyDataDsaId");
+                return(NULL);
+        }
+    }
+#endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_GOST
     if (!strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId,  szOID_MAGPRO_PUBKEY_SIGN_R3410_2001_CP) ||
         !strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId,  szOID_MAGPRO_PUBKEY_SIGN_R3410_2001) ||
-    	  !strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId,  szOID_MAGPRO_PUBKEY_SIGN_R3410_94_CP)) {
-	data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataGost2001Id);
-	if(data == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-	    		    NULL,
-			    "xmlSecKeyDataCreate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "xmlSecMSCryptoKeyDataGost2001Id");
-		return(NULL);	    
-	}
-    }
-#endif /* XMLSEC_NO_GOST*/	
+          !strcmp(pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId,  szOID_MAGPRO_PUBKEY_SIGN_R3410_94_CP)) {
+        data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataGost2001Id);
+        if(data == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecKeyDataCreate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "xmlSecMSCryptoKeyDataGost2001Id");
+                return(NULL);
+        }
+    }
+#endif /* XMLSEC_NO_GOST*/
 
     if (NULL == data) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "PCCERT_CONTEXT key type %s not supported", pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "PCCERT_CONTEXT key type %s not supported", pCert->pCertInfo->SubjectPublicKeyInfo.Algorithm.pszObjId);
+        return(NULL);
     }
 
-    xmlSecAssert2(data != NULL, NULL);    
+    xmlSecAssert2(data != NULL, NULL);
 
     ret = xmlSecMSCryptoKeyDataAdoptCert(data, pCert, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecMSCryptoPCCDataAdoptPCC",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoPCCDataAdoptPCC",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
     return(data);
 }
@@ -898,54 +907,54 @@ xmlSecMSCryptoCertAdopt(PCCERT_CONTEXT pCert, xmlSecKeyDataType type) {
  * <RSAKeyValue>
  *   <Modulus>xA7SEU+e0yQH5rm9kbCDN9o3aPIo7HbP7tX6WOocLZAtNfyxSZDU16ksL6W
  *     jubafOqNEpcwR3RdFsT7bCqnXPBe5ELh5u4VEy19MzxkXRgrMvavzyBpVRgBUwUlV
- *   	  5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
+ *        5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
  *   </Modulus>
  *   <Exponent>AQAB</Exponent>
  * </RSAKeyValue>
  *
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
  *
  * Schema Definition:
- * 
+ *
  * <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
  * <complexType name="RSAKeyValueType">
  *   <sequence>
- *     <element name="Modulus" type="ds:CryptoBinary"/> 
+ *     <element name="Modulus" type="ds:CryptoBinary"/>
  *     <element name="Exponent" type="ds:CryptoBinary"/>
  *   </sequence>
  * </complexType>
  *
  * DTD Definition:
- * 
- * <!ELEMENT RSAKeyValue (Modulus, Exponent) > 
+ *
+ * <!ELEMENT RSAKeyValue (Modulus, Exponent) >
  * <!ELEMENT Modulus (#PCDATA) >
  * <!ELEMENT Exponent (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  *
  *************************************************************************/
 
 static int      xmlSecMSCryptoKeyDataRsaInitialize(xmlSecKeyDataPtr data);
 static int      xmlSecMSCryptoKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src);
-static void	xmlSecMSCryptoKeyDataRsaFinalize(xmlSecKeyDataPtr data);
+static void     xmlSecMSCryptoKeyDataRsaFinalize(xmlSecKeyDataPtr data);
 static int      xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id,
-		        			xmlSecKeyPtr key,
-						xmlNodePtr node,
-						xmlSecKeyInfoCtxPtr keyInfoCtx);
+                                                xmlSecKeyPtr key,
+                                                xmlNodePtr node,
+                                                xmlSecKeyInfoCtxPtr keyInfoCtx);
 static int      xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id,
-		        			 xmlSecKeyPtr key,
-					         xmlNodePtr node,
+                                                 xmlSecKeyPtr key,
+                                                 xmlNodePtr node,
                                                  xmlSecKeyInfoCtxPtr keyInfoCtx);
 static int      xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data,
-					         xmlSecSize sizeBits,
-					         xmlSecKeyDataType type);
+                                                 xmlSecSize sizeBits,
+                                                 xmlSecKeyDataType type);
 
 static xmlSecKeyDataType    xmlSecMSCryptoKeyDataRsaGetType(xmlSecKeyDataPtr data);
 static xmlSecSize           xmlSecMSCryptoKeyDataRsaGetSize(xmlSecKeyDataPtr data);
-static void	            xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output);
-static void	            xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output);
+static void                 xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output);
+static void                 xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output);
 
 static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRsaKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -953,54 +962,68 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRsaKlass = {
 
     /* data */
     xmlSecNameRSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRSAKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeRSAKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRSAKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeRSAKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoKeyDataRsaInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoKeyDataRsaDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoKeyDataRsaFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecMSCryptoKeyDataRsaGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecMSCryptoKeyDataRsaInitialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoKeyDataRsaDuplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoKeyDataRsaFinalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecMSCryptoKeyDataRsaGenerate,           /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecMSCryptoKeyDataRsaGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecMSCryptoKeyDataRsaGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecMSCryptoKeyDataRsaGetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoKeyDataRsaGetSize,            /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecMSCryptoKeyDataRsaXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecMSCryptoKeyDataRsaXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecMSCryptoKeyDataRsaXmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoKeyDataRsaXmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoKeyDataRsaDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecMSCryptoKeyDataRsaDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecMSCryptoKeyDataRsaDebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoKeyDataRsaDebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Rsa[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { MS_STRONG_PROV,                                   PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,                                 PROV_RSA_FULL },
+    { MS_DEF_PROV,                                      PROV_RSA_FULL },
+    { NULL, 0 }
+};
+
+/**
  * xmlSecMSCryptoKeyDataRsaGetKlass:
  *
  * The MSCrypto RSA CertKey data klass.
  *
  * Returns: pointer to MSCrypto RSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataRsaGetKlass(void) {
     return(&xmlSecMSCryptoKeyDataRsaKlass);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), xmlSecKeyDataTypeUnknown);
 
     xmlSecMSCryptoKeyDataInitialize(data);
@@ -1008,13 +1031,11 @@ xmlSecMSCryptoKeyDataRsaInitialize(xmlSecKeyDataPtr data) {
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
 
-    ctx->providerName = MS_ENHANCED_PROV;
-    ctx->providerType = PROV_RSA_FULL;
-    
+    ctx->providers = xmlSecMSCryptoProviderInfo_Rsa;
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCryptoKeyDataRsaId), -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCryptoKeyDataRsaId), -1);
@@ -1022,16 +1043,16 @@ xmlSecMSCryptoKeyDataRsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     return(xmlSecMSCryptoKeyDataDuplicate(dst, src));
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
 
     xmlSecMSCryptoKeyDataFinalize(data);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-    				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {				    
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecBn modulus, exponent;
     xmlSecBuffer blob;
     unsigned int blobBufferLen;
@@ -1049,48 +1070,48 @@ xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,		    
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    "key already has a value");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    "key already has a value");
+        return(-1);
     }
 
     /* initialize buffers */
     ret = xmlSecBnInitialize(&modulus, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "modulus");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "modulus");
+        return(-1);
     }
 
     ret = xmlSecBnInitialize(&exponent, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "exponent");
-	xmlSecBnFinalize(&modulus);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "exponent");
+        xmlSecBnFinalize(&modulus);
+        return(-1);
     }
 
     ret = xmlSecBufferInitialize(&blob, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "blob");
-	xmlSecBnFinalize(&modulus);
-	xmlSecBnFinalize(&exponent);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "blob");
+        xmlSecBnFinalize(&modulus);
+        xmlSecBnFinalize(&exponent);
+        return(-1);
     }
 
     /* read xml */
@@ -1098,96 +1119,96 @@ xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeRSAModulus, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        goto done;
     }
 
     ret = xmlSecBnGetNodeValue(&modulus, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&modulus) == 0)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnGetNodeValue",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
-    
+
     /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        goto done;
     }
     ret = xmlSecBnGetNodeValue(&exponent, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&exponent) == 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnGetNodeValue",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
-    
+
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * MSCrypto does not support it. We just ignore it */ 
-	cur = xmlSecGetNextElementNode(cur->next);
+         * MSCrypto does not support it. We just ignore it */
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "no nodes expected");
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        goto done;
     }
 
     /* Now try to create the key */
     blobBufferLen = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + xmlSecBnGetSize(&modulus);
     ret = xmlSecBufferSetSize(&blob, blobBufferLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", blobBufferLen);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", blobBufferLen);
+        goto done;
     }
 
     /* Set the PUBLICKEYSTRUC */
     pubKeyStruc = (PUBLICKEYSTRUC *)xmlSecBufferGetData(&blob);
-    pubKeyStruc->bType	    = PUBLICKEYBLOB;
+    pubKeyStruc->bType      = PUBLICKEYBLOB;
     pubKeyStruc->bVersion   = 0x02;
     pubKeyStruc->reserved   = 0;
     pubKeyStruc->aiKeyAlg   = CALG_RSA_KEYX | CALG_RSA_SIGN;
 
     /* Set the public key header */
     pubKey = (RSAPUBKEY*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
-    pubKey->magic	    = 0x31415352;	/* == RSA1 public */
-    pubKey->bitlen	    = xmlSecBnGetSize(&modulus) * 8;	/* Number of bits in prime modulus */
-    pubKey->pubexp	    = 0;
+    pubKey->magic           = 0x31415352;       /* == RSA1 public */
+    pubKey->bitlen          = xmlSecBnGetSize(&modulus) * 8;    /* Number of bits in prime modulus */
+    pubKey->pubexp          = 0;
     if(sizeof(pubKey->pubexp) < xmlSecBnGetSize(&exponent)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-	    	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "exponent size=%d", 
-		    xmlSecBnGetSize(&exponent));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "exponent size=%d",
+                    xmlSecBnGetSize(&exponent));
+        goto done;
     }
     xmlSecAssert2(xmlSecBnGetData(&exponent) != NULL, -1);
     memcpy(&(pubKey->pubexp), xmlSecBnGetData(&exponent), xmlSecBnGetSize(&exponent));
@@ -1197,66 +1218,56 @@ xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     memcpy(modulusBlob, xmlSecBnGetData(&modulus), xmlSecBnGetSize(&modulus));
 
     /* Now that we have the blob, import */
-    if (!CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, 0)) {
-	if(NTE_BAD_KEYSET == GetLastError()) {
-	    if(!CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	} else {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"CryptAcquireContext",
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+    hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Rsa, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(hProv == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), xmlSecBufferGetSize(&blob), 0, 0, &hKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptImportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptImportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, 0, xmlSecKeyDataTypePublic);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecMSCryptoKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
     hProv = 0;
     hKey = 0;
 
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        goto done;
     }
     data = NULL;
 
@@ -1265,7 +1276,7 @@ xmlSecMSCryptoKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
 done:
     if (hProv == 0) {
-	CryptReleaseContext(hProv, 0);
+        CryptReleaseContext(hProv, 0);
     }
     if (hKey != 0) {
         CryptDestroyKey(hKey);
@@ -1280,9 +1291,9 @@ done:
     return(res);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
     xmlSecBuffer buf;
     DWORD dwBlobLen;
@@ -1292,7 +1303,7 @@ xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecSize modulusLen, exponentLen;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecMSCryptoKeyDataRsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataRsaId), -1);
@@ -1304,144 +1315,144 @@ xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0, -1);
 
     if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, NULL, &dwBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecBufferInitialize(&buf, dwBlobLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%ld", dwBlobLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%ld", dwBlobLen);
+        return(-1);
     }
 
     blob = xmlSecBufferGetData(&buf);
     if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, blob, &dwBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "blobLen=%ld", dwBlobLen);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "blobLen=%ld", dwBlobLen);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* check PUBLICKEYSTRUC */
     pubKeyStruc = (PUBLICKEYSTRUC*)blob;
     if(pubKeyStruc->bVersion != 0x02) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     if(pubKeyStruc->bType != PUBLICKEYBLOB) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* check RSAPUBKEY */
-    pubKey	    = (RSAPUBKEY *)(blob + sizeof(PUBLICKEYSTRUC));
+    pubKey          = (RSAPUBKEY *)(blob + sizeof(PUBLICKEYSTRUC));
     if(pubKey->magic != 0x31415352) { /* RSA public key magic */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKey->magic=0x%08lx", pubKey->magic);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKey->magic=0x%08lx", pubKey->magic);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
-    modulusLen	    = pubKey->bitlen / 8;
+    modulusLen      = pubKey->bitlen / 8;
 
     if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + modulusLen) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "blobLen=%ld; modulusLen=%d", dwBlobLen, modulusLen);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "blobLen=%ld; modulusLen=%d", dwBlobLen, modulusLen);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
-    blob	    += sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY);
+    blob            += sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY);
 
     /* first is Modulus node */
     cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     ret = xmlSecBnBlobSetNodeValue(blob, modulusLen, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	xmlSecBufferFinalize(&buf);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
+    }
 
     /* next is Exponent node. */
     cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* Remove leading zero's (from least significant end) */
-    blob	= (xmlSecByte*)(&(pubKey->pubexp));
+    blob        = (xmlSecByte*)(&(pubKey->pubexp));
     exponentLen = sizeof(pubKey->pubexp);
     while (exponentLen > 0 && blob[exponentLen - 1] == 0) {
-	exponentLen--;
+        exponentLen--;
     }
 
     ret = xmlSecBnBlobSetNodeValue(blob, exponentLen, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-    		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* next is PrivateExponent node: not supported in MSCrypto */
@@ -1450,9 +1461,9 @@ xmlSecMSCryptoKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     return(0);
 }
 
-static int 
-xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, 
-				xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+static int
+xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
+                                xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
     HCRYPTPROV hProv = 0;
     HCRYPTKEY hKey = 0;
@@ -1469,48 +1480,37 @@ xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
 
-    if (!CryptAcquireContext(&hProv, XMLSEC_CONTAINER_NAME, MS_STRONG_PROV, PROV_RSA_FULL, 0)) {
-	if (NTE_BAD_KEYSET == GetLastError()) {
-	    if(!CryptAcquireContext(&hProv, XMLSEC_CONTAINER_NAME, MS_STRONG_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-        
-	    	return(-1);
-	    }
-	} else {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-                
-	    return(-1);
-	}
+    /* get provider */
+    hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(hProv == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     dwKeySpec = AT_KEYEXCHANGE | AT_SIGNATURE;
     dwSize = ((sizeBits << 16) | CRYPT_EXPORTABLE);
     if (!CryptGenKey(hProv, CALG_RSA_SIGN, dwSize, &hKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "CryptGenKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "CryptGenKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec, 
-					xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+    ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec,
+                                        xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
     hProv = 0;
     hKey = 0;
@@ -1520,48 +1520,48 @@ xmlSecMSCryptoKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits,
 
 done:
     if (hProv != 0) {
-	CryptReleaseContext(hProv, 0);
+        CryptReleaseContext(hProv, 0);
     }
 
     if (hKey != 0) {
-	CryptDestroyKey(hKey);
+        CryptDestroyKey(hKey);
     }
 
     return(res);
 }
 
-static xmlSecKeyDataType 
+static xmlSecKeyDataType
 xmlSecMSCryptoKeyDataRsaGetType(xmlSecKeyDataPtr data) {
     return(xmlSecMSCryptoKeyDataGetType(data));
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecMSCryptoKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId), 0);
 
     return (xmlSecMSCryptoKeyDataGetSize(data));
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== rsa key: size = %d\n", 
-	    xmlSecMSCryptoKeyDataRsaGetSize(data));
+
+    fprintf(output, "=== rsa key: size = %d\n",
+            xmlSecMSCryptoKeyDataRsaGetSize(data));
 }
 
 static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataRsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<RSAKeyValue size=\"%d\" />\n", 
-	    xmlSecMSCryptoKeyDataRsaGetSize(data));
+
+    fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
+            xmlSecMSCryptoKeyDataRsaGetSize(data));
 }
-    
+
 #endif /* XMLSEC_NO_RSA */
 
-#ifndef XMLSEC_NO_DSA    
+#ifndef XMLSEC_NO_DSA
 /**************************************************************************
  *
  * <dsig:DSAKeyValue> processing
@@ -1569,57 +1569,57 @@ static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* ou
  *
  * The DSAKeyValue Element (http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue)
  *
- * DSA keys and the DSA signature algorithm are specified in [DSS]. 
+ * DSA keys and the DSA signature algorithm are specified in [DSS].
  * DSA public key values can have the following fields:
- *      
- *   * P - a prime modulus meeting the [DSS] requirements 
- *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime 
- *         divisor of P-1 
- *   * G - an integer with certain properties with respect to P and Q 
- *   * Y - G**X mod P (where X is part of the private key and not made 
- *	   public) 
- *   * J - (P - 1) / Q 
- *   * seed - a DSA prime generation seed 
+ *
+ *   * P - a prime modulus meeting the [DSS] requirements
+ *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime
+ *         divisor of P-1
+ *   * G - an integer with certain properties with respect to P and Q
+ *   * Y - G**X mod P (where X is part of the private key and not made
+ *         public)
+ *   * J - (P - 1) / Q
+ *   * seed - a DSA prime generation seed
  *   * pgenCounter - a DSA prime generation counter
  *
- * Parameter J is available for inclusion solely for efficiency as it is 
- * calculatable from P and Q. Parameters seed and pgenCounter are used in the 
- * DSA prime number generation algorithm specified in [DSS]. As such, they are 
- * optional but must either both be present or both be absent. This prime 
- * generation algorithm is designed to provide assurance that a weak prime is 
- * not being used and it yields a P and Q value. Parameters P, Q, and G can be 
- * public and common to a group of users. They might be known from application 
- * context. As such, they are optional but P and Q must either both appear or 
- * both be absent. If all of P, Q, seed, and pgenCounter are present, 
- * implementations are not required to check if they are consistent and are 
- * free to use either P and Q or seed and pgenCounter. All parameters are 
+ * Parameter J is available for inclusion solely for efficiency as it is
+ * calculatable from P and Q. Parameters seed and pgenCounter are used in the
+ * DSA prime number generation algorithm specified in [DSS]. As such, they are
+ * optional but must either both be present or both be absent. This prime
+ * generation algorithm is designed to provide assurance that a weak prime is
+ * not being used and it yields a P and Q value. Parameters P, Q, and G can be
+ * public and common to a group of users. They might be known from application
+ * context. As such, they are optional but P and Q must either both appear or
+ * both be absent. If all of P, Q, seed, and pgenCounter are present,
+ * implementations are not required to check if they are consistent and are
+ * free to use either P and Q or seed and pgenCounter. All parameters are
  * encoded as base64 [MIME] values.
- *     
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ *
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
- *     
+ *
  * Schema Definition:
- *     
- * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> 
- * <complexType name="DSAKeyValueType"> 
+ *
+ * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+ * <complexType name="DSAKeyValueType">
  *   <sequence>
  *     <sequence minOccurs="0">
- *        <element name="P" type="ds:CryptoBinary"/> 
+ *        <element name="P" type="ds:CryptoBinary"/>
  *        <element name="Q" type="ds:CryptoBinary"/>
  *     </sequence>
- *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/> 
- *     <element name="Y" type="ds:CryptoBinary"/> 
+ *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+ *     <element name="Y" type="ds:CryptoBinary"/>
  *     <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
  *     <sequence minOccurs="0">
- *       <element name="Seed" type="ds:CryptoBinary"/> 
- *       <element name="PgenCounter" type="ds:CryptoBinary"/> 
+ *       <element name="Seed" type="ds:CryptoBinary"/>
+ *       <element name="PgenCounter" type="ds:CryptoBinary"/>
  *     </sequence>
  *   </sequence>
  * </complexType>
- *     
+ *
  * DTD Definition:
- *     
- *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) > 
+ *
+ *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
  *  <!ELEMENT P (#PCDATA) >
  *  <!ELEMENT Q (#PCDATA) >
  *  <!ELEMENT G (#PCDATA) >
@@ -1629,34 +1629,34 @@ static void xmlSecMSCryptoKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* ou
  *  <!ELEMENT PgenCounter (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  * To support reading/writing private keys an X element added (before Y).
  * todo: The current implementation does not support Seed and PgenCounter!
  * by this the P, Q and G are *required*!
  *
  *************************************************************************/
-static int		xmlSecMSCryptoKeyDataDsaInitialize(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataDsaDuplicate(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void		xmlSecMSCryptoKeyDataDsaFinalize(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataDsaXmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
+static int              xmlSecMSCryptoKeyDataDsaInitialize(xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataDsaDuplicate(xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecMSCryptoKeyDataDsaFinalize(xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataDsaXmlRead (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
 
 static xmlSecKeyDataType xmlSecMSCryptoKeyDataDsaGetType(xmlSecKeyDataPtr data);
-static xmlSecSize	 xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data);
-static void		 xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void		xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data,
-							 FILE* output);
+static xmlSecSize        xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data);
+static void              xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
 
 static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataDsaKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -1664,46 +1664,57 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataDsaKlass = {
 
     /* data */
     xmlSecNameDSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-					/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDSAKeyValue,		/* const xmlChar* href; */
-    xmlSecNodeDSAKeyValue,		/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,			/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDSAKeyValue,              /* const xmlChar* href; */
+    xmlSecNodeDSAKeyValue,              /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoKeyDataDsaInitialize,	/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoKeyDataDsaDuplicate,	/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoKeyDataDsaFinalize,	/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecMSCryptoKeyDataDsaGenerate,	/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecMSCryptoKeyDataDsaInitialize, /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoKeyDataDsaDuplicate,  /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoKeyDataDsaFinalize,   /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecMSCryptoKeyDataDsaGenerate,   /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecMSCryptoKeyDataDsaGetType, 	/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecMSCryptoKeyDataDsaGetSize,	/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,				/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecMSCryptoKeyDataDsaGetType,    /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoKeyDataDsaGetSize,    /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecMSCryptoKeyDataDsaXmlRead,	/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecMSCryptoKeyDataDsaXmlWrite,	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,				/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,				/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecMSCryptoKeyDataDsaXmlRead,    /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoKeyDataDsaXmlWrite,   /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoKeyDataDsaDebugDump,	/* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoKeyDataDsaDebugDump,  /* xmlSecKeyDataDebugDumpMethod debugDump; */
     xmlSecMSCryptoKeyDataDsaDebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Dss[] = {
+    { MS_DEF_DSS_PROV,              PROV_DSS },
+    { NULL, 0 }
+};
+
+
 /**
  * xmlSecMSCryptoKeyDataDsaGetKlass:
- * 
+ *
  * The DSA key data klass.
  *
  * Returns: pointer to DSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataDsaGetKlass(void) {
     return(&xmlSecMSCryptoKeyDataDsaKlass);
 }
@@ -1720,9 +1731,7 @@ xmlSecMSCryptoKeyDataDsaInitialize(xmlSecKeyDataPtr data) {
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
 
-    ctx->providerName = MS_DEF_DSS_PROV;
-    ctx->providerType = PROV_DSS;
-    
+    ctx->providers = xmlSecMSCryptoProviderInfo_Dss;
     return(0);
 }
 
@@ -1737,13 +1746,13 @@ xmlSecMSCryptoKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 static void
 xmlSecMSCryptoKeyDataDsaFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
-    
+
     xmlSecMSCryptoKeyDataFinalize(data);
 }
 
 static int
 xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			   xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                           xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data = NULL;
     xmlNodePtr cur;
     xmlSecBn p, q, g, y;
@@ -1765,73 +1774,73 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    "key already has a value");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    "key already has a value");
+        return(-1);
     }
 
     /* initialize buffers */
     ret = xmlSecBnInitialize(&p, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "p");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "p");
+        return(-1);
     }
 
     ret = xmlSecBnInitialize(&q, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "q");
-	xmlSecBnFinalize(&p);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "q");
+        xmlSecBnFinalize(&p);
+        return(-1);
     }
 
     ret = xmlSecBnInitialize(&g, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "g");
-	xmlSecBnFinalize(&p);
-	xmlSecBnFinalize(&q);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "g");
+        xmlSecBnFinalize(&p);
+        xmlSecBnFinalize(&q);
+        return(-1);
     }
 
     ret = xmlSecBnInitialize(&y, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "y");
-	xmlSecBnFinalize(&p);
-	xmlSecBnFinalize(&q);
-	xmlSecBnFinalize(&g);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "y");
+        xmlSecBnFinalize(&p);
+        xmlSecBnFinalize(&q);
+        xmlSecBnFinalize(&g);
+        return(-1);
     }
 
     ret = xmlSecBufferInitialize(&blob, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "blob");
-	xmlSecBnFinalize(&p);
-	xmlSecBnFinalize(&q);
-	xmlSecBnFinalize(&g);
-	xmlSecBnFinalize(&y);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "blob");
+        xmlSecBnFinalize(&p);
+        xmlSecBnFinalize(&q);
+        xmlSecBnFinalize(&g);
+        xmlSecBnFinalize(&y);
+        return(-1);
     }
 
     /* read xml */
@@ -1839,150 +1848,150 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeDSAP, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
     }
 
     ret = xmlSecBnGetNodeValue(&p, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&p) == 0)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnGetNodeValue",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
     }
     ret = xmlSecBnGetNodeValue(&q, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&q) == 0)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnGetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
     }
     ret = xmlSecBnGetNodeValue(&g, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&q) == 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnGetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * MSCrypto does not support it, we just ignore it */
+         * MSCrypto does not support it, we just ignore it */
 
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* next is Y node. */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
     }
     ret = xmlSecBnGetNodeValue(&y, cur, xmlSecBnBase64, 1);
     if((ret < 0) || (xmlSecBnGetSize(&y) == 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnGetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnGetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* todo: add support for J */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     /* todo: add support for seed */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* todo: add support for pgencounter */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     /* we assume that sizeof(q) < 0x14, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
     blobBufferLen = sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * xmlSecBnGetSize(&p) + 0x14 + sizeof(DSSSEED);
     ret = xmlSecBufferSetSize(&blob, blobBufferLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", blobBufferLen);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", blobBufferLen);
+        goto done;
     }
 
     /* Set PUBLICKEYSTRUC  */
-    pubKeyStruc		    = (PUBLICKEYSTRUC *)xmlSecBufferGetData(&blob);
-    pubKeyStruc->bType	    = PUBLICKEYBLOB;
+    pubKeyStruc             = (PUBLICKEYSTRUC *)xmlSecBufferGetData(&blob);
+    pubKeyStruc->bType      = PUBLICKEYBLOB;
     pubKeyStruc->bVersion   = 0x02;
     pubKeyStruc->reserved   = 0;
     pubKeyStruc->aiKeyAlg   = CALG_DSS_SIGN;
 
     /* Set the public key header */
-    pubKey		    = (DSSPUBKEY *) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
-    pubKey->magic	    = 0x31535344;	/* == DSS1 pub key */
-    pubKey->bitlen	    = xmlSecBnGetSize(&p) * 8; /* Number of bits in prime modulus */
+    pubKey                  = (DSSPUBKEY *) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC));
+    pubKey->magic           = 0x31535344;       /* == DSS1 pub key */
+    pubKey->bitlen          = xmlSecBnGetSize(&p) * 8; /* Number of bits in prime modulus */
 
     /* copy the key data */
-    buf			    = (BYTE*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY));
-    
+    buf                     = (BYTE*) (xmlSecBufferGetData(&blob) + sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY));
+
     /* set p */
     xmlSecAssert2(xmlSecBnGetData(&p) != NULL, -1);
     memcpy(buf, xmlSecBnGetData(&p), xmlSecBnGetSize(&p));
@@ -1990,12 +1999,12 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     /* set q */
     if(xmlSecBnGetSize(&q) > 0x14) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "q",
-	    	    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "size=%d > 0x14", xmlSecBnGetSize(&q));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "q",
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "size=%d > 0x14", xmlSecBnGetSize(&q));
+        goto done;
     }
     xmlSecAssert2(xmlSecBnGetData(&q) != NULL, -1);
     memcpy(buf, xmlSecBnGetData(&q), xmlSecBnGetSize(&q));
@@ -2003,45 +2012,45 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     /* Pad with zeros */
     for(i = xmlSecBnGetSize(&q); i < 0x14; ++i) {
-	*(buf++) = 0;    
+        *(buf++) = 0;
     }
 
     /* set generator */
     if(xmlSecBnGetSize(&g) > xmlSecBnGetSize(&p)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "g",
-	    	    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "size=%d > %d", 
-		    xmlSecBnGetSize(&g), 
-		    xmlSecBnGetSize(&p));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "g",
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "size=%d > %d",
+                    xmlSecBnGetSize(&g),
+                    xmlSecBnGetSize(&p));
+        goto done;
     }
     xmlSecAssert2(xmlSecBnGetData(&g) != NULL, -1);
     memcpy(buf, xmlSecBnGetData(&g), xmlSecBnGetSize(&g));
     buf += xmlSecBnGetSize(&g);
     /* Pad with zeros */
     for(i = xmlSecBnGetSize(&g); i < xmlSecBnGetSize(&p); ++i) {
-	*(buf++) = 0;    
+        *(buf++) = 0;
     }
 
     /* Public key */
     if(xmlSecBnGetSize(&y) > xmlSecBnGetSize(&p)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "y",
-	    	    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "size=%d > %d", 
-		    xmlSecBnGetSize(&y), 
-		    xmlSecBnGetSize(&p));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "y",
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "size=%d > %d",
+                    xmlSecBnGetSize(&y),
+                    xmlSecBnGetSize(&p));
+        goto done;
     }
     xmlSecAssert2(xmlSecBnGetData(&y) != NULL, -1);
     memcpy(buf, xmlSecBnGetData(&y), xmlSecBnGetSize(&y));
     buf += xmlSecBnGetSize(&y);
     /* Pad with zeros */
     for(i = xmlSecBnGetSize(&y); i < xmlSecBnGetSize(&p); ++i) {
-	*(buf++) = 0;    
+        *(buf++) = 0;
     }
 
     /* Set seed to 0xFFFFFFFFF */
@@ -2049,66 +2058,56 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     memset(seed, 0, sizeof(*seed));
     seed->counter = 0xFFFFFFFF; /* SEED Counter set to 0xFFFFFFFF will cause seed to be ignored */
 
-    if (!CryptAcquireContext(&hProv, NULL, MS_DEF_DSS_PROV, PROV_DSS, 0)) {
-	if (NTE_BAD_KEYSET == GetLastError()) {
-	    if (!CryptAcquireContext(&hProv, NULL, MS_DEF_DSS_PROV, PROV_DSS, CRYPT_NEWKEYSET)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	} else {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"CryptAcquireContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+    hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Dss, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(hProv == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     /* import the key blob */
     if (!CryptImportKey(hProv, xmlSecBufferGetData(&blob), xmlSecBufferGetSize(&blob), 0, 0, &hKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptImportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptImportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, 0, xmlSecKeyDataTypePublic);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
     hProv = 0;
     hKey = 0;
 
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
     data = NULL;
 
@@ -2117,13 +2116,13 @@ xmlSecMSCryptoKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
 done:
     if (hKey != 0) {
-	CryptDestroyKey(hKey);
+        CryptDestroyKey(hKey);
     }
     if (hProv != 0) {
-	CryptReleaseContext(hProv, 0);
+        CryptReleaseContext(hProv, 0);
     }
     if (data != NULL) {
-	xmlSecKeyDataDestroy(data);
+        xmlSecKeyDataDestroy(data);
     }
 
     xmlSecBufferFinalize(&blob);
@@ -2135,9 +2134,9 @@ done:
     return(res);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
     xmlSecBuffer buf;
     DWORD dwBlobLen;
@@ -2148,7 +2147,7 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlNodePtr cur;
     int ret;
 
-    
+
     xmlSecAssert2(id == xmlSecMSCryptoKeyDataDsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDsaId), -1);
@@ -2158,129 +2157,129 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     ctx = xmlSecMSCryptoKeyDataGetCtx(xmlSecKeyGetValue(key));
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(xmlSecMSCryptoKeyDataCtxGetKey(ctx) != 0, -1);
-    
+
     if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, NULL, &dwBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecBufferInitialize(&buf, dwBlobLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%ld", dwBlobLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%ld", dwBlobLen);
+        return(-1);
     }
 
     blob = xmlSecBufferGetData(&buf);
     if (!CryptExportKey(xmlSecMSCryptoKeyDataCtxGetKey(ctx), 0, PUBLICKEYBLOB, 0, blob, &dwBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     if (dwBlobLen < sizeof(PUBLICKEYSTRUC)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "blobLen=%ld", dwBlobLen);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "blobLen=%ld", dwBlobLen);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* check PUBLICKEYSTRUC */
-    pubKeyStruc	    = (PUBLICKEYSTRUC*)blob;
+    pubKeyStruc     = (PUBLICKEYSTRUC*)blob;
     if(pubKeyStruc->bVersion != 0x02) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     if(pubKeyStruc->bType != PUBLICKEYBLOB) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* check DSSPUBKEY */
-    pubKey	    = (DSSPUBKEY*)(blob + sizeof(PUBLICKEYSTRUC));
+    pubKey          = (DSSPUBKEY*)(blob + sizeof(PUBLICKEYSTRUC));
     if(pubKey->magic != 0x31535344) { /* DSS key magic */
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKey->magic=0x%08lx", pubKey->magic);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKey->magic=0x%08lx", pubKey->magic);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
-    keyLen	    = pubKey->bitlen / 8;
+    keyLen          = pubKey->bitlen / 8;
 
     /* we assume that sizeof(q) < 0x14, sizeof(g) <= sizeof(p) and sizeof(y) <= sizeof(p) */
     if (dwBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY) + 3 * keyLen + 0x14 + sizeof(DSSSEED)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "blobLen=%ld; keyLen=%d", dwBlobLen, keyLen);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "blobLen=%ld; keyLen=%d", dwBlobLen, keyLen);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
-    blob	    += sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY);
+    blob            += sizeof(PUBLICKEYSTRUC) + sizeof(DSSPUBKEY);
 
     /* first is P node */
     cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     ret = xmlSecBnBlobSetNodeValue(blob, keyLen, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	xmlSecBufferFinalize(&buf);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
+    }
     blob += keyLen;
 
     /* next is Q node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* we think that the size of q is 0x14, skip trailing zeros */
@@ -2288,28 +2287,28 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     blob += 0x14;
 
     /* next is G node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* skip trailing zeros */
@@ -2317,13 +2316,13 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	xmlSecBufferFinalize(&buf);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        xmlSecBufferFinalize(&buf);
         return(-1);
     }
     blob += keyLen;
@@ -2333,14 +2332,14 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     /* next is Y node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	xmlSecBufferFinalize(&buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     /* skip trailing zeros */
@@ -2348,14 +2347,14 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     ret = xmlSecBnBlobSetNodeValue(blob, len, cur, xmlSecBnBase64, 1, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecBnBlobSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecBnBlobSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     blob += keyLen;
 
@@ -2366,7 +2365,7 @@ xmlSecMSCryptoKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 static int
 xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
-    HCRYPTPROV hProv = 0; 
+    HCRYPTPROV hProv = 0;
     HCRYPTKEY hKey = 0;
     DWORD dwKeySpec;
     DWORD dwSize;
@@ -2380,46 +2379,36 @@ xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xml
 
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
 
-    if(!CryptAcquireContext(&hProv, XMLSEC_CONTAINER_NAME, ctx->providerName, ctx->providerType, 0)) {
-	    if (NTE_BAD_KEYSET == GetLastError()) {
-	        if(!CryptAcquireContext(&hProv, XMLSEC_CONTAINER_NAME, ctx->providerName, ctx->providerType, CRYPT_NEWKEYSET)) {
-		        xmlSecError(XMLSEC_ERRORS_HERE,
-			            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			            "CryptAcquireContext",
-			            XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			            XMLSEC_ERRORS_NO_MESSAGE);
-		        return(-1);
-	        }
-	    } else {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
+    hProv = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(hProv == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     dwKeySpec = AT_SIGNATURE;
     dwSize = ((sizeBits << 16) | CRYPT_EXPORTABLE);
     if (!CryptGenKey(hProv, CALG_DSS_SIGN, dwSize, &hKey)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		        "CryptGenKey",
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "CryptGenKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
     }
 
-    ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec, 
-	xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+    ret = xmlSecMSCryptoKeyDataAdoptKey(data, hProv, TRUE, hKey, dwKeySpec,
+        xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
     if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		        "xmlSecMSCryptoKeyDataAdoptKey",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecMSCryptoKeyDataAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
     }
     hProv = 0;
     hKey = 0;
@@ -2429,11 +2418,11 @@ xmlSecMSCryptoKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xml
 
 done:
     if (hProv != 0) {
-    	CryptReleaseContext(hProv, 0);
+        CryptReleaseContext(hProv, 0);
     }
 
     if (hKey != 0) {
-	    CryptDestroyKey(hKey);
+            CryptDestroyKey(hKey);
     }
 
     return(res);
@@ -2444,29 +2433,29 @@ xmlSecMSCryptoKeyDataDsaGetType(xmlSecKeyDataPtr data) {
     return(xmlSecMSCryptoKeyDataGetType(data));
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecMSCryptoKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId), 0);
 
     return xmlSecMSCryptoKeyDataGetSize(data);
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== dsa key: size = %d\n", 
-	    xmlSecMSCryptoKeyDataDsaGetSize(data));
+
+    fprintf(output, "=== dsa key: size = %d\n",
+            xmlSecMSCryptoKeyDataDsaGetSize(data));
 }
 
 static void
 xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataDsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<DSAKeyValue size=\"%d\" />\n", 
-	    xmlSecMSCryptoKeyDataDsaGetSize(data));
+
+    fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
+            xmlSecMSCryptoKeyDataDsaGetSize(data));
 }
 
 #endif /* XMLSEC_NO_DSA */
@@ -2478,28 +2467,28 @@ xmlSecMSCryptoKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
  * GOST2001 xml key representation processing. Contain errors.
  *
  *************************************************************************/
-static int		xmlSecMSCryptoKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataGost2001Duplicate(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void		xmlSecMSCryptoKeyDataGost2001Finalize(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataGost2001XmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataGost2001XmlWrite(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataGost2001Generate(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
+static int              xmlSecMSCryptoKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataGost2001Duplicate(xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecMSCryptoKeyDataGost2001Finalize(xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataGost2001XmlRead    (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataGost2001XmlWrite(xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataGost2001Generate(xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
 
 static xmlSecKeyDataType xmlSecMSCryptoKeyDataGost2001GetType(xmlSecKeyDataPtr data);
-static xmlSecSize	 xmlSecMSCryptoKeyDataGost2001GetSize(xmlSecKeyDataPtr data);
-static void		 xmlSecMSCryptoKeyDataGost2001DebugDump(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void		xmlSecMSCryptoKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data,
-							 FILE* output);
+static xmlSecSize        xmlSecMSCryptoKeyDataGost2001GetSize(xmlSecKeyDataPtr data);
+static void              xmlSecMSCryptoKeyDataGost2001DebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecMSCryptoKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
 
 static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataGost2001Klass = {
     sizeof(xmlSecKeyDataKlass),
@@ -2507,46 +2496,57 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataGost2001Klass = {
 
     /* data */
     xmlSecNameGOST2001KeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-					/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefGOST2001KeyValue,		/* const xmlChar* href; */
-    xmlSecNodeGOST2001KeyValue,		/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,			/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefGOST2001KeyValue,         /* const xmlChar* href; */
+    xmlSecNodeGOST2001KeyValue,         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoKeyDataGost2001Initialize,	/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoKeyDataGost2001Duplicate,	/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoKeyDataGost2001Finalize,	/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL, /* xmlSecMSCryptoKeyDataGost2001Generate,*/	/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecMSCryptoKeyDataGost2001Initialize,    /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoKeyDataGost2001Duplicate,     /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoKeyDataGost2001Finalize,      /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL, /* xmlSecMSCryptoKeyDataGost2001Generate,*/   /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecMSCryptoKeyDataGost2001GetType, 	/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecMSCryptoKeyDataGost2001GetSize,	/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,				/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecMSCryptoKeyDataGost2001GetType,       /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoKeyDataGost2001GetSize,       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    NULL,	/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    NULL,	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,				/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,				/* xmlSecKeyDataBinWriteMethod binWrite; */
+    NULL,       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoKeyDataGost2001DebugDump,	/* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoKeyDataGost2001DebugDump,     /* xmlSecKeyDataDebugDumpMethod debugDump; */
     xmlSecMSCryptoKeyDataGost2001DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
+};
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Gost[] = {
+    { MAGPRO_CSP,                   PROV_MAGPRO_GOST },
+    { CRYPTOPRO_CSP,                PROV_CRYPTOPRO_GOST },
+    { NULL, 0 }
 };
 
 /**
  * xmlSecMSCryptoKeyDataGost2001GetKlass:
- * 
+ *
  * The GOST2001 key data klass.
  *
  * Returns: pointer to GOST2001 key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataGost2001GetKlass(void) {
     return(&xmlSecMSCryptoKeyDataGost2001Klass);
 }
@@ -2555,7 +2555,6 @@ xmlSecMSCryptoKeyDataGost2001GetKlass(void) {
 static int
 xmlSecMSCryptoKeyDataGost2001Initialize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoKeyDataCtxPtr ctx;
-    HCRYPTPROV tmp_ctx = 0;
 
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id), xmlSecKeyDataTypeUnknown);
 
@@ -2564,24 +2563,7 @@ xmlSecMSCryptoKeyDataGost2001Initialize(xmlSecKeyDataPtr data) {
     ctx = xmlSecMSCryptoKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
 
-    /* GOST Algorithm is provided by several CSP's, so we try to find any installed */
-    if (CryptAcquireContext(&tmp_ctx, NULL, NULL, PROV_MAGPRO_GOST, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
-      ctx->providerName = "MagPro CSP";
-      ctx->providerType = PROV_MAGPRO_GOST;
-    } else {
-      if (CryptAcquireContext(&tmp_ctx, NULL, NULL, PROV_CRYPTOPRO_GOST, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
-        ctx->providerName = "CryptoPro CSP";
-        ctx->providerType = PROV_CRYPTOPRO_GOST;
-      } else {
-    	  xmlSecError(XMLSEC_ERRORS_HERE,
-		      xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		      "xmlSecMSCryptoKeyDataGost2001Initialize",
-		      XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		      XMLSEC_ERRORS_NO_MESSAGE);
-		    return -1;
-     }
-    }
-    CryptReleaseContext(tmp_ctx, 0);
+    ctx->providers = xmlSecMSCryptoProviderInfo_Gost;
     return(0);
 }
 
@@ -2596,7 +2578,7 @@ xmlSecMSCryptoKeyDataGost2001Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr sr
 static void
 xmlSecMSCryptoKeyDataGost2001Finalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id));
-    
+
     xmlSecMSCryptoKeyDataFinalize(data);
 }
 
@@ -2605,29 +2587,29 @@ xmlSecMSCryptoKeyDataGost2001GetType(xmlSecKeyDataPtr data) {
     return(xmlSecMSCryptoKeyDataGetType(data));
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecMSCryptoKeyDataGost2001GetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id), 0);
 
     return xmlSecMSCryptoKeyDataGetSize(data);
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataGost2001DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== dsa key: size = %d\n", 
-	    xmlSecMSCryptoKeyDataGost2001GetSize(data));
+
+    fprintf(output, "=== dsa key: size = %d\n",
+            xmlSecMSCryptoKeyDataGost2001GetSize(data));
 }
 
 static void
 xmlSecMSCryptoKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataGost2001Id));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n", 
-	    xmlSecMSCryptoKeyDataGost2001GetSize(data));
+
+    fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
+            xmlSecMSCryptoKeyDataGost2001GetSize(data));
 }
 
 #endif /* XMLSEC_NO_GOST*/
diff --git a/src/mscrypto/ciphers.c b/src/mscrypto/ciphers.c
index 59161639..ea2edcd5 100644
--- a/src/mscrypto/ciphers.c
+++ b/src/mscrypto/ciphers.c
@@ -1,10 +1,10 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -21,65 +21,49 @@
 
 #include <xmlsec/mscrypto/crypto.h>
 
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
+#include "private.h"
 
-#ifndef MS_ENH_RSA_AES_PROV_PROTO
-#define MS_ENH_RSA_AES_PROV_PROTO "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
-#endif /* MS_ENH_RSA_AES_PROV_PROTO */
-
-static BOOL xmlSecMSCryptoCreatePrivateExponentOneKey	(HCRYPTPROV hProv, 
-							 HCRYPTKEY *hPrivateKey);
-static BOOL xmlSecMSCryptoImportPlainSessionBlob	(HCRYPTPROV hProv, 
-							 HCRYPTKEY hPrivateKey,
-							 ALG_ID dwAlgId, 
-							 LPBYTE pbKeyMaterial,
-							 DWORD dwKeyMaterial, 
-							 HCRYPTKEY *hSessionKey);
 
 /**************************************************************************
  *
  * Internal MSCrypto Block cipher CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecMSCryptoBlockCipherCtx		xmlSecMSCryptoBlockCipherCtx,
-							*xmlSecMSCryptoBlockCipherCtxPtr;
+typedef struct _xmlSecMSCryptoBlockCipherCtx            xmlSecMSCryptoBlockCipherCtx,
+                                                        *xmlSecMSCryptoBlockCipherCtxPtr;
 struct _xmlSecMSCryptoBlockCipherCtx {
-    ALG_ID		algorithmIdentifier;
-    int			mode;
-    HCRYPTPROV		cryptProvider;
-    HCRYPTKEY		cryptKey;
-    HCRYPTKEY		pubPrivKey;
-    xmlSecKeyDataId	keyId;
-    LPCTSTR		providerName;
-    int			providerType;
-    int			keyInitialized;
-    int			ctxInitialized;
-    xmlSecSize		keySize;
+    ALG_ID                              algorithmIdentifier;
+    const xmlSecMSCryptoProviderInfo  * providers;
+    xmlSecKeyDataId                     keyId;
+    xmlSecSize                          keySize;
+
+    HCRYPTPROV                          cryptProvider;
+    HCRYPTKEY                           pubPrivKey;
+    HCRYPTKEY                           cryptKey;
+    int                                 ctxInitialized;
 };
 /* function declarations */
-static int 	xmlSecMSCryptoBlockCipherCtxUpdate	(xmlSecMSCryptoBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoBlockCipherCtxUpdate      (xmlSecMSCryptoBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 
-static int 
+static int
 xmlSecMSCryptoBlockCipherCtxInit(xmlSecMSCryptoBlockCipherCtxPtr ctx,
-				 xmlSecBufferPtr in,
-				 xmlSecBufferPtr out,
-				 int encrypt,
-				 const xmlChar* cipherName,
-				 xmlSecTransformCtxPtr transformCtx) {
+                                 xmlSecBufferPtr in,
+                                 xmlSecBufferPtr out,
+                                 int encrypt,
+                                 const xmlChar* cipherName,
+                                 xmlSecTransformCtxPtr transformCtx) {
     int blockLen;
     int ret;
     DWORD dwBlockLen, dwBlockLenLen;
 
     xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->keyInitialized != 0, -1);
+    xmlSecAssert2(ctx->cryptKey != 0, -1);
     xmlSecAssert2(ctx->ctxInitialized == 0, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(out != NULL, -1);
@@ -88,92 +72,92 @@ xmlSecMSCryptoBlockCipherCtxInit(xmlSecMSCryptoBlockCipherCtxPtr ctx,
     /* iv len == block len */
     dwBlockLenLen = sizeof(DWORD);
     if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "CryptGetKeyParam",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "CryptGetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     blockLen = dwBlockLen / 8;
     xmlSecAssert2(blockLen > 0, -1);
     if(encrypt) {
-	unsigned char* iv;
-	size_t outSize;
-
-	/* allocate space for IV */	
-	outSize = xmlSecBufferGetSize(out);
-	ret = xmlSecBufferSetSize(out, outSize + blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferSetSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize + blockLen);
-	    return(-1);
-	}
-	iv = xmlSecBufferGetData(out) + outSize;
-
-	/* generate and use random iv */
-	if(!CryptGenRandom(ctx->cryptProvider, blockLen, iv)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-		        "CryptGenRandom",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		        "len=%d", blockLen);
-	    return(-1);
-	}
-	    
-	if(!CryptSetKeyParam(ctx->cryptKey, KP_IV, iv, 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptSetKeyParam",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        unsigned char* iv;
+        size_t outSize;
+
+        /* allocate space for IV */
+        outSize = xmlSecBufferGetSize(out);
+        ret = xmlSecBufferSetSize(out, outSize + blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize + blockLen);
+            return(-1);
+        }
+        iv = xmlSecBufferGetData(out) + outSize;
+
+        /* generate and use random iv */
+        if(!CryptGenRandom(ctx->cryptProvider, blockLen, iv)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptGenRandom",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "len=%d", blockLen);
+            return(-1);
+        }
+
+        if(!CryptSetKeyParam(ctx->cryptKey, KP_IV, iv, 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptSetKeyParam",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	/* if we don't have enough data, exit and hope that 
-	* we'll have iv next time */
-	if(xmlSecBufferGetSize(in) < (size_t)blockLen) {
-	    return(0);
-	}
-	xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
-
-	/* set iv */
-	if (!CryptSetKeyParam(ctx->cryptKey, KP_IV, xmlSecBufferGetData(in), 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptSetKeyParam",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	/* and remove from input */
-	ret = xmlSecBufferRemoveHead(in, blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", blockLen);
-	    return(-1);
-
-	}
+        /* if we don't have enough data, exit and hope that
+        * we'll have iv next time */
+        if(xmlSecBufferGetSize(in) < (size_t)blockLen) {
+            return(0);
+        }
+        xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
+
+        /* set iv */
+        if (!CryptSetKeyParam(ctx->cryptKey, KP_IV, xmlSecBufferGetData(in), 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptSetKeyParam",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* and remove from input */
+        ret = xmlSecBufferRemoveHead(in, blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", blockLen);
+            return(-1);
+
+        }
     }
 
     ctx->ctxInitialized = 1;
-    return(0);								 
+    return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoBlockCipherCtxUpdate(xmlSecMSCryptoBlockCipherCtxPtr ctx,
-				   xmlSecBufferPtr in, xmlSecBufferPtr out,
-				   int encrypt,
-				   const xmlChar* cipherName,
-				   xmlSecTransformCtxPtr transformCtx) {
+                                   xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                   int encrypt,
+                                   const xmlChar* cipherName,
+                                   xmlSecTransformCtxPtr transformCtx) {
     size_t inSize, inBlocks, outSize;
     int blockLen;
     unsigned char* outBuf;
@@ -186,44 +170,44 @@ xmlSecMSCryptoBlockCipherCtxUpdate(xmlSecMSCryptoBlockCipherCtxPtr ctx,
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(out != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-	
+
     dwBlockLenLen = sizeof(DWORD);
     if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "CryptSetKeyParam",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "CryptSetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     blockLen = dwBlockLen / 8;
     xmlSecAssert2(blockLen > 0, -1);
 
     inSize = xmlSecBufferGetSize(in);
     outSize = xmlSecBufferGetSize(out);
-    
+
     if(inSize < (size_t)blockLen) {
-	return(0);
+        return(0);
     }
 
     if(encrypt) {
-	inBlocks = inSize / ((size_t)blockLen);
+        inBlocks = inSize / ((size_t)blockLen);
     } else {
-	/* we want to have the last block in the input buffer 
- 	 * for padding check */
-	inBlocks = (inSize - 1) / ((size_t)blockLen);
+        /* we want to have the last block in the input buffer
+         * for padding check */
+        inBlocks = (inSize - 1) / ((size_t)blockLen);
     }
     inSize = inBlocks * ((size_t)blockLen);
 
     /* we write out the input size plus may be one block */
     ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize + blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize + blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
     inBuf = xmlSecBufferGetData(in);
@@ -232,72 +216,72 @@ xmlSecMSCryptoBlockCipherCtxUpdate(xmlSecMSCryptoBlockCipherCtxPtr ctx,
     memcpy(outBuf, inBuf, inSize);
     dwCLen = inSize;
     if(encrypt) {
-	if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptEncrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptEncrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	if (!CryptDecrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptSetKeyDecrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        if (!CryptDecrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptSetKeyDecrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     /* Check if we really have de/encrypted the numbers of bytes that we requested */
     if (dwCLen != inSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "CryptEn/Decrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%ld", dwCLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "CryptEn/Decrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%ld", dwCLen);
+        return(-1);
     }
 
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize);
+        return(-1);
     }
 
     /* remove the processed block from input */
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoBlockCipherCtxFinal(xmlSecMSCryptoBlockCipherCtxPtr ctx,
-				  xmlSecBufferPtr in,
-				  xmlSecBufferPtr out,
-				  int encrypt,
-				  const xmlChar* cipherName,
-				  xmlSecTransformCtxPtr transformCtx) {
+                                  xmlSecBufferPtr in,
+                                  xmlSecBufferPtr out,
+                                  int encrypt,
+                                  const xmlChar* cipherName,
+                                  xmlSecTransformCtxPtr transformCtx) {
     size_t inSize, outSize;
     int blockLen, outLen = 0;
     unsigned char* inBuf;
     unsigned char* outBuf;
     int ret;
     DWORD dwBlockLen, dwBlockLenLen, dwCLen;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->ctxInitialized != 0, -1);
     xmlSecAssert2(in != NULL, -1);
@@ -306,12 +290,12 @@ xmlSecMSCryptoBlockCipherCtxFinal(xmlSecMSCryptoBlockCipherCtxPtr ctx,
 
     dwBlockLenLen = sizeof(DWORD);
     if (!CryptGetKeyParam(ctx->cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "CryptGetKeyParam",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "CryptGetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     blockLen = dwBlockLen / 8;
     xmlSecAssert2(blockLen > 0, -1);
@@ -320,129 +304,129 @@ xmlSecMSCryptoBlockCipherCtxFinal(xmlSecMSCryptoBlockCipherCtxPtr ctx,
     outSize = xmlSecBufferGetSize(out);
 
     if(encrypt != 0) {
-	xmlSecAssert2(inSize < (size_t)blockLen, -1);        
-
-	/* create padding */
-	ret = xmlSecBufferSetMaxSize(in, blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", blockLen);
-	    return(-1);
-	}
-	inBuf = xmlSecBufferGetData(in);
-
-	/* create random padding */
-	if((size_t)blockLen > (inSize + 1)) {
-	    if (!CryptGenRandom(ctx->cryptProvider, blockLen - inSize - 1, inBuf + inSize)) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(cipherName),
-			    "CryptGenRandom",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	inBuf[blockLen - 1] = blockLen - inSize;
-	inSize = blockLen;
+        xmlSecAssert2(inSize < (size_t)blockLen, -1);
+
+        /* create padding */
+        ret = xmlSecBufferSetMaxSize(in, blockLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", blockLen);
+            return(-1);
+        }
+        inBuf = xmlSecBufferGetData(in);
+
+        /* create random padding */
+        if((size_t)blockLen > (inSize + 1)) {
+            if (!CryptGenRandom(ctx->cryptProvider, blockLen - inSize - 1, inBuf + inSize)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(cipherName),
+                            "CryptGenRandom",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        inBuf[blockLen - 1] = blockLen - inSize;
+        inSize = blockLen;
     } else {
-	if(inSize != (size_t)blockLen) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"data=%d;block=%d", inSize, blockLen);
-	    return(-1);
-	}
-	inBuf = xmlSecBufferGetData(in);
+        if(inSize != (size_t)blockLen) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "data=%d;block=%d", inSize, blockLen);
+            return(-1);
+        }
+        inBuf = xmlSecBufferGetData(in);
     }
-    
+
     /* process last block */
     ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + 2 * blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + 2 * blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
     memcpy(outBuf, inBuf, inSize);
 
     dwCLen = inSize;
     if(encrypt) {
-	/* Set process last block to false, since we handle padding ourselves, and MSCrypto padding 
-	 * can be skipped. I hope this will work .... */
-	if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptEncrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        /* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
+         * can be skipped. I hope this will work .... */
+        if(!CryptEncrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen, inSize + blockLen)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptEncrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	if (!CryptDecrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"CryptDecrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        if (!CryptDecrypt(ctx->cryptKey, 0, FALSE, 0, outBuf, &dwCLen)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "CryptDecrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     /* Check if we really have de/encrypted the numbers of bytes that we requested */
     if (dwCLen != inSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "CryptEn/Decrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%ld", dwCLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "CryptEn/Decrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%ld", dwCLen);
+        return(-1);
     }
 
     if(encrypt == 0) {
-	/* check padding */
-	if(inSize < outBuf[blockLen - 1]) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"padding=%d;buffer=%d",
-			outBuf[blockLen - 1], inSize);
-	    return(-1);	
-	}
-	outLen = inSize - outBuf[blockLen - 1];
+        /* check padding */
+        if(inSize < outBuf[blockLen - 1]) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "padding=%d;buffer=%d",
+                        outBuf[blockLen - 1], inSize);
+            return(-1);
+        }
+        outLen = inSize - outBuf[blockLen - 1];
     } else {
-	outLen = inSize;
+        outLen = inSize;
     }
 
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + outLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
     }
 
     /* remove the processed block from input */
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -451,29 +435,52 @@ xmlSecMSCryptoBlockCipherCtxFinal(xmlSecMSCryptoBlockCipherCtxPtr ctx,
  *  Block Cipher transforms
  *
  * xmlSecMSCryptoBlockCipherCtx block is located after xmlSecTransform structure
- * 
+ *
  *****************************************************************************/
-#define xmlSecMSCryptoBlockCipherSize	\
+#define xmlSecMSCryptoBlockCipherSize   \
     (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoBlockCipherCtx))
 #define xmlSecMSCryptoBlockCipherGetCtx(transform) \
     ((xmlSecMSCryptoBlockCipherCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecMSCryptoBlockCipherInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecMSCryptoBlockCipherFinalize	(xmlSecTransformPtr transform);
-static int  	xmlSecMSCryptoBlockCipherSetKeyReq	(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int	xmlSecMSCryptoBlockCipherSetKey		(xmlSecTransformPtr transform,
-							 xmlSecKeyPtr key);
-static int	xmlSecMSCryptoBlockCipherExecute	(xmlSecTransformPtr transform,
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecMSCryptoBlockCipherCheckId	(xmlSecTransformPtr transform);
-							 
+static int      xmlSecMSCryptoBlockCipherInitialize     (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoBlockCipherFinalize       (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoBlockCipherSetKeyReq      (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoBlockCipherSetKey         (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecMSCryptoBlockCipherExecute        (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoBlockCipherCheckId        (xmlSecTransformPtr transform);
+
+
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+#ifndef XMLSEC_NO_DES
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Des[] = {
+    { MS_STRONG_PROV,               PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,             PROV_RSA_FULL },
+    { NULL, 0 }
+};
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Aes[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { NULL, 0 }
+};
+#endif /* XMLSEC_NO_AES */
+
 static int
 xmlSecMSCryptoBlockCipherCheckId(xmlSecTransformPtr transform) {
 #ifndef XMLSEC_NO_DES
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDes3CbcId)) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DES */
 
@@ -489,115 +496,83 @@ xmlSecMSCryptoBlockCipherCheckId(xmlSecTransformPtr transform) {
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoBlockCipherInitialize(xmlSecTransformPtr transform) {
     xmlSecMSCryptoBlockCipherCtxPtr ctx;
+    int ret;
 
     xmlSecAssert2(xmlSecMSCryptoBlockCipherCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoBlockCipherSize), -1);
 
     ctx = xmlSecMSCryptoBlockCipherGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecMSCryptoBlockCipherCtx));
 
 #ifndef XMLSEC_NO_DES
     if(transform->id == xmlSecMSCryptoTransformDes3CbcId) {
-	ctx->algorithmIdentifier    = CALG_3DES;
-	ctx->keyId 		    = xmlSecMSCryptoKeyDataDesId;
-	ctx->providerName	    = MS_ENHANCED_PROV;
-	ctx->providerType	    = PROV_RSA_FULL;
-	ctx->keySize		    = 24;
-    } else 
+        ctx->algorithmIdentifier    = CALG_3DES;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataDesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Des;
+        ctx->keySize                = 24;
+    } else
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_AES
     if(transform->id == xmlSecMSCryptoTransformAes128CbcId) {
-	ctx->algorithmIdentifier    = CALG_AES_128;
-	ctx->keyId 		    = xmlSecMSCryptoKeyDataAesId;
-	ctx->providerName	    = MS_ENH_RSA_AES_PROV_PROTO;
-	ctx->providerType	    = PROV_RSA_AES;
-	ctx->keySize		    = 16;
+        ctx->algorithmIdentifier    = CALG_AES_128;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = 16;
     } else if(transform->id == xmlSecMSCryptoTransformAes192CbcId) {
-	ctx->algorithmIdentifier    = CALG_AES_192;
-	ctx->keyId 		    = xmlSecMSCryptoKeyDataAesId;
-	ctx->providerName	    = MS_ENH_RSA_AES_PROV_PROTO;
-	ctx->providerType	    = PROV_RSA_AES;
-	ctx->keySize		    = 24;
+        ctx->algorithmIdentifier    = CALG_AES_192;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = 24;
     } else if(transform->id == xmlSecMSCryptoTransformAes256CbcId) {
-	ctx->algorithmIdentifier    = CALG_AES_256;
-	ctx->keyId 		    = xmlSecMSCryptoKeyDataAesId;
-	ctx->providerName	    = MS_ENH_RSA_AES_PROV_PROTO;
-	ctx->providerType	    = PROV_RSA_AES;
-	ctx->keySize		    = 32;
-    } else 
+        ctx->algorithmIdentifier    = CALG_AES_256;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = 32;
+    } else     
 #endif /* XMLSEC_NO_AES */
 
-    if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-	    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-	    NULL,
-	    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-	    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }        
-	
-    if(!CryptAcquireContext(&ctx->cryptProvider, NULL /*"xmlSecMSCryptoTempContainer"*/, 
-			     ctx->providerName, ctx->providerType, 0)) {
-        DWORD dwError = GetLastError();
-	if (dwError == NTE_EXISTS) {
-	    if (!CryptAcquireContext(&ctx->cryptProvider, "xmlSecMSCryptoTempContainer", 
-				     ctx->providerName, ctx->providerType, 0)) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "CryptAcquireContext",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-
-		return(-1);
-	    }
-	} else if (dwError == NTE_BAD_KEYSET) {
-	  /* This error can indicate that a newly installed provider 
-	   * does not have a usable key container yet. It needs to be
-	   * created, and then we have to try again CryptAcquireContext.
-	   * This is also referenced in 
-	   * http://www.microsoft.com/mind/0697/crypto.asp (inituser)
-	   */
-	    if(!CryptAcquireContext(&ctx->cryptProvider, NULL, ctx->providerName,
-				    ctx->providerType, CRYPT_NEWKEYSET)) {
-	        xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "CryptAcquireContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	} else {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"CryptAcquireContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+            NULL,
+            XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ctx->cryptProvider = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->cryptProvider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
     }
 
     /* Create dummy key to be able to import plain session keys */
     if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->cryptProvider, &(ctx->pubPrivKey))) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecMSCryptoCreatePrivateExponentOneKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoCreatePrivateExponentOneKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
 
-	return(-1);
+        return(-1);
     }
 
     ctx->ctxInitialized = 0;
     return(0);
 }
 
-static void 
+static void
 xmlSecMSCryptoBlockCipherFinalize(xmlSecTransformPtr transform) {
     xmlSecMSCryptoBlockCipherCtxPtr ctx;
 
@@ -608,21 +583,19 @@ xmlSecMSCryptoBlockCipherFinalize(xmlSecTransformPtr transform) {
     xmlSecAssert(ctx != NULL);
 
     if (ctx->cryptKey) {
-	CryptDestroyKey(ctx->cryptKey);
+        CryptDestroyKey(ctx->cryptKey);
     }
     if (ctx->pubPrivKey) {
-	CryptDestroyKey(ctx->pubPrivKey);
+        CryptDestroyKey(ctx->pubPrivKey);
     }
     if (ctx->cryptProvider) {
-	CryptReleaseContext(ctx->cryptProvider, 0);
-	CryptAcquireContext(&ctx->cryptProvider, "xmlSecMSCryptoTempContainer", 
-			    MS_ENHANCED_PROV, ctx->providerType, CRYPT_DELETEKEYSET);
+        CryptReleaseContext(ctx->cryptProvider, 0);
     }
-
+    
     memset(ctx, 0, sizeof(xmlSecMSCryptoBlockCipherCtx));
 }
 
-static int  
+static int
 xmlSecMSCryptoBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecMSCryptoBlockCipherCtxPtr ctx;
 
@@ -635,12 +608,12 @@ xmlSecMSCryptoBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPt
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->cryptProvider != 0, -1);
 
-    keyReq->keyId 	= ctx->keyId;
-    keyReq->keyType 	= xmlSecKeyDataTypeSymmetric;
+    keyReq->keyId       = ctx->keyId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
 
     keyReq->keyBitsSize = 8 * ctx->keySize;
@@ -660,23 +633,23 @@ xmlSecMSCryptoBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key)
 
     ctx = xmlSecMSCryptoBlockCipherGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    xmlSecAssert2(ctx->keyInitialized == 0, -1);
+    xmlSecAssert2(ctx->cryptKey == 0, -1);
+    xmlSecAssert2(ctx->pubPrivKey != 0, -1);
     xmlSecAssert2(ctx->keyId != NULL, -1);
     xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
-
     xmlSecAssert2(ctx->keySize > 0, -1);
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
     xmlSecAssert2(buffer != NULL, -1);
 
     if(xmlSecBufferGetSize(buffer) < ctx->keySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "keySize=%d;expected=%d",
-		    xmlSecBufferGetSize(buffer), ctx->keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=%d;expected=%d",
+                    xmlSecBufferGetSize(buffer), ctx->keySize);
+        return(-1);
     }
 
     bufData = xmlSecBufferGetData(buffer);
@@ -684,35 +657,35 @@ xmlSecMSCryptoBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key)
 
     /* Import this key and get an HCRYPTKEY handle */
     if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
-	ctx->pubPrivKey,
-	ctx->algorithmIdentifier, 
-	bufData, 
-	ctx->keySize, 
-	&(ctx->cryptKey)))  {
-
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-    		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecMSCryptoImportPlainSessionBlob",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        ctx->pubPrivKey,
+        ctx->algorithmIdentifier,
+        bufData,
+        ctx->keySize,
+        TRUE,
+        &(ctx->cryptKey)))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    ctx->keyInitialized = 1;
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecMSCryptoBlockCipherCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecMSCryptoBlockCipherCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoBlockCipherSize), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-	
+
     in = &(transform->inBuf);
     out = &(transform->outBuf);
 
@@ -720,79 +693,79 @@ xmlSecMSCryptoBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecT
     xmlSecAssert2(ctx != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
 
     if(transform->status == xmlSecTransformStatusWorking) {
-	if(ctx->ctxInitialized == 0) {
-	    ret = xmlSecMSCryptoBlockCipherCtxInit(ctx, 
-						   in, 
-						   out,
-						   (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-						   xmlSecTransformGetName(transform),
-						   transformCtx);
-				
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecMSCryptoBlockCipherCtxInit",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	if((ctx->ctxInitialized == 0) && (last != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"not enough data to initialize transform");
-	    return(-1);
-	}
-	if(ctx->ctxInitialized != 0) {
-	    ret = xmlSecMSCryptoBlockCipherCtxUpdate(ctx, in, out, 
-		(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-		xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecMSCryptoBlockCipherCtxUpdate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	
-	if(last) {
-	    ret = xmlSecMSCryptoBlockCipherCtxFinal(ctx, in, out, 
-		(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-		xmlSecTransformGetName(transform), transformCtx);
-
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecMSCryptoBlockCipherCtxFinal",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	} 
+        if(ctx->ctxInitialized == 0) {
+            ret = xmlSecMSCryptoBlockCipherCtxInit(ctx,
+                                                   in,
+                                                   out,
+                                                   (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                                                   xmlSecTransformGetName(transform),
+                                                   transformCtx);
+
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecMSCryptoBlockCipherCtxInit",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        if((ctx->ctxInitialized == 0) && (last != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "not enough data to initialize transform");
+            return(-1);
+        }
+        if(ctx->ctxInitialized != 0) {
+            ret = xmlSecMSCryptoBlockCipherCtxUpdate(ctx, in, out,
+                (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecMSCryptoBlockCipherCtxUpdate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+
+        if(last) {
+            ret = xmlSecMSCryptoBlockCipherCtxFinal(ctx, in, out,
+                (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                xmlSecTransformGetName(transform), transformCtx);
+
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecMSCryptoBlockCipherCtxFinal",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else if(transform->status == xmlSecTransformStatusNone) {
-	/* the only way we can get here is if there is no enough data in the input */
-	xmlSecAssert2(last == 0, -1);
+        /* the only way we can get here is if there is no enough data in the input */
+        xmlSecAssert2(last == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -804,117 +777,117 @@ xmlSecMSCryptoBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecT
  ********************************************************************/
 static xmlSecTransformKlass xmlSecMSCryptoAes128CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes128Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes128Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecMSCryptoBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecMSCryptoBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoBlockCipherSize,              /* xmlSecSize objSize */
+
+    xmlSecNameAes128Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes128Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoBlockCipherInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoBlockCipherFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoBlockCipherSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoBlockCipherSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoBlockCipherExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformAes128CbcGetKlass:
- * 
+ *
  * AES 128 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 128 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecMSCryptoTransformAes128CbcGetKlass(void) {
     return(&xmlSecMSCryptoAes128CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecMSCryptoAes192CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes192Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes192Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecMSCryptoBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecMSCryptoBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoBlockCipherSize,              /* xmlSecSize objSize */
+
+    xmlSecNameAes192Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes192Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoBlockCipherInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoBlockCipherFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoBlockCipherSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoBlockCipherSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoBlockCipherExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformAes192CbcGetKlass:
- * 
+ *
  * AES 192 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 192 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecMSCryptoTransformAes192CbcGetKlass(void) {
     return(&xmlSecMSCryptoAes192CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecMSCryptoAes256CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes256Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes256Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecMSCryptoBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecMSCryptoBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoBlockCipherSize,              /* xmlSecSize objSize */
+
+    xmlSecNameAes256Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes256Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoBlockCipherInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoBlockCipherFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoBlockCipherSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoBlockCipherSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoBlockCipherExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformAes256CbcGetKlass:
- * 
+ *
  * AES 256 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 256 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecMSCryptoTransformAes256CbcGetKlass(void) {
     return(&xmlSecMSCryptoAes256CbcKlass);
 }
@@ -925,426 +898,40 @@ xmlSecMSCryptoTransformAes256CbcGetKlass(void) {
 #ifndef XMLSEC_NO_DES
 static xmlSecTransformKlass xmlSecMSCryptoDes3CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),	/* size_t klassSize */
-    xmlSecMSCryptoBlockCipherSize,	/* size_t objSize */
+    sizeof(xmlSecTransformKlass),       /* size_t klassSize */
+    xmlSecMSCryptoBlockCipherSize,      /* size_t objSize */
 
-    xmlSecNameDes3Cbc,			/* const xmlChar* name; */
-    xmlSecHrefDes3Cbc, 			/* const xmlChar* href; */
+    xmlSecNameDes3Cbc,                  /* const xmlChar* name; */
+    xmlSecHrefDes3Cbc,                  /* const xmlChar* href; */
     xmlSecTransformUsageEncryptionMethod,/* xmlSecAlgorithmUsage usage; */
 
     xmlSecMSCryptoBlockCipherInitialize, /* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoBlockCipherFinalize,	 /* xmlSecTransformFinalizeMethod finalize; */
-    NULL,				 /* xmlSecTransformNodeReadMethod readNode; */
-    NULL,				 /* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoBlockCipherSetKeyReq,	 /* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecMSCryptoBlockCipherSetKey,	 /* xmlSecTransformSetKeyMethod setKey; */
-    NULL,				 /* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,	 /* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,	 /* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,	 /* xmlSecTransformPopBinMethod popBin; */
-    NULL,				 /* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,				 /* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoBlockCipherExecute,	 /* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,				 /* void* reserved0; */
-    NULL,				 /* void* reserved1; */
+    xmlSecMSCryptoBlockCipherFinalize,   /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoBlockCipherSetKeyReq,  /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoBlockCipherSetKey,     /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,   /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,       /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,        /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoBlockCipherExecute,    /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                /* void* reserved0; */
+    NULL,                                /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoTransformDes3CbcGetKlass:
  *
  * Triple DES CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to Triple DES encryption transform.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformDes3CbcGetKlass(void) {
     return(&xmlSecMSCryptoDes3CbcKlass);
 }
 #endif /* XMLSEC_NO_DES */
-
-/*
- * Low level helper routines for importing plain text keys in MS HKEY handle, 
- * since MSCrypto API does not support import of plain text (session) keys
- * just like that.
- * These functions are based upon MS kb article: 228786
- * 
- * aleksey: also check "Base Provider Key BLOBs" article for priv key blob format
- **/
-static BOOL 
-xmlSecMSCryptoCreatePrivateExponentOneKey(HCRYPTPROV hProv, HCRYPTKEY *hPrivateKey)
-{
-    HCRYPTKEY hKey = 0;
-    LPBYTE keyBlob = NULL;
-    DWORD keyBlobLen;
-    PUBLICKEYSTRUC* pubKeyStruc;
-    RSAPUBKEY* rsaPubKey;
-    DWORD bitLen;
-    BYTE *ptr;
-    int n;
-    BOOL res = FALSE;
-
-    xmlSecAssert2(hProv != 0, FALSE);
-    xmlSecAssert2(hPrivateKey != NULL, FALSE);
-
-    /* just in case */
-    *hPrivateKey = 0;
-
-    /* Generate the private key */
-    if(!CryptGenKey(hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGenKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    /* Export the private key, we'll convert it to a private exponent of one key */
-    if(!CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, NULL, &keyBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    keyBlob = (LPBYTE)xmlMalloc(sizeof(BYTE) * keyBlobLen);
-    if(keyBlob == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
- 
-    if(!CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, keyBlob, &keyBlobLen)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    CryptDestroyKey(hKey);
-    hKey = 0;
-
-    /* Get the bit length of the key */
-    if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "len=%ld", keyBlobLen);
-	goto done;
-    }
-    pubKeyStruc = (PUBLICKEYSTRUC*)keyBlob;
-    if(pubKeyStruc->bVersion != 0x02) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
-	goto done;
-    }
-    if(pubKeyStruc->bType != PRIVATEKEYBLOB) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
-	goto done;
-    }
-
-    /* aleksey: don't ask me why it is RSAPUBKEY, just don't ask */
-    rsaPubKey = (RSAPUBKEY*)(keyBlob + sizeof(PUBLICKEYSTRUC)); 
-
-    /* check that we have RSA private key */
-    if(rsaPubKey->magic != 0x32415352) { 
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "rsaPubKey->magic=0x%08lx", rsaPubKey->magic);
-	goto done;
-    }
-    bitLen = rsaPubKey->bitlen;
-
-    /*  Modify the Exponent in Key BLOB format Key BLOB format is documented in SDK */
-    rsaPubKey->pubexp = 1;
-
-    /* Private-key BLOBs, type PRIVATEKEYBLOB, are used to store private keys outside a CSP. 
-     * Base provider private-key BLOBs have the following format:
-     * 
-     * PUBLICKEYSTRUC  publickeystruc ;
-     * RSAPUBKEY rsapubkey;
-     * BYTE modulus[rsapubkey.bitlen/8];		1/8
-     * BYTE prime1[rsapubkey.bitlen/16];		1/16 
-     * BYTE prime2[rsapubkey.bitlen/16];		1/16 
-     * BYTE exponent1[rsapubkey.bitlen/16];		1/16 
-     * BYTE exponent2[rsapubkey.bitlen/16];		1/16 
-     * BYTE coefficient[rsapubkey.bitlen/16];		1/16
-     * BYTE privateExponent[rsapubkey.bitlen/8];	1/8
-     */
-    if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + bitLen / 2 + bitLen / 16) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptExportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "len=%ld", keyBlobLen);
-	goto done;
-    }
-    ptr = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)); 
-
-    /* Skip modulus, prime1, prime2 */
-    ptr += bitLen / 8;
-    ptr += bitLen / 16;
-    ptr += bitLen / 16;
-
-    /* Convert exponent1 to 1 */
-    for (n = 0; n < (bitLen / 16); n++) {
-	if (n == 0) ptr[n] = 1;
-	else ptr[n] = 0;
-    }
-    ptr += bitLen / 16;
-
-    /* Convert exponent2 to 1 */
-    for (n = 0; n < (bitLen / 16); n++) {
-	if (n == 0) ptr[n] = 1;
-	else ptr[n] = 0;
-    }
-    ptr += bitLen / 16;
-
-    /* Skip coefficient */
-    ptr += bitLen / 16;
-
-    /* Convert privateExponent to 1 */
-    for (n = 0; n < (bitLen / 16); n++) {
-	if (n == 0) ptr[n] = 1;
-	else ptr[n] = 0;
-    }
-
-    /* Import the exponent-of-one private key. */
-    if (!CryptImportKey(hProv, keyBlob, keyBlobLen, 0, 0, &hKey)) {                 
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptImportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    (*hPrivateKey) = hKey;
-    hKey = 0;
-    res = TRUE;
-   
-done:
-    if(keyBlob != NULL) { 
-	xmlFree(keyBlob);
-    }
-    if (hKey != 0) {
-	CryptDestroyKey(hKey);
-    }
-
-    return res;
-}
-
-static BOOL 
-xmlSecMSCryptoImportPlainSessionBlob(HCRYPTPROV hProv, HCRYPTKEY hPrivateKey,
-				     ALG_ID dwAlgId, LPBYTE pbKeyMaterial,
-				     DWORD dwKeyMaterial, HCRYPTKEY *hSessionKey) {
-    ALG_ID dwPrivKeyAlg;
-    LPBYTE keyBlob = NULL;
-    DWORD keyBlobLen, rndBlobSize, dwSize, n;
-    PUBLICKEYSTRUC* pubKeyStruc;
-    ALG_ID* algId;
-    DWORD dwPublicKeySize;
-    DWORD dwProvSessionKeySize;
-    LPBYTE pbPtr; 
-    DWORD dwFlags;
-    PROV_ENUMALGS_EX ProvEnum;
-    HCRYPTKEY hTempKey = 0;
-    BOOL fFound;
-    BOOL res = FALSE;
-    
-    xmlSecAssert2(hProv != 0, FALSE);
-    xmlSecAssert2(hPrivateKey != 0, FALSE);
-    xmlSecAssert2(pbKeyMaterial != NULL, FALSE);
-    xmlSecAssert2(dwKeyMaterial > 0, FALSE);
-    xmlSecAssert2(hSessionKey != NULL, FALSE);
-
-    /*  Double check to see if this provider supports this algorithm and key size */
-    fFound = FALSE;
-    dwFlags = CRYPT_FIRST;
-    dwSize = sizeof(ProvEnum);
-    while(CryptGetProvParam(hProv, PP_ENUMALGS_EX, (LPBYTE)&ProvEnum, &dwSize, dwFlags)) {
-	if (ProvEnum.aiAlgid == dwAlgId) {
-	    fFound = TRUE;
-	    break;
-	}
-        dwSize = sizeof(ProvEnum);
-	dwFlags = 0;
-    }
-    if(!fFound) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGetProvParam",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d is not supported", dwAlgId);
-	goto done;
-    }
-
-    /* We have to get the key size(including padding) from an HCRYPTKEY handle.  
-     * PP_ENUMALGS_EX contains the key size without the padding so we can't use it.
-     */
-    if(!CryptGenKey(hProv, dwAlgId, 0, &hTempKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGenKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d", dwAlgId);
-	goto done;
-    }
-
-    dwSize = sizeof(DWORD);
-    if(!CryptGetKeyParam(hTempKey, KP_KEYLEN, (LPBYTE)&dwProvSessionKeySize, &dwSize, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGetKeyParam(KP_KEYLEN)",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d", dwAlgId);
-	goto done;
-    }
-    CryptDestroyKey(hTempKey);
-    hTempKey = 0;
-
-    /* Our key is too big, leave */
-    if ((dwKeyMaterial * 8) > dwProvSessionKeySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "dwKeyMaterial=%ld;dwProvSessionKeySize=%ld", 
-		    dwKeyMaterial, dwProvSessionKeySize);
-	goto done;
-    }
-
-    /* Get private key's algorithm */
-    dwSize = sizeof(ALG_ID);
-    if(!CryptGetKeyParam(hPrivateKey, KP_ALGID, (LPBYTE)&dwPrivKeyAlg, &dwSize, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGetKeyParam(KP_ALGID)",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d", dwAlgId);
-	goto done;
-    }
-
-    /* Get private key's length in bits */
-    dwSize = sizeof(DWORD);
-    if(!CryptGetKeyParam(hPrivateKey, KP_KEYLEN, (LPBYTE)&dwPublicKeySize, &dwSize, 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGetKeyParam(KP_KEYLEN)",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d", dwAlgId);
-	goto done;
-    }
-    
-    /* 3 is for the first reserved byte after the key material and the 2 reserved bytes at the end. */
-    if(dwPublicKeySize / 8 < dwKeyMaterial + 3) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "dwKeyMaterial=%ld;dwPublicKeySize=%ld", 
-		    dwKeyMaterial, dwPublicKeySize);
-	goto done;
-    }
-    rndBlobSize = dwPublicKeySize / 8 - (dwKeyMaterial + 3);
-
-    /* Simple key BLOBs, type SIMPLEBLOB, are used to store and transport session keys outside a CSP. 
-     * Base provider simple-key BLOBs are always encrypted with a key exchange public key. The pbData 
-     * member of the SIMPLEBLOB is a sequence of bytes in the following format:
-     * 
-     * PUBLICKEYSTRUC  publickeystruc ;
-     * ALG_ID algid;
-     * BYTE encryptedkey[rsapubkey.bitlen/8];
-     */
-
-    /* calculate Simple blob's length */
-    keyBlobLen = sizeof(PUBLICKEYSTRUC) + sizeof(ALG_ID) + (dwPublicKeySize / 8);
-
-    /* allocate simple blob buffer */
-    keyBlob = (LPBYTE)xmlMalloc(sizeof(BYTE) * keyBlobLen);
-    if(keyBlob == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    memset(keyBlob, 0, keyBlobLen);
-
-    /* initialize PUBLICKEYSTRUC */
-    pubKeyStruc		    = (PUBLICKEYSTRUC*)(keyBlob);
-    pubKeyStruc->bType	    = SIMPLEBLOB;
-    pubKeyStruc->bVersion   = 0x02;
-    pubKeyStruc->reserved   = 0;
-    pubKeyStruc->aiKeyAlg   = dwAlgId;	
-
-    /* Copy private key algorithm to buffer */
-    algId		    = (ALG_ID*)(keyBlob + sizeof(PUBLICKEYSTRUC));
-    (*algId)		    = dwPrivKeyAlg;
-
-    /* Place the key material in reverse order */
-    pbPtr		    = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(ALG_ID));
-    for (n = 0; n < dwKeyMaterial; n++) {
-	pbPtr[n] = pbKeyMaterial[dwKeyMaterial - n - 1];
-    }
-    pbPtr += dwKeyMaterial;
-
-    /* skip reserved byte */
-    pbPtr += 1;
-
-    /* Generate random data for the rest of the buffer */
-    if((rndBlobSize > 0) && !CryptGenRandom(hProv, rndBlobSize, pbPtr)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptGenRandom",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "rndBlobSize=%ld", rndBlobSize);
-	goto done;
-    }
-    /* aleksey: why are we doing this? */
-    for (n = 0; n < rndBlobSize; n++) {
-	if (pbPtr[n] == 0) pbPtr[n] = 1;
-    }
-
-    /* set magic number at the end */
-    keyBlob[keyBlobLen - 2] = 2;
-
-    if(!CryptImportKey(hProv, keyBlob , keyBlobLen, hPrivateKey, CRYPT_EXPORTABLE, hSessionKey)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "CryptImportKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "algId=%d", dwAlgId);
-	goto done;
-    }
-
-    /* success */
-    res = TRUE;           
-
-done:
-    if(hTempKey != 0) {
-	CryptDestroyKey(hTempKey);
-    }
-    if(keyBlob != NULL) {
-	xmlFree(keyBlob);
-    }
-    return(res);
-}
-
diff --git a/src/mscrypto/crypto.c b/src/mscrypto/crypto.c
index d60d3c60..82ab101d 100644
--- a/src/mscrypto/crypto.c
+++ b/src/mscrypto/crypto.c
@@ -1,12 +1,12 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
- * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).  
+ * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
  */
 #include "globals.h"
 
@@ -23,11 +23,40 @@
 #include <xmlsec/mscrypto/app.h>
 #include <xmlsec/mscrypto/crypto.h>
 #include <xmlsec/mscrypto/x509.h>
+#include "private.h"
 
 #if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
+/* NOTE mingw.org project don't define any xxx_s function and may
+ * be never will define them.
+ *
+ * In this file is save to use non _s function as into destination
+ * buffer program code copy empty string and the size of source buffer
+ * (XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE=4096) is enough for any
+ * encoding. Also program code don't check result of _s functions.
+ */
+
+static int
+strcpy_s(char *dest, size_t n, const char *src) {
+    strcpy(dest, src);
+    return(0);
+}
+
+static int
+wcscpy_s(wchar_t *dest, size_t n, const wchar_t *src) {
+    wcscpy(dest, src);
+    return(0);
+}
+#endif
+
+#define XMLSEC_CONTAINER_NAME_A "xmlsec-key-container"
+#define XMLSEC_CONTAINER_NAME_W L"xmlsec-key-container"
+#ifdef UNICODE
+#define XMLSEC_CONTAINER_NAME XMLSEC_CONTAINER_NAME_W
+#else
+#define XMLSEC_CONTAINER_NAME XMLSEC_CONTAINER_NAME_A
 #endif
 
+
 static xmlSecCryptoDLFunctionsPtr gXmlSecMSCryptoFunctions = NULL;
 
 /**
@@ -40,131 +69,216 @@ static xmlSecCryptoDLFunctionsPtr gXmlSecMSCryptoFunctions = NULL;
 xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoGetFunctions_mscrypto(void) {
     static xmlSecCryptoDLFunctions functions;
-    
+
     if(gXmlSecMSCryptoFunctions != NULL) {
-	return(gXmlSecMSCryptoFunctions);
+        return(gXmlSecMSCryptoFunctions);
     }
 
     memset(&functions, 0, sizeof(functions));
     gXmlSecMSCryptoFunctions = &functions;
 
-    /**  
+    /********************************************************************
+     *
      * Crypto Init/shutdown
-     */
-    gXmlSecMSCryptoFunctions->cryptoInit 			= xmlSecMSCryptoInit;
-    gXmlSecMSCryptoFunctions->cryptoShutdown 			= xmlSecMSCryptoShutdown;
-    gXmlSecMSCryptoFunctions->cryptoKeysMngrInit 		= xmlSecMSCryptoKeysMngrInit;
-
-    /**
+     *
+     ********************************************************************/
+    gXmlSecMSCryptoFunctions->cryptoInit                        = xmlSecMSCryptoInit;
+    gXmlSecMSCryptoFunctions->cryptoShutdown                    = xmlSecMSCryptoShutdown;
+    gXmlSecMSCryptoFunctions->cryptoKeysMngrInit                = xmlSecMSCryptoKeysMngrInit;
+
+    /********************************************************************
+     *
      * Key data ids
-     */
-#ifndef XMLSEC_NO_DES    
-    gXmlSecMSCryptoFunctions->keyDataDesGetKlass 		= xmlSecMSCryptoKeyDataDesGetKlass;
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecMSCryptoFunctions->keyDataDesGetKlass                = xmlSecMSCryptoKeyDataDesGetKlass;
 #endif /* XMLSEC_NO_DES */
 
-#ifndef XMLSEC_NO_AES    
-    gXmlSecMSCryptoFunctions->keyDataAesGetKlass		= xmlSecMSCryptoKeyDataAesGetKlass;
+#ifndef XMLSEC_NO_AES
+    gXmlSecMSCryptoFunctions->keyDataAesGetKlass                = xmlSecMSCryptoKeyDataAesGetKlass;
 #endif /* XMLSEC_NO_AES */
 
 #ifndef XMLSEC_NO_RSA
-    gXmlSecMSCryptoFunctions->keyDataRsaGetKlass 		= xmlSecMSCryptoKeyDataRsaGetKlass;
+    gXmlSecMSCryptoFunctions->keyDataRsaGetKlass                = xmlSecMSCryptoKeyDataRsaGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecMSCryptoFunctions->keyDataHmacGetKlass               = xmlSecMSCryptoKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
+
 #ifndef XMLSEC_NO_DSA
-    gXmlSecMSCryptoFunctions->keyDataDsaGetKlass 		= xmlSecMSCryptoKeyDataDsaGetKlass;
+    gXmlSecMSCryptoFunctions->keyDataDsaGetKlass                = xmlSecMSCryptoKeyDataDsaGetKlass;
 #endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_GOST
-    gXmlSecMSCryptoFunctions->keyDataGost2001GetKlass 		= xmlSecMSCryptoKeyDataGost2001GetKlass;
+    gXmlSecMSCryptoFunctions->keyDataGost2001GetKlass           = xmlSecMSCryptoKeyDataGost2001GetKlass;
 #endif /* XMLSEC_NO_GOST*/
 
 #ifndef XMLSEC_NO_X509
-    gXmlSecMSCryptoFunctions->keyDataX509GetKlass 		= xmlSecMSCryptoKeyDataX509GetKlass;
-    gXmlSecMSCryptoFunctions->keyDataRawX509CertGetKlass	= xmlSecMSCryptoKeyDataRawX509CertGetKlass;
+    gXmlSecMSCryptoFunctions->keyDataX509GetKlass               = xmlSecMSCryptoKeyDataX509GetKlass;
+    gXmlSecMSCryptoFunctions->keyDataRawX509CertGetKlass        = xmlSecMSCryptoKeyDataRawX509CertGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Key data store ids
-     */
+     *
+     ********************************************************************/
 #ifndef XMLSEC_NO_X509
-    gXmlSecMSCryptoFunctions->x509StoreGetKlass 		= xmlSecMSCryptoX509StoreGetKlass;
+    gXmlSecMSCryptoFunctions->x509StoreGetKlass                 = xmlSecMSCryptoX509StoreGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Crypto transforms ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecMSCryptoFunctions->transformAes128CbcGetKlass	= xmlSecMSCryptoTransformAes128CbcGetKlass;
-    gXmlSecMSCryptoFunctions->transformAes192CbcGetKlass	= xmlSecMSCryptoTransformAes192CbcGetKlass;
-    gXmlSecMSCryptoFunctions->transformAes256CbcGetKlass	= xmlSecMSCryptoTransformAes256CbcGetKlass;
+     *
+     ********************************************************************/
+
+    /******************************* AES ********************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecMSCryptoFunctions->transformAes128CbcGetKlass        = xmlSecMSCryptoTransformAes128CbcGetKlass;
+    gXmlSecMSCryptoFunctions->transformAes192CbcGetKlass        = xmlSecMSCryptoTransformAes192CbcGetKlass;
+    gXmlSecMSCryptoFunctions->transformAes256CbcGetKlass        = xmlSecMSCryptoTransformAes256CbcGetKlass;
+    gXmlSecMSCryptoFunctions->transformKWAes128GetKlass         = xmlSecMSCryptoTransformKWAes128GetKlass;
+    gXmlSecMSCryptoFunctions->transformKWAes192GetKlass         = xmlSecMSCryptoTransformKWAes192GetKlass;
+    gXmlSecMSCryptoFunctions->transformKWAes256GetKlass         = xmlSecMSCryptoTransformKWAes256GetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecMSCryptoFunctions->transformDes3CbcGetKlass 		= xmlSecMSCryptoTransformDes3CbcGetKlass;
+    /******************************* DES ********************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecMSCryptoFunctions->transformDes3CbcGetKlass          = xmlSecMSCryptoTransformDes3CbcGetKlass;
+    gXmlSecMSCryptoFunctions->transformKWDes3GetKlass           = xmlSecMSCryptoTransformKWDes3GetKlass;
 #endif /* XMLSEC_NO_DES */
 
-#ifndef XMLSEC_NO_RSA
-    gXmlSecMSCryptoFunctions->transformRsaSha1GetKlass 		= xmlSecMSCryptoTransformRsaSha1GetKlass;
-    gXmlSecMSCryptoFunctions->transformRsaPkcs1GetKlass 	= xmlSecMSCryptoTransformRsaPkcs1GetKlass;
-#endif /* XMLSEC_NO_RSA */
-
+    /******************************* DSA ********************************/
 #ifndef XMLSEC_NO_DSA
-    gXmlSecMSCryptoFunctions->transformDsaSha1GetKlass 		= xmlSecMSCryptoTransformDsaSha1GetKlass;
+    gXmlSecMSCryptoFunctions->transformDsaSha1GetKlass          = xmlSecMSCryptoTransformDsaSha1GetKlass;
 #endif /* XMLSEC_NO_DSA */
 
+    /******************************* GOST ********************************/
 #ifndef XMLSEC_NO_GOST
-    gXmlSecMSCryptoFunctions->transformGost2001GostR3411_94GetKlass 		= xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass;
+    gXmlSecMSCryptoFunctions->transformGost2001GostR3411_94GetKlass             = xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass;
 #endif /* XMLSEC_NO_GOST */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecMSCryptoFunctions->transformSha1GetKlass 		= xmlSecMSCryptoTransformSha1GetKlass;
+#ifndef XMLSEC_NO_GOST
+    gXmlSecMSCryptoFunctions->transformGostR3411_94GetKlass             = xmlSecMSCryptoTransformGostR3411_94GetKlass;
+#endif /* XMLSEC_NO_GOST */
+
+    /******************************* HMAC ********************************/
+#ifndef XMLSEC_NO_HMAC
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecMSCryptoFunctions->transformHmacMd5GetKlass         = xmlSecMSCryptoTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecMSCryptoFunctions->transformHmacSha1GetKlass        = xmlSecMSCryptoTransformHmacSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
 
-#ifndef XMLSEC_NO_GOST    
-    gXmlSecMSCryptoFunctions->transformGostR3411_94GetKlass 		= xmlSecMSCryptoTransformGostR3411_94GetKlass;
-#endif /* XMLSEC_NO_GOST */
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecMSCryptoFunctions->transformHmacSha256GetKlass      = xmlSecMSCryptoTransformHmacSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecMSCryptoFunctions->transformHmacSha384GetKlass      = xmlSecMSCryptoTransformHmacSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecMSCryptoFunctions->transformHmacSha512GetKlass      = xmlSecMSCryptoTransformHmacSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_HMAC */
+
+    /******************************* MD5 ********************************/
+#ifndef XMLSEC_NO_MD5
+    gXmlSecMSCryptoFunctions->transformMd5GetKlass             = xmlSecMSCryptoTransformMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+    /******************************* RSA ********************************/
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecMSCryptoFunctions->transformRsaMd5GetKlass          = xmlSecMSCryptoTransformRsaMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
 
-    /**
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecMSCryptoFunctions->transformRsaSha1GetKlass          = xmlSecMSCryptoTransformRsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecMSCryptoFunctions->transformRsaSha256GetKlass       = xmlSecMSCryptoTransformRsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecMSCryptoFunctions->transformRsaSha384GetKlass       = xmlSecMSCryptoTransformRsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecMSCryptoFunctions->transformRsaSha512GetKlass       = xmlSecMSCryptoTransformRsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+    gXmlSecMSCryptoFunctions->transformRsaPkcs1GetKlass         = xmlSecMSCryptoTransformRsaPkcs1GetKlass;
+    gXmlSecMSCryptoFunctions->transformRsaOaepGetKlass          = xmlSecMSCryptoTransformRsaOaepGetKlass;
+#endif /* XMLSEC_NO_RSA */
+
+    /******************************* SHA ********************************/
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecMSCryptoFunctions->transformSha1GetKlass             = xmlSecMSCryptoTransformSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecMSCryptoFunctions->transformSha256GetKlass          = xmlSecMSCryptoTransformSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecMSCryptoFunctions->transformSha384GetKlass          = xmlSecMSCryptoTransformSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecMSCryptoFunctions->transformSha512GetKlass          = xmlSecMSCryptoTransformSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+    /********************************************************************
+     *
      * High level routines form xmlsec command line utility
-     */ 
-    gXmlSecMSCryptoFunctions->cryptoAppInit 			= xmlSecMSCryptoAppInit;
-    gXmlSecMSCryptoFunctions->cryptoAppShutdown 		= xmlSecMSCryptoAppShutdown;
-    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrInit 	= xmlSecMSCryptoAppDefaultKeysMngrInit;
-    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrAdoptKey 	= xmlSecMSCryptoAppDefaultKeysMngrAdoptKey;
-    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrLoad 	= xmlSecMSCryptoAppDefaultKeysMngrLoad;
-    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrSave 	= xmlSecMSCryptoAppDefaultKeysMngrSave;
+     *
+     ********************************************************************/
+    gXmlSecMSCryptoFunctions->cryptoAppInit                     = xmlSecMSCryptoAppInit;
+    gXmlSecMSCryptoFunctions->cryptoAppShutdown                 = xmlSecMSCryptoAppShutdown;
+    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrInit      = xmlSecMSCryptoAppDefaultKeysMngrInit;
+    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrAdoptKey  = xmlSecMSCryptoAppDefaultKeysMngrAdoptKey;
+    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrLoad      = xmlSecMSCryptoAppDefaultKeysMngrLoad;
+    gXmlSecMSCryptoFunctions->cryptoAppDefaultKeysMngrSave      = xmlSecMSCryptoAppDefaultKeysMngrSave;
 #ifndef XMLSEC_NO_X509
-    gXmlSecMSCryptoFunctions->cryptoAppKeysMngrCertLoad 	= xmlSecMSCryptoAppKeysMngrCertLoad;
-    gXmlSecMSCryptoFunctions->cryptoAppKeysMngrCertLoadMemory 	= xmlSecMSCryptoAppKeysMngrCertLoadMemory;
-    gXmlSecMSCryptoFunctions->cryptoAppPkcs12Load  		= xmlSecMSCryptoAppPkcs12Load; 
-    gXmlSecMSCryptoFunctions->cryptoAppPkcs12LoadMemory		= xmlSecMSCryptoAppPkcs12LoadMemory; 
-    gXmlSecMSCryptoFunctions->cryptoAppKeyCertLoad 		= xmlSecMSCryptoAppKeyCertLoad;
-    gXmlSecMSCryptoFunctions->cryptoAppKeyCertLoadMemory	= xmlSecMSCryptoAppKeyCertLoadMemory;
+    gXmlSecMSCryptoFunctions->cryptoAppKeysMngrCertLoad         = xmlSecMSCryptoAppKeysMngrCertLoad;
+    gXmlSecMSCryptoFunctions->cryptoAppKeysMngrCertLoadMemory   = xmlSecMSCryptoAppKeysMngrCertLoadMemory;
+    gXmlSecMSCryptoFunctions->cryptoAppPkcs12Load               = xmlSecMSCryptoAppPkcs12Load;
+    gXmlSecMSCryptoFunctions->cryptoAppPkcs12LoadMemory         = xmlSecMSCryptoAppPkcs12LoadMemory;
+    gXmlSecMSCryptoFunctions->cryptoAppKeyCertLoad              = xmlSecMSCryptoAppKeyCertLoad;
+    gXmlSecMSCryptoFunctions->cryptoAppKeyCertLoadMemory        = xmlSecMSCryptoAppKeyCertLoadMemory;
 #endif /* XMLSEC_NO_X509 */
-    gXmlSecMSCryptoFunctions->cryptoAppKeyLoad 			= xmlSecMSCryptoAppKeyLoad; 
-    gXmlSecMSCryptoFunctions->cryptoAppKeyLoadMemory		= xmlSecMSCryptoAppKeyLoadMemory; 
-    gXmlSecMSCryptoFunctions->cryptoAppDefaultPwdCallback	= (void*)xmlSecMSCryptoAppGetDefaultPwdCallback();
+    gXmlSecMSCryptoFunctions->cryptoAppKeyLoad                  = xmlSecMSCryptoAppKeyLoad;
+    gXmlSecMSCryptoFunctions->cryptoAppKeyLoadMemory            = xmlSecMSCryptoAppKeyLoadMemory;
+    gXmlSecMSCryptoFunctions->cryptoAppDefaultPwdCallback       = (void*)xmlSecMSCryptoAppGetDefaultPwdCallback();
 
     return(gXmlSecMSCryptoFunctions);
 }
 
 /**
  * xmlSecMSCryptoInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecMSCryptoInit (void)  {
     /* Check loaded xmlsec library version */
     if(xmlSecCheckVersionExact() != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCheckVersionExact",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* set default errors callback for xmlsec to us */
@@ -172,24 +286,24 @@ xmlSecMSCryptoInit (void)  {
 
     /* register our klasses */
     if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_mscrypto()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
 /**
  * xmlSecMSCryptoShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecMSCryptoShutdown(void) {
     /* TODO: if necessary, do additional shutdown here */
     return(0);
@@ -197,16 +311,16 @@ xmlSecMSCryptoShutdown(void) {
 
 /**
  * xmlSecMSCryptoKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds MSCrypto specific key data stores in keys manager.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecMSCryptoKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-   
+
     xmlSecAssert2(mngr != NULL, -1);
 
 #ifndef XMLSEC_NO_X509
@@ -241,10 +355,16 @@ xmlSecMSCryptoKeysMngrInit(xmlSecKeysMngrPtr mngr) {
 }
 
 
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Random[] = {
+    { MS_STRONG_PROV,               PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,             PROV_RSA_FULL },
+    { NULL, 0 }
+};
+
 /**
  * xmlSecMSCryptoGenerateRandom:
- * @buffer:		the destination buffer.
- * @size:		the numer of bytes to generate.
+ * @buffer:             the destination buffer.
+ * @size:               the numer of bytes to generate.
  *
  * Generates @size random bytes and puts result in @buffer
  * (not implemented yet).
@@ -252,136 +372,518 @@ xmlSecMSCryptoKeysMngrInit(xmlSecKeysMngrPtr mngr) {
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecMSCryptoGenerateRandom(xmlSecBufferPtr buffer, size_t size) {	
+xmlSecMSCryptoGenerateRandom(xmlSecBufferPtr buffer, size_t size) {
     HCRYPTPROV hProv = 0;
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(size > 0, -1);
 
     ret = xmlSecBufferSetSize(buffer, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
-    }
-
-    if (FALSE == CryptAcquireContext(&hProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CryptAcquireContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
+    }
+
+    hProv = xmlSecMSCryptoFindProvider(xmlSecMSCryptoProviderInfo_Random, NULL, CRYPT_VERIFYCONTEXT, FALSE);
+    if (0 == hProv) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if (FALSE == CryptGenRandom(hProv, (DWORD)size, xmlSecBufferGetData(buffer))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CryptGenRandom",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CryptReleaseContext(hProv,0);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGenRandom",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptReleaseContext(hProv,0);
+        return(-1);
     }
 
     CryptReleaseContext(hProv, 0);
     return(0);
 }
 
+#define XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE       4096
+
 /**
  * xmlSecMSCryptoErrorsDefaultCallback:
- * @file:		the error location file name (__FILE__ macro).
- * @line:		the error location line number (__LINE__ macro).
- * @func:		the error location function name (__FUNCTION__ macro).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject.
- * @reason:		the error code.
- * @msg:		the additional error message.
+ * @file:               the error location file name (__FILE__ macro).
+ * @line:               the error location line number (__LINE__ macro).
+ * @func:               the error location function name (__FUNCTION__ macro).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the additional error message.
  *
  * The default errors reporting callback function.
  */
-void 
+void
 xmlSecMSCryptoErrorsDefaultCallback(const char* file, int line, const char* func,
-				const char* errorObject, const char* errorSubject,
-				int reason, const char* msg) {
+                                const char* errorObject, const char* errorSubject,
+                                int reason, const char* msg) {
     DWORD dwError;
-    LPVOID lpMsgBuf;
-    xmlChar buf[500];
+    TCHAR errorT[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE];
+    WCHAR errorW[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE];
+    CHAR  errorUTF8[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE];
+    xmlChar buf[XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE];
+    DWORD rc;
+    int ret;
 
     dwError = GetLastError();
-    FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | 
-		  FORMAT_MESSAGE_FROM_SYSTEM | 
-		  FORMAT_MESSAGE_IGNORE_INSERTS,
-		  NULL,
-		  dwError,
-		  MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */
-		  (LPTSTR) &lpMsgBuf,
-		  0,
-		  NULL);
+    rc = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM,
+                  NULL,
+                  dwError,
+                  MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), /* Default language */
+                  errorT,
+                  XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE,
+                  NULL);
+    
+#ifdef UNICODE
+    if(rc <= 0) {
+        wcscpy_s(errorT, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, L"");
+    }
+    ret = WideCharToMultiByte(CP_UTF8, 0, errorT, -1, errorUTF8, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, NULL, NULL);
+    if(ret <= 0) {
+        strcpy_s(errorUTF8, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, "");
+    }
+#else /* UNICODE */
+    if(rc <= 0) {
+        strcpy_s(errorT, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, "");
+    }
+    ret = MultiByteToWideChar(CP_ACP, 0, errorT, -1, errorW, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE);
+    if(ret <= 0) {
+        wcscpy_s(errorW, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, L"");
+    }
+    ret = WideCharToMultiByte(CP_UTF8, 0, errorW, -1, errorUTF8, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, NULL, NULL);
+    if(ret <= 0) {
+        strcpy_s(errorUTF8, XMLSEC_MSCRYPTO_ERROR_MSG_BUFFER_SIZE, "");
+    }
+#endif /* UNICODE */
+
     if((msg != NULL) && ((*msg) != '\0')) {
-        xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "%s;last error=%d (0x%08x);last error msg=%s", msg, dwError, dwError, (LPTSTR)lpMsgBuf);
+        xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "%s;last error=%d (0x%08x);last error msg=%s", msg, dwError, dwError, errorUTF8);
     } else {
-        xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "last error=%d (0x%08x);last error msg=%s", dwError, dwError, (LPTSTR)lpMsgBuf);
+        xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "last error=%d (0x%08x);last error msg=%s", dwError, dwError, errorUTF8);
     }
-    xmlSecErrorsDefaultCallback(file, line, func, 
-		errorObject, errorSubject, 
-		reason, (char*)buf);
+    xmlSecErrorsDefaultCallback(file, line, func,
+                errorObject, errorSubject,
+                reason, (char*)buf);
+}
 
-    LocalFree(lpMsgBuf);
+/**
+ * xmlSecMSCryptoConvertUtf8ToUnicode:
+ * @str:         the string to convert.
+ *
+ * Converts input string from UTF8 to Unicode.
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+LPWSTR
+xmlSecMSCryptoConvertUtf8ToUnicode(const xmlChar* str) {
+    LPWSTR res = NULL;
+    int len;
+    int ret;
+
+    xmlSecAssert2(str != NULL, NULL);
+
+    /* call MultiByteToWideChar first to get the buffer size */
+    ret = MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
+    if(ret <= 0) {
+        return(NULL);
+    }
+    len = ret + 1;
+
+    /* allocate buffer */
+    res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(WCHAR) * len);
+        return(NULL);
+    }
+
+    /* convert */
+    ret = MultiByteToWideChar(CP_UTF8, 0, str, -1, res, len);
+    if(ret <= 0) {
+        xmlFree(res);
+        return(NULL);
+    }
+
+    /* done */
+    return(res);
 }
 
 /**
- * xmlSecMSCryptoCertStrToName:
- * @dwCertEncodingType:		the encoding used.
- * @pszX500:			the string to convert.
- * @dwStrType:			the string type.
- * @len:			the result len.
+ * xmlSecMSCryptoConvertUnicodeToUtf8:
+ * @str:         the string to convert.
  *
- * Converts input string to name by calling @CertStrToName function.
+ * Converts input string from Unicode to UTF8.
  *
- * Returns: a pointer to newly allocated string or NULL if an error occurs.
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
  */
-BYTE* 
-xmlSecMSCryptoCertStrToName(DWORD dwCertEncodingType, LPCTSTR pszX500, DWORD dwStrType, DWORD* len) {
-    BYTE* str = NULL; 
-    LPCTSTR ppszError = NULL;
-
-    xmlSecAssert2(pszX500 != NULL, NULL);
-    xmlSecAssert2(len != NULL, NULL);
-
-    if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType, 
-			NULL, NULL, len, &ppszError)) {
-	/* this might not be an error, string might just not exist */
-                DWORD dw = GetLastError();
-	return(NULL);
-    }
-	
-    str = (BYTE *)xmlMalloc((*len) + 1);
-    if(str == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "len=%ld", (*len));
-	return(NULL);
-    }
-    memset(str, 0, (*len) + 1);
-	
-    if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType, 
-			NULL, str, len, NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CertStrToName",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(str);
-	return(NULL);
-    }
-
-    return(str);
+xmlChar* 
+xmlSecMSCryptoConvertUnicodeToUtf8(LPCWSTR str) {
+    xmlChar * res = NULL;
+    int len;
+    int ret;
+
+    xmlSecAssert2(str != NULL, NULL);
+
+    /* call WideCharToMultiByte first to get the buffer size */
+    ret = WideCharToMultiByte(CP_UTF8, 0, str, -1, NULL, 0, NULL, NULL);
+    if(ret <= 0) {
+        return(NULL);
+    }
+    len = ret + 1;
+
+    /* allocate buffer */
+    res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * len);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlChar) * len);
+        return(NULL);
+    }
+
+    /* convert */
+    ret = WideCharToMultiByte(CP_UTF8, 0, str, -1, res, len, NULL, NULL);
+    if(ret <= 0) {
+        xmlFree(res);
+        return(NULL);
+    }
+
+    /* done */
+    return(res);
+}
+
+/**
+ * xmlSecMSCryptoConvertLocaleToUnicode:
+ * @str:         the string to convert.
+ *
+ * Converts input string from current system locale to Unicode.
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+LPWSTR
+xmlSecMSCryptoConvertLocaleToUnicode(const char* str) {
+    LPWSTR res = NULL;
+    int len;
+    int ret;
+
+    xmlSecAssert2(str != NULL, NULL);
+
+    /* call MultiByteToWideChar first to get the buffer size */
+    ret = MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
+    if(ret <= 0) {
+        return(NULL);
+    }
+    len = ret;
+
+    /* allocate buffer */
+    res = (LPWSTR)xmlMalloc(sizeof(WCHAR) * len);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    /* convert */
+    ret = MultiByteToWideChar(CP_ACP, 0, str, -1, res, len);
+    if(ret <= 0) {
+            xmlFree(res);
+            return(NULL);
+    }
+
+    /* done */
+    return(res);
+}
+
+/**
+ * xmlSecMSCryptoConvertLocaleToUtf8:
+ * @str:         the string to convert.
+ *
+ * Converts input string from locale to UTF8.
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+xmlChar* 
+xmlSecMSCryptoConvertLocaleToUtf8(const char * str) {
+    LPWSTR strW = NULL;
+    xmlChar * res = NULL;
+    int len;
+    int ret;
+
+    xmlSecAssert2(str != NULL, NULL);
+
+    strW = xmlSecMSCryptoConvertLocaleToUnicode(str);
+    if(strW == NULL) {
+        return(NULL);
+    }
+
+    /* call WideCharToMultiByte first to get the buffer size */
+    ret = WideCharToMultiByte(CP_ACP, 0, strW, -1, NULL, 0, NULL, NULL);
+    if(ret <= 0) {
+        xmlFree(strW);
+        return(NULL);
+    }
+    len = ret + 1;
+
+    /* allocate buffer */
+    res = (xmlChar*)xmlMalloc(sizeof(xmlChar) * len);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlChar) * len);
+        xmlFree(strW);
+        return(NULL);
+    }
+
+    /* convert */
+    ret = WideCharToMultiByte(CP_ACP, 0, strW, -1, res, len, NULL, NULL);
+    if(ret <= 0) {
+        xmlFree(strW);
+        xmlFree(res);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(strW);
+    return(res);
+}
+
+/**
+ * xmlSecMSCryptoConvertUtf8ToLocale:
+ * @str:         the string to convert.
+ *
+ * Converts input string from UTF8 to locale.
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+char * 
+xmlSecMSCryptoConvertUtf8ToLocale(const xmlChar* str) {
+    LPWSTR strW = NULL;
+    char * res = NULL;
+    int len;
+    int ret;
+
+    xmlSecAssert2(str != NULL, NULL);
+
+    strW = xmlSecMSCryptoConvertUtf8ToUnicode(str);
+    if(strW == NULL) {
+        return(NULL);
+    }
+
+    /* call WideCharToMultiByte first to get the buffer size */
+    ret = WideCharToMultiByte(CP_ACP, 0, strW, -1, NULL, 0, NULL, NULL);
+    if(ret <= 0) {
+        xmlFree(strW);
+        return(NULL);
+    }
+    len = ret + 1;
+
+    /* allocate buffer */
+    res = (char*)xmlMalloc(sizeof(char) * len);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlChar) * len);
+        xmlFree(strW);
+        return(NULL);
+    }
+
+    /* convert */
+    ret = WideCharToMultiByte(CP_ACP, 0, strW, -1, res, len, NULL, NULL);
+    if(ret <= 0) {
+        xmlFree(strW);
+        xmlFree(res);
+        return(NULL);
+    }
+
+    /* done */
+    xmlFree(strW);
+    return(res);
+}
+
+/**
+ * xmlSecMSCryptoConvertTstrToUtf8:
+ * @str:         the string to convert.
+ *
+ * Converts input string from TSTR (locale or Unicode) to UTF8.
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+xmlChar* 
+xmlSecMSCryptoConvertTstrToUtf8(LPCTSTR str) {
+#ifdef UNICODE
+    return xmlSecMSCryptoConvertUnicodeToUtf8(str);
+#else  /* UNICODE */
+    return xmlSecMSCryptoConvertLocaleToUtf8(str);
+#endif /* UNICODE */
+}
+
+/**
+ * xmlSecMSCryptoConvertUtf8ToTstr:
+ * @str:         the string to convert.
+ *
+ * Converts input string from UTF8 to TSTR (locale or Unicode).
+ *
+ * Returns: a pointer to newly allocated string (must be freed with xmlFree) or NULL if an error occurs.
+ */
+LPTSTR
+xmlSecMSCryptoConvertUtf8ToTstr(const xmlChar*  str) {
+#ifdef UNICODE
+    return xmlSecMSCryptoConvertUtf8ToUnicode(str);
+#else  /* UNICODE */
+    return xmlSecMSCryptoConvertUtf8ToLocale(str);
+#endif /* UNICODE */
+}
+
+/********************************************************************
+ *
+ * Crypto Providers
+ *
+ ********************************************************************/
+/**
+ * xmlSecMSCryptoFindProvider:
+ * @providers:           the pointer to list of providers, last provider should have NULL for name.
+ * @pszContainer:        the container name for CryptAcquireContext call
+ * @dwFlags:             the flags for CryptAcquireContext call
+ * @bUseXmlSecContainer: the flag to indicate whether we should try to use XmlSec container if default fails
+ *
+ * Finds the first provider from the list
+ *
+ * Returns: provider handle on success or NULL for error.
+ */
+HCRYPTPROV
+xmlSecMSCryptoFindProvider(const xmlSecMSCryptoProviderInfo * providers,
+                           LPCTSTR pszContainer,
+                           DWORD dwFlags,
+                           BOOL bUseXmlSecContainer)
+{
+    HCRYPTPROV res = 0;
+    DWORD dwLastError;
+    BOOL ret;
+    int ii;
+
+    xmlSecAssert2(providers != NULL, 0);
+
+    for(ii = 0; (res == 0) && (providers[ii].providerName != NULL) && (providers[ii].providerType != 0); ++ii) {
+        /* first try */
+        ret = CryptAcquireContext(&res,
+                    pszContainer,
+                    providers[ii].providerName,
+                    providers[ii].providerType,
+                    dwFlags);
+        if((ret == TRUE) && (res != 0)) {
+            return (res);
+        }
+
+        /* check errors */
+        dwLastError = GetLastError();
+        switch(dwLastError) {
+        case NTE_BAD_KEYSET:
+            /* This error can indicate that a newly installed provider
+             * does not have a usable key container yet. It needs to be
+             * created, and then we have to try again CryptAcquireContext.
+             * This is also referenced in
+             * http://www.microsoft.com/mind/0697/crypto.asp (inituser)
+             */
+            ret = CryptAcquireContext(&res,
+                        pszContainer,
+                        providers[ii].providerName,
+                        providers[ii].providerType,
+                        CRYPT_NEWKEYSET | dwFlags);
+            if((ret == TRUE) && (res != 0)) {
+                return (res);
+            }
+            break;
+
+        case NTE_EXISTS:
+            /* If we can, try our container */
+            if(bUseXmlSecContainer == TRUE) {
+                ret = CryptAcquireContext(&res,
+                            XMLSEC_CONTAINER_NAME,
+                            providers[ii].providerName,
+                            providers[ii].providerType,
+                            CRYPT_NEWKEYSET | dwFlags);
+                if((ret == TRUE) && (res != 0)) {
+                    /* ALEKSEY TODO - NEED TO DELETE ALL THE TEMP CONTEXTS ON SHUTDOWN
+
+                        CryptAcquireContext(&tmp, XMLSEC_CONTAINER_NAME,
+                            providers[ii].providerName,
+                            providers[ii].providerType,
+                            CRYPT_DELETEKEYSET);
+
+                     */
+                    return (res);
+                }
+            }
+            break;
+
+        default:
+            /* ignore */
+            break;
+        }
+    }
+
+    return (0);
+}
+
+
+/********************************************************************
+ *
+ * Utils
+ *
+ ********************************************************************/
+int
+ConvertEndian(const xmlSecByte * src, xmlSecByte * dst, xmlSecSize size) {
+    xmlSecByte * p;
+
+    xmlSecAssert2(src != NULL, -1);
+    xmlSecAssert2(dst != NULL, -1);
+    xmlSecAssert2(size > 0, -1);
+
+    for(p = dst + size - 1; p >= dst; ++src, --p) {
+        (*p) = (*src);
+    }
+
+    return (0);
+}
+
+int
+ConvertEndianInPlace(xmlSecByte * buf, xmlSecSize size) {
+    xmlSecByte * p;
+    xmlSecByte ch;
+
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(size > 0, -1);
+
+    for(p = buf + size - 1; p >= buf; ++buf, --p) {
+        ch = (*p);
+        (*p) = (*buf);
+        (*buf) = ch;
+    }
+    return (0);
 }
 
 
diff --git a/src/mscrypto/csp_calg.h b/src/mscrypto/csp_calg.h
index 139b722a..984fe347 100644
--- a/src/mscrypto/csp_calg.h
+++ b/src/mscrypto/csp_calg.h
@@ -1,10 +1,10 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).  
+ *
+ * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
  * All rights reserved.
  */
 #ifndef CRYPTOCOM_CSP_CALG_H
@@ -12,27 +12,27 @@
 
 #define ALG_TYPE_GR3410 (7 << 9)
 
-#define ALG_SID_MAGPRO_R3410_94			64
-#define ALG_SID_MAGPRO_R3410_94_EPHEM	65
-#define ALG_SID_MAGPRO_R3410_2001		66
-#define ALG_SID_MAGPRO_R3410_2001_EPHEM	67
-#define ALG_SID_MAGPRO_28147_89			68
-#define ALG_SID_GR3411					30
-#define ALG_SID_G28147					30
-
-#define ALG_SID_GR3410					30
-#define ALG_SID_DH_EX_SF				30
-#define ALG_SID_DH_EX_EPHEM				31
-#define ALG_SID_PRO_AGREEDKEY_DH		33
-#define ALG_SID_PRO_SIMMETRYKEY			34
-#define ALG_SID_GR3410EL				35
-#define ALG_SID_DH_EL_SF				36
-#define ALG_SID_DH_EL_EPHEM				37
-
-/*! \defgroup CALG_MAGPRO CALG_MAGPRO 
+#define ALG_SID_MAGPRO_R3410_94                 64
+#define ALG_SID_MAGPRO_R3410_94_EPHEM   65
+#define ALG_SID_MAGPRO_R3410_2001               66
+#define ALG_SID_MAGPRO_R3410_2001_EPHEM 67
+#define ALG_SID_MAGPRO_28147_89                 68
+#define ALG_SID_GR3411                                  30
+#define ALG_SID_G28147                                  30
+
+#define ALG_SID_GR3410                                  30
+#define ALG_SID_DH_EX_SF                                30
+#define ALG_SID_DH_EX_EPHEM                             31
+#define ALG_SID_PRO_AGREEDKEY_DH                33
+#define ALG_SID_PRO_SIMMETRYKEY                 34
+#define ALG_SID_GR3410EL                                35
+#define ALG_SID_DH_EL_SF                                36
+#define ALG_SID_DH_EL_EPHEM                             37
+
+/*! \defgroup CALG_MAGPRO CALG_MAGPRO
  *  \brief The description of CALG_MAGPRO
  *
- * @{ 
+ * @{
  */
 
 
@@ -54,38 +54,51 @@
 
 #define CALG_MAGPRO_ENCR_28147_89       (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_BLOCK | ALG_SID_G28147)
 
-#define CALG_GR3410						(ALG_CLASS_SIGNATURE | ALG_TYPE_GR3410 | ALG_SID_GR3410)
+#define CALG_GR3410                                             (ALG_CLASS_SIGNATURE | ALG_TYPE_GR3410 | ALG_SID_GR3410)
 
-#define CALG_GR3410EL					(ALG_CLASS_SIGNATURE | ALG_TYPE_GR3410 | ALG_SID_GR3410EL)
+#define CALG_GR3410EL                                   (ALG_CLASS_SIGNATURE | ALG_TYPE_GR3410 | ALG_SID_GR3410EL)
 
-#define CALG_DH_EX_SF					(ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EX_SF)
+#define CALG_DH_EX_SF                                   (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EX_SF)
 
-#define CALG_DH_EX_EPHEM				(ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EX_EPHEM)
+#define CALG_DH_EX_EPHEM                                (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EX_EPHEM)
 
-#define CALG_DH_EL_SF					(ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EL_SF)
+#define CALG_DH_EL_SF                                   (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EL_SF)
 
-#define CALG_DH_EL_EPHEM				(ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EL_EPHEM)
+#define CALG_DH_EL_EPHEM                                (ALG_CLASS_KEY_EXCHANGE | ALG_TYPE_DH | ALG_SID_DH_EL_EPHEM)
 
 /*! @} */
-/*! \defgroup PROV_TYPE PROV_TYPE 
+/*! \defgroup PROV_TYPE PROV_TYPE
  *  \brief The description of PROV_MAGPRO_GOST
  *
- * @{ 
+ * @{
  */
-
-#define PROV_MAGPRO_GOST 501
-
-#define PROV_CRYPTOPRO_GOST 75
+#define PROV_MAGPRO_GOST            501
+#define MAGPRO_CSP_A                "MagPro CSP"
+#define MAGPRO_CSP_W                L"MagPro CSP"
+#ifdef UNICODE
+#define MAGPRO_CSP MAGPRO_CSP_W
+#else
+#define MAGPRO_CSP MAGPRO_CSP_A
+#endif
+
+#define PROV_CRYPTOPRO_GOST         75
+#define CRYPTOPRO_CSP_A             "CryptoPro CSP"
+#define CRYPTOPRO_CSP_W             L"CryptoPro CSP"
+#ifdef UNICODE
+#define CRYPTOPRO_CSP CRYPTOPRO_CSP_W
+#else
+#define CRYPTOPRO_CSP CRYPTOPRO_CSP_A
+#endif
 
 /*! @} */
-/*! \defgroup PP_MAGPRO PP_MAGPRO 
+/*! \defgroup PP_MAGPRO PP_MAGPRO
  *
- * @{ 
+ * @{
  */
 
-#define PP_RNGTYPE			201
-#define PP_RNGSHARED		202
-#define PP_SETUP_UI			203
+#define PP_RNGTYPE                      201
+#define PP_RNGSHARED            202
+#define PP_SETUP_UI                     203
 
 /*! @} */
 
diff --git a/src/mscrypto/csp_oid.h b/src/mscrypto/csp_oid.h
index d3cd19e8..e5636741 100644
--- a/src/mscrypto/csp_oid.h
+++ b/src/mscrypto/csp_oid.h
@@ -1,20 +1,20 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).  
+ *
+ * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
  * All rights reserved.
  */
 #ifndef CRYPTOCOM_OIDS_csp_H
 #define CRYPTOCOM_OIDS_csp_H
 /* Autogenerated from master.oid by oid2h.tcl */
 
-/*! \defgroup szOID_MAGPRO szOID_MAGPRO 
+/*! \defgroup szOID_MAGPRO szOID_MAGPRO
  *  \brief The OIDs supported by MagPro CSP
  *
- * @{ 
+ * @{
  */
 
 /*! GOST 34.10-94 Diffie-Hellman algorithm Cryptocom LTD */
@@ -79,34 +79,34 @@
 #define szOID_MAGPRO_PARAM_PK_CC_94 "1.2.643.2.2.32.2"
 
 
-#define szOID_CP_PARAM_R3411_94_DEF "1.2.643.2.2.30.1"	
-#define szOID_CP_PARAM_R3411_94_1	"1.2.643.2.2.30.2"
-#define szOID_CP_PARAM_R3411_94_2	"1.2.643.2.2.30.3"
-#define szOID_CP_PARAM_R3411_94_3	"1.2.643.2.2.30.4"
+#define szOID_CP_PARAM_R3411_94_DEF "1.2.643.2.2.30.1"
+#define szOID_CP_PARAM_R3411_94_1       "1.2.643.2.2.30.2"
+#define szOID_CP_PARAM_R3411_94_2       "1.2.643.2.2.30.3"
+#define szOID_CP_PARAM_R3411_94_3       "1.2.643.2.2.30.4"
 
-#define szOID_CP_PARAM_28147_89_DEF "1.2.643.2.2.31.1"	
-#define szOID_CP_PARAM_28147_89_1	"1.2.643.2.2.31.2"	
-#define szOID_CP_PARAM_28147_89_2	"1.2.643.2.2.31.3" 	
-#define szOID_CP_PARAM_28147_89_3	"1.2.643.2.2.31.4"	
-#define szOID_CP_PARAM_28147_89_4	"1.2.643.2.2.31.5"
-#define szOID_CP_PARAM_28147_89_5	"1.2.643.2.2.31.6"
-#define szOID_CP_PARAM_28147_89_6	"1.2.643.2.2.31.7"
+#define szOID_CP_PARAM_28147_89_DEF "1.2.643.2.2.31.1"
+#define szOID_CP_PARAM_28147_89_1       "1.2.643.2.2.31.2"
+#define szOID_CP_PARAM_28147_89_2       "1.2.643.2.2.31.3"
+#define szOID_CP_PARAM_28147_89_3       "1.2.643.2.2.31.4"
+#define szOID_CP_PARAM_28147_89_4       "1.2.643.2.2.31.5"
+#define szOID_CP_PARAM_28147_89_5       "1.2.643.2.2.31.6"
+#define szOID_CP_PARAM_28147_89_6       "1.2.643.2.2.31.7"
 
 /* OID for Signature 1024*/
-#define szOID_CP_PARAM_PK_R3410_94_DEF  "1.2.643.2.2.32.2" 	/*VerbaO*/
-#define szOID_CP_PARAM_PK_R3410_94_S1   "1.2.643.2.2.32.3" 
-#define szOID_CP_PARAM_PK_R3410_94_S2   "1.2.643.2.2.32.4" 
-#define szOID_CP_PARAM_PK_R3410_94_S3   "1.2.643.2.2.32.5" 
+#define szOID_CP_PARAM_PK_R3410_94_DEF  "1.2.643.2.2.32.2"      /*VerbaO*/
+#define szOID_CP_PARAM_PK_R3410_94_S1   "1.2.643.2.2.32.3"
+#define szOID_CP_PARAM_PK_R3410_94_S2   "1.2.643.2.2.32.4"
+#define szOID_CP_PARAM_PK_R3410_94_S3   "1.2.643.2.2.32.5"
 /* OID for DH 1024*/
-#define szOID_CP_PARAM_PK_R3410_94_E1   "1.2.643.2.2.33.1" 
-#define szOID_CP_PARAM_PK_R3410_94_E2   "1.2.643.2.2.33.2" 
-#define szOID_CP_PARAM_PK_R3410_94_E3   "1.2.643.2.2.33.3" 
-
-#define szOID_CP_PARAM_PK_R3410_2001_DEF "1.2.643.2.2.35.1"	
-#define szOID_CP_PARAM_PK_R3410_2001_S0	 "1.2.643.2.2.35.2"	
-#define szOID_CP_PARAM_PK_R3410_2001_S1	 "1.2.643.2.2.35.3"	
-#define szOID_CP_PARAM_PK_R3410_2001_E0	 "1.2.643.2.2.36.0"	
-#define szOID_CP_PARAM_PK_R3410_2001_E1	 "1.2.643.2.2.36.1"	
+#define szOID_CP_PARAM_PK_R3410_94_E1   "1.2.643.2.2.33.1"
+#define szOID_CP_PARAM_PK_R3410_94_E2   "1.2.643.2.2.33.2"
+#define szOID_CP_PARAM_PK_R3410_94_E3   "1.2.643.2.2.33.3"
+
+#define szOID_CP_PARAM_PK_R3410_2001_DEF "1.2.643.2.2.35.1"
+#define szOID_CP_PARAM_PK_R3410_2001_S0  "1.2.643.2.2.35.2"
+#define szOID_CP_PARAM_PK_R3410_2001_S1  "1.2.643.2.2.35.3"
+#define szOID_CP_PARAM_PK_R3410_2001_E0  "1.2.643.2.2.36.0"
+#define szOID_CP_PARAM_PK_R3410_2001_E1  "1.2.643.2.2.36.1"
 
 
 /*! @} */
diff --git a/src/mscrypto/digests.c b/src/mscrypto/digests.c
index 19acc658..9394afdc 100644
--- a/src/mscrypto/digests.c
+++ b/src/mscrypto/digests.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
- * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).  
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
+ * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
  */
 #include "globals.h"
 
@@ -22,17 +22,19 @@
 #include <xmlsec/errors.h>
 
 #include <xmlsec/mscrypto/crypto.h>
+#include "private.h"
 
 #define MSCRYPTO_MAX_HASH_SIZE 256
 
-typedef struct _xmlSecMSCryptoDigestCtx	xmlSecMSCryptoDigestCtx, *xmlSecMSCryptoDigestCtxPtr;
+typedef struct _xmlSecMSCryptoDigestCtx xmlSecMSCryptoDigestCtx, *xmlSecMSCryptoDigestCtxPtr;
 struct _xmlSecMSCryptoDigestCtx {
-    HCRYPTPROV	    provider;
-    ALG_ID	    alg_id;
-    HCRYPTHASH	    mscHash;
+    HCRYPTPROV      provider;
+    ALG_ID          alg_id;
+    const xmlSecMSCryptoProviderInfo  * providers;
+    HCRYPTHASH      mscHash;
     unsigned char   dgst[MSCRYPTO_MAX_HASH_SIZE];
-    size_t	    dgstSize;	/* dgst size in bytes */
-};	    
+    size_t          dgstSize;   /* dgst size in bytes */
+};
 
 /******************************************************************************
  *
@@ -41,42 +43,102 @@ struct _xmlSecMSCryptoDigestCtx {
  * xmlSecMSCryptoDigestCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecMSCryptoDigestSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoDigestCtx))	
+#define xmlSecMSCryptoDigestSize        \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoDigestCtx))
 #define xmlSecMSCryptoDigestGetCtx(transform) \
     ((xmlSecMSCryptoDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
 
-static int	xmlSecMSCryptoDigestInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecMSCryptoDigestFinalize	(xmlSecTransformPtr transform);
-static int  	xmlSecMSCryptoDigestVerify	(xmlSecTransformPtr transform, 
-						 const xmlSecByte* data,
-						 xmlSecSize dataSize,
-						 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecMSCryptoDigestExecute	(xmlSecTransformPtr transform, 
-						 int last,
-						 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecMSCryptoDigestCheckId	(xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoDigestInitialize  (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoDigestFinalize    (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoDigestVerify      (xmlSecTransformPtr transform,
+                                                 const xmlSecByte* data,
+                                                 xmlSecSize dataSize,
+                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoDigestExecute     (xmlSecTransformPtr transform,
+                                                 int last,
+                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoDigestCheckId     (xmlSecTransformPtr transform);
+
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Sha1[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { MS_STRONG_PROV,                                   PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,                                 PROV_RSA_FULL },
+    { MS_DEF_PROV,                                      PROV_RSA_FULL },
+    { NULL, 0 }
+};
+
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Sha2[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { NULL, 0 }
+};
 
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Md5[] = {
+    { MS_STRONG_PROV,                                   PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,                                 PROV_RSA_FULL },
+    { MS_DEF_PROV,                                      PROV_RSA_FULL },
+    { NULL, 0 }
+};
 
-static int 
+#ifndef XMLSEC_NO_GOST
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Gost[] = {
+    { MAGPRO_CSP,                                       PROV_MAGPRO_GOST },
+    { CRYPTOPRO_CSP,                                    PROV_CRYPTOPRO_GOST },
+    { NULL, 0 }
+};
+#endif /*ndef XMLSEC_NO_GOST*/
+
+static int
 xmlSecMSCryptoDigestCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformMd5Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_MD5 */
+
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha1Id)) {
-	return(1);
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha256Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha384Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha512Id)) {
+        return(1);
     }
-#endif /* XMLSEC_NO_SHA1 */    
-    
+#endif /* XMLSEC_NO_SHA512 */
+
 #ifndef XMLSEC_NO_GOST
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGostR3411_94Id)) {
-	return(1);
+        return(1);
     }
-#endif /* XMLSEC_NO_GOST*/    
-    
+#endif /* XMLSEC_NO_GOST*/
+
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoDigestInitialize(xmlSecTransformPtr transform) {
     xmlSecMSCryptoDigestCtxPtr ctx;
 
@@ -89,50 +151,65 @@ xmlSecMSCryptoDigestInitialize(xmlSecTransformPtr transform) {
     /* initialize context */
     memset(ctx, 0, sizeof(xmlSecMSCryptoDigestCtx));
 
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformMd5Id)) {
+        ctx->alg_id = CALG_MD5;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Md5;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha1Id)) {
-	ctx->alg_id = CALG_SHA;
-    } else 
-#endif /* XMLSEC_NO_SHA1 */    
+        ctx->alg_id = CALG_SHA1;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Sha1;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha256Id)) {
+        ctx->alg_id = CALG_SHA_256;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Sha2;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha384Id)) {
+        ctx->alg_id = CALG_SHA_384;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Sha2;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformSha512Id)) {
+        ctx->alg_id = CALG_SHA_512;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Sha2;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
 
 #ifndef XMLSEC_NO_GOST
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGostR3411_94Id)) {
-		ctx->alg_id = CALG_MAGPRO_HASH_R3411_94;
-
-    /* TODO: Check what provider is best suited here.... */
-    if (!CryptAcquireContext(&ctx->provider, NULL, 0, PROV_MAGPRO_GOST, CRYPT_VERIFYCONTEXT)) {
-      if (!CryptAcquireContext(&ctx->provider, NULL, 0, PROV_CRYPTOPRO_GOST, CRYPT_VERIFYCONTEXT)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    }
-    return(0);
-    } else 
-#endif /* XMLSEC_NO_GOST*/    
+        ctx->alg_id = CALG_MAGPRO_HASH_R3411_94;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Gost;
+    } else
+#endif /* XMLSEC_NO_GOST*/
 
     {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    /* TODO: Check what provider is best suited here.... */
-    if (!CryptAcquireContext(&ctx->provider, NULL, MS_STRONG_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
-    	if (!CryptAcquireContext(&ctx->provider, NULL, MS_ENHANCED_PROV,PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	}
+    ctx->provider = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->provider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+            "xmlSecMSCryptoFindProvider",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -150,18 +227,20 @@ static void xmlSecMSCryptoDigestFinalize(xmlSecTransformPtr transform) {
     if(ctx->mscHash != 0) {
         CryptDestroyHash(ctx->mscHash);
     }
-    CryptReleaseContext(ctx->provider, 0);
+    if(ctx->provider != 0) {
+        CryptReleaseContext(ctx->provider, 0);
+    }
 
     memset(ctx, 0, sizeof(xmlSecMSCryptoDigestCtx));
 }
 
-static int 
-xmlSecMSCryptoDigestVerify(xmlSecTransformPtr transform, 
-			   const xmlSecByte* data, 
-			   xmlSecSize dataSize,
-			   xmlSecTransformCtxPtr transformCtx) {
+static int
+xmlSecMSCryptoDigestVerify(xmlSecTransformPtr transform,
+                           const xmlSecByte* data,
+                           xmlSecSize dataSize,
+                           xmlSecTransformCtxPtr transformCtx) {
     xmlSecMSCryptoDigestCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecMSCryptoDigestCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoDigestSize), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
@@ -174,38 +253,38 @@ xmlSecMSCryptoDigestVerify(xmlSecTransformPtr transform,
     xmlSecAssert2(ctx->dgstSize > 0, -1);
 
     if(dataSize != ctx->dgstSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "data_size=%d;dgst_size=%d", 
-		    dataSize, ctx->dgstSize);
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data_size=%d;dgst_size=%d",
+                    dataSize, ctx->dgstSize);
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
 
     if(memcmp(ctx->dgst, data, ctx->dgstSize) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
-xmlSecMSCryptoDigestExecute(xmlSecTransformPtr transform, 
-			    int last, 
-			    xmlSecTransformCtxPtr transformCtx) {
+static int
+xmlSecMSCryptoDigestExecute(xmlSecTransformPtr transform,
+                            int last,
+                            xmlSecTransformCtxPtr transformCtx) {
     xmlSecMSCryptoDigestCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecMSCryptoDigestCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoDigestSize), -1);
@@ -219,110 +298,154 @@ xmlSecMSCryptoDigestExecute(xmlSecTransformPtr transform,
 
     ctx = xmlSecMSCryptoDigestGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	ret = CryptCreateHash(ctx->provider,
-	    ctx->alg_id,
-	    0,
-	    0,
-	    &(ctx->mscHash));
-
-	if((ret == 0) || (ctx->mscHash == 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"CryptHashData",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);			
-	}
-
-	transform->status = xmlSecTransformStatusWorking;
+        ret = CryptCreateHash(ctx->provider,
+            ctx->alg_id,
+            0,
+            0,
+            &(ctx->mscHash));
+
+        if((ret == 0) || (ctx->mscHash == 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "CryptCreateHash",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if (transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    ret = CryptHashData(ctx->mscHash,
-		xmlSecBufferGetData(in),
-		inSize,
-		0);
-
-	    if(ret == 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "CryptHashData",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {
-	    /* TODO: make a MSCrypto compatible assert here */
-	    /* xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1); */
-	    DWORD retLen;
-	    retLen = MSCRYPTO_MAX_HASH_SIZE;
-
-	    ret = CryptGetHashParam(ctx->mscHash,
-		HP_HASHVAL,
-		ctx->dgst,
-		&retLen,
-		0);
-
-	    if (ret == 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "CryptGetHashParam",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-
-	    ctx->dgstSize = (size_t)retLen;
-
-	    xmlSecAssert2(ctx->dgstSize > 0, -1);
-
-	    /* copy result to output */
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", ctx->dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            ret = CryptHashData(ctx->mscHash,
+                xmlSecBufferGetData(in),
+                inSize,
+                0);
+
+            if(ret == 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "CryptHashData",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last) {
+            /* TODO: make a MSCrypto compatible assert here */
+            /* xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1); */
+            DWORD retLen;
+            retLen = MSCRYPTO_MAX_HASH_SIZE;
+
+            ret = CryptGetHashParam(ctx->mscHash,
+                HP_HASHVAL,
+                ctx->dgst,
+                &retLen,
+                0);
+
+            if (ret == 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "CryptGetHashParam(HP_HASHVAL)",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", MSCRYPTO_MAX_HASH_SIZE);
+                return(-1);
+            }
+
+            ctx->dgstSize = (size_t)retLen;
+
+            xmlSecAssert2(ctx->dgstSize > 0, -1);
+
+            /* copy result to output */
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", ctx->dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * MD5
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                   /* size_t objSize */
+
+    xmlSecNameMd5,                              /* const xmlChar* name; */
+    xmlSecHrefMd5,                              /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformMd5GetKlass:
+ *
+ * SHA-1 digest transform klass.
+ *
+ * Returns: pointer to SHA-1 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformMd5GetKlass(void) {
+    return(&xmlSecMSCryptoMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
 #ifndef XMLSEC_NO_SHA1
 /******************************************************************************
  *
@@ -331,42 +454,174 @@ xmlSecMSCryptoDigestExecute(xmlSecTransformPtr transform,
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecMSCryptoSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* size_t klassSize */
-    xmlSecMSCryptoDigestSize,			/* size_t objSize */
-
-    xmlSecNameSha1,				/* const xmlChar* name; */
-    xmlSecHrefSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    xmlSecMSCryptoDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecMSCryptoDigestVerify,			/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoDigestExecute,		/* xmlSecTransformExecuteMethod execute; */    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                   /* size_t objSize */
+
+    xmlSecNameSha1,                             /* const xmlChar* name; */
+    xmlSecHrefSha1,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoTransformSha1GetKlass:
  *
  * SHA-1 digest transform klass.
  *
  * Returns: pointer to SHA-1 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformSha1GetKlass(void) {
     return(&xmlSecMSCryptoSha1Klass);
 }
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * SHA256
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                  /* size_t objSize */
+
+    xmlSecNameSha256,                          /* const xmlChar* name; */
+    xmlSecHrefSha256,                          /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,          /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                      /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                      /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                        /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,               /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformSha256GetKlass:
+ *
+ * SHA-256 digest transform klass.
+ *
+ * Returns: pointer to SHA-256 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformSha256GetKlass(void) {
+    return(&xmlSecMSCryptoSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * SHA384
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                  /* size_t objSize */
+
+    xmlSecNameSha384,                          /* const xmlChar* name; */
+    xmlSecHrefSha384,                          /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,          /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                      /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                      /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                        /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,               /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformSha384GetKlass:
+ *
+ * SHA-384 digest transform klass.
+ *
+ * Returns: pointer to SHA-384 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformSha384GetKlass(void) {
+    return(&xmlSecMSCryptoSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * SHA512
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                  /* size_t objSize */
+
+    xmlSecNameSha512,                          /* const xmlChar* name; */
+    xmlSecHrefSha512,                          /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,          /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                      /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                      /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                        /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,               /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformSha512GetKlass:
+ *
+ * SHA-512 digest transform klass.
+ *
+ * Returns: pointer to SHA-512 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformSha512GetKlass(void) {
+    return(&xmlSecMSCryptoSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
+
 #ifndef XMLSEC_NO_GOST
 /******************************************************************************
  *
@@ -375,37 +630,37 @@ xmlSecMSCryptoTransformSha1GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecMSCryptoGostR3411_94Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* size_t klassSize */
-    xmlSecMSCryptoDigestSize,			/* size_t objSize */
-
-    xmlSecNameGostR3411_94,				/* const xmlChar* name; */
-    xmlSecHrefGostR3411_94, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    xmlSecMSCryptoDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecMSCryptoDigestVerify,			/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoDigestExecute,		/* xmlSecTransformExecuteMethod execute; */    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecMSCryptoDigestSize,                   /* size_t objSize */
+
+    xmlSecNameGostR3411_94,                             /* const xmlChar* name; */
+    xmlSecHrefGostR3411_94,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecMSCryptoDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoTransformGostR3411_94GetKlass:
  *
  * GOSTR3411_94 digest transform klass.
  *
  * Returns: pointer to GOSTR3411_94 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformGostR3411_94GetKlass(void) {
     return(&xmlSecMSCryptoGostR3411_94Klass);
 }
diff --git a/src/mscrypto/globals.h b/src/mscrypto/globals.h
index b58931d5..2b88d5dd 100644
--- a/src/mscrypto/globals.h
+++ b/src/mscrypto/globals.h
@@ -1,18 +1,19 @@
 /*
  * XML Security Library
  *
- * globals.h: internal header only used during the compilation
+ * THIS IS A PRIVATE XMLSEC HEADER FILE
+ * DON'T USE IT IN YOUR APPLICATION
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #ifndef __XMLSEC_GLOBALS_H__
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
@@ -21,4 +22,18 @@
 #define IN_XMLSEC_CRYPTO
 #define XMLSEC_PRIVATE
 
+/* OpenSSL 0.9.6 and 0.9.7 do not have SHA 224/256/384/512 */
+#if defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097)
+#define XMLSEC_NO_SHA224 1
+#define XMLSEC_NO_SHA256 1
+#define XMLSEC_NO_SHA384 1
+#define XMLSEC_NO_SHA512 1
+#endif /* defined(XMLSEC_OPENSSL_096) || defined(XMLSEC_OPENSSL_097) */
+
+/* OpenSSL 0.9.6 does not have AES */
+#if defined(XMLSEC_OPENSSL_096)
+#define XMLSEC_NO_AES    1
+#endif /* XMLSEC_OPENSSL_096 */
+
+
 #endif /* ! __XMLSEC_GLOBALS_H__ */
diff --git a/src/mscrypto/hmac.c b/src/mscrypto/hmac.c
new file mode 100644
index 00000000..e8709838
--- /dev/null
+++ b/src/mscrypto/hmac.c
@@ -0,0 +1,963 @@
+/**
+ *
+ * XMLSec library
+ *
+ * HMAC Algorithm support (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
+ * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
+ * as a parameter; if the parameter is not specified then all the bits of the
+ * hash are output. An example of an HMAC SignatureMethod element:
+ * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
+ *   <HMACOutputLength>128</HMACOutputLength>
+ * </SignatureMethod>
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_HMAC
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <windows.h>
+#include <wincrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/base64.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/mscrypto/crypto.h>
+#include "private.h"
+
+/* sizes in bits */
+#define XMLSEC_MSCRYPTO_MIN_HMAC_SIZE            80
+#define XMLSEC_MSCRYPTO_MAX_HMAC_SIZE            256
+
+/**************************************************************************
+ *
+ * Configuration
+ *
+ *****************************************************************************/
+static int g_xmlsec_mscrypto_hmac_min_length = XMLSEC_MSCRYPTO_MIN_HMAC_SIZE;
+
+/**
+ * xmlSecMSCryptoHmacGetMinOutputLength:
+ *
+ * Gets the value of min HMAC length.
+ *
+ * Returns: the min HMAC output length
+ */
+int xmlSecMSCryptoHmacGetMinOutputLength(void)
+{
+    return g_xmlsec_mscrypto_hmac_min_length;
+}
+
+/**
+ * xmlSecMSCryptoHmacSetMinOutputLength:
+ * @min_length: the new min length
+ *
+ * Sets the min HMAC output length
+ */
+void xmlSecMSCryptoHmacSetMinOutputLength(int min_length)
+{
+    g_xmlsec_mscrypto_hmac_min_length = min_length;
+}
+
+/******************************************************************************
+ *
+ * Internal MSCrypto HMAC CTX
+ *
+ *****************************************************************************/
+typedef struct _xmlSecMSCryptoHmacCtx            xmlSecMSCryptoHmacCtx, *xmlSecMSCryptoHmacCtxPtr;
+struct _xmlSecMSCryptoHmacCtx {
+    HCRYPTPROV      provider;
+    HCRYPTKEY       cryptKey;
+    HCRYPTKEY       pubPrivKey;
+    ALG_ID          alg_id;
+    const xmlSecMSCryptoProviderInfo  * providers;
+    HCRYPTHASH      mscHash;
+    unsigned char   dgst[XMLSEC_MSCRYPTO_MAX_HMAC_SIZE];
+    size_t          dgstSize;   /* dgst size in bytes */
+    int             ctxInitialized;
+};
+
+/******************************************************************************
+ *
+ * HMAC transforms
+ *
+ * xmlSecMSCryptoHmacCtx is located after xmlSecTransform
+ *
+ *****************************************************************************/
+#define xmlSecMSCryptoHmacGetCtx(transform) \
+    ((xmlSecMSCryptoHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+#define xmlSecMSCryptoHmacSize   \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoHmacCtx))
+
+static int      xmlSecMSCryptoHmacCheckId                        (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoHmacInitialize                     (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoHmacFinalize                       (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoHmacNodeRead                       (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoHmacSetKeyReq                      (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoHmacSetKey                         (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecMSCryptoHmacVerify                         (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoHmacExecute                        (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Hmac[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { MS_STRONG_PROV,                                   PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,                                 PROV_RSA_FULL },
+    { MS_DEF_PROV,                                      PROV_RSA_FULL },
+    { NULL, 0 }
+};
+
+static int
+xmlSecMSCryptoHmacCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha384Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacMd5Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+    /* not found */
+    {
+        return(0);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecMSCryptoHmacInitialize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoHmacCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    /* initialize context */
+    memset(ctx, 0, sizeof(xmlSecMSCryptoHmacCtx));
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha1Id)) {
+        ctx->alg_id = CALG_SHA1;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Hmac;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha256Id)) {
+        ctx->alg_id = CALG_SHA_256;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Hmac;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha384Id)) {
+        ctx->alg_id = CALG_SHA_384;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Hmac;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacSha512Id)) {
+        ctx->alg_id = CALG_SHA_512;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Hmac;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformHmacMd5Id)) {
+        ctx->alg_id = CALG_MD5;
+        ctx->providers = xmlSecMSCryptoProviderInfo_Hmac;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ctx->provider = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->provider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+            "xmlSecMSCryptoFindProvider",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* Create dummy key to be able to import plain session keys */
+    if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->provider, &(ctx->pubPrivKey))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoCreatePrivateExponentOneKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecMSCryptoHmacFinalize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoHmacCtxPtr ctx;
+
+    xmlSecAssert(xmlSecMSCryptoHmacCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize));
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if(ctx->mscHash != 0) {
+        CryptDestroyHash(ctx->mscHash);
+    }
+    if (ctx->cryptKey) {
+        CryptDestroyKey(ctx->cryptKey);
+    }
+    if (ctx->pubPrivKey) {
+        CryptDestroyKey(ctx->pubPrivKey);
+    }
+    if(ctx->provider != 0) {
+        CryptReleaseContext(ctx->provider, 0);
+    }
+
+    memset(ctx, 0, sizeof(xmlSecMSCryptoHmacCtx));
+}
+
+static int
+xmlSecMSCryptoHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoHmacCtxPtr ctx;
+    xmlNodePtr cur;
+
+    xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+    xmlSecAssert2(node!= NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    cur = xmlSecGetNextElementNode(node->children);
+    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
+        xmlChar *content;
+
+        content = xmlNodeGetContent(cur);
+        if(content != NULL) {
+            ctx->dgstSize = atoi((char*)content);
+            xmlFree(content);
+        }
+
+        /* Ensure that HMAC length is greater than min specified.
+           Otherwise, an attacker can set this length to 0 or very
+           small value
+        */
+        if((int)ctx->dgstSize < xmlSecMSCryptoHmacGetMinOutputLength()) {
+           xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                    "HMAC output length is too small");
+           return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    if(cur != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(0);
+}
+
+static int
+xmlSecMSCryptoHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    keyReq->keyId   = xmlSecMSCryptoKeyDataHmacId;
+    keyReq->keyType = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationSign) {
+        keyReq->keyUsage = xmlSecKeyUsageSign;
+    } else {
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
+    }
+
+    return(0);
+}
+
+static int
+xmlSecMSCryptoHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecMSCryptoHmacCtxPtr ctx;
+    xmlSecKeyDataPtr value;
+    xmlSecBufferPtr buffer;
+    HMAC_INFO hmacInfo;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoHmacCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->ctxInitialized == 0, -1);
+    xmlSecAssert2(ctx->provider != 0, -1);
+    xmlSecAssert2(ctx->pubPrivKey != 0, -1);
+    xmlSecAssert2(ctx->cryptKey == 0, -1);
+    xmlSecAssert2(ctx->mscHash == 0, -1);
+
+    value = xmlSecKeyGetValue(key);
+    xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecMSCryptoKeyDataHmacId), -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(value);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    if(xmlSecBufferGetSize(buffer) == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=0");
+        return(-1);
+    }
+
+    xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
+
+    /* Import this key and get an HCRYPTKEY handle. 
+     * 
+     * HACK!!! HACK!!! HACK!!! 
+     * 
+     * Using CALG_RC2 instead of CALG_HMAC for the key algorithm so we don't want to check key length
+     */
+    if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->provider,
+        ctx->pubPrivKey,
+        CALG_RC2,
+        xmlSecBufferGetData(buffer),
+        xmlSecBufferGetSize(buffer),
+        FALSE,
+        &(ctx->cryptKey)
+        ) || (ctx->cryptKey == 0))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }   
+
+    /* create hash */
+    ret = CryptCreateHash(ctx->provider,
+        CALG_HMAC,
+        ctx->cryptKey,
+        0,
+        &(ctx->mscHash));
+    if((ret == 0) || (ctx->mscHash == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "CryptCreateHash",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* set parameters */
+    memset(&hmacInfo, 0, sizeof(hmacInfo));
+    hmacInfo.HashAlgid = ctx->alg_id;
+    ret = CryptSetHashParam(ctx->mscHash, HP_HMAC_INFO, (BYTE*)&hmacInfo, 0);
+    if(ret == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "CryptSetHashParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* done */
+    ctx->ctxInitialized = 1;
+    return(0);
+}
+
+static int
+xmlSecMSCryptoHmacVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    static xmlSecByte last_byte_masks[] =
+                { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
+
+    xmlSecMSCryptoHmacCtxPtr ctx;
+    xmlSecByte mask;
+
+    xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+    xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
+    xmlSecAssert2(transform->status == xmlSecTransformStatusFinished, -1);
+    xmlSecAssert2(data != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->dgstSize > 0, -1);
+
+    /* compare the digest size in bytes */
+    if(dataSize != ((ctx->dgstSize + 7) / 8)){
+        /* NO COMMIT */
+        xmlChar* a;
+        mask = last_byte_masks[ctx->dgstSize % 8];
+        ctx->dgst[dataSize - 1] &= mask;
+        a = xmlSecBase64Encode(ctx->dgst, (ctx->dgstSize + 7) / 8, -1);
+        fprintf(stderr, "%s\n", a);
+        xmlFree(a);
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data=%d;dgst=%d",
+                    dataSize, ((ctx->dgstSize + 7) / 8));
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    /* we check the last byte separatelly */
+    xmlSecAssert2(dataSize > 0, -1);
+    mask = last_byte_masks[ctx->dgstSize % 8];
+    if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1]  & mask)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match (last byte)");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    /* now check the rest of the digest */
+    if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
+    }
+
+    transform->status = xmlSecTransformStatusOk;
+    return(0);
+}
+
+static int
+xmlSecMSCryptoHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoHmacCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoHmacSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+
+    ctx = xmlSecMSCryptoHmacGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->ctxInitialized != 0, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        /* we should be already initialized when we set key */
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if(transform->status == xmlSecTransformStatusWorking) {
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            ret = CryptHashData(ctx->mscHash,
+                xmlSecBufferGetData(in),
+                inSize,
+                0);
+
+            if(ret == 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "CryptHashData",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+
+        if(last) {
+            /* TODO: make a MSCrypto compatible assert here */
+            /* xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1); */
+            DWORD retLen;
+            retLen = XMLSEC_MSCRYPTO_MAX_HMAC_SIZE;
+
+            ret = CryptGetHashParam(ctx->mscHash,
+                HP_HASHVAL,
+                ctx->dgst,
+                &retLen,
+                0);
+
+            if (ret == 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "CryptGetHashParam",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+            xmlSecAssert2(retLen > 0, -1);
+
+            /* check/set the result digest size */
+            if(ctx->dgstSize == 0) {
+                ctx->dgstSize = retLen * 8; /* no dgst size specified, use all we have */
+            } else if(ctx->dgstSize <= 8 * retLen) {
+                retLen = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+            } else {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_SIZE,
+                            "result-bits=%d;required-bits=%d",
+                            8 * retLen, ctx->dgstSize);
+                return(-1);
+            }
+
+            /* copy result to output */
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, retLen);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", ctx->dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+
+    return(0);
+}
+
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * HMAC MD5
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacMd5,                          /* const xmlChar* name; */
+    xmlSecHrefHmacMd5,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacMd5GetKlass:
+ *
+ * The HMAC-MD5 transform klass.
+ *
+ * Returns: the HMAC-MD5 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacMd5GetKlass(void) {
+    return(&xmlSecMSCryptoHmacMd5Klass);
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+
+#ifndef XMLSEC_NO_RIPEMD160
+/******************************************************************************
+ *
+ * HMAC RIPEMD160
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacRipemd160Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacRipemd160,                    /* const xmlChar* name; */
+    xmlSecHrefHmacRipemd160,                    /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacRipemd160GetKlass:
+ *
+ * The HMAC-RIPEMD160 transform klass.
+ *
+ * Returns: the HMAC-RIPEMD160 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacRipemd160GetKlass(void) {
+    return(&xmlSecMSCryptoHmacRipemd160Klass);
+}
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+/******************************************************************************
+ *
+ * HMAC SHA1
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha1,                         /* const xmlChar* name; */
+    xmlSecHrefHmacSha1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacSha1GetKlass:
+ *
+ * The HMAC-SHA1 transform klass.
+ *
+ * Returns: the HMAC-SHA1 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacSha1GetKlass(void) {
+    return(&xmlSecMSCryptoHmacSha1Klass);
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+/******************************************************************************
+ *
+ * HMAC SHA224
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacSha224Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha224,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha224,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacSha224GetKlass:
+ *
+ * The HMAC-SHA224 transform klass.
+ *
+ * Returns: the HMAC-SHA224 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacSha224GetKlass(void) {
+    return(&xmlSecMSCryptoHmacSha224Klass);
+}
+
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * HMAC SHA256
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha256,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha256,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacSha256GetKlass:
+ *
+ * The HMAC-SHA256 transform klass.
+ *
+ * Returns: the HMAC-SHA256 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacSha256GetKlass(void) {
+    return(&xmlSecMSCryptoHmacSha256Klass);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * HMAC SHA384
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha384,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha384,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacSha384GetKlass:
+ *
+ * The HMAC-SHA384 transform klass.
+ *
+ * Returns: the HMAC-SHA384 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacSha384GetKlass(void) {
+    return(&xmlSecMSCryptoHmacSha384Klass);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * HMAC SHA512
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoHmacSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha512,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha512,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformHmacSha512GetKlass:
+ *
+ * The HMAC-SHA512 transform klass.
+ *
+ * Returns: the HMAC-SHA512 transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformHmacSha512GetKlass(void) {
+    return(&xmlSecMSCryptoHmacSha512Klass);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+
+#endif /* XMLSEC_NO_HMAC */
+
diff --git a/src/mscrypto/keysstore.c b/src/mscrypto/keysstore.c
index 6e2401b4..33f0cd27 100644
--- a/src/mscrypto/keysstore.c
+++ b/src/mscrypto/keysstore.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * MSCrypto keys store that uses Simple Keys Store under the hood. Uses the
- * MS Certificate store as a backing store for the finding keys, but the 
+ * MS Certificate store as a backing store for the finding keys, but the
  * MS Certificate store not written to by the keys store.
  * So, if store->findkey is done and the key is not found in the simple
  * keys store, the MS Certificate store is looked up.
- * Thus, the MS Certificate store can be used to pre-load keys and becomes 
+ * Thus, the MS Certificate store can be used to pre-load keys and becomes
  * an alternate source of keys for xmlsec
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -23,7 +23,7 @@
 #include <windows.h>
 #include <wincrypt.h>
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -38,73 +38,76 @@
 #include <xmlsec/mscrypto/keysstore.h>
 #include <xmlsec/mscrypto/x509.h>
 #include <xmlsec/mscrypto/certkeys.h>
+#include "private.h"
 
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
-
-#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME	"MY"
+#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_A     "MY"
+#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_W     L"MY"
+#ifdef UNICODE
+#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_W
+#else  /* UNICODE */
+#define XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME_A
+#endif /* UNICODE */
 
 /****************************************************************************
  *
  * MSCrypto Keys Store. Uses Simple Keys Store under the hood
- * 
+ *
  * Simple Keys Store ptr is located after xmlSecKeyStore
  *
  ***************************************************************************/
 #define xmlSecMSCryptoKeysStoreSize \
-	(sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
+        (sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
 
 #define xmlSecMSCryptoKeysStoreGetSS(store) \
     ((xmlSecKeyStoreCheckSize((store), xmlSecMSCryptoKeysStoreSize)) ? \
      (xmlSecKeyStorePtr*)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
      (xmlSecKeyStorePtr*)NULL)
 
-static int			xmlSecMSCryptoKeysStoreInitialize   (xmlSecKeyStorePtr store);
-static void			xmlSecMSCryptoKeysStoreFinalize	    (xmlSecKeyStorePtr store);
-static xmlSecKeyPtr 		xmlSecMSCryptoKeysStoreFindKey	    (xmlSecKeyStorePtr store, 
-								     const xmlChar* name, 
-								     xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecMSCryptoKeysStoreInitialize   (xmlSecKeyStorePtr store);
+static void                     xmlSecMSCryptoKeysStoreFinalize     (xmlSecKeyStorePtr store);
+static xmlSecKeyPtr             xmlSecMSCryptoKeysStoreFindKey      (xmlSecKeyStorePtr store,
+                                                                     const xmlChar* name,
+                                                                     xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyStoreKlass xmlSecMSCryptoKeysStoreKlass = {
     sizeof(xmlSecKeyStoreKlass),
     xmlSecMSCryptoKeysStoreSize,
 
     /* data */
-    BAD_CAST "MSCrypto-keys-store",		/* const xmlChar* name; */ 
-        
+    BAD_CAST "MSCrypto-keys-store",             /* const xmlChar* name; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoKeysStoreInitialize,		/* xmlSecKeyStoreInitializeMethod initialize; */
-    xmlSecMSCryptoKeysStoreFinalize,		/* xmlSecKeyStoreFinalizeMethod finalize; */
-    xmlSecMSCryptoKeysStoreFindKey,		/* xmlSecKeyStoreFindKeyMethod findKey; */
+    xmlSecMSCryptoKeysStoreInitialize,          /* xmlSecKeyStoreInitializeMethod initialize; */
+    xmlSecMSCryptoKeysStoreFinalize,            /* xmlSecKeyStoreFinalizeMethod finalize; */
+    xmlSecMSCryptoKeysStoreFindKey,             /* xmlSecKeyStoreFindKeyMethod findKey; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoKeysStoreGetKlass:
- * 
+ *
  * The MSCrypto list based keys store klass.
  *
  * Returns: MSCrypto list based keys store klass.
  */
-xmlSecKeyStoreId 
+xmlSecKeyStoreId
 xmlSecMSCryptoKeysStoreGetKlass(void) {
     return(&xmlSecMSCryptoKeysStoreKlass);
 }
 
 /**
  * xmlSecMSCryptoKeysStoreAdoptKey:
- * @store:		the pointer to MSCrypto keys store.
- * @key:		the pointer to key.
- * 
- * Adds @key to the @store. 
+ * @store:              the pointer to MSCrypto keys store.
+ * @key:                the pointer to key.
+ *
+ * Adds @key to the @store.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecMSCryptoKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr *ss;
 
@@ -112,25 +115,25 @@ xmlSecMSCryptoKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
     xmlSecAssert2((key != NULL), -1);
 
     ss = xmlSecMSCryptoKeysStoreGetSS(store);
-    xmlSecAssert2(((ss != NULL) && (*ss != NULL) && 
-	(xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
+    xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
+        (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
 
     return (xmlSecSimpleKeysStoreAdoptKey(*ss, key));
 }
 
-/** 
+/**
  * xmlSecMSCryptoKeysStoreLoad:
- * @store:		the pointer to MSCrypto keys store.
- * @uri:		the filename.
- * @keysMngr:		the pointer to associated keys manager. 
- * 
+ * @store:              the pointer to MSCrypto keys store.
+ * @uri:                the filename.
+ * @keysMngr:           the pointer to associated keys manager.
+ *
  * Reads keys from an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
 int
-xmlSecMSCryptoKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, 
-			    xmlSecKeysMngrPtr keysMngr) {
+xmlSecMSCryptoKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
+                            xmlSecKeysMngrPtr keysMngr) {
     xmlDocPtr doc;
     xmlNodePtr root;
     xmlNodePtr cur;
@@ -139,117 +142,117 @@ xmlSecMSCryptoKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
     int ret;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
-    xmlSecAssert2((uri != NULL), -1);    
+    xmlSecAssert2((uri != NULL), -1);
 
     doc = xmlParseFile(uri);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlParseFile",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "uri=%s", 
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlParseFile",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
-    
+
     root = xmlDocGetRootElement(doc);
     if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected-node=<xmlsec:Keys>");
-	xmlFreeDoc(doc);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected-node=<xmlsec:Keys>");
+        xmlFreeDoc(doc);
+        return(-1);
     }
-        
+
     cur = xmlSecGetNextElementNode(root->children);
-    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {  
-	key = xmlSecKeyCreate();
-	if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			"expected-node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-
-	ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoCtxInitialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	
-	keyInfoCtx.mode 	  = xmlSecKeyInfoModeRead;
-	keyInfoCtx.keysMngr	  = keysMngr;
-	keyInfoCtx.flags 	  = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
-				    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
-        keyInfoCtx.keyReq.keyId	  = xmlSecKeyDataIdUnknown;
-	keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
-	keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
-	ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	
-	if(xmlSecKeyIsValid(key)) {
-    	    ret = xmlSecMSCryptoKeysStoreAdoptKey(store, key);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			    "xmlSecMSCryptoKeysStoreAdoptKey",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDestroy(key);
-		xmlFreeDoc(doc);
-		return(-1);
-	    }
-	} else {
-	    /* we have an unknown key in our file, just ignore it */
-	    xmlSecKeyDestroy(key);
-	}
+    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
+        key = xmlSecKeyCreate();
+        if(key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        "expected-node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoCtxInitialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        keyInfoCtx.mode           = xmlSecKeyInfoModeRead;
+        keyInfoCtx.keysMngr       = keysMngr;
+        keyInfoCtx.flags          = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
+                                    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
+        keyInfoCtx.keyReq.keyId   = xmlSecKeyDataIdUnknown;
+        keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
+        keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
+
+        ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+
+        if(xmlSecKeyIsValid(key)) {
+            ret = xmlSecMSCryptoKeysStoreAdoptKey(store, key);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            "xmlSecMSCryptoKeysStoreAdoptKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDestroy(key);
+                xmlFreeDoc(doc);
+                return(-1);
+            }
+        } else {
+            /* we have an unknown key in our file, just ignore it */
+            xmlSecKeyDestroy(key);
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
     }
-    
+
     xmlFreeDoc(doc);
     return(0);
 }
 
-/** 
+/**
  * xmlSecMSCryptoKeysStoreSave:
- * @store:		the pointer to MSCrypto keys store.
- * @filename:		the filename.
- * @type:		the saved keys type (public, private, ...).
- * 
+ * @store:              the pointer to MSCrypto keys store.
+ * @filename:           the filename.
+ * @type:               the saved keys type (public, private, ...).
+ *
  * Writes keys from @store to an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -259,11 +262,11 @@ xmlSecMSCryptoKeysStoreSave(xmlSecKeyStorePtr store, const char *filename, xmlSe
     xmlSecKeyStorePtr *ss;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), -1);
-    xmlSecAssert2((filename != NULL), -1);    
-    
+    xmlSecAssert2((filename != NULL), -1);
+
     ss = xmlSecMSCryptoKeysStoreGetSS(store);
-    xmlSecAssert2(((ss != NULL) && (*ss != NULL) && 
-		   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
+    xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
+                   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
 
     return (xmlSecSimpleKeysStoreSave(*ss, filename, type));
 }
@@ -279,35 +282,36 @@ xmlSecMSCryptoKeysStoreInitialize(xmlSecKeyStorePtr store) {
 
     *ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
     if(*ss == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSecKeyStoreCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecSimpleKeysStoreId");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSecKeyStoreCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecSimpleKeysStoreId");
+        return(-1);
     }
 
-    return(0);    
+    return(0);
 }
 
 static void
 xmlSecMSCryptoKeysStoreFinalize(xmlSecKeyStorePtr store) {
     xmlSecKeyStorePtr *ss;
-    
+
     xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId));
-    
+
     ss = xmlSecMSCryptoKeysStoreGetSS(store);
     xmlSecAssert((ss != NULL) && (*ss != NULL));
-    
+
     xmlSecKeyStoreDestroy(*ss);
 }
 
 static PCCERT_CONTEXT
-xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name, 
-			       xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    const char* storeName;
+xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
+                                xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    LPCTSTR storeName;
     HCERTSTORE hStoreHandle = NULL;
     PCCERT_CONTEXT pCertContext = NULL;
+    LPTSTR wcName = NULL;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecMSCryptoKeysStoreId), NULL);
     xmlSecAssert2(name != NULL, NULL);
@@ -315,183 +319,121 @@ xmlSecMSCryptoKeysStoreFindCert(xmlSecKeyStorePtr store, const xmlChar* name,
 
     storeName = xmlSecMSCryptoAppGetCertStoreName();
     if(storeName == NULL) {
-	storeName = XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME;
+        storeName = XMLSEC_MSCRYPTO_APP_DEFAULT_CERT_STORE_NAME;
     }
 
     hStoreHandle = CertOpenSystemStore(0, storeName);
     if (NULL == hStoreHandle) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertOpenSystemStore",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "storeName=%s",
-		    xmlSecErrorsSafeString(storeName));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertOpenSystemStore",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "storeName=%s",
+                    xmlSecErrorsSafeString(storeName));
+        return(NULL);
     }
 
-    /* first attempt: search by cert id == name */
-    if(pCertContext == NULL) {
-	size_t len = xmlStrlen(name) + 1;     
-	wchar_t * lpCertID;
-	
-	/* aleksey todo: shouldn't we call MultiByteToWideChar first to get the buffer size? */
-	lpCertID = (wchar_t *)xmlMalloc(sizeof(wchar_t) * len);
-	if(lpCertID == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    	XMLSEC_ERRORS_NO_MESSAGE);
-	    CertCloseStore(hStoreHandle, 0);
-	    return(NULL);
-	}
-	MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, name, -1, lpCertID, len);
-	
-	pCertContext = CertFindCertificateInStore(
-	    hStoreHandle,
-	    X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-	    0,
-	    CERT_FIND_SUBJECT_STR,
-	    lpCertID,
-	    NULL);
-	xmlFree(lpCertID);
+    /* convert name to unicode */
+    wcName = xmlSecMSCryptoConvertUtf8ToTstr(name);
+    if(wcName == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecMSCryptoConvertUtf8ToUnicode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "wcName");
+        CertCloseStore(hStoreHandle, 0);
+        return(NULL);
     }
 
-    /* We don't give up easily, now try to fetch the cert with a full blown 
-     * subject dn
-     */
-    if (NULL == pCertContext) {
-	BYTE* bdata;
-	DWORD len;
-	
-	bdata = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-					    name, 
-					    CERT_OID_NAME_STR,
-					    &len);
-	if(bdata != NULL) {
-	    CERT_NAME_BLOB cnb;
-    
-	    cnb.cbData = len;
-    	    cnb.pbData = bdata;
-	    
-	    pCertContext = CertFindCertificateInStore(hStoreHandle,
-				X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-				0,
-				CERT_FIND_SUBJECT_NAME,
-				&cnb,
-				NULL);
-	    xmlFree(bdata);
-	}
+    /* first attempt: try to find the cert with a full blown subject dn */
+    if(NULL == pCertContext) {
+        pCertContext = xmlSecMSCryptoX509FindCertBySubject(
+            hStoreHandle,
+            wcName,
+            X509_ASN_ENCODING | PKCS_7_ASN_ENCODING);
     }
-	    
-    /* We don't give up easily, now try to fetch the cert with a full blown 
-     * subject dn, and try with a reversed dn
+
+    /*
+     * Try ro find certificate with name="Friendly Name"
      */
     if (NULL == pCertContext) {
-	BYTE* bdata;
-	DWORD len;
-	
-	bdata = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-					    name, 
-					    CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
-					    &len);
-	if(bdata != NULL) {
-	    CERT_NAME_BLOB cnb;
-    
-	    cnb.cbData = len;
-    	    cnb.pbData = bdata;
-	    
-	    pCertContext = CertFindCertificateInStore(hStoreHandle,
-				X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-				0,
-				CERT_FIND_SUBJECT_NAME,
-				&cnb,
-				NULL);
-	    xmlFree(bdata);
-	}
+        DWORD dwPropSize;
+        PBYTE pbFriendlyName;
+        PCCERT_CONTEXT pCertCtxIter = NULL;
+
+
+        while (pCertCtxIter = CertEnumCertificatesInStore(hStoreHandle, pCertCtxIter)) {
+            if (TRUE != CertGetCertificateContextProperty(pCertCtxIter,
+                                                      CERT_FRIENDLY_NAME_PROP_ID,
+                                                      NULL,
+                                                      &dwPropSize)) {
+                continue;
+            }
+
+            pbFriendlyName = xmlMalloc(dwPropSize);
+            if(pbFriendlyName == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            NULL,
+                            XMLSEC_ERRORS_R_MALLOC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFree(wcName);
+                CertCloseStore(hStoreHandle, 0);
+                return(NULL);
+            }
+
+            if (TRUE != CertGetCertificateContextProperty(pCertCtxIter,
+                                                      CERT_FRIENDLY_NAME_PROP_ID,
+                                                      pbFriendlyName,
+                                                      &dwPropSize)) {
+                xmlFree(pbFriendlyName);
+                continue;
+            }
+
+            /* Compare FriendlyName to name */
+            if (!lstrcmp(wcName, (LPCTSTR)pbFriendlyName)) {
+              pCertContext = pCertCtxIter;
+              xmlFree(pbFriendlyName);
+              break;
+            }
+            xmlFree(pbFriendlyName);
+        }
     }
 
-    /*
-     * Try ro find certificate with name="Friendly Name"
+    /* We don't give up easily, now try to find cert with part of the name
      */
     if (NULL == pCertContext) {
-      DWORD dwPropSize;
-      PBYTE pbFriendlyName;
-      PCCERT_CONTEXT pCertCtxIter = NULL;
-      size_t len = xmlStrlen(name) + 1;     
-      wchar_t * lpFName;
-	
-      lpFName = (wchar_t *)xmlMalloc(sizeof(wchar_t) * len);
-      if(lpFName == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    	XMLSEC_ERRORS_NO_MESSAGE);
-	    CertCloseStore(hStoreHandle, 0);
-	    return(NULL);
-      }
-      MultiByteToWideChar(CP_ACP, MB_PRECOMPOSED, name, -1, lpFName, len);
-      
-      while (pCertCtxIter = CertEnumCertificatesInStore(hStoreHandle, pCertCtxIter)) {
-	if (TRUE != CertGetCertificateContextProperty(pCertCtxIter,
-						      CERT_FRIENDLY_NAME_PROP_ID,
-						      NULL,
-						      &dwPropSize)) {
-	  continue;
-	}
-
-	pbFriendlyName = xmlMalloc(dwPropSize);
-	if(pbFriendlyName == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    	XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(lpFName);
-	    CertCloseStore(hStoreHandle, 0);
-	    return(NULL);
-	}
-	if (TRUE != CertGetCertificateContextProperty(pCertCtxIter,
-						      CERT_FRIENDLY_NAME_PROP_ID,
-						      pbFriendlyName,
-						      &dwPropSize)) {
-	  xmlFree(pbFriendlyName);
-	  continue;
-	}
-
-	/* Compare FriendlyName to name */
-	if (!wcscmp(lpFName, (const wchar_t *)pbFriendlyName)) {
-	  pCertContext = pCertCtxIter;
-	  xmlFree(pbFriendlyName);
-	  break;
-	}
-	xmlFree(pbFriendlyName);
-      }
-
-      xmlFree(lpFName);
+        pCertContext = CertFindCertificateInStore(
+            hStoreHandle,
+            X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+            0,
+            CERT_FIND_SUBJECT_STR,
+            wcName,
+            NULL);
     }
 
-    /* We could do the following here: 
+
+    /* We could do the following here:
      * It would be nice if we could locate the cert with issuer name and
      * serial number, the given keyname can be something like this:
      * 'serial=1234567;issuer=CN=ikke, C=NL'
      * to be implemented by the first person who reads this, and thinks it's
      * a good idea :) WK
-     */     
+     */
 
     /* OK, I give up, I'm gone :( */
-    
-    /* aleksey todo: is it a right idea to close store if we have a handle to 
+
+    /* aleksey todo: is it a right idea to close store if we have a handle to
      * a cert in this store? */
+    xmlFree(wcName);
     CertCloseStore(hStoreHandle, 0);
     return(pCertContext);
 }
 
 
-static xmlSecKeyPtr 
-xmlSecMSCryptoKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, 
-			       xmlSecKeyInfoCtxPtr keyInfoCtx) {
+static xmlSecKeyPtr
+xmlSecMSCryptoKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
+                               xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyStorePtr* ss;
     xmlSecKeyPtr key = NULL;
     xmlSecKeyReqPtr keyReq = NULL;
@@ -511,167 +453,167 @@ xmlSecMSCryptoKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
     /* first try to find key in the simple keys store */
     key = xmlSecKeyStoreFindKey(*ss, name, keyInfoCtx);
     if (key != NULL) {
-	return (key);
+        return (key);
     }
 
     /* Next try to find the key in the MS Certificate store, and construct an xmlSecKey.
     *  we must have a name to lookup keys in the certificate store.
     */
     if (name == NULL) {
-	goto done;
+        goto done;
     }
 
-    /* what type of key are we looking for? 
+    /* what type of key are we looking for?
     * WK: For now, we'll look only for public/private keys using the
-    * name as a cert nickname. Then the name is regarded as the subject 
+    * name as a cert nickname. Then the name is regarded as the subject
     * dn of the certificate to be searched for.
     */
     keyReq = &(keyInfoCtx->keyReq);
     if (keyReq->keyType & (xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate)) {
-	pCertContext = xmlSecMSCryptoKeysStoreFindCert(store, name, keyInfoCtx);
-	if(pCertContext == NULL) {
-	    goto done;
-	}
-
-	/* set cert in x509 data */
-	x509Data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataX509Id);
-	if(x509Data == NULL) {
- 	    xmlSecError(XMLSEC_ERRORS_HERE,
- 			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- 	    goto done;
- 	}
-
-	pCertContext2 = CertDuplicateCertificateContext(pCertContext);
-	if (NULL == pCertContext2) {
- 	    xmlSecError(XMLSEC_ERRORS_HERE,
- 			NULL,
-			"CertDuplicateCertificateContext",
- 			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- 	    goto done;
- 	}
-
-	ret = xmlSecMSCryptoKeyDataX509AdoptCert(x509Data, pCertContext2);
-	if (ret < 0) {
- 	    xmlSecError(XMLSEC_ERRORS_HERE,
- 			NULL,
-			"xmlSecMSCryptoKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	pCertContext2 = NULL;
-
-	pCertContext2 = CertDuplicateCertificateContext(pCertContext);
-	if (NULL == pCertContext2) {
- 	    xmlSecError(XMLSEC_ERRORS_HERE,
- 			NULL,
-			"CertDuplicateCertificateContext",
- 			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
- 	    goto done;
- 	}
-
-	ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(x509Data, pCertContext2);
-	if (ret < 0) {
- 	    xmlSecError(XMLSEC_ERRORS_HERE,
- 			NULL,
-			"xmlSecMSCryptoKeyDataX509AdoptKeyCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	pCertContext2 = NULL;
-
-	/* set cert in key data */
-	data = xmlSecMSCryptoCertAdopt(pCertContext, keyReq->keyType);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecMSCryptoCertAdopt",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
-	pCertContext = NULL;
-
-	/* create key and add key data and x509 data to it */
-	key = xmlSecKeyCreate();
-	if (key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
-
-	ret = xmlSecKeySetValue(key, data);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeySetValue",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s", 
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	    goto done;
-	}
-	data = NULL;
-
-	ret = xmlSecKeyAdoptData(key, x509Data);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyAdoptData",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	x509Data = NULL;
-
-    	/* Set the name of the key to the given name */
-	ret = xmlSecKeySetName(key, name);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeySetName",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+        pCertContext = xmlSecMSCryptoKeysStoreFindCert(store, name, keyInfoCtx);
+        if(pCertContext == NULL) {
+            goto done;
+        }
+
+        /* set cert in x509 data */
+        x509Data = xmlSecKeyDataCreate(xmlSecMSCryptoKeyDataX509Id);
+        if(x509Data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        pCertContext2 = CertDuplicateCertificateContext(pCertContext);
+        if (NULL == pCertContext2) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptCert(x509Data, pCertContext2);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        pCertContext2 = NULL;
+
+        pCertContext2 = CertDuplicateCertificateContext(pCertContext);
+        if (NULL == pCertContext2) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(x509Data, pCertContext2);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        pCertContext2 = NULL;
+
+        /* set cert in key data */
+        data = xmlSecMSCryptoCertAdopt(pCertContext, keyReq->keyType);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoCertAdopt",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+        pCertContext = NULL;
+
+        /* create key and add key data and x509 data to it */
+        key = xmlSecKeyCreate();
+        if (key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+
+        ret = xmlSecKeySetValue(key, data);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeySetValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+            goto done;
+        }
+        data = NULL;
+
+        ret = xmlSecKeyAdoptData(key, x509Data);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyAdoptData",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        x509Data = NULL;
+
+        /* Set the name of the key to the given name */
+        ret = xmlSecKeySetName(key, name);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeySetName",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
 
         /* now that we have a key, make sure it is valid and let the simple
-	* store adopt it */
-    	if (xmlSecKeyIsValid(key)) {
-	    res = key;
-	    key = NULL;
-	}
+        * store adopt it */
+        if (xmlSecKeyIsValid(key)) {
+            res = key;
+            key = NULL;
+        }
     }
 
 done:
     if (NULL != pCertContext) {
-	CertFreeCertificateContext(pCertContext);
+        CertFreeCertificateContext(pCertContext);
     }
     if (NULL != pCertContext2) {
-	CertFreeCertificateContext(pCertContext2);
+        CertFreeCertificateContext(pCertContext2);
     }
     if (data != NULL) {
-	xmlSecKeyDataDestroy(data);
+        xmlSecKeyDataDestroy(data);
     }
     if (x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if (key != NULL) {
-	xmlSecKeyDestroy(key);
+        xmlSecKeyDestroy(key);
     }
 
     return (res);
diff --git a/src/mscrypto/kt_rsa.c b/src/mscrypto/kt_rsa.c
index ec86ac53..9b4908fa 100644
--- a/src/mscrypto/kt_rsa.c
+++ b/src/mscrypto/kt_rsa.c
@@ -1,13 +1,13 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * RSA Algorithms support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #include "globals.h"
 
@@ -29,212 +29,229 @@
 
 #include <xmlsec/mscrypto/crypto.h>
 #include <xmlsec/mscrypto/certkeys.h>
+#include "private.h"
 
 /**************************************************************************
  *
  * Internal MSCRYPTO RSA PKCS1 CTX
  *
  *************************************************************************/
-typedef struct _xmlSecMSCryptoRsaPkcs1Ctx	xmlSecMSCryptoRsaPkcs1Ctx, 
-					        *xmlSecMSCryptoRsaPkcs1CtxPtr;
-struct _xmlSecMSCryptoRsaPkcs1Ctx {
-    xmlSecKeyDataPtr data;
-    DWORD typeFlags;
-};	    
+typedef struct _xmlSecMSCryptoRsaPkcs1OaepCtx    xmlSecMSCryptoRsaPkcs1OaepCtx,
+                                                *xmlSecMSCryptoRsaPkcs1OaepCtxPtr;
+struct _xmlSecMSCryptoRsaPkcs1OaepCtx {
+    DWORD               dwFlags;
+    xmlSecKeyDataPtr    data;
+    xmlSecBuffer        oaepParams;
+};
 
 /*********************************************************************
  *
  * RSA PKCS1 key transport transform
  *
- * xmlSecMSCryptoRsaPkcs1Ctx is located after xmlSecTransform
+ * xmlSecMSCryptoRsaPkcs1OaepCtx is located after xmlSecTransform
  *
  ********************************************************************/
-#define xmlSecMSCryptoRsaPkcs1Size	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoRsaPkcs1Ctx))	
-#define xmlSecMSCryptoRsaPkcs1GetCtx(transform) \
-    ((xmlSecMSCryptoRsaPkcs1CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-
-static int 	xmlSecMSCryptoRsaPkcs1Initialize		(xmlSecTransformPtr transform);
-static void 	xmlSecMSCryptoRsaPkcs1Finalize			(xmlSecTransformPtr transform);
-static int  	xmlSecMSCryptoRsaPkcs1SetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecMSCryptoRsaPkcs1SetKey			(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecMSCryptoRsaPkcs1Execute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecMSCryptoRsaPkcs1Process			(xmlSecTransformPtr transform, 
-								 xmlSecTransformCtxPtr transformCtx);
-
-static xmlSecTransformKlass xmlSecMSCryptoRsaPkcs1Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoRsaPkcs1Size,			/* xmlSecSize objSize */
-
-    xmlSecNameRsaPkcs1,				/* const xmlChar* name; */
-    xmlSecHrefRsaPkcs1, 			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecMSCryptoRsaPkcs1Initialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoRsaPkcs1Finalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoRsaPkcs1SetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecMSCryptoRsaPkcs1SetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoRsaPkcs1Execute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
+#define xmlSecMSCryptoRsaPkcs1OaepCtx      \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoRsaPkcs1OaepCtx))
+#define xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform) \
+    ((xmlSecMSCryptoRsaPkcs1OaepCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecMSCryptoRsaPkcs1OaepCheckId               (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoRsaPkcs1OaepInitialize            (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoRsaPkcs1OaepFinalize              (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoRsaPkcs1OaepSetKeyReq             (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoRsaPkcs1OaepSetKey                (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecMSCryptoRsaPkcs1OaepExecute               (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoRsaPkcs1OaepProcess                   (xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+
+static int
+xmlSecMSCryptoRsaPkcs1OaepCheckId(xmlSecTransformPtr transform) {
+
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id)) {
+        return(1);
+    } else
+
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId)) {
+        return(1);
+    } else
+
+    /* not found */
+    {
+        return(0);
+    }
 
-/** 
- * xmlSecMSCryptoTransformRsaPkcs1GetKlass:
- *
- * The RSA-PKCS1 key transport transform klass.
- *
- * Returns: RSA-PKCS1 key transport transform klass.
- */
-xmlSecTransformId 
-xmlSecMSCryptoTransformRsaPkcs1GetKlass(void) {
-    return(&xmlSecMSCryptoRsaPkcs1Klass);
+    /* just in case */
+    return(0);
 }
 
-static int 
-xmlSecMSCryptoRsaPkcs1Initialize(xmlSecTransformPtr transform) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
-    
-    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1);
+static int
+xmlSecMSCryptoRsaPkcs1OaepInitialize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
-    memset(ctx, 0, sizeof(xmlSecMSCryptoRsaPkcs1Ctx));
+
+    /* initialize */
+    memset(ctx, 0, sizeof(xmlSecMSCryptoRsaPkcs1OaepCtx));
+
+    ret = xmlSecBufferInitialize(&(ctx->oaepParams), 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id)) {
+        ctx->dwFlags = 0;
+    } else
+
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId)) {
+        ctx->dwFlags = CRYPT_OAEP;
+    } else
+
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* done */
     return(0);
 }
 
-static void 
-xmlSecMSCryptoRsaPkcs1Finalize(xmlSecTransformPtr transform) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
+static void
+xmlSecMSCryptoRsaPkcs1OaepFinalize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
 
-    xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id));
-    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size));
+    xmlSecAssert(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx));
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if (ctx->data != NULL)  {
-	xmlSecKeyDataDestroy(ctx->data);
-	ctx->data = NULL;
+        xmlSecKeyDataDestroy(ctx->data);
+        ctx->data = NULL;
     }
 
-    memset(ctx, 0, sizeof(xmlSecMSCryptoRsaPkcs1Ctx));
+    xmlSecBufferFinalize(&(ctx->oaepParams));
+    memset(ctx, 0, sizeof(xmlSecMSCryptoRsaPkcs1OaepCtx));
 }
 
-static int  
-xmlSecMSCryptoRsaPkcs1SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
+static int
+xmlSecMSCryptoRsaPkcs1OaepSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
 
-    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1);
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
     xmlSecAssert2(keyReq != NULL, -1);
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    keyReq->keyId 	 = xmlSecMSCryptoKeyDataRsaId;
+    keyReq->keyId        = xmlSecMSCryptoKeyDataRsaId;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
         keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
         keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
-    }    
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+    }
     return(0);
 }
 
-static int  	
-xmlSecMSCryptoRsaPkcs1SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
-    
-    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1);
+static int
+xmlSecMSCryptoRsaPkcs1OaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataRsaId), -1);
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->data == NULL, -1);
 
     ctx->data = xmlSecKeyDataDuplicate(xmlSecKeyGetValue(key));
     if(ctx->data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecKeyDataDuplicate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecKeyDataDuplicate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
-xmlSecMSCryptoRsaPkcs1Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
+static int
+xmlSecMSCryptoRsaPkcs1OaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
     int ret;
 
-    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1);
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
         transform->status = xmlSecTransformStatusWorking;
-    } 
-    
+    }
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-		/* just do nothing */
+                /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	ret = xmlSecMSCryptoRsaPkcs1Process(transform, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecMSCryptoRsaPkcs1Process",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusFinished;
+        ret = xmlSecMSCryptoRsaPkcs1OaepProcess(transform, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecMSCryptoRsaPkcs1OaepProcess",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-		/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+                /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-	 	    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
         return(-1);
     }
     return(0);
 }
 
-static int  
-xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecMSCryptoRsaPkcs1CtxPtr ctx;
+static int
+xmlSecMSCryptoRsaPkcs1OaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
     xmlSecBufferPtr in, out;
     xmlSecSize inSize, outSize;
     xmlSecSize keySize;
@@ -243,29 +260,29 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
     DWORD dwInLen;
     DWORD dwBufLen;
     DWORD dwOutLen;
-    BYTE * outBuf;
-    BYTE * inBuf;
+    xmlSecByte * outBuf;
+    xmlSecByte * inBuf;
     int i;
 
-    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaPkcs1Id), -1);
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
-    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1Size), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    ctx = xmlSecMSCryptoRsaPkcs1GetCtx(transform);
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->data != NULL, -1);
-    
+
     keySize = xmlSecKeyDataGetSize(ctx->data) / 8;
     xmlSecAssert2(keySize > 0, -1);
-    
+
     in = &(transform->inBuf);
     out = &(transform->outBuf);
-	
+
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
-	
+
     /* the encoded size is equal to the keys size so we could not
      * process more than that */
     if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
@@ -283,11 +300,11 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
                     "%d when expected %d", inSize, keySize);
         return(-1);
     }
-	
-    outSize = keySize; 
+
+    outSize = keySize;
     ret = xmlSecBufferSetMaxSize(out, outSize);
     if(ret < 0) {
-        xmlSecError(XMLSEC_ERRORS_HERE, 
+        xmlSecError(XMLSEC_ERRORS_HERE,
                     xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
                     "xmlSecBufferSetMaxSize",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
@@ -296,42 +313,64 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
     }
 
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	BYTE ch;
-
-	if(inSize > outSize) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_SIZE,
-			"inSize=%d;outSize=%d", 
-			inSize, outSize);
-	    return(-1);
-	}
-
-	ret = xmlSecBufferSetData(out, xmlSecBufferGetData(in), inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetData",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
+        if(inSize > outSize) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "inSize=%d;outSize=%d",
+                        inSize, outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferSetData(out, xmlSecBufferGetData(in), inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetData",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
 
         dwInLen = inSize;
         dwBufLen = outSize;
-	if (0 == (hKey = xmlSecMSCryptoKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic))) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
+        if (0 == (hKey = xmlSecMSCryptoKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic))) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlSecMSCryptoKeyDataGetKey",
                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
                         XMLSEC_ERRORS_NO_MESSAGE);
             return (-1);
-	}
-        
-	outBuf = xmlSecBufferGetData(out);
-	xmlSecAssert2(outBuf != NULL, -1);
-	if (!CryptEncrypt(hKey, 0, TRUE, 0, outBuf, &dwInLen, dwBufLen)) {
+        }
+
+        outBuf = xmlSecBufferGetData(out);
+        xmlSecAssert2(outBuf != NULL, -1);
+
+        /* set OAEP parameter for the key 
+         *
+         * aleksey: I don't understand how this would work in multi-threaded
+         * environment or when key can be re-used multiple times
+         */
+        if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+            CRYPT_DATA_BLOB oaepParams;
+
+            memset(&oaepParams, 0, sizeof(oaepParams));
+            oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
+            oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+            if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptSetKeyParam",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return (-1);
+            }
+        }
+
+        /* encrypt */
+        if (!CryptEncrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwInLen, dwBufLen)) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "CryptEncrypt",
@@ -340,39 +379,54 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
             return (-1);
         }
 
-	/* The output of CryptEncrypt is in little-endian format, so we have to convert to
-	 * big-endian first.
-	 */
-	for(i = 0; i < outSize / 2; i++) {
-	    ch = outBuf[i];
-	    outBuf[i] = outBuf[outSize - (i + 1)];
-	    outBuf[outSize - (i + 1)] = ch;
-	}
+        /* The output of CryptEncrypt is in little-endian format, so we have to convert to
+         * big-endian first.
+         */
+        ConvertEndianInPlace(outBuf, outSize);
     } else {
-	dwOutLen = inSize;
-
-	/* The input of CryptDecrypt is expected to be little-endian, 
-	 * so we have to convert from big-endian to little endian.
-	 */
-	inBuf	= xmlSecBufferGetData(in);
-	outBuf	= xmlSecBufferGetData(out);
-
-	xmlSecAssert2(inBuf != 0, -1);
-	xmlSecAssert2(outBuf != 0, -1);
-	for (i = 0; i < inSize; i++) {
-	    outBuf[i] = inBuf[inSize - (i + 1)];
-	}
-
-	if (0 == (hKey = xmlSecMSCryptoKeyDataGetDecryptKey(ctx->data))) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
+        dwOutLen = inSize;
+
+        /* The input of CryptDecrypt is expected to be little-endian,
+         * so we have to convert from big-endian to little endian.
+         */
+        inBuf   = xmlSecBufferGetData(in);
+        outBuf  = xmlSecBufferGetData(out);
+        ConvertEndian(inBuf, outBuf, inSize);
+
+        if (0 == (hKey = xmlSecMSCryptoKeyDataGetDecryptKey(ctx->data))) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlSecMSCryptoKeyDataGetKey",
                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
                         XMLSEC_ERRORS_NO_MESSAGE);
             return (-1);
-	}
-	if (!CryptDecrypt(hKey, 0, TRUE, 0, outBuf, &dwOutLen)) {
-            xmlSecError(XMLSEC_ERRORS_HERE, 
+        }
+
+        /* set OAEP parameter for the key 
+         *
+         * aleksey: I don't understand how this would work in multi-threaded
+         * environment or when key can be re-used multiple times
+         */
+        if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaOaepId) && xmlSecBufferGetSize(&(ctx->oaepParams)) > 0) {
+            CRYPT_DATA_BLOB oaepParams;
+
+            memset(&oaepParams, 0, sizeof(oaepParams));
+            oaepParams.pbData = xmlSecBufferGetData(&(ctx->oaepParams));
+            oaepParams.cbData = xmlSecBufferGetSize(&(ctx->oaepParams));
+
+            if (!CryptSetKeyParam(hKey, KP_OAEP_PARAMS, (const BYTE*)&oaepParams, 0)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptSetKeyParam",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return (-1);
+            }
+        }
+
+        /* decrypt */
+        if (!CryptDecrypt(hKey, 0, TRUE, ctx->dwFlags, outBuf, &dwOutLen)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
                         "CryptDecrypt",
                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
@@ -385,9 +439,9 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
 
     ret = xmlSecBufferSetSize(out, outSize);
     if(ret < 0) {
-        xmlSecError(XMLSEC_ERRORS_HERE, 
+        xmlSecError(XMLSEC_ERRORS_HERE,
                     xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-                    "xmlSecBufferSetSize",		    
+                    "xmlSecBufferSetSize",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
                     "size=%d", outSize);
         return(-1);
@@ -395,7 +449,7 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
 
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-        xmlSecError(XMLSEC_ERRORS_HERE, 
+        xmlSecError(XMLSEC_ERRORS_HERE,
                     xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
                     "xmlSecBufferRemoveHead",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
@@ -406,5 +460,172 @@ xmlSecMSCryptoRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPt
     return(0);
 }
 
+
+/**********************************************************************
+ *
+ * RSA/PKCS1 transform
+ *
+ **********************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoRsaPkcs1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoRsaPkcs1OaepCtx,                 /* xmlSecSize objSize */
+
+    xmlSecNameRsaPkcs1,                         /* const xmlChar* name; */
+    xmlSecHrefRsaPkcs1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoRsaPkcs1OaepInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoRsaPkcs1OaepFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoRsaPkcs1OaepSetKeyReq,            /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoRsaPkcs1OaepSetKey,               /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoRsaPkcs1OaepExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+
+/**
+ * xmlSecMSCryptoTransformRsaPkcs1GetKlass:
+ *
+ * The RSA-PKCS1 key transport transform klass.
+ *
+ * Returns: RSA-PKCS1 key transport transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaPkcs1GetKlass(void) {
+    return(&xmlSecMSCryptoRsaPkcs1Klass);
+}
+
+
+
+/**********************************************************************
+ *
+ * RSA/OAEP transform
+ *
+ **********************************************************************/
+static int          xmlSecMSCryptoRsaOaepNodeRead               (xmlSecTransformPtr transform, 
+                                                                 xmlNodePtr node, 
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+static xmlSecTransformKlass xmlSecMSCryptoRsaOaepKlass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoRsaPkcs1OaepCtx,                 /* xmlSecSize objSize */
+
+    xmlSecNameRsaOaep,                          /* const xmlChar* name; */
+    xmlSecHrefRsaOaep,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoRsaPkcs1OaepInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoRsaPkcs1OaepFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecMSCryptoRsaOaepNodeRead,              /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoRsaPkcs1OaepSetKeyReq,            /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoRsaPkcs1OaepSetKey,               /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoRsaPkcs1OaepExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+
+/**
+ * xmlSecMSCryptoTransformRsaOaepGetKlass:
+ *
+ * The RSA-OAEP key transport transform klass.
+ *
+ * Returns: RSA-OAEP key transport transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaOaepGetKlass(void) {
+    return(&xmlSecMSCryptoRsaOaepKlass);
+}
+
+static int
+xmlSecMSCryptoRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoRsaPkcs1OaepCtxPtr ctx;
+    xmlNodePtr cur;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoRsaPkcs1OaepCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoRsaPkcs1OaepCtx), -1);
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecMSCryptoRsaPkcs1OaepGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->oaepParams)) == 0, -1);
+
+    cur = xmlSecGetNextElementNode(node->children);
+    while(cur != NULL) {
+        if(xmlSecCheckNodeName(cur,  xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
+            ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferBase64NodeContentRead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } else if(xmlSecCheckNodeName(cur,  xmlSecNodeDigestMethod, xmlSecDSigNs)) {
+            xmlChar* algorithm;
+
+            /* Algorithm attribute is required */
+            algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
+            if(algorithm == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                            XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+                return(-1);
+            }
+
+            /* for now we support only sha1 */
+            if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            xmlSecErrorsSafeString(algorithm),
+                            XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                            "digest algorithm is not supported for rsa/oaep");
+                xmlFree(algorithm);
+                return(-1);
+            }
+            xmlFree(algorithm);
+        } else {
+            /* not found */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* next node */
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+    
+    return(0);
+}
+
 #endif /* XMLSEC_NO_RSA */
 
diff --git a/src/mscrypto/kw_aes.c b/src/mscrypto/kw_aes.c
new file mode 100644
index 00000000..14e96d5a
--- /dev/null
+++ b/src/mscrypto/kw_aes.c
@@ -0,0 +1,662 @@
+/**
+ * XMLSec library
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
+ * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#include "globals.h"
+
+#include <string.h>
+
+#include <windows.h>
+#include <wincrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/mscrypto/crypto.h>
+
+#include "../kw_aes_des.h"
+#include "private.h"
+
+
+#ifndef XMLSEC_NO_AES
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ *********************************************************************/
+static int      xmlSecMSCryptoKWAesBlockEncrypt         (const xmlSecByte * in, 
+                                                         xmlSecSize inSize,
+                                                         xmlSecByte * out, 
+                                                         xmlSecSize outSize,
+                                                         void * cb_ctx);
+static int      xmlSecMSCryptoKWAesBlockDecrypt         (const xmlSecByte * in, 
+                                                         xmlSecSize inSize,
+                                                         xmlSecByte * out, 
+                                                         xmlSecSize outSize,
+                                                         void * cb_ctx);
+
+/* klass for KW AES operation */
+static xmlSecKWAesKlass xmlSecMSCryptoKWAesKlass = {
+    /* callbacks */
+    xmlSecMSCryptoKWAesBlockEncrypt,        /* xmlSecKWAesBlockEncryptMethod       encrypt; */
+    xmlSecMSCryptoKWAesBlockDecrypt,        /* xmlSecKWAesBlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL                                    /* void*                               reserved1; */
+};
+
+/**************************************************************************
+ *
+ * Internal MSCrypto KW AES cipher CTX
+ *
+ *****************************************************************************/
+typedef struct _xmlSecMSCryptoKWAesCtx                  xmlSecMSCryptoKWAesCtx,
+                                                        *xmlSecMSCryptoKWAesCtxPtr;
+struct _xmlSecMSCryptoKWAesCtx {
+    ALG_ID                              algorithmIdentifier;
+    const xmlSecMSCryptoProviderInfo  * providers;
+    xmlSecKeyDataId                     keyId;
+    xmlSecSize                          keySize;
+
+    HCRYPTPROV                          cryptProvider;
+    HCRYPTKEY                           pubPrivKey;
+    xmlSecBuffer                        keyBuffer;
+};
+
+/******************************************************************************
+ *
+ *  KW AES transforms
+ *
+ * xmlSecMSCryptoKWAesCtx block is located after xmlSecTransform structure
+ *
+ *****************************************************************************/
+#define xmlSecMSCryptoKWAesSize   \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoKWAesCtx))
+#define xmlSecMSCryptoKWAesGetCtx(transform) \
+    ((xmlSecMSCryptoKWAesCtxPtr)(((unsigned char*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecMSCryptoKWAesInitialize       (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoKWAesFinalize         (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoKWAesSetKeyReq        (xmlSecTransformPtr transform,
+                                                     xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoKWAesSetKey           (xmlSecTransformPtr transform,
+                                                     xmlSecKeyPtr key);
+static int      xmlSecMSCryptoKWAesExecute          (xmlSecTransformPtr transform,
+                                                     int last,
+                                                     xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoKWAesCheckId          (xmlSecTransformPtr transform);
+
+
+
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Aes[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { NULL, 0 }
+};
+
+static int
+xmlSecMSCryptoKWAesCheckId(xmlSecTransformPtr transform) {
+
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWAes128Id) ||
+       xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWAes192Id) ||
+       xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWAes256Id)) {
+
+       return(1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecMSCryptoKWAesInitialize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoKWAesCtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
+
+    ctx = xmlSecMSCryptoKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecMSCryptoKWAesCtx));
+
+    if(transform->id == xmlSecMSCryptoTransformKWAes128Id) {
+        ctx->algorithmIdentifier    = CALG_AES_128;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = XMLSEC_KW_AES128_KEY_SIZE;
+    } else if(transform->id == xmlSecMSCryptoTransformKWAes192Id) {
+        ctx->algorithmIdentifier    = CALG_AES_192;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = XMLSEC_KW_AES192_KEY_SIZE;
+    } else if(transform->id == xmlSecMSCryptoTransformKWAes256Id) {
+        ctx->algorithmIdentifier    = CALG_AES_256;
+        ctx->keyId                  = xmlSecMSCryptoKeyDataAesId;
+        ctx->providers              = xmlSecMSCryptoProviderInfo_Aes;
+        ctx->keySize                = XMLSEC_KW_AES256_KEY_SIZE;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+            NULL,
+            XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferInitialize(&ctx->keyBuffer, 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* find provider */
+    ctx->cryptProvider = xmlSecMSCryptoFindProvider(ctx->providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->cryptProvider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoFindProvider",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    /* Create dummy key to be able to import plain session keys */
+    if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->cryptProvider, &(ctx->pubPrivKey))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoCreatePrivateExponentOneKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecMSCryptoKWAesFinalize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoKWAesCtxPtr ctx;
+
+    xmlSecAssert(xmlSecMSCryptoKWAesCheckId(transform));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize));
+
+    ctx = xmlSecMSCryptoKWAesGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if (ctx->pubPrivKey) {
+        CryptDestroyKey(ctx->pubPrivKey);
+    }
+    if (ctx->cryptProvider) {
+        CryptReleaseContext(ctx->cryptProvider, 0);
+    }
+    
+    xmlSecBufferFinalize(&ctx->keyBuffer);
+
+    memset(ctx, 0, sizeof(xmlSecMSCryptoKWAesCtx));
+}
+
+static int
+xmlSecMSCryptoKWAesSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecMSCryptoKWAesCtxPtr ctx;
+
+    xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecMSCryptoKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->cryptProvider != 0, -1);
+
+    keyReq->keyId       = ctx->keyId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationEncrypt) {
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+    } else {
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+    }
+
+    keyReq->keyBitsSize = 8 * ctx->keySize;
+    return(0);
+}
+
+
+
+static int
+xmlSecMSCryptoKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecMSCryptoKWAesCtxPtr ctx;
+    xmlSecBufferPtr buffer;
+    xmlSecSize keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataAesId), -1);
+
+    ctx = xmlSecMSCryptoKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+    xmlSecAssert2(buffer != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(buffer);
+    if(keySize < ctx->keySize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key=%d;expected=%d",
+                    keySize, ctx->keySize);
+        return(-1);
+    }
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer),
+                            xmlSecBufferGetData(buffer),
+                            ctx->keySize);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "expected-size=%d", 
+                    ctx->keySize);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecMSCryptoKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoKWAesCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize;
+    int ret;
+
+    xmlSecAssert2(xmlSecMSCryptoKWAesCheckId(transform), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWAesSize), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecMSCryptoKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+    xmlSecAssert2(outSize == 0, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+        /* just do nothing */
+    } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+        if((inSize % 8) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "size=%d(not 8 bytes aligned)", inSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
+            outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
+                               XMLSEC_KW_AES_BLOCK_SIZE;
+        } else {
+            outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWAesEncode(&xmlSecMSCryptoKWAesKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWAesDecode(&xmlSecMSCryptoKWAesKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "inSize%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+    return(0);
+}
+
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ ********************************************************************/
+static int
+xmlSecMSCryptoKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+                                xmlSecByte * out, xmlSecSize outSize,
+                                void * context) {
+    xmlSecMSCryptoKWAesCtxPtr ctx = (xmlSecMSCryptoKWAesCtxPtr)context;
+    HCRYPTKEY cryptKey = 0;
+    DWORD dwCLen;
+
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->pubPrivKey != 0, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
+
+    /* Import this key and get an HCRYPTKEY handle, we do it again and again 
+       to ensure we don't go into CBC mode */
+    if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
+        ctx->pubPrivKey,
+        ctx->algorithmIdentifier,
+        xmlSecBufferGetData(&ctx->keyBuffer),
+        xmlSecBufferGetSize(&ctx->keyBuffer),
+        TRUE,
+        &cryptKey))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecAssert2(cryptKey != 0, -1);
+
+    /* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
+     * can be skipped. I hope this will work .... */
+    if(out != in) {
+        memcpy(out, in, inSize);
+    }
+    dwCLen = inSize;
+    if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, outSize)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptEncrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);    
+        return(-1);
+    }
+
+    /* cleanup */
+    CryptDestroyKey(cryptKey);    
+    return(dwCLen);
+}
+
+static int
+xmlSecMSCryptoKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+                                xmlSecByte * out, xmlSecSize outSize,
+                                void * context) {
+    xmlSecMSCryptoKWAesCtxPtr ctx = (xmlSecMSCryptoKWAesCtxPtr)context;
+    HCRYPTKEY cryptKey = 0;
+    DWORD dwCLen;
+
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->pubPrivKey != 0, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&ctx->keyBuffer) == ctx->keySize, -1);
+
+    /* Import this key and get an HCRYPTKEY handle, we do it again and again 
+       to ensure we don't go into CBC mode */
+    if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->cryptProvider,
+        ctx->pubPrivKey,
+        ctx->algorithmIdentifier,
+        xmlSecBufferGetData(&ctx->keyBuffer),
+        xmlSecBufferGetSize(&ctx->keyBuffer),
+        TRUE,
+        &cryptKey))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecAssert2(cryptKey != 0, -1);
+
+    /* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
+     * can be skipped. I hope this will work .... */
+    if(out != in) {
+        memcpy(out, in, inSize);
+    }
+    dwCLen = inSize;
+    if(!CryptDecrypt(cryptKey, 0, FALSE, 0, out, &dwCLen)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptEncrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* cleanup */
+    CryptDestroyKey(cryptKey);
+    return(dwCLen);
+}
+
+/*********************************************************************
+ *
+ * AES KW cipher transforms
+ *
+ ********************************************************************/
+
+/*
+ * The AES-128 kew wrapper transform klass.
+ */
+static xmlSecTransformKlass xmlSecMSCryptoKWAes128Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoKWAesSize,              /* xmlSecSize objSize */
+
+    xmlSecNameKWAes128,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes128,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoKWAesInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoKWAesFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoKWAesSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoKWAesSetKey,                  /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoKWAesExecute,                 /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformKWAes128GetKlass:
+ *
+ * The AES-128 kew wrapper transform klass.
+ *
+ * Returns: AES-128 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformKWAes128GetKlass(void) {
+    return(&xmlSecMSCryptoKWAes128Klass);
+}
+
+
+/*
+ * The AES-192 kew wrapper transform klass.
+ */
+static xmlSecTransformKlass xmlSecMSCryptoKWAes192Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoKWAesSize,              /* xmlSecSize objSize */
+
+    xmlSecNameKWAes192,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes192,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoKWAesInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoKWAesFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoKWAesSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoKWAesSetKey,                  /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoKWAesExecute,                 /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformKWAes192GetKlass:
+ *
+ * The AES-192 kew wrapper transform klass.
+ *
+ * Returns: AES-192 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformKWAes192GetKlass(void) {
+    return(&xmlSecMSCryptoKWAes192Klass);
+}
+
+/*
+ * The AES-256 kew wrapper transform klass.
+ */
+static xmlSecTransformKlass xmlSecMSCryptoKWAes256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoKWAesSize,              /* xmlSecSize objSize */
+
+    xmlSecNameKWAes256,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes256,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoKWAesInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoKWAesFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoKWAesSetKeyReq,         /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoKWAesSetKey,                  /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                           /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoKWAesExecute,                 /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformKWAes256GetKlass:
+ *
+ * The AES-256 kew wrapper transform klass.
+ *
+ * Returns: AES-256 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformKWAes256GetKlass(void) {
+    return(&xmlSecMSCryptoKWAes256Klass);
+}
+
+#endif /* XMLSEC_NO_AES */
diff --git a/src/mscrypto/kw_des.c b/src/mscrypto/kw_des.c
new file mode 100644
index 00000000..6ef356d4
--- /dev/null
+++ b/src/mscrypto/kw_des.c
@@ -0,0 +1,730 @@
+/**
+ *
+ * XMLSec library
+ *
+ * DES Algorithm support
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ */
+#ifndef XMLSEC_NO_DES
+#include "globals.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <windows.h>
+#include <wincrypt.h>
+
+#include <xmlsec/xmlsec.h>
+#include <xmlsec/xmltree.h>
+#include <xmlsec/keys.h>
+#include <xmlsec/transforms.h>
+#include <xmlsec/errors.h>
+
+#include <xmlsec/mscrypto/crypto.h>
+
+#include "../kw_aes_des.h"
+#include "private.h"
+
+
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int       xmlSecMSCryptoKWDes3GenerateRandom               (void * context,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int       xmlSecMSCryptoKWDes3Sha1                         (void * context,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize, 
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecMSCryptoKWDes3BlockEncrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecMSCryptoKWDes3BlockDecrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+
+static xmlSecKWDes3Klass xmlSecMSCryptoKWDes3ImplKlass = {
+    /* callbacks */
+    xmlSecMSCryptoKWDes3GenerateRandom,       /* xmlSecKWDes3GenerateRandomMethod     generateRandom; */
+    xmlSecMSCryptoKWDes3Sha1,                 /* xmlSecKWDes3Sha1Method               sha1; */
+    xmlSecMSCryptoKWDes3BlockEncrypt,         /* xmlSecKWDes3BlockEncryptMethod       encrypt; */
+    xmlSecMSCryptoKWDes3BlockDecrypt,         /* xmlSecKWDes3BlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL,                                   /* void*                               reserved1; */
+}; 
+
+/*********************************************************************
+ *
+ * Triple DES Key Wrap transform
+ *
+ * key (xmlSecBuffer) is located after xmlSecTransform structure
+ *
+ ********************************************************************/
+typedef struct _xmlSecMSCryptoKWDes3Ctx              xmlSecMSCryptoKWDes3Ctx,
+                                                  *xmlSecMSCryptoKWDes3CtxPtr;
+struct _xmlSecMSCryptoKWDes3Ctx {
+    ALG_ID                              desAlgorithmIdentifier;
+    const xmlSecMSCryptoProviderInfo  * desProviders;
+    ALG_ID                              sha1AlgorithmIdentifier;
+    const xmlSecMSCryptoProviderInfo  * sha1Providers;
+    xmlSecKeyDataId                     keyId;
+    xmlSecSize                          keySize;
+
+    HCRYPTPROV                          desCryptProvider;
+    HCRYPTPROV                          sha1CryptProvider;
+    HCRYPTKEY                           pubPrivKey;
+    xmlSecBuffer                        keyBuffer;
+};
+#define xmlSecMSCryptoKWDes3Size     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoKWDes3Ctx))
+#define xmlSecMSCryptoKWDes3GetCtx(transform) \
+    ((xmlSecMSCryptoKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecMSCryptoKWDes3Initialize                   (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoKWDes3Finalize                     (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoKWDes3SetKeyReq                    (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoKWDes3SetKey                       (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecMSCryptoKWDes3Execute                      (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static xmlSecTransformKlass xmlSecMSCryptoKWDes3Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoKWDes3Size,                   /* xmlSecSize objSize */
+
+    xmlSecNameKWDes3,                           /* const xmlChar* name; */
+    xmlSecHrefKWDes3,                           /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecMSCryptoKWDes3Initialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoKWDes3Finalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoKWDes3SetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecMSCryptoKWDes3SetKey,                 /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoKWDes3Execute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformKWDes3GetKlass:
+ *
+ * The Triple DES key wrapper transform klass.
+ *
+ * Returns: Triple DES key wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformKWDes3GetKlass(void) {
+    return(&xmlSecMSCryptoKWDes3Klass);
+}
+
+/* Ordered list of providers to search for algorithm implementation using
+ * xmlSecMSCryptoFindProvider() function
+ *
+ * MUST END with { NULL, 0 } !!!
+ */
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Des[] = {
+    { MS_STRONG_PROV,               PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,             PROV_RSA_FULL },
+    { NULL, 0 }
+};
+static xmlSecMSCryptoProviderInfo xmlSecMSCryptoProviderInfo_Sha1[] = {
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV,                PROV_RSA_AES},
+    { XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE,      PROV_RSA_AES },
+    { MS_STRONG_PROV,                                   PROV_RSA_FULL },
+    { MS_ENHANCED_PROV,                                 PROV_RSA_FULL },
+    { MS_DEF_PROV,                                      PROV_RSA_FULL },
+    { NULL, 0 }
+};
+
+
+static int
+xmlSecMSCryptoKWDes3Initialize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
+
+    ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    memset(ctx, 0, sizeof(xmlSecMSCryptoKWDes3Ctx));
+
+    if(transform->id == xmlSecMSCryptoTransformKWDes3Id) {
+        ctx->desAlgorithmIdentifier  = CALG_3DES;
+        ctx->desProviders            = xmlSecMSCryptoProviderInfo_Des;
+        ctx->sha1AlgorithmIdentifier = CALG_SHA1;
+        ctx->sha1Providers           = xmlSecMSCryptoProviderInfo_Sha1;
+        ctx->keyId                   = xmlSecMSCryptoKeyDataDesId;
+        ctx->keySize                 = XMLSEC_KW_DES3_KEY_LENGTH;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+            NULL,
+            XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* find providers */
+    ctx->desCryptProvider = xmlSecMSCryptoFindProvider(ctx->desProviders, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->desCryptProvider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoFindProvider(des)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    ctx->sha1CryptProvider = xmlSecMSCryptoFindProvider(ctx->sha1Providers, NULL, CRYPT_VERIFYCONTEXT, TRUE);
+    if(ctx->sha1CryptProvider == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoFindProvider(sha1)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    /* Create dummy key to be able to import plain session keys */
+    if (!xmlSecMSCryptoCreatePrivateExponentOneKey(ctx->desCryptProvider, &(ctx->pubPrivKey))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoCreatePrivateExponentOneKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        return(-1);
+    }
+
+    return(0);
+}
+
+static void
+xmlSecMSCryptoKWDes3Finalize(xmlSecTransformPtr transform) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx;
+
+    xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id));
+    xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size));
+
+    ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    if (ctx->pubPrivKey) {
+        CryptDestroyKey(ctx->pubPrivKey);
+    }
+    if (ctx->desCryptProvider) {
+        CryptReleaseContext(ctx->desCryptProvider, 0);
+    }
+    if (ctx->sha1CryptProvider) {
+        CryptReleaseContext(ctx->sha1CryptProvider, 0);
+    }
+    
+    xmlSecBufferFinalize(&ctx->keyBuffer);
+
+    memset(ctx, 0, sizeof(xmlSecMSCryptoKWDes3Ctx));
+}
+
+static int
+xmlSecMSCryptoKWDes3SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
+    xmlSecAssert2(keyReq != NULL, -1);
+
+    ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId       = xmlSecMSCryptoKeyDataDesId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
+    if(transform->operation == xmlSecTransformOperationEncrypt) {
+        keyReq->keyUsage= xmlSecKeyUsageEncrypt;
+    } else {
+        keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+    }
+    keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
+    return(0);
+}
+
+static int
+xmlSecMSCryptoKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx;
+    xmlSecBufferPtr buffer;
+    xmlSecSize keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
+    xmlSecAssert2(key != NULL, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecMSCryptoKeyDataDesId), -1);
+
+    ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
+    xmlSecAssert2(buffer != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(buffer);
+    if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key length %d is not enough (%d expected)",
+                    keySize, XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
+    }
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
+    }
+
+    return(0);
+}
+
+static int
+xmlSecMSCryptoKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize, keySize;
+    int ret;
+
+    xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformKWDes3Id), -1);
+    xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
+    xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoKWDes3Size), -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
+
+    ctx = xmlSecMSCryptoKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
+
+    in = &(transform->inBuf);
+    out = &(transform->outBuf);
+    inSize = xmlSecBufferGetSize(in);
+    outSize = xmlSecBufferGetSize(out);
+    xmlSecAssert2(outSize == 0, -1);
+
+    if(transform->status == xmlSecTransformStatusNone) {
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
+    if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
+        /* just do nothing */
+    } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
+        if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "%d bytes - not %d bytes aligned",
+                        inSize, XMLSEC_KW_DES3_BLOCK_LENGTH);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 16 bytes longer plus one block just in case */
+            outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH;
+        } else {
+            /* just in case, add a block */
+            outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWDes3Encode(&xmlSecMSCryptoKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Encode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWDes3Decode(&xmlSecMSCryptoKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Decode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
+    } else if(transform->status == xmlSecTransformStatusFinished) {
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
+    }
+    return(0);
+}
+
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int
+xmlSecMSCryptoKWDes3Sha1(void * context,
+                       const xmlSecByte * in, xmlSecSize inSize, 
+                       xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+    HCRYPTHASH mscHash = 0;
+    DWORD retLen;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->sha1CryptProvider != 0, -1);
+    xmlSecAssert2(ctx->sha1AlgorithmIdentifier != 0, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    /* create */
+    ret = CryptCreateHash(ctx->sha1CryptProvider,
+        ctx->sha1AlgorithmIdentifier,
+        0,
+        0,
+        &mscHash);
+    if((ret == 0) || (mscHash == 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptCreateHash",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* hash */
+    ret = CryptHashData(mscHash,
+        in, 
+        inSize,
+        0);
+    if(ret == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptHashData",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", inSize);
+        CryptDestroyHash(mscHash);
+        return(-1);
+    }
+
+    /* get results */
+    retLen = outSize;
+    ret = CryptGetHashParam(mscHash,
+        HP_HASHVAL,
+        out,
+        &retLen,
+        0);
+    if (ret == 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetHashParam(HP_HASHVAL)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize);
+        CryptDestroyHash(mscHash);
+        return(-1);
+    }
+
+    /* done */
+    CryptDestroyHash(mscHash);
+    return(retLen);
+}
+
+static int
+xmlSecMSCryptoKWDes3GenerateRandom(void * context,
+                                   xmlSecByte * out, xmlSecSize outSize) 
+{
+    xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(ctx->desCryptProvider != 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    if(!CryptGenRandom(ctx->desCryptProvider, outSize, out)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGenRandom",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "len=%d", outSize);
+        return(-1);
+    }
+
+    return((int)outSize);
+}
+
+static int
+xmlSecMSCryptoKWDes3BlockEncrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+    DWORD dwBlockLen, dwBlockLenLen, dwCLen;
+    HCRYPTKEY cryptKey = 0;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    /* Import this key and get an HCRYPTKEY handle, we do it again and again 
+       to ensure we don't go into CBC mode */
+    if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->desCryptProvider,
+        ctx->pubPrivKey,
+        ctx->desAlgorithmIdentifier,
+        xmlSecBufferGetData(&ctx->keyBuffer),
+        xmlSecBufferGetSize(&ctx->keyBuffer),
+        TRUE,
+        &cryptKey))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecAssert2(cryptKey != 0, -1);
+
+    /* iv len == block len */
+    dwBlockLenLen = sizeof(DWORD);
+    if (!CryptGetKeyParam(cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* set IV */
+    if((ivSize < dwBlockLen / 8) || (!CryptSetKeyParam(cryptKey, KP_IV, iv, 0))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptSetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "ivSize=%d, dwBlockLen=%d", 
+                    ivSize, dwBlockLen / 8);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
+     * can be skipped. I hope this will work .... */
+    if(out != in) {
+        memcpy(out, in, inSize);
+    }
+    dwCLen = inSize;
+    if(!CryptEncrypt(cryptKey, 0, FALSE, 0, out, &dwCLen, outSize)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptEncrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* cleanup */
+    CryptDestroyKey(cryptKey);
+    return(dwCLen);
+}
+
+static int
+xmlSecMSCryptoKWDes3BlockDecrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecMSCryptoKWDes3CtxPtr ctx = (xmlSecMSCryptoKWDes3CtxPtr)context;
+    DWORD dwBlockLen, dwBlockLenLen, dwCLen;
+    HCRYPTKEY cryptKey = 0;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    /* Import this key and get an HCRYPTKEY handle, we do it again and again 
+       to ensure we don't go into CBC mode */
+    if (!xmlSecMSCryptoImportPlainSessionBlob(ctx->desCryptProvider,
+        ctx->pubPrivKey,
+        ctx->desAlgorithmIdentifier,
+        xmlSecBufferGetData(&ctx->keyBuffer),
+        xmlSecBufferGetSize(&ctx->keyBuffer),
+        TRUE,
+        &cryptKey))  {
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoImportPlainSessionBlob",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    xmlSecAssert2(cryptKey != 0, -1);
+
+    /* iv len == block len */
+    dwBlockLenLen = sizeof(DWORD);
+    if (!CryptGetKeyParam(cryptKey, KP_BLOCKLEN, (BYTE *)&dwBlockLen, &dwBlockLenLen, 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* set IV */
+    if((ivSize < dwBlockLen / 8) || (!CryptSetKeyParam(cryptKey, KP_IV, iv, 0))) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptSetKeyParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "ivSize=%d, dwBlockLen=%d", 
+                    ivSize, dwBlockLen / 8);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* Set process last block to false, since we handle padding ourselves, and MSCrypto padding
+     * can be skipped. I hope this will work .... */
+    if(out != in) {
+        memcpy(out, in, inSize);
+    }
+    dwCLen = inSize;
+    if(!CryptDecrypt(cryptKey, 0, FALSE, 0, out, &dwCLen)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptEncrypt",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CryptDestroyKey(cryptKey);
+        return(-1);
+    }
+
+    /* cleanup */
+    CryptDestroyKey(cryptKey);
+    return(dwCLen);
+}
+
+
+#endif /* XMLSEC_NO_DES */
+
diff --git a/src/mscrypto/mingw-crypt32.def b/src/mscrypto/mingw-crypt32.def
index 0857d558..4ba99b2f 100644
--- a/src/mscrypto/mingw-crypt32.def
+++ b/src/mscrypto/mingw-crypt32.def
@@ -19,11 +19,15 @@ IMPORTS
   CertGetCertificateChain@32			= crypt32.CertGetCertificateChain
   CertGetCertificateContextProperty@16		= crypt32.CertGetCertificateContextProperty
   CertGetNameStringA@24				= crypt32.CertGetNameStringA
+  CertGetNameStringW@24				= crypt32.CertGetNameStringW
   CertGetPublicKeyLength@8			= crypt32.CertGetPublicKeyLength
   CertNameToStrA@20				= crypt32.CertNameToStrA
+  CertNameToStrW@20				= crypt32.CertNameToStrW
   CertOpenStore@20				= crypt32.CertOpenStore
   CertOpenSystemStoreA@8			= crypt32.CertOpenSystemStoreA
+  CertOpenSystemStoreW@8			= crypt32.CertOpenSystemStoreW
   CertStrToNameA@28				= crypt32.CertStrToNameA
+  CertStrToNameW@28				= crypt32.CertStrToNameW
   CertVerifySubjectCertificateContext@12	= crypt32.CertVerifySubjectCertificateContext
   CryptAcquireCertificatePrivateKey@24		= crypt32.CryptAcquireCertificatePrivateKey
   CryptImportPublicKeyInfo@16			= crypt32.CryptImportPublicKeyInfo
diff --git a/src/mscrypto/private.h b/src/mscrypto/private.h
new file mode 100644
index 00000000..11479bff
--- /dev/null
+++ b/src/mscrypto/private.h
@@ -0,0 +1,130 @@
+/**
+ * XMLSec library
+ *
+ * THIS IS A PRIVATE XMLSEC HEADER FILE
+ * DON'T USE IT IN YOUR APPLICATION
+ *
+ * This is free software; see Copyright file in the source
+ * distribution for preciese wording.
+ *
+ * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
+ */
+#ifndef __XMLSEC_MSCRYPTO_PRIVATE_H__
+#define __XMLSEC_MSCRYPTO_PRIVATE_H__
+
+#ifndef XMLSEC_PRIVATE
+#error "private.h file contains private xmlsec definitions and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
+#if defined(__MINGW32__)
+#  include "xmlsec-mingw.h"
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+/********************************************************************
+ *
+ * Utils
+ *
+ ********************************************************************/
+int                ConvertEndian                    (const xmlSecByte * src, 
+                                                     xmlSecByte * dst, 
+                                                     xmlSecSize size);
+int                ConvertEndianInPlace             (xmlSecByte * buf, 
+                                                     xmlSecSize size);
+
+/********************************************************************
+ *
+ * Crypto Providers
+ *
+ ********************************************************************/
+
+/* We need to redefine both to ensure that we can pick the right one at runtime (instead of compile time) */
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_A     "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_W     L"Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+#ifdef UNICODE
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_W
+#else
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_PROTOTYPE_A
+#endif
+
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_A               "Microsoft Enhanced RSA and AES Cryptographic Provider"
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_W               L"Microsoft Enhanced RSA and AES Cryptographic Provider"
+#ifdef UNICODE
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_W
+#else
+#define XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV XMLSEC_CRYPTO_MS_ENH_RSA_AES_PROV_A
+#endif
+
+/**
+ * xmlSecMSCryptoProviderInfo:
+ *
+ * Contains information for looking up provider from MS Crypto.
+ */
+typedef struct _xmlSecMSCryptoProviderInfo {
+    LPCTSTR                 providerName;
+    DWORD                   providerType;
+} xmlSecMSCryptoProviderInfo;
+
+HCRYPTPROV         xmlSecMSCryptoFindProvider                   (const xmlSecMSCryptoProviderInfo * providers,
+                                                                 LPCTSTR pszContainer,
+                                                                 DWORD dwFlags,
+                                                                 BOOL bUseXmlSecContainer);
+
+
+/******************************************************************************
+ *
+ * SymKey Util functions
+ *
+ * Low level helper routines for importing plain text keys in MS HKEY handle,
+ * since MSCrypto API does not support import of plain text (session) keys
+ * just like that. These functions are based upon MS kb article #228786
+ * and "Base Provider Key BLOBs" article for priv key blob format.
+ *
+ ******************************************************************************/
+BOOL               xmlSecMSCryptoCreatePrivateExponentOneKey    (HCRYPTPROV hProv,
+                                                                 HCRYPTKEY *hPrivateKey);
+
+BOOL               xmlSecMSCryptoImportPlainSessionBlob         (HCRYPTPROV hProv,
+                                                                 HCRYPTKEY hPrivateKey,
+                                                                 ALG_ID dwAlgId,
+                                                                 LPBYTE pbKeyMaterial,
+                                                                 DWORD dwKeyMaterial,
+                                                                 BOOL bCheckKeyLength,
+                                                                 HCRYPTKEY *hSessionKey);
+
+/******************************************************************************
+ *
+ * X509 Util functions
+ *
+ ******************************************************************************/
+#ifndef XMLSEC_NO_X509
+PCCERT_CONTEXT     xmlSecMSCryptoX509FindCertBySubject          (HCERTSTORE store,
+                                                                 const LPTSTR wcSubject,
+                                                                 DWORD dwCertEncodingType);
+
+PCCERT_CONTEXT     xmlSecMSCryptoX509StoreFindCert              (xmlSecKeyDataStorePtr store,
+                                                                 xmlChar *subjectName,
+                                                                 xmlChar *issuerName,
+                                                                 xmlChar *issuerSerial,
+                                                                 xmlChar *ski,
+                                                                 xmlSecKeyInfoCtx* keyInfoCtx);
+
+xmlChar *          xmlSecMSCryptoX509GetNameString              (PCCERT_CONTEXT pCertContext,
+                                                                 DWORD dwType,
+                                                                 DWORD dwFlags,
+                                                                 void *pvTypePara);
+
+PCCERT_CONTEXT     xmlSecMSCryptoX509StoreVerify                (xmlSecKeyDataStorePtr store,
+                                                                 HCERTSTORE certs,
+                                                                 xmlSecKeyInfoCtx* keyInfoCtx);
+
+#endif /* XMLSEC_NO_X509 */
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __XMLSEC_MSCRYPTO_PRIVATE_H__ */
diff --git a/src/mscrypto/signatures.c b/src/mscrypto/signatures.c
index a567db7d..2c51f09a 100644
--- a/src/mscrypto/signatures.c
+++ b/src/mscrypto/signatures.c
@@ -1,12 +1,12 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
- * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).  
+ * Copyright (c) 2005-2006 Cryptocom LTD (http://www.cryptocom.ru).
  */
 #include "globals.h"
 
@@ -27,29 +27,23 @@
 #include <xmlsec/mscrypto/symbols.h>
 #include <xmlsec/mscrypto/certkeys.h>
 #include <xmlsec/mscrypto/x509.h>
+#include "private.h"
 
-/*FIXME: include header files*/
-extern HCRYPTPROV xmlSecMSCryptoKeyDataGetMSCryptoProvider(xmlSecKeyDataPtr data);
-extern DWORD xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(xmlSecKeyDataPtr data);
-
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
 
 /**************************************************************************
  *
  * Internal MSCrypto signatures ctx
  *
  *****************************************************************************/
-typedef struct _xmlSecMSCryptoSignatureCtx	xmlSecMSCryptoSignatureCtx, 
-						*xmlSecMSCryptoSignatureCtxPtr;
+typedef struct _xmlSecMSCryptoSignatureCtx      xmlSecMSCryptoSignatureCtx,
+                                                *xmlSecMSCryptoSignatureCtxPtr;
 struct _xmlSecMSCryptoSignatureCtx {
-    xmlSecKeyDataPtr	data;
-    ALG_ID		alg_id;
-    HCRYPTHASH		mscHash;
-    ALG_ID		digestAlgId;
-    xmlSecKeyDataId	keyId;
-};	    
+    xmlSecKeyDataPtr    data;
+    ALG_ID              alg_id;
+    HCRYPTHASH          mscHash;
+    ALG_ID              digestAlgId;
+    xmlSecKeyDataId     keyId;
+};
 
 /******************************************************************************
  *
@@ -58,46 +52,80 @@ struct _xmlSecMSCryptoSignatureCtx {
  * xmlSecMSCryptoSignatureCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecMSCryptoSignatureSize	\
+#define xmlSecMSCryptoSignatureSize     \
     (sizeof(xmlSecTransform) + sizeof(xmlSecMSCryptoSignatureCtx))
 #define xmlSecMSCryptoSignatureGetCtx(transform) \
     ((xmlSecMSCryptoSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecMSCryptoSignatureCheckId		(xmlSecTransformPtr transform);
-static int	xmlSecMSCryptoSignatureInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecMSCryptoSignatureFinalize		(xmlSecTransformPtr transform);
-static int	xmlSecMSCryptoSignatureSetKeyReq	(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int	xmlSecMSCryptoSignatureSetKey		(xmlSecTransformPtr transform,
-							 xmlSecKeyPtr key);
-static int	xmlSecMSCryptoSignatureVerify		(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data,
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecMSCryptoSignatureExecute		(xmlSecTransformPtr transform, 
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoSignatureCheckId          (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoSignatureInitialize       (xmlSecTransformPtr transform);
+static void     xmlSecMSCryptoSignatureFinalize         (xmlSecTransformPtr transform);
+static int      xmlSecMSCryptoSignatureSetKeyReq        (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecMSCryptoSignatureSetKey           (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecMSCryptoSignatureVerify           (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecMSCryptoSignatureExecute          (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 
 static int xmlSecMSCryptoSignatureCheckId(xmlSecTransformPtr transform) {
 
 #ifndef XMLSEC_NO_DSA
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id)) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaMd5Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
+       return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha384Id)) {
+       return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha512Id)) {
+       return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
 #ifndef XMLSEC_NO_GOST
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
-	return(1);
-    }
+        return(1);
+    } else
 #endif /* XMLSEC_NO_GOST*/
 
-#ifndef XMLSEC_NO_RSA
-    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
-	return(1);
+
+    /* not found */
+    {
+        return(0);
     }
-#endif /* XMLSEC_NO_RSA */
 
     return(0);
 }
@@ -111,36 +139,70 @@ static int xmlSecMSCryptoSignatureInitialize(xmlSecTransformPtr transform) {
     ctx = xmlSecMSCryptoSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    memset(ctx, 0, sizeof(xmlSecMSCryptoSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecMSCryptoSignatureCtx));
+
+
+#ifndef XMLSEC_NO_DSA
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id)) {
+        ctx->digestAlgId    = CALG_SHA1;
+        ctx->keyId          = xmlSecMSCryptoKeyDataDsaId;
+    } else
+#endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaMd5Id)) {
+        ctx->digestAlgId    = CALG_MD5;
+        ctx->keyId          = xmlSecMSCryptoKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
-	ctx->digestAlgId    = CALG_SHA1;
-	ctx->keyId	    = xmlSecMSCryptoKeyDataRsaId;
-    } else 
+        ctx->digestAlgId    = CALG_SHA1;
+        ctx->keyId          = xmlSecMSCryptoKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
+        ctx->digestAlgId    = CALG_SHA_256;
+        ctx->keyId          = xmlSecMSCryptoKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha384Id)) {
+        ctx->digestAlgId    = CALG_SHA_384;
+        ctx->keyId          = xmlSecMSCryptoKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha512Id)) {
+        ctx->digestAlgId    = CALG_SHA_512;
+        ctx->keyId          = xmlSecMSCryptoKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
 #endif /* XMLSEC_NO_RSA */
 
 #ifndef XMLSEC_NO_GOST
     if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
-	ctx->digestAlgId    = CALG_MAGPRO_HASH_R3411_94;
-	ctx->keyId	    = xmlSecMSCryptoKeyDataGost2001Id;
-    } else 
+        ctx->digestAlgId    = CALG_MAGPRO_HASH_R3411_94;
+        ctx->keyId          = xmlSecMSCryptoKeyDataGost2001Id;
+    } else
 #endif /* XMLSEC_NO_GOST*/
 
-#ifndef XMLSEC_NO_DSA
-    if(xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id)) {
-	ctx->digestAlgId    = CALG_SHA1;
-	ctx->keyId	    = xmlSecMSCryptoKeyDataDsaId;
-    } else 
-#endif /* XMLSEC_NO_DSA */
-
-    if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -156,15 +218,15 @@ static void xmlSecMSCryptoSignatureFinalize(xmlSecTransformPtr transform) {
     xmlSecAssert(ctx != NULL);
 
     if (ctx->mscHash) {
-	CryptDestroyHash(ctx->mscHash);
+        CryptDestroyHash(ctx->mscHash);
     }
 
     if (ctx->data != NULL)  {
-	xmlSecKeyDataDestroy(ctx->data);
-	ctx->data = NULL;
+        xmlSecKeyDataDestroy(ctx->data);
+        ctx->data = NULL;
     }
 
-    memset(ctx, 0, sizeof(xmlSecMSCryptoSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecMSCryptoSignatureCtx));
 }
 
 static int xmlSecMSCryptoSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
@@ -187,12 +249,12 @@ static int xmlSecMSCryptoSignatureSetKey(xmlSecTransformPtr transform, xmlSecKey
 
     ctx->data = xmlSecKeyDataDuplicate(value);
     if(ctx->data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecKeyDataDuplicate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecKeyDataDuplicate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -212,27 +274,26 @@ static int xmlSecMSCryptoSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSe
 
     keyReq->keyId        = ctx->keyId;
     if(transform->operation == xmlSecTransformOperationSign) {
-	keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageSign;
+        keyReq->keyType  = xmlSecKeyDataTypePrivate;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
     } else {
-	keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
+        keyReq->keyType  = xmlSecKeyDataTypePublic;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
     }
     return(0);
 }
 
-
-static int xmlSecMSCryptoSignatureVerify(xmlSecTransformPtr transform, 
-					 const xmlSecByte* data, 
-					 xmlSecSize dataSize,
-					 xmlSecTransformCtxPtr transformCtx) {
+static int xmlSecMSCryptoSignatureVerify(xmlSecTransformPtr transform,
+                                         const xmlSecByte* data,
+                                         xmlSecSize dataSize,
+                                         xmlSecTransformCtxPtr transformCtx) {
     xmlSecMSCryptoSignatureCtxPtr ctx;
     xmlSecBuffer tmp;
+    xmlSecByte *tmpBuf;
     HCRYPTKEY hKey;
     DWORD dwError;
-    BYTE *tmpBuf, *j, *k, *l, *m;
     int ret;
-    
+
     xmlSecAssert2(xmlSecMSCryptoSignatureCheckId(transform), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecMSCryptoSignatureSize), -1);
@@ -246,94 +307,120 @@ static int xmlSecMSCryptoSignatureVerify(xmlSecTransformPtr transform,
 
     ret = xmlSecBufferInitialize(&tmp, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataSize=%d", dataSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataSize=%d", dataSize);
+        return(-1);
     }
-    
+
     tmpBuf = xmlSecBufferGetData(&tmp);
     xmlSecAssert2(tmpBuf != NULL, -1);
-    
+
     /* Reverse the sig - Windows stores integers as octet streams in little endian
      * order.  The I2OSP algorithm used by XMLDSig to store integers is big endian */
-    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id)) {
-	j = (BYTE *)data;
-	k = (BYTE *)data + 20;
-	l = tmpBuf + 19;
-	m = tmpBuf + 39;
-	while (l >= tmpBuf) {
-    	    *l-- = *j++;
-	    *m-- = *k++;
-	}
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaMd5Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha384Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha512Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
+
+#ifndef XMLSEC_NO_DSA
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id) && (dataSize == 40)) {
+        ConvertEndian(data, tmpBuf, 20);
+        ConvertEndian(data + 20, tmpBuf + 20, 20);
+    } else
+#endif /*endif XMLSEC_NO_DSA */
+
 #ifndef XMLSEC_NO_GOST
-    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
-	j = (BYTE *)data;
-	l = tmpBuf + dataSize - 1;
-	while (l >= tmpBuf) {
-	    *l-- = *j++;
-	}
-#endif /*ndef XMLSEC_NO_GOST*/
-    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
-	j = (BYTE *)data;
-	l = tmpBuf + dataSize - 1;
-	while (l >= tmpBuf) {
-	    *l-- = *j++;
-	}
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "Invalid algo");
-	xmlSecBufferFinalize(&tmp);
-	return(-1);
+    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
+        ConvertEndian(data, tmpBuf, dataSize);
+    } else
+#endif /* XMLSEC_NO_GOST*/
+
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "Invalid algo");
+        xmlSecBufferFinalize(&tmp);
+        return(-1);
     }
 
     hKey = xmlSecMSCryptoKeyDataGetKey(ctx->data, xmlSecKeyDataTypePublic);
     if (hKey == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecMSCryptoKeyDataGetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&tmp);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecMSCryptoKeyDataGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&tmp);
+        return(-1);
     }
     if (!CryptVerifySignature(ctx->mscHash,
-			      tmpBuf,
-			      dataSize,
-			      hKey,
-			      NULL,
-			      0)) {
-	dwError = GetLastError();
-	if (NTE_BAD_SIGNATURE == dwError) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"CryptVerifySignature",
-			XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-			"signature do not match");
-	    transform->status = xmlSecTransformStatusFail;
-	    xmlSecBufferFinalize(&tmp);
-	    return(0);
-	} else {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"CryptVerifySignature",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecBufferFinalize(&tmp);
-	    return (-1);
-	}
+                              tmpBuf,
+                              dataSize,
+                              hKey,
+                              NULL,
+                              0)) {
+        dwError = GetLastError();
+        if (NTE_BAD_SIGNATURE == dwError) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "CryptVerifySignature",
+                        XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                        "signature do not match");
+            transform->status = xmlSecTransformStatusFail;
+            xmlSecBufferFinalize(&tmp);
+            return(0);
+        } else {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "CryptVerifySignature",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecBufferFinalize(&tmp);
+            return (-1);
+        }
     }
     xmlSecBufferFinalize(&tmp);
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+
+
+static int
 xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecMSCryptoSignatureCtxPtr ctx;
     HCRYPTPROV hProv;
@@ -342,7 +429,7 @@ xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra
     xmlSecSize inSize, outSize;
     int ret;
     DWORD dwSigLen;
-    BYTE *tmpBuf, *outBuf, *i, *j, *m, *n;
+    BYTE *tmpBuf, *outBuf;
 
     xmlSecAssert2(xmlSecMSCryptoSignatureCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
@@ -355,163 +442,186 @@ xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
 
     ctx = xmlSecMSCryptoSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->digestAlgId != 0, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlSecAssert2(outSize == 0, -1);
-
-	if (0 == (hProv = xmlSecMSCryptoKeyDataGetMSCryptoProvider(ctx->data))) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecMSCryptoKeyDataGetMSCryptoProvider",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return (-1);
-	}
-	if (!CryptCreateHash(hProv, ctx->digestAlgId, 0, 0, &(ctx->mscHash))) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CryptCreateHash",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	transform->status = xmlSecTransformStatusWorking;
+        xmlSecAssert2(outSize == 0, -1);
+
+        if (0 == (hProv = xmlSecMSCryptoKeyDataGetMSCryptoProvider(ctx->data))) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecMSCryptoKeyDataGetMSCryptoProvider",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return (-1);
+        }
+
+        if (!CryptCreateHash(hProv, ctx->digestAlgId, 0, 0, &(ctx->mscHash))) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptCreateHash",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
-	xmlSecAssert2(outSize == 0, -1);
-
-	if (!CryptHashData(ctx->mscHash, xmlSecBufferGetData(in), inSize, 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CryptHashData",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(outSize == 0, -1);
+
+        if (!CryptHashData(ctx->mscHash, xmlSecBufferGetData(in), inSize, 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptHashData",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	xmlSecBuffer tmp;
-
-	xmlSecAssert2(outSize == 0, -1);
-
-	if(transform->operation == xmlSecTransformOperationSign) {
-	    dwKeySpec = xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(ctx->data);
-	    if (!CryptSignHash(ctx->mscHash, dwKeySpec, NULL, 0, NULL, &dwSigLen)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptSignHash",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }	
-	    outSize = (xmlSecSize)dwSigLen;
-
-	    ret = xmlSecBufferInitialize(&tmp, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetMaxSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		return(-1);
-	    }
-	    tmpBuf = xmlSecBufferGetData(&tmp);
-	    xmlSecAssert2(tmpBuf != NULL, -1);
-
-	    if (!CryptSignHash(ctx->mscHash, dwKeySpec, NULL, 0, tmpBuf, &dwSigLen)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CryptSignHash",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecBufferFinalize(&tmp);
-		return(-1);
-	    }
-	    outSize = (xmlSecSize)dwSigLen;
-
-	    ret = xmlSecBufferSetSize(out, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		xmlSecBufferFinalize(&tmp);
-		return(-1);
-	    }
-	    outBuf = xmlSecBufferGetData(out);
-	    xmlSecAssert2(outBuf != NULL, -1);
-
-	    /* Now encode into a signature block,
-    	     * convert signature value to big endian */	    
-	    if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id)) {
-		i = tmpBuf;
-		j = tmpBuf + 20;
-		m = outBuf + 19;
-		n = outBuf + 39;
-		while (m >= outBuf) {
-		    *m-- = *i++;
-		    *n-- = *j++;
-		}
+        xmlSecBuffer tmp;
+
+        xmlSecAssert2(outSize == 0, -1);
+
+        if(transform->operation == xmlSecTransformOperationSign) {
+            dwKeySpec = xmlSecMSCryptoKeyDataGetMSCryptoKeySpec(ctx->data);
+            if (!CryptSignHash(ctx->mscHash, dwKeySpec, NULL, 0, NULL, &dwSigLen)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptSignHash",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = (xmlSecSize)dwSigLen;
+
+            ret = xmlSecBufferInitialize(&tmp, outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetMaxSize",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", outSize);
+                return(-1);
+            }
+            tmpBuf = xmlSecBufferGetData(&tmp);
+            xmlSecAssert2(tmpBuf != NULL, -1);
+
+            if (!CryptSignHash(ctx->mscHash, dwKeySpec, NULL, 0, tmpBuf, &dwSigLen)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CryptSignHash",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecBufferFinalize(&tmp);
+                return(-1);
+            }
+            outSize = (xmlSecSize)dwSigLen;
+
+            ret = xmlSecBufferSetSize(out, outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetSize",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", outSize);
+                xmlSecBufferFinalize(&tmp);
+                return(-1);
+            }
+            outBuf = xmlSecBufferGetData(out);
+            xmlSecAssert2(outBuf != NULL, -1);
+
+            /* Reverse the sig - Windows stores integers as octet streams in little endian
+             * order.  The I2OSP algorithm used by XMLDSig to store integers is big endian */
+#ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaMd5Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha256Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha384Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha512Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA*/
+
+#ifndef XMLSEC_NO_DSA
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformDsaSha1Id) && (outSize == 40)) {
+                ConvertEndian(tmpBuf, outBuf, 20);
+                ConvertEndian(tmpBuf + 20, outBuf + 20, 20);
+            } else
+#endif /* XMLSEC_NO_DSA*/
+
 #ifndef XMLSEC_NO_GOST
-    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
-		i = tmpBuf;
-		j = outBuf + dwSigLen - 1;
-
-		while (j >= outBuf) {
-		    *j-- = *i++;
-		}
-#endif /*ndef XMLSEC_NO_GOST*/
-	    } else if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformRsaSha1Id)) {
-		i = tmpBuf;
-		j = outBuf + dwSigLen - 1;
-
-		while (j >= outBuf) {
-		    *j-- = *i++;
-		}
-	    } else {
-		/* We shouldn't get at this place */
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    NULL,
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "Invalid algo");
-		xmlSecBufferFinalize(&tmp);
-		return(-1);
-	    }
-	    xmlSecBufferFinalize(&tmp);
-	}
-	transform->status = xmlSecTransformStatusFinished;
+            if (xmlSecTransformCheckId(transform, xmlSecMSCryptoTransformGost2001GostR3411_94Id)) {
+                ConvertEndian(tmpBuf, outBuf, outSize);
+            } else
+#endif /* XMLSEC_NO_GOST*/
+
+            {
+                /* We shouldn't get at this place */
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "Invalid algo");
+                xmlSecBufferFinalize(&tmp);
+                return(-1);
+            }
+            xmlSecBufferFinalize(&tmp);
+        }
+        transform->status = xmlSecTransformStatusFinished;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
 
     return(0);
@@ -519,6 +629,54 @@ xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra
 
 
 #ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+/****************************************************************************
+ *
+ * RSA-MD5 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoRsaMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaMd5,                          /* const xmlChar* name; */
+    xmlSecHrefRsaMd5,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaMd5GetKlass(void) {
+    return(&xmlSecMSCryptoRsaMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
 /****************************************************************************
  *
  * RSA-SHA1 signature transform
@@ -526,42 +684,181 @@ xmlSecMSCryptoSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTra
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecMSCryptoRsaSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecMSCryptoSignatureInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecMSCryptoSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecMSCryptoSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefRsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformRsaSha1GetKlass:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  *
  * Returns: RSA-SHA1 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformRsaSha1GetKlass(void) {
     return(&xmlSecMSCryptoRsaSha1Klass);
 }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * RSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoRsaSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,               /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha256,                       /* const xmlChar* name; */
+    xmlSecHrefRsaSha256,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,       /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,         /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,           /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,          /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,             /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,             /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,            /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaSha256GetKlass(void) {
+    return(&xmlSecMSCryptoRsaSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * RSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoRsaSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,               /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha384,                       /* const xmlChar* name; */
+    xmlSecHrefRsaSha384,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,       /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,         /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,           /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,          /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,             /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,             /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,            /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaSha384GetKlass(void) {
+    return(&xmlSecMSCryptoRsaSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * RSA-SHA2512 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecMSCryptoRsaSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),              /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,               /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha512,                       /* const xmlChar* name; */
+    xmlSecHrefRsaSha512,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,       /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,         /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,           /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                      /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,          /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,             /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,             /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,         /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,             /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,              /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                      /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                      /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,            /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                      /* void* reserved0; */
+    NULL,                                      /* void* reserved1; */
+};
+
+/**
+ * xmlSecMSCryptoTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecMSCryptoTransformRsaSha512GetKlass(void) {
+    return(&xmlSecMSCryptoRsaSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
 
 #endif /* XMLSEC_NO_RSA */
 
@@ -574,39 +871,39 @@ xmlSecMSCryptoTransformRsaSha1GetKlass(void) {
 
 static xmlSecTransformKlass xmlSecMSCryptoDsaSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoSignatureSize,	        /* xmlSecSize objSize */
-
-    xmlSecNameDsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefDsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecMSCryptoSignatureInitialize,	        /* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecMSCryptoSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecMSCryptoSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameDsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefDsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformDsaSha1GetKlass:
- * 
+ *
  * The DSA-SHA1 signature transform klass.
  *
  * Returns: DSA-SHA1 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformDsaSha1GetKlass(void) {
     return(&xmlSecMSCryptoDsaSha1Klass);
 }
@@ -622,39 +919,39 @@ xmlSecMSCryptoTransformDsaSha1GetKlass(void) {
 
 static xmlSecTransformKlass xmlSecMSCryptoGost2001GostR3411_94Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecMSCryptoSignatureSize,	        /* xmlSecSize objSize */
-
-    xmlSecNameGost2001GostR3411_94,				/* const xmlChar* name; */
-    xmlSecHrefGost2001GostR3411_94, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecMSCryptoSignatureInitialize,	        /* xmlSecTransformInitializeMethod initialize; */
-    xmlSecMSCryptoSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecMSCryptoSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecMSCryptoSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecMSCryptoSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecMSCryptoSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecMSCryptoSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameGost2001GostR3411_94,                             /* const xmlChar* name; */
+    xmlSecHrefGost2001GostR3411_94,                             /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecMSCryptoSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecMSCryptoSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecMSCryptoSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecMSCryptoSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecMSCryptoSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecMSCryptoSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass:
- * 
+ *
  * The GOST2001-GOSTR3411_94 signature transform klass.
  *
  * Returns: GOST2001-GOSTR3411_94 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecMSCryptoTransformGost2001GostR3411_94GetKlass(void) {
     return(&xmlSecMSCryptoGost2001GostR3411_94Klass);
 }
diff --git a/src/mscrypto/symkeys.c b/src/mscrypto/symkeys.c
index 371c52de..658a6d49 100644
--- a/src/mscrypto/symkeys.c
+++ b/src/mscrypto/symkeys.c
@@ -1,13 +1,13 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * DES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  */
 #include "globals.h"
 
@@ -26,45 +26,578 @@
 #include <xmlsec/errors.h>
 
 #include <xmlsec/mscrypto/crypto.h>
+#include "private.h"
 
 /*****************************************************************************
- * 
+ *
  * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
  *
  ****************************************************************************/
-static int	xmlSecMSCryptoSymKeyDataInitialize	(xmlSecKeyDataPtr data);
-static int	xmlSecMSCryptoSymKeyDataDuplicate	(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void	xmlSecMSCryptoSymKeyDataFinalize	(xmlSecKeyDataPtr data);
-static int	xmlSecMSCryptoSymKeyDataXmlRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecMSCryptoSymKeyDataXmlWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecMSCryptoSymKeyDataBinRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 const unsigned char* buf,
-							 size_t bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecMSCryptoSymKeyDataBinWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 unsigned char** buf,
-							 size_t* bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecMSCryptoSymKeyDataGenerate	(xmlSecKeyDataPtr data,
-							 size_t sizeBits,
-							 xmlSecKeyDataType type);
+static int      xmlSecMSCryptoSymKeyDataInitialize      (xmlSecKeyDataPtr data);
+static int      xmlSecMSCryptoSymKeyDataDuplicate       (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void     xmlSecMSCryptoSymKeyDataFinalize        (xmlSecKeyDataPtr data);
+static int      xmlSecMSCryptoSymKeyDataXmlRead         (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecMSCryptoSymKeyDataXmlWrite        (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecMSCryptoSymKeyDataBinRead         (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         const unsigned char* buf,
+                                                         xmlSecSize bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecMSCryptoSymKeyDataBinWrite        (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         unsigned char** buf,
+                                                         xmlSecSize* bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecMSCryptoSymKeyDataGenerate        (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
 
 static xmlSecKeyDataType xmlSecMSCryptoSymKeyDataGetType(xmlSecKeyDataPtr data);
-static size_t	xmlSecMSCryptoSymKeyDataGetSize		(xmlSecKeyDataPtr data);
-static void	xmlSecMSCryptoSymKeyDataDebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void	xmlSecMSCryptoSymKeyDataDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static int	xmlSecMSCryptoSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
+static xmlSecSize xmlSecMSCryptoSymKeyDataGetSize         (xmlSecKeyDataPtr data);
+static void     xmlSecMSCryptoSymKeyDataDebugDump       (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void     xmlSecMSCryptoSymKeyDataDebugXmlDump    (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static int      xmlSecMSCryptoSymKeyDataKlassCheck      (xmlSecKeyDataKlass* klass);
+
+/*
+ * GENERIC HELPER FUNCTIONS
+ */
+
+#define xmlSecMSCryptoSymKeyDataCheckId(data) \
+    (xmlSecKeyDataIsValid((data)) && \
+     xmlSecMSCryptoSymKeyDataKlassCheck((data)->id))
+
+static int
+xmlSecMSCryptoSymKeyDataInitialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), -1);
+
+    return(xmlSecKeyDataBinaryValueInitialize(data));
+}
+
+static int
+xmlSecMSCryptoSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(dst), -1);
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(src), -1);
+    xmlSecAssert2(dst->id == src->id, -1);
+
+    return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
+}
+
+static void
+xmlSecMSCryptoSymKeyDataFinalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueFinalize(data);
+}
+
+static int
+xmlSecMSCryptoSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                               xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
+}
+
+static int
+xmlSecMSCryptoSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
+}
+
+static int
+xmlSecMSCryptoSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                const unsigned char* buf, xmlSecSize bufSize,
+                                xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
+}
+
+static int
+xmlSecMSCryptoSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
+                                 unsigned char** buf, xmlSecSize* bufSize,
+                                 xmlSecKeyInfoCtxPtr keyInfoCtx) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
+
+    return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
+}
+
+static int
+xmlSecMSCryptoSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), -1);
+    xmlSecAssert2(sizeBits > 0, -1);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, -1);
+
+    return(xmlSecMSCryptoGenerateRandom(buffer, (sizeBits + 7) / 8));
+}
+
+static xmlSecKeyDataType
+xmlSecMSCryptoSymKeyDataGetType(xmlSecKeyDataPtr data) {
+    xmlSecBufferPtr buffer;
+
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
+
+    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
+    xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
+
+    return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
+}
+
+static xmlSecSize
+xmlSecMSCryptoSymKeyDataGetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), 0);
+
+    return(xmlSecKeyDataBinaryValueGetSize(data));
+}
+
+static void
+xmlSecMSCryptoSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueDebugDump(data, output);
+}
+
+static void
+xmlSecMSCryptoSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
+
+    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
+}
+
+static int
+xmlSecMSCryptoSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
+
+#ifndef XMLSEC_NO_DES
+    if(klass == xmlSecMSCryptoKeyDataDesId) {
+        return(1);
+    } else 
+#endif /* XMLSEC_NO_DES */
+
+#ifndef XMLSEC_NO_AES
+    if(klass == xmlSecMSCryptoKeyDataAesId) {
+                return(1);
+    } else
+#endif /* XMLSEC_NO_AES */
+
+#ifndef XMLSEC_NO_HMAC
+    if(klass == xmlSecMSCryptoKeyDataHmacId) {
+                return(1);
+    } else
+#endif /* XMLSEC_NO_HMAC */
+
+    {
+        return(0);
+    }
+
+    return(0);
+}
+
+
+/******************************************************************************
+ *
+ * Utils
+ *
+ * Low level helper routines for importing plain text keys in MS HKEY handle,
+ * since MSCrypto API does not support import of plain text (session) keys
+ * just like that. These functions are based upon MS kb article #228786
+ * and "Base Provider Key BLOBs" article for priv key blob format.
+ *
+ ******************************************************************************/
+BOOL
+xmlSecMSCryptoCreatePrivateExponentOneKey(HCRYPTPROV hProv, HCRYPTKEY *hPrivateKey)
+{
+    HCRYPTKEY hKey = 0;
+    LPBYTE keyBlob = NULL;
+    DWORD keyBlobLen;
+    PUBLICKEYSTRUC* pubKeyStruc;
+    RSAPUBKEY* rsaPubKey;
+    DWORD bitLen;
+    BYTE *ptr;
+    int n;
+    BOOL res = FALSE;
+
+    xmlSecAssert2(hProv != 0, FALSE);
+    xmlSecAssert2(hPrivateKey != NULL, FALSE);
+
+    /* just in case */
+    *hPrivateKey = 0;
+
+    /* Generate the private key */
+    if(!CryptGenKey(hProv, AT_KEYEXCHANGE, CRYPT_EXPORTABLE, &hKey)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGenKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    /* Export the private key, we'll convert it to a private exponent of one key */
+    if(!CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, NULL, &keyBlobLen)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    keyBlob = (LPBYTE)xmlMalloc(sizeof(BYTE) * keyBlobLen);
+    if(keyBlob == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    if(!CryptExportKey(hKey, 0, PRIVATEKEYBLOB, 0, keyBlob, &keyBlobLen)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    CryptDestroyKey(hKey);
+    hKey = 0;
+
+    /* Get the bit length of the key */
+    if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "len=%ld", keyBlobLen);
+        goto done;
+    }
+    pubKeyStruc = (PUBLICKEYSTRUC*)keyBlob;
+    if(pubKeyStruc->bVersion != 0x02) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bVersion=%d", pubKeyStruc->bVersion);
+        goto done;
+    }
+    if(pubKeyStruc->bType != PRIVATEKEYBLOB) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "pubKeyStruc->bType=%d", (int)pubKeyStruc->bType);
+        goto done;
+    }
+
+    /* aleksey: don't ask me why it is RSAPUBKEY, just don't ask */
+    rsaPubKey = (RSAPUBKEY*)(keyBlob + sizeof(PUBLICKEYSTRUC));
+
+    /* check that we have RSA private key */
+    if(rsaPubKey->magic != 0x32415352) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "rsaPubKey->magic=0x%08lx", rsaPubKey->magic);
+        goto done;
+    }
+    bitLen = rsaPubKey->bitlen;
+
+    /*  Modify the Exponent in Key BLOB format Key BLOB format is documented in SDK */
+    rsaPubKey->pubexp = 1;
+
+    /* Private-key BLOBs, type PRIVATEKEYBLOB, are used to store private keys outside a CSP.
+     * Base provider private-key BLOBs have the following format:
+     *
+     * PUBLICKEYSTRUC  publickeystruc ;
+     * RSAPUBKEY rsapubkey;
+     * BYTE modulus[rsapubkey.bitlen/8];                1/8
+     * BYTE prime1[rsapubkey.bitlen/16];                1/16
+     * BYTE prime2[rsapubkey.bitlen/16];                1/16
+     * BYTE exponent1[rsapubkey.bitlen/16];             1/16
+     * BYTE exponent2[rsapubkey.bitlen/16];             1/16
+     * BYTE coefficient[rsapubkey.bitlen/16];           1/16
+     * BYTE privateExponent[rsapubkey.bitlen/8];        1/8
+     */
+    if(keyBlobLen < sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + bitLen / 2 + bitLen / 16) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptExportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "len=%ld", keyBlobLen);
+        goto done;
+    }
+    ptr = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY));
+
+    /* Skip modulus, prime1, prime2 */
+    ptr += bitLen / 8;
+    ptr += bitLen / 16;
+    ptr += bitLen / 16;
+
+    /* Convert exponent1 to 1 */
+    for (n = 0; n < (bitLen / 16); n++) {
+        if (n == 0) ptr[n] = 1;
+        else ptr[n] = 0;
+    }
+    ptr += bitLen / 16;
+
+    /* Convert exponent2 to 1 */
+    for (n = 0; n < (bitLen / 16); n++) {
+        if (n == 0) ptr[n] = 1;
+        else ptr[n] = 0;
+    }
+    ptr += bitLen / 16;
+
+    /* Skip coefficient */
+    ptr += bitLen / 16;
+
+    /* Convert privateExponent to 1 */
+    for (n = 0; n < (bitLen / 16); n++) {
+        if (n == 0) ptr[n] = 1;
+        else ptr[n] = 0;
+    }
+
+    /* Import the exponent-of-one private key. */
+    if (!CryptImportKey(hProv, keyBlob, keyBlobLen, 0, 0, &hKey)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptImportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    (*hPrivateKey) = hKey;
+    hKey = 0;
+    res = TRUE;
+
+done:
+    if(keyBlob != NULL) {
+        xmlFree(keyBlob);
+    }
+    if (hKey != 0) {
+        CryptDestroyKey(hKey);
+    }
+
+    return res;
+}
+
+BOOL
+xmlSecMSCryptoImportPlainSessionBlob(HCRYPTPROV hProv, HCRYPTKEY hPrivateKey,
+                                     ALG_ID dwAlgId, LPBYTE pbKeyMaterial,
+                                     DWORD dwKeyMaterial, BOOL bCheckKeyLength,
+                                     HCRYPTKEY *hSessionKey) {
+    ALG_ID dwPrivKeyAlg;
+    LPBYTE keyBlob = NULL;
+    DWORD keyBlobLen, rndBlobSize, dwSize, n;
+    PUBLICKEYSTRUC* pubKeyStruc;
+    ALG_ID* algId;
+    DWORD dwPublicKeySize;
+    DWORD dwProvSessionKeySize = 0;
+    LPBYTE pbPtr;
+    DWORD dwFlags;
+    PROV_ENUMALGS_EX ProvEnum;
+    HCRYPTKEY hTempKey = 0;
+    BOOL fFound;
+    BOOL res = FALSE;
+
+    xmlSecAssert2(hProv != 0, FALSE);
+    xmlSecAssert2(hPrivateKey != 0, FALSE);
+    xmlSecAssert2(pbKeyMaterial != NULL, FALSE);
+    xmlSecAssert2(dwKeyMaterial > 0, FALSE);
+    xmlSecAssert2(hSessionKey != NULL, FALSE);
+
+    /*  Double check to see if this provider supports this algorithm and key size */
+    fFound = FALSE;
+    dwFlags = CRYPT_FIRST;
+    dwSize = sizeof(ProvEnum);
+    while(CryptGetProvParam(hProv, PP_ENUMALGS_EX, (LPBYTE)&ProvEnum, &dwSize, dwFlags)) {
+        if (ProvEnum.aiAlgid == dwAlgId) {
+            fFound = TRUE;
+            break;
+        }
+        dwSize = sizeof(ProvEnum);
+        dwFlags = 0;
+    }
+    if(!fFound) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetProvParam",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "algId=%d is not supported", dwAlgId);
+        goto done;
+    }
+
+    if(bCheckKeyLength) {
+        /* We have to get the key size(including padding) from an HCRYPTKEY handle.
+         * PP_ENUMALGS_EX contains the key size without the padding so we can't use it.
+         */
+        if(!CryptGenKey(hProv, dwAlgId, 0, &hTempKey)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptGenKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "algId=%d", dwAlgId);
+            goto done;
+        }
+
+        dwSize = sizeof(DWORD);
+        if(!CryptGetKeyParam(hTempKey, KP_KEYLEN, (LPBYTE)&dwProvSessionKeySize, &dwSize, 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CryptGetKeyParam(KP_KEYLEN)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "algId=%d", dwAlgId);
+            goto done;
+        }
+        CryptDestroyKey(hTempKey);
+        hTempKey = 0;
+
+        /* yell if key is too big */
+        if ((dwKeyMaterial * 8) > dwProvSessionKeySize) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "dwKeyMaterial=%ld;dwProvSessionKeySize=%ld",
+                        dwKeyMaterial, dwProvSessionKeySize);
+            goto done;
+        }
+    } else {
+        dwProvSessionKeySize = dwKeyMaterial * 8;
+    }
+
+    /* Get private key's algorithm */
+    dwSize = sizeof(ALG_ID);
+    if(!CryptGetKeyParam(hPrivateKey, KP_ALGID, (LPBYTE)&dwPrivKeyAlg, &dwSize, 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetKeyParam(KP_ALGID)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "algId=%d", dwAlgId);
+        goto done;
+    }
+
+    /* Get private key's length in bits */
+    dwSize = sizeof(DWORD);
+    if(!CryptGetKeyParam(hPrivateKey, KP_KEYLEN, (LPBYTE)&dwPublicKeySize, &dwSize, 0)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGetKeyParam(KP_KEYLEN)",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "algId=%d", dwAlgId);
+        goto done;
+    }
+
+    /* 3 is for the first reserved byte after the key material and the 2 reserved bytes at the end. */
+    if(dwPublicKeySize / 8 < dwKeyMaterial + 3) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "dwKeyMaterial=%ld;dwPublicKeySize=%ld",
+                    dwKeyMaterial, dwPublicKeySize);
+        goto done;
+    }
+    rndBlobSize = dwPublicKeySize / 8 - (dwKeyMaterial + 3);
+
+    /* Simple key BLOBs, type SIMPLEBLOB, are used to store and transport session keys outside a CSP.
+     * Base provider simple-key BLOBs are always encrypted with a key exchange public key. The pbData
+     * member of the SIMPLEBLOB is a sequence of bytes in the following format:
+     *
+     * PUBLICKEYSTRUC  publickeystruc ;
+     * ALG_ID algid;
+     * BYTE encryptedkey[rsapubkey.bitlen/8];
+     */
+
+    /* calculate Simple blob's length */
+    keyBlobLen = sizeof(PUBLICKEYSTRUC) + sizeof(ALG_ID) + (dwPublicKeySize / 8);
+
+    /* allocate simple blob buffer */
+    keyBlob = (LPBYTE)xmlMalloc(sizeof(BYTE) * keyBlobLen);
+    if(keyBlob == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    memset(keyBlob, 0, keyBlobLen);
+
+    /* initialize PUBLICKEYSTRUC */
+    pubKeyStruc             = (PUBLICKEYSTRUC*)(keyBlob);
+    pubKeyStruc->bType      = SIMPLEBLOB;
+    pubKeyStruc->bVersion   = 0x02;
+    pubKeyStruc->reserved   = 0;
+    pubKeyStruc->aiKeyAlg   = dwAlgId;
+
+    /* Copy private key algorithm to buffer */
+    algId                   = (ALG_ID*)(keyBlob + sizeof(PUBLICKEYSTRUC));
+    (*algId)                = dwPrivKeyAlg;
+
+    /* Place the key material in reverse order */
+    pbPtr                   = (BYTE*)(keyBlob + sizeof(PUBLICKEYSTRUC) + sizeof(ALG_ID));
+    for (n = 0; n < dwKeyMaterial; n++) {
+        pbPtr[n] = pbKeyMaterial[dwKeyMaterial - n - 1];
+    }
+    pbPtr += dwKeyMaterial;
+
+    /* skip reserved byte */
+    pbPtr += 1;
+
+    /* Generate random data for the rest of the buffer */
+    if((rndBlobSize > 0) && !CryptGenRandom(hProv, rndBlobSize, pbPtr)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptGenRandom",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "rndBlobSize=%ld", rndBlobSize);
+        goto done;
+    }
+    /* aleksey: why are we doing this? */
+    for (n = 0; n < rndBlobSize; n++) {
+        if (pbPtr[n] == 0) pbPtr[n] = 1;
+    }
+
+    /* set magic number at the end */
+    keyBlob[keyBlobLen - 2] = 2;
+
+    if(!CryptImportKey(hProv, keyBlob , keyBlobLen, hPrivateKey, CRYPT_EXPORTABLE, hSessionKey)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CryptImportKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "algId=%d", dwAlgId);
+        goto done;
+    }
+
+    /* success */
+    res = TRUE;
+
+done:
+    if(hTempKey != 0) {
+        CryptDestroyKey(hTempKey);
+    }
+    if(keyBlob != NULL) {
+        xmlFree(keyBlob);
+    }
+    return(res);
+}
 
 #ifndef XMLSEC_NO_AES
 /**************************************************************************
@@ -78,55 +611,55 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataAesKlass = {
 
     /* data */
     xmlSecNameAESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefAESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeAESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefAESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeAESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecMSCryptoSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecMSCryptoSymKeyDataInitialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoSymKeyDataDuplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoSymKeyDataFinalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecMSCryptoSymKeyDataGenerate,           /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecMSCryptoSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecMSCryptoSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecMSCryptoSymKeyDataGetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoSymKeyDataGetSize,            /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecMSCryptoSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecMSCryptoSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecMSCryptoSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecMSCryptoSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecMSCryptoSymKeyDataXmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoSymKeyDataXmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecMSCryptoSymKeyDataBinRead,            /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecMSCryptoSymKeyDataBinWrite,           /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecMSCryptoSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecMSCryptoSymKeyDataDebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoSymKeyDataDebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoKeyDataAesGetKlass:
- * 
+ *
  * The AES key data klass.
  *
  * Returns: AES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataAesGetKlass(void) {
     return(&xmlSecMSCryptoKeyDataAesKlass);
 }
 
 /**
  * xmlSecMSCryptoKeyDataAesSet:
- * @data:		the pointer to AES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to AES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of AES key data.
  *
@@ -135,14 +668,14 @@ xmlSecMSCryptoKeyDataAesGetKlass(void) {
 int
 xmlSecMSCryptoKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataAesId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 #endif /* XMLSEC_NO_AES */
@@ -159,175 +692,133 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataDesKlass = {
 
     /* data */
     xmlSecNameDESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-									/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeDESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecMSCryptoSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecMSCryptoSymKeyDataInitialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoSymKeyDataDuplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoSymKeyDataFinalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecMSCryptoSymKeyDataGenerate,           /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecMSCryptoSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecMSCryptoSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-	NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecMSCryptoSymKeyDataGetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoSymKeyDataGetSize,            /* xmlSecKeyDataGetSizeMethod getSize; */
+        NULL,                                   /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecMSCryptoSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecMSCryptoSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecMSCryptoSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecMSCryptoSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecMSCryptoSymKeyDataXmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoSymKeyDataXmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecMSCryptoSymKeyDataBinRead,            /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecMSCryptoSymKeyDataBinWrite,           /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecMSCryptoSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecMSCryptoSymKeyDataDebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoSymKeyDataDebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoKeyDataDesGetKlass:
- * 
+ *
  * The DES key data klass.
  *
  * Returns: DES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataDesGetKlass(void) {
     return(&xmlSecMSCryptoKeyDataDesKlass);
 }
 #endif /* XMLSEC_NO_DES */
 
-/*
- * GENERIC HELPER FUNCTIONS 
- */
-
-#define xmlSecMSCryptoSymKeyDataCheckId(data) \
-    (xmlSecKeyDataIsValid((data)) && \
-     xmlSecMSCryptoSymKeyDataKlassCheck((data)->id))
+#ifndef XMLSEC_NO_HMAC
+/**************************************************************************
+ *
+ * <xmlsec:HMACKeyValue> processing
+ *
+ *************************************************************************/
+static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataHmacKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecKeyDataBinarySize,
 
-static int
-xmlSecMSCryptoSymKeyDataInitialize(xmlSecKeyDataPtr data) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), -1);
-    
-    return(xmlSecKeyDataBinaryValueInitialize(data));
-}
+    /* data */
+    xmlSecNameHMACKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefHMACKeyValue,                     /* const xmlChar* href; */
+    xmlSecNodeHMACKeyValue,                     /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
 
-static int
-xmlSecMSCryptoSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(dst), -1);
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(src), -1);
-    xmlSecAssert2(dst->id == src->id, -1);
-        
-    return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
-}
+    /* constructors/destructor */
+    xmlSecMSCryptoSymKeyDataInitialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoSymKeyDataDuplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoSymKeyDataFinalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecMSCryptoSymKeyDataGenerate,           /* xmlSecKeyDataGenerateMethod generate; */
 
-static void
-xmlSecMSCryptoSymKeyDataFinalize(xmlSecKeyDataPtr data) {
-    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueFinalize(data);
-}
+    /* get info */
+    xmlSecMSCryptoSymKeyDataGetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecMSCryptoSymKeyDataGetSize,            /* xmlSecKeyDataGetSizeMethod getSize; */
+        NULL,                                   /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
-static int
-xmlSecMSCryptoSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			       xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
-}
+    /* read/write */
+    xmlSecMSCryptoSymKeyDataXmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoSymKeyDataXmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecMSCryptoSymKeyDataBinRead,            /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecMSCryptoSymKeyDataBinWrite,           /* xmlSecKeyDataBinWriteMethod binWrite; */
 
-static int 
-xmlSecMSCryptoSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
-}
+    /* debug */
+    xmlSecMSCryptoSymKeyDataDebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoSymKeyDataDebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
-static int
-xmlSecMSCryptoSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				const unsigned char* buf, size_t bufSize,
-				xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
-}
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
 
-static int
-xmlSecMSCryptoSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				 unsigned char** buf, size_t* bufSize,
-				 xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataKlassCheck(id), -1);
-    
-    return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
+/**
+ * xmlSecMSCryptoKeyDataHmacGetKlass:
+ *
+ * The HMAC key data klass.
+ *
+ * Returns: HMAC key data klass.
+ */
+xmlSecKeyDataId
+xmlSecMSCryptoKeyDataHmacGetKlass(void) {
+    return(&xmlSecMSCryptoKeyDataHmacKlass);
 }
 
-static int
-xmlSecMSCryptoSymKeyDataGenerate(xmlSecKeyDataPtr data, size_t sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+/**
+ * xmlSecMSCryptoKeyDataHmacSet:
+ * @data:               the pointer to HMAC key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
+ *
+ * Sets the value of HMAC key data.
+ *
+ * Returns: 0 on success or a negative value if an error occurs.
+ */
+int
+xmlSecMSCryptoKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
 
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), -1);
-    xmlSecAssert2(sizeBits > 0, -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataHmacId), -1);
+    xmlSecAssert2(buf != NULL, -1);
+    xmlSecAssert2(bufSize > 0, -1);
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
-    return(xmlSecMSCryptoGenerateRandom(buffer, (sizeBits + 7) / 8));
-}
-
-static xmlSecKeyDataType
-xmlSecMSCryptoSymKeyDataGetType(xmlSecKeyDataPtr data) {
-    xmlSecBufferPtr buffer;
-
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), xmlSecKeyDataTypeUnknown);
 
-    buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
-    xmlSecAssert2(buffer != NULL, xmlSecKeyDataTypeUnknown);
-
-    return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
-}
-
-static size_t 
-xmlSecMSCryptoSymKeyDataGetSize(xmlSecKeyDataPtr data) {
-    xmlSecAssert2(xmlSecMSCryptoSymKeyDataCheckId(data), 0);
-    
-    return(xmlSecKeyDataBinaryValueGetSize(data));
+    return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
-static void 
-xmlSecMSCryptoSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
-    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugDump(data, output);    
-}
 
-static void
-xmlSecMSCryptoSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
-    xmlSecAssert(xmlSecMSCryptoSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);    
-}
+#endif /* XMLSEC_NO_HMAC */
 
-static int 
-xmlSecMSCryptoSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {    
-#ifndef XMLSEC_NO_DES
-    if(klass == xmlSecMSCryptoKeyDataDesId) {
-	return(1);
-    }
-#endif /* XMLSEC_NO_DES */
 
-#ifndef XMLSEC_NO_AES
-    if(klass == xmlSecMSCryptoKeyDataAesId) {
-		return(1);
-    }
-#endif /* XMLSEC_NO_AES */
 
-    return(0);
-}
diff --git a/src/mscrypto/x509.c b/src/mscrypto/x509.c
index e065590e..5ae025f6 100644
--- a/src/mscrypto/x509.c
+++ b/src/mscrypto/x509.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,8 +6,8 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 
@@ -40,10 +40,7 @@
 #include <xmlsec/mscrypto/crypto.h>
 #include <xmlsec/mscrypto/x509.h>
 #include <xmlsec/mscrypto/certkeys.h>
-
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
+#include "private.h"
 
 
 /*************************************************************************
@@ -51,73 +48,73 @@
  * X509 utility functions
  *
  ************************************************************************/
-static int		xmlSecMSCryptoX509DataNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509CertificateNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509CertificateNodeWrite	(PCCERT_CONTEXT cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509SubjectNameNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509SubjectNameNodeWrite	(PCCERT_CONTEXT cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509IssuerSerialNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509IssuerSerialNodeWrite	(PCCERT_CONTEXT cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509SKINodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509SKINodeWrite		(PCCERT_CONTEXT cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509CRLNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoX509CRLNodeWrite		(PCCRL_CONTEXT crl,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, 
-								xmlSecKeyPtr key,
-								xmlSecKeyInfoCtxPtr keyInfoCtx);
-
-static PCCERT_CONTEXT	xmlSecMSCryptoX509CertDerRead		(const xmlSecByte* buf, 
-								 xmlSecSize size);
-static PCCERT_CONTEXT	xmlSecMSCryptoX509CertBase64DerRead	(xmlChar* buf);
-static xmlChar*		xmlSecMSCryptoX509CertBase64DerWrite	(PCCERT_CONTEXT cert, 
-								 int base64LineWrap);
-static PCCRL_CONTEXT	xmlSecMSCryptoX509CrlDerRead		(xmlSecByte* buf, 
-								 xmlSecSize size,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static PCCRL_CONTEXT xmlSecMSCryptoX509CrlBase64DerRead		(xmlChar* buf,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlChar*		xmlSecMSCryptoX509CrlBase64DerWrite	(PCCRL_CONTEXT crl, 
-								 int base64LineWrap);
-static xmlChar*		xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm);
-static int		xmlSecMSCryptoASN1IntegerWrite		(xmlNodePtr node,
-								 PCRYPT_INTEGER_BLOB num);
-static xmlChar*		xmlSecMSCryptoX509SKIWrite		(PCCERT_CONTEXT cert);
-static void		xmlSecMSCryptoX509CertDebugDump		(PCCERT_CONTEXT cert, 
-								 FILE* output);
-static void		xmlSecMSCryptoX509CertDebugXmlDump	(PCCERT_CONTEXT cert, 
-								 FILE* output);
-static int		xmlSecMSCryptoX509CertGetTime		(FILETIME t,
-								 time_t* res);
+static int              xmlSecMSCryptoX509DataNodeRead          (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509CertificateNodeRead   (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509CertificateNodeWrite  (PCCERT_CONTEXT cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509SubjectNameNodeRead   (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509SubjectNameNodeWrite  (PCCERT_CONTEXT cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509IssuerSerialNodeRead  (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509IssuerSerialNodeWrite (PCCERT_CONTEXT cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509SKINodeRead           (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509SKINodeWrite          (PCCERT_CONTEXT cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509CRLNodeRead           (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoX509CRLNodeWrite          (PCCRL_CONTEXT crl,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
+                                                                xmlSecKeyPtr key,
+                                                                xmlSecKeyInfoCtxPtr keyInfoCtx);
+
+static PCCERT_CONTEXT   xmlSecMSCryptoX509CertDerRead           (const xmlSecByte* buf,
+                                                                 xmlSecSize size);
+static PCCERT_CONTEXT   xmlSecMSCryptoX509CertBase64DerRead     (xmlChar* buf);
+static xmlChar*         xmlSecMSCryptoX509CertBase64DerWrite    (PCCERT_CONTEXT cert,
+                                                                 int base64LineWrap);
+static PCCRL_CONTEXT    xmlSecMSCryptoX509CrlDerRead            (xmlSecByte* buf,
+                                                                 xmlSecSize size,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static PCCRL_CONTEXT xmlSecMSCryptoX509CrlBase64DerRead         (xmlChar* buf,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlChar*         xmlSecMSCryptoX509CrlBase64DerWrite     (PCCRL_CONTEXT crl,
+                                                                 int base64LineWrap);
+static xmlChar*         xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm);
+static int              xmlSecMSCryptoASN1IntegerWrite          (xmlNodePtr node,
+                                                                 PCRYPT_INTEGER_BLOB num);
+static xmlChar*         xmlSecMSCryptoX509SKIWrite              (PCCERT_CONTEXT cert);
+static void             xmlSecMSCryptoX509CertDebugDump         (PCCERT_CONTEXT cert,
+                                                                 FILE* output);
+static void             xmlSecMSCryptoX509CertDebugXmlDump      (PCCERT_CONTEXT cert,
+                                                                 FILE* output);
+static int              xmlSecMSCryptoX509CertGetTime           (FILETIME t,
+                                                                 time_t* res);
 
 /*************************************************************************
  *
  * Internal MSCrypto X509 data CTX
  *
  ************************************************************************/
-typedef struct _xmlSecMSCryptoX509DataCtx	xmlSecMSCryptoX509DataCtx,
-						*xmlSecMSCryptoX509DataCtxPtr;
+typedef struct _xmlSecMSCryptoX509DataCtx       xmlSecMSCryptoX509DataCtx,
+                                                *xmlSecMSCryptoX509DataCtxPtr;
 
 struct _xmlSecMSCryptoX509DataCtx {
     PCCERT_CONTEXT  keyCert;
@@ -134,52 +131,52 @@ struct _xmlSecMSCryptoX509DataCtx {
  *
  * The X509Data  Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
  *
- * An X509Data element within KeyInfo contains one or more identifiers of keys 
- * or X509 certificates (or certificates' identifiers or a revocation list). 
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
+ * or X509 certificates (or certificates' identifiers or a revocation list).
  * The content of X509Data is:
  *
  *  1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
  *  2.
- *    * The X509IssuerSerial element, which contains an X.509 issuer 
- *	distinguished name/serial number pair that SHOULD be compliant 
- *	with RFC2253 [LDAP-DN],
- *    * The X509SubjectName element, which contains an X.509 subject 
- *	distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- *    * The X509SKI element, which contains the base64 encoded plain (i.e. 
- *	non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- *    * The X509Certificate element, which contains a base64-encoded [X509v3] 
- *	certificate, and
- *    * Elements from an external namespace which accompanies/complements any 
- *	of the elements above.
- *    * The X509CRL element, which contains a base64-encoded certificate 
- *	revocation list (CRL) [X509v3].
+ *    * The X509IssuerSerial element, which contains an X.509 issuer
+ *      distinguished name/serial number pair that SHOULD be compliant
+ *      with RFC2253 [LDAP-DN],
+ *    * The X509SubjectName element, which contains an X.509 subject
+ *      distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
+ *    * The X509SKI element, which contains the base64 encoded plain (i.e.
+ *      non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
+ *    * The X509Certificate element, which contains a base64-encoded [X509v3]
+ *      certificate, and
+ *    * Elements from an external namespace which accompanies/complements any
+ *      of the elements above.
+ *    * The X509CRL element, which contains a base64-encoded certificate
+ *      revocation list (CRL) [X509v3].
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
  * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be 
- * grouped inside a single X509Data element and if the certificate to which 
+ * All such elements that refer to a particular individual certificate MUST be
+ * grouped inside a single X509Data element and if the certificate to which
  * they refer appears, it MUST also be in that X509Data element.
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to 
- * the same key but different certificates MUST be grouped within a single 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
+ * the same key but different certificates MUST be grouped within a single
  * KeyInfo but MAY occur in multiple X509Data elements.
  *
- * All certificates appearing in an X509Data element MUST relate to the 
- * validation key by either containing it or being part of a certification 
+ * All certificates appearing in an X509Data element MUST relate to the
+ * validation key by either containing it or being part of a certification
  * chain that terminates in a certificate containing the validation key.
  *
  * No ordering is implied by the above constraints.
  *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of 
- * certificates or CRLs. However, a set of certificates and CRLs can occur 
- * within an X509Data element and multiple X509Data elements can occur in a 
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at 
- * least one such certificate must contain the public key which verifies the 
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
+ * within an X509Data element and multiple X509Data elements can occur in a
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
+ * least one such certificate must contain the public key which verifies the
  * signature.
  *
  * Schema Definition
  *
- *  <element name="X509Data" type="ds:X509DataType"/> 
+ *  <element name="X509Data" type="ds:X509DataType"/>
  *  <complexType name="X509DataType">
  *    <sequence maxOccurs="unbounded">
  *      <choice>
@@ -192,10 +189,10 @@ struct _xmlSecMSCryptoX509DataCtx {
  *      </choice>
  *    </sequence>
  *  </complexType>
- *  <complexType name="X509IssuerSerialType"> 
- *    <sequence> 
- *       <element name="X509IssuerName" type="string"/> 
- *       <element name="X509SerialNumber" type="integer"/> 
+ *  <complexType name="X509IssuerSerialType">
+ *    <sequence>
+ *       <element name="X509IssuerName" type="string"/>
+ *       <element name="X509SerialNumber" type="integer"/>
  *     </sequence>
  *  </complexType>
  *
@@ -216,30 +213,30 @@ struct _xmlSecMSCryptoX509DataCtx {
  * xmlSecMSCryptoX509DataCtx is located after xmlSecTransform
  *
  *************************************************************************/
-#define xmlSecMSCryptoX509DataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoX509DataCtx))	
+#define xmlSecMSCryptoX509DataSize      \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecMSCryptoX509DataCtx))
 #define xmlSecMSCryptoX509DataGetCtx(data) \
     ((xmlSecMSCryptoX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
-static int		xmlSecMSCryptoKeyDataX509Initialize	(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataX509Duplicate	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
-static void		xmlSecMSCryptoKeyDataX509Finalize	(xmlSecKeyDataPtr data);
-static int		xmlSecMSCryptoKeyDataX509XmlRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecMSCryptoKeyDataX509XmlWrite	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlSecKeyDataType xmlSecMSCryptoKeyDataX509GetType	(xmlSecKeyDataPtr data);
-static const xmlChar* xmlSecMSCryptoKeyDataX509GetIdentifier	(xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataX509Initialize     (xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataX509Duplicate      (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecMSCryptoKeyDataX509Finalize       (xmlSecKeyDataPtr data);
+static int              xmlSecMSCryptoKeyDataX509XmlRead        (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataX509XmlWrite       (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyDataType xmlSecMSCryptoKeyDataX509GetType       (xmlSecKeyDataPtr data);
+static const xmlChar* xmlSecMSCryptoKeyDataX509GetIdentifier    (xmlSecKeyDataPtr data);
 
-static void		xmlSecMSCryptoKeyDataX509DebugDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
-static void		xmlSecMSCryptoKeyDataX509DebugXmlDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
+static void             xmlSecMSCryptoKeyDataX509DebugDump      (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecMSCryptoKeyDataX509DebugXmlDump   (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
 
 
 
@@ -249,55 +246,55 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataX509Klass = {
 
     /* data */
     xmlSecNameX509Data,
-    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefX509Data,				/* const xmlChar* href; */
-    xmlSecNodeX509Data,				/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefX509Data,                         /* const xmlChar* href; */
+    xmlSecNodeX509Data,                         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecMSCryptoKeyDataX509Initialize,	/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecMSCryptoKeyDataX509Duplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecMSCryptoKeyDataX509Finalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    xmlSecMSCryptoKeyDataX509Initialize,        /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecMSCryptoKeyDataX509Duplicate,         /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecMSCryptoKeyDataX509Finalize,          /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    xmlSecMSCryptoKeyDataX509GetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    xmlSecMSCryptoKeyDataX509GetIdentifier,	/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecMSCryptoKeyDataX509GetType,           /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    xmlSecMSCryptoKeyDataX509GetIdentifier,     /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecMSCryptoKeyDataX509XmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecMSCryptoKeyDataX509XmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecMSCryptoKeyDataX509XmlRead,           /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecMSCryptoKeyDataX509XmlWrite,          /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecMSCryptoKeyDataX509DebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecMSCryptoKeyDataX509DebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecMSCryptoKeyDataX509DebugDump,         /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecMSCryptoKeyDataX509DebugXmlDump,      /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecMSCryptoKeyDataX509GetKlass:
- * 
+ *
  * The MSCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
  *
  * Returns: the X509 data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataX509GetKlass(void) {
     return(&xmlSecMSCryptoKeyDataX509Klass);
 }
 
 /**
  * xmlSecMSCryptoKeyDataX509GetKeyCert:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
- * Gets the certificate from which the key was extracted. 
+ * Gets the certificate from which the key was extracted.
  *
  * Returns: the key's certificate or NULL if key data was not used for key
  * extraction or an error occurs.
@@ -305,7 +302,7 @@ xmlSecMSCryptoKeyDataX509GetKlass(void) {
 PCCERT_CONTEXT
 xmlSecMSCryptoKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
 
     ctx = xmlSecMSCryptoX509DataGetCtx(data);
@@ -316,8 +313,8 @@ xmlSecMSCryptoKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecMSCryptoKeyDataX509AdoptKeyCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to MSCRYPTO X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to MSCRYPTO X509 certificate.
  *
  * Sets the key's certificate in @data.
  *
@@ -334,8 +331,8 @@ xmlSecMSCryptoKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert
     xmlSecAssert2(ctx != NULL, -1);
 
     if(ctx->keyCert != NULL) {
-	CertFreeCertificateContext(ctx->keyCert);
-	ctx->keyCert = 0;
+        CertFreeCertificateContext(ctx->keyCert);
+        ctx->keyCert = 0;
     }
     ctx->keyCert = cert;
 
@@ -344,14 +341,14 @@ xmlSecMSCryptoKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert
 
 /**
  * xmlSecMSCryptoKeyDataX509AdoptCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to MSCRYPTO X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to MSCRYPTO X509 certificate.
  *
  * Adds certificate to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecMSCryptoKeyDataX509AdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
 
@@ -363,30 +360,30 @@ xmlSecMSCryptoKeyDataX509AdoptCert(xmlSecKeyDataPtr data, PCCERT_CONTEXT cert) {
     xmlSecAssert2(ctx->hMemStore != 0, -1);
 
     if (!CertAddCertificateContextToStore(ctx->hMemStore, cert, CERT_STORE_ADD_ALWAYS, NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "CertAddCertificateContextToStore",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "CertAddCertificateContextToStore",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     CertFreeCertificateContext(cert);
     ctx->numCerts++;
-      
+
     return(0);
 }
 
 /**
  * xmlSecMSCryptoKeyDataX509GetCert:
- * @data:		the pointer to X509 key data.
- * @pos:		the desired certificate position.
- * 
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired certificate position.
+ *
  * Gets a certificate from X509 key data.
  *
- * Returns: the pointer to certificate or NULL if @pos is larger than the 
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
  * number of certificates in @data or an error occurs.
  */
-PCCERT_CONTEXT 
+PCCERT_CONTEXT
 xmlSecMSCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
     PCCERT_CONTEXT pCert = NULL;
@@ -399,7 +396,7 @@ xmlSecMSCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecAssert2(ctx->numCerts > pos, NULL);
 
     while ((pCert = CertEnumCertificatesInStore(ctx->hMemStore, pCert)) && (pos > 0)) {
-	pos--;
+        pos--;
     }
 
     return(pCert);
@@ -407,13 +404,13 @@ xmlSecMSCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
 
 /**
  * xmlSecMSCryptoKeyDataX509GetCertsSize:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
  * Gets the number of certificates in @data.
  *
  * Returns: te number of certificates in @data.
  */
-xmlSecSize 	
+xmlSecSize
 xmlSecMSCryptoKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
 
@@ -427,14 +424,14 @@ xmlSecMSCryptoKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecMSCryptoKeyDataX509AdoptCrl:
- * @data:		the pointer to X509 key data.
- * @crl:		the pointer to MSCrypto X509 CRL.
+ * @data:               the pointer to X509 key data.
+ * @crl:                the pointer to MSCrypto X509 CRL.
  *
  * Adds CRL to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecMSCryptoKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, PCCRL_CONTEXT crl) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
 
@@ -446,12 +443,12 @@ xmlSecMSCryptoKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, PCCRL_CONTEXT crl) {
     xmlSecAssert2(ctx->hMemStore != 0, -1);
 
     if (!CertAddCRLContextToStore(ctx->hMemStore, crl, CERT_STORE_ADD_ALWAYS, NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "CertAddCRLContextToStore",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "CertAddCRLContextToStore",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     ctx->numCrls++;
 
@@ -480,7 +477,7 @@ xmlSecMSCryptoKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecAssert2(ctx->numCrls > pos, NULL);
 
     while ((pCRL = CertEnumCRLsInStore(ctx->hMemStore, pCRL)) && (pos > 0)) {
-	pos--;
+        pos--;
     }
 
     return(pCRL);
@@ -506,7 +503,7 @@ xmlSecMSCryptoKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
     return(ctx->numCrls);
 }
 
-static int	
+static int
 xmlSecMSCryptoKeyDataX509Initialize(xmlSecKeyDataPtr data) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
 
@@ -518,17 +515,17 @@ xmlSecMSCryptoKeyDataX509Initialize(xmlSecKeyDataPtr data) {
     memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
 
     ctx->hMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY,
-				   0, 
-				   0, 
-				   CERT_STORE_CREATE_NEW_FLAG, 
-				   NULL);
+                                   0,
+                                   0,
+                                   CERT_STORE_CREATE_NEW_FLAG,
+                                   NULL);
     if (ctx->hMemStore == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "CertOpenStore",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "CertOpenStore",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -544,101 +541,101 @@ xmlSecMSCryptoKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecMSCryptoKeyDataX509Id), -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecMSCryptoKeyDataX509Id), -1);
 
-    /* copy certsList */ 
+    /* copy certsList */
     size = xmlSecMSCryptoKeyDataX509GetCertsSize(src);
     for(pos = 0; pos < size; ++pos) {
-	/* TBD: function below does linear scan, eliminate loop within
-	* loop
-	*/
-	certSrc = xmlSecMSCryptoKeyDataX509GetCert(src, pos);
-	if(certSrc == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
-			"xmlSecMSCryptoKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-
-	certDst = CertDuplicateCertificateContext(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"CertDuplicateCertificateContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	ret = xmlSecMSCryptoKeyDataX509AdoptCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    CertFreeCertificateContext(certDst);
-	    return(-1);
-	}
+        /* TBD: function below does linear scan, eliminate loop within
+        * loop
+        */
+        certSrc = xmlSecMSCryptoKeyDataX509GetCert(src, pos);
+        if(certSrc == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecMSCryptoKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        certDst = CertDuplicateCertificateContext(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            CertFreeCertificateContext(certDst);
+            return(-1);
+        }
     }
 
     /* copy crls */
     size = xmlSecMSCryptoKeyDataX509GetCrlsSize(src);
     for(pos = 0; pos < size; ++pos) {
-	crlSrc = xmlSecMSCryptoKeyDataX509GetCrl(src, pos);
-	if(crlSrc == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
-			"xmlSecMSCryptoKeyDataX509GetCrl",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-
-	crlDst = CertDuplicateCRLContext(crlSrc);
-	if(crlDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"CertDuplicateCRLContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	ret = xmlSecMSCryptoKeyDataX509AdoptCrl(dst, crlDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataX509AdoptCrl",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    CertFreeCRLContext(crlDst);
-	    return(-1);
-	}
+        crlSrc = xmlSecMSCryptoKeyDataX509GetCrl(src, pos);
+        if(crlSrc == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecMSCryptoKeyDataX509GetCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        crlDst = CertDuplicateCRLContext(crlSrc);
+        if(crlDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "CertDuplicateCRLContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecMSCryptoKeyDataX509AdoptCrl(dst, crlDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataX509AdoptCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            CertFreeCRLContext(crlDst);
+            return(-1);
+        }
     }
 
     /* copy key cert if exist */
     certSrc = xmlSecMSCryptoKeyDataX509GetKeyCert(src);
     if(certSrc != NULL) {
-	certDst = CertDuplicateCertificateContext(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"CertDuplicateCertificateContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecMSCryptoKeyDataX509AdoptKeyCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    CertFreeCertificateContext(certDst);
-	    return(-1);
-	}
+        certDst = CertDuplicateCertificateContext(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "CertDuplicateCertificateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        ret = xmlSecMSCryptoKeyDataX509AdoptKeyCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecMSCryptoKeyDataX509AdoptKeyCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            CertFreeCertificateContext(certDst);
+            return(-1);
+        }
     }
     return(0);
 }
@@ -653,19 +650,19 @@ xmlSecMSCryptoKeyDataX509Finalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(ctx != NULL);
 
     if(ctx->keyCert != NULL) {
-	CertFreeCertificateContext(ctx->keyCert);
-	ctx->keyCert = NULL;
+        CertFreeCertificateContext(ctx->keyCert);
+        ctx->keyCert = NULL;
     }
 
     if (ctx->hMemStore != 0) {
-	if (!CertCloseStore(ctx->hMemStore, CERT_CLOSE_STORE_FORCE_FLAG)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CertCloseStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return;
-	}
+        if (!CertCloseStore(ctx->hMemStore, CERT_CLOSE_STORE_FORCE_FLAG)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertCloseStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return;
+        }
     }
 
     memset(ctx, 0, sizeof(xmlSecMSCryptoX509DataCtx));
@@ -673,7 +670,7 @@ xmlSecMSCryptoKeyDataX509Finalize(xmlSecKeyDataPtr data) {
 
 static int
 xmlSecMSCryptoKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     int ret;
 
@@ -684,48 +681,48 @@ xmlSecMSCryptoKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     data = xmlSecKeyEnsureData(key, id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecMSCryptoX509DataNodeRead(data, node, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecMSCryptoX509DataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoX509DataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
-	ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     PCCERT_CONTEXT cert;
     PCCRL_CONTEXT crl;
     xmlSecSize size, pos;
     int content = 0;
     int ret;
-    				
+
     xmlSecAssert2(id == xmlSecMSCryptoKeyDataX509Id, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -733,110 +730,110 @@ xmlSecMSCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
     if (content < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecX509DataGetNodeContent",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "content=%d", content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecX509DataGetNodeContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "content=%d", content);
+        return(-1);
     } else if(content == 0) {
-	/* by default we are writing certificates and crls */
-	content = XMLSEC_X509DATA_DEFAULT;
+        /* by default we are writing certificates and crls */
+        content = XMLSEC_X509DATA_DEFAULT;
     }
 
     /* get x509 data */
     data = xmlSecKeyGetData(key, id);
     if(data == NULL) {
-	/* no x509 data in the key */
-	return(0);	
+        /* no x509 data in the key */
+        return(0);
     }
 
     /* write certs */
     size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecMSCryptoKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-
-	if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
-	    ret = xmlSecMSCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoX509CertificateNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
-	    ret = xmlSecMSCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoX509SubjectNameNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
-	    ret = xmlSecMSCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoX509IssuerSerialNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
-	    ret = xmlSecMSCryptoX509SKINodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoX509SKINodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-    }    
+        cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecMSCryptoKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+            ret = xmlSecMSCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoX509CertificateNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+            ret = xmlSecMSCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoX509SubjectNameNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+            ret = xmlSecMSCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoX509IssuerSerialNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+            ret = xmlSecMSCryptoX509SKINodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoX509SKINodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
 
     /* write crls if needed */
     if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
-	size = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
-	for(pos = 0; pos < size; ++pos) {
-	    crl = xmlSecMSCryptoKeyDataX509GetCrl(data, pos);
-	    if(crl == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoKeyDataX509GetCrl",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-
-	    ret = xmlSecMSCryptoX509CRLNodeWrite(crl, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecMSCryptoX509CRLNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
+        size = xmlSecMSCryptoKeyDataX509GetCrlsSize(data);
+        for(pos = 0; pos < size; ++pos) {
+            crl = xmlSecMSCryptoKeyDataX509GetCrl(data, pos);
+            if(crl == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoKeyDataX509GetCrl",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+
+            ret = xmlSecMSCryptoX509CRLNodeWrite(crl, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecMSCryptoX509CRLNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
     }
 
     return(0);
@@ -846,19 +843,19 @@ static xmlSecKeyDataType
 xmlSecMSCryptoKeyDataX509GetType(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), xmlSecKeyDataTypeUnknown);
 
-    /* TODO: return verified/not verified status */     
+    /* TODO: return verified/not verified status */
     return(xmlSecKeyDataTypeUnknown);
 }
 
 static const xmlChar*
 xmlSecMSCryptoKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), NULL);
-    
-    /* TODO */    
+
+    /* TODO */
     return(NULL);
 }
 
-static void 
+static void
 xmlSecMSCryptoKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     PCCERT_CONTEXT cert;
     xmlSecSize size, pos;
@@ -869,23 +866,23 @@ xmlSecMSCryptoKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "=== X509 Data:\n");
     cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "==== Key Certificate:\n");
-	xmlSecMSCryptoX509CertDebugDump(cert, output);
+        fprintf(output, "==== Key Certificate:\n");
+        xmlSecMSCryptoX509CertDebugDump(cert, output);
     }
 
     size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecMSCryptoKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "==== Certificate:\n");
-	xmlSecMSCryptoX509CertDebugDump(cert, output);
+        cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecMSCryptoKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "==== Certificate:\n");
+        xmlSecMSCryptoX509CertDebugDump(cert, output);
     }
 
     /* we don't print out crls */
@@ -902,25 +899,25 @@ xmlSecMSCryptoKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "<X509Data>\n");
     cert = xmlSecMSCryptoKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "<KeyCertificate>\n");
-	xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</KeyCertificate>\n");
+        fprintf(output, "<KeyCertificate>\n");
+        xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</KeyCertificate>\n");
     }
 
     size = xmlSecMSCryptoKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecMSCryptoKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "<Certificate>\n");
-	xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</Certificate>\n");
+        cert = xmlSecMSCryptoKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecMSCryptoKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "<Certificate>\n");
+        xmlSecMSCryptoX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</Certificate>\n");
     }
 
     /* we don't print out crls */
@@ -929,51 +926,51 @@ xmlSecMSCryptoKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
 
 static int
 xmlSecMSCryptoX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlNodePtr cur; 
+    xmlNodePtr cur;
     int ret;
-        
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     for(cur = xmlSecGetNextElementNode(node->children);
-	cur != NULL;
-	cur = xmlSecGetNextElementNode(cur->next)) {
-
-	ret = 0;
-	if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
-	    ret = xmlSecMSCryptoX509CertificateNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
-	    ret = xmlSecMSCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
-	    ret = xmlSecMSCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
-	    ret = xmlSecMSCryptoX509SKINodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
-	    ret = xmlSecMSCryptoX509CRLNodeRead(data, cur, keyInfoCtx);
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    /* laxi schema validation: ignore unknown nodes */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		"read node failed");
-	    return(-1);  
-	}	
+        cur != NULL;
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        ret = 0;
+        if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+            ret = xmlSecMSCryptoX509CertificateNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+            ret = xmlSecMSCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+            ret = xmlSecMSCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+            ret = xmlSecMSCryptoX509SKINodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+            ret = xmlSecMSCryptoX509CRLNodeRead(data, cur, keyInfoCtx);
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* laxi schema validation: ignore unknown nodes */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                "read node failed");
+            return(-1);
+        }
     }
     return(0);
 }
 
 static int
-xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     PCCERT_CONTEXT cert;
     int ret;
@@ -984,78 +981,78 @@ xmlSecMSCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xm
 
     content = xmlNodeGetContent(node);
     if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecMSCryptoX509CertBase64DerRead(content);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoX509CertBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoX509CertBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	xmlFree(content);
-	return(-1);
-    }
-     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        xmlFree(content);
+        return(-1);
+    }
+
     xmlFree(content);
     return(0);
 }
 
-static int 
-xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, 
-				       xmlSecKeyInfoCtxPtr keyInfoCtx) {
+static int
+xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
+                                       xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar* buf;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(cert != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     /* set base64 lines size from context */
-    buf = xmlSecMSCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize); 
+    buf = xmlSecMSCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509CertBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509CertBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
-	xmlFree(buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+        xmlFree(buf);
+        return(-1);
     }
 
     /* todo: add \n around base64 data - from context */
@@ -1066,13 +1063,13 @@ xmlSecMSCryptoX509CertificateNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node,
     return(0);
 }
 
-static int		
-xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+static int
+xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* subject;
     PCCERT_CONTEXT cert;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1080,56 +1077,56 @@ xmlSecMSCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xm
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     subject = xmlNodeGetContent(node);
     if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
-	if(subject != NULL) {
-	    xmlFree(subject);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(subject != NULL) {
+            xmlFree(subject);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecMSCryptoX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
     if(cert == NULL){
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"subject=%s", 
-			xmlSecErrorsSafeString(subject));
-    	    xmlFree(subject);
-	    return(-1);
-	}
-	xmlFree(subject);
-	return(0);
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "subject=%s",
+                        xmlSecErrorsSafeString(subject));
+            xmlFree(subject);
+            return(-1);
+        }
+        xmlFree(subject);
+        return(0);
     }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	xmlFree(subject);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        xmlFree(subject);
+        return(-1);
     }
 
     xmlFree(subject);
@@ -1146,36 +1143,36 @@ xmlSecMSCryptoX509SubjectNameNodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xml
 
     buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject))",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Subject))",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlNodePtr cur;
     xmlChar *issuerName;
-    xmlChar *issuerSerial;    
+    xmlChar *issuerSerial;
     PCCERT_CONTEXT cert;
     int ret;
 
@@ -1186,127 +1183,127 @@ xmlSecMSCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, x
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecGetNextElementNode(node->children);
     if(cur == NULL) {
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-			XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
-	return(0);
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+        return(0);
     }
 
     /* the first is required node X509IssuerName */
     if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        return(-1);
+    }
     issuerName = xmlNodeGetContent(cur);
     if(issuerName == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is required node X509SerialNumber */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	xmlFree(issuerName);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        xmlFree(issuerName);
+        return(-1);
+    }
     issuerSerial = xmlNodeGetContent(cur);
     if(issuerSerial == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        xmlFree(issuerName);
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
     }
 
     cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
     if(cert == NULL){
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"issuerName=%s;issuerSerial=%s",
-			xmlSecErrorsSafeString(issuerName), 
-			xmlSecErrorsSafeString(issuerSerial));
-	    xmlFree(issuerSerial);
-	    xmlFree(issuerName);
-	    return(-1);
-	}
-
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(0);    
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "issuerName=%s;issuerSerial=%s",
+                        xmlSecErrorsSafeString(issuerName),
+                        xmlSecErrorsSafeString(issuerSerial));
+            xmlFree(issuerSerial);
+            xmlFree(issuerName);
+            return(-1);
+        }
+
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(0);
     }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
     }
-    
+
     xmlFree(issuerSerial);
     xmlFree(issuerName);
     return(0);
 }
 
 static int
-xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert, 
-					xmlNodePtr node, 
-					xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
+xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert,
+                                        xmlNodePtr node,
+                                        xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) {
     xmlNodePtr cur;
     xmlNodePtr issuerNameNode;
     xmlNodePtr issuerNumberNode;
@@ -1319,69 +1316,69 @@ xmlSecMSCryptoX509IssuerSerialNodeWrite(PCCERT_CONTEXT cert,
     /* create xml nodes */
     cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+        return(-1);
     }
 
     issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
     if(issuerNameNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
 
     issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
     if(issuerNumberNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        return(-1);
     }
 
     /* write data */
     buf = xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer))",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509NameWrite(&(cert->pCertInfo->Issuer))",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
     xmlFree(buf);
 
     ret = xmlSecMSCryptoASN1IntegerWrite(issuerNumberNode, &(cert->pCertInfo->SerialNumber));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoASN1IntegerWrite(&(cert->serialNumber))",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoASN1IntegerWrite(&(cert->serialNumber))",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* ski;
     PCCERT_CONTEXT cert;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1389,57 +1386,57 @@ xmlSecMSCryptoX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ski = xmlNodeGetContent(node);
     if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
-	if(ski != NULL) {
-	    xmlFree(ski);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	    return(-1);
-	}
-	return(0);
+        if(ski != NULL) {
+            xmlFree(ski);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecMSCryptoX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
     if(cert == NULL){
-	xmlFree(ski);
+        xmlFree(ski);
 
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"ski=%s", 
-			xmlSecErrorsSafeString(ski));
-	    return(-1);
-	}
-	return(0);
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "ski=%s",
+                        xmlSecErrorsSafeString(ski));
+            return(-1);
+        }
+        return(0);
     }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	xmlFree(ski);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        xmlFree(ski);
+        return(-1);
     }
 
     xmlFree(ski);
@@ -1456,24 +1453,24 @@ xmlSecMSCryptoX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyIn
 
     buf = xmlSecMSCryptoX509SKIWrite(cert);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509SKIWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509SKIWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
@@ -1481,7 +1478,7 @@ xmlSecMSCryptoX509SKINodeWrite(PCCERT_CONTEXT cert, xmlNodePtr node, xmlSecKeyIn
     return(0);
 }
 
-static int 
+static int
 xmlSecMSCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     PCCRL_CONTEXT crl;
@@ -1492,42 +1489,42 @@ xmlSecMSCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
 
     content = xmlNodeGetContent(node);
     if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     crl = xmlSecMSCryptoX509CrlBase64DerRead(content, keyInfoCtx);
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoX509CrlBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoX509CrlBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
 
     if (0 != xmlSecMSCryptoKeyDataX509AdoptCrl(data, crl)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCrl",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-        CertFreeCRLContext(crl); 
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCrl",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        CertFreeCRLContext(crl);
+        return(-1);
     }
-    
+
     xmlFree(content);
     return(0);
 }
@@ -1542,26 +1539,26 @@ xmlSecMSCryptoX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node, xmlSecKeyInfo
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     /* set base64 lines size from context */
-    buf = xmlSecMSCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize); 
+    buf = xmlSecMSCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509CrlBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509CrlBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+        xmlFree(buf);
+        return(-1);
     }
     /* todo: add \n around base64 data - from context */
     /* todo: add errors check */
@@ -1575,11 +1572,11 @@ xmlSecMSCryptoX509CRLNodeWrite(PCCRL_CONTEXT crl, xmlNodePtr node, xmlSecKeyInfo
 
 static int
 xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
-					     xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                             xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecMSCryptoX509DataCtxPtr ctx;
     xmlSecKeyDataStorePtr x509Store;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecMSCryptoKeyDataX509Id), -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1591,119 +1588,119 @@ xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecMSCryptoX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((ctx->keyCert == NULL) && (xmlSecKeyGetValue(key) == NULL)) {
-	PCCERT_CONTEXT cert;
+        PCCERT_CONTEXT cert;
 
-	cert = xmlSecMSCryptoX509StoreVerify(x509Store, ctx->hMemStore, keyInfoCtx);
-	if(cert != NULL) {
-	    xmlSecKeyDataPtr keyValue = NULL;
+        cert = xmlSecMSCryptoX509StoreVerify(x509Store, ctx->hMemStore, keyInfoCtx);
+        if(cert != NULL) {
+            xmlSecKeyDataPtr keyValue = NULL;
         PCCERT_CONTEXT pCert = NULL;
 
-	    ctx->keyCert = CertDuplicateCertificateContext(cert);
-	    if(ctx->keyCert == NULL) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			        "CertDuplicateCertificateContext",
-			        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			        XMLSEC_ERRORS_NO_MESSAGE);
-		    return(-1);
-	    }
-
-		/* search key according to KeyReq */
-		pCert = CertDuplicateCertificateContext( ctx->keyCert ) ;
-		if( pCert == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE,
-		    	xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-				"CertDuplicateCertificateContext",
-				XMLSEC_ERRORS_R_CRYPTO_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-
-			return(-1);
-		}
-
-		if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate ) == xmlSecKeyDataTypePrivate ) {
-			keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePrivate ) ;
-			if(keyValue == NULL) {
-				xmlSecError(XMLSEC_ERRORS_HERE,
-						xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-						"xmlSecMSCryptoCertAdopt",
-						XMLSEC_ERRORS_R_XMLSEC_FAILED,
-						XMLSEC_ERRORS_NO_MESSAGE);
-				CertFreeCertificateContext( pCert ) ;
-				return(-1);
-			}
-			pCert = NULL ;
-		} else if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePublic ) == xmlSecKeyDataTypePublic ) {
-			keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePublic ) ;
-			if(keyValue == NULL) {
-				xmlSecError(XMLSEC_ERRORS_HERE,
-						xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-						"xmlSecMSCryptoCertAdopt",
-						XMLSEC_ERRORS_R_XMLSEC_FAILED,
-						XMLSEC_ERRORS_NO_MESSAGE);
-				CertFreeCertificateContext( pCert ) ;
-				return(-1);
-			}
-			pCert = NULL ;
-		}
-
-	    /* verify that the key matches our expectations */
-	    if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			        "xmlSecKeyReqMatchKeyValue",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        XMLSEC_ERRORS_NO_MESSAGE);
-		    xmlSecKeyDataDestroy(keyValue);
-		    return(-1);
-	    }	
-
-	    ret = xmlSecKeySetValue(key, keyValue);
-	    if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			        "xmlSecKeySetValue",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        XMLSEC_ERRORS_NO_MESSAGE);
-		    xmlSecKeyDataDestroy(keyValue);
-		    return(-1);
-	    }	    
-
-	    ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotBefore, &(key->notValidBefore));
-	    if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			        "xmlSecMSCryptoX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "notValidBefore");
-		    return(-1);
-	    }
-
-	    ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotAfter, &(key->notValidAfter));
-	    if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			        "xmlSecMSCryptoX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "notValidAfter");
-		    return(-1);
-	    }
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+            ctx->keyCert = CertDuplicateCertificateContext(cert);
+            if(ctx->keyCert == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "CertDuplicateCertificateContext",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    return(-1);
+            }
+
+                /* search key according to KeyReq */
+                pCert = CertDuplicateCertificateContext( ctx->keyCert ) ;
+                if( pCert == NULL ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "CertDuplicateCertificateContext",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+
+                        return(-1);
+                }
+
+                if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate ) == xmlSecKeyDataTypePrivate ) {
+                        keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePrivate ) ;
+                        if(keyValue == NULL) {
+                                xmlSecError(XMLSEC_ERRORS_HERE,
+                                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                                "xmlSecMSCryptoCertAdopt",
+                                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                                XMLSEC_ERRORS_NO_MESSAGE);
+                                CertFreeCertificateContext( pCert ) ;
+                                return(-1);
+                        }
+                        pCert = NULL ;
+                } else if( ( keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePublic ) == xmlSecKeyDataTypePublic ) {
+                        keyValue = xmlSecMSCryptoCertAdopt( pCert, xmlSecKeyDataTypePublic ) ;
+                        if(keyValue == NULL) {
+                                xmlSecError(XMLSEC_ERRORS_HERE,
+                                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                                "xmlSecMSCryptoCertAdopt",
+                                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                                XMLSEC_ERRORS_NO_MESSAGE);
+                                CertFreeCertificateContext( pCert ) ;
+                                return(-1);
+                        }
+                        pCert = NULL ;
+                }
+
+            /* verify that the key matches our expectations */
+            if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecKeyReqMatchKeyValue",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    xmlSecKeyDataDestroy(keyValue);
+                    return(-1);
+            }
+
+            ret = xmlSecKeySetValue(key, keyValue);
+            if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecKeySetValue",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    xmlSecKeyDataDestroy(keyValue);
+                    return(-1);
+            }
+
+            ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotBefore, &(key->notValidBefore));
+            if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecMSCryptoX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidBefore");
+                    return(-1);
+            }
+
+            ret = xmlSecMSCryptoX509CertGetTime(ctx->keyCert->pCertInfo->NotAfter, &(key->notValidAfter));
+            if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecMSCryptoX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidAfter");
+                    return(-1);
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
@@ -1711,9 +1708,9 @@ xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr
 static int
 xmlSecMSCryptoX509CertGetTime(FILETIME t, time_t* res) {
     LONGLONG result;
-    
+
     xmlSecAssert2(res != NULL, -1);
-    
+
     result = t.dwHighDateTime;
     result = (result) << 32;
     result |= t.dwLowDateTime;
@@ -1734,18 +1731,18 @@ xmlSecMSCryptoX509CertBase64DerRead(xmlChar* buf) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     return(xmlSecMSCryptoX509CertDerRead((xmlSecByte*)buf, ret));
 }
 
@@ -1759,12 +1756,12 @@ xmlSecMSCryptoX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
 
     cert = CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertCreateCertificateContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertCreateCertificateContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(cert);
@@ -1781,52 +1778,52 @@ xmlSecMSCryptoX509CertBase64DerWrite(PCCERT_CONTEXT cert, int base64LineWrap) {
     p = cert->pbCertEncoded;
     size = cert->cbCertEncoded;
     if((size <= 0) || (p == NULL)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cert->pbCertEncoded",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cert->pbCertEncoded",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     res = xmlSecBase64Encode(p, size, base64LineWrap);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
 
     return(res);
 }
 
 static PCCRL_CONTEXT
-xmlSecMSCryptoX509CrlBase64DerRead(xmlChar* buf, 
-				   xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecMSCryptoX509CrlBase64DerRead(xmlChar* buf,
+                                   xmlSecKeyInfoCtxPtr keyInfoCtx) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
 
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(xmlSecMSCryptoX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
 }
 
 
-static PCCRL_CONTEXT			  
+static PCCRL_CONTEXT
 xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
-			     xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                             xmlSecKeyInfoCtxPtr keyInfoCtx) {
     PCCRL_CONTEXT crl = NULL;
 
     xmlSecAssert2(buf != NULL, NULL);
@@ -1836,16 +1833,16 @@ xmlSecMSCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
     crl = CertCreateCRLContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, buf, size);
 
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertCreateCRLContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertCreateCRLContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(crl);
-			     }
+                             }
 
 static xmlChar*
 xmlSecMSCryptoX509CrlBase64DerWrite(PCCRL_CONTEXT crl, int base64LineWrap) {
@@ -1858,31 +1855,31 @@ xmlSecMSCryptoX509CrlBase64DerWrite(PCCRL_CONTEXT crl, int base64LineWrap) {
     p = crl->pbCrlEncoded;
     size = crl->cbCrlEncoded;
     if((size <= 0) || (p == NULL)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "crl->pbCrlEncoded",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "crl->pbCrlEncoded",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     res = xmlSecBase64Encode(p, size, base64LineWrap);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
 
     return(res);
 }
 
 static xmlChar*
 xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm) {
+    LPTSTR resT = NULL;
     xmlChar *res = NULL;
-    char *str;
     DWORD csz;
 
 
@@ -1890,59 +1887,47 @@ xmlSecMSCryptoX509NameWrite(PCERT_NAME_BLOB nm) {
     xmlSecAssert2(nm->cbData > 0, NULL);
 
     csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, NULL, 0);
-    str = (char *)xmlMalloc(csz);
-    if (NULL == str) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlMalloc",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return (NULL);
-    }
-
-    csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, str, csz);
-    if (csz < 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CertNameToStr",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(str);
-	return(NULL);
-    }
-
-    /* aleksey: this is a hack, but mscrypto can not read E= flag and wants Email= instead.
-     * don't ask me how is it possible not to read something you wrote yourself but also
-     * see comment in the xmlSecMSCryptoX509FindCert function. 
-     */
-    if(strncmp(str, "E=", 2) == 0) {
-        res = xmlMalloc(strlen(str) + 13 + 1);
-        if(res == NULL) {
-            xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlMalloc",
-		            XMLSEC_ERRORS_R_MALLOC_FAILED,
-		            "size=%d",
-                    strlen(str) + 13 + 1);
-            xmlFree(str);
-            return(NULL);
-        }
-
-        memcpy(res, "emailAddress=", 13);
-        strcpy(res + 13, BAD_CAST (str + 2)); 
-    } else {
-        res = xmlStrdup(BAD_CAST str);
-        if(res == NULL) {
-            xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlStrdup",
-		            XMLSEC_ERRORS_R_MALLOC_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
-            xmlFree(str);
-            return(NULL);
-        }
+    if(csz <= 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertNameToStr",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    resT = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (csz + 1));
+    if (NULL == resT) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(WCHAR) * (csz + 1));
+        return (NULL);
+    }
+
+    csz = CertNameToStr(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, nm, CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG, resT, csz + 1);
+    if (csz <= 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CertNameToStr",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(resT);
+        return(NULL);
+    }
+
+    res = xmlSecMSCryptoConvertTstrToUtf8(resT);
+    if (NULL == res) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoConvertTstrToUtf8",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(resT);
+        return(NULL);
     }
-    xmlFree(str);
+
     return(res);
 }
 
@@ -1958,40 +1943,40 @@ xmlSecMSCryptoASN1IntegerWrite(xmlNodePtr node, PCRYPT_INTEGER_BLOB num) {
 
     ret = xmlSecBnInitialize(&bn, num->cbData + 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%ld", num->cbData + 1);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%ld", num->cbData + 1);
+        return(-1);
     }
 
     ret = xmlSecBnSetData(&bn, num->pbData, num->cbData);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnSetData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBnFinalize(&bn);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBnFinalize(&bn);
+        return(-1);
     }
 
-    /* I have no clue why at a sudden a swap is needed to 
-     * convert from lsb... This code is purely based upon 
+    /* I have no clue why at a sudden a swap is needed to
+     * convert from lsb... This code is purely based upon
      * trial and error :( WK
      */
     ret = xmlSecBnSetNodeValue(&bn, node, xmlSecBnDec, 1, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBnSetNodeValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBnFinalize(&bn);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBnSetNodeValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBnFinalize(&bn);
+        return(-1);
     }
-    
+
     xmlSecBnFinalize(&bn);
     return(0);
 }
@@ -2008,142 +1993,168 @@ xmlSecMSCryptoX509SKIWrite(PCCERT_CONTEXT cert) {
     /* First check if the SKI extension actually exists, otherwise we get a SHA1 hash o fthe key/cert */
     pCertExt = CertFindExtension(szOID_SUBJECT_KEY_IDENTIFIER, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension);
     if (pCertExt == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-		    "CertFindExtension",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-		return (NULL);
-	    }
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                    "CertFindExtension",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+                return (NULL);
+            }
 
     if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, NULL, &dwSize) || dwSize < 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-		    "CertGetCertificateContextProperty",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-		return (NULL);
-	    }
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                    "CertGetCertificateContextProperty",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+                return (NULL);
+            }
     bSKI = xmlMalloc(dwSize);
     if (NULL == bSKI) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlMalloc",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return (NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
     }
 
     if (!CertGetCertificateContextProperty(cert, CERT_KEY_IDENTIFIER_PROP_ID, bSKI, &dwSize)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CertGetCertificateContextProperty",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlFree(bSKI);
-		return (NULL);
-	    }
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CertGetCertificateContextProperty",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFree(bSKI);
+                return (NULL);
+            }
 
     if (NULL == bSKI) {
-	return(NULL);
+        return(NULL);
     }
 
     res = xmlSecBase64Encode(bSKI, dwSize, 0);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(bSKI);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(bSKI);
+        return(NULL);
     }
     xmlFree(bSKI);
-    
+
     return(res);
 }
 
 
-static void 
+static void
 xmlSecMSCryptoX509CertDebugDump(PCCERT_CONTEXT cert, FILE* output) {
     PCRYPT_INTEGER_BLOB sn;
     unsigned int i;
-    LPSTR subject, issuer;
-    DWORD dwSize;
-
+    xmlChar * subject = NULL;
+    xmlChar * issuer = NULL;
+    
     xmlSecAssert(cert != NULL);
     xmlSecAssert(output != NULL);
 
-    /* todo: add error checks */
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, NULL, 0);
-    subject = (LPSTR)xmlMalloc(dwSize);
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, subject, dwSize);
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL, NULL, 0);
-    issuer = (LPSTR)xmlMalloc(dwSize);
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer, dwSize);
-
     fprintf(output, "=== X509 Certificate\n");
+
+    /* subject */
+    subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
+    if(subject == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecMSCryptoX509GetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "subject");
+        goto done;
+    }
     fprintf(output, "==== Subject Name: %s\n", subject);
+
+    /* issuer */
+    issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
+    if(issuer == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecMSCryptoX509GetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "issuer");
+        goto done;
+    }
     fprintf(output, "==== Issuer Name: %s\n", issuer);
-    if (subject) xmlFree(subject);
-    if (issuer) xmlFree(issuer);
-    sn = &(cert->pCertInfo->SerialNumber);
 
+    /* serial number */
+    sn = &(cert->pCertInfo->SerialNumber);
     for (i = 0; i < sn->cbData; i++) {
-	if (i != sn->cbData - 1) {
-	    fprintf(output, "%02x:", sn->pbData[i]);
-	} else {
-	    fprintf(output, "%02x", sn->pbData[i]);
-	}
+        if (i != sn->cbData - 1) {
+            fprintf(output, "%02x:", sn->pbData[i]);
+        } else {
+            fprintf(output, "%02x", sn->pbData[i]);
+        }
     }
     fprintf(output, "\n");
+
+done:
+    if (subject) xmlFree(subject);
+    if (issuer) xmlFree(issuer);
 }
 
 
-static void 
+static void
 xmlSecMSCryptoX509CertDebugXmlDump(PCCERT_CONTEXT cert, FILE* output) {
     PCRYPT_INTEGER_BLOB sn;
     unsigned int i;
-    LPSTR subject, issuer;
-    DWORD dwSize;
+    xmlChar * subject = NULL;
+    xmlChar * issuer = NULL;
 
     xmlSecAssert(cert != NULL);
     xmlSecAssert(output != NULL);
 
-    /* todo: add error checks */
-    
     /* subject */
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, NULL, 0);
-    subject = (LPSTR)xmlMalloc(dwSize);
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, subject, dwSize);
-
+    subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
+    if(subject == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecMSCryptoX509GetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "subject");
+        goto done;
+    }
     fprintf(output, "<SubjectName>");
     xmlSecPrintXmlString(output, BAD_CAST subject);
     fprintf(output, "</SubjectName>\n");
-    xmlFree(subject);
-    
-    
-    /* issuer */
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL, NULL, 0);
-    issuer = (LPSTR)xmlMalloc(dwSize);
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL, issuer, dwSize);
 
+    /* issuer */
+    issuer = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, CERT_NAME_ISSUER_FLAG, NULL);
+    if(issuer == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecMSCryptoX509GetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "issuer");
+        goto done;
+    }
     fprintf(output, "<IssuerName>");
     xmlSecPrintXmlString(output, BAD_CAST issuer);
     fprintf(output, "</IssuerName>\n");
-    xmlFree(issuer);
-    
+
     /* serial */
     fprintf(output, "<SerialNumber>");
     sn = &(cert->pCertInfo->SerialNumber);
     for (i = 0; i < sn->cbData; i++) {
-	if (i != sn->cbData - 1) {
-	    fprintf(output, "%02x:", sn->pbData[i]);
-	} else {
-	    fprintf(output, "%02x", sn->pbData[i]);
-	}
+        if (i != sn->cbData - 1) {
+            fprintf(output, "%02x:", sn->pbData[i]);
+        } else {
+            fprintf(output, "%02x", sn->pbData[i]);
+        }
     }
     fprintf(output, "</SerialNumber>\n");
+
+done:
+    xmlFree(subject);
+    xmlFree(issuer);
 }
 
 
@@ -2153,11 +2164,11 @@ xmlSecMSCryptoX509CertDebugXmlDump(PCCERT_CONTEXT cert, FILE* output) {
  *
  *
  *************************************************************************/
-static int		xmlSecMSCryptoKeyDataRawX509CertBinRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 const xmlSecByte* buf,
-								 xmlSecSize bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecMSCryptoKeyDataRawX509CertBinRead (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRawX509CertKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -2165,58 +2176,58 @@ static xmlSecKeyDataKlass xmlSecMSCryptoKeyDataRawX509CertKlass = {
 
     /* data */
     xmlSecNameRawX509Cert,
-    xmlSecKeyDataUsageRetrievalMethodNodeBin, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRawX509Cert,			/* const xmlChar* href; */
-    NULL,					/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageRetrievalMethodNodeBin,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRawX509Cert,                      /* const xmlChar* href; */
+    NULL,                                       /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    NULL,			 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    NULL,					/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    NULL,					/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecMSCryptoKeyDataRawX509CertBinRead,	/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    NULL,                                       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,                                       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecMSCryptoKeyDataRawX509CertBinRead,    /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecMSCryptoKeyDataRawX509CertGetKlass:
- * 
+ *
  * The raw X509 certificates key data klass.
  *
  * Returns: raw X509 certificates key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecMSCryptoKeyDataRawX509CertGetKlass(void) {
     return(&xmlSecMSCryptoKeyDataRawX509CertKlass);
 }
 
 static int
 xmlSecMSCryptoKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     PCCERT_CONTEXT cert;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecMSCryptoKeyDataRawX509CertId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
@@ -2225,44 +2236,44 @@ xmlSecMSCryptoKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     cert = xmlSecMSCryptoX509CertDerRead(buf, bufSize);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecMSCryptoX509CertDerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoX509CertDerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     data = xmlSecKeyEnsureData(key, xmlSecMSCryptoKeyDataX509Id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        return(-1);
     }
 
     ret = xmlSecMSCryptoKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecMSCryptoKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CertFreeCertificateContext(cert);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CertFreeCertificateContext(cert);
+        return(-1);
     }
 
     ret = xmlSecMSCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecMSCryptoKeyDataX509VerifyAndExtractKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
diff --git a/src/mscrypto/x509vfy.c b/src/mscrypto/x509vfy.c
index d854e7a0..cf317877 100644
--- a/src/mscrypto/x509vfy.c
+++ b/src/mscrypto/x509vfy.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,8 +6,8 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyrigth (C) 2003 Cordys R&D BV, All rights reserved.
+ *
+ * Copyright (C) 2003 Cordys R&D BV, All rights reserved.
  * Copyright (C) 2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -33,23 +33,20 @@
 
 #include <xmlsec/mscrypto/crypto.h>
 #include <xmlsec/mscrypto/x509.h>
-
-#if defined(__MINGW32__)
-#  include "xmlsec-mingw.h"
-#endif
+#include "private.h"
 
 /**************************************************************************
  *
  * Internal MSCRYPTO X509 store CTX
  *
  *************************************************************************/
-typedef struct _xmlSecMSCryptoX509StoreCtx    xmlSecMSCryptoX509StoreCtx, 
+typedef struct _xmlSecMSCryptoX509StoreCtx    xmlSecMSCryptoX509StoreCtx,
                         *xmlSecMSCryptoX509StoreCtxPtr;
 struct _xmlSecMSCryptoX509StoreCtx {
     HCERTSTORE trusted;
     HCERTSTORE untrusted;
     int        dont_use_system_trusted_certs;
-};        
+};
 
 /****************************************************************************
  *
@@ -63,7 +60,7 @@ struct _xmlSecMSCryptoX509StoreCtx {
                     sizeof(xmlSecKeyDataStoreKlass)))
 #define xmlSecMSCryptoX509StoreSize    \
     (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecMSCryptoX509StoreCtx))
- 
+
 static int         xmlSecMSCryptoX509StoreInitialize    (xmlSecKeyDataStorePtr store);
 static void        xmlSecMSCryptoX509StoreFinalize      (xmlSecKeyDataStorePtr store);
 
@@ -72,8 +69,8 @@ static xmlSecKeyDataStoreKlass xmlSecMSCryptoX509StoreKlass = {
     xmlSecMSCryptoX509StoreSize,
 
     /* data */
-    xmlSecNameX509Store,                    /* const xmlChar* name; */ 
-        
+    xmlSecNameX509Store,                    /* const xmlChar* name; */
+
     /* constructors/destructor */
     xmlSecMSCryptoX509StoreInitialize,      /* xmlSecKeyDataStoreInitializeMethod initialize; */
     xmlSecMSCryptoX509StoreFinalize,        /* xmlSecKeyDataStoreFinalizeMethod finalize; */
@@ -84,20 +81,20 @@ static xmlSecKeyDataStoreKlass xmlSecMSCryptoX509StoreKlass = {
 };
 
 static PCCERT_CONTEXT xmlSecMSCryptoX509FindCert(HCERTSTORE store,
-                         xmlChar *subjectName,
-                         xmlChar *issuerName,
-                         xmlChar *issuerSerial,
-                         xmlChar *ski);
+                         const xmlChar *subjectName,
+                         const xmlChar *issuerName,
+                         const xmlChar *issuerSerial,
+                         const xmlChar *ski);
 
 
-/** 
+/**
  * xmlSecMSCryptoX509StoreGetKlass:
- * 
+ *
  * The MSCrypto X509 certificates key data store klass.
  *
  * Returns: pointer to MSCrypto X509 certificates key data store klass.
  */
-xmlSecKeyDataStoreId 
+xmlSecKeyDataStoreId
 xmlSecMSCryptoX509StoreGetKlass(void) {
     return(&xmlSecMSCryptoX509StoreKlass);
 }
@@ -122,7 +119,7 @@ xmlSecMSCryptoX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectNam
                 xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecMSCryptoX509StoreCtxPtr ctx;
     PCCERT_CONTEXT pCert = NULL;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
 
@@ -143,7 +140,7 @@ xmlSecMSCryptoX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectNam
 }
 
 
-static void 
+static void
 xmlSecMSCryptoUnixTimeToFileTime(time_t t, LPFILETIME pft) {
     /* Note that LONGLONG is a 64-bit value */
     LONGLONG ll;
@@ -171,7 +168,7 @@ xmlSecMSCrypoVerifyCertTime(PCCERT_CONTEXT pCert, LPFILETIME pft) {
     if(-1 == CompareFileTime(&(pCert->pCertInfo->NotAfter), pft)) {
         return (FALSE);
     }
- 
+
     return (TRUE);
 }
 
@@ -182,7 +179,7 @@ xmlSecMSCryptoCheckRevocation(HCERTSTORE hStore, PCCERT_CONTEXT pCert) {
 
     xmlSecAssert2(pCert != NULL, FALSE);
     xmlSecAssert2(hStore != NULL, FALSE);
-    
+
     while((pCrl = CertEnumCRLsInStore(hStore, pCrl)) != NULL) {
         if (CertFindCertificateInCRL(pCert, pCrl, 0, NULL, &pCrlEntry) && (pCrlEntry != NULL)) {
             xmlSecError(XMLSEC_ERRORS_HERE,
@@ -199,7 +196,7 @@ xmlSecMSCryptoCheckRevocation(HCERTSTORE hStore, PCCERT_CONTEXT pCert) {
 
 static void
 xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, DWORD flags) {
-    LPSTR subject;
+    xmlChar * subject = NULL;
     DWORD dwSize;
 
     xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
@@ -207,20 +204,15 @@ xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cer
     xmlSecAssert(flags != 0);
 
     /* get certs subject */
-    dwSize = CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, NULL, 0);
-    subject = xmlMalloc(dwSize + 1);
+    subject = xmlSecMSCryptoX509GetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL);
     if(subject == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
+            "xmlSecMSCryptoX509GetNameString",
             NULL,
-            NULL,
-            XMLSEC_ERRORS_R_MALLOC_FAILED,
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
             XMLSEC_ERRORS_NO_MESSAGE);
         return;
     }
-    memset(subject, 0, dwSize + 1);
-    if(dwSize > 0) {
-        CertGetNameString(cert, CERT_NAME_RDN_TYPE, 0, NULL, subject, dwSize);
-    }
 
     /* print error */
     if (flags & CERT_STORE_SIGNATURE_FLAG) {
@@ -256,6 +248,7 @@ xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cer
                 XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
                 XMLSEC_ERRORS_NO_MESSAGE);
     }
+
     xmlFree(subject);
 }
 
@@ -265,99 +258,99 @@ xmlSecMSCryptoX509StoreCertError(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cer
  * @pfTime: pointer to FILETIME that we are interested in
  * @store_untrusted: untrusted certificates added via API
  * @store_doc: untrusted certificates/CRLs extracted from a document
- * 
+ *
  * Builds certificates chain using Windows API.
- * 
+ *
  * Returns: TRUE on success or FALSE otherwise.
  */
-static BOOL 
+static BOOL
 xmlSecBuildChainUsingWinapi (PCCERT_CONTEXT cert, LPFILETIME pfTime,
-		HCERTSTORE store_untrusted, HCERTSTORE store_doc)
+                HCERTSTORE store_untrusted, HCERTSTORE store_doc)
 {
-	PCCERT_CHAIN_CONTEXT     pChainContext = NULL;
-	CERT_CHAIN_PARA          chainPara;
-	BOOL rc = FALSE;
-	HCERTSTORE store_add = NULL;
+        PCCERT_CHAIN_CONTEXT     pChainContext = NULL;
+        CERT_CHAIN_PARA          chainPara;
+        BOOL rc = FALSE;
+        HCERTSTORE store_add = NULL;
 
     /* Initialize data structures. */
 
-	memset(&chainPara, 0, sizeof(CERT_CHAIN_PARA));
-	chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
-
-	/* Create additional store for CertGetCertificateChain() */
-	store_add = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, 0, NULL);
-	if (!store_add) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-					"chain additional collection store",
-					"CertOpenStore",
-					XMLSEC_ERRORS_R_CRYPTO_FAILED,
-					XMLSEC_ERRORS_NO_MESSAGE);
-		goto end;
-	}
-	if (!CertAddStoreToCollection(store_add, store_doc, 0, 0)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-					"adding document store",
-					"CertAddStoreToCollection",
-					XMLSEC_ERRORS_R_CRYPTO_FAILED,
-					XMLSEC_ERRORS_NO_MESSAGE);
-		goto end;
-	}
-	if (!CertAddStoreToCollection(store_add, store_untrusted, 0, 0)) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-					"adding untrusted store",
-					"CertAddStoreToCollection",
-					XMLSEC_ERRORS_R_CRYPTO_FAILED,
-					XMLSEC_ERRORS_NO_MESSAGE);
-		goto end;
-	}
+        memset(&chainPara, 0, sizeof(CERT_CHAIN_PARA));
+        chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
+
+        /* Create additional store for CertGetCertificateChain() */
+        store_add = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, 0, NULL);
+        if (!store_add) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                                        "chain additional collection store",
+                                        "CertOpenStore",
+                                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                        XMLSEC_ERRORS_NO_MESSAGE);
+                goto end;
+        }
+        if (!CertAddStoreToCollection(store_add, store_doc, 0, 0)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                                        "adding document store",
+                                        "CertAddStoreToCollection",
+                                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                        XMLSEC_ERRORS_NO_MESSAGE);
+                goto end;
+        }
+        if (!CertAddStoreToCollection(store_add, store_untrusted, 0, 0)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                                        "adding untrusted store",
+                                        "CertAddStoreToCollection",
+                                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                        XMLSEC_ERRORS_NO_MESSAGE);
+                goto end;
+        }
 
     /* Build a chain using CertGetCertificateChain
      and the certificate retrieved. */
     if(!CertGetCertificateChain(
                 NULL,                  /* use the default chain engine */
-				cert,
+                                cert,
                 pfTime,
-				store_add,
-				&chainPara,
-				CERT_CHAIN_REVOCATION_CHECK_CHAIN,
+                                store_add,
+                                &chainPara,
+                                CERT_CHAIN_REVOCATION_CHECK_CHAIN,
                 NULL,
                 &pChainContext))
     {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    "building certificate chain, checking root",
-		    "CertGetCertificateChain",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-		goto end;
-	}
-	if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_REVOCATION_STATUS_UNKNOWN) {
-		CertFreeCertificateChain(pChainContext); pChainContext = NULL;
-		if(!CertGetCertificateChain(
-			   NULL,                  /* use the default chain engine */
-			   cert,
-			   pfTime,
-			   store_add,
-			   &chainPara,
-			   CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT,
+                    "building certificate chain, checking root",
+                    "CertGetCertificateChain",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+                goto end;
+        }
+        if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_REVOCATION_STATUS_UNKNOWN) {
+                CertFreeCertificateChain(pChainContext); pChainContext = NULL;
+                if(!CertGetCertificateChain(
+                           NULL,                  /* use the default chain engine */
+                           cert,
+                           pfTime,
+                           store_add,
+                           &chainPara,
+                           CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT,
             NULL,
-			   &pChainContext))
-		{
-			xmlSecError(XMLSEC_ERRORS_HERE,
-						"building certificate chain, excluding root",
-						"CertGetCertificateChain",
-						XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                           &pChainContext))
+                {
+                        xmlSecError(XMLSEC_ERRORS_HERE,
+                                                "building certificate chain, excluding root",
+                                                "CertGetCertificateChain",
+                                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
             XMLSEC_ERRORS_NO_MESSAGE);
-			goto end;
-		}
+                        goto end;
+                }
     }
 
-	if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR)
-		rc = TRUE;
+        if (pChainContext->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR)
+                rc = TRUE;
 
 end:
-	if (pChainContext) CertFreeCertificateChain(pChainContext);
-	if (store_add) CertCloseStore(store_add, 0);
-	return (rc);
+        if (pChainContext) CertFreeCertificateChain(pChainContext);
+        if (store_add) CertCloseStore(store_add, 0);
+        return (rc);
 }
 
 /**
@@ -368,15 +361,15 @@ end:
  * @store_untrusted: untrusted certificates added via API
  * @certs: untrusted certificates/CRLs extracted from a document
  * @store: pointer to store klass passed to error functions
- * 
+ *
  * Builds certificates chain manually.
- * 
+ *
  * Returns: TRUE on success or FALSE otherwise.
  */
 static BOOL
 xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
-	HCERTSTORE store_trusted, HCERTSTORE store_untrusted, HCERTSTORE certs,
-	xmlSecKeyDataStorePtr store) {
+        HCERTSTORE store_trusted, HCERTSTORE store_untrusted, HCERTSTORE certs,
+        xmlSecKeyDataStorePtr store) {
     PCCERT_CONTEXT issuerCert = NULL;
     DWORD flags;
 
@@ -393,7 +386,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
      * Try to find the cert in the trusted cert store. We will trust
      * the certificate in the trusted store.
      */
-    issuerCert = CertFindCertificateInStore(store_trusted, 
+    issuerCert = CertFindCertificateInStore(store_trusted,
                 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                 0,
                 CERT_FIND_SUBJECT_NAME,
@@ -401,7 +394,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
                 NULL);
     if( issuerCert != NULL) {
         /* We have found the trusted cert, so return true */
-	/* todo: do we want to verify the trusted cert's revocation? we must, I think */
+        /* todo: do we want to verify the trusted cert's revocation? we must, I think */
         CertFreeCertificateContext( issuerCert ) ;
         return( TRUE ) ;
     }
@@ -412,7 +405,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
     }
 
     /* try to find issuer cert in the trusted cert in the store */
-    issuerCert = CertFindCertificateInStore(store_trusted, 
+    issuerCert = CertFindCertificateInStore(store_trusted,
                 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                 0,
                 CERT_FIND_SUBJECT_NAME,
@@ -425,14 +418,14 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
             CertFreeCertificateContext(issuerCert);
             return(FALSE);
         }
-	    /* todo: do we want to verify the trusted cert? we must check
-		 * revocation, I think */
+            /* todo: do we want to verify the trusted cert? we must check
+                 * revocation, I think */
         CertFreeCertificateContext(issuerCert);
         return(TRUE);
     }
 
     /* try the untrusted certs in the chain */
-    issuerCert = CertFindCertificateInStore(certs, 
+    issuerCert = CertFindCertificateInStore(certs,
                 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                 0,
                 CERT_FIND_SUBJECT_NAME,
@@ -445,7 +438,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
             CertFreeCertificateContext(issuerCert);
             return(FALSE);
         }
-    	if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
+        if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
             xmlSecMSCryptoX509StoreCertError(store, issuerCert, flags);
             CertFreeCertificateContext(issuerCert);
             return(FALSE);
@@ -455,7 +448,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
     }
 
     /* try the untrusted certs in the store */
-    issuerCert = CertFindCertificateInStore(store_untrusted, 
+    issuerCert = CertFindCertificateInStore(store_untrusted,
                 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                 0,
                 CERT_FIND_SUBJECT_NAME,
@@ -468,7 +461,7 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
             CertFreeCertificateContext(issuerCert);
             return(FALSE);
         }
-    	if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
+        if(!xmlSecMSCryptoBuildCertChainManually(issuerCert, pfTime, store_trusted, store_untrusted, certs, store)) {
             CertFreeCertificateContext(issuerCert);
             return(FALSE);
         }
@@ -480,13 +473,13 @@ xmlSecMSCryptoBuildCertChainManually (PCCERT_CONTEXT cert, LPFILETIME pfTime,
 }
 
 static BOOL
-xmlSecMSCryptoX509StoreConstructCertsChain(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, HCERTSTORE certs, 
-			      xmlSecKeyInfoCtx* keyInfoCtx) {
+xmlSecMSCryptoX509StoreConstructCertsChain(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT cert, HCERTSTORE certs,
+                              xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecMSCryptoX509StoreCtxPtr ctx;
     PCCERT_CONTEXT tempCert = NULL;
     FILETIME fTime;
     BOOL res = FALSE;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId), FALSE);
     xmlSecAssert2(cert != NULL, FALSE);
     xmlSecAssert2(cert->pCertInfo != NULL, FALSE);
@@ -499,26 +492,26 @@ xmlSecMSCryptoX509StoreConstructCertsChain(xmlSecKeyDataStorePtr store, PCCERT_C
     xmlSecAssert2(ctx->untrusted != NULL, FALSE);
 
     if(keyInfoCtx->certsVerificationTime > 0) {
-	    /* convert the time to FILETIME */
-    	xmlSecMSCryptoUnixTimeToFileTime(keyInfoCtx->certsVerificationTime, &fTime);
+            /* convert the time to FILETIME */
+        xmlSecMSCryptoUnixTimeToFileTime(keyInfoCtx->certsVerificationTime, &fTime);
     } else {
-	    /* Defaults to current time */
-	    GetSystemTimeAsFileTime(&fTime);
+            /* Defaults to current time */
+            GetSystemTimeAsFileTime(&fTime);
     }
 
     /* try the certificates in the keys manager */
     if(!res) {
-    	tempCert = CertEnumCertificatesInStore(ctx->trusted, NULL);
-	    if(tempCert) {
-		    CertFreeCertificateContext(tempCert);
+        tempCert = CertEnumCertificatesInStore(ctx->trusted, NULL);
+            if(tempCert) {
+                    CertFreeCertificateContext(tempCert);
             res = xmlSecMSCryptoBuildCertChainManually(cert, &fTime, ctx->trusted, ctx->untrusted, certs, store);
         }
     }
 
     /* try the certificates in the system */
     if(!res && !ctx->dont_use_system_trusted_certs) {
-		res = xmlSecBuildChainUsingWinapi(cert, &fTime, ctx->untrusted, certs);
-	}
+                res = xmlSecBuildChainUsingWinapi(cert, &fTime, ctx->untrusted, certs);
+        }
 
     /* done */
     return res;
@@ -533,7 +526,7 @@ xmlSecMSCryptoX509StoreConstructCertsChain(xmlSecKeyDataStorePtr store, PCCERT_C
  * Verifies @certs list.
  *
  * Returns: pointer to the first verified certificate from @certs.
- */ 
+ */
 PCCERT_CONTEXT
 xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs,
                   xmlSecKeyInfoCtx* keyInfoCtx) {
@@ -546,10 +539,10 @@ xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs,
     while((cert = CertEnumCertificatesInStore(certs, cert)) != NULL){
         PCCERT_CONTEXT nextCert = NULL;
         unsigned char selected = 1;
-        
+
         xmlSecAssert2(cert->pCertInfo != NULL, NULL);
 
-        /* if cert is the issuer of any other cert in the list, then it is 
+        /* if cert is the issuer of any other cert in the list, then it is
           * to be skipped except a case of a celf-signed cert*/
         do {
             nextCert = CertFindCertificateInStore(certs,
@@ -558,13 +551,13 @@ xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs,
                     CERT_FIND_ISSUER_NAME,
                     &(cert->pCertInfo->Subject),
                     nextCert);
-            if((nextCert != NULL) && !CertCompareCertificateName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, 
+            if((nextCert != NULL) && !CertCompareCertificateName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                                         &(nextCert->pCertInfo->Subject), &(nextCert->pCertInfo->Issuer))) {
                 selected = 0;
-            }    
+            }
         } while((selected == 1) && (nextCert != NULL));
         if(nextCert != NULL) {
-            CertFreeCertificateContext(nextCert);                
+            CertFreeCertificateContext(nextCert);
         }
 
         if((selected == 1) && xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) {
@@ -611,8 +604,8 @@ xmlSecMSCryptoX509StoreAdoptCert(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT pCe
         return(-1);
     }
 
-    /* TODO: The context to be added here is not duplicated first, 
-    * hopefully this will not lead to errors when closing teh store 
+    /* TODO: The context to be added here is not duplicated first,
+    * hopefully this will not lead to errors when closing teh store
     * and freeing the mem for all the context in the store.
     */
     xmlSecAssert2(certStore != NULL, -1);
@@ -629,8 +622,8 @@ xmlSecMSCryptoX509StoreAdoptCert(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT pCe
 }
 
 
-/** 
- * xmlSecMSCryptoX509StoreAdoptKeyStore: 
+/**
+ * xmlSecMSCryptoX509StoreAdoptKeyStore:
  * @store:              the pointer to X509 key data store klass.
  * @keyStore:           the pointer to keys store.
  *
@@ -638,7 +631,7 @@ xmlSecMSCryptoX509StoreAdoptCert(xmlSecKeyDataStorePtr store, PCCERT_CONTEXT pCe
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int    
+int
 xmlSecMSCryptoX509StoreAdoptKeyStore (xmlSecKeyDataStorePtr store, HCERTSTORE keyStore) {
     xmlSecMSCryptoX509StoreCtxPtr ctx;
 
@@ -661,8 +654,8 @@ xmlSecMSCryptoX509StoreAdoptKeyStore (xmlSecKeyDataStorePtr store, HCERTSTORE ke
     return(0);
 }
 
-/** 
- * xmlSecMSCryptoX509StoreAdoptTrustedStore: 
+/**
+ * xmlSecMSCryptoX509StoreAdoptTrustedStore:
  * @store:              the pointer to X509 key data store klass.
  * @trustedStore:       the pointer to certs store.
  *
@@ -693,8 +686,8 @@ xmlSecMSCryptoX509StoreAdoptTrustedStore (xmlSecKeyDataStorePtr store, HCERTSTOR
     return(0);
 }
 
-/** 
- * xmlSecMSCryptoX509StoreAdoptUntrustedStore: 
+/**
+ * xmlSecMSCryptoX509StoreAdoptUntrustedStore:
  * @store:              the pointer to X509 key data store klass.
  * @untrustedStore:     the pointer to certs store.
  *
@@ -725,8 +718,8 @@ xmlSecMSCryptoX509StoreAdoptUntrustedStore (xmlSecKeyDataStorePtr store, HCERTST
     return(0);
 }
 
-/** 
- * xmlSecMSCryptoX509StoreEnableSystemTrustedCerts: 
+/**
+ * xmlSecMSCryptoX509StoreEnableSystemTrustedCerts:
  * @store:              the pointer to X509 key data store klass.
  * @val:                the enable/disable flag
  *
@@ -735,13 +728,13 @@ xmlSecMSCryptoX509StoreAdoptUntrustedStore (xmlSecKeyDataStorePtr store, HCERTST
 void
 xmlSecMSCryptoX509StoreEnableSystemTrustedCerts (xmlSecKeyDataStorePtr store, int val) {
     xmlSecMSCryptoX509StoreCtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecKeyDataStoreCheckId(store, xmlSecMSCryptoX509StoreId));
-    
+
     ctx = xmlSecMSCryptoX509StoreGetCtx(store);
     xmlSecAssert(ctx != NULL);
     xmlSecAssert(ctx->untrusted != NULL);
-    
+
     /* it is other way around to make default value 0 mimic old behaiviour */
     ctx->dont_use_system_trusted_certs = !val;
 }
@@ -857,7 +850,7 @@ xmlSecMSCryptoX509StoreInitialize(xmlSecKeyDataStorePtr store) {
     }
     CertCloseStore(hUntrustedMemStore, CERT_CLOSE_STORE_CHECK_FLAG);
 
-    return(0);    
+    return(0);
 }
 
 static void
@@ -884,77 +877,357 @@ xmlSecMSCryptoX509StoreFinalize(xmlSecKeyDataStorePtr store) {
  * Low-level x509 functions
  *
  *****************************************************************************/
-static PCCERT_CONTEXT
-xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issuerName, 
-               xmlChar *issuerSerial, xmlChar *ski) {
-    PCCERT_CONTEXT pCert = NULL;
-    int ret;
+/**
+ * xmlSecMSCryptoCertStrToName:
+ * @dwCertEncodingType:         the encoding used.
+ * @pszX500:                    the string to convert.
+ * @dwStrType:                  the string type.
+ * @len:                        the result len.
+ *
+ * Converts input string to name by calling @CertStrToName function.
+ *
+ * Returns: a pointer to newly allocated string or NULL if an error occurs.
+ */
+static BYTE*
+xmlSecMSCryptoCertStrToName(DWORD dwCertEncodingType, LPTSTR pszX500, DWORD dwStrType, DWORD* len) {
+    BYTE* str = NULL;
+    LPCTSTR ppszError = NULL;
+
+    xmlSecAssert2(pszX500 != NULL, NULL);
+    xmlSecAssert2(len != NULL, NULL);
+
+    if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
+                        NULL, NULL, len, &ppszError)) {
+        /* this might not be an error, string might just not exist */
+        DWORD dw = GetLastError();
+        return(NULL);
+    }
 
-    xmlSecAssert2(store != 0, NULL);
+    str = (BYTE *)xmlMalloc(sizeof(TCHAR) * ((*len) + 1));
+    if(str == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "len=%ld", (*len));
+        return(NULL);
+    }
+    memset(str, 0, (*len) + 1);
 
-    if((pCert == NULL) && (NULL != subjectName)) {
-        CERT_NAME_BLOB cnb;
-        BYTE *cName; 
-        DWORD cNameLen;
-
-        cName = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-                        subjectName,
-                        CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
-                        &cNameLen);
-        if(cName == NULL) {
-            xmlSecError(XMLSEC_ERRORS_HERE,
-                NULL,
-                "xmlSecMSCryptoCertStrToName",
-                XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                XMLSEC_ERRORS_NO_MESSAGE);
-            return (NULL);
+    if (!CertStrToName(dwCertEncodingType, pszX500, dwStrType,
+                        NULL, str, len, NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CertStrToName",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(str);
+        return(NULL);
+    }
+
+    return(str);
+}
+
+
+/**
+ * xmlSecMSCryptoX509FindCertBySubject:
+ * @store:              the pointer to certs store
+ * @wcSubject:          the cert subject (Unicode)
+ * @dwCertEncodingType: the cert encoding type
+ *
+ * Searches for a cert with given @subject in the @store
+ *
+ * Returns: cert handle on success or NULL otherwise
+ */
+PCCERT_CONTEXT
+xmlSecMSCryptoX509FindCertBySubject(HCERTSTORE store, const LPTSTR wcSubject, DWORD dwCertEncodingType) {
+    PCCERT_CONTEXT res = NULL;
+    CERT_NAME_BLOB cnb;
+    BYTE* bdata;
+    DWORD len;
+
+    xmlSecAssert2(store != NULL, NULL);
+    xmlSecAssert2(wcSubject != NULL, NULL);
+
+    /* CASE 1: UTF8, DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcSubject,
+                    CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
+                    &len);
+        if(bdata != NULL) {
+            cnb.cbData = len;
+            cnb.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_NAME,
+                        &cnb,
+                        NULL);
+            xmlFree(bdata);
         }
-        cnb.pbData = cName;
-        cnb.cbData = cNameLen;
-        pCert = CertFindCertificateInStore(store, 
-                        PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
+    }
+
+    /* CASE 2: UTF8, REVERSE DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcSubject,
+                    CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+                    &len);
+        if(bdata != NULL) {
+            cnb.cbData = len;
+            cnb.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
                         0,
                         CERT_FIND_SUBJECT_NAME,
                         &cnb,
                         NULL);
-        xmlFree(cName);
+            xmlFree(bdata);
+        }
     }
 
-    if((pCert == NULL) && (NULL != issuerName) && (NULL != issuerSerial)) {
-        xmlSecBn issuerSerialBn;    
-        xmlChar * p;
-        CERT_INFO certInfo;
-        CERT_NAME_BLOB cnb;
-        BYTE *cName = NULL; 
-        DWORD cNameLen = 0;    
-
-        /* aleksey: for some unknown to me reasons, mscrypto wants Email
-        * instead of emailAddress. This code is not bullet proof and may 
-        * produce incorrect results if someone has "emailAddress=" string
-        * in one of the fields, but it is best I can suggest to fix this problem.
-        * Also see xmlSecMSCryptoX509NameWrite function.
-        */
-        while( (p = (xmlChar*)xmlStrstr(issuerName, BAD_CAST "emailAddress=")) != NULL) {
-            memcpy(p, "       Email=", 13);
+    /* CASE 3: UNICODE, DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcSubject,
+                    CERT_OID_NAME_STR,
+                    &len);
+        if(bdata != NULL) {
+            cnb.cbData = len;
+            cnb.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_NAME,
+                        &cnb,
+                        NULL);
+            xmlFree(bdata);
         }
+    }
 
+    /* CASE 4: UNICODE, REVERSE DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcSubject,
+                    CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+                    &len);
+        if(bdata != NULL) {
+            cnb.cbData = len;
+            cnb.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_NAME,
+                        &cnb,
+                        NULL);
+            xmlFree(bdata);
+        }
+    }
 
 
-        /* get issuer name */
-        cName = xmlSecMSCryptoCertStrToName(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-                        issuerName,
-                        CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
-                        &cNameLen);
-        if(cName == NULL) {
+    /* done */
+    return (res);
+}
+
+/**
+ * xmlSecMSCryptoX509FindCertByIssuer:
+ * @store:              the pointer to certs store
+ * @wcIssuer:           the cert issuer (Unicode)
+ * @issuerSerialBn:     the cert issuer serial
+ * @dwCertEncodingType: the cert encoding type
+ *
+ * Searches for a cert with given @subject in the @store
+ *
+ * Returns: cert handle on success or NULL otherwise
+ */
+static PCCERT_CONTEXT
+xmlSecMSCryptoX509FindCertByIssuer(HCERTSTORE store, const LPTSTR wcIssuer,
+                                   xmlSecBnPtr issuerSerialBn, DWORD dwCertEncodingType) {
+
+    PCCERT_CONTEXT res = NULL;
+    CERT_INFO certInfo;
+    BYTE* bdata;
+    DWORD len;
+
+
+    xmlSecAssert2(store != NULL, NULL);
+    xmlSecAssert2(wcIssuer != NULL, NULL);
+    xmlSecAssert2(issuerSerialBn != NULL, NULL);
+
+    certInfo.SerialNumber.cbData = xmlSecBnGetSize(issuerSerialBn);
+    certInfo.SerialNumber.pbData = xmlSecBnGetData(issuerSerialBn);
+
+
+    /* CASE 1: UTF8, DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcIssuer,
+                    CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR,
+                    &len);
+        if(bdata != NULL) {
+            certInfo.Issuer.cbData = len;
+            certInfo.Issuer.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_CERT,
+                        &certInfo,
+                        NULL);
+            xmlFree(bdata);
+        }
+    }
+
+    /* CASE 2: UTF8, REVERSE DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcIssuer,
+                    CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG | CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+                    &len);
+        if(bdata != NULL) {
+            certInfo.Issuer.cbData = len;
+            certInfo.Issuer.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_CERT,
+                        &certInfo,
+                        NULL);
+            xmlFree(bdata);
+        }
+    }
+
+    /* CASE 3: UNICODE, DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcIssuer,
+                    CERT_OID_NAME_STR,
+                    &len);
+        if(bdata != NULL) {
+            certInfo.Issuer.cbData = len;
+            certInfo.Issuer.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_CERT,
+                        &certInfo,
+                        NULL);
+            xmlFree(bdata);
+        }
+    }
+
+    /* CASE 4: UNICODE, REVERSE DN */
+    if (NULL == res) {
+        bdata = xmlSecMSCryptoCertStrToName(dwCertEncodingType,
+                    wcIssuer,
+                    CERT_OID_NAME_STR | CERT_NAME_STR_REVERSE_FLAG,
+                    &len);
+        if(bdata != NULL) {
+            certInfo.Issuer.cbData = len;
+            certInfo.Issuer.pbData = bdata;
+
+            res = CertFindCertificateInStore(store,
+                        dwCertEncodingType,
+                        0,
+                        CERT_FIND_SUBJECT_CERT,
+                        &certInfo,
+                        NULL);
+            xmlFree(bdata);
+        }
+    }
+
+
+    /* done */
+    return (res);
+}
+
+static LPTSTR
+xmlSecMSCryptoX509GetCertName(const xmlChar * name) {
+    xmlChar *name2 = NULL;
+    xmlChar *p = NULL;
+    LPTSTR res = NULL;
+
+    xmlSecAssert2(name != 0, NULL);
+
+    /* MSCrypto doesn't support "emailAddress" attribute (see NSS as well). 
+     * This code is not bullet proof and may produce incorrect results if someone has
+     * "emailAddress=" string in one of the fields, but it is best I can suggest to fix 
+     * this problem.
+     */
+    name2 = xmlStrdup(name);
+    if(name2 == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "xmlStrlen(name)=%d",
+                    xmlStrlen(name));
+        return(NULL);
+    }
+    while( (p = (xmlChar*)xmlStrstr(name2, BAD_CAST "emailAddress=")) != NULL) {
+        memcpy(p, "           E=", 13);
+    }
+
+    /* get name */
+    res = xmlSecMSCryptoConvertUtf8ToTstr(name2);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecMSCryptoConvertUtf8ToTstr",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
+    /* done */
+    return(res);
+}
+
+static PCCERT_CONTEXT
+xmlSecMSCryptoX509FindCert(HCERTSTORE store,
+                const xmlChar *subjectName,
+                const xmlChar *issuerName,
+                const xmlChar *issuerSerial,
+                const xmlChar *ski) {
+    PCCERT_CONTEXT pCert = NULL;
+    int ret;
+
+    xmlSecAssert2(store != 0, NULL);
+
+    if((pCert == NULL) && (NULL != subjectName)) {
+        LPTSTR wcSubjectName = NULL;
+
+        /* get unicode subject name */
+        wcSubjectName = xmlSecMSCryptoX509GetCertName(subjectName);
+        if(wcSubjectName == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-                NULL,
-                "xmlSecMSCryptoCertStrToName",
-                XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                XMLSEC_ERRORS_NO_MESSAGE);
-            return (NULL);
+                        NULL,
+                        "xmlSecMSCryptoX509GetCertName",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "wcSubjectName");
+            return(NULL);
         }
-        cnb.pbData = cName;
-        cnb.cbData = cNameLen;
+
+        /* search */
+        pCert = xmlSecMSCryptoX509FindCertBySubject(store,
+            wcSubjectName,
+            PKCS_7_ASN_ENCODING | X509_ASN_ENCODING);
+
+
+        /* cleanup */
+        xmlFree(wcSubjectName);
+    }
+
+    if((pCert == NULL) && (NULL != issuerName) && (NULL != issuerSerial)) {
+        xmlSecBn issuerSerialBn;
+        LPTSTR wcIssuerName = NULL;
 
         /* get serial number */
         ret = xmlSecBnInitialize(&issuerSerialBn, 0);
@@ -964,7 +1237,6 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issu
                 "xmlSecBnInitialize",
                 XMLSEC_ERRORS_R_XMLSEC_FAILED,
                 XMLSEC_ERRORS_NO_MESSAGE);
-            xmlFree(cName);
             return(NULL);
         }
 
@@ -976,12 +1248,11 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issu
                 XMLSEC_ERRORS_R_XMLSEC_FAILED,
                 XMLSEC_ERRORS_NO_MESSAGE);
             xmlSecBnFinalize(&issuerSerialBn);
-            xmlFree(cName);
             return(NULL);
         }
 
-        /* I have no clue why at a sudden a swap is needed to 
-        * convert from lsb... This code is purely based upon 
+        /* I have no clue why at a sudden a swap is needed to
+        * convert from lsb... This code is purely based upon
         * trial and error :( WK
         */
         ret = xmlSecBnReverse(&issuerSerialBn);
@@ -992,25 +1263,30 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issu
                 XMLSEC_ERRORS_R_XMLSEC_FAILED,
                 XMLSEC_ERRORS_NO_MESSAGE);
             xmlSecBnFinalize(&issuerSerialBn);
-            xmlFree(cName);
             return(NULL);
         }
 
-        certInfo.Issuer.cbData = cnb.cbData ;
-        certInfo.Issuer.pbData = cnb.pbData ;
-        certInfo.SerialNumber.cbData = xmlSecBnGetSize( &issuerSerialBn ) ;
-        certInfo.SerialNumber.pbData = xmlSecBnGetData( &issuerSerialBn ) ;
+        /* get issuer name */
+        wcIssuerName = xmlSecMSCryptoX509GetCertName(issuerName);
+        if(wcIssuerName == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecMSCryptoX509GetCertName",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "wcIssuerName");
+            xmlSecBnFinalize(&issuerSerialBn);
+            return(NULL);
+        }
+
+        /* search */
+        pCert = xmlSecMSCryptoX509FindCertByIssuer(store,
+                        wcIssuerName,
+                        &issuerSerialBn,
+                        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING);
 
-        pCert = CertFindCertificateInStore(
-                        store,
-                        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-                        0,
-                        CERT_FIND_SUBJECT_CERT,
-                        &certInfo,
-                        NULL
-                ) ;
+        xmlFree(wcIssuerName);
 
-        xmlFree(cName);
+        /* cleanup */
         xmlSecBnFinalize(&issuerSerialBn);
     }
 
@@ -1044,7 +1320,7 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issu
 
         blob.pbData = binSki;
         blob.cbData = binSkiLen;
-        pCert = CertFindCertificateInStore(store, 
+        pCert = CertFindCertificateInStore(store,
                         PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
                         0,
                         CERT_FIND_KEY_IDENTIFIER,
@@ -1053,10 +1329,78 @@ xmlSecMSCryptoX509FindCert(HCERTSTORE store, xmlChar *subjectName, xmlChar *issu
         xmlFree(binSki);
     }
 
-  return(pCert);
+    return(pCert);
 }
 
 
+/**
+ * xmlSecMSCryptoX509GetNameString:
+ * @pCertContext:   the pointer to cert
+ * @dwType:         the type (see CertGetNameString description in MSDN)
+ * @dwFlags:        the flags (see CertGetNameString description in MSDN)
+ * @pvTypePara:     the type parameter (see CertGetNameString description in MSDN)
+ *
+ * Gets the name string for certificate (see CertGetNameString description in MSDN).
+ *
+ * Returns: name string (should be freed with xmlFree) or NULL if failed.
+ */
+xmlChar *
+xmlSecMSCryptoX509GetNameString(PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara) {
+    LPTSTR name = NULL;
+    xmlChar * res = NULL;
+    DWORD dwSize;
+
+    xmlSecAssert2(pCertContext != NULL, NULL);
+
+    /* get size first */
+    dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, NULL, 0);
+    if(dwSize <= 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "CertGetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+    }
+
+    /* allocate buffer */
+    name = (LPTSTR)xmlMalloc(sizeof(TCHAR) * (dwSize + 1));
+    if(name == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+    }
+
+    /* actually get the name */
+    dwSize = CertGetNameString(pCertContext, dwType, dwFlags, pvTypePara, name, dwSize);
+    if(dwSize <= 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "CertGetNameString",
+                    NULL,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(name);
+        return (NULL);
+    }
+
+    res = xmlSecMSCryptoConvertTstrToUtf8(name);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    "xmlSecMSCryptoConvertTstrToUtf8",
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(name);
+        return (NULL);
+    }
+    /* done */
+    xmlFree(name);
+    return (res);
+}
+
 #endif /* XMLSEC_NO_X509 */
 
 
diff --git a/src/mscrypto/xmlsec-mingw.h b/src/mscrypto/xmlsec-mingw.h
index 85d8cc3d..ef5d2ae4 100644
--- a/src/mscrypto/xmlsec-mingw.h
+++ b/src/mscrypto/xmlsec-mingw.h
@@ -3,163 +3,208 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyright (C) 2007 Roumen Petrov.
+ *
+ * Copyright (C) 2007,2010 Roumen Petrov.
  */
 
 #ifndef __XMLSEC_MSCRYPTO_XMLSEC_MINGW_H__
 #define __XMLSEC_MSCRYPTO_XMLSEC_MINGW_H__
 
+#ifndef XMLSEC_PRIVATE
+#error "xmlsec-mingw.h file contains private xmlsec definitions for mingw build and should not be used outside xmlsec or xmlsec-<crypto> libraries"
+#endif /* XMLSEC_PRIVATE */
+
 
 /*defines*/
+
+#ifndef ALG_SID_HMAC
+#  define ALG_SID_HMAC          9
+#endif
+
+#ifndef ALG_SID_SHA_256
+#  define ALG_SID_SHA_256       12
+#endif
+
+#ifndef ALG_SID_SHA_384
+#  define ALG_SID_SHA_384       13
+#endif
+
+#ifndef ALG_SID_SHA_512
+#  define ALG_SID_SHA_512       14
+#endif
+
+#ifndef CALG_HMAC
+#  define CALG_HMAC             (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_HMAC)
+#endif
+
+#ifndef CALG_SHA_256
+#  define CALG_SHA_256          (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_SHA_256)
+#endif
+
+#ifndef CALG_SHA_384
+#  define CALG_SHA_384          (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_SHA_384)
+#endif
+
+#ifndef CALG_SHA_512
+#  define CALG_SHA_512          (ALG_CLASS_HASH|ALG_TYPE_ANY|ALG_SID_SHA_512)
+#endif
+
+
+#ifndef KP_OAEP_PARAMS
+#  define KP_OAEP_PARAMS        36
+#endif
+
+
 #ifndef CERT_CLOSE_STORE_FORCE_FLAG
-#  define CERT_CLOSE_STORE_FORCE_FLAG		1
+#  define CERT_CLOSE_STORE_FORCE_FLAG           1
 #endif
 
 #ifndef CERT_CLOSE_STORE_CHECK_FLAG
-#  define CERT_CLOSE_STORE_CHECK_FLAG		2
+#  define CERT_CLOSE_STORE_CHECK_FLAG           2
 #endif
 
 
 #ifndef CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG
-#  define CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG	1
+#  define CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG   1
 #endif
 
 
 #ifndef CERT_STORE_ADD_ALWAYS
-#  define CERT_STORE_ADD_ALWAYS			4
+#  define CERT_STORE_ADD_ALWAYS                 4
 #endif
 
 #ifndef CERT_STORE_CREATE_NEW_FLAG
-#  define CERT_STORE_CREATE_NEW_FLAG		(2<<12)
+#  define CERT_STORE_CREATE_NEW_FLAG            (2<<12)
 #endif
 
 #ifndef CERT_STORE_SIGNATURE_FLAG
-#  define CERT_STORE_SIGNATURE_FLAG		1
+#  define CERT_STORE_SIGNATURE_FLAG             1
 #endif
 
 #ifndef CERT_STORE_TIME_VALIDITY_FLAG
-#  define CERT_STORE_TIME_VALIDITY_FLAG		2
+#  define CERT_STORE_TIME_VALIDITY_FLAG         2
 #endif
 
 #ifndef CERT_STORE_REVOCATION_FLAG
-#  define CERT_STORE_REVOCATION_FLAG		4
+#  define CERT_STORE_REVOCATION_FLAG            4
 #endif
 
 #ifndef CERT_STORE_NO_CRL_FLAG
-#  define CERT_STORE_NO_CRL_FLAG		(1<<16)
+#  define CERT_STORE_NO_CRL_FLAG                (1<<16)
 #endif
 
 
 #ifndef CERT_STORE_PROV_COLLECTION
-#  define CERT_STORE_PROV_COLLECTION		((LPCSTR) 11)
+#  define CERT_STORE_PROV_COLLECTION            ((LPCSTR) 11)
 #endif
 
 #ifndef CERT_STORE_PROV_MEMORY
-#  define CERT_STORE_PROV_MEMORY		((LPCSTR) 2)
+#  define CERT_STORE_PROV_MEMORY                ((LPCSTR) 2)
 #endif
 
 
 #ifndef CERT_KEY_SPEC_PROP_ID
-#  define CERT_KEY_SPEC_PROP_ID			6
+#  define CERT_KEY_SPEC_PROP_ID                 6
 #endif
 
 #ifndef CERT_FRIENDLY_NAME_PROP_ID
-#  define CERT_FRIENDLY_NAME_PROP_ID		11
+#  define CERT_FRIENDLY_NAME_PROP_ID            11
 #endif
 
 #ifndef CERT_KEY_IDENTIFIER_PROP_ID
-#  define CERT_KEY_IDENTIFIER_PROP_ID		20
+#  define CERT_KEY_IDENTIFIER_PROP_ID           20
 #endif
 
 
 #ifndef CERT_NAME_ISSUER_FLAG
-#  define CERT_NAME_ISSUER_FLAG			1
+#  define CERT_NAME_ISSUER_FLAG                 1
 #endif
 
 #ifndef CERT_NAME_RDN_TYPE
-#  define CERT_NAME_RDN_TYPE			2
+#  define CERT_NAME_RDN_TYPE                    2
 #endif
 
 #ifndef CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG
-#  define CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG	(4<<16)
+#  define CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG        (4<<16)
 #endif
 
 
 #ifndef CERT_CHAIN_REVOCATION_CHECK_CHAIN
-#  define CERT_CHAIN_REVOCATION_CHECK_CHAIN			(2<<28)
+#  define CERT_CHAIN_REVOCATION_CHECK_CHAIN                     (2<<28)
 #endif
 
 #ifndef CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT
-#  define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT	(4<<28)
+#  define CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT        (4<<28)
 #endif
 
 
 #ifndef szOID_SUBJECT_KEY_IDENTIFIER
-#  define szOID_SUBJECT_KEY_IDENTIFIER		"2.5.29.14"
+#  define szOID_SUBJECT_KEY_IDENTIFIER          "2.5.29.14"
 #endif
 
 
 #ifndef CRYPT_ACQUIRE_COMPARE_KEY_FLAG
-#  define CRYPT_ACQUIRE_COMPARE_KEY_FLAG	4
+#  define CRYPT_ACQUIRE_COMPARE_KEY_FLAG        4
 #endif
 
 
 /*structures/types*/
 typedef struct _PUBKEY {
-	DWORD magic;
-	DWORD bitlen;
+        DWORD magic;
+        DWORD bitlen;
 } DSSPUBKEY;
 
 typedef struct _DSSSEED {
-	DWORD   counter;
-	BYTE    seed[20];
+        DWORD   counter;
+        BYTE    seed[20];
 } DSSSEED;
 
 
 typedef struct _PROV_ENUMALGS_EX {
-	ALG_ID aiAlgid;
-	DWORD dwDefaultLen;
-	DWORD dwMinLen;
-	DWORD dwMaxLen;
-	DWORD dwProtocols;
-	DWORD dwNameLen;
-	CHAR szName[20];
-	DWORD dwLongNameLen;
-	CHAR szLongName[40];
+        ALG_ID aiAlgid;
+        DWORD dwDefaultLen;
+        DWORD dwMinLen;
+        DWORD dwMaxLen;
+        DWORD dwProtocols;
+        DWORD dwNameLen;
+        CHAR szName[20];
+        DWORD dwLongNameLen;
+        CHAR szLongName[40];
 } PROV_ENUMALGS_EX;
 
 
 /*methods(functions)*/
-DWORD		WINAPI CertGetPublicKeyLength(DWORD,PCERT_PUBLIC_KEY_INFO);
+DWORD           WINAPI CertGetPublicKeyLength(DWORD,PCERT_PUBLIC_KEY_INFO);
 
-BOOL		WINAPI CertStrToNameA(DWORD,LPCSTR,DWORD,void*,BYTE*,DWORD*,LPCSTR*);
-BOOL		WINAPI CertStrToNameW(DWORD,LPCWSTR,DWORD,void*,BYTE*,DWORD*,LPCWSTR*);
+BOOL            WINAPI CertStrToNameA(DWORD,LPCSTR,DWORD,void*,BYTE*,DWORD*,LPCSTR*);
+BOOL            WINAPI CertStrToNameW(DWORD,LPCWSTR,DWORD,void*,BYTE*,DWORD*,LPCWSTR*);
 #ifdef UNICODE
 #define CertStrToName  CertStrToNameW
 #else
 #define CertStrToName  CertStrToNameA
 #endif
-BOOL		WINAPI CertCompareCertificateName(DWORD,PCERT_NAME_BLOB,PCERT_NAME_BLOB);
 
-BOOL		WINAPI CertAddStoreToCollection(HCERTSTORE,HCERTSTORE,DWORD,DWORD);
 
-PCCERT_CONTEXT	WINAPI CertCreateCertificateContext(DWORD,const BYTE*,DWORD);
-BOOL		WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT,DWORD,void*,DWORD*);
-BOOL		WINAPI CertVerifySubjectCertificateContext(PCCERT_CONTEXT,PCCERT_CONTEXT,DWORD*);
+BOOL            WINAPI CertCompareCertificateName(DWORD,PCERT_NAME_BLOB,PCERT_NAME_BLOB);
+
+BOOL            WINAPI CertAddStoreToCollection(HCERTSTORE,HCERTSTORE,DWORD,DWORD);
+
+PCCERT_CONTEXT  WINAPI CertCreateCertificateContext(DWORD,const BYTE*,DWORD);
+BOOL            WINAPI CertGetCertificateContextProperty(PCCERT_CONTEXT,DWORD,void*,DWORD*);
+BOOL            WINAPI CertVerifySubjectCertificateContext(PCCERT_CONTEXT,PCCERT_CONTEXT,DWORD*);
 
-BOOL		WINAPI CertAddCRLContextToStore(HCERTSTORE,PCCRL_CONTEXT,DWORD,PCCRL_CONTEXT*);
-PCCRL_CONTEXT	WINAPI CertDuplicateCRLContext(PCCRL_CONTEXT);
-BOOL		WINAPI CertFreeCRLContext(PCCRL_CONTEXT);
+BOOL            WINAPI CertAddCRLContextToStore(HCERTSTORE,PCCRL_CONTEXT,DWORD,PCCRL_CONTEXT*);
+PCCRL_CONTEXT   WINAPI CertDuplicateCRLContext(PCCRL_CONTEXT);
+BOOL            WINAPI CertFreeCRLContext(PCCRL_CONTEXT);
 
-BOOL		WINAPI CertFindCertificateInCRL(PCCERT_CONTEXT,PCCRL_CONTEXT,DWORD,void*,PCRL_ENTRY*);
-PCCRL_CONTEXT	WINAPI CertEnumCRLsInStore(HCERTSTORE,PCCRL_CONTEXT);
+BOOL            WINAPI CertFindCertificateInCRL(PCCERT_CONTEXT,PCCRL_CONTEXT,DWORD,void*,PCRL_ENTRY*);
+PCCRL_CONTEXT   WINAPI CertEnumCRLsInStore(HCERTSTORE,PCCRL_CONTEXT);
 
-PCCRL_CONTEXT	WINAPI CertCreateCRLContext(DWORD,const BYTE*,DWORD);
+PCCRL_CONTEXT   WINAPI CertCreateCRLContext(DWORD,const BYTE*,DWORD);
 
-BOOL		WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT,DWORD,void*,HCRYPTPROV*,DWORD*,BOOL*);
-BOOL		WINAPI CryptDuplicateKey(HCRYPTKEY,DWORD*,DWORD,HCRYPTKEY*);
-BOOL		WINAPI CryptImportPublicKeyInfo(HCRYPTPROV,DWORD,PCERT_PUBLIC_KEY_INFO,HCRYPTKEY*);
+BOOL            WINAPI CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT,DWORD,void*,HCRYPTPROV*,DWORD*,BOOL*);
+BOOL            WINAPI CryptDuplicateKey(HCRYPTKEY,DWORD*,DWORD,HCRYPTKEY*);
+BOOL            WINAPI CryptImportPublicKeyInfo(HCRYPTPROV,DWORD,PCERT_PUBLIC_KEY_INFO,HCRYPTKEY*);
 
 
 #endif /*ndef __XMLSEC_MSCRYPTO_XMLSEC_MINGW_H__*/
diff --git a/src/nodeset.c b/src/nodeset.c
index 74c2d5b3..04ae8105 100644
--- a/src/nodeset.c
+++ b/src/nodeset.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Enchanced nodes set
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 #include <libxml/xpath.h>
 #include <libxml/xpathInternals.h>
@@ -25,23 +25,23 @@
     (((node)->type != XML_NAMESPACE_DECL) ? \
         (node)->parent : \
         (xmlNodePtr)((xmlNsPtr)(node))->next)
-	
-static int	xmlSecNodeSetOneContains		(xmlSecNodeSetPtr nset, 
-							 xmlNodePtr node, 
-							 xmlNodePtr parent);
-static int	xmlSecNodeSetWalkRecursive		(xmlSecNodeSetPtr nset, 
-							 xmlSecNodeSetWalkCallback walkFunc, 
-							 void* data, 
-							 xmlNodePtr cur, 
-							 xmlNodePtr parent);
+
+static int      xmlSecNodeSetOneContains                (xmlSecNodeSetPtr nset,
+                                                         xmlNodePtr node,
+                                                         xmlNodePtr parent);
+static int      xmlSecNodeSetWalkRecursive              (xmlSecNodeSetPtr nset,
+                                                         xmlSecNodeSetWalkCallback walkFunc,
+                                                         void* data,
+                                                         xmlNodePtr cur,
+                                                         xmlNodePtr parent);
 
 /**
  * xmlSecNodeSetCreate:
- * @doc: 		the pointer to parent XML document.
- * @nodes: 		the list of nodes.
- * @type: 		the nodes set type.
+ * @doc:                the pointer to parent XML document.
+ * @nodes:              the list of nodes.
+ * @type:               the nodes set type.
  *
- * Creates new nodes set. Caller is responsible for freeng returend object
+ * Creates new nodes set. Caller is responsible for freeing returned object
  * by calling #xmlSecNodeSetDestroy function.
  *
  * Returns: pointer to newly allocated node set or NULL if an error occurs.
@@ -51,155 +51,163 @@ xmlSecNodeSetCreate(xmlDocPtr doc, xmlNodeSetPtr nodes, xmlSecNodeSetType type)
     xmlSecNodeSetPtr nset;
 
     nset = (xmlSecNodeSetPtr)xmlMalloc(sizeof(xmlSecNodeSet));
-    if(nset == NULL) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecNodeSet)=%d",
-		    sizeof(xmlSecNodeSet));
-	return(NULL);
+    if(nset == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecNodeSet)=%d",
+                    sizeof(xmlSecNodeSet));
+        return(NULL);
     }
     memset(nset, 0,  sizeof(xmlSecNodeSet));
-    
-    nset->doc 	= doc;
+
+    nset->doc   = doc;
     nset->nodes = nodes;
-    nset->type	= type;
-    nset->next 	= nset->prev = nset;
+    nset->type  = type;
+    nset->next  = nset->prev = nset;
     return(nset);
 }
 
 /**
  * xmlSecNodeSetDestroy:
- * @nset: 		the pointer to node set.
+ * @nset:               the pointer to node set.
  *
  * Destroys the nodes set created with #xmlSecNodeSetCreate function.
  */
 void
 xmlSecNodeSetDestroy(xmlSecNodeSetPtr nset) {
     xmlSecNodeSetPtr tmp;
+    xmlDocPtr destroyDoc = NULL;
 
     xmlSecAssert(nset != NULL);
-    	
+
     while((tmp = nset) != NULL) {
-	if((nset->next != NULL) && (nset->next != nset)) {
-	    nset->next->prev = nset->prev;
-	    nset->prev->next = nset->next;	    
-	    nset = nset->next;
-	} else {
-	    nset = NULL;
-	}
-	
-	if(tmp->nodes != NULL) {
-    	    xmlXPathFreeNodeSet(tmp->nodes);
-	}
-	if(tmp->children != NULL) {
-	    xmlSecNodeSetDestroy(tmp->children);
-	}
-	if((tmp->doc != NULL) && (tmp->destroyDoc != 0)) {
-	    xmlFreeDoc(tmp->doc);
-	}
-	memset(tmp, 0,  sizeof(xmlSecNodeSet));
+        if((nset->next != NULL) && (nset->next != nset)) {
+            nset->next->prev = nset->prev;
+            nset->prev->next = nset->next;
+            nset = nset->next;
+        } else {
+            nset = NULL;
+        }
+
+        if(tmp->nodes != NULL) {
+            xmlXPathFreeNodeSet(tmp->nodes);
+        }
+        if(tmp->children != NULL) {
+            xmlSecNodeSetDestroy(tmp->children);
+        }
+        if((tmp->doc != NULL) && (tmp->destroyDoc != 0)) {
+            /* all nodesets should belong to the same doc */
+            xmlSecAssert((destroyDoc == NULL) || (tmp->doc == destroyDoc));
+            destroyDoc = tmp->doc; /* can't destroy here because other node sets can refer to it */
+        }
+        memset(tmp, 0,  sizeof(xmlSecNodeSet));
         xmlFree(tmp);
     }
+
+    /* finally, destroy the doc if needed */
+    if(destroyDoc != NULL) {
+        xmlFreeDoc(destroyDoc);
+    }
 }
 
 /**
  * xmlSecNodeSetDocDestroy:
- * @nset: 		the pointer to node set.
+ * @nset:               the pointer to node set.
  *
  * Instructs node set to destroy nodes parent doc when node set is destroyed.
  */
-void 
+void
 xmlSecNodeSetDocDestroy(xmlSecNodeSetPtr nset) {
     xmlSecAssert(nset != NULL);
-    
+
     nset->destroyDoc = 1;
 }
 
 static int
 xmlSecNodeSetOneContains(xmlSecNodeSetPtr nset, xmlNodePtr node, xmlNodePtr parent) {
     int in_nodes_set = 1;
-    
+
     xmlSecAssert2(nset != NULL, 0);
     xmlSecAssert2(node != NULL, 0);
-        
+
     /* special cases: */
     switch(nset->type) {
-	case xmlSecNodeSetTreeWithoutComments:
+        case xmlSecNodeSetTreeWithoutComments:
         case xmlSecNodeSetTreeWithoutCommentsInvert:
-	    if(node->type == XML_COMMENT_NODE) {
-		return(0);
-	    }
-	    break;
-	case xmlSecNodeSetList:
-	    return(xmlSecNodeSetContains(nset->children, node, parent));
-	default:
-	    break;
+            if(node->type == XML_COMMENT_NODE) {
+                return(0);
+            }
+            break;
+        case xmlSecNodeSetList:
+            return(xmlSecNodeSetContains(nset->children, node, parent));
+        default:
+            break;
     }
-        
+
     if(nset->nodes != NULL) {
-	if(node->type != XML_NAMESPACE_DECL) {
-	    in_nodes_set = xmlXPathNodeSetContains(nset->nodes, node);
-	} else {
-	    xmlNs ns;
-	    
-	    memcpy(&ns, node, sizeof(ns)); 
-	    
-	    /* this is a libxml hack! check xpath.c for details */
-	    if((parent != NULL) && (parent->type == XML_ATTRIBUTE_NODE)) {
-		ns.next = (xmlNsPtr)parent->parent;
-	    } else {
-		ns.next = (xmlNsPtr)parent; 
-	    }
-
-	    /* 
-	     * If the input is an XPath node-set, then the node-set must explicitly 
-	     * contain every node to be rendered to the canonical form.
-	     */
-	    in_nodes_set = (xmlXPathNodeSetContains(nset->nodes, (xmlNodePtr)&ns));
-	}
+        if(node->type != XML_NAMESPACE_DECL) {
+            in_nodes_set = xmlXPathNodeSetContains(nset->nodes, node);
+        } else {
+            xmlNs ns;
+
+            memcpy(&ns, node, sizeof(ns));
+
+            /* this is a libxml hack! check xpath.c for details */
+            if((parent != NULL) && (parent->type == XML_ATTRIBUTE_NODE)) {
+                ns.next = (xmlNsPtr)parent->parent;
+            } else {
+                ns.next = (xmlNsPtr)parent;
+            }
+
+            /*
+             * If the input is an XPath node-set, then the node-set must explicitly
+             * contain every node to be rendered to the canonical form.
+             */
+            in_nodes_set = (xmlXPathNodeSetContains(nset->nodes, (xmlNodePtr)&ns));
+        }
     }
-    
+
     switch(nset->type) {
     case xmlSecNodeSetNormal:
-	return(in_nodes_set);
+        return(in_nodes_set);
     case xmlSecNodeSetInvert:
-	return(!in_nodes_set);
+        return(!in_nodes_set);
     case xmlSecNodeSetTree:
     case xmlSecNodeSetTreeWithoutComments:
-	if(in_nodes_set) {
-	    return(1);
-	}
-	if((parent != NULL) && (parent->type == XML_ELEMENT_NODE)) {
-	    return(xmlSecNodeSetOneContains(nset, parent, parent->parent));
-	}
-	return(0);
+        if(in_nodes_set) {
+            return(1);
+        }
+        if((parent != NULL) && (parent->type == XML_ELEMENT_NODE)) {
+            return(xmlSecNodeSetOneContains(nset, parent, parent->parent));
+        }
+        return(0);
     case xmlSecNodeSetTreeInvert:
     case xmlSecNodeSetTreeWithoutCommentsInvert:
-	if(in_nodes_set) {
-	    return(0);
-	}
-	if((parent != NULL) && (parent->type == XML_ELEMENT_NODE)) {
-	    return(xmlSecNodeSetOneContains(nset, parent, parent->parent));
-	}
-	return(1);
+        if(in_nodes_set) {
+            return(0);
+        }
+        if((parent != NULL) && (parent->type == XML_ELEMENT_NODE)) {
+            return(xmlSecNodeSetOneContains(nset, parent, parent->parent));
+        }
+        return(1);
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "type=%d", nset->type);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "type=%d", nset->type);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecNodeSetContains:
- * @nset: 		the pointer to node set.
- * @node: 		the pointer to XML node to check.
- * @parent: 		the pointer to @node parent node.
+ * @nset:               the pointer to node set.
+ * @node:               the pointer to XML node to check.
+ * @parent:             the pointer to @node parent node.
  *
  * Checks whether the @node is in the nodes set or not.
  *
@@ -210,126 +218,129 @@ int
 xmlSecNodeSetContains(xmlSecNodeSetPtr nset, xmlNodePtr node, xmlNodePtr parent) {
     int status = 1;
     xmlSecNodeSetPtr cur;
-    
+
     xmlSecAssert2(node != NULL, 0);
-    
+
     /* special cases: */
     if(nset == NULL) {
-	return(1);
+        return(1);
     }
-    
+
     status = 1;
     cur = nset;
     do {
-	switch(cur->op) {
-	case xmlSecNodeSetIntersection:
-	    if(status && !xmlSecNodeSetOneContains(cur, node, parent)) {
-		status = 0;
-	    }
-    	    break;
-	case xmlSecNodeSetSubtraction:
-	    if(status && xmlSecNodeSetOneContains(cur, node, parent)) {
-		status = 0;
-	    }
-	    break;
-	case xmlSecNodeSetUnion:
-	    if(!status && xmlSecNodeSetOneContains(cur, node, parent)) {
-		status = 1;
-	    }	
-	    break;
-	default:
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_OPERATION,
-			"operation=%d", cur->op);
-	    return(-1);
-	}
-	cur = cur->next;
+        switch(cur->op) {
+        case xmlSecNodeSetIntersection:
+            if(status && !xmlSecNodeSetOneContains(cur, node, parent)) {
+                status = 0;
+            }
+            break;
+        case xmlSecNodeSetSubtraction:
+            if(status && xmlSecNodeSetOneContains(cur, node, parent)) {
+                status = 0;
+            }
+            break;
+        case xmlSecNodeSetUnion:
+            if(!status && xmlSecNodeSetOneContains(cur, node, parent)) {
+                status = 1;
+            }
+            break;
+        default:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_OPERATION,
+                        "operation=%d", cur->op);
+            return(-1);
+        }
+        cur = cur->next;
     } while(cur != nset);
-    
+
     return(status);
 }
 
 /**
  * xmlSecNodeSetAdd:
- * @nset: 		the pointer to currrent nodes set (or NULL).
- * @newNSet: 		the pointer to new nodes set.
- * @op: 		the operation type.
+ * @nset:               the pointer to currrent nodes set (or NULL).
+ * @newNSet:            the pointer to new nodes set.
+ * @op:                 the operation type.
  *
- * Adds @newNSet to the @nset using operation @op. 
+ * Adds @newNSet to the @nset using operation @op.
  *
- * Returns: the pointer to combined nodes set or NULL if an error 
+ * Returns: the pointer to combined nodes set or NULL if an error
  * occurs.
  */
-xmlSecNodeSetPtr	
-xmlSecNodeSetAdd(xmlSecNodeSetPtr nset, xmlSecNodeSetPtr newNSet, 
-		 xmlSecNodeSetOp op) {
+xmlSecNodeSetPtr
+xmlSecNodeSetAdd(xmlSecNodeSetPtr nset, xmlSecNodeSetPtr newNSet,
+                 xmlSecNodeSetOp op) {
     xmlSecAssert2(newNSet != NULL, NULL);
     xmlSecAssert2(newNSet->next == newNSet, NULL);
 
-    newNSet->op	= op;
+    newNSet->op = op;
     if(nset == NULL) {
-	return(newNSet);
+        return(newNSet);
     }
-        
+
+    /* all nodesets should belong to the same doc */
+    xmlSecAssert2(nset->doc == newNSet->doc, NULL);
+
     newNSet->next = nset;
     newNSet->prev = nset->prev;
     nset->prev->next = newNSet;
-    nset->prev 	     = newNSet;
+    nset->prev       = newNSet;
     return(nset);
 }
 
 /**
  * xmlSecNodeSetAddList:
- * @nset: 		the pointer to currrent nodes set (or NULL).
- * @newNSet: 		the pointer to new nodes set.
- * @op: 		the operation type.
+ * @nset:               the pointer to currrent nodes set (or NULL).
+ * @newNSet:            the pointer to new nodes set.
+ * @op:                 the operation type.
  *
- * Adds @newNSet to the @nset as child using operation @op. 
+ * Adds @newNSet to the @nset as child using operation @op.
  *
- * Returns: the pointer to combined nodes set or NULL if an error 
+ * Returns: the pointer to combined nodes set or NULL if an error
  * occurs.
  */
-xmlSecNodeSetPtr	
+xmlSecNodeSetPtr
 xmlSecNodeSetAddList(xmlSecNodeSetPtr nset, xmlSecNodeSetPtr newNSet, xmlSecNodeSetOp op) {
     xmlSecNodeSetPtr tmp1, tmp2;
 
     xmlSecAssert2(newNSet != NULL, NULL);
-    
+
     tmp1 = xmlSecNodeSetCreate(newNSet->doc, NULL, xmlSecNodeSetList);
     if(tmp1 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNodeSetCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNodeSetCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     tmp1->children = newNSet;
-    
+
     tmp2 = xmlSecNodeSetAdd(nset, tmp1, op);
     if(tmp2 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNodeSetAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecNodeSetDestroy(tmp1);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNodeSetAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecNodeSetDestroy(tmp1);
+        return(NULL);
     }
     return(tmp2);
 }
 
- 
+
 /**
  * xmlSecNodeSetWalk:
- * @nset: 		the pointer to node set.
- * @walkFunc: 		the callback functions.
- * @data: 		the application specific data passed to the @walkFunc.
+ * @nset:               the pointer to node set.
+ * @walkFunc:           the callback functions.
+ * @data:               the application specific data passed to the @walkFunc.
  *
  * Calls the function @walkFunc once per each node in the nodes set @nset.
- * If the @walkFunc returns a negative value, then the walk procedure 
+ * If the @walkFunc returns a negative value, then the walk procedure
  * is interrupted.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -338,110 +349,110 @@ int
 xmlSecNodeSetWalk(xmlSecNodeSetPtr nset, xmlSecNodeSetWalkCallback walkFunc, void* data) {
     xmlNodePtr cur;
     int ret = 0;
-    
+
     xmlSecAssert2(nset != NULL, -1);
     xmlSecAssert2(nset->doc != NULL, -1);
     xmlSecAssert2(walkFunc != NULL, -1);
 
     /* special cases */
     if(nset->nodes != NULL) {
-	int i;
-
-	switch(nset->type) {
-	case xmlSecNodeSetNormal:
-	case xmlSecNodeSetTree:
-	case xmlSecNodeSetTreeWithoutComments:
-	    for(i = 0; (ret >= 0) && (i < nset->nodes->nodeNr); ++i) {
-		ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data, 
-		    nset->nodes->nodeTab[i], 
-		    xmlSecGetParent(nset->nodes->nodeTab[i]));
-	    }
-	    return(ret);
-	default:
-	    break;
-	}
+        int i;
+
+        switch(nset->type) {
+        case xmlSecNodeSetNormal:
+        case xmlSecNodeSetTree:
+        case xmlSecNodeSetTreeWithoutComments:
+            for(i = 0; (ret >= 0) && (i < nset->nodes->nodeNr); ++i) {
+                ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data,
+                    nset->nodes->nodeTab[i],
+                    xmlSecGetParent(nset->nodes->nodeTab[i]));
+            }
+            return(ret);
+        default:
+            break;
+        }
     }
-    
+
     for(cur = nset->doc->children; (cur != NULL) && (ret >= 0); cur = cur->next) {
-	ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data, cur, xmlSecGetParent(cur));
+        ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data, cur, xmlSecGetParent(cur));
     }
     return(ret);
 }
 
 static int
-xmlSecNodeSetWalkRecursive(xmlSecNodeSetPtr nset, xmlSecNodeSetWalkCallback walkFunc, 
-			    void* data, xmlNodePtr cur, xmlNodePtr parent) {
+xmlSecNodeSetWalkRecursive(xmlSecNodeSetPtr nset, xmlSecNodeSetWalkCallback walkFunc,
+                            void* data, xmlNodePtr cur, xmlNodePtr parent) {
     int ret;
 
     xmlSecAssert2(nset != NULL, -1);
     xmlSecAssert2(cur != NULL, -1);
     xmlSecAssert2(walkFunc != NULL, -1);
-    
+
     /* the node itself */
     if(xmlSecNodeSetContains(nset, cur, parent)) {
-	ret = walkFunc(nset, cur, parent, data);
-	
-	if(ret < 0) {
-	    return(ret);
-	}
+        ret = walkFunc(nset, cur, parent, data);
+
+        if(ret < 0) {
+            return(ret);
+        }
     }
-	
-    /* element node has attributes, namespaces  */	
+
+    /* element node has attributes, namespaces  */
     if(cur->type == XML_ELEMENT_NODE) {
         xmlAttrPtr attr;
-	xmlNodePtr node;
-	xmlNsPtr ns, tmp;
-	
+        xmlNodePtr node;
+        xmlNsPtr ns, tmp;
+
         attr = (xmlAttrPtr)cur->properties;
         while(attr != NULL) {
-	    if(xmlSecNodeSetContains(nset, (xmlNodePtr)attr, cur)) {
-		ret = walkFunc(nset, (xmlNodePtr)attr, cur, data);
-		if(ret < 0) {
-		    return(ret);
-		}
-	    }
-	    attr = attr->next;
-	}
-
-	node = cur;
-	while(node != NULL) {
-    	    ns = node->nsDef;
-    	    while(ns != NULL) {
-		tmp = xmlSearchNs(nset->doc, cur, ns->prefix);
-		if((tmp == ns) && xmlSecNodeSetContains(nset, (xmlNodePtr)ns, cur)) {
-		    ret = walkFunc(nset, (xmlNodePtr)ns, cur, data);
-		    if(ret < 0) {
-			return(ret);
-		    }
-		}
-		ns = ns->next;
-	    }
-	    node = node->parent;
-	}
+            if(xmlSecNodeSetContains(nset, (xmlNodePtr)attr, cur)) {
+                ret = walkFunc(nset, (xmlNodePtr)attr, cur, data);
+                if(ret < 0) {
+                    return(ret);
+                }
+            }
+            attr = attr->next;
+        }
+
+        node = cur;
+        while(node != NULL) {
+            ns = node->nsDef;
+            while(ns != NULL) {
+                tmp = xmlSearchNs(nset->doc, cur, ns->prefix);
+                if((tmp == ns) && xmlSecNodeSetContains(nset, (xmlNodePtr)ns, cur)) {
+                    ret = walkFunc(nset, (xmlNodePtr)ns, cur, data);
+                    if(ret < 0) {
+                        return(ret);
+                    }
+                }
+                ns = ns->next;
+            }
+            node = node->parent;
+        }
     }
 
     /* element and document nodes have children */
     if((cur->type == XML_ELEMENT_NODE) || (cur->type == XML_DOCUMENT_NODE)) {
-	xmlNodePtr node;
-	
-	node = cur->children;
-	while(node != NULL) {
-	    ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data, node, cur);
-	    if(ret < 0) {
-		return(ret);
-	    }
-	    node = node->next;
-	}
+        xmlNodePtr node;
+
+        node = cur->children;
+        while(node != NULL) {
+            ret = xmlSecNodeSetWalkRecursive(nset, walkFunc, data, node, cur);
+            if(ret < 0) {
+                return(ret);
+            }
+            node = node->next;
+        }
     }
     return(0);
 }
 
 /**
  * xmlSecNodeSetGetChildren:
- * @doc: 		the pointer to an XML document.
- * @parent:	 	the pointer to parent XML node or NULL if we want to include all document nodes.
- * @withComments: 	the flag include  comments or not.
- * @invert: 		the "invert" flag.
+ * @doc:                the pointer to an XML document.
+ * @parent:             the pointer to parent XML node or NULL if we want to include all document nodes.
+ * @withComments:       the flag include  comments or not.
+ * @invert:             the "invert" flag.
  *
  * Creates a new nodes set that contains:
  *  - if @withComments is not 0 and @invert is 0:
@@ -451,77 +462,77 @@ xmlSecNodeSetWalkRecursive(xmlSecNodeSetPtr nset, xmlSecNodeSetWalkCallback walk
  *  - if @withComments is not 0 and @invert not is 0:
  *    all nodes in the @doc except nodes in the @parent subtree;
  *  - if @withComments is 0 and @invert is 0:
- *    all nodes in the @doc except nodes in the @parent subtree 
+ *    all nodes in the @doc except nodes in the @parent subtree
  *    and comment nodes.
  *
  * Returns: pointer to the newly created #xmlSecNodeSet structure
  * or NULL if an error occurs.
  */
-xmlSecNodeSetPtr	
+xmlSecNodeSetPtr
 xmlSecNodeSetGetChildren(xmlDocPtr doc, const xmlNodePtr parent, int withComments, int invert) {
     xmlNodeSetPtr nodes;
     xmlSecNodeSetType type;
 
     xmlSecAssert2(doc != NULL, NULL);
-        
+
     nodes = xmlXPathNodeSetCreate(parent);
     if(nodes == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlXPathNodeSetCreate",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }	
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlXPathNodeSetCreate",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     /* if parent is NULL then we add all the doc children */
     if(parent == NULL) {
-	xmlNodePtr cur;
-	for(cur = doc->children; cur != NULL; cur = cur->next) {
-	    if(withComments || (cur->type != XML_COMMENT_NODE)) {
-	        xmlXPathNodeSetAdd(nodes, cur);
-	    }
-	}
+        xmlNodePtr cur;
+        for(cur = doc->children; cur != NULL; cur = cur->next) {
+            if(withComments || (cur->type != XML_COMMENT_NODE)) {
+                xmlXPathNodeSetAdd(nodes, cur);
+            }
+        }
     }
 
     if(withComments && invert) {
-	type = xmlSecNodeSetTreeInvert;
+        type = xmlSecNodeSetTreeInvert;
     } else if(withComments && !invert) {
-	type = xmlSecNodeSetTree;
+        type = xmlSecNodeSetTree;
     } else if(!withComments && invert) {
-	type = xmlSecNodeSetTreeWithoutCommentsInvert;
+        type = xmlSecNodeSetTreeWithoutCommentsInvert;
     } else { /* if(!withComments && !invert) */
-	type = xmlSecNodeSetTreeWithoutComments;
+        type = xmlSecNodeSetTreeWithoutComments;
     }
 
     return(xmlSecNodeSetCreate(doc, nodes, type));
 }
 
 static int
-xmlSecNodeSetDumpTextNodesWalkCallback(xmlSecNodeSetPtr nset, xmlNodePtr cur, 
-				   xmlNodePtr parent ATTRIBUTE_UNUSED, 
-				   void* data) {
+xmlSecNodeSetDumpTextNodesWalkCallback(xmlSecNodeSetPtr nset, xmlNodePtr cur,
+                                   xmlNodePtr parent ATTRIBUTE_UNUSED,
+                                   void* data) {
     xmlSecAssert2(nset != NULL, -1);
     xmlSecAssert2(cur != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
 
     if(cur->type == XML_TEXT_NODE) {
-	xmlOutputBufferWriteString((xmlOutputBufferPtr)data, 
-				    (char*)(cur->content)); 
+        xmlOutputBufferWriteString((xmlOutputBufferPtr)data,
+                                    (char*)(cur->content));
     }
     return(0);
 }
 
 /**
  * xmlSecNodeSetDumpTextNodes:
- * @nset: 		the pointer to node set.
- * @out:		the output buffer.
+ * @nset:               the pointer to node set.
+ * @out:                the output buffer.
  *
  * Dumps content of all the text nodes from @nset to @out.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecNodeSetDumpTextNodes(xmlSecNodeSetPtr nset, xmlOutputBufferPtr out) {
     xmlSecAssert2(nset != NULL, -1);
     xmlSecAssert2(out != NULL, -1);
@@ -530,10 +541,10 @@ xmlSecNodeSetDumpTextNodes(xmlSecNodeSetPtr nset, xmlOutputBufferPtr out) {
 }
 
 /**
- * xmlSecNodeSetDebugDump: 
- * @nset: 		the pointer to node set.
- * @output: 		the pointer to output FILE.
- * 
+ * xmlSecNodeSetDebugDump:
+ * @nset:               the pointer to node set.
+ * @output:             the pointer to output FILE.
+ *
  * Prints information about @nset to the @output.
  */
 void
@@ -547,53 +558,53 @@ xmlSecNodeSetDebugDump(xmlSecNodeSetPtr nset, FILE *output) {
     fprintf(output, "== Nodes set ");
     switch(nset->type) {
     case xmlSecNodeSetNormal:
-	fprintf(output, "(xmlSecNodeSetNormal)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetNormal)\n");
+        break;
     case xmlSecNodeSetInvert:
-	fprintf(output, "(xmlSecNodeSetInvert)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetInvert)\n");
+        break;
     case xmlSecNodeSetTree:
-	fprintf(output, "(xmlSecNodeSetTree)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetTree)\n");
+        break;
     case xmlSecNodeSetTreeWithoutComments:
-	fprintf(output, "(xmlSecNodeSetTreeWithoutComments)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetTreeWithoutComments)\n");
+        break;
     case xmlSecNodeSetTreeInvert:
-	fprintf(output, "(xmlSecNodeSetTreeInvert)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetTreeInvert)\n");
+        break;
     case xmlSecNodeSetTreeWithoutCommentsInvert:
-	fprintf(output, "(xmlSecNodeSetTreeWithoutCommentsInvert)\n");
-	break;
+        fprintf(output, "(xmlSecNodeSetTreeWithoutCommentsInvert)\n");
+        break;
     case xmlSecNodeSetList:
-	fprintf(output, "(xmlSecNodeSetList)\n");
-	fprintf(output, ">>>\n");
-	xmlSecNodeSetDebugDump(nset->children, output);
-	fprintf(output, "<<<\n");
-	return;
+        fprintf(output, "(xmlSecNodeSetList)\n");
+        fprintf(output, ">>>\n");
+        xmlSecNodeSetDebugDump(nset->children, output);
+        fprintf(output, "<<<\n");
+        return;
     default:
-	fprintf(output, "(unknown=%d)\n", nset->type);
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "type=%d", nset->type);
+        fprintf(output, "(unknown=%d)\n", nset->type);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "type=%d", nset->type);
     }
-        
+
     l = xmlXPathNodeSetGetLength(nset->nodes);
     for(i = 0; i < l; ++i) {
-	cur = xmlXPathNodeSetItem(nset->nodes, i);
-	if(cur->type != XML_NAMESPACE_DECL) {
-	    fprintf(output, "%d: %s\n", cur->type, 
-		(cur->name) ? cur->name : BAD_CAST "null");
-	} else {
-	    xmlNsPtr ns = (xmlNsPtr)cur;
-	    fprintf(output, "%d: %s=%s (%s:%s)\n", cur->type, 
-		(ns->prefix) ? ns->prefix : BAD_CAST "null",
-		(ns->href) ? ns->href : BAD_CAST "null",
-		(((xmlNodePtr)ns->next)->ns && 
-		 ((xmlNodePtr)ns->next)->ns->prefix) ? 
-		  ((xmlNodePtr)ns->next)->ns->prefix : BAD_CAST "null",		
-		((xmlNodePtr)ns->next)->name);
-	}
+        cur = xmlXPathNodeSetItem(nset->nodes, i);
+        if(cur->type != XML_NAMESPACE_DECL) {
+            fprintf(output, "%d: %s\n", cur->type,
+                (cur->name) ? cur->name : BAD_CAST "null");
+        } else {
+            xmlNsPtr ns = (xmlNsPtr)cur;
+            fprintf(output, "%d: %s=%s (%s:%s)\n", cur->type,
+                (ns->prefix) ? ns->prefix : BAD_CAST "null",
+                (ns->href) ? ns->href : BAD_CAST "null",
+                (((xmlNodePtr)ns->next)->ns &&
+                 ((xmlNodePtr)ns->next)->ns->prefix) ?
+                  ((xmlNodePtr)ns->next)->ns->prefix : BAD_CAST "null",
+                ((xmlNodePtr)ns->next)->name);
+        }
     }
 }
diff --git a/src/nss/Makefile.am b/src/nss/Makefile.am
index 5209533f..8cd85863 100644
--- a/src/nss/Makefile.am
+++ b/src/nss/Makefile.am
@@ -42,10 +42,10 @@ libxmlsec1_nss_la_SOURCES += ../strings.c
 endif
 
 libxmlsec1_nss_la_LIBADD = \
-	../libxmlsec1.la \
 	$(NSS_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_nss_la_DEPENDENCIES = \
diff --git a/src/nss/Makefile.in b/src/nss/Makefile.in
index d6bc31ec..e799b8ee 100644
--- a/src/nss/Makefile.in
+++ b/src/nss/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,10 +38,13 @@ host_triplet = @host@
 subdir = src/nss
 DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -66,6 +69,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 am__DEPENDENCIES_1 =
@@ -85,22 +94,39 @@ am_libxmlsec1_nss_la_OBJECTS = libxmlsec1_nss_la-app.lo \
 	libxmlsec1_nss_la-kw_des.lo libxmlsec1_nss_la-kw_aes.lo \
 	$(am__objects_1) $(am__objects_2)
 libxmlsec1_nss_la_OBJECTS = $(am_libxmlsec1_nss_la_OBJECTS)
-libxmlsec1_nss_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
-	$(libxmlsec1_nss_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_nss_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_nss_la_LDFLAGS) $(LDFLAGS) \
+	-o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(libxmlsec1_nss_la_SOURCES)
 DIST_SOURCES = $(am__libxmlsec1_nss_la_SOURCES_DIST)
 ETAGS = etags
@@ -108,6 +134,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -122,6 +149,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -130,6 +158,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -160,6 +192,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -191,8 +224,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -200,7 +235,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -219,6 +253,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -228,6 +264,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -263,6 +300,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -295,7 +333,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -335,10 +372,10 @@ libxmlsec1_nss_la_SOURCES = app.c bignum.c ciphers.c crypto.c \
 	x509vfy.c keysstore.c keytrans.c kw_des.c kw_aes.c globals.h \
 	$(NULL) $(am__append_1)
 libxmlsec1_nss_la_LIBADD = \
-	../libxmlsec1.la \
 	$(NSS_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_nss_la_DEPENDENCIES = \
@@ -414,8 +451,8 @@ clean-libLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libxmlsec1-nss.la: $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_DEPENDENCIES) 
-	$(libxmlsec1_nss_la_LINK) -rpath $(libdir) $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_LIBADD) $(LIBS)
+libxmlsec1-nss.la: $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_DEPENDENCIES) $(EXTRA_libxmlsec1_nss_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_nss_la_LINK) -rpath $(libdir) $(libxmlsec1_nss_la_OBJECTS) $(libxmlsec1_nss_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -441,137 +478,137 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 libxmlsec1_nss_la-app.lo: app.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-app.Tpo -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-app.Tpo $(DEPDIR)/libxmlsec1_nss_la-app.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='app.c' object='libxmlsec1_nss_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-app.Tpo -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-app.Tpo $(DEPDIR)/libxmlsec1_nss_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='app.c' object='libxmlsec1_nss_la-app.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
 
 libxmlsec1_nss_la-bignum.lo: bignum.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-bignum.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo $(DEPDIR)/libxmlsec1_nss_la-bignum.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='bignum.c' object='libxmlsec1_nss_la-bignum.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-bignum.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-bignum.Tpo $(DEPDIR)/libxmlsec1_nss_la-bignum.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='bignum.c' object='libxmlsec1_nss_la-bignum.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-bignum.lo `test -f 'bignum.c' || echo '$(srcdir)/'`bignum.c
 
 libxmlsec1_nss_la-ciphers.lo: ciphers.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='ciphers.c' object='libxmlsec1_nss_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_nss_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ciphers.c' object='libxmlsec1_nss_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
 
 libxmlsec1_nss_la-crypto.lo: crypto.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo $(DEPDIR)/libxmlsec1_nss_la-crypto.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='crypto.c' object='libxmlsec1_nss_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-crypto.Tpo $(DEPDIR)/libxmlsec1_nss_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='crypto.c' object='libxmlsec1_nss_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
 
 libxmlsec1_nss_la-digests.lo: digests.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo $(DEPDIR)/libxmlsec1_nss_la-digests.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='digests.c' object='libxmlsec1_nss_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-digests.Tpo $(DEPDIR)/libxmlsec1_nss_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='digests.c' object='libxmlsec1_nss_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
 
 libxmlsec1_nss_la-hmac.lo: hmac.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo $(DEPDIR)/libxmlsec1_nss_la-hmac.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='hmac.c' object='libxmlsec1_nss_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-hmac.Tpo $(DEPDIR)/libxmlsec1_nss_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hmac.c' object='libxmlsec1_nss_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
 
 libxmlsec1_nss_la-pkikeys.lo: pkikeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-pkikeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='pkikeys.c' object='libxmlsec1_nss_la-pkikeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-pkikeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-pkikeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='pkikeys.c' object='libxmlsec1_nss_la-pkikeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-pkikeys.lo `test -f 'pkikeys.c' || echo '$(srcdir)/'`pkikeys.c
 
 libxmlsec1_nss_la-signatures.lo: signatures.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo $(DEPDIR)/libxmlsec1_nss_la-signatures.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='signatures.c' object='libxmlsec1_nss_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-signatures.Tpo $(DEPDIR)/libxmlsec1_nss_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='signatures.c' object='libxmlsec1_nss_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
 
 libxmlsec1_nss_la-symkeys.lo: symkeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='symkeys.c' object='libxmlsec1_nss_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_nss_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='symkeys.c' object='libxmlsec1_nss_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
 
 libxmlsec1_nss_la-x509.lo: x509.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509.c' object='libxmlsec1_nss_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509.c' object='libxmlsec1_nss_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
 
 libxmlsec1_nss_la-x509vfy.lo: x509vfy.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509vfy.c' object='libxmlsec1_nss_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_nss_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509vfy.c' object='libxmlsec1_nss_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
 
 libxmlsec1_nss_la-keysstore.lo: keysstore.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='keysstore.c' object='libxmlsec1_nss_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keysstore.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keysstore.Tpo $(DEPDIR)/libxmlsec1_nss_la-keysstore.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='keysstore.c' object='libxmlsec1_nss_la-keysstore.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keysstore.lo `test -f 'keysstore.c' || echo '$(srcdir)/'`keysstore.c
 
 libxmlsec1_nss_la-keytrans.lo: keytrans.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keytrans.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo $(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='keytrans.c' object='libxmlsec1_nss_la-keytrans.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-keytrans.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-keytrans.Tpo $(DEPDIR)/libxmlsec1_nss_la-keytrans.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='keytrans.c' object='libxmlsec1_nss_la-keytrans.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-keytrans.lo `test -f 'keytrans.c' || echo '$(srcdir)/'`keytrans.c
 
 libxmlsec1_nss_la-kw_des.lo: kw_des.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kw_des.c' object='libxmlsec1_nss_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_des.c' object='libxmlsec1_nss_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
 
 libxmlsec1_nss_la-kw_aes.lo: kw_aes.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kw_aes.c' object='libxmlsec1_nss_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_nss_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_aes.c' object='libxmlsec1_nss_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
 
 libxmlsec1_nss_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo $(DEPDIR)/libxmlsec1_nss_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../strings.c' object='libxmlsec1_nss_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_nss_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_nss_la-strings.Tpo $(DEPDIR)/libxmlsec1_nss_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../strings.c' object='libxmlsec1_nss_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_nss_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_nss_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -678,10 +715,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/src/nss/README b/src/nss/README
index 884ade99..65a0f45e 100644
--- a/src/nss/README
+++ b/src/nss/README
@@ -1,29 +1,29 @@
 WHAT VERSION OF NSS?
 ------------------------------------------------------------------------
-NSS 3.8 or greater and NSPR 4.3 or greater are required.
+NSS 3.9 or greater and NSPR 4.4.1 or greater are required.
 
 KEYS MANAGER
 ------------------------------------------------------------------------
 
 xmlsec-nss key manager uses a custom Keys Store, and a custom X509 Store.
-The custom Keys Store and the X509 Store use the NSS database as the underlying 
+The custom Keys Store and the X509 Store use the NSS database as the underlying
 store for public/private keys, Certs and CRLs.
 
 The NSS Keys store uses the Simple Keys Store on top of the NSS repository.
 The reason for this is that XMLSEC's generic adoptkey/getKey functions use a
 XMLSEC key object that contains more attributes than the raw NSS key object,
 and the getkey function may use a combination of one or more of these attributes
-(name, type, usage, Id) to find a key. There is no straightforward 1-1 mapping 
-between XMLSEC's adoptkey/getkey and NSS's APIs. 
-
-For example, the store may be asked to adopt a symmetric key, and later asked 
-to find it just by name. Or the store may be asked to adopt a private key 
-just by its type, and later asked to find it just by type. The key returned 
-by getKey is expected to contain all the attributes that were present at the 
-time of adoptkey - NSS store does not provide a way to store app-specific 
+(name, type, usage, Id) to find a key. There is no straightforward 1-1 mapping
+between XMLSEC's adoptkey/getkey and NSS's APIs.
+
+For example, the store may be asked to adopt a symmetric key, and later asked
+to find it just by name. Or the store may be asked to adopt a private key
+just by its type, and later asked to find it just by type. The key returned
+by getKey is expected to contain all the attributes that were present at the
+time of adoptkey - NSS store does not provide a way to store app-specific
 attributes.
 
-When a key is adopted by the NSS Keys Store, it is simply saved in the 
+When a key is adopted by the NSS Keys Store, it is simply saved in the
 Simple Keys Store. It is not saved into the NSS database. The only
 way to load keys into the NSS database is with a load operation through
 the XMLSEC API or via an administrator operation.
@@ -41,97 +41,88 @@ are:
 - NSS Database
 
 
-KNOWN ISSUES.
+KNOWN ISSUES
 ------------------------------------------------------------------------
-1)  NSS needs to provide a way to convert a DER integer string to an ASCII 
-decimal string. Once NSS is fixed, the function xmlSecNssASN1IntegerWrite 
-in src/nss/x509.c needs to be implemented. 
+1)  NSS needs to provide a way to convert a DER integer string to an ASCII
+decimal string. Once NSS is fixed, the function xmlSecNssASN1IntegerWrite
+in src/nss/x509.c needs to be implemented.
     NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=212864
     xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118633
 
-2) RSA Encryption/Decryption using PKCS#1 v1.5 padding not currently exposed 
+2) RSA Encryption/Decryption using PKCS#1 v1.5 padding not currently exposed
 in NSS. This causes some tests to fail.
-          
+
     NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=214236
     xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118628
 
-3) RSA-OAEP is not yet implemented in NSS. This is the only REQUIRED algorithm 
+3) RSA-OAEP is not yet implemented in NSS. This is the only REQUIRED algorithm
 that is missing from xmlsec-nss.
-           
-    NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=158747
-    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118629    
-
-4) There are 2 fixes in NSS that will be rolled into the next release (3.9). 
-They are:
-    - http://bugzilla.mozilla.org/show_bug.cgi?id=208194 
-    Once available, need to change src/nss/x509.c. Replace 
-        PR_AtomicIncrement(&(crlSrc->referenceCount));
-    with
-        SEC_DupCrl(crlSrc);
-    (there is a comment there that already has the correct line)
-
-    - http://bugzilla.mozilla.org/show_bug.cgi?id=211384
-    No changes required. The "NSS_Shutdown failed" in some of the
-    current tests will go away
 
-xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118630
+    NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=158747
+    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118629
 
-5) CERT_FindCertByNameString does not work in all cases
+4) CERT_FindCertByNameString does not work in all cases
 
    NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=210709
    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118631
 
-6) CERT_FindCertBySubjectKeyID does not work in all cases
-	   
+5) CERT_FindCertBySubjectKeyID does not work in all cases
+	
    NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=211051
    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118632
 
-7) Finding a cert by Issuer & Serial Number needs the ability to
+6) Finding a cert by Issuer & Serial Number needs the ability to
 convert an ASCII decimal string to a DER integer string. Filed
-an RFE against NSS. Once fixed, xmlSecNumToItem in x509vfy.c 
+an RFE against NSS. Once fixed, xmlSecNumToItem in x509vfy.c
 needs to be changed to use the new function(s) provided
 
     NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=212864
     xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118633
 
-8) RIPEMD160 Digest and RIPEMD160 HMAC is not supported by NSS
+7) RIPEMD160 Digest and RIPEMD160 HMAC is not supported by NSS
 
    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118634
-	    
-9) AES Key wrap algorithm is implemented in NSS but not exposed due to 
+	
+8) AES Key wrap algorithm is implemented in NSS but not exposed due to
 some bug src/nss/kw_aes.c uses a workaround which should be removed
 when the bug is fixed
 
    NSS bug: http://bugzilla.mozilla.org/show_bug.cgi?id=213795
    xmlsec bug: http://bugzilla.gnome.org/show_bug.cgi?id=118635
 
-10) Not all file formats are supported
+9) Not all file formats are supported
 
-- xmlSecNssAppKeyLoad(): This function loads a PKI key from a file. 
+- xmlSecNssAppKeyLoad(): This function loads a PKI key from a file.
     The following formats are supported:
-	. xmlSecKeyDataFormatDer: This expects the private key to be in 
-		PrivateKeyInfo format. Note that the DER files containing 
+	. xmlSecKeyDataFormatDer: This expects the private key to be in
+		PrivateKeyInfo format. Note that the DER files containing
                 private keys in the xmlsec test suite aren't in that format
-	. xmlsecKeyDataFormatPkcs12 
+	. xmlsecKeyDataFormatPkcs12
 
     The following formats are not supported:
 	. xmlSecKeyDataFormatPkcs8Pem
 	. xmlSecKeyDataFormatPkcs8Der
 
 
-- xmlSecNssAppCertLoad(): This function loads a cert from a file. 
+- xmlSecNssAppCertLoad(): This function loads a cert from a file.
     The following formats are supported:
 	xmlSecKeyDataFormatDer
 
     The following formats are not supported:
 	xmlSecKeyDataFormatPem
 
-11) "Trusted" vs "Untrusted" certificates: 
-The distinction between "trusted" and "untrusted" certificates in 
+10) "Trusted" vs "Untrusted" certificates:
+The distinction between "trusted" and "untrusted" certificates in
 xmlsec-openssl is maintained because the OPENSSL application (and
-not the OPENSSL library) has to maintain a cert store and verify 
+not the OPENSSL library) has to maintain a cert store and verify
 certificates. With NSS, no such distinction is necessary in the
 application.
 
 Aleksey: Not sure that I understand this point but thats what Tej wrote.
 
+11) NSS doesn't support emailAddress in the cert subject. There is a hack
+that needs to be removed in xmlSecNssX509FindCert function (x509vfy.c):
+
+https://bugzilla.mozilla.org/show_bug.cgi?id=561689
+
+12) CRLs from xml document support is not working at all.
diff --git a/src/nss/app.c b/src/nss/app.c
index 8aaf3327..dabe36d1 100644
--- a/src/nss/app.c
+++ b/src/nss/app.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
@@ -34,34 +34,34 @@
 #include <xmlsec/nss/keysstore.h>
 
 /* workaround - NSS exports this but doesn't declare it */
-extern CERTCertificate * __CERT_NewTempCertificate		(CERTCertDBHandle *handle,
-								 SECItem *derCert,
-								 char *nickname,
-								 PRBool isperm,
-								 PRBool copyDER);
-static int xmlSecNssAppCreateSECItem				(SECItem *contents, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize);
-static int xmlSecNssAppReadSECItem				(SECItem *contents, 
-								 const char *fn);
-static PRBool xmlSecNssAppAscii2UCS2Conv			(PRBool toUnicode,
-								 unsigned char *inBuf,
-								 unsigned int   inBufLen,
-								 unsigned char *outBuf,
-								 unsigned int   maxOutBufLen,
-								 unsigned int  *outBufLen,
-								 PRBool         swapBytes);
-static SECItem *xmlSecNssAppNicknameCollisionCallback		(SECItem *old_nick,
-						    		 PRBool *cancel,
-								 void *wincx);
-static xmlSecKeyPtr	xmlSecNssAppDerKeyLoadSECItem		(SECItem* secItem);
+extern CERTCertificate * __CERT_NewTempCertificate              (CERTCertDBHandle *handle,
+                                                                 SECItem *derCert,
+                                                                 char *nickname,
+                                                                 PRBool isperm,
+                                                                 PRBool copyDER);
+static int xmlSecNssAppCreateSECItem                            (SECItem *contents,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize);
+static int xmlSecNssAppReadSECItem                              (SECItem *contents,
+                                                                 const char *fn);
+static PRBool xmlSecNssAppAscii2UCS2Conv                        (PRBool toUnicode,
+                                                                 unsigned char *inBuf,
+                                                                 unsigned int   inBufLen,
+                                                                 unsigned char *outBuf,
+                                                                 unsigned int   maxOutBufLen,
+                                                                 unsigned int  *outBufLen,
+                                                                 PRBool         swapBytes);
+static SECItem *xmlSecNssAppNicknameCollisionCallback           (SECItem *old_nick,
+                                                                 PRBool *cancel,
+                                                                 void *wincx);
+static xmlSecKeyPtr     xmlSecNssAppDerKeyLoadSECItem           (SECItem* secItem);
 
 /**
  * xmlSecNssAppInit:
- * @config:		the path to NSS database files.
- * 
+ * @config:             the path to NSS database files.
+ *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -71,34 +71,34 @@ xmlSecNssAppInit(const char* config) {
     SECStatus rv;
 
     if(config) {
-	rv = NSS_InitReadWrite(config);
-	if(rv != SECSuccess) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"NSS_InitReadWrite",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"config=%s", 
-			xmlSecErrorsSafeString(config));
-	    return(-1);
-	}
+        rv = NSS_InitReadWrite(config);
+        if(rv != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "NSS_InitReadWrite",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "config=%s",
+                        xmlSecErrorsSafeString(config));
+            return(-1);
+        }
     } else {
-	rv = NSS_NoDB_Init(NULL);
-	if(rv != SECSuccess) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"NSS_NoDB_Init",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        rv = NSS_NoDB_Init(NULL);
+        if(rv != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "NSS_NoDB_Init",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     /* configure PKCS11 */
     PK11_ConfigurePKCS11("manufacturesID", "libraryDescription",
                          "tokenDescription", "privateTokenDescription",
                          "slotDescription", "privateSlotDescription",
-                         "fipsSlotDescription", "fipsPrivateSlotDescription", 
-			 0, 0); 
+                         "fipsSlotDescription", "fipsPrivateSlotDescription",
+                         0, 0);
 
     /* setup for PKCS12 */
     PORT_SetUCS2_ASCIIConversionFunction(xmlSecNssAppAscii2UCS2Conv);
@@ -115,9 +115,9 @@ xmlSecNssAppInit(const char* config) {
 
 /**
  * xmlSecNssAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -127,16 +127,16 @@ xmlSecNssAppShutdown(void) {
     SECStatus rv;
 /*
     SSL_ClearSessionCache();
-*/    
-    PK11_LogoutAll();    
+*/
+    PK11_LogoutAll();
     rv = NSS_Shutdown();
     if(rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "NSS_Shutdown",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "NSS_Shutdown",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -149,17 +149,17 @@ xmlSecNssAppCreateSECItem(SECItem *contents, const xmlSecByte* data, xmlSecSize
 
     contents->data = 0;
     if (!SECITEM_AllocItem(NULL, contents, dataSize)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SECITEM_AllocItem",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SECITEM_AllocItem",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     if(dataSize > 0) {
-	xmlSecAssert2(contents->data != NULL, -1);
-	memcpy(contents->data,  data, dataSize);
+        xmlSecAssert2(contents->data != NULL, -1);
+        memcpy(contents->data,  data, dataSize);
     }
 
     return (0);
@@ -178,64 +178,64 @@ xmlSecNssAppReadSECItem(SECItem *contents, const char *fn) {
 
     file = PR_Open(fn, PR_RDONLY, 00660);
     if (file == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PR_Open",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s",
-		    xmlSecErrorsSafeString(fn));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PR_Open",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(fn));
+        goto done;
     }
 
     prStatus = PR_GetOpenFileInfo(file, &info);
     if (prStatus != PR_SUCCESS) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PR_GetOpenFileInfo",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "filename=%s",
-		    xmlSecErrorsSafeString(fn));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PR_GetOpenFileInfo",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(fn));
+        goto done;
     }
 
     contents->data = 0;
     if (!SECITEM_AllocItem(NULL, contents, info.size)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SECITEM_AllocItem",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SECITEM_AllocItem",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     numBytes = PR_Read(file, contents->data, info.size);
     if (numBytes != info.size) {
-	SECITEM_FreeItem(contents, PR_FALSE);
-	goto done;
+        SECITEM_FreeItem(contents, PR_FALSE);
+        goto done;
     }
 
     ret = 0;
 done:
     if (file) {
-	PR_Close(file);
+        PR_Close(file);
     }
 
     return (ret);
 }
 
-static PRBool 
+static PRBool
 xmlSecNssAppAscii2UCS2Conv(PRBool toUnicode,
-		           unsigned char *inBuf,
-			   unsigned int   inBufLen,
-			   unsigned char *outBuf,
-			   unsigned int   maxOutBufLen,
-			   unsigned int  *outBufLen,
-			   PRBool         swapBytes ATTRIBUTE_UNUSED)
+                           unsigned char *inBuf,
+                           unsigned int   inBufLen,
+                           unsigned char *outBuf,
+                           unsigned int   maxOutBufLen,
+                           unsigned int  *outBufLen,
+                           PRBool         swapBytes ATTRIBUTE_UNUSED)
 {
     SECItem it;
-                                          
+
     if (toUnicode == PR_FALSE) {
-	return (PR_FALSE);
+        return (PR_FALSE);
     }
 
     memset(&it, 0, sizeof(it));
@@ -243,16 +243,16 @@ xmlSecNssAppAscii2UCS2Conv(PRBool toUnicode,
     it.len = inBufLen;
 
     return(PORT_UCS2_UTF8Conversion(toUnicode, it.data, it.len,
-				    outBuf, maxOutBufLen, outBufLen));
+                                    outBuf, maxOutBufLen, outBufLen));
 }
 
 static SECItem *
 xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
-		                      PRBool *cancel,
-				      void *wincx ATTRIBUTE_UNUSED)
+                                      PRBool *cancel,
+                                      void *wincx ATTRIBUTE_UNUSED)
 {
     if (cancel == NULL) {
-	return (NULL);
+        return (NULL);
     }
 
     /* XXX not handled yet  */
@@ -262,11 +262,11 @@ xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
 
 /**
  * xmlSecNssAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from a file
  *
@@ -274,11 +274,11 @@ xmlSecNssAppNicknameCollisionCallback(SECItem *old_nick ATTRIBUTE_UNUSED,
  */
 xmlSecKeyPtr
 xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-		    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     SECItem secItem;
     xmlSecKeyPtr res;
     int ret;
-    
+
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
@@ -286,23 +286,23 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppReadSECItem(&secItem, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppReadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppReadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     res = xmlSecNssAppKeyLoadSECItem(&secItem, format, pwd, pwdCallback, pwdCallbackCtx);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeyLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeyLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(NULL);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -311,12 +311,12 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
 
 /**
  * xmlSecNssAppKeyLoadMemory:
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @format:		the key data format.
- * @pwd:		the key data2 password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @format:             the key data format.
+ * @pwd:                the key data2 password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from a binary @data.
  *
@@ -324,34 +324,34 @@ xmlSecNssAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
  */
 xmlSecKeyPtr
 xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
-		    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     SECItem secItem;
     xmlSecKeyPtr res;
     int ret;
-    
+
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppCreateSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppCreateSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     res = xmlSecNssAppKeyLoadSECItem(&secItem, format, pwd, pwdCallback, pwdCallbackCtx);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeyLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeyLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(NULL);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -360,11 +360,11 @@ xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKey
 
 /**
  * xmlSecNssAppKeyLoadSECItem:
- * @secItem:		the pointer to sec item.
- * @format:		the key format.
- * @pwd:		the key password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @secItem:            the pointer to sec item.
+ * @format:             the key format.
+ * @pwd:                the key password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from a file
  *
@@ -372,9 +372,9 @@ xmlSecNssAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKey
  */
 xmlSecKeyPtr
 xmlSecNssAppKeyLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format,
-		    const char *pwd,
-		    void* pwdCallback,
-		    void* pwdCallbackCtx) {
+                    const char *pwd,
+                    void* pwdCallback,
+                    void* pwdCallbackCtx) {
     xmlSecKeyPtr key = NULL;
 
     xmlSecAssert2(secItem != NULL, NULL);
@@ -383,46 +383,46 @@ xmlSecNssAppKeyLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format,
     switch(format) {
 #ifndef XMLSEC_NO_X509
     case xmlSecKeyDataFormatPkcs12:
-	key = xmlSecNssAppPkcs12LoadSECItem(secItem, pwd, pwdCallback, pwdCallbackCtx);
+        key = xmlSecNssAppPkcs12LoadSECItem(secItem, pwd, pwdCallback, pwdCallbackCtx);
         if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssAppPkcs12LoadSECItem",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	break;
-    case xmlSecKeyDataFormatCertDer: 
-	key = xmlSecNssAppKeyFromCertLoadSECItem(secItem, format);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssAppPkcs12LoadSECItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
+    case xmlSecKeyDataFormatCertDer:
+        key = xmlSecNssAppKeyFromCertLoadSECItem(secItem, format);
         if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssAppKeyFromCertLoadSECItem",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	break;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssAppKeyFromCertLoadSECItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
 #endif /* XMLSEC_NO_X509 */
     case xmlSecKeyDataFormatDer:
-	key = xmlSecNssAppDerKeyLoadSECItem(secItem);
+        key = xmlSecNssAppDerKeyLoadSECItem(secItem);
         if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssAppDerKeyLoadSECItem",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	break;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssAppDerKeyLoadSECItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeyLoad",
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format);
-	    return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeyLoad",
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+            return(NULL);
     }
 
     return(key);
@@ -443,108 +443,108 @@ xmlSecNssAppDerKeyLoadSECItem(SECItem* secItem) {
 
     xmlSecAssert2(secItem != NULL, NULL);
 
-    /* we're importing a key about which we know nothing yet, just use the 
-     * internal slot 
+    /* we're importing a key about which we know nothing yet, just use the
+     * internal slot
      */
     slot = xmlSecNssGetInternalKeySlot();
     if (slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssGetInternalKeySlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssGetInternalKeySlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     nickname.len = 0;
     nickname.data = NULL;
 
 
-    /* TRY PRIVATE KEY FIRST 
+    /* TRY PRIVATE KEY FIRST
      * Note: This expects the key to be in PrivateKeyInfo format. The
-     * DER files created from PEM via openssl utilities aren't in that 
+     * DER files created from PEM via openssl utilities aren't in that
      * format
      */
-    status = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, secItem, 
-			    &nickname, NULL, PR_FALSE, 
-			    PR_TRUE, KU_ALL, &privkey, NULL);
+    status = PK11_ImportDERPrivateKeyInfoAndReturnKey(slot, secItem,
+                            &nickname, NULL, PR_FALSE,
+                            PR_TRUE, KU_ALL, &privkey, NULL);
     if (status != SECSuccess) {
-	/* TRY PUBLIC KEY */
-	spki = SECKEY_DecodeDERSubjectPublicKeyInfo(secItem);
-	if (spki == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"SECKEY_DecodeDERSubjectPublicKeyInfo",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	}
-	
-	pubkey = SECKEY_ExtractPublicKey(spki);
-	if (pubkey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"SECKEY_ExtractPublicKey",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+        /* TRY PUBLIC KEY */
+        spki = SECKEY_DecodeDERSubjectPublicKeyInfo(secItem);
+        if (spki == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "SECKEY_DecodeDERSubjectPublicKeyInfo",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        }
+
+        pubkey = SECKEY_ExtractPublicKey(spki);
+        if (pubkey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "SECKEY_ExtractPublicKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
     }
 
     data = xmlSecNssPKIAdoptKey(privkey, pubkey);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssPKIAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssPKIAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
     privkey = NULL;
     pubkey = NULL;
 
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+        goto done;
     }
     retval = key;
     key = NULL;
     data = NULL;
-    
+
 
 done:
     if(slot != NULL) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
     if(privkey != NULL) {
-	SECKEY_DestroyPrivateKey(privkey);
+        SECKEY_DestroyPrivateKey(privkey);
     }
     if(pubkey != NULL) {
-	SECKEY_DestroyPublicKey(pubkey);
+        SECKEY_DestroyPublicKey(pubkey);
     }
     if(key != NULL) {
-	xmlSecKeyDestroy(key);
+        xmlSecKeyDestroy(key);
     }
     if(data != NULL) {
-	xmlSecKeyDataDestroy(data);
+        xmlSecKeyDataDestroy(data);
     }
     if(spki != NULL) {
-	SECKEY_DestroySubjectPublicKeyInfo(spki);
+        SECKEY_DestroySubjectPublicKeyInfo(spki);
     }
     return (retval);
 }
@@ -552,19 +552,19 @@ done:
 #ifndef XMLSEC_NO_X509
 /**
  * xmlSecNssAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
+ *
+ * Reads the certificate from $@filename and adds it to key
  *
- * Reads the certificate from $@filename and adds it to key 
- * 
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
+int
 xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFormat format) {
     SECItem secItem;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -573,23 +573,23 @@ xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFor
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppReadSECItem(&secItem, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppReadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppReadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssAppKeyCertLoadSECItem(key, &secItem, format);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeyCertLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeyCertLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(-1);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -598,20 +598,20 @@ xmlSecNssAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFor
 
 /**
  * xmlSecNssAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @format:		the certificate format.
+ * @key:                the pointer to key.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @format:             the certificate format.
+ *
+ * Reads the certificate from @data and adds it to key
  *
- * Reads the certificate from @data and adds it to key 
- * 
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
+int
 xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format) {
     SECItem secItem;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -620,23 +620,23 @@ xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSi
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppCreateSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppCreateSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssAppKeyCertLoadSECItem(key, &secItem, format);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeyCertLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeyCertLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(-1);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -645,15 +645,15 @@ xmlSecNssAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSi
 
 /**
  * xmlSecNssAppKeyCertLoadSECItem:
- * @key:		the pointer to key.
- * @secItem:		the pointer to SECItem.
- * @format:		the certificate format.
+ * @key:                the pointer to key.
+ * @secItem:            the pointer to SECItem.
+ * @format:             the certificate format.
+ *
+ * Reads the certificate from @secItem and adds it to key
  *
- * Reads the certificate from @secItem and adds it to key 
- * 
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
+int
 xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyDataFormat format) {
     CERTCertificate *cert=NULL;
     xmlSecKeyDataPtr data;
@@ -662,63 +662,63 @@ xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyData
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(secItem != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     data = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyEnsureData",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+        return(-1);
     }
 
     switch(format) {
     case xmlSecKeyDataFormatPkcs8Der:
     case xmlSecKeyDataFormatDer:
-	cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-					 secItem, NULL, PR_FALSE, PR_TRUE);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"__CERT_NewTempCertificate", 
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		        "format=%d", format);
-	    return(-1);    
-	}
-	break;
+        cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+                                         secItem, NULL, PR_FALSE, PR_TRUE);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "__CERT_NewTempCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "format=%d", format);
+            return(-1);
+        }
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format); 
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(-1);
+    }
+
     xmlSecAssert2(cert != NULL, -1);
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	CERT_DestroyCertificate(cert);
-	return(-1);    
-    }
-    
-    return(0);        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+        CERT_DestroyCertificate(cert);
+        return(-1);
+    }
+
+    return(0);
 }
 
 /**
  * xmlSecNssAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file.
  * For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -726,37 +726,37 @@ xmlSecNssAppKeyCertLoadSECItem(xmlSecKeyPtr key, SECItem* secItem, xmlSecKeyData
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
-		       void *pwdCallback ATTRIBUTE_UNUSED, 
-		       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+                       void *pwdCallback ATTRIBUTE_UNUSED,
+                       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     SECItem secItem;
     xmlSecKeyPtr res;
     int ret;
-    
+
     xmlSecAssert2(filename != NULL, NULL);
 
     /* read the file contents */
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppReadSECItem(&secItem, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppReadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppReadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     res = xmlSecNssAppPkcs12LoadSECItem(&secItem, pwd, pwdCallback, pwdCallbackCtx);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppPkcs12LoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppPkcs12LoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(NULL);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -765,11 +765,11 @@ xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
 
 /**
  * xmlSecNssAppPkcs12LoadMemory:
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @pwd:		the PKCS12 password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @pwd:                the PKCS12 password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 binary data.
  * For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -777,36 +777,36 @@ xmlSecNssAppPkcs12Load(const char *filename, const char *pwd,
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const char *pwd,
-		       void *pwdCallback ATTRIBUTE_UNUSED, 
-		       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+                       void *pwdCallback ATTRIBUTE_UNUSED,
+                       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     SECItem secItem;
     xmlSecKeyPtr res;
     int ret;
-    
+
     xmlSecAssert2(data != NULL, NULL);
 
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppCreateSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppCreateSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     res = xmlSecNssAppPkcs12LoadSECItem(&secItem, pwd, pwdCallback, pwdCallbackCtx);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppPkcs12LoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppPkcs12LoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(NULL);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -816,10 +816,10 @@ xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const
 
 /**
  * xmlSecNssAppPkcs12LoadSECItem:
- * @secItem:		the @SECItem object.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @secItem:            the @SECItem object.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 SECItem.
  * For uniformity, call xmlSecNssAppKeyLoad instead of this function. Pass
@@ -827,10 +827,10 @@ xmlSecNssAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
-		       void *pwdCallback ATTRIBUTE_UNUSED, 
-		       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+                       void *pwdCallback ATTRIBUTE_UNUSED,
+                       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     xmlSecKeyPtr key = NULL;
     xmlSecKeyDataPtr data = NULL;
     xmlSecKeyDataPtr x509Data = NULL;
@@ -851,116 +851,116 @@ xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
     xmlSecAssert2((secItem != NULL), NULL);
 
     if (pwd == NULL) {
-	pwd = "";
+        pwd = "";
     }
     memset(&uc2_pwditem, 0, sizeof(uc2_pwditem));
-        
-    /* we're importing a key about which we know nothing yet, just use the 
-     * internal slot. We have no criteria to choose a slot. 
+
+    /* we're importing a key about which we know nothing yet, just use the
+     * internal slot. We have no criteria to choose a slot.
      */
     slot = xmlSecNssGetInternalKeySlot();
     if (slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssGetInternalKeySlot",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssGetInternalKeySlot",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     pwditem.data = (unsigned char *)pwd;
     pwditem.len = strlen(pwd)+1;
     if (!SECITEM_AllocItem(NULL, &uc2_pwditem, 2*pwditem.len)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SECITEM_AllocItem",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SECITEM_AllocItem",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     if (PORT_UCS2_ASCIIConversion(PR_TRUE, pwditem.data, pwditem.len,
                               uc2_pwditem.data, 2*pwditem.len,
                               &(uc2_pwditem.len), 0) == PR_FALSE) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PORT_UCS2_ASCIIConversion",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PORT_UCS2_ASCIIConversion",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     p12ctx = SEC_PKCS12DecoderStart(&uc2_pwditem, slot, NULL,
                                     NULL, NULL, NULL, NULL, NULL);
     if (p12ctx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderStart",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderStart",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     rv = SEC_PKCS12DecoderUpdate(p12ctx, secItem->data, secItem->len);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderUpdate",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderUpdate",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     rv = SEC_PKCS12DecoderVerify(p12ctx);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderVerify",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderVerify",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     rv = SEC_PKCS12DecoderValidateBags(p12ctx, xmlSecNssAppNicknameCollisionCallback);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderValidateBags",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderValidateBags",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     rv = SEC_PKCS12DecoderImportBags(p12ctx);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderImportBags",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderImportBags",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     certlist = SEC_PKCS12DecoderGetCerts(p12ctx);
     if (certlist == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SEC_PKCS12DecoderGetCerts",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SEC_PKCS12DecoderGetCerts",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         goto done;
     }
 
     x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id);
     if(x509Data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
-	goto done;
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+        goto done;
+    }
 
     for (head = CERT_LIST_HEAD(certlist);
          !CERT_LIST_END(head, certlist);
@@ -969,132 +969,132 @@ xmlSecNssAppPkcs12LoadSECItem(SECItem* secItem, const char *pwd,
         privkey = PK11_FindKeyByAnyCert(cert, NULL);
 
         if (privkey != NULL) {
-	    if (data != NULL) {
-		/* we already found a private key.
-		 * assume the first private key we find is THE ONE 
-		 */
-		SECKEY_DestroyPrivateKey(privkey);
-		privkey = NULL;
-	    } else {
-	        pubkey = CERT_ExtractPublicKey(cert);
-	        if (pubkey == NULL) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "CERT_ExtractPublicKey",
-			        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			        XMLSEC_ERRORS_NO_MESSAGE);
-		    goto done;
-	        }
-	        data = xmlSecNssPKIAdoptKey(privkey, pubkey);
-	        if(data == NULL) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecNssPKIAdoptKey",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        XMLSEC_ERRORS_NO_MESSAGE);
-		    goto done;
-	        }
-
-	        pubkey = NULL;
-	        privkey = NULL;
-
-		tmpcert = CERT_DupCertificate(cert);
-        	if(tmpcert == NULL) {
-    	    	    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"CERT_DupCertificate",
-				XMLSEC_ERRORS_R_CRYPTO_FAILED,
-				"data=%s",
-				xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    	    goto done;	
-		}
-
-        	ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, tmpcert);
-        	if(ret < 0) {
-	    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        	NULL,
-		        	"xmlSecNssKeyDataX509AdoptKeyCert",
-		        	XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        	"data=%s",
-		        	xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-		    CERT_DestroyCertificate(tmpcert);
-	    	    goto done;
+            if (data != NULL) {
+                /* we already found a private key.
+                 * assume the first private key we find is THE ONE
+                 */
+                SECKEY_DestroyPrivateKey(privkey);
+                privkey = NULL;
+            } else {
+                pubkey = CERT_ExtractPublicKey(cert);
+                if (pubkey == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "CERT_ExtractPublicKey",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
+                }
+                data = xmlSecNssPKIAdoptKey(privkey, pubkey);
+                if(data == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecNssPKIAdoptKey",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
                 }
 
-	    }
+                pubkey = NULL;
+                privkey = NULL;
+
+                tmpcert = CERT_DupCertificate(cert);
+                if(tmpcert == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "CERT_DupCertificate",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                "data=%s",
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+                    goto done;
+                }
+
+                ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, tmpcert);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecNssKeyDataX509AdoptKeyCert",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "data=%s",
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+                    CERT_DestroyCertificate(tmpcert);
+                    goto done;
+                }
+
+            }
         }
 
-	tmpcert = CERT_DupCertificate(cert);
+        tmpcert = CERT_DupCertificate(cert);
         if(tmpcert == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CERT_DupCertificate",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;	
-	}
-	ret = xmlSecNssKeyDataX509AdoptCert(x509Data, tmpcert);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    CERT_DestroyCertificate(tmpcert);
-	    goto done;
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CERT_DupCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        ret = xmlSecNssKeyDataX509AdoptCert(x509Data, tmpcert);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            CERT_DestroyCertificate(tmpcert);
+            goto done;
+        }
 
     } /* end for loop */
 
     if (data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppPkcs12Load",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "private key not found in PKCS12 file");
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppPkcs12Load",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "private key not found in PKCS12 file");
+        goto done;
      }
 
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     data = NULL;
 
     ret = xmlSecKeyAdoptData(key, x509Data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyAdoptData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyAdoptData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     x509Data = NULL;
-    
+
 done:
     if (p12ctx) {
         SEC_PKCS12DecoderFinish(p12ctx);
@@ -1107,31 +1107,31 @@ done:
         CERT_DestroyCertList(certlist);
     }
     if(x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if(data != NULL) {
         xmlSecKeyDataDestroy(data);
     }
     if (privkey) {
-	SECKEY_DestroyPrivateKey(privkey);
+        SECKEY_DestroyPrivateKey(privkey);
     }
     if (pubkey) {
-	SECKEY_DestroyPublicKey(pubkey);
+        SECKEY_DestroyPublicKey(pubkey);
     }
 
-    return(key);    
+    return(key);
 }
 
 /**
  * xmlSecNssAppKeyFromCertLoadSECItem:
- * @secItem:		the @SECItem object.
- * @format:		the cert format.
+ * @secItem:            the @SECItem object.
+ * @format:             the cert format.
  *
  * Loads public key from cert.
  *
  * Returns: pointer to key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format) {
     xmlSecKeyPtr key;
     xmlSecKeyDataPtr keyData;
@@ -1141,105 +1141,105 @@ xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format)
 
     xmlSecAssert2(secItem != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
+
     /* load cert */
     switch(format) {
     case xmlSecKeyDataFormatCertDer:
-	cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-					 secItem, NULL, PR_FALSE, PR_TRUE);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"__CERT_NewTempCertificate", 
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		        "format=%d", format);
-	    return(NULL);    
-	}
-	break;
+        cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+                                         secItem, NULL, PR_FALSE, PR_TRUE);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "__CERT_NewTempCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "format=%d", format);
+            return(NULL);
+        }
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
     }
 
     /* get key value */
     keyData = xmlSecNssX509CertGetKey(cert);
     if(keyData == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509CertGetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	return(NULL);    
-    }
-    
+                    NULL,
+                    "xmlSecNssX509CertGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        return(NULL);
+    }
+
     /* create key */
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(keyData);
-	CERT_DestroyCertificate(cert);
-	return(NULL);    
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(keyData);
+        CERT_DestroyCertificate(cert);
+        return(NULL);
+    }
+
     /* set key value */
     ret = xmlSecKeySetValue(key, keyData);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	xmlSecKeyDataDestroy(keyData);
-	CERT_DestroyCertificate(cert);
-	return(NULL);    
-    }
-
-    /* create cert data */ 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        xmlSecKeyDataDestroy(keyData);
+        CERT_DestroyCertificate(cert);
+        return(NULL);
+    }
+
+    /* create cert data */
     certData = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
     if(certData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyEnsureData",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	CERT_DestroyCertificate(cert);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        CERT_DestroyCertificate(cert);
+        return(NULL);
     }
 
     /* put cert in the cert data */
     ret = xmlSecNssKeyDataX509AdoptCert(certData, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	CERT_DestroyCertificate(cert);
-	return(NULL);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        CERT_DestroyCertificate(cert);
+        return(NULL);
+    }
+
     return(key);
 }
 
 
 /**
  * xmlSecNssAppKeysMngrCertLoad:
- * @mngr: 		the pointer to keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format (PEM or DER).
- * @type: 		the certificate type (trusted/untrusted).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format (PEM or DER).
+ * @type:               the certificate type (trusted/untrusted).
  *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store
@@ -1247,12 +1247,12 @@ xmlSecNssAppKeyFromCertLoadSECItem(SECItem* secItem, xmlSecKeyDataFormat format)
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-			     xmlSecKeyDataFormat format, 
-			     xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+                             xmlSecKeyDataFormat format,
+                             xmlSecKeyDataType type) {
     SECItem secItem;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -1261,23 +1261,23 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppReadSECItem(&secItem, filename);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppReadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppReadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssAppKeysMngrCertLoadSECItem(mngr, &secItem, format, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeysMngrCertLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeysMngrCertLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(-1);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -1286,11 +1286,11 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
 
 /**
  * xmlSecNssAppKeysMngrCertLoadMemory:
- * @mngr: 		the pointer to keys manager.
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @format:		the certificate format (PEM or DER).
- * @type: 		the certificate type (trusted/untrusted).
+ * @mngr:               the pointer to keys manager.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @format:             the certificate format (PEM or DER).
+ * @type:               the certificate type (trusted/untrusted).
  *
  * Reads cert from @data and adds to the list of trusted or known
  * untrusted certs in @store
@@ -1298,12 +1298,12 @@ xmlSecNssAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data, 
-			     xmlSecSize dataSize, xmlSecKeyDataFormat format, 
-			     xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
+                             xmlSecSize dataSize, xmlSecKeyDataFormat format,
+                             xmlSecKeyDataType type) {
     SECItem secItem;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -1311,23 +1311,23 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
     memset(&secItem, 0, sizeof(secItem));
     ret = xmlSecNssAppCreateSECItem(&secItem, data, dataSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppCreateSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppCreateSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssAppKeysMngrCertLoadSECItem(mngr, &secItem, format, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssAppKeysMngrCertLoadSECItem",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&secItem, PR_FALSE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAppKeysMngrCertLoadSECItem",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&secItem, PR_FALSE);
+        return(-1);
     }
 
     SECITEM_FreeItem(&secItem, PR_FALSE);
@@ -1336,10 +1336,10 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
 
 /**
  * xmlSecNssAppKeysMngrCertLoadSECItem:
- * @mngr: 		the pointer to keys manager.
- * @secItem:		the pointer to SECItem.
- * @format:		the certificate format (PEM or DER).
- * @type: 		the certificate type (trusted/untrusted).
+ * @mngr:               the pointer to keys manager.
+ * @secItem:            the pointer to SECItem.
+ * @format:             the certificate format (PEM or DER).
+ * @type:               the certificate type (trusted/untrusted).
  *
  * Reads cert from @secItem and adds to the list of trusted or known
  * untrusted certs in @store
@@ -1347,9 +1347,9 @@ xmlSecNssAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* dat
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem, 
-			     xmlSecKeyDataFormat format, 
-			     xmlSecKeyDataType type) {
+xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
+                             xmlSecKeyDataFormat format,
+                             xmlSecKeyDataType type) {
     xmlSecKeyDataStorePtr x509Store;
     CERTCertificate* cert;
     int ret;
@@ -1357,7 +1357,7 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(secItem != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecNssX509StoreId);
     if(x509Store == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1370,26 +1370,26 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
 
     switch(format) {
     case xmlSecKeyDataFormatDer:
-	cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), 
-					 secItem, NULL, PR_FALSE, PR_TRUE);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"__CERT_NewTempCertificate", 
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		        "format=%d", format);
-	    return(-1);    
-	}
-	break;
+        cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
+                                         secItem, NULL, PR_FALSE, PR_TRUE);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "__CERT_NewTempCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "format=%d", format);
+            return(-1);
+        }
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format); 
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(-1);
+    }
+
     ret = xmlSecNssX509StoreAdoptCert(x509Store, cert, type);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
@@ -1397,7 +1397,7 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
                     "xmlSecNssX509StoreAdoptCert",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
                     XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
+        CERT_DestroyCertificate(cert);
         return(-1);
     }
 
@@ -1408,179 +1408,179 @@ xmlSecNssAppKeysMngrCertLoadSECItem(xmlSecKeysMngrPtr mngr, SECItem* secItem,
 
 /**
  * xmlSecNssAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with NSS keys store #xmlSecNssKeysStoreId
  * and a default NSS crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecNssAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
 
-    /* create NSS keys store if needed */        
+    /* create NSS keys store if needed */
     if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
-	xmlSecKeyStorePtr keysStore;
-
-	keysStore = xmlSecKeyStoreCreate(xmlSecNssKeysStoreId);
-	if(keysStore == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecNssKeysStoreId");
-	    return(-1);
-	}
-	
-	ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptKeysStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(keysStore);
-	    return(-1);        
-	}
-    }
-
-    ret = xmlSecNssKeysMngrInit(mngr);    
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecNssKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecNssKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
+    }
+
+    ret = xmlSecNssKeysMngrInit(mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeysMngrInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1); 
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeysMngrInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     mngr->getKey = xmlSecKeysMngrGetKey;
     return(0);
 }
 
 /**
  * xmlSecNssAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecNssAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecNssAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssKeysStoreAdoptKey(store, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeysStoreAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecNssAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecNssAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecNssAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssKeysStoreLoad(store, uri, mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeysStoreLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", xmlSecErrorsSafeString(uri));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecNssAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecNssAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssKeysStoreSave(store, filename, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKeysStoreSave",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename%s", xmlSecErrorsSafeString(filename));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKeysStoreSave",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename%s", xmlSecErrorsSafeString(filename));
+        return(-1);
+    }
+
     return(0);
 }
 
diff --git a/src/nss/bignum.c b/src/nss/bignum.c
index 40bd5359..261155e6 100644
--- a/src/nss/bignum.c
+++ b/src/nss/bignum.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Reading/writing bignum values
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -13,10 +13,10 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <nss.h> 
-#include <secitem.h> 
+#include <nss.h>
+#include <secitem.h>
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -32,8 +32,8 @@
  * @cur: the poitner to an XML node.
  * @a: a SECItem object to hold the BigNum value
  *
- * Converts the node content from CryptoBinary format 
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary) 
+ * Converts the node content from CryptoBinary format
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
  * to a SECItem. If no SECItem object provided then a new
  * one is created (caller is responsible for freeing it).
  *
@@ -41,8 +41,8 @@
  * or NULL if an error occurs.
  */
 SECItem *
-xmlSecNssNodeGetBigNumValue(PRArenaPool *arena, const xmlNodePtr cur, 
-			    SECItem *a) {
+xmlSecNssNodeGetBigNumValue(PRArenaPool *arena, const xmlNodePtr cur,
+                            SECItem *a) {
     xmlSecBuffer buf;
     int ret;
     SECItem *rv;
@@ -53,36 +53,36 @@ xmlSecNssNodeGetBigNumValue(PRArenaPool *arena, const xmlNodePtr cur,
 
     ret = xmlSecBufferInitialize(&buf, 128);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferBase64NodeContentRead",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(NULL);
+    }
+
     len = xmlSecBufferGetSize(&buf);
 
     if (a == NULL) {
-	rv = SECITEM_AllocItem(arena, NULL, len);
+        rv = SECITEM_AllocItem(arena, NULL, len);
     } else {
-	rv = a;
-	xmlSecAssert2(rv->data == NULL, NULL);
+        rv = a;
+        xmlSecAssert2(rv->data == NULL, NULL);
         rv->len = len;
         rv->data = PORT_ArenaZAlloc(arena, len);
     }
-	
+
     PORT_Memcpy(rv->data, xmlSecBufferGetData(&buf), len);
 
     xmlSecBufferFinalize(&buf);
@@ -93,68 +93,68 @@ xmlSecNssNodeGetBigNumValue(PRArenaPool *arena, const xmlNodePtr cur,
  * xmlSecNssNodeSetBigNumValue:
  * @cur: the pointer to an XML node.
  * @a: a SECItem containing the BigNum value.
- * @addLineBreaks: if the flag is equal to 1 then 
- *		linebreaks will be added before and after
- *		new buffer content.
+ * @addLineBreaks: if the flag is equal to 1 then
+ *              linebreaks will be added before and after
+ *              new buffer content.
  *
  * Converts SECItem to CryptoBinary string
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary) 
- * and sets it as the content of the given node. If the 
- * addLineBreaks is set then line breaks are added 
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
+ * and sets it as the content of the given node. If the
+ * addLineBreaks is set then line breaks are added
  * before and after the CryptoBinary string.
- * 
+ *
  * Returns: 0 on success or -1 otherwise.
  */
 int
 xmlSecNssNodeSetBigNumValue(xmlNodePtr cur, const SECItem *a, int addLineBreaks) {
     xmlSecBuffer buf;
     int ret;
-    
+
     xmlSecAssert2(a != NULL, -1);
     xmlSecAssert2(cur != NULL, -1);
 
     ret = xmlSecBufferInitialize(&buf, a->len + 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", a->len + 1);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", a->len + 1);
+        return(-1);
+    }
 
     PORT_Memcpy(xmlSecBufferGetData(&buf), a->data, a->len);
-    
+
     ret = xmlSecBufferSetSize(&buf, a->len);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", a->len);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", a->len);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     if(addLineBreaks) {
-	xmlNodeSetContent(cur, xmlSecStringCR);
+        xmlNodeSetContent(cur, xmlSecStringCR);
     } else {
-	xmlNodeSetContent(cur, xmlSecStringEmpty);
+        xmlNodeSetContent(cur, xmlSecStringEmpty);
     }
-    
+
     ret = xmlSecBufferBase64NodeContentWrite(&buf, cur, xmlSecBase64GetDefaultLineSize());
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferBase64NodeContentWrite",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     if(addLineBreaks) {
-	xmlNodeAddContent(cur, xmlSecStringCR);
+        xmlNodeAddContent(cur, xmlSecStringCR);
     }
 
     xmlSecBufferFinalize(&buf);
diff --git a/src/nss/ciphers.c b/src/nss/ciphers.c
index 48bd6e11..54bd2af2 100644
--- a/src/nss/ciphers.c
+++ b/src/nss/ciphers.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
@@ -23,52 +23,52 @@
 
 #include <xmlsec/nss/crypto.h>
 
-#define XMLSEC_NSS_MAX_KEY_SIZE		32
-#define XMLSEC_NSS_MAX_IV_SIZE		32
-#define XMLSEC_NSS_MAX_BLOCK_SIZE	32
+#define XMLSEC_NSS_MAX_KEY_SIZE         32
+#define XMLSEC_NSS_MAX_IV_SIZE          32
+#define XMLSEC_NSS_MAX_BLOCK_SIZE       32
 
 /**************************************************************************
  *
  * Internal Nss Block cipher CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecNssBlockCipherCtx		xmlSecNssBlockCipherCtx,
-							*xmlSecNssBlockCipherCtxPtr;
+typedef struct _xmlSecNssBlockCipherCtx         xmlSecNssBlockCipherCtx,
+                                                        *xmlSecNssBlockCipherCtxPtr;
 struct _xmlSecNssBlockCipherCtx {
-    CK_MECHANISM_TYPE	cipher;
-    PK11Context*	cipherCtx;
-    xmlSecKeyDataId	keyId;
-    int			keyInitialized;
-    int			ctxInitialized;
-    xmlSecByte		key[XMLSEC_NSS_MAX_KEY_SIZE];
-    xmlSecSize		keySize;
-    xmlSecByte		iv[XMLSEC_NSS_MAX_IV_SIZE];
-    xmlSecSize		ivSize;
+    CK_MECHANISM_TYPE   cipher;
+    PK11Context*        cipherCtx;
+    xmlSecKeyDataId     keyId;
+    int                 keyInitialized;
+    int                 ctxInitialized;
+    xmlSecByte          key[XMLSEC_NSS_MAX_KEY_SIZE];
+    xmlSecSize          keySize;
+    xmlSecByte          iv[XMLSEC_NSS_MAX_IV_SIZE];
+    xmlSecSize          ivSize;
 };
-static int 	xmlSecNssBlockCipherCtxInit		(xmlSecNssBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecNssBlockCipherCtxUpdate	(xmlSecNssBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecNssBlockCipherCtxFinal		(xmlSecNssBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 
+static int      xmlSecNssBlockCipherCtxInit             (xmlSecNssBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssBlockCipherCtxUpdate   (xmlSecNssBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssBlockCipherCtxFinal            (xmlSecNssBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int
 xmlSecNssBlockCipherCtxInit(xmlSecNssBlockCipherCtxPtr ctx,
-				xmlSecBufferPtr in, xmlSecBufferPtr out,
-				int encrypt,
-				const xmlChar* cipherName,
-				xmlSecTransformCtxPtr transformCtx) {
+                                xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                int encrypt,
+                                const xmlChar* cipherName,
+                                xmlSecTransformCtxPtr transformCtx) {
     SECItem keyItem;
     SECItem ivItem;
     PK11SlotInfo* slot;
@@ -89,94 +89,94 @@ xmlSecNssBlockCipherCtxInit(xmlSecNssBlockCipherCtxPtr ctx,
     ivLen = PK11_GetIVLength(ctx->cipher);
     xmlSecAssert2(ivLen > 0, -1);
     xmlSecAssert2((xmlSecSize)ivLen <= sizeof(ctx->iv), -1);
-    
+
     if(encrypt) {
         /* generate random iv */
         rv = PK11_GenerateRandom(ctx->iv, ivLen);
-	if(rv != SECSuccess) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(cipherName),
-			"PK11_GenerateRandom",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"size=%d", ivLen);
-	    return(-1);    
-	}
-	
-	/* write iv to the output */
-	ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", ivLen);
-	    return(-1);
-	}
-	
+        if(rv != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "PK11_GenerateRandom",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
+
+        /* write iv to the output */
+        ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
+
     } else {
-	/* if we don't have enough data, exit and hope that 
-	 * we'll have iv next time */
-	if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
-	    return(0);
-	}
-	
-	/* copy iv to our buffer*/
-	xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
-	memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
-	
-	/* and remove from input */
-	ret = xmlSecBufferRemoveHead(in, ivLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", ivLen);
-	    return(-1);
-	}
+        /* if we don't have enough data, exit and hope that
+         * we'll have iv next time */
+        if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
+            return(0);
+        }
+
+        /* copy iv to our buffer*/
+        xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
+        memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
+
+        /* and remove from input */
+        ret = xmlSecBufferRemoveHead(in, ivLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
     }
 
     memset(&keyItem, 0, sizeof(keyItem));
     keyItem.data = ctx->key;
-    keyItem.len  = ctx->keySize; 
+    keyItem.len  = ctx->keySize;
     memset(&ivItem, 0, sizeof(ivItem));
     ivItem.data = ctx->iv;
-    ivItem.len  = ctx->ivSize; 
+    ivItem.len  = ctx->ivSize;
 
     slot = PK11_GetBestSlot(ctx->cipher, NULL);
     if(slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "PK11_GetBestSlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-	
-    symKey = PK11_ImportSymKey(slot, ctx->cipher, PK11_OriginDerive, 
-			       CKA_SIGN, &keyItem, NULL);
+
+    symKey = PK11_ImportSymKey(slot, ctx->cipher, PK11_OriginDerive,
+                               CKA_SIGN, &keyItem, NULL);
     if(symKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "PK11_ImportSymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "PK11_ImportSymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         PK11_FreeSlot(slot);
-	return(-1);
+        return(-1);
     }
 
-    ctx->cipherCtx = PK11_CreateContextBySymKey(ctx->cipher, 
-			(encrypt) ? CKA_ENCRYPT : CKA_DECRYPT, 
-			symKey, &ivItem);
+    ctx->cipherCtx = PK11_CreateContextBySymKey(ctx->cipher,
+                        (encrypt) ? CKA_ENCRYPT : CKA_DECRYPT,
+                        symKey, &ivItem);
     if(ctx->cipherCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "PK11_CreateContextBySymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	PK11_FreeSymKey(symKey);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "PK11_CreateContextBySymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        PK11_FreeSymKey(symKey);
         PK11_FreeSlot(slot);
-	return(-1);
+        return(-1);
     }
 
     ctx->ctxInitialized = 1;
@@ -185,19 +185,19 @@ xmlSecNssBlockCipherCtxInit(xmlSecNssBlockCipherCtxPtr ctx,
     return(0);
 }
 
-static int 
+static int
 xmlSecNssBlockCipherCtxUpdate(xmlSecNssBlockCipherCtxPtr ctx,
-				  xmlSecBufferPtr in, xmlSecBufferPtr out,
-				  int encrypt,
-				  const xmlChar* cipherName,
-				  xmlSecTransformCtxPtr transformCtx) {
+                                  xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                  int encrypt,
+                                  const xmlChar* cipherName,
+                                  xmlSecTransformCtxPtr transformCtx) {
     xmlSecSize inSize, inBlocks, outSize;
     int blockLen;
     int outLen = 0;
     xmlSecByte* outBuf;
     SECStatus rv;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->cipher != 0, -1);
     xmlSecAssert2(ctx->cipherCtx != NULL, -1);
@@ -211,16 +211,16 @@ xmlSecNssBlockCipherCtxUpdate(xmlSecNssBlockCipherCtxPtr ctx,
 
     inSize = xmlSecBufferGetSize(in);
     outSize = xmlSecBufferGetSize(out);
-    
+
     if(inSize < (xmlSecSize)blockLen) {
-	return(0);
+        return(0);
     }
 
     if(encrypt) {
         inBlocks = inSize / ((xmlSecSize)blockLen);
     } else {
-	/* we want to have the last block in the input buffer 
-	 * for padding check */
+        /* we want to have the last block in the input buffer
+         * for padding check */
         inBlocks = (inSize - 1) / ((xmlSecSize)blockLen);
     }
     inSize = inBlocks * ((xmlSecSize)blockLen);
@@ -228,65 +228,65 @@ xmlSecNssBlockCipherCtxUpdate(xmlSecNssBlockCipherCtxPtr ctx,
     /* we write out the input size plus may be one block */
     ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize + blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize + blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
-    
+
     rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, inSize + blockLen,
-			xmlSecBufferGetData(in), inSize);
+                        xmlSecBufferGetData(in), inSize);
     if(rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "PK11_CipherOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "PK11_CipherOp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecAssert2((xmlSecSize)outLen == inSize, -1);
-    
+
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + outLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
     }
-        
+
     /* remove the processed block from input */
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecNssBlockCipherCtxFinal(xmlSecNssBlockCipherCtxPtr ctx,
-				 xmlSecBufferPtr in,
-				 xmlSecBufferPtr out,
-				 int encrypt,
-				 const xmlChar* cipherName,
-				 xmlSecTransformCtxPtr transformCtx) {
+                                 xmlSecBufferPtr in,
+                                 xmlSecBufferPtr out,
+                                 int encrypt,
+                                 const xmlChar* cipherName,
+                                 xmlSecTransformCtxPtr transformCtx) {
     xmlSecSize inSize, outSize;
     int blockLen, outLen = 0;
     xmlSecByte* inBuf;
     xmlSecByte* outBuf;
     SECStatus rv;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->cipher != 0, -1);
     xmlSecAssert2(ctx->cipherCtx != NULL, -1);
@@ -302,103 +302,103 @@ xmlSecNssBlockCipherCtxFinal(xmlSecNssBlockCipherCtxPtr ctx,
     outSize = xmlSecBufferGetSize(out);
 
     if(encrypt != 0) {
-        xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);        
-    
-	/* create padding */
+        xmlSecAssert2(inSize < (xmlSecSize)blockLen, -1);
+
+        /* create padding */
         ret = xmlSecBufferSetMaxSize(in, blockLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", blockLen);
-	    return(-1);
-	}
-	inBuf = xmlSecBufferGetData(in);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", blockLen);
+            return(-1);
+        }
+        inBuf = xmlSecBufferGetData(in);
 
         /* generate random padding */
-	if((xmlSecSize)blockLen > (inSize + 1)) {
-	    rv = PK11_GenerateRandom(inBuf + inSize, blockLen - inSize - 1);
-	    if(rv != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(cipherName),
-			    "PK11_GenerateRandom",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "size=%d", blockLen - inSize - 1); 
-		return(-1);    
-	    }
-	}
-	inBuf[blockLen - 1] = blockLen - inSize;
-	inSize = blockLen;
+        if((xmlSecSize)blockLen > (inSize + 1)) {
+            rv = PK11_GenerateRandom(inBuf + inSize, blockLen - inSize - 1);
+            if(rv != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(cipherName),
+                            "PK11_GenerateRandom",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "size=%d", blockLen - inSize - 1);
+                return(-1);
+            }
+        }
+        inBuf[blockLen - 1] = blockLen - inSize;
+        inSize = blockLen;
     } else {
-	if(inSize != (xmlSecSize)blockLen) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"data=%d;block=%d", inSize, blockLen);
-	    return(-1);
-	}
+        if(inSize != (xmlSecSize)blockLen) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "data=%d;block=%d", inSize, blockLen);
+            return(-1);
+        }
     }
-    
+
     /* process last block */
     ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + 2 * blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + 2 * blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
 
     rv = PK11_CipherOp(ctx->cipherCtx, outBuf, &outLen, 2 * blockLen,
-			xmlSecBufferGetData(in), inSize);
+                        xmlSecBufferGetData(in), inSize);
     if(rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "PK11_CipherOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "PK11_CipherOp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecAssert2((xmlSecSize)outLen == inSize, -1);
-    
+
     if(encrypt == 0) {
-	/* check padding */
-	if(outLen < outBuf[blockLen - 1]) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(cipherName),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"padding=%d;buffer=%d",
-			outBuf[blockLen - 1], outLen);
-	    return(-1);	
-	}
-	outLen -= outBuf[blockLen - 1];
-    } 
+        /* check padding */
+        if(outLen < outBuf[blockLen - 1]) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "padding=%d;buffer=%d",
+                        outBuf[blockLen - 1], outLen);
+            return(-1);
+        }
+        outLen -= outBuf[blockLen - 1];
+    }
 
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + outLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
     }
 
     /* remove the processed block from input */
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
 
     return(0);
@@ -410,31 +410,31 @@ xmlSecNssBlockCipherCtxFinal(xmlSecNssBlockCipherCtxPtr ctx,
  * EVP Block Cipher transforms
  *
  * xmlSecNssBlockCipherCtx block is located after xmlSecTransform structure
- * 
+ *
  *****************************************************************************/
-#define xmlSecNssBlockCipherSize	\
+#define xmlSecNssBlockCipherSize        \
     (sizeof(xmlSecTransform) + sizeof(xmlSecNssBlockCipherCtx))
 #define xmlSecNssBlockCipherGetCtx(transform) \
     ((xmlSecNssBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecNssBlockCipherInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecNssBlockCipherFinalize		(xmlSecTransformPtr transform);
-static int  	xmlSecNssBlockCipherSetKeyReq	(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int	xmlSecNssBlockCipherSetKey		(xmlSecTransformPtr transform,
-							 xmlSecKeyPtr key);
-static int	xmlSecNssBlockCipherExecute		(xmlSecTransformPtr transform,
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecNssBlockCipherCheckId		(xmlSecTransformPtr transform);
-							 
+static int      xmlSecNssBlockCipherInitialize  (xmlSecTransformPtr transform);
+static void     xmlSecNssBlockCipherFinalize            (xmlSecTransformPtr transform);
+static int      xmlSecNssBlockCipherSetKeyReq   (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecNssBlockCipherSetKey              (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecNssBlockCipherExecute             (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssBlockCipherCheckId             (xmlSecTransformPtr transform);
+
 
 
 static int
 xmlSecNssBlockCipherCheckId(xmlSecTransformPtr transform) {
 #ifndef XMLSEC_NO_DES
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformDes3CbcId)) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DES */
 
@@ -442,63 +442,63 @@ xmlSecNssBlockCipherCheckId(xmlSecTransformPtr transform) {
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformAes128CbcId) ||
        xmlSecTransformCheckId(transform, xmlSecNssTransformAes192CbcId) ||
        xmlSecTransformCheckId(transform, xmlSecNssTransformAes256CbcId)) {
-       
+
        return(1);
     }
 #endif /* XMLSEC_NO_AES */
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecNssBlockCipherInitialize(xmlSecTransformPtr transform) {
     xmlSecNssBlockCipherCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecNssBlockCipherCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssBlockCipherSize), -1);
 
     ctx = xmlSecNssBlockCipherGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecNssBlockCipherCtx));
 
 #ifndef XMLSEC_NO_DES
     if(transform->id == xmlSecNssTransformDes3CbcId) {
-	ctx->cipher 	= CKM_DES3_CBC;
-	ctx->keyId 	= xmlSecNssKeyDataDesId;
-	ctx->keySize	= 24;
-    } else 
+        ctx->cipher     = CKM_DES3_CBC;
+        ctx->keyId      = xmlSecNssKeyDataDesId;
+        ctx->keySize    = 24;
+    } else
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_AES
     if(transform->id == xmlSecNssTransformAes128CbcId) {
-	ctx->cipher 	= CKM_AES_CBC;	
-	ctx->keyId 	= xmlSecNssKeyDataAesId;
-	ctx->keySize	= 16;
+        ctx->cipher     = CKM_AES_CBC;
+        ctx->keyId      = xmlSecNssKeyDataAesId;
+        ctx->keySize    = 16;
     } else if(transform->id == xmlSecNssTransformAes192CbcId) {
-	ctx->cipher 	= CKM_AES_CBC;	
-	ctx->keyId 	= xmlSecNssKeyDataAesId;
-	ctx->keySize	= 24;
+        ctx->cipher     = CKM_AES_CBC;
+        ctx->keyId      = xmlSecNssKeyDataAesId;
+        ctx->keySize    = 24;
     } else if(transform->id == xmlSecNssTransformAes256CbcId) {
-	ctx->cipher 	= CKM_AES_CBC;	
-	ctx->keyId 	= xmlSecNssKeyDataAesId;
-	ctx->keySize	= 32;
-    } else 
+        ctx->cipher     = CKM_AES_CBC;
+        ctx->keyId      = xmlSecNssKeyDataAesId;
+        ctx->keySize    = 32;
+    } else
 #endif /* XMLSEC_NO_AES */
 
     if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }        
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
-static void 
+static void
 xmlSecNssBlockCipherFinalize(xmlSecTransformPtr transform) {
     xmlSecNssBlockCipherCtxPtr ctx;
 
@@ -511,11 +511,11 @@ xmlSecNssBlockCipherFinalize(xmlSecTransformPtr transform) {
     if(ctx->cipherCtx != NULL) {
         PK11_DestroyContext(ctx->cipherCtx, PR_TRUE);
     }
-    
+
     memset(ctx, 0, sizeof(xmlSecNssBlockCipherCtx));
 }
 
-static int  
+static int
 xmlSecNssBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecNssBlockCipherCtxPtr ctx;
 
@@ -528,12 +528,12 @@ xmlSecNssBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr key
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->keyId != NULL, -1);
 
-    keyReq->keyId 	= ctx->keyId;
-    keyReq->keyType 	= xmlSecKeyDataTypeSymmetric;
+    keyReq->keyId       = ctx->keyId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
     keyReq->keyBitsSize = 8 * ctx->keySize;
     return(0);
@@ -543,7 +543,7 @@ static int
 xmlSecNssBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecNssBlockCipherCtxPtr ctx;
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecNssBlockCipherCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssBlockCipherSize), -1);
@@ -563,28 +563,28 @@ xmlSecNssBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(buffer != NULL, -1);
 
     if(xmlSecBufferGetSize(buffer) < ctx->keySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "keySize=%d;expected=%d",
-		    xmlSecBufferGetSize(buffer), ctx->keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=%d;expected=%d",
+                    xmlSecBufferGetSize(buffer), ctx->keySize);
+        return(-1);
     }
-    
+
     xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
     memcpy(ctx->key, xmlSecBufferGetData(buffer), ctx->keySize);
-    
+
     ctx->keyInitialized = 1;
     return(0);
 }
 
-static int 
+static int
 xmlSecNssBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssBlockCipherCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssBlockCipherCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssBlockCipherSize), -1);
@@ -597,75 +597,75 @@ xmlSecNssBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransf
     xmlSecAssert2(ctx != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
 
     if(transform->status == xmlSecTransformStatusWorking) {
-	if(ctx->ctxInitialized == 0) {
-	    ret = xmlSecNssBlockCipherCtxInit(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssBlockCipherCtxInit",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	if((ctx->ctxInitialized == 0) && (last != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"not enough data to initialize transform");
-	    return(-1);
-	}
-
-	if(ctx->ctxInitialized != 0) {
-	    ret = xmlSecNssBlockCipherCtxUpdate(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssBlockCipherCtxUpdate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	
-	if(last) {
-	    ret = xmlSecNssBlockCipherCtxFinal(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssBlockCipherCtxFinal",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	} 
+        if(ctx->ctxInitialized == 0) {
+            ret = xmlSecNssBlockCipherCtxInit(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecNssBlockCipherCtxInit",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        if((ctx->ctxInitialized == 0) && (last != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "not enough data to initialize transform");
+            return(-1);
+        }
+
+        if(ctx->ctxInitialized != 0) {
+            ret = xmlSecNssBlockCipherCtxUpdate(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecNssBlockCipherCtxUpdate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+
+        if(last) {
+            ret = xmlSecNssBlockCipherCtxFinal(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecNssBlockCipherCtxFinal",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else if(transform->status == xmlSecTransformStatusNone) {
-	/* the only way we can get here is if there is no enough data in the input */
-	xmlSecAssert2(last == 0, -1);
+        /* the only way we can get here is if there is no enough data in the input */
+        xmlSecAssert2(last == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -678,117 +678,117 @@ xmlSecNssBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransf
  ********************************************************************/
 static xmlSecTransformKlass xmlSecNssAes128CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes128Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes128Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssBlockCipherSize,           /* xmlSecSize objSize */
+
+    xmlSecNameAes128Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes128Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssBlockCipherInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssBlockCipherFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssBlockCipherSetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssBlockCipherSetKey,         /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssBlockCipherExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssTransformAes128CbcGetKlass:
- * 
+ *
  * AES 128 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 128 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecNssTransformAes128CbcGetKlass(void) {
     return(&xmlSecNssAes128CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecNssAes192CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes192Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes192Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssBlockCipherSize,           /* xmlSecSize objSize */
+
+    xmlSecNameAes192Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes192Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssBlockCipherInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssBlockCipherFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssBlockCipherSetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssBlockCipherSetKey,         /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssBlockCipherExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssTransformAes192CbcGetKlass:
- * 
+ *
  * AES 192 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 192 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecNssTransformAes192CbcGetKlass(void) {
     return(&xmlSecNssAes192CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecNssAes256CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes256Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes256Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssBlockCipherSize,           /* xmlSecSize objSize */
+
+    xmlSecNameAes256Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes256Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssBlockCipherInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssBlockCipherFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssBlockCipherSetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssBlockCipherSetKey,         /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssBlockCipherExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssTransformAes256CbcGetKlass:
- * 
+ *
  * AES 256 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 256 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecNssTransformAes256CbcGetKlass(void) {
     return(&xmlSecNssAes256CbcKlass);
 }
@@ -798,39 +798,39 @@ xmlSecNssTransformAes256CbcGetKlass(void) {
 #ifndef XMLSEC_NO_DES
 static xmlSecTransformKlass xmlSecNssDes3CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameDes3Cbc,				/* const xmlChar* name; */
-    xmlSecHrefDes3Cbc, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssBlockCipherInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssBlockCipherFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssBlockCipherSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssBlockCipherSize,           /* xmlSecSize objSize */
+
+    xmlSecNameDes3Cbc,                          /* const xmlChar* name; */
+    xmlSecHrefDes3Cbc,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssBlockCipherInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssBlockCipherFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssBlockCipherSetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssBlockCipherSetKey,         /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssBlockCipherExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformDes3CbcGetKlass:
  *
  * Triple DES CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to Triple DES encryption transform.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformDes3CbcGetKlass(void) {
     return(&xmlSecNssDes3CbcKlass);
 }
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
index 141ceeac..7137f1c4 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
@@ -41,139 +41,217 @@ static xmlSecCryptoDLFunctionsPtr gXmlSecNssFunctions = NULL;
 xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoGetFunctions_nss(void) {
     static xmlSecCryptoDLFunctions functions;
-    
+
     if(gXmlSecNssFunctions != NULL) {
-	return(gXmlSecNssFunctions);
+        return(gXmlSecNssFunctions);
     }
 
     memset(&functions, 0, sizeof(functions));
     gXmlSecNssFunctions = &functions;
 
-    /**  
+    /********************************************************************
+     *
      * Crypto Init/shutdown
-     */
-    gXmlSecNssFunctions->cryptoInit 			= xmlSecNssInit;
-    gXmlSecNssFunctions->cryptoShutdown 		= xmlSecNssShutdown;
-    gXmlSecNssFunctions->cryptoKeysMngrInit 		= xmlSecNssKeysMngrInit;
-
-    /**
+     *
+     ********************************************************************/
+    gXmlSecNssFunctions->cryptoInit                     = xmlSecNssInit;
+    gXmlSecNssFunctions->cryptoShutdown                 = xmlSecNssShutdown;
+    gXmlSecNssFunctions->cryptoKeysMngrInit             = xmlSecNssKeysMngrInit;
+
+    /********************************************************************
+     *
      * Key data ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecNssFunctions->keyDataAesGetKlass		= xmlSecNssKeyDataAesGetKlass;
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecNssFunctions->keyDataAesGetKlass             = xmlSecNssKeyDataAesGetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecNssFunctions->keyDataDesGetKlass 		= xmlSecNssKeyDataDesGetKlass;
+#ifndef XMLSEC_NO_DES
+    gXmlSecNssFunctions->keyDataDesGetKlass             = xmlSecNssKeyDataDesGetKlass;
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_DSA
-    gXmlSecNssFunctions->keyDataDsaGetKlass 		= xmlSecNssKeyDataDsaGetKlass;
-#endif /* XMLSEC_NO_DSA */    
+    gXmlSecNssFunctions->keyDataDsaGetKlass             = xmlSecNssKeyDataDsaGetKlass;
+#endif /* XMLSEC_NO_DSA */
 
-#ifndef XMLSEC_NO_HMAC  
-    gXmlSecNssFunctions->keyDataHmacGetKlass 		= xmlSecNssKeyDataHmacGetKlass;
-#endif /* XMLSEC_NO_HMAC */    
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecNssFunctions->keyDataHmacGetKlass            = xmlSecNssKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
 
 #ifndef XMLSEC_NO_RSA
-    gXmlSecNssFunctions->keyDataRsaGetKlass 		= xmlSecNssKeyDataRsaGetKlass;
+    gXmlSecNssFunctions->keyDataRsaGetKlass             = xmlSecNssKeyDataRsaGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
 #ifndef XMLSEC_NO_X509
-    gXmlSecNssFunctions->keyDataX509GetKlass 		= xmlSecNssKeyDataX509GetKlass;
-    gXmlSecNssFunctions->keyDataRawX509CertGetKlass 	= xmlSecNssKeyDataRawX509CertGetKlass;
+    gXmlSecNssFunctions->keyDataX509GetKlass            = xmlSecNssKeyDataX509GetKlass;
+    gXmlSecNssFunctions->keyDataRawX509CertGetKlass     = xmlSecNssKeyDataRawX509CertGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Key data store ids
-     */
+     *
+     ********************************************************************/
 #ifndef XMLSEC_NO_X509
-    gXmlSecNssFunctions->x509StoreGetKlass 		= xmlSecNssX509StoreGetKlass;
+    gXmlSecNssFunctions->x509StoreGetKlass              = xmlSecNssX509StoreGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Crypto transforms ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecNssFunctions->transformAes128CbcGetKlass 	= xmlSecNssTransformAes128CbcGetKlass;
-    gXmlSecNssFunctions->transformAes192CbcGetKlass 	= xmlSecNssTransformAes192CbcGetKlass;
-    gXmlSecNssFunctions->transformAes256CbcGetKlass 	= xmlSecNssTransformAes256CbcGetKlass;
-    gXmlSecNssFunctions->transformKWAes128GetKlass 	= xmlSecNssTransformKWAes128GetKlass;
-    gXmlSecNssFunctions->transformKWAes192GetKlass 	= xmlSecNssTransformKWAes192GetKlass;
-    gXmlSecNssFunctions->transformKWAes256GetKlass 	= xmlSecNssTransformKWAes256GetKlass;
+     *
+     ********************************************************************/
+
+    /******************************* AES ********************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecNssFunctions->transformAes128CbcGetKlass     = xmlSecNssTransformAes128CbcGetKlass;
+    gXmlSecNssFunctions->transformAes192CbcGetKlass     = xmlSecNssTransformAes192CbcGetKlass;
+    gXmlSecNssFunctions->transformAes256CbcGetKlass     = xmlSecNssTransformAes256CbcGetKlass;
+    gXmlSecNssFunctions->transformKWAes128GetKlass      = xmlSecNssTransformKWAes128GetKlass;
+    gXmlSecNssFunctions->transformKWAes192GetKlass      = xmlSecNssTransformKWAes192GetKlass;
+    gXmlSecNssFunctions->transformKWAes256GetKlass      = xmlSecNssTransformKWAes256GetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecNssFunctions->transformDes3CbcGetKlass 	= xmlSecNssTransformDes3CbcGetKlass;
-    gXmlSecNssFunctions->transformKWDes3GetKlass 	= xmlSecNssTransformKWDes3GetKlass;
+    /******************************* DES ********************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecNssFunctions->transformDes3CbcGetKlass       = xmlSecNssTransformDes3CbcGetKlass;
+    gXmlSecNssFunctions->transformKWDes3GetKlass        = xmlSecNssTransformKWDes3GetKlass;
 #endif /* XMLSEC_NO_DES */
 
+    /******************************* DSA ********************************/
 #ifndef XMLSEC_NO_DSA
-    gXmlSecNssFunctions->transformDsaSha1GetKlass 	= xmlSecNssTransformDsaSha1GetKlass;
+    gXmlSecNssFunctions->transformDsaSha1GetKlass       = xmlSecNssTransformDsaSha1GetKlass;
 #endif /* XMLSEC_NO_DSA */
 
+    /******************************* HMAC ********************************/
 #ifndef XMLSEC_NO_HMAC
-    gXmlSecNssFunctions->transformHmacSha1GetKlass 	= xmlSecNssTransformHmacSha1GetKlass;
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecNssFunctions->transformHmacMd5GetKlass       = xmlSecNssTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
     gXmlSecNssFunctions->transformHmacRipemd160GetKlass = xmlSecNssTransformHmacRipemd160GetKlass;
-    gXmlSecNssFunctions->transformHmacMd5GetKlass 	= xmlSecNssTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecNssFunctions->transformHmacSha1GetKlass      = xmlSecNssTransformHmacSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecNssFunctions->transformHmacSha256GetKlass    = xmlSecNssTransformHmacSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecNssFunctions->transformHmacSha384GetKlass    = xmlSecNssTransformHmacSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecNssFunctions->transformHmacSha512GetKlass    = xmlSecNssTransformHmacSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
 #endif /* XMLSEC_NO_HMAC */
 
+    /******************************* RSA ********************************/
 #ifndef XMLSEC_NO_RSA
-    gXmlSecNssFunctions->transformRsaSha1GetKlass 	= xmlSecNssTransformRsaSha1GetKlass;
-    gXmlSecNssFunctions->transformRsaPkcs1GetKlass 	= xmlSecNssTransformRsaPkcs1GetKlass;
 
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO

-    gXmlSecNssFunctions->transformRsaOaepGetKlass 	= xmlSecNssTransformRsaOaepGetKlass;
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
+#ifndef XMLSEC_NO_MD5
+    gXmlSecNssFunctions->transformRsaMd5GetKlass        = xmlSecNssTransformRsaMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecNssFunctions->transformRsaSha1GetKlass       = xmlSecNssTransformRsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecNssFunctions->transformRsaSha256GetKlass     = xmlSecNssTransformRsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecNssFunctions->transformRsaSha384GetKlass     = xmlSecNssTransformRsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecNssFunctions->transformRsaSha512GetKlass     = xmlSecNssTransformRsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+    gXmlSecNssFunctions->transformRsaPkcs1GetKlass      = xmlSecNssTransformRsaPkcs1GetKlass;
+
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+   it doesn't implement the SHA1 OAEP PKCS we need
+
+   https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+    gXmlSecNssFunctions->transformRsaOaepGetKlass       = xmlSecNssTransformRsaOaepGetKlass;
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
 
 #endif /* XMLSEC_NO_RSA */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecNssFunctions->transformSha1GetKlass 		= xmlSecNssTransformSha1GetKlass;
+    /******************************* SHA ********************************/
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecNssFunctions->transformSha1GetKlass          = xmlSecNssTransformSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
-
-    /**
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecNssFunctions->transformSha256GetKlass        = xmlSecNssTransformSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecNssFunctions->transformSha384GetKlass        = xmlSecNssTransformSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecNssFunctions->transformSha512GetKlass        = xmlSecNssTransformSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+    /******************************* MD5 ********************************/
+#ifndef XMLSEC_NO_MD5
+    gXmlSecNssFunctions->transformMd5GetKlass           = xmlSecNssTransformMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
+
+    /********************************************************************
+     *
      * High level routines form xmlsec command line utility
-     */ 
-    gXmlSecNssFunctions->cryptoAppInit 			= xmlSecNssAppInit;
-    gXmlSecNssFunctions->cryptoAppShutdown 		= xmlSecNssAppShutdown;
-    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrInit 	= xmlSecNssAppDefaultKeysMngrInit;
-    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrAdoptKey 	= xmlSecNssAppDefaultKeysMngrAdoptKey;
-    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrLoad 	= xmlSecNssAppDefaultKeysMngrLoad;
-    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrSave 	= xmlSecNssAppDefaultKeysMngrSave;
+     *
+     ********************************************************************/
+    gXmlSecNssFunctions->cryptoAppInit                  = xmlSecNssAppInit;
+    gXmlSecNssFunctions->cryptoAppShutdown              = xmlSecNssAppShutdown;
+    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrInit   = xmlSecNssAppDefaultKeysMngrInit;
+    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrAdoptKey       = xmlSecNssAppDefaultKeysMngrAdoptKey;
+    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrLoad   = xmlSecNssAppDefaultKeysMngrLoad;
+    gXmlSecNssFunctions->cryptoAppDefaultKeysMngrSave   = xmlSecNssAppDefaultKeysMngrSave;
 #ifndef XMLSEC_NO_X509
-    gXmlSecNssFunctions->cryptoAppKeysMngrCertLoad 	= xmlSecNssAppKeysMngrCertLoad;
+    gXmlSecNssFunctions->cryptoAppKeysMngrCertLoad      = xmlSecNssAppKeysMngrCertLoad;
     gXmlSecNssFunctions->cryptoAppKeysMngrCertLoadMemory= xmlSecNssAppKeysMngrCertLoadMemory;
-    gXmlSecNssFunctions->cryptoAppPkcs12Load  		= xmlSecNssAppPkcs12Load; 
-    gXmlSecNssFunctions->cryptoAppPkcs12LoadMemory	= xmlSecNssAppPkcs12LoadMemory; 
-    gXmlSecNssFunctions->cryptoAppKeyCertLoad 		= xmlSecNssAppKeyCertLoad;
-    gXmlSecNssFunctions->cryptoAppKeyCertLoadMemory	= xmlSecNssAppKeyCertLoadMemory;
+    gXmlSecNssFunctions->cryptoAppPkcs12Load            = xmlSecNssAppPkcs12Load;
+    gXmlSecNssFunctions->cryptoAppPkcs12LoadMemory      = xmlSecNssAppPkcs12LoadMemory;
+    gXmlSecNssFunctions->cryptoAppKeyCertLoad           = xmlSecNssAppKeyCertLoad;
+    gXmlSecNssFunctions->cryptoAppKeyCertLoadMemory     = xmlSecNssAppKeyCertLoadMemory;
 #endif /* XMLSEC_NO_X509 */
-    gXmlSecNssFunctions->cryptoAppKeyLoad 		= xmlSecNssAppKeyLoad; 
-    gXmlSecNssFunctions->cryptoAppKeyLoadMemory		= xmlSecNssAppKeyLoadMemory; 
-    gXmlSecNssFunctions->cryptoAppDefaultPwdCallback	= (void*)xmlSecNssAppGetDefaultPwdCallback();
+    gXmlSecNssFunctions->cryptoAppKeyLoad               = xmlSecNssAppKeyLoad;
+    gXmlSecNssFunctions->cryptoAppKeyLoadMemory         = xmlSecNssAppKeyLoadMemory;
+    gXmlSecNssFunctions->cryptoAppDefaultPwdCallback    = (void*)xmlSecNssAppGetDefaultPwdCallback();
 
     return(gXmlSecNssFunctions);
 }
 
 /**
  * xmlSecNssInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecNssInit (void)  {
     /* Check loaded xmlsec library version */
     if(xmlSecCheckVersionExact() != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCheckVersionExact",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* set default errors callback for xmlsec to us */
@@ -181,32 +259,32 @@ xmlSecNssInit (void)  {
 
     /* register our klasses */
     if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_nss()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecNssShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecNssShutdown(void) {
     return(0);
 }
 
 /**
  * xmlSecNssKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds NSS specific key data stores in keys manager.
  *
@@ -215,7 +293,7 @@ xmlSecNssShutdown(void) {
 int
 xmlSecNssKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-   
+
     xmlSecAssert2(mngr != NULL, -1);
 
 #ifndef XMLSEC_NO_X509
@@ -251,35 +329,35 @@ xmlSecNssKeysMngrInit(xmlSecKeysMngrPtr mngr) {
 
 /**
  * xmlSecNssGetInternalKeySlot:
- * 
+ *
  * Gets internal NSS key slot.
- * 
+ *
  * Returns: internal key slot and initializes it if needed.
  */
-PK11SlotInfo * 
+PK11SlotInfo *
 xmlSecNssGetInternalKeySlot()
 {
     PK11SlotInfo *slot = NULL;
     SECStatus rv;
-        
+
     slot = PK11_GetInternalKeySlot();
     if (slot == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "PK11_GetInternalKeySlot",
-		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "PK11_GetInternalKeySlot",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
                 "error code=%d", PORT_GetError());
-    	return NULL;
+        return NULL;
     }
 
-    if (PK11_NeedUserInit(slot)) {

+    if (PK11_NeedUserInit(slot)) {
         rv = PK11_InitPin(slot, NULL, NULL);
         if (rv != SECSuccess) {
-     	    xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "PK11_Authenticate",
-		            XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PK11_Authenticate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
             return NULL;
         }
     }
@@ -287,11 +365,11 @@ xmlSecNssGetInternalKeySlot()
     if(PK11_IsLoggedIn(slot, NULL) != PR_TRUE) {
         rv = PK11_Authenticate(slot, PR_TRUE, NULL);
         if (rv != SECSuccess) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "PK11_Authenticate",
-		            XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PK11_Authenticate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
             return NULL;
         }
     }
@@ -301,66 +379,66 @@ xmlSecNssGetInternalKeySlot()
 
 /**
  * xmlSecNssGenerateRandom:
- * @buffer:		the destination buffer.
- * @size:		the numer of bytes to generate.
+ * @buffer:             the destination buffer.
+ * @size:               the numer of bytes to generate.
  *
  * Generates @size random bytes and puts result in @buffer.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecNssGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {	
+xmlSecNssGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
     SECStatus rv;
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(size > 0, -1);
 
     ret = xmlSecBufferSetSize(buffer, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
     }
-        
+
     /* get random data */
     rv = PK11_GenerateRandom((xmlSecByte*)xmlSecBufferGetData(buffer), size);
     if(rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "PK11_GenerateRandom",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", size);
-	return(-1);    
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_GenerateRandom",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", size);
+        return(-1);
+    }
     return(0);
 }
 
 /**
  * xmlSecNssErrorsDefaultCallback:
- * @file:		the error location file name (__FILE__ macro).
- * @line:		the error location line number (__LINE__ macro).
- * @func:		the error location function name (__FUNCTION__ macro).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject.
- * @reason:		the error code.
- * @msg:		the additional error message.
+ * @file:               the error location file name (__FILE__ macro).
+ * @line:               the error location line number (__LINE__ macro).
+ * @func:               the error location function name (__FUNCTION__ macro).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the additional error message.
  *
  * The default errors reporting callback function.
  */
-void 
+void
 xmlSecNssErrorsDefaultCallback(const char* file, int line, const char* func,
-				const char* errorObject, const char* errorSubject,
-				int reason, const char* msg) {
+                                const char* errorObject, const char* errorSubject,
+                                int reason, const char* msg) {
     xmlChar buf[500];
     int err;
 
     err = PORT_GetError();
     xmlSecStrPrintf(buf, sizeof(buf), BAD_CAST "%s;last nss error=%d (0x%08X)", msg, err, err);
-    xmlSecErrorsDefaultCallback(file, line, func, 
-		errorObject, errorSubject, 
-		reason, (char*)buf);
+    xmlSecErrorsDefaultCallback(file, line, func,
+                errorObject, errorSubject,
+                reason, (char*)buf);
 }
diff --git a/src/nss/digests.c b/src/nss/digests.c
index 5a1db916..8063b443 100644
--- a/src/nss/digests.c
+++ b/src/nss/digests.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
@@ -24,20 +24,20 @@
 #include <xmlsec/nss/app.h>
 #include <xmlsec/nss/crypto.h>
 
-#define XMLSEC_NSS_MAX_DIGEST_SIZE		32
+#define XMLSEC_NSS_MAX_DIGEST_SIZE              64
 
 /**************************************************************************
  *
  * Internal NSS Digest CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecNssDigestCtx		xmlSecNssDigestCtx, *xmlSecNssDigestCtxPtr;
+typedef struct _xmlSecNssDigestCtx              xmlSecNssDigestCtx, *xmlSecNssDigestCtxPtr;
 struct _xmlSecNssDigestCtx {
-    SECOidData*		digest;
-    PK11Context*	digestCtx;
-    xmlSecByte 		dgst[XMLSEC_NSS_MAX_DIGEST_SIZE];
-    xmlSecSize		dgstSize;	/* dgst size in bytes */
-};	    
+    SECOidData*         digest;
+    PK11Context*        digestCtx;
+    xmlSecByte          dgst[XMLSEC_NSS_MAX_DIGEST_SIZE];
+    xmlSecSize          dgstSize;       /* dgst size in bytes */
+};
 
 /******************************************************************************
  *
@@ -46,35 +46,59 @@ struct _xmlSecNssDigestCtx {
  * xmlSecNssDigestCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecNssDigestSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecNssDigestCtx))	
+#define xmlSecNssDigestSize     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecNssDigestCtx))
 #define xmlSecNssDigestGetCtx(transform) \
     ((xmlSecNssDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int 	xmlSecNssDigestInitialize		(xmlSecTransformPtr transform);
-static void 	xmlSecNssDigestFinalize			(xmlSecTransformPtr transform);
-static int	xmlSecNssDigestVerify			(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data, 
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecNssDigestExecute			(xmlSecTransformPtr transform, 
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecNssDigestCheckId			(xmlSecTransformPtr transform);
+static int      xmlSecNssDigestCheckId                  (xmlSecTransformPtr transform);
+static int      xmlSecNssDigestInitialize               (xmlSecTransformPtr transform);
+static void     xmlSecNssDigestFinalize                 (xmlSecTransformPtr transform);
+static int      xmlSecNssDigestVerify                   (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssDigestExecute                  (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 static int
 xmlSecNssDigestCheckId(xmlSecTransformPtr transform) {
 
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformMd5Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_MD5 */
+
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha1Id)) {
-	return(1);
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) {
+        return(1);
     }
-#endif /* XMLSEC_NO_SHA1 */    
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha384Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha512Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA512 */
 
     return(0);
 }
 
-static int 
+static int
 xmlSecNssDigestInitialize(xmlSecTransformPtr transform) {
     xmlSecNssDigestCtxPtr ctx;
 
@@ -87,44 +111,69 @@ xmlSecNssDigestInitialize(xmlSecTransformPtr transform) {
     /* initialize context */
     memset(ctx, 0, sizeof(xmlSecNssDigestCtx));
 
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformMd5Id)) {
+        ctx->digest = SECOID_FindOIDByTag(SEC_OID_MD5);
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha1Id)) {
-	ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA1);
+        ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha256Id)) {
+        ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA256);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha384Id)) {
+        ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA384);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformSha512Id)) {
+        ctx->digest = SECOID_FindOIDByTag(SEC_OID_SHA512);
     } else
-#endif /* XMLSEC_NO_SHA1 */    	
+#endif /* XMLSEC_NO_SHA512 */
 
     if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     if(ctx->digest == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "SECOID_FindOIDByTag",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "SECOID_FindOIDByTag",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(-1);
     }
-    
+
     ctx->digestCtx = PK11_CreateDigestContext(ctx->digest->offset);
     if(ctx->digestCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "PK11_CreateDigestContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "PK11_CreateDigestContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(-1);
     }
-	
+
     return(0);
 }
 
-static void 
+static void
 xmlSecNssDigestFinalize(xmlSecTransformPtr transform) {
     xmlSecNssDigestCtxPtr ctx;
 
@@ -133,19 +182,19 @@ xmlSecNssDigestFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecNssDigestGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->digestCtx != NULL) {
-	PK11_DestroyContext(ctx->digestCtx, PR_TRUE);
+        PK11_DestroyContext(ctx->digestCtx, PR_TRUE);
     }
     memset(ctx, 0, sizeof(xmlSecNssDigestCtx));
 }
 
 static int
-xmlSecNssDigestVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
+xmlSecNssDigestVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssDigestCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecNssDigestCheckId(transform), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssDigestSize), -1);
@@ -156,39 +205,39 @@ xmlSecNssDigestVerify(xmlSecTransformPtr transform,
     ctx = xmlSecNssDigestGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
+
     if(dataSize != ctx->dgstSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest sizes are different (data=%d, dgst=%d)", 
-		    dataSize, ctx->dgstSize);
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest sizes are different (data=%d, dgst=%d)",
+                    dataSize, ctx->dgstSize);
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     if(memcmp(ctx->dgst, data, dataSize) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssDigestCtxPtr ctx;
     xmlSecBufferPtr in, out;
     SECStatus rv;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssDigestCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
@@ -202,83 +251,135 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt
     out = &(transform->outBuf);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	rv = PK11_DigestBegin(ctx->digestCtx);
-	if(rv != SECSuccess) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"PK11_DigestBegin",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusWorking;
+        rv = PK11_DigestBegin(ctx->digestCtx);
+        if(rv != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "PK11_DigestBegin",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
-	    if (rv != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "PK11_DigestOp",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {
-	    rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &ctx->dgstSize, sizeof(ctx->dgst));
-	    if(rv != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "PK11_DigestFinal",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	    xmlSecAssert2(ctx->dgstSize > 0, -1);
-
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", ctx->dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+            if (rv != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "PK11_DigestOp",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last) {
+            unsigned int dgstSize;
+
+            rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
+            if(rv != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "PK11_DigestFinal",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+            xmlSecAssert2(dgstSize > 0, -1);
+            ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
+
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", ctx->dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * Md5 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssDigestSize,                        /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameMd5,                              /* const xmlChar* name; */
+    xmlSecHrefMd5,                              /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecNssDigestInitialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssDigestFinalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssDigestVerify,                      /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssDigestExecute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformMd5GetKlass:
+ *
+ * MD5 digest transform klass.
+ *
+ * Returns: pointer to MD5 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformMd5GetKlass(void) {
+    return(&xmlSecNssMd5Klass);
+}
+#endif /* XMLSEC_NO_MD5 */
+
+
 #ifndef XMLSEC_NO_SHA1
 /******************************************************************************
  *
@@ -287,45 +388,189 @@ xmlSecNssDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecNssSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssDigestSize,			/* xmlSecSize objSize */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssDigestSize,                        /* xmlSecSize objSize */
 
     /* data */
-    xmlSecNameSha1,				/* const xmlChar* name; */
-    xmlSecHrefSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
+    xmlSecNameSha1,                             /* const xmlChar* name; */
+    xmlSecHrefSha1,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
     /* methods */
-    xmlSecNssDigestInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssDigestFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssDigestVerify,			/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssDigestExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    xmlSecNssDigestInitialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssDigestFinalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssDigestVerify,                      /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssDigestExecute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformSha1GetKlass:
  *
  * SHA-1 digest transform klass.
  *
  * Returns: pointer to SHA-1 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformSha1GetKlass(void) {
     return(&xmlSecNssSha1Klass);
 }
 #endif /* XMLSEC_NO_SHA1 */
 
 
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * SHA256 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssDigestSize,                        /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha256,                           /* const xmlChar* name; */
+    xmlSecHrefSha256,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecNssDigestInitialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssDigestFinalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssDigestVerify,                      /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssDigestExecute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha256GetKlass:
+ *
+ * SHA256 digest transform klass.
+ *
+ * Returns: pointer to SHA256 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha256GetKlass(void) {
+    return(&xmlSecNssSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * SHA384 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssDigestSize,                        /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha384,                           /* const xmlChar* name; */
+    xmlSecHrefSha384,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecNssDigestInitialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssDigestFinalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssDigestVerify,                      /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssDigestExecute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha384GetKlass:
+ *
+ * SHA384 digest transform klass.
+ *
+ * Returns: pointer to SHA384 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha384GetKlass(void) {
+    return(&xmlSecNssSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * SHA512 Digest transforms
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecNssSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssDigestSize,                        /* xmlSecSize objSize */
+
+    /* data */
+    xmlSecNameSha512,                           /* const xmlChar* name; */
+    xmlSecHrefSha512,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    /* methods */
+    xmlSecNssDigestInitialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssDigestFinalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssDigestVerify,                      /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssDigestExecute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformSha512GetKlass:
+ *
+ * SHA512 digest transform klass.
+ *
+ * Returns: pointer to SHA512 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformSha512GetKlass(void) {
+    return(&xmlSecNssSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
 
diff --git a/src/nss/globals.h b/src/nss/globals.h
index 272a27b8..770b6dba 100644
--- a/src/nss/globals.h
+++ b/src/nss/globals.h
@@ -5,14 +5,14 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GLOBALS_H__
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
diff --git a/src/nss/hmac.c b/src/nss/hmac.c
index 98bf0c12..ae7e67ef 100644
--- a/src/nss/hmac.c
+++ b/src/nss/hmac.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
@@ -27,8 +27,8 @@
 #include <xmlsec/nss/crypto.h>
 
 /* sizes in bits */
-#define XMLSEC_NSS_MIN_HMAC_SIZE		80
-#define XMLSEC_NSS_MAX_HMAC_SIZE		(128 * 8)
+#define XMLSEC_NSS_MIN_HMAC_SIZE                80
+#define XMLSEC_NSS_MAX_HMAC_SIZE                (128 * 8)
 
 /**************************************************************************
  *
@@ -38,10 +38,10 @@
 static int g_xmlsec_nss_hmac_min_length = XMLSEC_NSS_MIN_HMAC_SIZE;
 
 /**
- * xmlSecNssHmacGetMinOutputLength: 
- * 
+ * xmlSecNssHmacGetMinOutputLength:
+ *
  * Gets the value of min HMAC length.
- * 
+ *
  * Returns: the min HMAC output length
  */
 int xmlSecNssHmacGetMinOutputLength(void)
@@ -50,9 +50,9 @@ int xmlSecNssHmacGetMinOutputLength(void)
 }
 
 /**
- * xmlSecNssHmacSetMinOutputLength: 
- * @min_length: the new min length 
- * 
+ * xmlSecNssHmacSetMinOutputLength:
+ * @min_length: the new min length
+ *
  * Sets the min HMAC output length
  */
 void xmlSecNssHmacSetMinOutputLength(int min_length)
@@ -65,13 +65,13 @@ void xmlSecNssHmacSetMinOutputLength(int min_length)
  * Internal NSS HMAC CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecNssHmacCtx		xmlSecNssHmacCtx, *xmlSecNssHmacCtxPtr;
+typedef struct _xmlSecNssHmacCtx                xmlSecNssHmacCtx, *xmlSecNssHmacCtxPtr;
 struct _xmlSecNssHmacCtx {
-    CK_MECHANISM_TYPE	digestType;
-    PK11Context*	digestCtx;
-    xmlSecByte 		dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
-    xmlSecSize		dgstSize;	/* dgst size in bits */
-};	    
+    CK_MECHANISM_TYPE   digestType;
+    PK11Context*        digestCtx;
+    xmlSecByte          dgst[XMLSEC_NSS_MAX_HMAC_SIZE / 8];
+    xmlSecSize          dgstSize;       /* dgst size in bits */
+};
 
 /******************************************************************************
  *
@@ -82,31 +82,72 @@ struct _xmlSecNssHmacCtx {
  *****************************************************************************/
 #define xmlSecNssHmacGetCtx(transform) \
     ((xmlSecNssHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecNssHmacSize	\
+#define xmlSecNssHmacSize       \
     (sizeof(xmlSecTransform) + sizeof(xmlSecNssHmacCtx))
-#define xmlSecNssHmacCheckId(transform) \
-    (xmlSecTransformCheckId((transform), xmlSecNssTransformHmacSha1Id) || \
-     xmlSecTransformCheckId((transform), xmlSecNssTransformHmacMd5Id) || \
-     xmlSecTransformCheckId((transform), xmlSecNssTransformHmacRipemd160Id))
-
-static int 	xmlSecNssHmacInitialize			(xmlSecTransformPtr transform);
-static void 	xmlSecNssHmacFinalize			(xmlSecTransformPtr transform);
-static int 	xmlSecNssHmacNodeRead			(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecNssHmacSetKeyReq			(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecNssHmacSetKey			(xmlSecTransformPtr transform, 
-							 xmlSecKeyPtr key);
-static int	xmlSecNssHmacVerify			(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data, 
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecNssHmacExecute			(xmlSecTransformPtr transform, 
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
-
-static int 
+
+static int      xmlSecNssHmacCheckId                    (xmlSecTransformPtr transform);
+static int      xmlSecNssHmacInitialize                 (xmlSecTransformPtr transform);
+static void     xmlSecNssHmacFinalize                   (xmlSecTransformPtr transform);
+static int      xmlSecNssHmacNodeRead                   (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssHmacSetKeyReq                  (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecNssHmacSetKey                     (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecNssHmacVerify                     (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssHmacExecute                    (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+
+
+static int
+xmlSecNssHmacCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha256Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha384Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha512Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA512 */
+
+    /* not found */
+    return(0);
+}
+
+static int
 xmlSecNssHmacInitialize(xmlSecTransformPtr transform) {
     xmlSecNssHmacCtxPtr ctx;
 
@@ -115,30 +156,61 @@ xmlSecNssHmacInitialize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecNssHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
     memset(ctx, 0, sizeof(xmlSecNssHmacCtx));
-    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
-        ctx->digestType = CKM_SHA_1_HMAC;
-    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacMd5Id)) {
         ctx->digestType = CKM_MD5_HMAC;
-    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacRipemd160Id)) {
         ctx->digestType = CKM_RIPEMD160_HMAC;
-    } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    } else
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha1Id)) {
+        ctx->digestType = CKM_SHA_1_HMAC;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha256Id)) {
+        ctx->digestType = CKM_SHA256_HMAC;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha384Id)) {
+        ctx->digestType = CKM_SHA384_HMAC;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformHmacSha512Id)) {
+        ctx->digestType = CKM_SHA512_HMAC;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-static void 
+static void
 xmlSecNssHmacFinalize(xmlSecTransformPtr transform) {
     xmlSecNssHmacCtxPtr ctx;
 
-    xmlSecAssert(xmlSecNssHmacCheckId(transform));    
+    xmlSecAssert(xmlSecNssHmacCheckId(transform));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize));
 
     ctx = xmlSecNssHmacGetCtx(transform);
@@ -155,21 +227,21 @@ xmlSecNssHmacFinalize(xmlSecTransformPtr transform) {
  *
  * HMAC (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
  *
- * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits 
- * as a parameter; if the parameter is not specified then all the bits of the 
- * hash are output. An example of an HMAC SignatureMethod element:  
+ * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
+ * as a parameter; if the parameter is not specified then all the bits of the
+ * hash are output. An example of an HMAC SignatureMethod element:
  * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
  *   <HMACOutputLength>128</HMACOutputLength>
  * </SignatureMethod>
- * 
+ *
  * Schema Definition:
- * 
+ *
  * <simpleType name="HMACOutputLengthType">
  *   <restriction base="integer"/>
  * </simpleType>
- *     
+ *
  * DTD:
- *     
+ *
  * <!ELEMENT HMACOutputLength (#PCDATA)>
  */
 static int
@@ -185,45 +257,45 @@ xmlSecNssHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTrans
     ctx = xmlSecNssHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    cur = xmlSecGetNextElementNode(node->children); 
-    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {  
-	xmlChar *content;
-	
-	content = xmlNodeGetContent(cur);
-	if(content != NULL) {
-	    ctx->dgstSize = atoi((char*)content);	    
-	    xmlFree(content);
-	}
-
-	/* Ensure that HMAC length is greater than min specified.
-	   Otherwise, an attacker can set this lenght to 0 or very 
-	   small value
-	*/
-	if((int)ctx->dgstSize < xmlSecNssHmacGetMinOutputLength()) {
- 	   xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-		    "HMAC output length is too small");
-	   return(-1);
-	}
-
-	cur = xmlSecGetNextElementNode(cur->next);
+    cur = xmlSecGetNextElementNode(node->children);
+    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
+        xmlChar *content;
+
+        content = xmlNodeGetContent(cur);
+        if(content != NULL) {
+            ctx->dgstSize = atoi((char*)content);
+            xmlFree(content);
+        }
+
+        /* Ensure that HMAC length is greater than min specified.
+           Otherwise, an attacker can set this length to 0 or very
+           small value
+        */
+        if((int)ctx->dgstSize < xmlSecNssHmacGetMinOutputLength()) {
+           xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                    "HMAC output length is too small");
+           return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "no nodes expected");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        return(-1);
     }
-    return(0); 
+    return(0);
 }
 
 
-static int  
+static int
 xmlSecNssHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecNssHmacCtxPtr ctx;
 
@@ -238,11 +310,11 @@ xmlSecNssHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     keyReq->keyId  = xmlSecNssKeyDataHmacId;
     keyReq->keyType= xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationSign) {
-	keyReq->keyUsage = xmlSecKeyUsageSign;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
     }
-    
+
     return(0);
 }
 
@@ -255,7 +327,7 @@ xmlSecNssHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     SECItem ignore;
     PK11SlotInfo* slot;
     PK11SymKey* symKey;
-    
+
     xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
@@ -265,7 +337,7 @@ xmlSecNssHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->digestType != 0, -1);
     xmlSecAssert2(ctx->digestCtx == NULL, -1);
-    
+
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecNssKeyDataHmacId), -1);
 
@@ -273,51 +345,51 @@ xmlSecNssHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(buffer != NULL, -1);
 
     if(xmlSecBufferGetSize(buffer) == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key is empty");
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key is empty");
+        return(-1);
     }
 
     memset(&ignore, 0, sizeof(ignore));
     memset(&keyItem, 0, sizeof(keyItem));
     keyItem.data = xmlSecBufferGetData(buffer);
-    keyItem.len  = xmlSecBufferGetSize(buffer); 
+    keyItem.len  = xmlSecBufferGetSize(buffer);
 
     slot = PK11_GetBestSlot(ctx->digestType, NULL);
     if(slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "PK11_GetBestSlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-	
-    symKey = PK11_ImportSymKey(slot, ctx->digestType, PK11_OriginDerive, 
-			       CKA_SIGN, &keyItem, NULL);
+
+    symKey = PK11_ImportSymKey(slot, ctx->digestType, PK11_OriginDerive,
+                               CKA_SIGN, &keyItem, NULL);
     if(symKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "PK11_ImportSymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "PK11_ImportSymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
         PK11_FreeSlot(slot);
-	return(-1);
+        return(-1);
     }
 
     ctx->digestCtx = PK11_CreateContextBySymKey(ctx->digestType, CKA_SIGN, symKey, &ignore);
     if(ctx->digestCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "PK11_CreateContextBySymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	PK11_FreeSymKey(symKey);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "PK11_CreateContextBySymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        PK11_FreeSymKey(symKey);
         PK11_FreeSlot(slot);
-	return(-1);
+        return(-1);
     }
 
     PK11_FreeSymKey(symKey);
@@ -326,15 +398,15 @@ xmlSecNssHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
 }
 
 static int
-xmlSecNssHmacVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
-    static xmlSecByte last_byte_masks[] = 	
-		{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
+xmlSecNssHmacVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    static xmlSecByte last_byte_masks[] =
+                { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
 
     xmlSecNssHmacCtxPtr ctx;
     xmlSecByte mask;
-        
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
@@ -346,54 +418,54 @@ xmlSecNssHmacVerify(xmlSecTransformPtr transform,
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->digestCtx != NULL, -1);
     xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
+
     /* compare the digest size in bytes */
     if(dataSize != ((ctx->dgstSize + 7) / 8)){
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "data=%d;dgst=%d",
-		    dataSize, ((ctx->dgstSize + 7) / 8));
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data=%d;dgst=%d",
+                    dataSize, ((ctx->dgstSize + 7) / 8));
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
 
     /* we check the last byte separatelly */
     xmlSecAssert2(dataSize > 0, -1);
     mask = last_byte_masks[ctx->dgstSize % 8];
     if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1]  & mask)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match (last byte)");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match (last byte)");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
 
     /* now check the rest of the digest */
     if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecNssHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssHmacCtxPtr ctx;
     xmlSecBufferPtr in, out;
     SECStatus rv;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssHmacCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssHmacSize), -1);
@@ -407,226 +479,376 @@ xmlSecNssHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxP
     out = &(transform->outBuf);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	rv = PK11_DigestBegin(ctx->digestCtx);
-	if(rv != SECSuccess) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"PK11_DigestBegin",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusWorking;
+        rv = PK11_DigestBegin(ctx->digestCtx);
+        if(rv != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "PK11_DigestBegin",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
-	    if (rv != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "PK11_DigestOp",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {
-	    xmlSecSize dgstSize;
-
-	    rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
-	    if(rv != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "PK11_DigestFinal",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	    xmlSecAssert2(dgstSize > 0, -1);
-
-	    /* check/set the result digest size */
-	    if(ctx->dgstSize == 0) {
-		ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
-	    } else if(ctx->dgstSize <= 8 * dgstSize) {
-		dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
-	    } else {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_SIZE,
-			    "result-bits=%d;required-bits=%d",
-			    8 * dgstSize, ctx->dgstSize);
-		return(-1);
-	    }
-
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            rv = PK11_DigestOp(ctx->digestCtx, xmlSecBufferGetData(in), inSize);
+            if (rv != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "PK11_DigestOp",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last) {
+            unsigned int dgstSize;
+
+            rv = PK11_DigestFinal(ctx->digestCtx, ctx->dgst, &dgstSize, sizeof(ctx->dgst));
+            if(rv != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "PK11_DigestFinal",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+            xmlSecAssert2(dgstSize > 0, -1);
+
+            /* check/set the result digest size */
+            if(ctx->dgstSize == 0) {
+                ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize * 8); /* no dgst size specified, use all we have */
+            } else if(ctx->dgstSize <= XMLSEC_SIZE_BAD_CAST(8 * dgstSize)) {
+                dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+            } else {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_SIZE,
+                            "result-bits=%d;required-bits=%d",
+                            8 * dgstSize, ctx->dgstSize);
+                return(-1);
+            }
+
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "size=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "size=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
-/** 
- * HMAC SHA1
- */
-static xmlSecTransformKlass xmlSecNssHmacSha1Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssHmacSize,				/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha1,				/* const xmlChar* name; */
-    xmlSecHrefHmacSha1, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecNssHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecNssHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */    
-    xmlSecNssHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecNssHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-/** 
- * xmlSecNssTransformHmacSha1GetKlass:
- *
- * The HMAC-SHA1 transform klass.
+#ifndef XMLSEC_NO_RIPEMD160
+/******************************************************************************
  *
- * Returns: the HMAC-SHA1 transform klass.
- */
-xmlSecTransformId 
-xmlSecNssTransformHmacSha1GetKlass(void) {
-    return(&xmlSecNssHmacSha1Klass);
-}
-
-/** 
  * HMAC Ripemd160
- */
+ *
+ ******************************************************************************/
 static xmlSecTransformKlass xmlSecNssHmacRipemd160Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssHmacSize,				/* xmlSecSize objSize */
-
-    xmlSecNameHmacRipemd160,			/* const xmlChar* name; */
-    xmlSecHrefHmacRipemd160, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecNssHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecNssHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */    
-    xmlSecNssHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecNssHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacRipemd160,                    /* const xmlChar* name; */
+    xmlSecHrefHmacRipemd160,                    /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformHmacRipemd160GetKlass:
  *
  * The HMAC-RIPEMD160 transform klass.
  *
  * Returns: the HMAC-RIPEMD160 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformHmacRipemd160GetKlass(void) {
     return(&xmlSecNssHmacRipemd160Klass);
 }
+#endif /* XMLSEC_NO_RIPEMD160 */
 
-/** 
- * HMAC Md5
- */
+#ifndef XMLSEC_NO_MD5
+/******************************************************************************
+ *
+ * HMAC MD5
+ *
+ ******************************************************************************/
 static xmlSecTransformKlass xmlSecNssHmacMd5Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssHmacSize,				/* xmlSecSize objSize */
-
-    xmlSecNameHmacMd5,				/* const xmlChar* name; */
-    xmlSecHrefHmacMd5, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecNssHmacInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecNssHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */    
-    xmlSecNssHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecNssHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacMd5,                          /* const xmlChar* name; */
+    xmlSecHrefHmacMd5,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformHmacMd5GetKlass:
  *
  * The HMAC-MD5 transform klass.
  *
  * Returns: the HMAC-MD5 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformHmacMd5GetKlass(void) {
     return(&xmlSecNssHmacMd5Klass);
 }
+#endif /* XMLSEC_NO_MD5 */
 
+#ifndef XMLSEC_NO_SHA1
+/******************************************************************************
+ *
+ * HMAC SHA1
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecNssHmacSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha1,                         /* const xmlChar* name; */
+    xmlSecHrefHmacSha1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacSha1GetKlass:
+ *
+ * The HMAC-SHA1 transform klass.
+ *
+ * Returns: the HMAC-SHA1 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacSha1GetKlass(void) {
+    return(&xmlSecNssHmacSha1Klass);
+}
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/******************************************************************************
+ *
+ * HMAC SHA256
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecNssHmacSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha256,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha256,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacSha256GetKlass:
+ *
+ * The HMAC-SHA256 transform klass.
+ *
+ * Returns: the HMAC-SHA256 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacSha256GetKlass(void) {
+    return(&xmlSecNssHmacSha256Klass);
+}
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/******************************************************************************
+ *
+ * HMAC SHA384
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecNssHmacSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha384,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha384,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacSha384GetKlass:
+ *
+ * The HMAC-SHA384 transform klass.
+ *
+ * Returns: the HMAC-SHA384 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacSha384GetKlass(void) {
+    return(&xmlSecNssHmacSha384Klass);
+}
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/******************************************************************************
+ *
+ * HMAC SHA512
+ *
+ ******************************************************************************/
+static xmlSecTransformKlass xmlSecNssHmacSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssHmacSize,                          /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha512,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha512,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssHmacInitialize,                    /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssHmacFinalize,                      /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecNssHmacNodeRead,                      /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssHmacSetKeyReq,                     /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssHmacSetKey,                        /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssHmacVerify,                        /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssHmacExecute,                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformHmacSha512GetKlass:
+ *
+ * The HMAC-SHA512 transform klass.
+ *
+ * Returns: the HMAC-SHA512 transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformHmacSha512GetKlass(void) {
+    return(&xmlSecNssHmacSha512Klass);
+}
+#endif /* XMLSEC_NO_SHA512 */
 
 #endif /* XMLSEC_NO_HMAC */
 
diff --git a/src/nss/keysstore.c b/src/nss/keysstore.c
index a583f604..f07e44be 100644
--- a/src/nss/keysstore.c
+++ b/src/nss/keysstore.c
@@ -1,6 +1,6 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Nss keys store that uses Simple Keys Store under the hood. Uses the
  * Nss DB as a backing store for the finding keys, but the NSS DB is
  * not written to by the keys store.
@@ -8,12 +8,12 @@
  * keys store, the NSS DB is looked up.
  * If store is called to adopt a key, that key is not written to the NSS
  * DB.
- * Thus, the NSS DB can be used to pre-load keys and becomes an alternate 
+ * Thus, the NSS DB can be used to pre-load keys and becomes an alternate
  * source of keys for xmlsec
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for precise wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -21,12 +21,12 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <nss.h> 
-#include <cert.h> 
-#include <pk11func.h> 
-#include <keyhi.h> 
+#include <nss.h>
+#include <cert.h>
+#include <pk11func.h>
+#include <keyhi.h>
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -44,89 +44,89 @@
 /****************************************************************************
  *
  * Nss Keys Store. Uses Simple Keys Store under the hood
- * 
+ *
  * Simple Keys Store ptr is located after xmlSecKeyStore
  *
  ***************************************************************************/
 #define xmlSecNssKeysStoreSize \
-	(sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
+        (sizeof(xmlSecKeyStore) + sizeof(xmlSecKeyStorePtr))
 
 #define xmlSecNssKeysStoreGetSS(store) \
     ((xmlSecKeyStoreCheckSize((store), xmlSecNssKeysStoreSize)) ? \
      (xmlSecKeyStorePtr*)(((xmlSecByte*)(store)) + sizeof(xmlSecKeyStore)) : \
      (xmlSecKeyStorePtr*)NULL)
 
-static int			xmlSecNssKeysStoreInitialize	(xmlSecKeyStorePtr store);
-static void			xmlSecNssKeysStoreFinalize	(xmlSecKeyStorePtr store);
-static xmlSecKeyPtr 		xmlSecNssKeysStoreFindKey	(xmlSecKeyStorePtr store, 
-								 const xmlChar* name, 
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int                      xmlSecNssKeysStoreInitialize    (xmlSecKeyStorePtr store);
+static void                     xmlSecNssKeysStoreFinalize      (xmlSecKeyStorePtr store);
+static xmlSecKeyPtr             xmlSecNssKeysStoreFindKey       (xmlSecKeyStorePtr store,
+                                                                 const xmlChar* name,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyStoreKlass xmlSecNssKeysStoreKlass = {
     sizeof(xmlSecKeyStoreKlass),
     xmlSecNssKeysStoreSize,
 
     /* data */
-    BAD_CAST "NSS-keys-store",		/* const xmlChar* name; */ 
-        
+    BAD_CAST "NSS-keys-store",          /* const xmlChar* name; */
+
     /* constructors/destructor */
-    xmlSecNssKeysStoreInitialize,	/* xmlSecKeyStoreInitializeMethod initialize; */
-    xmlSecNssKeysStoreFinalize,		/* xmlSecKeyStoreFinalizeMethod finalize; */
-    xmlSecNssKeysStoreFindKey,		/* xmlSecKeyStoreFindKeyMethod findKey; */
+    xmlSecNssKeysStoreInitialize,       /* xmlSecKeyStoreInitializeMethod initialize; */
+    xmlSecNssKeysStoreFinalize,         /* xmlSecKeyStoreFinalizeMethod finalize; */
+    xmlSecNssKeysStoreFindKey,          /* xmlSecKeyStoreFindKeyMethod findKey; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
 /**
  * xmlSecNssKeysStoreGetKlass:
- * 
+ *
  * The Nss list based keys store klass.
  *
  * Returns: Nss list based keys store klass.
  */
-xmlSecKeyStoreId 
+xmlSecKeyStoreId
 xmlSecNssKeysStoreGetKlass(void) {
     return(&xmlSecNssKeysStoreKlass);
 }
 
 /**
  * xmlSecNssKeysStoreAdoptKey:
- * @store:		the pointer to Nss keys store.
- * @key:		the pointer to key.
- * 
- * Adds @key to the @store. 
+ * @store:              the pointer to Nss keys store.
+ * @key:                the pointer to key.
+ *
+ * Adds @key to the @store.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecNssKeysStoreAdoptKey(xmlSecKeyStorePtr store, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr *ss;
-    
+
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
     xmlSecAssert2((key != NULL), -1);
 
     ss = xmlSecNssKeysStoreGetSS(store);
-    xmlSecAssert2(((ss != NULL) && (*ss != NULL) && 
-		   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
+    xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
+                   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
 
     return (xmlSecSimpleKeysStoreAdoptKey(*ss, key));
 }
 
-/** 
+/**
  * xmlSecNssKeysStoreLoad:
- * @store:		the pointer to Nss keys store.
- * @uri:		the filename.
- * @keysMngr:		the pointer to associated keys manager. 
- * 
+ * @store:              the pointer to Nss keys store.
+ * @uri:                the filename.
+ * @keysMngr:           the pointer to associated keys manager.
+ *
  * Reads keys from an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
 int
-xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri, 
-			    xmlSecKeysMngrPtr keysMngr) {
+xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
+                            xmlSecKeysMngrPtr keysMngr) {
     xmlDocPtr doc;
     xmlNodePtr root;
     xmlNodePtr cur;
@@ -135,117 +135,117 @@ xmlSecNssKeysStoreLoad(xmlSecKeyStorePtr store, const char *uri,
     int ret;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
-    xmlSecAssert2((uri != NULL), -1);    
+    xmlSecAssert2((uri != NULL), -1);
 
     doc = xmlParseFile(uri);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlParseFile",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "uri=%s", 
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlParseFile",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
-    
+
     root = xmlDocGetRootElement(doc);
     if(!xmlSecCheckNodeName(root, BAD_CAST "Keys", xmlSecNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected-node=<xmlsec:Keys>");
-	xmlFreeDoc(doc);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(root)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected-node=<xmlsec:Keys>");
+        xmlFreeDoc(doc);
+        return(-1);
     }
-        
+
     cur = xmlSecGetNextElementNode(root->children);
-    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {  
-	key = xmlSecKeyCreate();
-	if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_INVALID_NODE,
-			"expected-node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-
-	ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoCtxInitialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	
-	keyInfoCtx.mode 	  = xmlSecKeyInfoModeRead;
-	keyInfoCtx.keysMngr	  = keysMngr;
-	keyInfoCtx.flags 	  = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
-				    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
-        keyInfoCtx.keyReq.keyId	  = xmlSecKeyDataIdUnknown;
-	keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
-	keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
-
-	ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			"xmlSecKeyInfoNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	    xmlSecKeyDestroy(key);
-	    xmlFreeDoc(doc);
-	    return(-1);
-	}
-	xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
-	
-	if(xmlSecKeyIsValid(key)) {
-    	    ret = xmlSecNssKeysStoreAdoptKey(store, key);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-			    "xmlSecNssKeysStoreAdoptKey",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDestroy(key);
-		xmlFreeDoc(doc);
-		return(-1);
-	    }
-	} else {
-	    /* we have an unknown key in our file, just ignore it */
-	    xmlSecKeyDestroy(key);
-	}
+    while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
+        key = xmlSecKeyCreate();
+        if(key == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_INVALID_NODE,
+                        "expected-node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        ret = xmlSecKeyInfoCtxInitialize(&keyInfoCtx, NULL);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoCtxInitialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+
+        keyInfoCtx.mode           = xmlSecKeyInfoModeRead;
+        keyInfoCtx.keysMngr       = keysMngr;
+        keyInfoCtx.flags          = XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND |
+                                    XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
+        keyInfoCtx.keyReq.keyId   = xmlSecKeyDataIdUnknown;
+        keyInfoCtx.keyReq.keyType = xmlSecKeyDataTypeAny;
+        keyInfoCtx.keyReq.keyUsage= xmlSecKeyDataUsageAny;
+
+        ret = xmlSecKeyInfoNodeRead(cur, key, &keyInfoCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                        "xmlSecKeyInfoNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+            xmlSecKeyDestroy(key);
+            xmlFreeDoc(doc);
+            return(-1);
+        }
+        xmlSecKeyInfoCtxFinalize(&keyInfoCtx);
+
+        if(xmlSecKeyIsValid(key)) {
+            ret = xmlSecNssKeysStoreAdoptKey(store, key);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                            "xmlSecNssKeysStoreAdoptKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDestroy(key);
+                xmlFreeDoc(doc);
+                return(-1);
+            }
+        } else {
+            /* we have an unknown key in our file, just ignore it */
+            xmlSecKeyDestroy(key);
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
     }
-    
+
     xmlFreeDoc(doc);
     return(0);
 }
 
-/** 
+/**
  * xmlSecNssKeysStoreSave:
- * @store:		the pointer to Nss keys store.
- * @filename:		the filename.
- * @type:		the saved keys type (public, private, ...).
- * 
+ * @store:              the pointer to Nss keys store.
+ * @filename:           the filename.
+ * @type:               the saved keys type (public, private, ...).
+ *
  * Writes keys from @store to an XML file.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -255,11 +255,11 @@ xmlSecNssKeysStoreSave(xmlSecKeyStorePtr store, const char *filename, xmlSecKeyD
     xmlSecKeyStorePtr *ss;
 
     xmlSecAssert2(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId), -1);
-    xmlSecAssert2((filename != NULL), -1);    
-    
+    xmlSecAssert2((filename != NULL), -1);
+
     ss = xmlSecNssKeysStoreGetSS(store);
-    xmlSecAssert2(((ss != NULL) && (*ss != NULL) && 
-		   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
+    xmlSecAssert2(((ss != NULL) && (*ss != NULL) &&
+                   (xmlSecKeyStoreCheckId(*ss, xmlSecSimpleKeysStoreId))), -1);
 
     return (xmlSecSimpleKeysStoreSave(*ss, filename, type));
 }
@@ -275,32 +275,32 @@ xmlSecNssKeysStoreInitialize(xmlSecKeyStorePtr store) {
 
     *ss = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
     if(*ss == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
-		    "xmlSecKeyStoreCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecSimpleKeysStoreId");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyStoreGetName(store)),
+                    "xmlSecKeyStoreCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecSimpleKeysStoreId");
+        return(-1);
     }
 
-    return(0);    
+    return(0);
 }
 
 static void
 xmlSecNssKeysStoreFinalize(xmlSecKeyStorePtr store) {
     xmlSecKeyStorePtr *ss;
-    
+
     xmlSecAssert(xmlSecKeyStoreCheckId(store, xmlSecNssKeysStoreId));
-    
+
     ss = xmlSecNssKeysStoreGetSS(store);
     xmlSecAssert((ss != NULL) && (*ss != NULL));
-    
+
     xmlSecKeyStoreDestroy(*ss);
 }
 
-static xmlSecKeyPtr 
-xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name, 
-		          xmlSecKeyInfoCtxPtr keyInfoCtx) {
+static xmlSecKeyPtr
+xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
+                          xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyStorePtr* ss;
     xmlSecKeyPtr key = NULL;
     xmlSecKeyPtr retval = NULL;
@@ -320,165 +320,165 @@ xmlSecNssKeysStoreFindKey(xmlSecKeyStorePtr store, const xmlChar* name,
 
     key = xmlSecKeyStoreFindKey(*ss, name, keyInfoCtx);
     if (key != NULL) {
-	return (key);
+        return (key);
     }
 
     /* Try to find the key in the NSS DB, and construct an xmlSecKey.
      * we must have a name to lookup keys in NSS DB.
      */
     if (name == NULL) {
-	goto done;
+        goto done;
     }
 
-    /* what type of key are we looking for? 
+    /* what type of key are we looking for?
      * TBD: For now, we'll look only for public/private keys using the
      * name as a cert nickname. Later on, we can attempt to find
-     * symmetric keys using PK11_FindFixedKey 
+     * symmetric keys using PK11_FindFixedKey
      */
     keyReq = &(keyInfoCtx->keyReq);
-    if (keyReq->keyType & 
-	(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate)) {
-	cert = CERT_FindCertByNickname (CERT_GetDefaultCertDB(), (char *)name);
-	if (cert == NULL) {
-	    goto done;
-	}
-
-	if (keyReq->keyType & xmlSecKeyDataTypePublic) {
- 	    pubkey = CERT_ExtractPublicKey(cert);
-	    if (pubkey == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "CERT_ExtractPublicKey",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	} 
-
-	if (keyReq->keyType & xmlSecKeyDataTypePrivate) { 
- 	    privkey = PK11_FindKeyByAnyCert(cert, NULL);
-	    if (privkey == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "PK11_FindKeyByAnyCert",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	}
-
-	data = xmlSecNssPKIAdoptKey(privkey, pubkey);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssPKIAdoptKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}    
-	privkey = NULL;
-	pubkey = NULL;
+    if (keyReq->keyType &
+        (xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate)) {
+        cert = CERT_FindCertByNickname (CERT_GetDefaultCertDB(), (char *)name);
+        if (cert == NULL) {
+            goto done;
+        }
+
+        if (keyReq->keyType & xmlSecKeyDataTypePublic) {
+            pubkey = CERT_ExtractPublicKey(cert);
+            if (pubkey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "CERT_ExtractPublicKey",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+
+        if (keyReq->keyType & xmlSecKeyDataTypePrivate) {
+            privkey = PK11_FindKeyByAnyCert(cert, NULL);
+            if (privkey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PK11_FindKeyByAnyCert",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+
+        data = xmlSecNssPKIAdoptKey(privkey, pubkey);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssPKIAdoptKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+        privkey = NULL;
+        pubkey = NULL;
 
         key = xmlSecKeyCreate();
         if (key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return (NULL);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return (NULL);
+        }
+
+        x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id);
+        if(x509Data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
+            goto done;
+        }
+
+        ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, cert);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssKeyDataX509AdoptKeyCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        cert = CERT_DupCertificate(cert);
+        if (cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "CERT_DupCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        ret = xmlSecNssKeyDataX509AdoptCert(x509Data, cert);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+        cert = NULL;
+
+        ret = xmlSecKeySetValue(key, data);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeySetValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+            goto done;
+        }
+        data = NULL;
+
+        ret = xmlSecKeyAdoptData(key, x509Data);
+        if (ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyAdoptData",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
         }
+        x509Data = NULL;
 
-	x509Data = xmlSecKeyDataCreate(xmlSecNssKeyDataX509Id);
-	if(x509Data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecNssKeyDataX509Id)));
-	    goto done;
-	}
-
-	ret = xmlSecNssKeyDataX509AdoptKeyCert(x509Data, cert);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssKeyDataX509AdoptKeyCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	cert = CERT_DupCertificate(cert);
-	if (cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"CERT_DupCertificate",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-
-	ret = xmlSecNssKeyDataX509AdoptCert(x509Data, cert);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	cert = NULL;
-
-	ret = xmlSecKeySetValue(key, data);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeySetValue",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s", 
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	    goto done;
-	}
-	data = NULL;
-
-	ret = xmlSecKeyAdoptData(key, x509Data);
-	if (ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyAdoptData",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-	x509Data = NULL;
-
-	retval = key;
-	key = NULL;
+        retval = key;
+        key = NULL;
     }
 
 done:
     if (cert != NULL) {
-	CERT_DestroyCertificate(cert);
+        CERT_DestroyCertificate(cert);
     }
     if (pubkey != NULL) {
-	SECKEY_DestroyPublicKey(pubkey);
+        SECKEY_DestroyPublicKey(pubkey);
     }
     if (privkey != NULL) {
-	SECKEY_DestroyPrivateKey(privkey);
+        SECKEY_DestroyPrivateKey(privkey);
     }
     if (data != NULL) {
-	xmlSecKeyDataDestroy(data);
+        xmlSecKeyDataDestroy(data);
     }
     if (x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if (key != NULL) {
-	xmlSecKeyDestroy(key);
+        xmlSecKeyDestroy(key);
     }
 
     return (retval);
diff --git a/src/nss/keytrans.c b/src/nss/keytrans.c
index 5d256c22..d84593b9 100644
--- a/src/nss/keytrans.c
+++ b/src/nss/keytrans.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * AES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright .................................
  */
 #include "globals.h"
@@ -32,713 +32,722 @@
 
 /*********************************************************************
  *
- * key transform transforms
+ * Key transport transforms
  *
  ********************************************************************/
-typedef struct _xmlSecNssKeyTransportCtx			xmlSecNssKeyTransportCtx;
-typedef struct _xmlSecNssKeyTransportCtx*		    xmlSecNssKeyTransportCtxPtr;
+typedef struct _xmlSecNssKeyTransportCtx                        xmlSecNssKeyTransportCtx;
+typedef struct _xmlSecNssKeyTransportCtx*                   xmlSecNssKeyTransportCtxPtr;
 
-#define xmlSecNssKeyTransportSize	\
-	( sizeof( xmlSecTransform ) + sizeof( xmlSecNssKeyTransportCtx ) )
+#define xmlSecNssKeyTransportSize       \
+        ( sizeof( xmlSecTransform ) + sizeof( xmlSecNssKeyTransportCtx ) )
 #define xmlSecNssKeyTransportGetCtx( transform ) \
-	( ( xmlSecNssKeyTransportCtxPtr )( ( ( xmlSecByte* )( transform ) ) + sizeof( xmlSecTransform ) ) )
+        ( ( xmlSecNssKeyTransportCtxPtr )( ( ( xmlSecByte* )( transform ) ) + sizeof( xmlSecTransform ) ) )
 
 struct _xmlSecNssKeyTransportCtx {
-	CK_MECHANISM_TYPE		cipher ;
-	SECKEYPublicKey*		pubkey ;
-	SECKEYPrivateKey*		prikey ;
-	xmlSecKeyDataId			keyId ;
-	xmlSecBufferPtr			material ; /* to be encrypted/decrypted material */
+        CK_MECHANISM_TYPE               cipher ;
+        SECKEYPublicKey*                pubkey ;
+        SECKEYPrivateKey*               prikey ;
+        xmlSecKeyDataId                 keyId ;
+        xmlSecBufferPtr                 material ; /* to be encrypted/decrypted material */
 } ;
 
-static int 		xmlSecNssKeyTransportInitialize(xmlSecTransformPtr transform);
-static void 	xmlSecNssKeyTransportFinalize(xmlSecTransformPtr transform);
-static int  	xmlSecNssKeyTransportSetKeyReq(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecNssKeyTransportSetKey(xmlSecTransformPtr transform, 
-							 xmlSecKeyPtr key);
-static int  	xmlSecNssKeyTransportExecute(xmlSecTransformPtr transform, 
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssKeyTransportInitialize         (xmlSecTransformPtr transform);
+static void     xmlSecNssKeyTransportFinalize           (xmlSecTransformPtr transform);
+static int      xmlSecNssKeyTransportSetKeyReq          (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecNssKeyTransportSetKey             (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecNssKeyTransportExecute            (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 static int
 xmlSecNssKeyTransportCheckId(xmlSecTransformPtr transform) {
+
+#ifndef XMLSEC_NO_RSA
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaPkcs1Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_RSA */
+
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+   it doesn't implement the SHA1 OAEP PKCS we need
+
+   https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
 #ifndef XMLSEC_NO_RSA
-	if( xmlSecTransformCheckId( transform, xmlSecNssTransformRsaPkcs1Id ) 
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
-        || xmlSecTransformCheckId( transform, xmlSecNssTransformRsaOaepId ) 
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
-        
-        ) {
-
-		return(1);
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaOaepId)) {
+        return (1);
     }
 #endif /* XMLSEC_NO_RSA */
-    
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
+
+    /* not found */
     return(0);
 }
 
-static int 
+static int
 xmlSecNssKeyTransportInitialize(xmlSecTransformPtr transform) {
-	xmlSecNssKeyTransportCtxPtr context ;
+    xmlSecNssKeyTransportCtxPtr context ;
     xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
-    
-	context = xmlSecNssKeyTransportGetCtx( transform ) ;
-	xmlSecAssert2( context != NULL , -1 ) ;
+
+    context = xmlSecNssKeyTransportGetCtx( transform ) ;
+    xmlSecAssert2( context != NULL , -1 ) ;
+
+    /* initialize context */
+    memset(context, 0, sizeof(xmlSecNssKeyTransportCtx));
 
 #ifndef XMLSEC_NO_RSA
-	if( transform->id == xmlSecNssTransformRsaPkcs1Id ) {
-		context->cipher = CKM_RSA_PKCS ;
-		context->keyId = xmlSecNssKeyDataRsaId ;
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
-	} else if( transform->id == xmlSecNssTransformRsaOaepId ) {
-		context->cipher = CKM_RSA_PKCS_OAEP ;
-		context->keyId = xmlSecNssKeyDataRsaId ;
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
-	} else
-#endif		/* XMLSEC_NO_RSA */
-
-	if( 1 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL ,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-		    XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	context->pubkey = NULL ;
-	context->prikey = NULL ;
-	context->material = NULL ;
+    if(transform->id == xmlSecNssTransformRsaPkcs1Id) {
+        context->cipher = CKM_RSA_PKCS;
+        context->keyId = xmlSecNssKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_RSA */
+
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+   it doesn't implement the SHA1 OAEP PKCS we need
+
+   https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+#ifndef XMLSEC_NO_RSA
+    if(transform->id == xmlSecNssTransformRsaOaepId) {
+        context->cipher = CKM_RSA_PKCS_OAEP;
+        context->keyId = xmlSecNssKeyDataRsaId;
+    } else
+#endif /* XMLSEC_NO_RSA */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
+
+    /* not found */
+    {
+        xmlSecError(XMLSEC_ERRORS_HERE ,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL ,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                    XMLSEC_ERRORS_NO_MESSAGE ) ;
+        return(-1);
+    }
 
     return(0);
 }
 
-static void 
+static void
 xmlSecNssKeyTransportFinalize(xmlSecTransformPtr transform) {
-	xmlSecNssKeyTransportCtxPtr context ;
-    
+    xmlSecNssKeyTransportCtxPtr context ;
+
     xmlSecAssert(xmlSecNssKeyTransportCheckId(transform));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize));
-    
-	context = xmlSecNssKeyTransportGetCtx( transform ) ;
-	xmlSecAssert( context != NULL ) ;
-
-	if( context->pubkey != NULL ) {
-		SECKEY_DestroyPublicKey( context->pubkey ) ;
-		context->pubkey = NULL ;
-	}
-
-	if( context->prikey != NULL ) {
-		SECKEY_DestroyPrivateKey( context->prikey ) ;
-		context->prikey = NULL ;
-	}
-
-	if( context->material != NULL ) {
-		xmlSecBufferDestroy(context->material);
-		context->material = NULL ;
-	}
+
+    context = xmlSecNssKeyTransportGetCtx( transform ) ;
+    xmlSecAssert( context != NULL ) ;
+
+    if( context->pubkey != NULL ) {
+        SECKEY_DestroyPublicKey( context->pubkey ) ;
+        context->pubkey = NULL ;
+    }
+
+    if( context->prikey != NULL ) {
+        SECKEY_DestroyPrivateKey( context->prikey ) ;
+        context->prikey = NULL ;
+    }
+
+    if( context->material != NULL ) {
+        xmlSecBufferDestroy(context->material);
+        context->material = NULL ;
+    }
 }
 
-static int  
+static int
 xmlSecNssKeyTransportSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
-	xmlSecNssKeyTransportCtxPtr context ;
-    
+    xmlSecNssKeyTransportCtxPtr context ;
+
     xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(keyReq != NULL, -1);
-    
-	context = xmlSecNssKeyTransportGetCtx( transform ) ;
-	xmlSecAssert2( context != NULL , -1 ) ;
 
-    keyReq->keyId 	 = context->keyId;
+    context = xmlSecNssKeyTransportGetCtx( transform ) ;
+    xmlSecAssert2( context != NULL , -1 ) ;
+
+    keyReq->keyId        = context->keyId;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-		keyReq->keyUsage = xmlSecKeyUsageEncrypt;
-    	keyReq->keyType  = xmlSecKeyDataTypePublic;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyType  = xmlSecKeyDataTypePublic;
     } else {
-		keyReq->keyUsage = xmlSecKeyUsageDecrypt;
-    	keyReq->keyType  = xmlSecKeyDataTypePrivate;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyType  = xmlSecKeyDataTypePrivate;
     }
 
     return(0);
 }
 
-static int  	
+static int
 xmlSecNssKeyTransportSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
-	xmlSecNssKeyTransportCtxPtr context = NULL ;
-	xmlSecKeyDataPtr	keyData = NULL ;
-	SECKEYPublicKey*	pubkey = NULL ;
-	SECKEYPrivateKey*	prikey = NULL ;
+    xmlSecNssKeyTransportCtxPtr context = NULL ;
+    xmlSecKeyDataPtr        keyData = NULL ;
+    SECKEYPublicKey*        pubkey = NULL ;
+    SECKEYPrivateKey*       prikey = NULL ;
 
     xmlSecAssert2(xmlSecNssKeyTransportCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKeyTransportSize), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(key != NULL, -1);
 
-	context = xmlSecNssKeyTransportGetCtx( transform ) ;
-	if( (context == NULL) || (context->keyId == NULL) || (context->pubkey != NULL) ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-		    xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-		    "xmlSecNssKeyTransportGetCtx" ,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-		    XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-	xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ;
-
-	keyData = xmlSecKeyGetValue( key ) ;
-	if( keyData == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-		    xmlSecErrorsSafeString( xmlSecKeyGetName( key ) ) ,
-		    "xmlSecKeyGetValue" ,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-		    XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
+    context = xmlSecNssKeyTransportGetCtx( transform ) ;
+    if( (context == NULL) || (context->keyId == NULL) || (context->pubkey != NULL) ) {
+        xmlSecError( XMLSEC_ERRORS_HERE ,
+                    xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                    "xmlSecNssKeyTransportGetCtx" ,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                    XMLSEC_ERRORS_NO_MESSAGE ) ;
+        return(-1);
+    }
+    xmlSecAssert2( xmlSecKeyCheckId( key, context->keyId ), -1 ) ;
+
+    keyData = xmlSecKeyGetValue( key ) ;
+    if( keyData == NULL ) {
+        xmlSecError( XMLSEC_ERRORS_HERE ,
+                    xmlSecErrorsSafeString( xmlSecKeyGetName( key ) ) ,
+                    "xmlSecKeyGetValue" ,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                    XMLSEC_ERRORS_NO_MESSAGE ) ;
+        return(-1);
+    }
 
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-		if( ( pubkey = xmlSecNssPKIKeyDataGetPubKey( keyData ) ) == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-			    xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
-			    "xmlSecNssPKIKeyDataGetPubKey" ,
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			    XMLSEC_ERRORS_NO_MESSAGE ) ;
-			return(-1);    
-		}
-
-		context->pubkey = pubkey ;
-	} else {
-		if( ( prikey = xmlSecNssPKIKeyDataGetPrivKey( keyData ) ) == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-			    xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
-			    "xmlSecNssPKIKeyDataGetPrivKey" ,
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			    XMLSEC_ERRORS_NO_MESSAGE ) ;
-			return(-1);    
-		}
-
-		context->prikey = prikey ;
-	}
-
-	return(0) ;
+        if( ( pubkey = xmlSecNssPKIKeyDataGetPubKey( keyData ) ) == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                            xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
+                            "xmlSecNssPKIKeyDataGetPubKey" ,
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                            XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        context->pubkey = pubkey ;
+    } else {
+        if( ( prikey = xmlSecNssPKIKeyDataGetPrivKey( keyData ) ) == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                            xmlSecErrorsSafeString( xmlSecKeyDataGetName( keyData ) ) ,
+                            "xmlSecNssPKIKeyDataGetPrivKey" ,
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                            XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        context->prikey = prikey ;
+    }
+
+    return(0) ;
 }
 
-/**
- * key wrap transform
- */
-static int 
+static int
 xmlSecNssKeyTransportCtxInit(
-	xmlSecNssKeyTransportCtxPtr		ctx ,
-	xmlSecBufferPtr 			in ,
-	xmlSecBufferPtr 			out ,
-	int 						encrypt ,
-	xmlSecTransformCtxPtr 		transformCtx
+        xmlSecNssKeyTransportCtxPtr             ctx ,
+        xmlSecBufferPtr                         in ,
+        xmlSecBufferPtr                         out ,
+        int                                             encrypt ,
+        xmlSecTransformCtxPtr           transformCtx
 ) {
-	int			blockSize ;
-
-	xmlSecAssert2( ctx != NULL , -1 ) ;
-	xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
-	xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
-	xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
-	xmlSecAssert2( in != NULL , -1 ) ;
-	xmlSecAssert2( out != NULL , -1 ) ;
-	xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
-	if( ctx->material != NULL ) {
-		xmlSecBufferDestroy( ctx->material ) ;
-		ctx->material = NULL ;
-	}
-
-	if( ctx->pubkey != NULL ) {
-		blockSize = SECKEY_PublicKeyStrength( ctx->pubkey ) ;
-	} else if( ctx->prikey != NULL ) {
-		blockSize = PK11_SignatureLen( ctx->prikey ) ;
-	} else {
-		blockSize = -1 ;
-	}
-
-	if( blockSize < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			NULL ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	ctx->material = xmlSecBufferCreate( blockSize ) ;
-	if( ctx->material == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferCreate" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	/* read raw key material into context */
-	if( xmlSecBufferSetData( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferSetData" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferRemoveHead" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	return(0);
+        int                     blockSize ;
+
+        xmlSecAssert2( ctx != NULL , -1 ) ;
+        xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
+        xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
+        xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
+        xmlSecAssert2( in != NULL , -1 ) ;
+        xmlSecAssert2( out != NULL , -1 ) ;
+        xmlSecAssert2( transformCtx != NULL , -1 ) ;
+
+        if( ctx->material != NULL ) {
+                xmlSecBufferDestroy( ctx->material ) ;
+                ctx->material = NULL ;
+        }
+
+        if( ctx->pubkey != NULL ) {
+                blockSize = SECKEY_PublicKeyStrength( ctx->pubkey ) ;
+        } else if( ctx->prikey != NULL ) {
+                blockSize = PK11_SignatureLen( ctx->prikey ) ;
+        } else {
+                blockSize = -1 ;
+        }
+
+        if( blockSize < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        NULL ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        ctx->material = xmlSecBufferCreate( blockSize ) ;
+        if( ctx->material == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferCreate" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        /* read raw key material into context */
+        if( xmlSecBufferSetData( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferSetData" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferRemoveHead" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        return(0);
 }
 
-/**
- * key wrap transform update
- */
-static int 
+static int
 xmlSecNssKeyTransportCtxUpdate(
-	xmlSecNssKeyTransportCtxPtr		ctx ,
-	xmlSecBufferPtr 			in ,
-	xmlSecBufferPtr 			out ,
-	int 						encrypt ,
-	xmlSecTransformCtxPtr 		transformCtx
+        xmlSecNssKeyTransportCtxPtr             ctx ,
+        xmlSecBufferPtr                         in ,
+        xmlSecBufferPtr                         out ,
+        int                                             encrypt ,
+        xmlSecTransformCtxPtr           transformCtx
 ) {
-	xmlSecAssert2( ctx != NULL , -1 ) ;
-	xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
-	xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
-	xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
-	xmlSecAssert2( ctx->material != NULL , -1 ) ;
-	xmlSecAssert2( in != NULL , -1 ) ;
-	xmlSecAssert2( out != NULL , -1 ) ;
-	xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
-	/* read raw key material and append into context */
-	if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferAppend" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferRemoveHead" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	return(0);
+        xmlSecAssert2( ctx != NULL , -1 ) ;
+        xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
+        xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
+        xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
+        xmlSecAssert2( ctx->material != NULL , -1 ) ;
+        xmlSecAssert2( in != NULL , -1 ) ;
+        xmlSecAssert2( out != NULL , -1 ) ;
+        xmlSecAssert2( transformCtx != NULL , -1 ) ;
+
+        /* read raw key material and append into context */
+        if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferAppend" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferRemoveHead" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        return(0);
 }
 
-/**
- * Block cipher transform final
- */
-static int 
-xmlSecNssKeyTransportCtxFinal(xmlSecNssKeyTransportCtxPtr ctx,  xmlSecBufferPtr in,  xmlSecBufferPtr out, 
+static int
+xmlSecNssKeyTransportCtxFinal(xmlSecNssKeyTransportCtxPtr ctx,  xmlSecBufferPtr in,  xmlSecBufferPtr out,
                               int encrypt, xmlSecTransformCtxPtr transformCtx) {
-	PK11SymKey*			symKey ;
-	PK11SlotInfo*		slot ;
-	SECItem				oriskv ;
-	int			blockSize ;
-	xmlSecBufferPtr		result ;
-
-	xmlSecAssert2( ctx != NULL , -1 ) ;
-	xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
-	xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
-	xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
-	xmlSecAssert2( ctx->material != NULL , -1 ) ;
-	xmlSecAssert2( in != NULL , -1 ) ;
-	xmlSecAssert2( out != NULL , -1 ) ;
-	xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
-	/* read raw key material and append into context */
-	if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferAppend" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferRemoveHead" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	/* Now we get all of the key materail */
-	/* from now on we will wrap or unwrap the key */
-	if( ctx->pubkey != NULL ) {
-		blockSize = SECKEY_PublicKeyStrength( ctx->pubkey ) ;
-	} else if( ctx->prikey != NULL ) {
-		blockSize = PK11_SignatureLen( ctx->prikey ) ;
-	} else {
-		blockSize = -1 ;
-	}
-
-	if( blockSize < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"PK11_GetBlockSize" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	result = xmlSecBufferCreate( blockSize * 2 ) ;
-	if( result == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL,
-			"xmlSecBufferCreate" ,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE) ;
-		return(-1);    
-	}
-
-	oriskv.type = siBuffer ;
-	oriskv.data = xmlSecBufferGetData( ctx->material ) ;
-	oriskv.len = xmlSecBufferGetSize( ctx->material ) ;
-
-	if( encrypt != 0 ) {
-		CK_OBJECT_HANDLE 	id ;
-		SECItem				wrpskv ;
-
-		/* Create template symmetric key from material */
-        slot = ctx->pubkey->pkcs11Slot;
-		if( slot == NULL ) {
-			slot = PK11_GetBestSlot( ctx->cipher, NULL ) ;
-			if( slot == NULL ) {
-				xmlSecError( XMLSEC_ERRORS_HERE ,
-					NULL ,
-					"xmlSecNssSlotGet" ,
-					XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-					XMLSEC_ERRORS_NO_MESSAGE ) ;
-				xmlSecBufferDestroy(result);
-				return(-1);    
-			}
-
-			id = PK11_ImportPublicKey( slot, ctx->pubkey, PR_FALSE ) ;
-			if( id == CK_INVALID_HANDLE ) {
-				xmlSecError( XMLSEC_ERRORS_HERE ,
-					NULL ,
-					"PK11_ImportPublicKey" ,
-					XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-					XMLSEC_ERRORS_NO_MESSAGE ) ;
-				xmlSecBufferDestroy(result);
-				PK11_FreeSlot( slot ) ;
-				return(-1);    
-			}
-		}
-
-		/* pay attention to mechanism */
-		symKey = PK11_ImportSymKey( slot, ctx->cipher, PK11_OriginUnwrap, CKA_WRAP, &oriskv, NULL ) ;
-		if( symKey == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_ImportSymKey" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			xmlSecBufferDestroy(result);
-			PK11_FreeSlot( slot ) ;
-			return(-1);    
-		}
-
-		wrpskv.type = siBuffer ;
-		wrpskv.data = xmlSecBufferGetData( result ) ;
-		wrpskv.len = xmlSecBufferGetMaxSize( result ) ;
-
-		if( PK11_PubWrapSymKey( ctx->cipher, ctx->pubkey, symKey, &wrpskv ) != SECSuccess ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_PubWrapSymKey" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			PK11_FreeSymKey( symKey ) ;
-			xmlSecBufferDestroy(result);
-			PK11_FreeSlot( slot ) ;
-			return(-1);    
-		}
-
-		if( xmlSecBufferSetSize( result , wrpskv.len ) < 0 ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"xmlSecBufferSetSize" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			PK11_FreeSymKey( symKey ) ;
-			xmlSecBufferDestroy(result);
-			PK11_FreeSlot( slot ) ;
-			return(-1);    
-		}
-		PK11_FreeSymKey( symKey ) ;
-		PK11_FreeSlot( slot ) ;
-	} else {
-		SECItem*			keyItem ;
-
-		/* pay attention to mechanism */
-        symKey = PK11_PubUnwrapSymKey( ctx->prikey, &oriskv, ctx->cipher, CKA_UNWRAP, 0 );
-		if( symKey == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_PubUnwrapSymKey" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			xmlSecBufferDestroy(result);
-			return(-1);    
-		}
-
-		/* Extract raw data from symmetric key */
-		if( PK11_ExtractKeyValue( symKey ) != SECSuccess ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_ExtractKeyValue" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			PK11_FreeSymKey( symKey ) ;
-			xmlSecBufferDestroy(result);
-			return(-1);    
-		}
-
-        keyItem = PK11_GetKeyData( symKey );
-		if( keyItem == NULL ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_GetKeyData" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			PK11_FreeSymKey( symKey ) ;
-			xmlSecBufferDestroy(result);
-			return(-1);    
-		}
-
-		if( xmlSecBufferSetData( result, keyItem->data, keyItem->len ) < 0 ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				"PK11_PubUnwrapSymKey" ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				XMLSEC_ERRORS_NO_MESSAGE ) ;
-			PK11_FreeSymKey( symKey ) ;
-			xmlSecBufferDestroy(result);
-			return(-1);    
-		}
-		PK11_FreeSymKey( symKey ) ;
-	}
-
-	/* Write output */
-	if( xmlSecBufferAppend( out, xmlSecBufferGetData(result), xmlSecBufferGetSize(result) ) < 0 ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-			NULL ,
-			"xmlSecBufferAppend" ,
-			XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-			XMLSEC_ERRORS_NO_MESSAGE ) ;
-		xmlSecBufferDestroy(result);
-		return(-1);    
-	}
-	xmlSecBufferDestroy(result);
-
-	return(0);
+        PK11SymKey*                     symKey ;
+        PK11SlotInfo*           slot ;
+        SECItem                         oriskv ;
+        int                     blockSize ;
+        xmlSecBufferPtr         result ;
+
+        xmlSecAssert2( ctx != NULL , -1 ) ;
+        xmlSecAssert2( ctx->cipher != CKM_INVALID_MECHANISM , -1 ) ;
+        xmlSecAssert2( ( ctx->pubkey != NULL && encrypt ) || ( ctx->prikey != NULL && !encrypt ), -1 ) ;
+        xmlSecAssert2( ctx->keyId != NULL , -1 ) ;
+        xmlSecAssert2( ctx->material != NULL , -1 ) ;
+        xmlSecAssert2( in != NULL , -1 ) ;
+        xmlSecAssert2( out != NULL , -1 ) ;
+        xmlSecAssert2( transformCtx != NULL , -1 ) ;
+
+        /* read raw key material and append into context */
+        if( xmlSecBufferAppend( ctx->material, xmlSecBufferGetData(in), xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferAppend" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        if( xmlSecBufferRemoveHead( in , xmlSecBufferGetSize(in) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferRemoveHead" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        /* Now we get all of the key materail */
+        /* from now on we will wrap or unwrap the key */
+        if( ctx->pubkey != NULL ) {
+                blockSize = SECKEY_PublicKeyStrength( ctx->pubkey ) ;
+        } else if( ctx->prikey != NULL ) {
+                blockSize = PK11_SignatureLen( ctx->prikey ) ;
+        } else {
+                blockSize = -1 ;
+        }
+
+        if( blockSize < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "PK11_GetBlockSize" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        result = xmlSecBufferCreate( blockSize * 2 ) ;
+        if( result == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL,
+                        "xmlSecBufferCreate" ,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE) ;
+                return(-1);
+        }
+
+        oriskv.type = siBuffer ;
+        oriskv.data = xmlSecBufferGetData( ctx->material ) ;
+        oriskv.len = xmlSecBufferGetSize( ctx->material ) ;
+
+        if( encrypt != 0 ) {
+                CK_OBJECT_HANDLE        id ;
+                SECItem                         wrpskv ;
+
+                /* Create template symmetric key from material */
+                slot = ctx->pubkey->pkcs11Slot;
+                if( slot == NULL ) {
+                        slot = PK11_GetBestSlot( ctx->cipher, NULL ) ;
+                        if( slot == NULL ) {
+                                xmlSecError( XMLSEC_ERRORS_HERE ,
+                                        NULL ,
+                                        "xmlSecNssSlotGet" ,
+                                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                                xmlSecBufferDestroy(result);
+                                return(-1);
+                        }
+
+                        id = PK11_ImportPublicKey( slot, ctx->pubkey, PR_FALSE ) ;
+                        if( id == CK_INVALID_HANDLE ) {
+                                xmlSecError( XMLSEC_ERRORS_HERE ,
+                                        NULL ,
+                                        "PK11_ImportPublicKey" ,
+                                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                                xmlSecBufferDestroy(result);
+                                PK11_FreeSlot( slot ) ;
+                                return(-1);
+                        }
+                }
+
+                /* pay attention to mechanism */
+                symKey = PK11_ImportSymKey( slot, ctx->cipher, PK11_OriginUnwrap, CKA_WRAP, &oriskv, NULL ) ;
+                if( symKey == NULL ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_ImportSymKey" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        xmlSecBufferDestroy(result);
+                        PK11_FreeSlot( slot ) ;
+                        return(-1);
+                }
+
+                wrpskv.type = siBuffer ;
+                wrpskv.data = xmlSecBufferGetData( result ) ;
+                wrpskv.len = xmlSecBufferGetMaxSize( result ) ;
+
+                if( PK11_PubWrapSymKey( ctx->cipher, ctx->pubkey, symKey, &wrpskv ) != SECSuccess ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_PubWrapSymKey" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        PK11_FreeSymKey( symKey ) ;
+                        xmlSecBufferDestroy(result);
+                        PK11_FreeSlot( slot ) ;
+                        return(-1);
+                }
+
+                if( xmlSecBufferSetSize( result , wrpskv.len ) < 0 ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "xmlSecBufferSetSize" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        PK11_FreeSymKey( symKey ) ;
+                        xmlSecBufferDestroy(result);
+                        PK11_FreeSlot( slot ) ;
+                        return(-1);
+                }
+                PK11_FreeSymKey( symKey ) ;
+                PK11_FreeSlot( slot ) ;
+        } else {
+                SECItem*                        keyItem ;
+
+                /* pay attention to mechanism */
+                symKey = PK11_PubUnwrapSymKey( ctx->prikey, &oriskv, ctx->cipher, CKA_UNWRAP, 0 );
+                if( symKey == NULL ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_PubUnwrapSymKey" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        xmlSecBufferDestroy(result);
+                        return(-1);
+                }
+
+                /* Extract raw data from symmetric key */
+                if( PK11_ExtractKeyValue( symKey ) != SECSuccess ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_ExtractKeyValue" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        PK11_FreeSymKey( symKey ) ;
+                        xmlSecBufferDestroy(result);
+                        return(-1);
+                }
+
+                keyItem = PK11_GetKeyData( symKey );
+                if( keyItem == NULL ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_GetKeyData" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        PK11_FreeSymKey( symKey ) ;
+                        xmlSecBufferDestroy(result);
+                        return(-1);
+                }
+
+                if( xmlSecBufferSetData( result, keyItem->data, keyItem->len ) < 0 ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                "PK11_PubUnwrapSymKey" ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                XMLSEC_ERRORS_NO_MESSAGE ) ;
+                        PK11_FreeSymKey( symKey ) ;
+                        xmlSecBufferDestroy(result);
+                        return(-1);
+                }
+                PK11_FreeSymKey( symKey ) ;
+        }
+
+        /* Write output */
+        if( xmlSecBufferAppend( out, xmlSecBufferGetData(result), xmlSecBufferGetSize(result) ) < 0 ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        NULL ,
+                        "xmlSecBufferAppend" ,
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                xmlSecBufferDestroy(result);
+                return(-1);
+        }
+        xmlSecBufferDestroy(result);
+
+        return(0);
 }
 
-static int 
+static int
 xmlSecNssKeyTransportExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-	xmlSecNssKeyTransportCtxPtr 	context = NULL ;
-	xmlSecBufferPtr			inBuf, outBuf ; 
-	int						operation ;
-	int						rtv ;
-
-	xmlSecAssert2( xmlSecNssKeyTransportCheckId( transform ), -1 ) ;
-	xmlSecAssert2( xmlSecTransformCheckSize( transform, xmlSecNssKeyTransportSize ), -1 ) ;
-    xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ;
-	xmlSecAssert2( transformCtx != NULL , -1 ) ;
-
-	context = xmlSecNssKeyTransportGetCtx( transform ) ;
-	if( context == NULL ) {
-		xmlSecError( XMLSEC_ERRORS_HERE ,
-		    xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-		    "xmlSecNssKeyTransportGetCtx" ,
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-		    XMLSEC_ERRORS_NO_MESSAGE ) ;
-		return(-1);    
-	}
-
-	inBuf = &( transform->inBuf ) ;
-	outBuf = &( transform->outBuf ) ;
-
-	if( transform->status == xmlSecTransformStatusNone ) {
-		transform->status = xmlSecTransformStatusWorking ;
-	}
-
-	operation = ( transform->operation == xmlSecTransformOperationEncrypt ) ? 1 : 0 ;
-	if( transform->status == xmlSecTransformStatusWorking ) {
-		if( context->material == NULL ) {
-			rtv = xmlSecNssKeyTransportCtxInit( context, inBuf , outBuf , operation , transformCtx ) ;
-			if( rtv < 0 ) {
-				xmlSecError( XMLSEC_ERRORS_HERE , 
-					xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-					"xmlSecNssKeyTransportCtxInit" ,
-					XMLSEC_ERRORS_R_INVALID_STATUS ,
-					XMLSEC_ERRORS_NO_MESSAGE ) ;
-				return(-1);
-			}
-		}
-
-		if( (context->material == NULL) && (last != 0) ) {
-			xmlSecError( XMLSEC_ERRORS_HERE , 
-				xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-				NULL ,
-				XMLSEC_ERRORS_R_INVALID_STATUS ,
-				"No enough data to intialize transform" ) ;
-			return(-1);
-		}
-
-		if( context->material != NULL ) {
-			rtv = xmlSecNssKeyTransportCtxUpdate( context, inBuf , outBuf , operation , transformCtx ) ;
-			if( rtv < 0 ) {
-				xmlSecError( XMLSEC_ERRORS_HERE , 
-					xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-					"xmlSecNssKeyTransportCtxUpdate" ,
-					XMLSEC_ERRORS_R_INVALID_STATUS ,
-					XMLSEC_ERRORS_NO_MESSAGE ) ;
-				return(-1);
-			}
-		}
-		
-		if( last ) {
-			rtv = xmlSecNssKeyTransportCtxFinal( context, inBuf , outBuf , operation , transformCtx ) ;
-			if( rtv < 0 ) {
-				xmlSecError( XMLSEC_ERRORS_HERE , 
-					xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-					"xmlSecNssKeyTransportCtxFinal" ,
-					XMLSEC_ERRORS_R_INVALID_STATUS ,
-					XMLSEC_ERRORS_NO_MESSAGE ) ;
-				return(-1);
-			}
-			transform->status = xmlSecTransformStatusFinished ;
-		}
-	} else if( transform->status == xmlSecTransformStatusFinished ) {
-		if( xmlSecBufferGetSize( inBuf ) != 0 ) {
-			xmlSecError( XMLSEC_ERRORS_HERE , 
-				xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-				NULL ,
-				XMLSEC_ERRORS_R_INVALID_STATUS ,
-				"status=%d", transform->status ) ;
-			return(-1);
-		}
-	} else {
-		xmlSecError( XMLSEC_ERRORS_HERE , 
-			xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
-			NULL ,
-			XMLSEC_ERRORS_R_INVALID_STATUS ,
-			"status=%d", transform->status ) ;
-		return(-1);
-	}
-
-	return(0);
+        xmlSecNssKeyTransportCtxPtr     context = NULL ;
+        xmlSecBufferPtr                 inBuf, outBuf ;
+        int                                             operation ;
+        int                                             rtv ;
+
+        xmlSecAssert2( xmlSecNssKeyTransportCheckId( transform ), -1 ) ;
+        xmlSecAssert2( xmlSecTransformCheckSize( transform, xmlSecNssKeyTransportSize ), -1 ) ;
+        xmlSecAssert2( ( transform->operation == xmlSecTransformOperationEncrypt ) || ( transform->operation == xmlSecTransformOperationDecrypt ), -1 ) ;
+        xmlSecAssert2( transformCtx != NULL , -1 ) ;
+
+        context = xmlSecNssKeyTransportGetCtx( transform ) ;
+        if( context == NULL ) {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                    xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                    "xmlSecNssKeyTransportGetCtx" ,
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                    XMLSEC_ERRORS_NO_MESSAGE ) ;
+                return(-1);
+        }
+
+        inBuf = &( transform->inBuf ) ;
+        outBuf = &( transform->outBuf ) ;
+
+        if( transform->status == xmlSecTransformStatusNone ) {
+                transform->status = xmlSecTransformStatusWorking ;
+        }
+
+        operation = ( transform->operation == xmlSecTransformOperationEncrypt ) ? 1 : 0 ;
+        if( transform->status == xmlSecTransformStatusWorking ) {
+                if( context->material == NULL ) {
+                        rtv = xmlSecNssKeyTransportCtxInit( context, inBuf , outBuf , operation , transformCtx ) ;
+                        if( rtv < 0 ) {
+                                xmlSecError( XMLSEC_ERRORS_HERE ,
+                                        xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                                        "xmlSecNssKeyTransportCtxInit" ,
+                                        XMLSEC_ERRORS_R_INVALID_STATUS ,
+                                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                                return(-1);
+                        }
+                }
+
+                if( (context->material == NULL) && (last != 0) ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                                NULL ,
+                                XMLSEC_ERRORS_R_INVALID_STATUS ,
+                                "No enough data to intialize transform" ) ;
+                        return(-1);
+                }
+
+                if( context->material != NULL ) {
+                        rtv = xmlSecNssKeyTransportCtxUpdate( context, inBuf , outBuf , operation , transformCtx ) ;
+                        if( rtv < 0 ) {
+                                xmlSecError( XMLSEC_ERRORS_HERE ,
+                                        xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                                        "xmlSecNssKeyTransportCtxUpdate" ,
+                                        XMLSEC_ERRORS_R_INVALID_STATUS ,
+                                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                                return(-1);
+                        }
+                }
+
+                if( last ) {
+                        rtv = xmlSecNssKeyTransportCtxFinal( context, inBuf , outBuf , operation , transformCtx ) ;
+                        if( rtv < 0 ) {
+                                xmlSecError( XMLSEC_ERRORS_HERE ,
+                                        xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                                        "xmlSecNssKeyTransportCtxFinal" ,
+                                        XMLSEC_ERRORS_R_INVALID_STATUS ,
+                                        XMLSEC_ERRORS_NO_MESSAGE ) ;
+                                return(-1);
+                        }
+                        transform->status = xmlSecTransformStatusFinished ;
+                }
+        } else if( transform->status == xmlSecTransformStatusFinished ) {
+                if( xmlSecBufferGetSize( inBuf ) != 0 ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                                NULL ,
+                                XMLSEC_ERRORS_R_INVALID_STATUS ,
+                                "status=%d", transform->status ) ;
+                        return(-1);
+                }
+        } else {
+                xmlSecError( XMLSEC_ERRORS_HERE ,
+                        xmlSecErrorsSafeString( xmlSecTransformGetName( transform ) ) ,
+                        NULL ,
+                        XMLSEC_ERRORS_R_INVALID_STATUS ,
+                        "status=%d", transform->status ) ;
+                return(-1);
+        }
+
+        return(0);
 }
 
 
 #ifndef XMLSEC_NO_RSA
-
 static xmlSecTransformKlass xmlSecNssRsaPkcs1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKeyTransportSize,				/* xmlSecSize objSize */
-
-    xmlSecNameRsaPkcs1,				/* const xmlChar* name; */
-    xmlSecHrefRsaPkcs1,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKeyTransportInitialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKeyTransportFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKeyTransportSetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKeyTransportSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKeyTransportExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKeyTransportSize,                  /* xmlSecSize objSize */
+
+    xmlSecNameRsaPkcs1,                         /* const xmlChar* name; */
+    xmlSecHrefRsaPkcs1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKeyTransportInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKeyTransportFinalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKeyTransportSetKeyReq,             /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKeyTransportSetKey,                /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKeyTransportExecute,               /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformRsaPkcs1GetKlass:
  *
  * The RSA-PKCS1 key transport transform klass.
  *
  * Returns: RSA-PKCS1 key transport transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformRsaPkcs1GetKlass(void) {
     return(&xmlSecNssRsaPkcs1Klass);
 }
+#endif /* XMLSEC_NO_RSA */
 
+/* aleksey, April 2010: NSS 3.12.6 has CKM_RSA_PKCS_OAEP algorithm but
+   it doesn't implement the SHA1 OAEP PKCS we need
 
-/* RSA OAEP is not supported by NSS yet */
-#ifdef TODO
-
+   https://bugzilla.mozilla.org/show_bug.cgi?id=158747
+*/
+#ifdef XMLSEC_NSS_RSA_OAEP_TODO
+#ifndef XMLSEC_NO_RSA
 static xmlSecTransformKlass xmlSecNssRsaOaepKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKeyTransportSize,				/* xmlSecSize objSize */
-
-    xmlSecNameRsaOaep,				/* const xmlChar* name; */
-    xmlSecHrefRsaOaep,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKeyTransportInitialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKeyTransportFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKeyTransportSetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKeyTransportSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKeyTransportExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKeyTransportSize,                  /* xmlSecSize objSize */
+
+    xmlSecNameRsaOaep,                          /* const xmlChar* name; */
+    xmlSecHrefRsaOaep,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKeyTransportInitialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKeyTransportFinalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKeyTransportSetKeyReq,             /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKeyTransportSetKey,                /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKeyTransportExecute,               /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformRsaOaepGetKlass:
  *
  * The RSA-PKCS1 key transport transform klass.
  *
  * Returns: RSA-PKCS1 key transport transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformRsaOaepGetKlass(void) {
     return(&xmlSecNssRsaOaepKlass);
 }
-#endif /* TODO: RSA OAEP is not supported by NSS yet */
-
 #endif /* XMLSEC_NO_RSA */
+#endif /* XMLSEC_NSS_RSA_OAEP_TODO */
 
diff --git a/src/nss/kw_aes.c b/src/nss/kw_aes.c
index 0c3a5708..0438e306 100644
--- a/src/nss/kw_aes.c
+++ b/src/nss/kw_aes.c
@@ -1,13 +1,14 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * AES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
+ * Copyright (C) 2010 Aleksey Sanin, All rights reserved.
  */
 #ifndef XMLSEC_NO_AES
 
@@ -28,271 +29,328 @@
 
 #include <xmlsec/nss/crypto.h>
 
-#define XMLSEC_NSS_AES128_KEY_SIZE		16
-#define XMLSEC_NSS_AES192_KEY_SIZE		24
-#define XMLSEC_NSS_AES256_KEY_SIZE		32
-#define XMLSEC_NSS_AES_IV_SIZE			16
-#define XMLSEC_NSS_AES_BLOCK_SIZE		16
-
-#ifndef NSS_AES_KEYWRAP_BUG_FIXED
-static PK11SymKey*	xmlSecNssMakeAesKey(const xmlSecByte *key, 
-				    	    xmlSecSize keySize, int enc);
-static void     	xmlSecNssAesOp(PK11SymKey *aeskey, 
-				       const xmlSecByte *in, xmlSecByte *out,
-				       int enc);
-#endif /* NSS_AES_KEYWRAP_BUG_FIXED */
+#include "../kw_aes_des.h"
 
-/*********************************************************************
+/*
+ * NSS needs to implement AES KW internally and then the code
+ * needs to change to use the direct implementation instead.
  *
- * AES KW transforms
+ * Follow the NSS bug system for more details on the fix
+ * http://bugzilla.mozilla.org/show_bug.cgi?id=213795
+ */
+/*********************************************************************
  *
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * AES KW implementation
  *
- ********************************************************************/
-#define xmlSecNssKWAesGetKey(transform) \
-    ((xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecNssKWAesSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
-
-static int 		xmlSecNssKWAesInitialize	(xmlSecTransformPtr transform);
-static void 		xmlSecNssKWAesFinalize		(xmlSecTransformPtr transform);
-static int  		xmlSecNssKWAesSetKeyReq		(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int  		xmlSecNssKWAesSetKey		(xmlSecTransformPtr transform, 
-							 xmlSecKeyPtr key);
-static int  		xmlSecNssKWAesExecute		(xmlSecTransformPtr transform, 
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static xmlSecSize  	xmlSecNssKWAesGetKeySize	(xmlSecTransformPtr transform);
-static int  		xmlSecNssKWAesOp		(const xmlSecByte *key,
-							 xmlSecSize keySize,
-							 const xmlSecByte* in,
-							 xmlSecSize inSize,
-							 xmlSecByte* out,
-							 xmlSecSize outSize,
-							 int enc);
-
-static xmlSecTransformKlass xmlSecNssKWAes128Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKWAesSize,				/* xmlSecSize objSize */
-
-    xmlSecNameKWAes128,				/* const xmlChar* name; */
-    xmlSecHrefKWAes128,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKWAesInitialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKWAesSetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+ *********************************************************************/
+static int        xmlSecNSSKWAesBlockEncrypt                (const xmlSecByte * in, 
+                                                             xmlSecSize inSize,
+                                                             xmlSecByte * out, 
+                                                             xmlSecSize outSize,
+                                                             void * context);
+static int        xmlSecNSSKWAesBlockDecrypt                (const xmlSecByte * in, 
+                                                             xmlSecSize inSize,
+                                                             xmlSecByte * out, 
+                                                             xmlSecSize outSize,
+                                                             void * context);
+static xmlSecKWAesKlass xmlSecNssKWAesKlass = {
+    /* callbacks */
+    xmlSecNSSKWAesBlockEncrypt,         /* xmlSecKWAesBlockEncryptMethod       encrypt; */
+    xmlSecNSSKWAesBlockDecrypt,         /* xmlSecKWAesBlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                               /* void*                               reserved0; */
+    NULL                                /* void*                               reserved1; */
 };
 
-static xmlSecTransformKlass xmlSecNssKWAes192Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKWAesSize,				/* xmlSecSize objSize */
-
-    xmlSecNameKWAes192,				/* const xmlChar* name; */
-    xmlSecHrefKWAes192,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKWAesInitialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKWAesSetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-static xmlSecTransformKlass xmlSecNssKWAes256Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKWAesSize,				/* xmlSecSize objSize */
-
-    xmlSecNameKWAes256,				/* const xmlChar* name; */
-    xmlSecHrefKWAes256,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKWAesInitialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKWAesSetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-#define XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE		8
+
+static PK11SymKey*      xmlSecNssMakeAesKey                     (const xmlSecByte *key,
+                                                                 xmlSecSize keySize,
+                                                                 int enc);
+static int              xmlSecNssAesOp                          (PK11SymKey *aeskey,
+                                                                 const xmlSecByte *in,
+                                                                 xmlSecByte *out,
+                                                                 int enc);
+
+
+/*********************************************************************
+ *
+ * AES KW transforms
+ *
+ ********************************************************************/
+typedef struct _xmlSecNssKWAesCtx                       xmlSecNssKWAesCtx,
+                                                        *xmlSecNssKWAesCtxPtr;
+struct _xmlSecNssKWAesCtx {
+    xmlSecBuffer        keyBuffer;
+    xmlSecSize          keyExpectedSize;
+};
+#define xmlSecNssKWAesSize     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecNssKWAesCtx))
+#define xmlSecNssKWAesGetCtx(transform) \
+    ((xmlSecNssKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
 #define xmlSecNssKWAesCheckId(transform) \
     (xmlSecTransformCheckId((transform), xmlSecNssTransformKWAes128Id) || \
      xmlSecTransformCheckId((transform), xmlSecNssTransformKWAes192Id) || \
      xmlSecTransformCheckId((transform), xmlSecNssTransformKWAes256Id))
 
-/** 
+
+static int              xmlSecNssKWAesInitialize        (xmlSecTransformPtr transform);
+static void             xmlSecNssKWAesFinalize          (xmlSecTransformPtr transform);
+static int              xmlSecNssKWAesSetKeyReq         (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int              xmlSecNssKWAesSetKey            (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int              xmlSecNssKWAesExecute           (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+
+static xmlSecTransformKlass xmlSecNssKWAes128Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKWAesSize,                         /* xmlSecSize objSize */
+
+    xmlSecNameKWAes128,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes128,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKWAesInitialize,                   /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKWAesFinalize,                     /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKWAesSetKeyReq,                    /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKWAesSetKey,                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKWAesExecute,                      /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
  * xmlSecNssTransformKWAes128GetKlass:
  *
  * The AES-128 key wrapper transform klass.
  *
  * Returns: AES-128 key wrapper transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformKWAes128GetKlass(void) {
     return(&xmlSecNssKWAes128Klass);
 }
 
-/** 
+static xmlSecTransformKlass xmlSecNssKWAes192Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKWAesSize,                         /* xmlSecSize objSize */
+
+    xmlSecNameKWAes192,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes192,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKWAesInitialize,                   /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKWAesFinalize,                     /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKWAesSetKeyReq,                    /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKWAesSetKey,                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKWAesExecute,                      /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
  * xmlSecNssTransformKWAes192GetKlass:
  *
  * The AES-192 key wrapper transform klass.
  *
  * Returns: AES-192 key wrapper transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformKWAes192GetKlass(void) {
     return(&xmlSecNssKWAes192Klass);
 }
 
-/** 
+static xmlSecTransformKlass xmlSecNssKWAes256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKWAesSize,                         /* xmlSecSize objSize */
+
+    xmlSecNameKWAes256,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes256,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKWAesInitialize,                   /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKWAesFinalize,                     /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKWAesSetKeyReq,                    /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKWAesSetKey,                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKWAesExecute,                      /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
  * xmlSecNssTransformKWAes256GetKlass:
  *
  * The AES-256 key wrapper transform klass.
  *
  * Returns: AES-256 key wrapper transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformKWAes256GetKlass(void) {
     return(&xmlSecNssKWAes256Klass);
 }
 
-static int 
+static int
 xmlSecNssKWAesInitialize(xmlSecTransformPtr transform) {
+    xmlSecNssKWAesCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
-    
-    ret = xmlSecBufferInitialize(xmlSecNssKWAesGetKey(transform), 0);
+
+    ctx = xmlSecNssKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes128Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes192Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     return(0);
 }
 
-static void 
+static void
 xmlSecNssKWAesFinalize(xmlSecTransformPtr transform) {
+    xmlSecNssKWAesCtxPtr ctx;
+
     xmlSecAssert(xmlSecNssKWAesCheckId(transform));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize));
-    
-    if(xmlSecNssKWAesGetKey(transform) != NULL) {
-	xmlSecBufferFinalize(xmlSecNssKWAesGetKey(transform));
-    }
+
+    ctx = xmlSecNssKWAesGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
 }
 
-static int  
+static int
 xmlSecNssKWAesSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecNssKWAesCtxPtr ctx;
+
     xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
     xmlSecAssert2(keyReq != NULL, -1);
 
-    keyReq->keyId 	 = xmlSecNssKeyDataAesId;
+    ctx = xmlSecNssKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId        = xmlSecNssKeyDataAesId;
     keyReq->keyType  = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
-    keyReq->keyBitsSize = 8 * xmlSecNssKWAesGetKeySize(transform);
-    
+    keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
+
     return(0);
 }
 
-static int  	
+static int
 xmlSecNssKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecNssKWAesCtxPtr ctx;
     xmlSecBufferPtr buffer;
     xmlSecSize keySize;
-    xmlSecSize expectedKeySize;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
-    xmlSecAssert2(xmlSecNssKWAesGetKey(transform) != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataAesId), -1);
-    
+
+    ctx = xmlSecNssKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
     xmlSecAssert2(buffer != NULL, -1);
 
     keySize = xmlSecBufferGetSize(buffer);
-    expectedKeySize = xmlSecNssKWAesGetKeySize(transform);
-    if(keySize < expectedKeySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key=%d;expected=%d",
-		    keySize, expectedKeySize);
-	return(-1);
+    if(keySize < ctx->keyExpectedSize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key=%d;expected=%d",
+                    keySize, ctx->keyExpectedSize);
+        return(-1);
     }
-        
-    ret = xmlSecBufferSetData(xmlSecNssKWAesGetKey(transform),
-			    xmlSecBufferGetData(buffer), 
-			    expectedKeySize);
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer),
+                              xmlSecBufferGetData(buffer),
+                              ctx->keyExpectedSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "expected-size=%d", expectedKeySize);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "expected-size=%d",
+                    ctx->keyExpectedSize);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecNssKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecBufferPtr in, out, key;
-    xmlSecSize inSize, outSize, keySize, expectedKeySize;
+    xmlSecNssKWAesCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize, keySize;
     int ret;
 
     xmlSecAssert2(xmlSecNssKWAesCheckId(transform), -1);
@@ -300,317 +358,205 @@ xmlSecNssKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtx
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWAesSize), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    key = xmlSecNssKWAesGetKey(transform);
-    xmlSecAssert2(key != NULL, -1);
+    ctx = xmlSecNssKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
 
-    keySize = xmlSecBufferGetSize(key);
-    expectedKeySize = xmlSecNssKWAesGetKeySize(transform);
-    xmlSecAssert2(keySize == expectedKeySize, -1);
-    
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	if((inSize % 8) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_SIZE,
-			"size=%d(not 8 bytes aligned)", inSize);
-	    return(-1);
-	}	
-	
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
-	    outSize = inSize + XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE + 
-			       XMLSEC_NSS_AES_BLOCK_SIZE;
-	} else {
-	    outSize = inSize + XMLSEC_NSS_AES_BLOCK_SIZE;
-	}
-
-	ret = xmlSecBufferSetMaxSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"outSize=%d", outSize);
-	    return(-1);
-	}
-
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    ret = xmlSecNssKWAesOp(xmlSecBufferGetData(key), keySize,
-				   xmlSecBufferGetData(in), inSize,
-				   xmlSecBufferGetData(out), outSize, 1);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssKWAesOp",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    outSize = ret;
-	} else {
-	    ret = xmlSecNssKWAesOp(xmlSecBufferGetData(key), keySize,
-				   xmlSecBufferGetData(in), inSize,
-				   xmlSecBufferGetData(out), outSize, 0);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssKWAesOp",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    outSize = ret;
-	}
-
-	ret = xmlSecBufferSetSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetSize", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"outSize=%d", outSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"inSize%d", inSize);
-	    return(-1);
-	}
-	
-	transform->status = xmlSecTransformStatusFinished;
+        if((inSize % 8) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "size=%d(not 8 bytes aligned)", inSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
+            outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
+                               XMLSEC_KW_AES_BLOCK_SIZE;
+        } else {
+            outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            PK11SymKey *aeskey = NULL;
+
+            /* create key */
+            aeskey = xmlSecNssMakeAesKey(xmlSecBufferGetData(&(ctx->keyBuffer)), keySize, 1); /* encrypt */
+            if(aeskey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssMakeAesKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+
+            /* encrypt */
+            ret = xmlSecKWAesEncode(&xmlSecNssKWAesKlass, aeskey,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                PK11_FreeSymKey(aeskey);
+                return(-1);
+            }
+
+            outSize = ret;
+            PK11_FreeSymKey(aeskey);
+        } else {
+            PK11SymKey *aeskey = NULL;
+
+            /* create key */
+            aeskey = xmlSecNssMakeAesKey(xmlSecBufferGetData(&(ctx->keyBuffer)), keySize, 0); /* decrypt */
+            if(aeskey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssMakeAesKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* decrypt */
+            ret = xmlSecKWAesDecode(&xmlSecNssKWAesKlass, aeskey,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesDecode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                PK11_FreeSymKey(aeskey);
+                return(-1);
+            }
+
+            outSize = ret;
+            PK11_FreeSymKey(aeskey);
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "inSize%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
-    }
-    return(0);
-}
-
-static xmlSecSize  
-xmlSecNssKWAesGetKeySize(xmlSecTransformPtr transform) {
-    if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes128Id)) {
-	return(XMLSEC_NSS_AES128_KEY_SIZE);
-    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes192Id)) {
-	return(XMLSEC_NSS_AES192_KEY_SIZE);
-    } else if(xmlSecTransformCheckId(transform, xmlSecNssTransformKWAes256Id)) {
-	return(XMLSEC_NSS_AES256_KEY_SIZE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
-/**
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap:
- *
- * Assume that the data to be wrapped consists of N 64-bit data blocks 
- * denoted P(1), P(2), P(3) ... P(N). The result of wrapping will be N+1 
- * 64-bit blocks denoted C(0), C(1), C(2), ... C(N). The key encrypting 
- * key is represented by K. Assume integers i, j, and t and intermediate 
- * 64-bit register A, 128-bit register B, and array of 64-bit quantities 
- * R(1) through R(N).
- *
- * "|" represents concatentation so x|y, where x and y and 64-bit quantities, 
- * is the 128-bit quantity with x in the most significant bits and y in the 
- * least significant bits. AES(K)enc(x) is the operation of AES encrypting 
- * the 128-bit quantity x under the key K. AES(K)dec(x) is the corresponding 
- * decryption opteration. XOR(x,y) is the bitwise exclusive or of x and y. 
- * MSB(x) and LSB(y) are the most significant 64 bits and least significant 
- * 64 bits of x and y respectively.
- *
- * If N is 1, a single AES operation is performed for wrap or unwrap. 
- * If N>1, then 6*N AES operations are performed for wrap or unwrap.
- *
- * The key wrap algorithm is as follows:
- *
- *   1. If N is 1:
- *          * B=AES(K)enc(0xA6A6A6A6A6A6A6A6|P(1))
- *          * C(0)=MSB(B)
- *          * C(1)=LSB(B)
- *      If N>1, perform the following steps:
- *   2. Initialize variables:
- *          * Set A to 0xA6A6A6A6A6A6A6A6
- *          * Fori=1 to N,
- *            R(i)=P(i)
- *   3. Calculate intermediate values:
- *          * Forj=0 to 5,
- *                o For i=1 to N,
- *                  t= i + j*N
- *                  B=AES(K)enc(A|R(i))
- *                  A=XOR(t,MSB(B))
- *                  R(i)=LSB(B)
- *   4. Output the results:
- *          * Set C(0)=A
- *          * For i=1 to N,
- *            C(i)=R(i)
+/*********************************************************************
  *
- * The key unwrap algorithm is as follows:
+ * AES KW implementation
  *
- *   1. If N is 1:
- *          * B=AES(K)dec(C(0)|C(1))
- *          * P(1)=LSB(B)
- *          * If MSB(B) is 0xA6A6A6A6A6A6A6A6, return success. Otherwise, 
- *            return an integrity check failure error.
- *      If N>1, perform the following steps:
- *   2. Initialize the variables:
- *          * A=C(0)
- *          * For i=1 to N,
- *            R(i)=C(i)
- *   3. Calculate intermediate values:
- *          * For j=5 to 0,
- *                o For i=N to 1,
- *                  t= i + j*N
- *                  B=AES(K)dec(XOR(t,A)|R(i))
- *                  A=MSB(B)
- *                  R(i)=LSB(B)
- *   4. Output the results:
- *          * For i=1 to N,
- *            P(i)=R(i)
- *          * If A is 0xA6A6A6A6A6A6A6A6, return success. Otherwise, return 
- *            an integrity check failure error.
- */
+ *********************************************************************/
+static int
+xmlSecNSSKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+                           xmlSecByte * out, xmlSecSize outSize,
+                           void * context) {
+    PK11SymKey *aeskey = (PK11SymKey *)context;
+    int ret;
 
-#ifndef NSS_AES_KEYWRAP_BUG_FIXED
-static const xmlSecByte xmlSecNssKWAesMagicBlock[XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE] = { 
-    0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6
-};
-					    	
-static int  	
-xmlSecNssKWAesOp(const xmlSecByte *key, xmlSecSize keySize,
-		 const xmlSecByte *in, xmlSecSize inSize,
-		 xmlSecByte *out, xmlSecSize outSize, int enc) {
-    xmlSecByte block[XMLSEC_NSS_AES_BLOCK_SIZE];
-    xmlSecByte *p;
-    int N, i, j, t;
-    int result = -1;
-    PK11SymKey *aeskey = NULL;
-    
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize > 0, -1);
     xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize + 8, -1);
-
-    if (enc == 1) {
-        aeskey = xmlSecNssMakeAesKey(key, keySize, enc);
-        if(aeskey == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE, 
-    	    	        NULL,
-    		        "xmlSecNssMakeAesKey",
-    		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-    		        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-        }
-    
-        /* prepend magic block */
-        if(in != out) {
-            memcpy(out + XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE, in, inSize);
-        } else {
-            memmove(out + XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE, out, inSize);
-        }
-        memcpy(out, xmlSecNssKWAesMagicBlock, XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE);
-        
-        N = (inSize / 8);
-        if(N == 1) {
-            xmlSecNssAesOp(aeskey, out, out, enc);
-        } else {
-    	    for(j = 0; j <= 5; ++j) {
-    	        for(i = 1; i <= N; ++i) {
-    		    t = i + (j * N);
-    		    p = out + i * 8;
-    
-    		    memcpy(block, out, 8);
-    		    memcpy(block + 8, p, 8);
-    		
-                    xmlSecNssAesOp(aeskey, block, block, enc);
-    		    block[7] ^=  t;
-    		    memcpy(out, block, 8);
-    		    memcpy(p, block + 8, 8);
-    	        }
-    	    }
-        }
-        
-        result = inSize + 8;
-    } else {
-        aeskey = xmlSecNssMakeAesKey(key, keySize, enc);
-        if(aeskey == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE, 
-    		        NULL,
-    		        "xmlSecNssMakeAesKey",
-    		        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-    		        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-        }
-        
-        /* copy input */
-        if(in != out) {
-            memcpy(out, in, inSize);
-        }
-            
-        N = (inSize / 8) - 1;
-        if(N == 1) {
-            xmlSecNssAesOp(aeskey, out, out, enc);
-        } else {
-    	    for(j = 5; j >= 0; --j) {
-    	        for(i = N; i > 0; --i) {
-    		    t = i + (j * N);
-    		    p = out + i * 8;
-    
-    		    memcpy(block, out, 8);
-    		    memcpy(block + 8, p, 8);
-    		    block[7] ^= t;
-    		
-                    xmlSecNssAesOp(aeskey, block, block, enc);
-    		    memcpy(out, block, 8);
-    		    memcpy(p, block + 8, 8);
-    	        }
-    	    }
-        }
-        /* do not left data in memory */
-        memset(block, 0, sizeof(block));
-        
-        if(memcmp(xmlSecNssKWAesMagicBlock, out, XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE) != 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE, 
-    		        NULL,
-    		        NULL,
-    		        XMLSEC_ERRORS_R_INVALID_DATA,
-    		        "bad magic block");
-    	    goto done;
-        }
-    	
-        memmove(out, out + XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE, inSize - XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE);
-        result = (inSize - XMLSEC_NSS_KW_AES_MAGIC_BLOCK_SIZE);
-    }
+    xmlSecAssert2(outSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(aeskey != NULL, -1);
 
-done:
-    if (aeskey != NULL) {
-	PK11_FreeSymKey(aeskey);
+    /* one block */
+    ret = xmlSecNssAesOp(aeskey, in, out, 1); /* encrypt */
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAesOp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
+    return(XMLSEC_KW_AES_BLOCK_SIZE);
+}
+
+static int
+xmlSecNSSKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+                           xmlSecByte * out, xmlSecSize outSize,
+                           void * context) {
+    PK11SymKey *aeskey = (PK11SymKey *)context;
+    int ret;
+
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= XMLSEC_KW_AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(aeskey != NULL, -1);
 
-    return (result);
+    /* one block */
+    ret = xmlSecNssAesOp(aeskey, in, out, 0); /* decrypt */
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssAesOp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(XMLSEC_KW_AES_BLOCK_SIZE);
 }
 
 static PK11SymKey *
@@ -619,46 +565,45 @@ xmlSecNssMakeAesKey(const xmlSecByte *key, xmlSecSize keySize, int enc) {
     PK11SlotInfo*      slot = NULL;
     PK11SymKey*        aeskey = NULL;
     SECItem            keyItem;
-    
+
     xmlSecAssert2(key != NULL, NULL);
     xmlSecAssert2(keySize > 0, NULL);
 
     cipherMech = CKM_AES_ECB;
     slot = PK11_GetBestSlot(cipherMech, NULL);
     if (slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_GetBestSlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     keyItem.data = (unsigned char *)key;
     keyItem.len = keySize;
-    aeskey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, 
-		    	       enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
+    aeskey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap,
+                               enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
     if (aeskey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ImportSymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_ImportSymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
 done:
     if (slot) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
 
     return(aeskey);
 }
 
-/* encrypt a block (XMLSEC_NSS_AES_BLOCK_SIZE), in and out can overlap */
-static void
-xmlSecNssAesOp(PK11SymKey *aeskey, const xmlSecByte *in, xmlSecByte *out,
-	       int enc) {
+/* encrypt a block (XMLSEC_KW_AES_BLOCK_SIZE), in and out can overlap */
+static int
+xmlSecNssAesOp(PK11SymKey *aeskey, const xmlSecByte *in, xmlSecByte *out, int enc) {
 
     CK_MECHANISM_TYPE  cipherMech;
     SECItem*           SecParam = NULL;
@@ -666,192 +611,71 @@ xmlSecNssAesOp(PK11SymKey *aeskey, const xmlSecByte *in, xmlSecByte *out,
     SECStatus          rv;
     int                tmp1_outlen;
     unsigned int       tmp2_outlen;
+    int                ret = -1;
 
-    xmlSecAssert(in != NULL);
-    xmlSecAssert(out != NULL);
-
-    cipherMech = CKM_AES_ECB;
-    SecParam = PK11_ParamFromIV(cipherMech, NULL);
-    if (SecParam == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ParamFromIV",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    EncContext = PK11_CreateContextBySymKey(cipherMech, 
-		    			    enc ? CKA_ENCRYPT : CKA_DECRYPT, 
-					    aeskey, SecParam);
-    if (EncContext == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CreateContextBySymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    tmp1_outlen = tmp2_outlen = 0;
-    rv = PK11_CipherOp(EncContext, out, &tmp1_outlen, 
-		       XMLSEC_NSS_AES_BLOCK_SIZE, (unsigned char *)in, 
-		       XMLSEC_NSS_AES_BLOCK_SIZE);
-    if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CipherOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    rv = PK11_DigestFinal(EncContext, out+tmp1_outlen, 
-		    	  &tmp2_outlen, XMLSEC_NSS_AES_BLOCK_SIZE-tmp1_outlen);
-    if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-done:
-    if (SecParam) {
-	SECITEM_FreeItem(SecParam, PR_TRUE);
-    }
-    if (EncContext) {
-	PK11_DestroyContext(EncContext, PR_TRUE);
-    }
-
-}
-
-#else /* NSS_AES_KEYWRAP_BUG_FIXED */
-
-/* Note: When the bug gets fixed, it is not enough to just remove
- * the #ifdef (NSS_AES_KEYWRAP_BUG_FIXED). The code also has
- * to change from doing the Init/Update/Final to just a straight
- * encrypt or decrypt. PK11 wrappers have to be exposed by
- * NSS, and these should be used.
- * Follow the NSS bug system for more details on the fix
- * http://bugzilla.mozilla.org/show_bug.cgi?id=213795
- */
-
-/* NSS implements the AES Key Wrap algorithm described at
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
- */ 
-
-static int  	
-xmlSecNssKWAesOp(const xmlSecByte *key, xmlSecSize keySize,
-		 const xmlSecByte *in, xmlSecSize inSize,
-		 xmlSecByte *out, xmlSecSize outSize, int enc) {
-
-    CK_MECHANISM_TYPE  cipherMech;
-    PK11SlotInfo*      slot = NULL;
-    PK11SymKey*        aeskey = NULL;
-    SECItem*           SecParam = NULL;
-    PK11Context*       EncContext = NULL;
-    SECItem            keyItem;
-    SECStatus          rv;
-    int                result_len = -1;
-    int                tmp1_outlen;
-    unsigned int       tmp2_outlen;
-    
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize > 0, -1);
     xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize + 8, -1);
-
-    cipherMech = CKM_NETSCAPE_AES_KEY_WRAP;
-    slot = PK11_GetBestSlot(cipherMech, NULL);
-    if (slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    keyItem.data = (unsigned char *)key;
-    keyItem.len = keySize;
-    aeskey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, 
-		    	       enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
-    if (aeskey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ImportSymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
 
+    cipherMech = CKM_AES_ECB;
     SecParam = PK11_ParamFromIV(cipherMech, NULL);
     if (SecParam == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ParamFromIV",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_ParamFromIV",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    EncContext = PK11_CreateContextBySymKey(cipherMech, 
-		    			    enc ? CKA_ENCRYPT : CKA_DECRYPT, 
-					    aeskey, SecParam);
+    EncContext = PK11_CreateContextBySymKey(cipherMech,
+                                            enc ? CKA_ENCRYPT : CKA_DECRYPT,
+                                            aeskey, SecParam);
     if (EncContext == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CreateContextBySymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_CreateContextBySymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     tmp1_outlen = tmp2_outlen = 0;
-    rv = PK11_CipherOp(EncContext, out, &tmp1_outlen, outSize,
-		       (unsigned char *)in, inSize);
+    rv = PK11_CipherOp(EncContext, out, &tmp1_outlen,
+                       XMLSEC_KW_AES_BLOCK_SIZE, (unsigned char *)in,
+                       XMLSEC_KW_AES_BLOCK_SIZE);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CipherOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_CipherOp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    rv = PK11_DigestFinal(EncContext, out+tmp1_outlen, 
-		    	  &tmp2_outlen, outSize-tmp1_outlen);
+    rv = PK11_DigestFinal(EncContext, out+tmp1_outlen,
+                          &tmp2_outlen, XMLSEC_KW_AES_BLOCK_SIZE-tmp1_outlen);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_DigestFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    result_len = tmp1_outlen + tmp2_outlen;
+    /* done - success! */
+    ret = 0;
 
 done:
-    if (slot) {
-	PK11_FreeSlot(slot);
-    }
-    if (aeskey) {
-	PK11_FreeSymKey(aeskey);
-    }
     if (SecParam) {
-	SECITEM_FreeItem(SecParam, PR_TRUE);
+        SECITEM_FreeItem(SecParam, PR_TRUE);
     }
     if (EncContext) {
-	PK11_DestroyContext(EncContext, PR_TRUE);
+        PK11_DestroyContext(EncContext, PR_TRUE);
     }
 
-    return(result_len);
+    return (ret);
 }
-#endif /* NSS_AES_KEYWRAP_BUG_FIXED */
+
 
 #endif /* XMLSEC_NO_AES */
diff --git a/src/nss/kw_des.c b/src/nss/kw_des.c
index 0cb6f24a..e75f69c9 100644
--- a/src/nss/kw_des.c
+++ b/src/nss/kw_des.c
@@ -1,15 +1,15 @@
-/** 
+/**
  *
  * XMLSec library
- * 
- * DES Algorithm support
- * 
+ *
+ * DES KW Algorithm support
+ *
  * This is free software; see Copyright file in the source
- * distribution for precise wording.
- * 
+ * distribution for preciese wording.
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
+ * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
-
 #ifndef XMLSEC_NO_DES
 #include "globals.h"
 
@@ -29,14 +29,57 @@
 
 #include <xmlsec/nss/crypto.h>
 
-#define XMLSEC_NSS_DES3_KEY_LENGTH                          24
-#define XMLSEC_NSS_DES3_IV_LENGTH                           8
-#define XMLSEC_NSS_DES3_BLOCK_LENGTH                        8
+#include "../kw_aes_des.h"
 
-static xmlSecByte *xmlSecNssComputeSHA1(const xmlSecByte *in, 
-					xmlSecSize inSize, 
-				        xmlSecByte *out, 
-					xmlSecSize outSize);
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int       xmlSecNssKWDes3GenerateRandom                  (void * context,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int       xmlSecNssKWDes3Sha1                            (void * context,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize, 
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecNssKWDes3BlockEncrypt                     (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecNssKWDes3BlockDecrypt                     (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+
+static xmlSecKWDes3Klass xmlSecNssKWDes3ImplKlass = {
+    /* callbacks */
+    xmlSecNssKWDes3GenerateRandom,          /* xmlSecKWDes3GenerateRandomMethod     generateRandom; */
+    xmlSecNssKWDes3Sha1,                    /* xmlSecKWDes3Sha1Method               sha1; */
+    xmlSecNssKWDes3BlockEncrypt,            /* xmlSecKWDes3BlockEncryptMethod       encrypt; */
+    xmlSecNssKWDes3BlockDecrypt,            /* xmlSecKWDes3BlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL,                                   /* void*                               reserved1; */
+}; 
+
+static int      xmlSecNssKWDes3Encrypt                          (const xmlSecByte *key, 
+                                                                 xmlSecSize keySize,
+                                                                 const xmlSecByte *iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte *in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte *out, 
+                                                                 xmlSecSize outSize, 
+                                                                 int enc);
 
 
 /*********************************************************************
@@ -46,176 +89,171 @@ static xmlSecByte *xmlSecNssComputeSHA1(const xmlSecByte *in,
  * key (xmlSecBuffer) is located after xmlSecTransform structure
  *
  ********************************************************************/
-#define xmlSecNssKWDes3GetKey(transform) \
-    ((xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecNssKWDes3Size	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
-
-static int 	xmlSecNssKWDes3Initialize		(xmlSecTransformPtr transform);
-static void 	xmlSecNssKWDes3Finalize			(xmlSecTransformPtr transform);
-static int  	xmlSecNssKWDes3SetKeyReq		(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecNssKWDes3SetKey			(xmlSecTransformPtr transform, 
-							 xmlSecKeyPtr key);
-static int  	xmlSecNssKWDes3Execute			(xmlSecTransformPtr transform, 
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecNssKWDes3Encode			(const xmlSecByte *key,
-							 xmlSecSize keySize,
-							 const xmlSecByte *in,
-							 xmlSecSize inSize,
-							 xmlSecByte *out,
-							 xmlSecSize outSize);
-static int  	xmlSecNssKWDes3Decode			(const xmlSecByte *key,
-							 xmlSecSize keySize,
-							 const xmlSecByte *in,
-							 xmlSecSize inSize,
-							 xmlSecByte *out,
-							 xmlSecSize outSize);
-static int	xmlSecNssKWDes3Encrypt			(const xmlSecByte *key, 
-							 xmlSecSize keySize,
-						    	 const xmlSecByte *iv,
-							 xmlSecSize ivSize,
-							 const xmlSecByte *in, 
-							 xmlSecSize inSize,
-							 xmlSecByte *out,
-							 xmlSecSize outSize, 
-							 int enc);
-static int 	xmlSecNssKWDes3BufferReverse		(xmlSecByte *buf, 
-							 xmlSecSize size);
-
+typedef struct _xmlSecNssKWDes3Ctx                      xmlSecNssKWDes3Ctx,
+                                                        *xmlSecNssKWDes3CtxPtr;
+struct _xmlSecNssKWDes3Ctx {
+    xmlSecBuffer        keyBuffer;
+};
+#define xmlSecNssKWDes3Size     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecNssKWDes3Ctx))
+#define xmlSecNssKWDes3GetCtx(transform) \
+    ((xmlSecNssKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecNssKWDes3Initialize                       (xmlSecTransformPtr transform);
+static void     xmlSecNssKWDes3Finalize                         (xmlSecTransformPtr transform);
+static int      xmlSecNssKWDes3SetKeyReq                        (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecNssKWDes3SetKey                           (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecNssKWDes3Execute                          (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 static xmlSecTransformKlass xmlSecNssKWDes3Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssKWDes3Size,			/* xmlSecSize objSize */
-
-    xmlSecNameKWDes3,				/* const xmlChar* name; */
-    xmlSecHrefKWDes3, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecNssKWDes3Initialize, 			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssKWDes3Finalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssKWDes3SetKeyReq,			/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecNssKWDes3SetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssKWDes3Execute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssKWDes3Size,                        /* xmlSecSize objSize */
+
+    xmlSecNameKWDes3,                           /* const xmlChar* name; */
+    xmlSecHrefKWDes3,                           /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecNssKWDes3Initialize,                  /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssKWDes3Finalize,                    /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssKWDes3SetKeyReq,                   /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecNssKWDes3SetKey,                      /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssKWDes3Execute,                     /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssTransformKWDes3GetKlass:
- * 
+ *
  * The Triple DES key wrapper transform klass.
  *
  * Returns: Triple DES key wrapper transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformKWDes3GetKlass(void) {
     return(&xmlSecNssKWDes3Klass);
 }
 
-static int 
+static int
 xmlSecNssKWDes3Initialize(xmlSecTransformPtr transform) {
+    xmlSecNssKWDes3CtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
-    
-    ret = xmlSecBufferInitialize(xmlSecNssKWDes3GetKey(transform), 0);
+
+    ctx = xmlSecNssKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     return(0);
 }
 
-static void 
+static void
 xmlSecNssKWDes3Finalize(xmlSecTransformPtr transform) {
+    xmlSecNssKWDes3CtxPtr ctx;
+
     xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size));
-    
-    if(xmlSecNssKWDes3GetKey(transform) != NULL) {
-	xmlSecBufferFinalize(xmlSecNssKWDes3GetKey(transform));
-    }
+
+    ctx = xmlSecNssKWDes3GetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
 }
 
-static int  
+static int
 xmlSecNssKWDes3SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecNssKWDes3CtxPtr ctx;
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
     xmlSecAssert2(keyReq != NULL, -1);
 
-    keyReq->keyId 	= xmlSecNssKeyDataDesId;
-    keyReq->keyType 	= xmlSecKeyDataTypeSymmetric;
+    ctx = xmlSecNssKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId       = xmlSecNssKeyDataDesId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage= xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage= xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage= xmlSecKeyUsageDecrypt;
     }
-    keyReq->keyBitsSize = 8 * XMLSEC_NSS_DES3_KEY_LENGTH;
+    keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
     return(0);
 }
 
-static int  	
+static int
 xmlSecNssKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecNssKWDes3CtxPtr ctx;
     xmlSecBufferPtr buffer;
     xmlSecSize keySize;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecNssTransformKWDes3Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
-    xmlSecAssert2(xmlSecNssKWDes3GetKey(transform) != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataDesId), -1);
-    
+
+    ctx = xmlSecNssKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
     xmlSecAssert2(buffer != NULL, -1);
 
     keySize = xmlSecBufferGetSize(buffer);
-    if(keySize < XMLSEC_NSS_DES3_KEY_LENGTH) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key length %d is not enough (%d expected)",
-		    keySize, XMLSEC_NSS_DES3_KEY_LENGTH);
-	return(-1);
+    if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key length %d is not enough (%d expected)",
+                    keySize, XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
     }
-        
-    ret = xmlSecBufferSetData(xmlSecNssKWDes3GetKey(transform),
-			    xmlSecBufferGetData(buffer), 
-			    XMLSEC_NSS_DES3_KEY_LENGTH);
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", XMLSEC_NSS_DES3_KEY_LENGTH);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecBufferPtr in, out, key;
+    xmlSecNssKWDes3CtxPtr ctx;
+    xmlSecBufferPtr in, out;
     xmlSecSize inSize, outSize, keySize;
     int ret;
 
@@ -224,535 +262,402 @@ xmlSecNssKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCt
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssKWDes3Size), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    key = xmlSecNssKWDes3GetKey(transform);
-    xmlSecAssert2(key != NULL, -1);
+    ctx = xmlSecNssKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
 
-    keySize = xmlSecBufferGetSize(key);
-    xmlSecAssert2(keySize == XMLSEC_NSS_DES3_KEY_LENGTH, -1);
-    
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	if((inSize % XMLSEC_NSS_DES3_BLOCK_LENGTH) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_SIZE,
-			"%d bytes - not %d bytes aligned", 
-			inSize, XMLSEC_NSS_DES3_BLOCK_LENGTH);
-	    return(-1);
-	}	
-	
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    /* the encoded key might be 16 bytes longer plus one block just in case */
-	    outSize = inSize + XMLSEC_NSS_DES3_IV_LENGTH +
-			       XMLSEC_NSS_DES3_BLOCK_LENGTH +
-			       XMLSEC_NSS_DES3_BLOCK_LENGTH;
-	} else {
-	    outSize = inSize + XMLSEC_NSS_DES3_BLOCK_LENGTH;
-	}
-
-	ret = xmlSecBufferSetMaxSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize);
-	    return(-1);
-	}
-
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    ret = xmlSecNssKWDes3Encode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssKWDes3Encode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "key=%d,in=%d,out=%d",
-			    keySize, inSize, outSize);
-		return(-1);
-	    }
-	    outSize = ret;
-	} else {
-	    ret = xmlSecNssKWDes3Decode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecNssKWDes3Decode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "key=%d,in=%d,out=%d",
-			    keySize, inSize, outSize);
-		return(-1);
-	    }
-	    outSize = ret;
-	}
-
-	ret = xmlSecBufferSetSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	
-	transform->status = xmlSecTransformStatusFinished;
+        if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "%d bytes - not %d bytes aligned",
+                        inSize, XMLSEC_KW_DES3_BLOCK_LENGTH);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 16 bytes longer plus one block just in case */
+            outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH;
+        } else {
+            /* just in case, add a block */
+            outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWDes3Encode(&xmlSecNssKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Encode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWDes3Decode(&xmlSecNssKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Decode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
-static xmlSecByte xmlSecNssKWDes3Iv[XMLSEC_NSS_DES3_IV_LENGTH] = { 
-    0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 
-};
-/**
- * CMS Triple DES Key Wrap
- *
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
- *
- * The following algorithm wraps (encrypts) a key (the wrapped key, WK) 
- * under a TRIPLEDES key-encryption-key (KEK) as specified in [CMS-Algorithms]:
+/*********************************************************************
  *
- * 1. Represent the key being wrapped as an octet sequence. If it is a 
- *    TRIPLEDES key, this is 24 octets (192 bits) with odd parity bit as 
- *    the bottom bit of each octet.
- * 2. Compute the CMS key checksum (section 5.6.1) call this CKS.
- * 3. Let WKCKS = WK || CKS, where || is concatenation.
- * 4. Generate 8 random octets [RANDOM] and call this IV.
- * 5. Encrypt WKCKS in CBC mode using KEK as the key and IV as the 
- *    initialization vector. Call the results TEMP1.
- * 6. Left TEMP2 = IV || TEMP1.
- * 7. Reverse the order of the octets in TEMP2 and call the result TEMP3.
- * 8. Encrypt TEMP3 in CBC mode using the KEK and an initialization vector 
- *    of 0x4adda22c79e82105. The resulting cipher text is the desired result. 
- *    It is 40 octets long if a 168 bit key is being wrapped.
+ * DES KW implementation
  *
- */
-static int  	
-xmlSecNssKWDes3Encode(const xmlSecByte *key, xmlSecSize keySize,
-			const xmlSecByte *in, xmlSecSize inSize,
-			xmlSecByte *out, xmlSecSize outSize) {
-    xmlSecByte sha1[SHA1_LENGTH];    
-    xmlSecByte iv[XMLSEC_NSS_DES3_IV_LENGTH];
-    xmlSecSize s;    
-    int ret;
+ *********************************************************************/
+static int
+xmlSecNssKWDes3Sha1(void * context,
+                    const xmlSecByte * in, xmlSecSize inSize, 
+                    xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+    PK11Context *pk11ctx = NULL;
+    unsigned int outLen = 0;
     SECStatus status;
 
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize == XMLSEC_NSS_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize + 16, -1);
-
-    /* step 2: calculate sha1 and CMS */
-    if(xmlSecNssComputeSHA1(in, inSize, sha1, SHA1_LENGTH) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssComputeSHA1",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
+    xmlSecAssert2(outSize >= SHA1_LENGTH, -1);
+
+    /* Create a pk11ctx for hashing (digesting) */
+    pk11ctx = PK11_CreateDigestContext(SEC_OID_SHA1);
+    if (pk11ctx == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_CreateDigestContext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    status = PK11_DigestBegin(pk11ctx);
+    if (status != SECSuccess) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_DigestBegin",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        PK11_DestroyContext(pk11ctx, PR_TRUE);
+        return(-1);
+    }
+
+    status = PK11_DigestOp(pk11ctx, in, inSize);
+    if (status != SECSuccess) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_DigestOp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        PK11_DestroyContext(pk11ctx, PR_TRUE);
+        return(-1);
+    }
+
+    status = PK11_DigestFinal(pk11ctx, out, &outLen, outSize);
+    if (status != SECSuccess) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_DigestFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        PK11_DestroyContext(pk11ctx, PR_TRUE);
+        return(-1);
+    }
+
+    /* done */
+    PK11_DestroyContext(pk11ctx, PR_TRUE);
+    xmlSecAssert2(outLen == SHA1_LENGTH, -1);
+    return(outLen);
+}
+
+static int
+xmlSecNssKWDes3GenerateRandom(void * context,
+                              xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+    SECStatus status;
 
-    /* step 3: construct WKCKS */
-    memcpy(out, in, inSize);
-    memcpy(out + inSize, sha1, XMLSEC_NSS_DES3_BLOCK_LENGTH);
-    
-    /* step 4: generate random iv */
-    status = PK11_GenerateRandom(iv, XMLSEC_NSS_DES3_IV_LENGTH);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    status = PK11_GenerateRandom(out, outSize);
     if(status != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_GenerateRandom",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
-    }	
-
-    /* step 5: first encryption, result is TEMP1 */
-    ret = xmlSecNssKWDes3Encrypt(key, keySize, 
-				    iv, XMLSEC_NSS_DES3_IV_LENGTH, 
-				    out, inSize + XMLSEC_NSS_DES3_BLOCK_LENGTH, 
-				    out, outSize, 1);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_GenerateRandom",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    /* step 6: construct TEMP2=IV || TEMP1 */
-    memmove(out + XMLSEC_NSS_DES3_IV_LENGTH, out, 
-	    inSize + XMLSEC_NSS_DES3_IV_LENGTH);
-    memcpy(out, iv, XMLSEC_NSS_DES3_IV_LENGTH);
-    s = ret + XMLSEC_NSS_DES3_IV_LENGTH; 
-    
-    /* step 7: reverse octets order, result is TEMP3 */
-    ret = xmlSecNssKWDes3BufferReverse(out, s);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3BufferReverse",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
+    return((int)outSize);
+}
+
+static int
+xmlSecNssKWDes3BlockEncrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
 
-    /* step 8: second encryption with static IV */
-    ret = xmlSecNssKWDes3Encrypt(key, keySize, 
-				    xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH,
-				    out, s, out, outSize, 1);
+    ret = xmlSecNssKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
+                                 iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                 in, inSize,
+                                 out, outSize, 
+                                 1); /* encrypt */
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    s = ret; 
-    return(s);
+
+    return(ret);
 }
 
-/**
- * CMS Triple DES Key Wrap
- *
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
- *
- * The following algorithm unwraps (decrypts) a key as specified in 
- * [CMS-Algorithms]:
- *
- * 1. Check if the length of the cipher text is reasonable given the key type. 
- *    It must be 40 bytes for a 168 bit key and either 32, 40, or 48 bytes for 
- *    a 128, 192, or 256 bit key. If the length is not supported or inconsistent 
- *    with the algorithm for which the key is intended, return error.
- * 2. Decrypt the cipher text with TRIPLEDES in CBC mode using the KEK and 
- *    an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
- * 3. Reverse the order of the octets in TEMP3 and call the result TEMP2.
- * 4. Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining 
- *    octets.
- * 5. Decrypt TEMP1 using TRIPLEDES in CBC mode using the KEK and the IV found 
- *    in the previous step. Call the result WKCKS.
- * 6. Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are 
- *    those octets before the CKS.
- * 7. Calculate a CMS key checksum (section 5.6.1) over the WK and compare 
- *    with the CKS extracted in the above step. If they are not equal, return 
- *    error.
- * 8. WK is the wrapped key, now extracted for use in data decryption.
- */
-static int  	
-xmlSecNssKWDes3Decode(const xmlSecByte *key, xmlSecSize keySize,
-			const xmlSecByte *in, xmlSecSize inSize,
-			xmlSecByte *out, xmlSecSize outSize) {
-    xmlSecByte sha1[SHA1_LENGTH];    
-    xmlSecSize s;    
+static int
+xmlSecNssKWDes3BlockDecrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecNssKWDes3CtxPtr ctx = (xmlSecNssKWDes3CtxPtr)context;
     int ret;
 
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize == XMLSEC_NSS_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
     xmlSecAssert2(outSize >= inSize, -1);
 
-    /* step 2: first decryption with static IV, result is TEMP3 */
-    ret = xmlSecNssKWDes3Encrypt(key, keySize, 
-				    xmlSecNssKWDes3Iv, XMLSEC_NSS_DES3_IV_LENGTH,
-				    in, inSize, out, outSize, 0);
-    if((ret < 0) || (ret < XMLSEC_NSS_DES3_IV_LENGTH)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-    s = ret; 
-    
-    /* step 3: reverse octets order in TEMP3, result is TEMP2 */
-    ret = xmlSecNssKWDes3BufferReverse(out, s);
+    ret = xmlSecNssKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
+                                 iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                 in, inSize,
+                                 out, outSize, 
+                                 0); /* decrypt */
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3BufferReverse",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    /* steps 4 and 5: get IV and decrypt second time, result is WKCKS */
-    ret = xmlSecNssKWDes3Encrypt(key, keySize, 
-				     out, XMLSEC_NSS_DES3_IV_LENGTH,
-				     out + XMLSEC_NSS_DES3_IV_LENGTH, 
-				     s - XMLSEC_NSS_DES3_IV_LENGTH, 
-				     out, outSize, 0);
-    if((ret < 0) || (ret < XMLSEC_NSS_DES3_BLOCK_LENGTH)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-    s = ret - XMLSEC_NSS_DES3_BLOCK_LENGTH; 
-    
-    /* steps 6 and 7: calculate SHA1 and validate it */
-    if(xmlSecNssComputeSHA1(out, s, sha1, SHA1_LENGTH) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssComputeSHA1",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-
-    if(memcmp(sha1, out + s, XMLSEC_NSS_DES3_BLOCK_LENGTH) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "SHA1 does not match");
-	return(-1);	    
-    }
-    
-    return(s);
+    return(ret);
 }
 
+
+
 static int
 xmlSecNssKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
-			   const xmlSecByte *iv, xmlSecSize ivSize,
-            		   const xmlSecByte *in, xmlSecSize inSize,
-	        	   xmlSecByte *out, xmlSecSize outSize, int enc) {
+                       const xmlSecByte *iv, xmlSecSize ivSize,
+                       const xmlSecByte *in, xmlSecSize inSize,
+                       xmlSecByte *out, xmlSecSize outSize,
+                       int enc) {
     CK_MECHANISM_TYPE  cipherMech;
-    PK11SlotInfo*      slot = NULL;
-    PK11SymKey*        SymKey = NULL;
-    SECItem*           SecParam = NULL;
-    PK11Context*       EncContext = NULL;
-    SECItem            keyItem, ivItem;
-    SECStatus          rv;
-    int                result_len = -1;
-    int                tmp1_outlen;
-    unsigned int       tmp2_outlen;
+    PK11SlotInfo* slot = NULL;
+    PK11SymKey* symKey = NULL;
+    SECItem* param = NULL;
+    PK11Context* pk11ctx = NULL;
+    SECItem keyItem, ivItem;
+    SECStatus status;
+    int result_len = -1;
+    int tmp1_outlen;
+    unsigned int tmp2_outlen;
 
     xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize == XMLSEC_NSS_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
     xmlSecAssert2(iv != NULL, -1);
-    xmlSecAssert2(ivSize == XMLSEC_NSS_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(ivSize == XMLSEC_KW_DES3_IV_LENGTH, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
     xmlSecAssert2(outSize >= inSize, -1);
-    
+
     cipherMech = CKM_DES3_CBC;
     slot = PK11_GetBestSlot(cipherMech, NULL);
     if (slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_GetBestSlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     keyItem.data = (unsigned char *)key;
     keyItem.len = keySize;
-    SymKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, 
-		    	       enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
-    if (SymKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ImportSymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+    symKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap,
+                               enc ? CKA_ENCRYPT : CKA_DECRYPT, &keyItem, NULL);
+    if (symKey == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_ImportSymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ivItem.data = (unsigned char *)iv;
     ivItem.len = ivSize;
 
-    SecParam = PK11_ParamFromIV(cipherMech, &ivItem);
-    if (SecParam == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ParamFromIV",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+    param = PK11_ParamFromIV(cipherMech, &ivItem);
+    if (param == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_ParamFromIV",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    EncContext = PK11_CreateContextBySymKey(cipherMech, 
-		    			    enc ? CKA_ENCRYPT : CKA_DECRYPT,
-					    SymKey, SecParam);
-    if (EncContext == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CreateContextBySymKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+    pk11ctx = PK11_CreateContextBySymKey(cipherMech,
+                                            enc ? CKA_ENCRYPT : CKA_DECRYPT,
+                                            symKey, param);
+    if (pk11ctx == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_CreateContextBySymKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     tmp1_outlen = tmp2_outlen = 0;
-    rv = PK11_CipherOp(EncContext, out, &tmp1_outlen, outSize,
-		       (unsigned char *)in, inSize);
-    if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CipherOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    rv = PK11_DigestFinal(EncContext, out+tmp1_outlen, 
-		    	  &tmp2_outlen, outSize-tmp1_outlen);
-    if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+    status = PK11_CipherOp(pk11ctx, out, &tmp1_outlen, outSize,
+                       (unsigned char *)in, inSize);
+    if (status != SECSuccess) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_CipherOp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    status = PK11_DigestFinal(pk11ctx, out+tmp1_outlen,
+                          &tmp2_outlen, outSize-tmp1_outlen);
+    if (status != SECSuccess) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_DigestFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     result_len = tmp1_outlen + tmp2_outlen;
 
 done:
     if (slot) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
-    if (SymKey) {
-	PK11_FreeSymKey(SymKey);
+    if (symKey) {
+        PK11_FreeSymKey(symKey);
     }
-    if (SecParam) {
-	SECITEM_FreeItem(SecParam, PR_TRUE);
+    if (param) {
+        SECITEM_FreeItem(param, PR_TRUE);
     }
-    if (EncContext) {
-	PK11_DestroyContext(EncContext, PR_TRUE);
+    if (pk11ctx) {
+        PK11_DestroyContext(pk11ctx, PR_TRUE);
     }
 
     return(result_len);
-}	      
-
-static int 
-xmlSecNssKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size) {
-    xmlSecSize s;
-    xmlSecSize i;
-    xmlSecByte c;
-    
-    xmlSecAssert2(buf != NULL, -1);
-    
-    s = size / 2;
-    --size;
-    for(i = 0; i < s; ++i) {
-	c = buf[i];
-	buf[i] = buf[size - i];
-	buf[size - i] = c;
-    }
-    return(0);
 }
 
-static xmlSecByte *
-xmlSecNssComputeSHA1(const xmlSecByte *in, xmlSecSize inSize, 
-		     xmlSecByte *out, xmlSecSize outSize)
-{
-    PK11Context *context = NULL;
-    SECStatus s;
-    xmlSecByte *digest = NULL;
-    unsigned int len;
-
-    xmlSecAssert2(in != NULL, NULL);
-    xmlSecAssert2(out != NULL, NULL);
-    xmlSecAssert2(outSize >= SHA1_LENGTH, NULL);
-
-    /* Create a context for hashing (digesting) */
-    context = PK11_CreateDigestContext(SEC_OID_SHA1);
-    if (context == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_CreateDigestContext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    s = PK11_DigestBegin(context);
-    if (s != SECSuccess) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestBegin",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    s = PK11_DigestOp(context, in, inSize);
-    if (s != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestOp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-
-    s = PK11_DigestFinal(context, out, &len, outSize);
-    if (s != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_DigestFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }
-    xmlSecAssert2(len == SHA1_LENGTH, NULL);
-
-    digest = out;
-
-done:
-    if (context != NULL) {
-	PK11_DestroyContext(context, PR_TRUE);
-    }
-    return (digest);
-}
 
 #endif /* XMLSEC_NO_DES */
 
diff --git a/src/nss/pkikeys.c b/src/nss/pkikeys.c
index f8549352..ae9e29b4 100644
--- a/src/nss/pkikeys.c
+++ b/src/nss/pkikeys.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -30,12 +30,12 @@
  * Internal NSS PKI key CTX
  *
  *************************************************************************/
-typedef struct _xmlSecNssPKIKeyDataCtx	xmlSecNssPKIKeyDataCtx, 
-						*xmlSecNssPKIKeyDataCtxPtr;
+typedef struct _xmlSecNssPKIKeyDataCtx  xmlSecNssPKIKeyDataCtx,
+                                                *xmlSecNssPKIKeyDataCtxPtr;
 struct _xmlSecNssPKIKeyDataCtx {
     SECKEYPublicKey  *pubkey;
     SECKEYPrivateKey *privkey;
-};	    
+};
 
 /******************************************************************************
  *
@@ -44,22 +44,22 @@ struct _xmlSecNssPKIKeyDataCtx {
  * xmlSecNssPKIKeyDataCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecNssPKIKeyDataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecNssPKIKeyDataCtx))	
+#define xmlSecNssPKIKeyDataSize \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecNssPKIKeyDataCtx))
 #define xmlSecNssPKIKeyDataGetCtx(data) \
     ((xmlSecNssPKIKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
 
-static int		xmlSecNssPKIKeyDataInitialize	(xmlSecKeyDataPtr data);
-static void		xmlSecNssPKIKeyDataFinalize	(xmlSecKeyDataPtr data);
+static int              xmlSecNssPKIKeyDataInitialize   (xmlSecKeyDataPtr data);
+static void             xmlSecNssPKIKeyDataFinalize     (xmlSecKeyDataPtr data);
 
 
-static void 		xmlSecNSSPKIKeyDataCtxFree	(xmlSecNssPKIKeyDataCtxPtr ctx);
-static int 		xmlSecNSSPKIKeyDataCtxDup	(xmlSecNssPKIKeyDataCtxPtr ctxDst, 
-							 xmlSecNssPKIKeyDataCtxPtr ctxSrc);
-static int 		xmlSecNssPKIKeyDataAdoptKey	(xmlSecKeyDataPtr data, 
-			     				 SECKEYPrivateKey *privkey,
-			     				 SECKEYPublicKey  *pubkey);
+static void             xmlSecNSSPKIKeyDataCtxFree      (xmlSecNssPKIKeyDataCtxPtr ctx);
+static int              xmlSecNSSPKIKeyDataCtxDup       (xmlSecNssPKIKeyDataCtxPtr ctxDst,
+                                                         xmlSecNssPKIKeyDataCtxPtr ctxSrc);
+static int              xmlSecNssPKIKeyDataAdoptKey     (xmlSecKeyDataPtr data,
+                                                         SECKEYPrivateKey *privkey,
+                                                         SECKEYPublicKey  *pubkey);
 
 
 static int
@@ -81,107 +81,107 @@ xmlSecNssPKIKeyDataInitialize(xmlSecKeyDataPtr data) {
 static void
 xmlSecNssPKIKeyDataFinalize(xmlSecKeyDataPtr data) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecNssPKIKeyDataSize));
 
     ctx = xmlSecNssPKIKeyDataGetCtx(data);
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecNSSPKIKeyDataCtxFree(ctx);
     memset(ctx, 0, sizeof(xmlSecNssPKIKeyDataCtx));
 }
 
 
-static void             
+static void
 xmlSecNSSPKIKeyDataCtxFree(xmlSecNssPKIKeyDataCtxPtr ctx)
 {
     xmlSecAssert(ctx != NULL);
     if (ctx->privkey != NULL) {
-	SECKEY_DestroyPrivateKey(ctx->privkey);
-	ctx->privkey = NULL;
+        SECKEY_DestroyPrivateKey(ctx->privkey);
+        ctx->privkey = NULL;
     }
 
     if (ctx->pubkey)
     {
-	SECKEY_DestroyPublicKey(ctx->pubkey);
-	ctx->pubkey = NULL;
+        SECKEY_DestroyPublicKey(ctx->pubkey);
+        ctx->pubkey = NULL;
     }
 
 }
 
-static int              
-xmlSecNSSPKIKeyDataCtxDup(xmlSecNssPKIKeyDataCtxPtr ctxDst, 
+static int
+xmlSecNSSPKIKeyDataCtxDup(xmlSecNssPKIKeyDataCtxPtr ctxDst,
                           xmlSecNssPKIKeyDataCtxPtr ctxSrc)
 {
     xmlSecNSSPKIKeyDataCtxFree(ctxDst);
     if (ctxSrc->privkey != NULL) {
-	ctxDst->privkey = SECKEY_CopyPrivateKey(ctxSrc->privkey);
-	if(ctxDst->privkey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"SECKEY_CopyPrivateKey",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-				"error code=%d", PORT_GetError());
-	    return(-1);
-	}
+        ctxDst->privkey = SECKEY_CopyPrivateKey(ctxSrc->privkey);
+        if(ctxDst->privkey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "SECKEY_CopyPrivateKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                "error code=%d", PORT_GetError());
+            return(-1);
+        }
     }
 
     if (ctxSrc->pubkey != NULL) {
-	ctxDst->pubkey = SECKEY_CopyPublicKey(ctxSrc->pubkey);
-	if(ctxDst->pubkey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"SECKEY_CopyPublicKey",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-				"error code=%d", PORT_GetError());
-	    return(-1);
-	}
+        ctxDst->pubkey = SECKEY_CopyPublicKey(ctxSrc->pubkey);
+        if(ctxDst->pubkey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "SECKEY_CopyPublicKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                "error code=%d", PORT_GetError());
+            return(-1);
+        }
     }
     return (0);
 }
 
-static int              
+static int
 xmlSecNssPKIKeyDataAdoptKey(xmlSecKeyDataPtr data,
-                            SECKEYPrivateKey *privkey,                        
+                            SECKEYPrivateKey *privkey,
                             SECKEYPublicKey  *pubkey)
 {
     xmlSecNssPKIKeyDataCtxPtr ctx;
-	KeyType					pubType = nullKey ;
-	KeyType					priType = nullKey ;
-    
+        KeyType                                 pubType = nullKey ;
+        KeyType                                 priType = nullKey ;
+
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecNssPKIKeyDataSize), -1);
 
-	if( privkey != NULL ) {
-		priType = SECKEY_GetPrivateKeyType( privkey ) ;
-	}
-
-	if( pubkey != NULL ) {
-		pubType = SECKEY_GetPublicKeyType( pubkey ) ;
-	}
-
-	if( priType != nullKey && pubType != nullKey ) {
-		if( pubType != priType ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				NULL ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				"different type of private and public key" ) ;
-			return -1 ;
-		}
-	}
+        if( privkey != NULL ) {
+                priType = SECKEY_GetPrivateKeyType( privkey ) ;
+        }
+
+        if( pubkey != NULL ) {
+                pubType = SECKEY_GetPublicKeyType( pubkey ) ;
+        }
+
+        if( priType != nullKey && pubType != nullKey ) {
+                if( pubType != priType ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                NULL ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                "different type of private and public key" ) ;
+                        return -1 ;
+                }
+        }
 
     ctx = xmlSecNssPKIKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if (ctx->privkey) {
-	SECKEY_DestroyPrivateKey(ctx->privkey);	
+        SECKEY_DestroyPrivateKey(ctx->privkey);
     }
     ctx->privkey = privkey;
 
     if (ctx->pubkey) {
-	SECKEY_DestroyPublicKey(ctx->pubkey);
+        SECKEY_DestroyPublicKey(ctx->pubkey);
     }
     ctx->pubkey = pubkey;
 
@@ -199,80 +199,80 @@ xmlSecNssPKIKeyDataAdoptKey(xmlSecKeyDataPtr data,
  * Returns: pointer to KeyData object or NULL if an error occurs.
  */
 xmlSecKeyDataPtr
-xmlSecNssPKIAdoptKey(SECKEYPrivateKey *privkey,                        
+xmlSecNssPKIAdoptKey(SECKEYPrivateKey *privkey,
                      SECKEYPublicKey  *pubkey)
 {
     xmlSecKeyDataPtr data = NULL;
     int ret;
-	KeyType					pubType = nullKey ;
-	KeyType					priType = nullKey ;
-    
-	if( privkey != NULL ) {
-		priType = SECKEY_GetPrivateKeyType( privkey ) ;
-	}
-
-	if( pubkey != NULL ) {
-		pubType = SECKEY_GetPublicKeyType( pubkey ) ;
-	}
-
-	if( priType != nullKey && pubType != nullKey ) {
-		if( pubType != priType ) {
-			xmlSecError( XMLSEC_ERRORS_HERE ,
-				NULL ,
-				NULL ,
-				XMLSEC_ERRORS_R_CRYPTO_FAILED ,
-				"different type of private and public key" ) ;
-			return( NULL ) ;
-		}
-	}
-   
-	pubType = priType != nullKey ? priType : pubType ;
-    switch(pubType) {	
-#ifndef XMLSEC_NO_RSA    
+        KeyType                                 pubType = nullKey ;
+        KeyType                                 priType = nullKey ;
+
+        if( privkey != NULL ) {
+                priType = SECKEY_GetPrivateKeyType( privkey ) ;
+        }
+
+        if( pubkey != NULL ) {
+                pubType = SECKEY_GetPublicKeyType( pubkey ) ;
+        }
+
+        if( priType != nullKey && pubType != nullKey ) {
+                if( pubType != priType ) {
+                        xmlSecError( XMLSEC_ERRORS_HERE ,
+                                NULL ,
+                                NULL ,
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED ,
+                                "different type of private and public key" ) ;
+                        return( NULL ) ;
+                }
+        }
+
+        pubType = priType != nullKey ? priType : pubType ;
+    switch(pubType) {
+#ifndef XMLSEC_NO_RSA
     case rsaKey:
-	data = xmlSecKeyDataCreate(xmlSecNssKeyDataRsaId);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecNssKeyDataRsaId");
-	    return(NULL);	    
-	}
-	break;
-#endif /* XMLSEC_NO_RSA */	
-#ifndef XMLSEC_NO_DSA	
+        data = xmlSecKeyDataCreate(xmlSecNssKeyDataRsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecNssKeyDataRsaId");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_RSA */
+#ifndef XMLSEC_NO_DSA
     case dsaKey:
-	data = xmlSecKeyDataCreate(xmlSecNssKeyDataDsaId);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecNssKeyDataDsaId");
-	    return(NULL);	    
-	}
-	break;
-#endif /* XMLSEC_NO_DSA */	
-    default:	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "PKI key type %d not supported", pubType);
-	return(NULL);
-    }
-
-    xmlSecAssert2(data != NULL, NULL);    
+        data = xmlSecKeyDataCreate(xmlSecNssKeyDataDsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecNssKeyDataDsaId");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_DSA */
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "PKI key type %d not supported", pubType);
+        return(NULL);
+    }
+
+    xmlSecAssert2(data != NULL, NULL);
     ret = xmlSecNssPKIKeyDataAdoptKey(data, privkey, pubkey);
-    if(ret < 0) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssPKIKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);	    
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssPKIKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
     return(data);
 }
@@ -333,7 +333,7 @@ xmlSecNssPKIKeyDataGetPrivKey(xmlSecKeyDataPtr data) {
  *
  * Gets the Key Type from the key data.
  *
- * Returns: Key Type 
+ * Returns: Key Type
  */
 KeyType
 xmlSecNssPKIKeyDataGetKeyType(xmlSecKeyDataPtr data) {
@@ -345,11 +345,11 @@ xmlSecNssPKIKeyDataGetKeyType(xmlSecKeyDataPtr data) {
 
     ctx = xmlSecNssPKIKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, nullKey);
-    
+
     if (ctx->pubkey != NULL) {
-	kt = SECKEY_GetPublicKeyType(ctx->pubkey);
+        kt = SECKEY_GetPublicKeyType(ctx->pubkey);
     } else {
-	kt = SECKEY_GetPrivateKeyType(ctx->privkey);
+        kt = SECKEY_GetPrivateKeyType(ctx->privkey);
     }
     return(kt);
 }
@@ -381,17 +381,17 @@ xmlSecNssPKIKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 
     if (xmlSecNSSPKIKeyDataCtxDup(ctxDst, ctxSrc) != 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-		"xmlSecNssPKIKeydataCtxDup",
-		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                "xmlSecNssPKIKeydataCtxDup",
+                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
-    } 
+    }
 
     return(0);
 }
 
-#ifndef XMLSEC_NO_DSA    
+#ifndef XMLSEC_NO_DSA
 /**************************************************************************
  *
  * <dsig:DSAKeyValue> processing
@@ -399,57 +399,57 @@ xmlSecNssPKIKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
  *
  * The DSAKeyValue Element (http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue)
  *
- * DSA keys and the DSA signature algorithm are specified in [DSS]. 
+ * DSA keys and the DSA signature algorithm are specified in [DSS].
  * DSA public key values can have the following fields:
- *      
- *   * P - a prime modulus meeting the [DSS] requirements 
- *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime 
- *         divisor of P-1 
- *   * G - an integer with certain properties with respect to P and Q 
- *   * Y - G**X mod P (where X is part of the private key and not made 
- *	   public) 
- *   * J - (P - 1) / Q 
- *   * seed - a DSA prime generation seed 
+ *
+ *   * P - a prime modulus meeting the [DSS] requirements
+ *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime
+ *         divisor of P-1
+ *   * G - an integer with certain properties with respect to P and Q
+ *   * Y - G**X mod P (where X is part of the private key and not made
+ *         public)
+ *   * J - (P - 1) / Q
+ *   * seed - a DSA prime generation seed
  *   * pgenCounter - a DSA prime generation counter
  *
- * Parameter J is available for inclusion solely for efficiency as it is 
- * calculatable from P and Q. Parameters seed and pgenCounter are used in the 
- * DSA prime number generation algorithm specified in [DSS]. As such, they are 
- * optional but must either both be present or both be absent. This prime 
- * generation algorithm is designed to provide assurance that a weak prime is 
- * not being used and it yields a P and Q value. Parameters P, Q, and G can be 
- * public and common to a group of users. They might be known from application 
- * context. As such, they are optional but P and Q must either both appear or 
- * both be absent. If all of P, Q, seed, and pgenCounter are present, 
- * implementations are not required to check if they are consistent and are 
- * free to use either P and Q or seed and pgenCounter. All parameters are 
+ * Parameter J is available for inclusion solely for efficiency as it is
+ * calculatable from P and Q. Parameters seed and pgenCounter are used in the
+ * DSA prime number generation algorithm specified in [DSS]. As such, they are
+ * optional but must either both be present or both be absent. This prime
+ * generation algorithm is designed to provide assurance that a weak prime is
+ * not being used and it yields a P and Q value. Parameters P, Q, and G can be
+ * public and common to a group of users. They might be known from application
+ * context. As such, they are optional but P and Q must either both appear or
+ * both be absent. If all of P, Q, seed, and pgenCounter are present,
+ * implementations are not required to check if they are consistent and are
+ * free to use either P and Q or seed and pgenCounter. All parameters are
  * encoded as base64 [MIME] values.
- *     
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ *
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
- *     
+ *
  * Schema Definition:
- *     
- * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> 
- * <complexType name="DSAKeyValueType"> 
+ *
+ * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+ * <complexType name="DSAKeyValueType">
  *   <sequence>
  *     <sequence minOccurs="0">
- *        <element name="P" type="ds:CryptoBinary"/> 
+ *        <element name="P" type="ds:CryptoBinary"/>
  *        <element name="Q" type="ds:CryptoBinary"/>
  *     </sequence>
- *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/> 
- *     <element name="Y" type="ds:CryptoBinary"/> 
+ *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+ *     <element name="Y" type="ds:CryptoBinary"/>
  *     <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
  *     <sequence minOccurs="0">
- *       <element name="Seed" type="ds:CryptoBinary"/> 
- *       <element name="PgenCounter" type="ds:CryptoBinary"/> 
+ *       <element name="Seed" type="ds:CryptoBinary"/>
+ *       <element name="PgenCounter" type="ds:CryptoBinary"/>
  *     </sequence>
  *   </sequence>
  * </complexType>
- *     
+ *
  * DTD Definition:
- *     
- *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) > 
+ *
+ *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
  *  <!ELEMENT P (#PCDATA) >
  *  <!ELEMENT Q (#PCDATA) >
  *  <!ELEMENT G (#PCDATA) >
@@ -459,34 +459,34 @@ xmlSecNssPKIKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
  *  <!ELEMENT PgenCounter (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  * To support reading/writing private keys an X element added (before Y).
  * todo: The current implementation does not support Seed and PgenCounter!
  * by this the P, Q and G are *required*!
  *
  *************************************************************************/
-static int		xmlSecNssKeyDataDsaInitialize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataDsaDuplicate	(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void		xmlSecNssKeyDataDsaFinalize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataDsaXmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataDsaXmlWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataDsaGenerate	(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecNssKeyDataDsaGetType	(xmlSecKeyDataPtr data);
-static xmlSecSize	 xmlSecNssKeyDataDsaGetSize	(xmlSecKeyDataPtr data);
-static void		 xmlSecNssKeyDataDsaDebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void		xmlSecNssKeyDataDsaDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
+static int              xmlSecNssKeyDataDsaInitialize   (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataDsaDuplicate    (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecNssKeyDataDsaFinalize     (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataDsaXmlRead      (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataDsaXmlWrite     (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataDsaGenerate     (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecNssKeyDataDsaGetType     (xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecNssKeyDataDsaGetSize     (xmlSecKeyDataPtr data);
+static void              xmlSecNssKeyDataDsaDebugDump   (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecNssKeyDataDsaDebugXmlDump (xmlSecKeyDataPtr data,
+                                                         FILE* output);
 
 static xmlSecKeyDataKlass xmlSecNssKeyDataDsaKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -494,46 +494,46 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataDsaKlass = {
 
     /* data */
     xmlSecNameDSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-					/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDSAKeyValue,		/* const xmlChar* href; */
-    xmlSecNodeDSAKeyValue,		/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,			/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDSAKeyValue,              /* const xmlChar* href; */
+    xmlSecNodeDSAKeyValue,              /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssKeyDataDsaInitialize,	/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssKeyDataDsaDuplicate,	/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssKeyDataDsaFinalize,	/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecNssKeyDataDsaGenerate,	/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecNssKeyDataDsaInitialize,      /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssKeyDataDsaDuplicate,       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssKeyDataDsaFinalize,        /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecNssKeyDataDsaGenerate,        /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecNssKeyDataDsaGetType, 	/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecNssKeyDataDsaGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,				/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecNssKeyDataDsaGetType,         /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecNssKeyDataDsaGetSize,         /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssKeyDataDsaXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssKeyDataDsaXmlWrite,	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,				/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,				/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssKeyDataDsaXmlRead,         /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssKeyDataDsaXmlWrite,        /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssKeyDataDsaDebugDump,	/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssKeyDataDsaDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssKeyDataDsaDebugDump,       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssKeyDataDsaDebugXmlDump,    /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
 /**
  * xmlSecNssKeyDataDsaGetKlass:
- * 
+ *
  * The DSA key data klass.
  *
  * Returns: pointer to DSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataDsaGetKlass(void) {
     return(&xmlSecNssKeyDataDsaKlass);
 }
@@ -557,13 +557,13 @@ xmlSecNssKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 static void
 xmlSecNssKeyDataDsaFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId));
-    
+
     xmlSecNssPKIKeyDataFinalize(data);
 }
 
 static int
 xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			   xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                           xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data = NULL;
     xmlNodePtr cur;
     int ret;
@@ -579,48 +579,48 @@ xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        ret = -1;
+        goto done;
     }
 
     slot = PK11_GetBestSlot(CKM_DSA, NULL);
     if(slot == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "PK11_GetBestSlot",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "PK11_GetBestSlot",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        ret = -1;
+        goto done;
     }
 
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
     if(arena == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "PORT_NewArena",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "PORT_NewArena",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        ret = -1;
+        goto done;
     }
 
-    pubkey = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena, 
-						 sizeof(SECKEYPublicKey));
+    pubkey = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena,
+                                                 sizeof(SECKEYPublicKey));
     if(pubkey == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "PORT_ArenaZAlloc",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	PORT_FreeArena(arena, PR_FALSE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "PORT_ArenaZAlloc",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        PORT_FreeArena(arena, PR_FALSE);
+        ret = -1;
+        goto done;
     }
     pubkey->arena = arena;
     pubkey->u.dsa.params.arena = arena;
@@ -630,159 +630,159 @@ xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeDSAP, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.prime)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.subPrime)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.params.base)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * NSS does not support it, we just ignore it */
+         * NSS does not support it, we just ignore it */
 
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* next is Y node. */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.dsa.publicValue)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
-    
+
     /* todo: add support for J */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* todo: add support for seed */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* todo: add support for pgencounter */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        ret = -1;
+        goto done;
     }
 
     handle = PK11_ImportPublicKey(slot, pubkey, PR_FALSE);
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        ret = -1;
+        goto done;
     }
 
     ret = xmlSecNssPKIKeyDataAdoptKey(data, NULL, pubkey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssPKIKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssPKIKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
-    pubkey = NULL; 
+    pubkey = NULL;
 
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
     data = NULL;
 
@@ -790,26 +790,26 @@ xmlSecNssKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
 done:
     if (slot != NULL) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
     if (ret != 0) {
-	if (pubkey != NULL) {
-	    SECKEY_DestroyPublicKey(pubkey);
-	}
-	if (data != NULL) {
-	    xmlSecKeyDataDestroy(data);
-	}
+        if (pubkey != NULL) {
+            SECKEY_DestroyPublicKey(pubkey);
+        }
+        if (data != NULL) {
+            xmlSecKeyDataDestroy(data);
+        }
     }
     return(ret);
 }
 
-static int 
+static int
 xmlSecNssKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecNssKeyDataDsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataDsaId), -1);
@@ -821,74 +821,74 @@ xmlSecNssKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
 
     if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only private key or public key */
-	return(0);
-    }    
-    
+        /* we can have only private key or public key */
+        return(0);
+    }
+
     /* first is P node */
     cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.prime), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        return(-1);
+    }
 
     /* next is Q node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.subPrime), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        return(-1);
     }
 
     /* next is G node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.params.base), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        return(-1);
     }
 
     /* next is X node: not supported in NSS */
@@ -896,23 +896,23 @@ xmlSecNssKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
     /* next is Y node. */
     cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.dsa.publicValue), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        return(-1);
     }
 
     return(0);
@@ -929,76 +929,76 @@ xmlSecNssKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKe
     SECKEYPublicKey  *pubkey = NULL;
     int               ret = -1;
     int               j;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), -1);
     xmlSecAssert2(sizeBits > 0, -1);
 
     j = PQG_PBITS_TO_INDEX(sizeBits);
     rv = PK11_PQG_ParamGen(j, &pqgParams, &pqgVerify);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "PK11_PQG_ParamGen",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", sizeBits);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "PK11_PQG_ParamGen",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", sizeBits);
+        goto done;
     }
 
     rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &res);
     if (rv != SECSuccess || res != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "PK11_PQG_VerifyParams",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", sizeBits);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "PK11_PQG_VerifyParams",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", sizeBits);
+        goto done;
     }
 
     slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL);
     PK11_Authenticate(slot, PR_TRUE, NULL /* default pwd callback */);
     privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, pqgParams,
-				   &pubkey, PR_FALSE, PR_TRUE, NULL);
+                                   &pubkey, PR_FALSE, PR_TRUE, NULL);
 
     if((privkey == NULL) || (pubkey == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "PK11_GenerateKeyPair",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-        
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "PK11_GenerateKeyPair",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+
+        goto done;
     }
 
     ret = xmlSecNssPKIKeyDataAdoptKey(data, privkey, pubkey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssPKIKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssPKIKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = 0;
 
 done:
     if (slot != NULL) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
     if (pqgParams != NULL) {
-	PK11_PQG_DestroyParams(pqgParams);
+        PK11_PQG_DestroyParams(pqgParams);
     }
     if (pqgVerify != NULL) {
-	PK11_PQG_DestroyVerify(pqgVerify);
+        PK11_PQG_DestroyVerify(pqgVerify);
     }
     if (ret == 0) {
-	return (0);
+        return (0);
     }
     if (pubkey != NULL) {
-	SECKEY_DestroyPublicKey(pubkey);
+        SECKEY_DestroyPublicKey(pubkey);
     }
     if (privkey != NULL) {
-	SECKEY_DestroyPrivateKey(privkey);
+        SECKEY_DestroyPrivateKey(privkey);
     }
     return(-1);
 }
@@ -1006,21 +1006,21 @@ done:
 static xmlSecKeyDataType
 xmlSecNssKeyDataDsaGetType(xmlSecKeyDataPtr data) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId), xmlSecKeyDataTypeUnknown);
     ctx = xmlSecNssPKIKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(SECKEY_GetPublicKeyType(ctx->pubkey) == dsaKey, -1);
     if (ctx->privkey != NULL) {
-	return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
     } else {
-	return(xmlSecKeyDataTypePublic);
+        return(xmlSecKeyDataTypePublic);
     }
-       
+
     return(xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecNssKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
 
@@ -1032,22 +1032,22 @@ xmlSecNssKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
     return(8 * SECKEY_PublicKeyStrength(ctx->pubkey));
 }
 
-static void 
+static void
 xmlSecNssKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== dsa key: size = %d\n", 
-	    xmlSecNssKeyDataDsaGetSize(data));
+
+    fprintf(output, "=== dsa key: size = %d\n",
+            xmlSecNssKeyDataDsaGetSize(data));
 }
 
 static void
 xmlSecNssKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<DSAKeyValue size=\"%d\" />\n", 
-	    xmlSecNssKeyDataDsaGetSize(data));
+
+    fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
+            xmlSecNssKeyDataDsaGetSize(data));
 }
 
 #endif /* XMLSEC_NO_DSA */
@@ -1065,59 +1065,59 @@ xmlSecNssKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
  * <RSAKeyValue>
  *   <Modulus>xA7SEU+e0yQH5rm9kbCDN9o3aPIo7HbP7tX6WOocLZAtNfyxSZDU16ksL6W
  *     jubafOqNEpcwR3RdFsT7bCqnXPBe5ELh5u4VEy19MzxkXRgrMvavzyBpVRgBUwUlV
- *   	  5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
+ *        5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
  *   </Modulus>
  *   <Exponent>AQAB</Exponent>
  * </RSAKeyValue>
  *
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
  *
  * Schema Definition:
- * 
+ *
  * <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
  * <complexType name="RSAKeyValueType">
  *   <sequence>
- *     <element name="Modulus" type="ds:CryptoBinary"/> 
+ *     <element name="Modulus" type="ds:CryptoBinary"/>
  *     <element name="Exponent" type="ds:CryptoBinary"/>
  *   </sequence>
  * </complexType>
  *
  * DTD Definition:
- * 
- * <!ELEMENT RSAKeyValue (Modulus, Exponent) > 
+ *
+ * <!ELEMENT RSAKeyValue (Modulus, Exponent) >
  * <!ELEMENT Modulus (#PCDATA) >
  * <!ELEMENT Exponent (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  * To support reading/writing private keys an PrivateExponent element is added
  * to the end
  *
  *************************************************************************/
 
-static int		xmlSecNssKeyDataRsaInitialize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataRsaDuplicate	(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void		xmlSecNssKeyDataRsaFinalize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataRsaXmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataRsaXmlWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataRsaGenerate	(xmlSecKeyDataPtr data,
-						    	 xmlSecSize sizeBits,
-							xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecNssKeyDataRsaGetType	(xmlSecKeyDataPtr data);
-static xmlSecSize	 xmlSecNssKeyDataRsaGetSize	(xmlSecKeyDataPtr data);
-static void		xmlSecNssKeyDataRsaDebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void		xmlSecNssKeyDataRsaDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
+static int              xmlSecNssKeyDataRsaInitialize   (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataRsaDuplicate    (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecNssKeyDataRsaFinalize     (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataRsaXmlRead      (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataRsaXmlWrite     (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataRsaGenerate     (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                        xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecNssKeyDataRsaGetType     (xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecNssKeyDataRsaGetSize     (xmlSecKeyDataPtr data);
+static void             xmlSecNssKeyDataRsaDebugDump    (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecNssKeyDataRsaDebugXmlDump (xmlSecKeyDataPtr data,
+                                                         FILE* output);
 
 static xmlSecKeyDataKlass xmlSecNssKeyDataRsaKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -1125,46 +1125,46 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataRsaKlass = {
 
     /* data */
     xmlSecNameRSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-					/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRSAKeyValue,		/* const xmlChar* href; */
-    xmlSecNodeRSAKeyValue,		/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,			/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRSAKeyValue,              /* const xmlChar* href; */
+    xmlSecNodeRSAKeyValue,              /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssKeyDataRsaInitialize,	/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssKeyDataRsaDuplicate,	/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssKeyDataRsaFinalize,	/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecNssKeyDataRsaGenerate,	/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecNssKeyDataRsaInitialize,      /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssKeyDataRsaDuplicate,       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssKeyDataRsaFinalize,        /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecNssKeyDataRsaGenerate,        /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecNssKeyDataRsaGetType, 	/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecNssKeyDataRsaGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,				/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecNssKeyDataRsaGetType,         /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecNssKeyDataRsaGetSize,         /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssKeyDataRsaXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssKeyDataRsaXmlWrite,	/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,				/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,				/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssKeyDataRsaXmlRead,         /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssKeyDataRsaXmlWrite,        /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssKeyDataRsaDebugDump,	/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssKeyDataRsaDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssKeyDataRsaDebugDump,       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssKeyDataRsaDebugXmlDump,    /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,				/* void* reserved0; */
-    NULL,				/* void* reserved1; */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssKeyDataRsaGetKlass:
  *
  * The RSA key data klass.
  *
  * Returns: pointer to RSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataRsaGetKlass(void) {
     return(&xmlSecNssKeyDataRsaKlass);
 }
@@ -1193,7 +1193,7 @@ xmlSecNssKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
 
 static int
 xmlSecNssKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			   xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                           xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data = NULL;
     xmlNodePtr cur;
     int ret;
@@ -1207,13 +1207,13 @@ xmlSecNssKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,		    
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    "key already has a value");
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    "key already has a value");
+        ret = -1;
+        goto done;
     }
 
     slot = PK11_GetBestSlot(CKM_RSA_PKCS, NULL);
@@ -1246,7 +1246,7 @@ xmlSecNssKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
                     "PORT_ArenaZAlloc",
                     XMLSEC_ERRORS_R_CRYPTO_FAILED,
                     "error code=%d", PORT_GetError());
-	PORT_FreeArena(arena, PR_FALSE);
+        PORT_FreeArena(arena, PR_FALSE);
         ret = -1;
         goto done;
     }
@@ -1254,101 +1254,101 @@ xmlSecNssKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     pubkey->keyType = rsaKey;
 
     cur = xmlSecGetNextElementNode(node->children);
-    
+
     /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeRSAModulus, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.rsa.modulus)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        ret = -1;
+        goto done;
     }
     if(xmlSecNssNodeGetBigNumValue(arena, cur, &(pubkey->u.rsa.publicExponent)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeGetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeGetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        ret = -1;
+        goto done;
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * NSS does not support it. We just ignore it */ 
-	cur = xmlSecGetNextElementNode(cur->next);
+         * NSS does not support it. We just ignore it */
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "no nodes expected");
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        ret = -1;
+        goto done;
     }
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	ret = -1;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        ret = -1;
+        goto done;
     }
 
     ret = xmlSecNssPKIKeyDataAdoptKey(data, NULL, pubkey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssPKIKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssPKIKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        goto done;
     }
     pubkey = NULL;
-     
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        goto done;
     }
     data = NULL;
 
@@ -1359,23 +1359,23 @@ done:
         PK11_FreeSlot(slot);
     }
     if (ret != 0) {
-	if (pubkey != 0) {
+        if (pubkey != 0) {
             SECKEY_DestroyPublicKey(pubkey);
-	}
-	if (data != 0) {
+        }
+        if (data != 0) {
             xmlSecKeyDataDestroy(data);
-	}
+        }
     }
     return(ret);
 }
 
-static int 
+static int
 xmlSecNssKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                            xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecNssKeyDataRsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecNssKeyDataRsaId), -1);
@@ -1388,52 +1388,52 @@ xmlSecNssKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
 
     if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only private key or public key */
-	return(0);
-    }    
+        /* we can have only private key or public key */
+        return(0);
+    }
 
     /* first is Modulus node */
     cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.rsa.modulus), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        return(-1);
+    }
 
     /* next is Exponent node. */
     cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        return(-1);
     }
     ret = xmlSecNssNodeSetBigNumValue(cur, &(ctx->pubkey->u.rsa.publicExponent), 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssNodeSetBigNumValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssNodeSetBigNumValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        return(-1);
     }
 
     /* next is PrivateExponent node: not supported in NSS */
@@ -1458,43 +1458,43 @@ xmlSecNssKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKe
     slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN, NULL);
     PK11_Authenticate(slot, PR_TRUE, NULL /* default pwd callback */);
     privkey = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &params,
-				   &pubkey, PR_FALSE, PR_TRUE, NULL);
+                                   &pubkey, PR_FALSE, PR_TRUE, NULL);
 
     if(privkey == NULL || pubkey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "PK11_GenerateKeyPair",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-        
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "PK11_GenerateKeyPair",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+
+        goto done;
     }
 
     ret = xmlSecNssPKIKeyDataAdoptKey(data, privkey, pubkey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssPKIKeyDataAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssPKIKeyDataAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = 0;
 
 done:
     if (slot != NULL) {
-	PK11_FreeSlot(slot);
+        PK11_FreeSlot(slot);
     }
     if (ret == 0) {
-	return (0);
+        return (0);
     }
 
     if (pubkey != NULL) {
-	SECKEY_DestroyPublicKey(pubkey);
+        SECKEY_DestroyPublicKey(pubkey);
     }
     if (privkey != NULL) {
-	SECKEY_DestroyPrivateKey(privkey);
+        SECKEY_DestroyPrivateKey(privkey);
     }
     return(-1);
 }
@@ -1502,22 +1502,22 @@ done:
 static xmlSecKeyDataType
 xmlSecNssKeyDataRsaGetType(xmlSecKeyDataPtr data) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId), xmlSecKeyDataTypeUnknown);
-    
+
     ctx = xmlSecNssPKIKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->pubkey == NULL || SECKEY_GetPublicKeyType(ctx->pubkey) == rsaKey, -1);
     if (ctx->privkey != NULL) {
-	return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
     } else {
-	return(xmlSecKeyDataTypePublic);
+        return(xmlSecKeyDataTypePublic);
     }
-       
+
     return(xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecNssKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
     xmlSecNssPKIKeyDataCtxPtr ctx;
 
@@ -1530,24 +1530,24 @@ xmlSecNssKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
     return(8 * SECKEY_PublicKeyStrength(ctx->pubkey));
 }
 
-static void 
+static void
 xmlSecNssKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== rsa key: size = %d\n", 
-	    xmlSecNssKeyDataRsaGetSize(data));
+
+    fprintf(output, "=== rsa key: size = %d\n",
+            xmlSecNssKeyDataRsaGetSize(data));
 }
 
 static void
 xmlSecNssKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataRsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<RSAKeyValue size=\"%d\" />\n", 
-	    xmlSecNssKeyDataRsaGetSize(data));
+
+    fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
+            xmlSecNssKeyDataRsaGetSize(data));
 }
-    
+
 #endif /* XMLSEC_NO_RSA */
 
 
diff --git a/src/nss/signatures.c b/src/nss/signatures.c
index 3c9639c3..4f54170e 100644
--- a/src/nss/signatures.c
+++ b/src/nss/signatures.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -29,24 +29,24 @@
  * Internal NSS signatures ctx
  *
  *****************************************************************************/
-typedef struct _xmlSecNssSignatureCtx	xmlSecNssSignatureCtx, 
-					*xmlSecNssSignatureCtxPtr;
+typedef struct _xmlSecNssSignatureCtx   xmlSecNssSignatureCtx,
+                                        *xmlSecNssSignatureCtxPtr;
 struct _xmlSecNssSignatureCtx {
-    xmlSecKeyDataId	keyId;
+    xmlSecKeyDataId     keyId;
     SECOidTag           alg;
 
     union {
         struct {
-	    SGNContext         *sigctx;
-	    SECKEYPrivateKey   *privkey;
+            SGNContext         *sigctx;
+            SECKEYPrivateKey   *privkey;
         } sig;
 
         struct {
-	    VFYContext         *vfyctx;
-	    SECKEYPublicKey    *pubkey;
+            VFYContext         *vfyctx;
+            SECKEYPublicKey    *pubkey;
         } vfy;
     } u;
-};	    
+};
 
 /******************************************************************************
  *
@@ -55,88 +55,143 @@ struct _xmlSecNssSignatureCtx {
  * xmlSecNssSignatureCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecNssSignatureSize	\
+#define xmlSecNssSignatureSize  \
     (sizeof(xmlSecTransform) + sizeof(xmlSecNssSignatureCtx))
 #define xmlSecNssSignatureGetCtx(transform) \
     ((xmlSecNssSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecNssSignatureCheckId		(xmlSecTransformPtr transform);
-static int	xmlSecNssSignatureInitialize		(xmlSecTransformPtr transform);
-static void	xmlSecNssSignatureFinalize		(xmlSecTransformPtr transform);
-static int  	xmlSecNssSignatureSetKeyReq		(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int	xmlSecNssSignatureSetKey			(xmlSecTransformPtr transform,
-								 xmlSecKeyPtr key);
-static int  	xmlSecNssSignatureVerify			(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecNssSignatureExecute		(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssSignatureCheckId               (xmlSecTransformPtr transform);
+static int      xmlSecNssSignatureInitialize            (xmlSecTransformPtr transform);
+static void     xmlSecNssSignatureFinalize              (xmlSecTransformPtr transform);
+static int      xmlSecNssSignatureSetKeyReq             (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecNssSignatureSetKey                        (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecNssSignatureVerify                        (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecNssSignatureExecute               (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static int
 xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) {
 #ifndef XMLSEC_NO_DSA
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformDsaSha1Id)) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_MD5 */
+
+#ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
-	return(1);
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) {
+        return(1);
     }
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) {
+        return(1);
+    }
+#endif /* XMLSEC_NO_SHA512 */
+
 #endif /* XMLSEC_NO_RSA */
 
     return(0);
 }
 
-static int 
+static int
 xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) {
     xmlSecNssSignatureCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1);
     ctx = xmlSecNssSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    memset(ctx, 0, sizeof(xmlSecNssSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecNssSignatureCtx));
 
 #ifndef XMLSEC_NO_DSA
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformDsaSha1Id)) {
-	ctx->keyId	= xmlSecNssKeyDataDsaId;
-
-	/* This creates a signature which is ASN1 encoded */
-	/*ctx->alg	= SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;*/
-
-	/* Fortezza uses the same DSA signature format as XML does. 
-	 * DSA and FORTEZZA keys are treated as equivalent keys for doing 
-	 * DSA signatures (which is how they are supposed to be treated).
-	 */
-	ctx->alg	= SEC_OID_MISSI_DSS;
-    } else 
+        ctx->keyId      = xmlSecNssKeyDataDsaId;
+        /* This creates a signature which is ASN1 encoded */
+        ctx->alg        = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
+    } else
 #endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaMd5Id)) {
+        ctx->keyId      = xmlSecNssKeyDataRsaId;
+        ctx->alg        = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
+    } else
+#endif /* XMLSEC_NO_MD5 */
+
+
+#ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) {
-	ctx->keyId	= xmlSecNssKeyDataRsaId;
-	ctx->alg	= SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
-    } else 
+        ctx->keyId      = xmlSecNssKeyDataRsaId;
+        ctx->alg        = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) {
+        ctx->keyId      = xmlSecNssKeyDataRsaId;
+        ctx->alg        = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha384Id)) {
+        ctx->keyId      = xmlSecNssKeyDataRsaId;
+        ctx->alg        = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha512Id)) {
+        ctx->keyId      = xmlSecNssKeyDataRsaId;
+        ctx->alg        = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
 #endif /* XMLSEC_NO_RSA */
-        if(1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-		        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		        NULL,
-		        XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-        }
+
+    if(1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     return(0);
 }
 
-static void 
+static void
 xmlSecNssSignatureFinalize(xmlSecTransformPtr transform) {
     xmlSecNssSignatureCtxPtr ctx;
 
@@ -146,23 +201,23 @@ xmlSecNssSignatureFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecNssSignatureGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if (transform->operation == xmlSecTransformOperationSign) {
-	SGN_DestroyContext(ctx->u.sig.sigctx, PR_TRUE);
-	if (ctx->u.sig.privkey) {
-	    SECKEY_DestroyPrivateKey(ctx->u.sig.privkey);
-	}
+        SGN_DestroyContext(ctx->u.sig.sigctx, PR_TRUE);
+        if (ctx->u.sig.privkey) {
+            SECKEY_DestroyPrivateKey(ctx->u.sig.privkey);
+        }
     } else {
-	VFY_DestroyContext(ctx->u.vfy.vfyctx, PR_TRUE);
-	if (ctx->u.vfy.pubkey) {
-	    SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey);
-	}
+        VFY_DestroyContext(ctx->u.vfy.vfyctx, PR_TRUE);
+        if (ctx->u.vfy.pubkey) {
+            SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey);
+        }
     }
 
-    memset(ctx, 0, sizeof(xmlSecNssSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecNssSignatureCtx));
 }
 
-static int 
+static int
 xmlSecNssSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecNssSignatureCtxPtr ctx;
     xmlSecKeyDataPtr value;
@@ -179,58 +234,58 @@ xmlSecNssSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
 
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(value != NULL, -1);
-    
+
     if (transform->operation == xmlSecTransformOperationSign) {
-	if (ctx->u.sig.privkey)
-	    SECKEY_DestroyPrivateKey(ctx->u.sig.privkey);
-	ctx->u.sig.privkey = xmlSecNssPKIKeyDataGetPrivKey(value);
-	if(ctx->u.sig.privkey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecNssPKIKeyDataGetPrivKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	ctx->u.sig.sigctx = SGN_NewContext(ctx->alg, ctx->u.sig.privkey);
+        if (ctx->u.sig.privkey)
+            SECKEY_DestroyPrivateKey(ctx->u.sig.privkey);
+        ctx->u.sig.privkey = xmlSecNssPKIKeyDataGetPrivKey(value);
+        if(ctx->u.sig.privkey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecNssPKIKeyDataGetPrivKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ctx->u.sig.sigctx = SGN_NewContext(ctx->alg, ctx->u.sig.privkey);
         if (ctx->u.sig.sigctx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"SGN_NewContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "SGN_NewContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
         }
     } else {
-	if (ctx->u.vfy.pubkey)
-	    SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey);
-	ctx->u.vfy.pubkey = xmlSecNssPKIKeyDataGetPubKey(value);
-	if(ctx->u.vfy.pubkey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecNssPKIKeyDataGetPubKey",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	ctx->u.vfy.vfyctx = VFY_CreateContext(ctx->u.vfy.pubkey, NULL,
-					      ctx->alg, NULL);
-	if (ctx->u.vfy.vfyctx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"VFY_CreateContext",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
+        if (ctx->u.vfy.pubkey)
+            SECKEY_DestroyPublicKey(ctx->u.vfy.pubkey);
+        ctx->u.vfy.pubkey = xmlSecNssPKIKeyDataGetPubKey(value);
+        if(ctx->u.vfy.pubkey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecNssPKIKeyDataGetPubKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ctx->u.vfy.vfyctx = VFY_CreateContext(ctx->u.vfy.pubkey, NULL,
+                                              ctx->alg, NULL);
+        if (ctx->u.vfy.vfyctx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "VFY_CreateContext",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
         }
     }
-    
+
     return(0);
 }
 
-static int  
+static int
 xmlSecNssSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecNssSignatureCtxPtr ctx;
 
@@ -246,23 +301,23 @@ xmlSecNssSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyRe
     keyReq->keyId        = ctx->keyId;
     if(transform->operation == xmlSecTransformOperationSign) {
         keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageSign;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
     } else {
         keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
     }
     return(0);
 }
 
 
 static int
-xmlSecNssSignatureVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
+xmlSecNssSignatureVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssSignatureCtxPtr ctx;
     SECStatus status;
     SECItem   signature;
-    
+
     xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1);
@@ -275,31 +330,52 @@ xmlSecNssSignatureVerify(xmlSecTransformPtr transform,
 
     signature.data = (unsigned char *)data;
     signature.len = dataSize;
-    status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signature);
+
+    if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) {
+        /* This creates a signature which is ASN1 encoded */
+        SECItem   signatureDer;
+        SECStatus statusDer;
+
+        statusDer = DSAU_EncodeDerSig(&signatureDer, &signature);
+        if(statusDer != SECSuccess) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "DSAU_EncodeDerSig",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", 
+                    PORT_GetError());
+            return(-1);
+        }
+        status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signatureDer);
+        SECITEM_FreeItem(&signatureDer, PR_FALSE);
+    } else {
+        status = VFY_EndWithSignature(ctx->u.vfy.vfyctx, &signature);
+    }
 
     if (status != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "VFY_Update, VFY_End",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-
-	if (PORT_GetError() == SEC_ERROR_PKCS7_BAD_SIGNATURE) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"VFY_End",
-			XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-			"signature does not verify");
-	    transform->status = xmlSecTransformStatusFail;
-	}
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "VFY_EndWithSignature",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", 
+                    PORT_GetError());
+
+        if (PORT_GetError() == SEC_ERROR_PKCS7_BAD_SIGNATURE) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "VFY_EndWithSignature",
+                        XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                        "signature does not verify");
+            transform->status = xmlSecTransformStatusFail;
+        }
+        return(-1);
     }
 
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecNssSignatureCtxPtr ctx;
     xmlSecBufferPtr in, out;
@@ -307,7 +383,7 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor
     SECStatus status;
     SECItem signature;
     int ret;
-    
+
     xmlSecAssert2(xmlSecNssSignatureCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecNssSignatureSize), -1);
@@ -319,136 +395,158 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
-    
+    outSize = xmlSecBufferGetSize(out);
+
     ctx = xmlSecNssSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     if(transform->operation == xmlSecTransformOperationSign) {
-	xmlSecAssert2(ctx->u.sig.sigctx != NULL, -1);
-	xmlSecAssert2(ctx->u.sig.privkey != NULL, -1);
+        xmlSecAssert2(ctx->u.sig.sigctx != NULL, -1);
+        xmlSecAssert2(ctx->u.sig.privkey != NULL, -1);
     } else {
-	xmlSecAssert2(ctx->u.vfy.vfyctx != NULL, -1);
-	xmlSecAssert2(ctx->u.vfy.pubkey != NULL, -1);
+        xmlSecAssert2(ctx->u.vfy.vfyctx != NULL, -1);
+        xmlSecAssert2(ctx->u.vfy.pubkey != NULL, -1);
     }
 
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlSecAssert2(outSize == 0, -1);
-	
-	if(transform->operation == xmlSecTransformOperationSign) {
-	    status = SGN_Begin(ctx->u.sig.sigctx);
-	    if(status != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "SGN_Begin",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	} else {
-	    status = VFY_Begin(ctx->u.vfy.vfyctx);
-	    if(status != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "VFY_Begin",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	}
-	transform->status = xmlSecTransformStatusWorking;
+        xmlSecAssert2(outSize == 0, -1);
+
+        if(transform->operation == xmlSecTransformOperationSign) {
+            status = SGN_Begin(ctx->u.sig.sigctx);
+            if(status != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "SGN_Begin",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+        } else {
+            status = VFY_Begin(ctx->u.vfy.vfyctx);
+            if(status != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "VFY_Begin",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+        }
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
-	xmlSecAssert2(outSize == 0, -1);
-
-	if(transform->operation == xmlSecTransformOperationSign) {
-	    status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inSize);
-	    if(status != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "SGN_Update",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	} else {
-	    status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inSize);
-	    if(status != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "VFY_Update",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-	}
-	    
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(outSize == 0, -1);
+
+        if(transform->operation == xmlSecTransformOperationSign) {
+            status = SGN_Update(ctx->u.sig.sigctx, xmlSecBufferGetData(in), inSize);
+            if(status != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "SGN_Update",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+        } else {
+            status = VFY_Update(ctx->u.vfy.vfyctx, xmlSecBufferGetData(in), inSize);
+            if(status != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "VFY_Update",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	xmlSecAssert2(outSize == 0, -1);
-	if(transform->operation == xmlSecTransformOperationSign) {
-	    memset(&signature, 0, sizeof(signature));
-	    status = SGN_End(ctx->u.sig.sigctx, &signature);
-	    if(status != SECSuccess) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "SGN_End",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "error code=%d", PORT_GetError());
-		return(-1);
-	    }
-
-	    outSize = signature.len;
-	    ret = xmlSecBufferSetMaxSize(out, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetMaxSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		PR_Free(signature.data);
-		return(-1);
-	    }
-	
-	    memcpy(xmlSecBufferGetData(out), signature.data, signature.len);
-
-	    ret = xmlSecBufferSetSize(out, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		PR_Free(signature.data);
-		return(-1);
-	    }
-	    PR_Free(signature.data);
-	}
-	transform->status = xmlSecTransformStatusFinished;
+        xmlSecAssert2(outSize == 0, -1);
+        if(transform->operation == xmlSecTransformOperationSign) {
+            memset(&signature, 0, sizeof(signature));
+            status = SGN_End(ctx->u.sig.sigctx, &signature);
+            if(status != SECSuccess) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "SGN_End",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "error code=%d", PORT_GetError());
+                return(-1);
+            }
+
+            if(ctx->alg == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) {
+                /* This creates a signature which is ASN1 encoded */
+                SECItem * signatureClr;
+
+                signatureClr = DSAU_DecodeDerSig(&signature);
+                if(signatureClr == NULL) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "DSAU_EncodeDerSig",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", 
+                        PORT_GetError());
+                    SECITEM_FreeItem(&signature, PR_FALSE);
+                    return(-1);
+                }
+
+                ret = xmlSecBufferSetData(out, signatureClr->data, signatureClr->len);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetData",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d",
+                            signatureClr->len);
+                    SECITEM_FreeItem(&signature, PR_FALSE);
+                    return(-1);
+                }
+
+                SECITEM_FreeItem(signatureClr, PR_TRUE);
+            } else {
+                /* This signature is used as-is */
+                ret = xmlSecBufferSetData(out, signature.data, signature.len);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetData",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d",
+                            signature.len);
+                    SECITEM_FreeItem(&signature, PR_FALSE);
+                    return(-1);
+                }
+            }
+
+            /* cleanup */
+            SECITEM_FreeItem(&signature, PR_FALSE);
+        }
+        transform->status = xmlSecTransformStatusFinished;
     }
-    
+
+
     if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+            /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -461,39 +559,39 @@ xmlSecNssSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor
 
 static xmlSecTransformKlass xmlSecNssDsaSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameDsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefDsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecNssSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecNssSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameDsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefDsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssTransformDsaSha1GetKlass:
- * 
+ *
  * The DSA-SHA1 signature transform klass.
  *
  * Returns: DSA-SHA1 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformDsaSha1GetKlass(void) {
     return(&xmlSecNssDsaSha1Klass);
 }
@@ -501,6 +599,56 @@ xmlSecNssTransformDsaSha1GetKlass(void) {
 #endif /* XMLSEC_NO_DSA */
 
 #ifndef XMLSEC_NO_RSA
+
+#ifndef XMLSEC_NO_MD5
+/****************************************************************************
+ *
+ * RSA-MD5 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaMd5Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameRsaMd5,                           /* const xmlChar* name; */
+    xmlSecHrefRsaMd5,                           /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaMd5GetKlass:
+ *
+ * The RSA-MD5 signature transform klass.
+ *
+ * Returns: RSA-MD5 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaMd5GetKlass(void) {
+    return(&xmlSecNssRsaMd5Klass);
+}
+
+#endif /* XMLSEC_NO_MD5 */
+
+
+#ifndef XMLSEC_NO_SHA1
 /****************************************************************************
  *
  * RSA-SHA1 signature transform
@@ -508,43 +656,186 @@ xmlSecNssTransformDsaSha1GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecNssRsaSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecNssSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecNssSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecNssSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecNssSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecNssSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecNssSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecNssSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefRsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssTransformRsaSha1GetKlass:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  *
  * Returns: RSA-SHA1 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecNssTransformRsaSha1GetKlass(void) {
     return(&xmlSecNssRsaSha1Klass);
 }
 
-#endif /* XMLSEC_NO_DSA */
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * RSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha256,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha256,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha256GetKlass:
+ *
+ * The RSA-SHA256 signature transform klass.
+ *
+ * Returns: RSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha256GetKlass(void) {
+    return(&xmlSecNssRsaSha256Klass);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * RSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha384,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha384,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha384GetKlass:
+ *
+ * The RSA-SHA384 signature transform klass.
+ *
+ * Returns: RSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha384GetKlass(void) {
+    return(&xmlSecNssRsaSha384Klass);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * RSA-SHA512 signature transform
+ *
+ ***************************************************************************/
+static xmlSecTransformKlass xmlSecNssRsaSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecNssSignatureSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha512,                        /* const xmlChar* name; */
+    xmlSecHrefRsaSha512,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecNssSignatureInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecNssSignatureFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecNssSignatureSetKeyReq,                /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecNssSignatureSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecNssSignatureVerify,                   /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecNssSignatureExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecNssTransformRsaSha512GetKlass:
+ *
+ * The RSA-SHA512 signature transform klass.
+ *
+ * Returns: RSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecNssTransformRsaSha512GetKlass(void) {
+    return(&xmlSecNssRsaSha512Klass);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_RSA */
 
 
diff --git a/src/nss/symkeys.c b/src/nss/symkeys.c
index fb23f4fd..3da7a694 100644
--- a/src/nss/symkeys.c
+++ b/src/nss/symkeys.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * DES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -25,43 +25,43 @@
 #include <xmlsec/nss/crypto.h>
 
 /*****************************************************************************
- * 
+ *
  * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
  *
  ****************************************************************************/
-static int	xmlSecNssSymKeyDataInitialize		(xmlSecKeyDataPtr data);
-static int	xmlSecNssSymKeyDataDuplicate		(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void	xmlSecNssSymKeyDataFinalize		(xmlSecKeyDataPtr data);
-static int	xmlSecNssSymKeyDataXmlRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecNssSymKeyDataXmlWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecNssSymKeyDataBinRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 const xmlSecByte* buf,
-							 xmlSecSize bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecNssSymKeyDataBinWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlSecByte** buf,
-							 xmlSecSize* bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecNssSymKeyDataGenerate		(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecNssSymKeyDataGetType	(xmlSecKeyDataPtr data);
-static xmlSecSize	xmlSecNssSymKeyDataGetSize		(xmlSecKeyDataPtr data);
-static void	xmlSecNssSymKeyDataDebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void	xmlSecNssSymKeyDataDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static int	xmlSecNssSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
+static int      xmlSecNssSymKeyDataInitialize           (xmlSecKeyDataPtr data);
+static int      xmlSecNssSymKeyDataDuplicate            (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void     xmlSecNssSymKeyDataFinalize             (xmlSecKeyDataPtr data);
+static int      xmlSecNssSymKeyDataXmlRead              (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecNssSymKeyDataXmlWrite             (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecNssSymKeyDataBinRead              (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         const xmlSecByte* buf,
+                                                         xmlSecSize bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecNssSymKeyDataBinWrite             (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlSecByte** buf,
+                                                         xmlSecSize* bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecNssSymKeyDataGenerate             (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecNssSymKeyDataGetType     (xmlSecKeyDataPtr data);
+static xmlSecSize       xmlSecNssSymKeyDataGetSize              (xmlSecKeyDataPtr data);
+static void     xmlSecNssSymKeyDataDebugDump    (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void     xmlSecNssSymKeyDataDebugXmlDump (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static int      xmlSecNssSymKeyDataKlassCheck   (xmlSecKeyDataKlass* klass);
 
 #define xmlSecNssSymKeyDataCheckId(data) \
     (xmlSecKeyDataIsValid((data)) && \
@@ -70,7 +70,7 @@ static int	xmlSecNssSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
 static int
 xmlSecNssSymKeyDataInitialize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), -1);
-    
+
     return(xmlSecKeyDataBinaryValueInitialize(data));
 }
 
@@ -79,48 +79,48 @@ xmlSecNssSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(xmlSecNssSymKeyDataCheckId(dst), -1);
     xmlSecAssert2(xmlSecNssSymKeyDataCheckId(src), -1);
     xmlSecAssert2(dst->id == src->id, -1);
-        
+
     return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
 }
 
 static void
 xmlSecNssSymKeyDataFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
-    
+
     xmlSecKeyDataBinaryValueFinalize(data);
 }
 
 static int
 xmlSecNssSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			       xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                               xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
 }
 
-static int 
+static int
 xmlSecNssSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
 }
 
 static int
 xmlSecNssSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
 }
 
 static int
 xmlSecNssSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlSecByte** buf, xmlSecSize* bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlSecByte** buf, xmlSecSize* bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecNssSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
 }
 
@@ -133,7 +133,7 @@ xmlSecNssSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKe
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecNssGenerateRandom(buffer, (sizeBits + 7) / 8));
 }
 
@@ -149,44 +149,44 @@ xmlSecNssSymKeyDataGetType(xmlSecKeyDataPtr data) {
     return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecNssSymKeyDataGetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecNssSymKeyDataCheckId(data), 0);
-    
+
     return(xmlSecKeyDataBinaryValueGetSize(data));
 }
 
-static void 
+static void
 xmlSecNssSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugDump(data, output);    
+
+    xmlSecKeyDataBinaryValueDebugDump(data, output);
 }
 
 static void
 xmlSecNssSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecNssSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);    
+
+    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
 }
 
-static int 
-xmlSecNssSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {    
+static int
+xmlSecNssSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
 #ifndef XMLSEC_NO_DES
     if(klass == xmlSecNssKeyDataDesId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_AES
     if(klass == xmlSecNssKeyDataAesId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_AES */
 
 #ifndef XMLSEC_NO_HMAC
     if(klass == xmlSecNssKeyDataHmacId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_HMAC */
 
@@ -205,55 +205,55 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataAesKlass = {
 
     /* data */
     xmlSecNameAESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefAESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeAESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefAESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeAESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecNssSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecNssSymKeyDataInitialize,              /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssSymKeyDataDuplicate,               /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssSymKeyDataFinalize,                /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecNssSymKeyDataGenerate,                /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecNssSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecNssSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecNssSymKeyDataGetType,                 /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecNssSymKeyDataGetSize,         /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecNssSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecNssSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssSymKeyDataXmlRead,         /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssSymKeyDataXmlWrite,                /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecNssSymKeyDataBinRead,         /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecNssSymKeyDataBinWrite,                /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssSymKeyDataDebugDump,               /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssSymKeyDataDebugXmlDump,    /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssKeyDataAesGetKlass:
- * 
+ *
  * The AES key data klass.
  *
  * Returns: AES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataAesGetKlass(void) {
     return(&xmlSecNssKeyDataAesKlass);
 }
 
 /**
  * xmlSecNssKeyDataAesSet:
- * @data:		the pointer to AES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to AES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of AES key data.
  *
@@ -262,14 +262,14 @@ xmlSecNssKeyDataAesGetKlass(void) {
 int
 xmlSecNssKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataAesId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 #endif /* XMLSEC_NO_AES */
@@ -286,55 +286,55 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataDesKlass = {
 
     /* data */
     xmlSecNameDESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeDESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecNssSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecNssSymKeyDataInitialize,              /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssSymKeyDataDuplicate,               /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssSymKeyDataFinalize,                /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecNssSymKeyDataGenerate,                /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecNssSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecNssSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecNssSymKeyDataGetType,                 /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecNssSymKeyDataGetSize,         /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecNssSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecNssSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssSymKeyDataXmlRead,         /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssSymKeyDataXmlWrite,                /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecNssSymKeyDataBinRead,         /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecNssSymKeyDataBinWrite,                /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssSymKeyDataDebugDump,               /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssSymKeyDataDebugXmlDump,    /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssKeyDataDesGetKlass:
- * 
+ *
  * The DES key data klass.
  *
  * Returns: DES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataDesGetKlass(void) {
     return(&xmlSecNssKeyDataDesKlass);
 }
 
 /**
  * xmlSecNssKeyDataDesSet:
- * @data:		the pointer to DES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to DES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of DES key data.
  *
@@ -343,14 +343,14 @@ xmlSecNssKeyDataDesGetKlass(void) {
 int
 xmlSecNssKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataDesId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
@@ -368,55 +368,55 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataHmacKlass = {
 
     /* data */
     xmlSecNameHMACKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefHMACKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeHMACKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefHMACKeyValue,                     /* const xmlChar* href; */
+    xmlSecNodeHMACKeyValue,                     /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecNssSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecNssSymKeyDataInitialize,              /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssSymKeyDataDuplicate,               /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssSymKeyDataFinalize,                /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecNssSymKeyDataGenerate,                /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecNssSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecNssSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecNssSymKeyDataGetType,                 /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecNssSymKeyDataGetSize,         /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecNssSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecNssSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssSymKeyDataXmlRead,         /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssSymKeyDataXmlWrite,                /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecNssSymKeyDataBinRead,         /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecNssSymKeyDataBinWrite,                /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssSymKeyDataDebugDump,               /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssSymKeyDataDebugXmlDump,    /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssKeyDataHmacGetKlass:
- * 
+ *
  * The HMAC key data klass.
  *
  * Returns: HMAC key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataHmacGetKlass(void) {
     return(&xmlSecNssKeyDataHmacKlass);
 }
 
 /**
  * xmlSecNssKeyDataHmacSet:
- * @data:		the pointer to HMAC key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to HMAC key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of HMAC key data.
  *
@@ -425,14 +425,14 @@ xmlSecNssKeyDataHmacGetKlass(void) {
 int
 xmlSecNssKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataHmacId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
diff --git a/src/nss/x509.c b/src/nss/x509.c
index aea40122..887c77cf 100644
--- a/src/nss/x509.c
+++ b/src/nss/x509.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,7 +6,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -45,84 +45,84 @@
 
 /* workaround - NSS exports this but doesn't declare it */
 extern CERTCertificate * __CERT_NewTempCertificate(CERTCertDBHandle *handle,
-						   SECItem *derCert,
-						   char *nickname,
-						   PRBool isperm,
-						   PRBool copyDER);
+                                                   SECItem *derCert,
+                                                   char *nickname,
+                                                   PRBool isperm,
+                                                   PRBool copyDER);
 
 /*************************************************************************
  *
  * X509 utility functions
  *
  ************************************************************************/
-static int		xmlSecNssX509DataNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509CertificateNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509CertificateNodeWrite	(CERTCertificate* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509SubjectNameNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509SubjectNameNodeWrite	(CERTCertificate* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509IssuerSerialNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509IssuerSerialNodeWrite	(CERTCertificate* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509SKINodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509SKINodeWrite		(CERTCertificate* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509CRLNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssX509CRLNodeWrite		(CERTSignedCrl* crl,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, 
-								xmlSecKeyPtr key,
-								xmlSecKeyInfoCtxPtr keyInfoCtx);
-
-static CERTCertificate*	xmlSecNssX509CertDerRead		(const xmlSecByte* buf, 
-								 xmlSecSize size);
-static CERTCertificate*	xmlSecNssX509CertBase64DerRead		(xmlChar* buf);
-static xmlChar*		xmlSecNssX509CertBase64DerWrite		(CERTCertificate* cert, 
-								 int base64LineWrap);
-static CERTSignedCrl*	xmlSecNssX509CrlDerRead			(xmlSecByte* buf, 
-								 xmlSecSize size,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static CERTSignedCrl*	xmlSecNssX509CrlBase64DerRead		(xmlChar* buf,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlChar*		xmlSecNssX509CrlBase64DerWrite		(CERTSignedCrl* crl, 
-								 int base64LineWrap);
-static xmlChar*		xmlSecNssX509NameWrite			(CERTName* nm);
-static xmlChar*		xmlSecNssASN1IntegerWrite		(SECItem *num);
-static xmlChar*		xmlSecNssX509SKIWrite			(CERTCertificate* cert);
-static void		xmlSecNssX509CertDebugDump		(CERTCertificate* cert, 
-								 FILE* output);
-static void		xmlSecNssX509CertDebugXmlDump		(CERTCertificate* cert, 
-								 FILE* output);
-static int		xmlSecNssX509CertGetTime		(PRTime* t,
-								 time_t* res);
+static int              xmlSecNssX509DataNodeRead               (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509CertificateNodeRead        (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509CertificateNodeWrite       (CERTCertificate* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509SubjectNameNodeRead        (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509SubjectNameNodeWrite       (CERTCertificate* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509IssuerSerialNodeRead       (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509IssuerSerialNodeWrite      (CERTCertificate* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509SKINodeRead                (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509SKINodeWrite               (CERTCertificate* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509CRLNodeRead                (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssX509CRLNodeWrite               (CERTSignedCrl* crl,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
+                                                                xmlSecKeyPtr key,
+                                                                xmlSecKeyInfoCtxPtr keyInfoCtx);
+
+static CERTCertificate* xmlSecNssX509CertDerRead                (const xmlSecByte* buf,
+                                                                 xmlSecSize size);
+static CERTCertificate* xmlSecNssX509CertBase64DerRead          (xmlChar* buf);
+static xmlChar*         xmlSecNssX509CertBase64DerWrite         (CERTCertificate* cert,
+                                                                 int base64LineWrap);
+static CERTSignedCrl*   xmlSecNssX509CrlDerRead                 (xmlSecByte* buf,
+                                                                 xmlSecSize size,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static CERTSignedCrl*   xmlSecNssX509CrlBase64DerRead           (xmlChar* buf,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlChar*         xmlSecNssX509CrlBase64DerWrite          (CERTSignedCrl* crl,
+                                                                 int base64LineWrap);
+static xmlChar*         xmlSecNssX509NameWrite                  (CERTName* nm);
+static xmlChar*         xmlSecNssASN1IntegerWrite               (SECItem *num);
+static xmlChar*         xmlSecNssX509SKIWrite                   (CERTCertificate* cert);
+static void             xmlSecNssX509CertDebugDump              (CERTCertificate* cert,
+                                                                 FILE* output);
+static void             xmlSecNssX509CertDebugXmlDump           (CERTCertificate* cert,
+                                                                 FILE* output);
+static int              xmlSecNssX509CertGetTime                (PRTime* t,
+                                                                 time_t* res);
 
 /*************************************************************************
  *
  * Internal NSS X509 data CTX
  *
  ************************************************************************/
-typedef struct _xmlSecNssX509DataCtx		xmlSecNssX509DataCtx,
-						*xmlSecNssX509DataCtxPtr;
+typedef struct _xmlSecNssX509DataCtx            xmlSecNssX509DataCtx,
+                                                *xmlSecNssX509DataCtxPtr;
 typedef struct _xmlSecNssX509CrlNode            xmlSecNssX509CrlNode,
-						*xmlSecNssX509CrlNodePtr;
+                                                *xmlSecNssX509CrlNodePtr;
 struct _xmlSecNssX509CrlNode {
     xmlSecNssX509CrlNodePtr  next;
     CERTSignedCrl           *crl;
@@ -134,7 +134,7 @@ struct _xmlSecNssX509DataCtx {
     CERTCertList*    certsList;
     unsigned int     numCerts;
 
-    xmlSecNssX509CrlNodePtr crlsList; 
+    xmlSecNssX509CrlNodePtr crlsList;
     unsigned int     numCrls;
 };
 
@@ -145,52 +145,52 @@ struct _xmlSecNssX509DataCtx {
  *
  * The X509Data  Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
  *
- * An X509Data element within KeyInfo contains one or more identifiers of keys 
- * or X509 certificates (or certificates' identifiers or a revocation list). 
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
+ * or X509 certificates (or certificates' identifiers or a revocation list).
  * The content of X509Data is:
  *
  *  1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
  *  2.
- *    * The X509IssuerSerial element, which contains an X.509 issuer 
- *	distinguished name/serial number pair that SHOULD be compliant 
- *	with RFC2253 [LDAP-DN],
- *    * The X509SubjectName element, which contains an X.509 subject 
- *	distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- *    * The X509SKI element, which contains the base64 encoded plain (i.e. 
- *	non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- *    * The X509Certificate element, which contains a base64-encoded [X509v3] 
- *	certificate, and
- *    * Elements from an external namespace which accompanies/complements any 
- *	of the elements above.
- *    * The X509CRL element, which contains a base64-encoded certificate 
- *	revocation list (CRL) [X509v3].
+ *    * The X509IssuerSerial element, which contains an X.509 issuer
+ *      distinguished name/serial number pair that SHOULD be compliant
+ *      with RFC2253 [LDAP-DN],
+ *    * The X509SubjectName element, which contains an X.509 subject
+ *      distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
+ *    * The X509SKI element, which contains the base64 encoded plain (i.e.
+ *      non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
+ *    * The X509Certificate element, which contains a base64-encoded [X509v3]
+ *      certificate, and
+ *    * Elements from an external namespace which accompanies/complements any
+ *      of the elements above.
+ *    * The X509CRL element, which contains a base64-encoded certificate
+ *      revocation list (CRL) [X509v3].
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
  * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be 
- * grouped inside a single X509Data element and if the certificate to which 
+ * All such elements that refer to a particular individual certificate MUST be
+ * grouped inside a single X509Data element and if the certificate to which
  * they refer appears, it MUST also be in that X509Data element.
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to 
- * the same key but different certificates MUST be grouped within a single 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
+ * the same key but different certificates MUST be grouped within a single
  * KeyInfo but MAY occur in multiple X509Data elements.
  *
- * All certificates appearing in an X509Data element MUST relate to the 
- * validation key by either containing it or being part of a certification 
+ * All certificates appearing in an X509Data element MUST relate to the
+ * validation key by either containing it or being part of a certification
  * chain that terminates in a certificate containing the validation key.
  *
  * No ordering is implied by the above constraints.
  *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of 
- * certificates or CRLs. However, a set of certificates and CRLs can occur 
- * within an X509Data element and multiple X509Data elements can occur in a 
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at 
- * least one such certificate must contain the public key which verifies the 
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
+ * within an X509Data element and multiple X509Data elements can occur in a
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
+ * least one such certificate must contain the public key which verifies the
  * signature.
  *
  * Schema Definition
  *
- *  <element name="X509Data" type="ds:X509DataType"/> 
+ *  <element name="X509Data" type="ds:X509DataType"/>
  *  <complexType name="X509DataType">
  *    <sequence maxOccurs="unbounded">
  *      <choice>
@@ -203,10 +203,10 @@ struct _xmlSecNssX509DataCtx {
  *      </choice>
  *    </sequence>
  *  </complexType>
- *  <complexType name="X509IssuerSerialType"> 
- *    <sequence> 
- *       <element name="X509IssuerName" type="string"/> 
- *       <element name="X509SerialNumber" type="integer"/> 
+ *  <complexType name="X509IssuerSerialType">
+ *    <sequence>
+ *       <element name="X509IssuerName" type="string"/>
+ *       <element name="X509SerialNumber" type="integer"/>
  *     </sequence>
  *  </complexType>
  *
@@ -227,30 +227,30 @@ struct _xmlSecNssX509DataCtx {
  * xmlSecNssX509DataCtx is located after xmlSecTransform
  *
  *************************************************************************/
-#define xmlSecNssX509DataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecNssX509DataCtx))	
+#define xmlSecNssX509DataSize   \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecNssX509DataCtx))
 #define xmlSecNssX509DataGetCtx(data) \
     ((xmlSecNssX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
-static int		xmlSecNssKeyDataX509Initialize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataX509Duplicate	(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void		xmlSecNssKeyDataX509Finalize	(xmlSecKeyDataPtr data);
-static int		xmlSecNssKeyDataX509XmlRead	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecNssKeyDataX509XmlWrite	(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlSecKeyDataType xmlSecNssKeyDataX509GetType	(xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataX509Initialize  (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataX509Duplicate   (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecNssKeyDataX509Finalize    (xmlSecKeyDataPtr data);
+static int              xmlSecNssKeyDataX509XmlRead     (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataX509XmlWrite    (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyDataType xmlSecNssKeyDataX509GetType    (xmlSecKeyDataPtr data);
 static const xmlChar* xmlSecNssKeyDataX509GetIdentifier (xmlSecKeyDataPtr data);
 
-static void		xmlSecNssKeyDataX509DebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void		xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data,
-							 FILE* output);
+static void             xmlSecNssKeyDataX509DebugDump   (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
 
 
 
@@ -260,55 +260,55 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataX509Klass = {
 
     /* data */
     xmlSecNameX509Data,
-    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefX509Data,				/* const xmlChar* href; */
-    xmlSecNodeX509Data,				/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefX509Data,                         /* const xmlChar* href; */
+    xmlSecNodeX509Data,                         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecNssKeyDataX509Initialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecNssKeyDataX509Duplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecNssKeyDataX509Finalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    xmlSecNssKeyDataX509Initialize,             /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecNssKeyDataX509Duplicate,              /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecNssKeyDataX509Finalize,               /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    xmlSecNssKeyDataX509GetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    xmlSecNssKeyDataX509GetIdentifier,		/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecNssKeyDataX509GetType,                /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    xmlSecNssKeyDataX509GetIdentifier,          /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecNssKeyDataX509XmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecNssKeyDataX509XmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecNssKeyDataX509XmlRead,                /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecNssKeyDataX509XmlWrite,               /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecNssKeyDataX509DebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecNssKeyDataX509DebugXmlDump, 		/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecNssKeyDataX509DebugDump,              /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecNssKeyDataX509DebugXmlDump,           /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecNssKeyDataX509GetKlass:
- * 
+ *
  * The NSS X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
  *
  * Returns: the X509 data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataX509GetKlass(void) {
     return(&xmlSecNssKeyDataX509Klass);
 }
 
 /**
  * xmlSecNssKeyDataX509GetKeyCert:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
- * Gets the certificate from which the key was extracted. 
+ * Gets the certificate from which the key was extracted.
  *
  * Returns: the key's certificate or NULL if key data was not used for key
  * extraction or an error occurs.
@@ -316,7 +316,7 @@ xmlSecNssKeyDataX509GetKlass(void) {
 CERTCertificate*
 xmlSecNssKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
     xmlSecNssX509DataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
 
     ctx = xmlSecNssX509DataGetCtx(data);
@@ -327,8 +327,8 @@ xmlSecNssKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecNssKeyDataX509AdoptKeyCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to NSS X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to NSS X509 certificate.
  *
  * Sets the key's certificate in @data.
  *
@@ -343,9 +343,9 @@ xmlSecNssKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, CERTCertificate* cert) {
 
     ctx = xmlSecNssX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->keyCert != NULL) {
-	CERT_DestroyCertificate(ctx->keyCert);
+        CERT_DestroyCertificate(ctx->keyCert);
     }
     ctx->keyCert = cert;
     return(0);
@@ -353,61 +353,61 @@ xmlSecNssKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, CERTCertificate* cert) {
 
 /**
  * xmlSecNssKeyDataX509AdoptCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to NSS X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to NSS X509 certificate.
  *
  * Adds certificate to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecNssKeyDataX509AdoptCert(xmlSecKeyDataPtr data, CERTCertificate* cert) {
     xmlSecNssX509DataCtxPtr ctx;
     SECStatus ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(cert != NULL, -1);
 
     ctx = xmlSecNssX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->certsList == NULL) {
-	ctx->certsList = CERT_NewCertList();
-	if(ctx->certsList == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"CERT_NewCertList",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);	
-	}
-    }
-    
+        ctx->certsList = CERT_NewCertList();
+        if(ctx->certsList == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "CERT_NewCertList",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
+        }
+    }
+
     ret = CERT_AddCertToListTail(ctx->certsList, cert);
     if(ret != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "CERT_AddCertToListTail",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "CERT_AddCertToListTail",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(-1);
     }
     ctx->numCerts++;
-        
+
     return(0);
 }
 
 /**
  * xmlSecNssKeyDataX509GetCert:
- * @data:		the pointer to X509 key data.
- * @pos:		the desired certificate position.
- * 
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired certificate position.
+ *
  * Gets a certificate from X509 key data.
  *
- * Returns: the pointer to certificate or NULL if @pos is larger than the 
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
  * number of certificates in @data or an error occurs.
  */
-CERTCertificate* 
+CERTCertificate*
 xmlSecNssKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecNssX509DataCtxPtr ctx;
     CERTCertListNode*       head;
@@ -422,7 +422,7 @@ xmlSecNssKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
     head = CERT_LIST_HEAD(ctx->certsList);
     while (pos > 0)
     {
-	head = CERT_LIST_NEXT(head);
+        head = CERT_LIST_NEXT(head);
         pos--;
     }
 
@@ -431,13 +431,13 @@ xmlSecNssKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
 
 /**
  * xmlSecNssKeyDataX509GetCertsSize:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
  * Gets the number of certificates in @data.
  *
  * Returns: te number of certificates in @data.
  */
-xmlSecSize 	
+xmlSecSize
 xmlSecNssKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
     xmlSecNssX509DataCtxPtr ctx;
 
@@ -451,35 +451,35 @@ xmlSecNssKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecNssKeyDataX509AdoptCrl:
- * @data:		the pointer to X509 key data.
- * @crl:		the pointer to NSS X509 CRL.
+ * @data:               the pointer to X509 key data.
+ * @crl:                the pointer to NSS X509 CRL.
  *
  * Adds CRL to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecNssKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, CERTSignedCrl* crl) {
     xmlSecNssX509DataCtxPtr ctx;
     xmlSecNssX509CrlNodePtr crlnode;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(crl != NULL, -1);
 
     ctx = xmlSecNssX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     crlnode = (xmlSecNssX509CrlNodePtr)PR_Malloc(sizeof(xmlSecNssX509CrlNode));
 
     if(crlnode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "PR_Malloc",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "PR_Malloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     memset(crlnode, 0, sizeof(xmlSecNssX509CrlNode));
     crlnode->next = ctx->crlsList;
     crlnode->crl = crl;
@@ -541,7 +541,7 @@ xmlSecNssKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
     return(ctx->numCrls);
 }
 
-static int	
+static int
 xmlSecNssKeyDataX509Initialize(xmlSecKeyDataPtr data) {
     xmlSecNssX509DataCtxPtr ctx;
 
@@ -565,43 +565,43 @@ xmlSecNssKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 
     xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecNssKeyDataX509Id), -1);
-    
+
     /* copy certsList */
     size = xmlSecNssKeyDataX509GetCertsSize(src);
     for(pos = 0; pos < size; ++pos) {
-	/* TBD: function below does linear scan, eliminate loop within
-	 * loop
-	 */
-	certSrc = xmlSecNssKeyDataX509GetCert(src, pos);
-	if(certSrc == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
-			"xmlSecNssKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-	
-	certDst = CERT_DupCertificate(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"CERT_DupCertificate",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
-	}
-	
-	ret = xmlSecNssKeyDataX509AdoptCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecNssKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    CERT_DestroyCertificate(certDst);
-	    return(-1);
-	}
+        /* TBD: function below does linear scan, eliminate loop within
+         * loop
+         */
+        certSrc = xmlSecNssKeyDataX509GetCert(src, pos);
+        if(certSrc == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecNssKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        certDst = CERT_DupCertificate(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "CERT_DupCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
+        }
+
+        ret = xmlSecNssKeyDataX509AdoptCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecNssKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            CERT_DestroyCertificate(certDst);
+            return(-1);
+        }
     }
 
     /* copy crls */
@@ -617,11 +617,7 @@ xmlSecNssKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
             return(-1);
         }
 
-	/* TBD: SEC_DupCrl isn't exported by NSS yet */
-	/*crlDst = SEC_DupCrl(crlSrc);*/
-	crlDst = crlSrc;
-	PR_AtomicIncrement(&(crlSrc->referenceCount));
-
+        crlDst = SEC_DupCrl(crlSrc);
         if(crlDst == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
@@ -646,25 +642,25 @@ xmlSecNssKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     /* copy key cert if exist */
     certSrc = xmlSecNssKeyDataX509GetKeyCert(src);
     if(certSrc != NULL) {
-	certDst = CERT_DupCertificate(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"CERT_DupCertificate",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"error code=%d", PORT_GetError());
-	    return(-1);
-	}
-	ret = xmlSecNssKeyDataX509AdoptKeyCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecNssKeyDataX509AdoptKeyCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    CERT_DestroyCertificate(certDst);
-	    return(-1);
-	}
+        certDst = CERT_DupCertificate(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "CERT_DupCertificate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "error code=%d", PORT_GetError());
+            return(-1);
+        }
+        ret = xmlSecNssKeyDataX509AdoptKeyCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecNssKeyDataX509AdoptKeyCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            CERT_DestroyCertificate(certDst);
+            return(-1);
+        }
     }
     return(0);
 }
@@ -679,25 +675,25 @@ xmlSecNssKeyDataX509Finalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(ctx != NULL);
 
     if(ctx->certsList != NULL) {
-	CERT_DestroyCertList(ctx->certsList);
+        CERT_DestroyCertList(ctx->certsList);
     }
 
     if(ctx->crlsList != NULL) {
-	xmlSecNssX509CrlNodePtr head;
-	xmlSecNssX509CrlNodePtr tmp;
-
-	head = ctx->crlsList;
-	while (head)
-	{
-	    tmp = head->next;
-	    SEC_DestroyCrl(head->crl);
-	    PR_Free(head);
-	    head = tmp;
-	}
+        xmlSecNssX509CrlNodePtr head;
+        xmlSecNssX509CrlNodePtr tmp;
+
+        head = ctx->crlsList;
+        while (head)
+        {
+            tmp = head->next;
+            SEC_DestroyCrl(head->crl);
+            PR_Free(head);
+            head = tmp;
+        }
     }
 
     if(ctx->keyCert != NULL) {
-	CERT_DestroyCertificate(ctx->keyCert);
+        CERT_DestroyCertificate(ctx->keyCert);
     }
 
     memset(ctx, 0, sizeof(xmlSecNssX509DataCtx));
@@ -705,59 +701,59 @@ xmlSecNssKeyDataX509Finalize(xmlSecKeyDataPtr data) {
 
 static int
 xmlSecNssKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecNssKeyDataX509Id, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     data = xmlSecKeyEnsureData(key, id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecNssX509DataNodeRead(data, node, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssX509DataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssX509DataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
         ret = xmlSecNssKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecNssKeyDataX509VerifyAndExtractKey",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecNssKeyDataX509VerifyAndExtractKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecNssKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     CERTCertificate* cert;
     CERTSignedCrl* crl;
     xmlSecSize size, pos;
     int content = 0;
     int ret;
-    				
+
     xmlSecAssert2(id == xmlSecNssKeyDataX509Id, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -765,110 +761,110 @@ xmlSecNssKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
     if (content < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecX509DataGetNodeContent",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "content=%d", content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecX509DataGetNodeContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "content=%d", content);
+        return(-1);
     } else if(content == 0) {
-	/* by default we are writing certificates and crls */
-	content = XMLSEC_X509DATA_DEFAULT;
+        /* by default we are writing certificates and crls */
+        content = XMLSEC_X509DATA_DEFAULT;
     }
 
     /* get x509 data */
     data = xmlSecKeyGetData(key, id);
     if(data == NULL) {
-	/* no x509 data in the key */
-	return(0);	
+        /* no x509 data in the key */
+        return(0);
     }
 
     /* write certs */
     size = xmlSecNssKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecNssKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecNssKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-
-	if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
-	    ret = xmlSecNssX509CertificateNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssX509CertificateNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
-	    ret = xmlSecNssX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssX509SubjectNameNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
-	    ret = xmlSecNssX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssX509IssuerSerialNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
-	    ret = xmlSecNssX509SKINodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssX509SKINodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-    }    
+        cert = xmlSecNssKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecNssKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+            ret = xmlSecNssX509CertificateNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssX509CertificateNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+            ret = xmlSecNssX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssX509SubjectNameNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+            ret = xmlSecNssX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssX509IssuerSerialNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+            ret = xmlSecNssX509SKINodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssX509SKINodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
 
     /* write crls if needed */
     if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
-	size = xmlSecNssKeyDataX509GetCrlsSize(data);
-	for(pos = 0; pos < size; ++pos) {
-	    crl = xmlSecNssKeyDataX509GetCrl(data, pos);
-	    if(crl == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssKeyDataX509GetCrl",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	    
-	    ret = xmlSecNssX509CRLNodeWrite(crl, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecNssX509CRLNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
+        size = xmlSecNssKeyDataX509GetCrlsSize(data);
+        for(pos = 0; pos < size; ++pos) {
+            crl = xmlSecNssKeyDataX509GetCrl(data, pos);
+            if(crl == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssKeyDataX509GetCrl",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+
+            ret = xmlSecNssX509CRLNodeWrite(crl, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecNssX509CRLNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
     }
 
     return(0);
@@ -878,19 +874,19 @@ static xmlSecKeyDataType
 xmlSecNssKeyDataX509GetType(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), xmlSecKeyDataTypeUnknown);
 
-    /* TODO: return verified/not verified status */    
+    /* TODO: return verified/not verified status */
     return(xmlSecKeyDataTypeUnknown);
 }
 
 static const xmlChar*
 xmlSecNssKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), NULL);
-    
-    /* TODO */    
+
+    /* TODO */
     return(NULL);
 }
 
-static void 
+static void
 xmlSecNssKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     CERTCertificate* cert;
     xmlSecSize size, pos;
@@ -901,25 +897,25 @@ xmlSecNssKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "=== X509 Data:\n");
     cert = xmlSecNssKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "==== Key Certificate:\n");
-	xmlSecNssX509CertDebugDump(cert, output);
+        fprintf(output, "==== Key Certificate:\n");
+        xmlSecNssX509CertDebugDump(cert, output);
     }
-    
+
     size = xmlSecNssKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecNssKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecNssKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "==== Certificate:\n");
-	xmlSecNssX509CertDebugDump(cert, output);
-    }
-    
+        cert = xmlSecNssKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecNssKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "==== Certificate:\n");
+        xmlSecNssX509CertDebugDump(cert, output);
+    }
+
     /* we don't print out crls */
 }
 
@@ -934,78 +930,78 @@ xmlSecNssKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "<X509Data>\n");
     cert = xmlSecNssKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "<KeyCertificate>\n");
-	xmlSecNssX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</KeyCertificate>\n");
+        fprintf(output, "<KeyCertificate>\n");
+        xmlSecNssX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</KeyCertificate>\n");
     }
-    
+
     size = xmlSecNssKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecNssKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecNssKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "<Certificate>\n");
-	xmlSecNssX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</Certificate>\n");
-    }
-    
+        cert = xmlSecNssKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecNssKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "<Certificate>\n");
+        xmlSecNssX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</Certificate>\n");
+    }
+
     /* we don't print out crls */
     fprintf(output, "</X509Data>\n");
 }
 
 static int
 xmlSecNssX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlNodePtr cur; 
+    xmlNodePtr cur;
     int ret;
-        
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     for(cur = xmlSecGetNextElementNode(node->children);
-	cur != NULL;
-	cur = xmlSecGetNextElementNode(cur->next)) {
-	
-	ret = 0;
-	if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
-	    ret = xmlSecNssX509CertificateNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
-	    ret = xmlSecNssX509SubjectNameNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
-	    ret = xmlSecNssX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
-	    ret = xmlSecNssX509SKINodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
-	    ret = xmlSecNssX509CRLNodeRead(data, cur, keyInfoCtx);
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    /* laxi schema validation: ignore unknown nodes */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"read node failed");
-	    return(-1);  
-	}	
+        cur != NULL;
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        ret = 0;
+        if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+            ret = xmlSecNssX509CertificateNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+            ret = xmlSecNssX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+            ret = xmlSecNssX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+            ret = xmlSecNssX509SKINodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+            ret = xmlSecNssX509CRLNodeRead(data, cur, keyInfoCtx);
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* laxi schema validation: ignore unknown nodes */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "read node failed");
+            return(-1);
+        }
     }
     return(0);
 }
 
 static int
-xmlSecNssX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+xmlSecNssX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     CERTCertificate* cert;
     int ret;
@@ -1016,77 +1012,77 @@ xmlSecNssX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecK
 
     content = xmlNodeGetContent(node);
     if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecNssX509CertBase64DerRead(content);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssX509CertBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssX509CertBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	xmlFree(content);
-	return(-1);
-    }
-     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        xmlFree(content);
+        return(-1);
+    }
+
     xmlFree(content);
     return(0);
 }
 
-static int 
+static int
 xmlSecNssX509CertificateNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar* buf;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(cert != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     /* set base64 lines size from context */
-    buf = xmlSecNssX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize); 
+    buf = xmlSecNssX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509CertBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509CertBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
-	xmlFree(buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+        xmlFree(buf);
+        return(-1);
     }
 
     /* todo: add \n around base64 data - from context */
@@ -1097,13 +1093,13 @@ xmlSecNssX509CertificateNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSec
     return(0);
 }
 
-static int		
-xmlSecNssX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+static int
+xmlSecNssX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* subject;
     CERTCertificate* cert;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1111,60 +1107,60 @@ xmlSecNssX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecK
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     subject = xmlNodeGetContent(node);
     if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
-	if(subject != NULL) {
-	    xmlFree(subject);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(subject != NULL) {
+            xmlFree(subject);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecNssX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
     if(cert == NULL){
 
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"subject=%s", 
-			xmlSecErrorsSafeString(subject));
-	    xmlFree(subject);
-	    return(-1);
-	}
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "subject=%s",
+                        xmlSecErrorsSafeString(subject));
+            xmlFree(subject);
+            return(-1);
+        }
 
-	xmlFree(subject);
-	return(0);
+        xmlFree(subject);
+        return(0);
     }
 
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	xmlFree(subject);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        xmlFree(subject);
+        return(-1);
+    }
+
     xmlFree(subject);
     return(0);
 }
@@ -1179,36 +1175,36 @@ xmlSecNssX509SubjectNameNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSec
 
     buf = xmlSecNssX509NameWrite(&(cert->subject));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-	    NULL,
-	    "xmlSecNssX509NameWrite(&(cert->subject))",
-	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecNssX509NameWrite(&(cert->subject))",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-	    NULL,
-	    "xmlSecAddChild",
-	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	    "node=%s",
-	    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecAddChild",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            "node=%s",
+            xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
     return(0);
 }
 
-static int 
+static int
 xmlSecNssX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlNodePtr cur;
     xmlChar *issuerName;
-    xmlChar *issuerSerial;    
+    xmlChar *issuerSerial;
     CERTCertificate* cert;
     int ret;
 
@@ -1219,118 +1215,118 @@ xmlSecNssX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSec
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecGetNextElementNode(node->children);
     if(cur == NULL) {
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-			XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
-	return(0);
-    }
-    
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+        return(0);
+    }
+
     /* the first is required node X509IssuerName */
     if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        return(-1);
+    }
     issuerName = xmlNodeGetContent(cur);
     if(issuerName == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is required node X509SerialNumber */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	xmlFree(issuerName);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        xmlFree(issuerName);
+        return(-1);
+    }
     issuerSerial = xmlNodeGetContent(cur);
     if(issuerSerial == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        xmlFree(issuerName);
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
     }
 
     cert = xmlSecNssX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
     if(cert == NULL){
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"issuerName=%s;issuerSerial=%s",
-		        xmlSecErrorsSafeString(issuerName), 
-			xmlSecErrorsSafeString(issuerSerial));
-	    xmlFree(issuerSerial);
-	    xmlFree(issuerName);
-	    return(-1);
-	}
-
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(0);    
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "issuerName=%s;issuerSerial=%s",
+                        xmlSecErrorsSafeString(issuerName),
+                        xmlSecErrorsSafeString(issuerSerial));
+            xmlFree(issuerSerial);
+            xmlFree(issuerName);
+            return(-1);
+        }
+
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(0);
     }
 
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
+    }
+
     xmlFree(issuerSerial);
     xmlFree(issuerName);
     return(0);
@@ -1342,65 +1338,65 @@ xmlSecNssX509IssuerSerialNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSe
     xmlNodePtr issuerNameNode;
     xmlNodePtr issuerNumberNode;
     xmlChar* buf;
-    
+
     xmlSecAssert2(cert != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* create xml nodes */
     cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+        return(-1);
     }
 
     issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
     if(issuerNameNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
 
     issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
     if(issuerNumberNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        return(-1);
     }
 
     /* write data */
     buf = xmlSecNssX509NameWrite(&(cert->issuer));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509NameWrite(&(cert->issuer))",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509NameWrite(&(cert->issuer))",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
     xmlFree(buf);
 
     buf = xmlSecNssASN1IntegerWrite(&(cert->serialNumber));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssASN1IntegerWrite(&(cert->serialNumber))",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssASN1IntegerWrite(&(cert->serialNumber))",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlNodeSetContent(issuerNumberNode, buf);
     xmlFree(buf);
@@ -1408,13 +1404,13 @@ xmlSecNssX509IssuerSerialNodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSe
     return(0);
 }
 
-static int 
+static int
 xmlSecNssX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* ski;
     CERTCertificate* cert;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1422,59 +1418,59 @@ xmlSecNssX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCt
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ski = xmlNodeGetContent(node);
     if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
-	if(ski != NULL) {
-	    xmlFree(ski);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	    return(-1);
-	}
-	return(0);
+        if(ski != NULL) {
+            xmlFree(ski);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecNssX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
     if(cert == NULL){
-	xmlFree(ski);
+        xmlFree(ski);
 
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-		        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"ski=%s", 
-			xmlSecErrorsSafeString(ski));
-	    return(-1);
-	}
-	return(0);
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "ski=%s",
+                        xmlSecErrorsSafeString(ski));
+            return(-1);
+        }
+        return(0);
     }
 
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	xmlFree(ski);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        xmlFree(ski);
+        return(-1);
+    }
+
     xmlFree(ski);
     return(0);
 }
@@ -1489,24 +1485,24 @@ xmlSecNssX509SKINodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoC
 
     buf = xmlSecNssX509SKIWrite(cert);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509SKIWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509SKIWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
@@ -1514,7 +1510,7 @@ xmlSecNssX509SKINodeWrite(CERTCertificate* cert, xmlNodePtr node, xmlSecKeyInfoC
     return(0);
 }
 
-static int 
+static int
 xmlSecNssX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     CERTSignedCrl* crl;
@@ -1525,32 +1521,32 @@ xmlSecNssX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCt
 
     content = xmlNodeGetContent(node);
    if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     crl = xmlSecNssX509CrlBase64DerRead(content, keyInfoCtx);
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecNssX509CrlBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
-    
-    SEC_DestroyCrl(crl); 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecNssX509CrlBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
+    SEC_DestroyCrl(crl);
     xmlFree(content);
     return(0);
 }
@@ -1565,26 +1561,26 @@ xmlSecNssX509CRLNodeWrite(CERTSignedCrl* crl, xmlNodePtr node, xmlSecKeyInfoCtxP
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     /* set base64 lines size from context */
-    buf = xmlSecNssX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize); 
+    buf = xmlSecNssX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509CrlBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509CrlBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+        xmlFree(buf);
+        return(-1);
     }
     /* todo: add \n around base64 data - from context */
     /* todo: add errors check */
@@ -1598,13 +1594,13 @@ xmlSecNssX509CRLNodeWrite(CERTSignedCrl* crl, xmlNodePtr node, xmlSecKeyInfoCtxP
 
 static int
 xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecNssX509DataCtxPtr ctx;
     xmlSecKeyDataStorePtr x509Store;
     int ret;
     SECStatus status;
     PRTime notBefore, notAfter;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecNssKeyDataX509Id), -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1615,101 +1611,101 @@ xmlSecNssKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecNssX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
-	CERTCertificate* cert;
-	
-	cert = xmlSecNssX509StoreVerify(x509Store, ctx->certsList, keyInfoCtx);
-	if(cert != NULL) {
-	    xmlSecKeyDataPtr keyValue;
-	    
-	    ctx->keyCert = CERT_DupCertificate(cert);
-	    if(ctx->keyCert == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "CERT_DupCertificate",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	
-	    keyValue = xmlSecNssX509CertGetKey(ctx->keyCert);
-	    if(keyValue == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecNssX509CertGetKey",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    
-	    /* verify that the key matches our expectations */
-	    if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecKeyReqMatchKeyValue",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDataDestroy(keyValue);
-		return(-1);
-	    }	
-	        
-	    ret = xmlSecKeySetValue(key, keyValue);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecKeySetValue",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDataDestroy(keyValue);
-		return(-1);
-	    }	    
-	    
-	    status = CERT_GetCertTimes(ctx->keyCert, &notBefore, &notAfter);
-	    if (status == SECSuccess) {
-		ret = xmlSecNssX509CertGetTime(&notBefore, &(key->notValidBefore));
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-				"xmlSecNssX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"notValidBefore");
-		    return(-1);
-		}
-		ret = xmlSecNssX509CertGetTime(&notAfter, &(key->notValidAfter));
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-				"xmlSecNssX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"notValidAfter");
-		    return(-1);
-		}
-	    } else {
-		key->notValidBefore = key->notValidAfter = 0;
-	    }
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        CERTCertificate* cert;
+
+        cert = xmlSecNssX509StoreVerify(x509Store, ctx->certsList, keyInfoCtx);
+        if(cert != NULL) {
+            xmlSecKeyDataPtr keyValue;
+
+            ctx->keyCert = CERT_DupCertificate(cert);
+            if(ctx->keyCert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "CERT_DupCertificate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            keyValue = xmlSecNssX509CertGetKey(ctx->keyCert);
+            if(keyValue == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecNssX509CertGetKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* verify that the key matches our expectations */
+            if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeyReqMatchKeyValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            ret = xmlSecKeySetValue(key, keyValue);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeySetValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            status = CERT_GetCertTimes(ctx->keyCert, &notBefore, &notAfter);
+            if (status == SECSuccess) {
+                ret = xmlSecNssX509CertGetTime(&notBefore, &(key->notValidBefore));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecNssX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidBefore");
+                    return(-1);
+                }
+                ret = xmlSecNssX509CertGetTime(&notAfter, &(key->notValidAfter));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecNssX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidAfter");
+                    return(-1);
+                }
+            } else {
+                key->notValidBefore = key->notValidAfter = 0;
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
 
 static int
 xmlSecNssX509CertGetTime(PRTime* t, time_t* res) {
-    
+
     PRTime tmp64_1, tmp64_2;
     PRUint32 tmp32 = 1000000;
 
@@ -1729,42 +1725,42 @@ xmlSecNssX509CertGetTime(PRTime* t, time_t* res) {
     return(0);
 }
 
-/** 
+/**
  * xmlSecNssX509CertGetKey:
- * @cert:		the certificate.
- * 
+ * @cert:               the certificate.
+ *
  * Extracts public key from the @cert.
  *
  * Returns: public key value or NULL if an error occurs.
  */
-xmlSecKeyDataPtr	
+xmlSecKeyDataPtr
 xmlSecNssX509CertGetKey(CERTCertificate* cert) {
     xmlSecKeyDataPtr data;
     SECKEYPublicKey *pubkey = NULL;
-    
+
     xmlSecAssert2(cert != NULL, NULL);
 
     pubkey = CERT_ExtractPublicKey(cert);
     if(pubkey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CERT_ExtractPublicKey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CERT_ExtractPublicKey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(NULL);
+    }
 
     data = xmlSecNssPKIAdoptKey(NULL, pubkey);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssPKIAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECKEY_DestroyPublicKey(pubkey);
-	return(NULL);	    
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssPKIAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECKEY_DestroyPublicKey(pubkey);
+        return(NULL);
+    }
+
     return(data);
 }
 
@@ -1773,18 +1769,18 @@ xmlSecNssX509CertBase64DerRead(xmlChar* buf) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(xmlSecNssX509CertDerRead((xmlSecByte*)buf, ret));
 }
 
@@ -1796,7 +1792,7 @@ xmlSecNssX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
 
     xmlSecAssert2(buf != NULL, NULL);
     xmlSecAssert2(size > 0, NULL);
-    
+
     derCert.data = (unsigned char *)buf;
     derCert.len = size;
 
@@ -1804,12 +1800,12 @@ xmlSecNssX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
     cert = __CERT_NewTempCertificate(CERT_GetDefaultCertDB(), &derCert,
                                      NULL, PR_FALSE, PR_TRUE);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "__CERT_NewTempCertificate",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "__CERT_NewTempCertificate",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(NULL);
     }
 
 
@@ -1823,56 +1819,56 @@ xmlSecNssX509CertBase64DerWrite(CERTCertificate* cert, int base64LineWrap) {
     long size;
 
     xmlSecAssert2(cert != NULL, NULL);
-	
+
     p = cert->derCert.data;
     size = cert->derCert.len;
     if((size <= 0) || (p == NULL)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "cert->derCert",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "cert->derCert",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        return(NULL);
+    }
+
     res = xmlSecBase64Encode(p, size, base64LineWrap);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
 
     return(res);
 }
 
 static CERTSignedCrl*
-xmlSecNssX509CrlBase64DerRead(xmlChar* buf, 
-			      xmlSecKeyInfoCtxPtr keyInfoCtx) {
+xmlSecNssX509CrlBase64DerRead(xmlChar* buf,
+                              xmlSecKeyInfoCtxPtr keyInfoCtx) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(xmlSecNssX509CrlDerRead((xmlSecByte*)buf, ret, keyInfoCtx));
 }
 
 
 static CERTSignedCrl*
 xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
-		        xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                        xmlSecKeyInfoCtxPtr keyInfoCtx) {
     CERTSignedCrl *crl = NULL;
     SECItem derCrl;
     PK11SlotInfo *slot = NULL;
@@ -1881,7 +1877,7 @@ xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
     xmlSecAssert2(buf != NULL, NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
     xmlSecAssert2(size > 0, NULL);
-    
+
     derCrl.data = buf;
     derCrl.len = size;
 
@@ -1894,24 +1890,24 @@ xmlSecNssX509CrlDerRead(xmlSecByte* buf, xmlSecSize size,
                     NULL,
                     "xmlSecNssGetInternalKeySlot",
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
-    		        XMLSEC_ERRORS_NO_MESSAGE);
-    	return NULL;
+                        XMLSEC_ERRORS_NO_MESSAGE);
+        return NULL;
     }
 
     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS) != 0)
-	importOptions |= CRL_IMPORT_BYPASS_CHECKS;
+        importOptions |= CRL_IMPORT_BYPASS_CHECKS;
 
-    crl = PK11_ImportCRL(slot, &derCrl, NULL, SEC_CRL_TYPE, NULL, 
-			 importOptions, NULL, CRL_DECODE_DEFAULT_OPTIONS);
+    crl = PK11_ImportCRL(slot, &derCrl, NULL, SEC_CRL_TYPE, NULL,
+                         importOptions, NULL, CRL_DECODE_DEFAULT_OPTIONS);
 
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PK11_ImportCRL",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "error code=%d", PORT_GetError());
-	PK11_FreeSlot(slot);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PK11_ImportCRL",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "error code=%d", PORT_GetError());
+        PK11_FreeSlot(slot);
+        return(NULL);
     }
 
     PK11_FreeSlot(slot);
@@ -1945,7 +1941,7 @@ xmlSecNssX509CrlBase64DerWrite(CERTSignedCrl* crl, int base64LineWrap) {
                     XMLSEC_ERRORS_R_XMLSEC_FAILED,
                     XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
-    }   
+    }
 
     return(res);
 }
@@ -1960,22 +1956,22 @@ xmlSecNssX509NameWrite(CERTName* nm) {
     str = CERT_NameToAscii(nm);
     if (str == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-        	    NULL,
-        	    "CERT_NameToAscii",
-        	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-        	    XMLSEC_ERRORS_NO_MESSAGE);
+                    NULL,
+                    "CERT_NameToAscii",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
 
     res = xmlStrdup(BAD_CAST str);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlStrdup",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	PORT_Free(str);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlStrdup",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        PORT_Free(str);
+        return(NULL);
     }
     PORT_Free(str);
     return(res);
@@ -1984,12 +1980,34 @@ xmlSecNssX509NameWrite(CERTName* nm) {
 static xmlChar*
 xmlSecNssASN1IntegerWrite(SECItem *num) {
     xmlChar *res = NULL;
-    
+    int resLen = 64; /* not more than 64 chars */
+    PRUint64 val = 0;
+    unsigned int ii = 0;
+    int shift = 0;
+
     xmlSecAssert2(num != NULL, NULL);
+    xmlSecAssert2(num->type == siBuffer, NULL);
+    xmlSecAssert2(num->len <= 9, NULL);
+    xmlSecAssert2(num->data != NULL, NULL);
 
-    /* TODO : to be implemented after 
-     * NSS bug http://bugzilla.mozilla.org/show_bug.cgi?id=212864 is fixed 
+    /* HACK : to be fixed after
+     * NSS bug http://bugzilla.mozilla.org/show_bug.cgi?id=212864 is fixed
      */
+    for(ii = num->len; ii > 0; --ii, shift += 8) {
+        val |= ((PRUint64)num->data[ii - 1]) << shift;
+    }
+
+    res = (xmlChar*)xmlMalloc(resLen + 1);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlStrdup",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return (NULL);
+    }
+
+    PR_snprintf((char*)res, resLen, "%llu", val);
     return(res);
 }
 
@@ -2005,32 +2023,32 @@ xmlSecNssX509SKIWrite(CERTCertificate* cert) {
 
     rv = CERT_FindSubjectKeyIDExtension(cert, &ski);
     if (rv != SECSuccess) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CERT_FindSubjectKeyIDExtension",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&ski, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CERT_FindSubjectKeyIDExtension",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&ski, PR_FALSE);
+        return(NULL);
     }
 
     res = xmlSecBase64Encode(ski.data, ski.len, 0);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	SECITEM_FreeItem(&ski, PR_FALSE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        SECITEM_FreeItem(&ski, PR_FALSE);
+        return(NULL);
     }
     SECITEM_FreeItem(&ski, PR_FALSE);
-    
+
     return(res);
 }
 
 
-static void 
+static void
 xmlSecNssX509CertDebugDump(CERTCertificate* cert, FILE* output) {
     SECItem *sn;
     unsigned int i;
@@ -2043,17 +2061,17 @@ xmlSecNssX509CertDebugDump(CERTCertificate* cert, FILE* output) {
     sn = &cert->serialNumber;
 
     for (i = 0; i < sn->len; i++) {
-	if (i != sn->len - 1) {
-	    fprintf(output, "%02x:", sn->data[i]);
-	} else {
-	    fprintf(output, "%02x", sn->data[i]);
-	}
+        if (i != sn->len - 1) {
+            fprintf(output, "%02x:", sn->data[i]);
+        } else {
+            fprintf(output, "%02x", sn->data[i]);
+        }
     }
     fprintf(output, "\n");
 }
 
 
-static void 
+static void
 xmlSecNssX509CertDebugXmlDump(CERTCertificate* cert, FILE* output) {
     SECItem *sn;
     unsigned int i;
@@ -2072,11 +2090,11 @@ xmlSecNssX509CertDebugXmlDump(CERTCertificate* cert, FILE* output) {
     fprintf(output, "<SerialNumber>");
     sn = &cert->serialNumber;
     for (i = 0; i < sn->len; i++) {
-	if (i != sn->len - 1) {
-	    fprintf(output, "%02x:", sn->data[i]);
-	} else {
-	    fprintf(output, "%02x", sn->data[i]);
-	}
+        if (i != sn->len - 1) {
+            fprintf(output, "%02x:", sn->data[i]);
+        } else {
+            fprintf(output, "%02x", sn->data[i]);
+        }
     }
     fprintf(output, "</SerialNumber>\n");
 }
@@ -2088,11 +2106,11 @@ xmlSecNssX509CertDebugXmlDump(CERTCertificate* cert, FILE* output) {
  *
  *
  *************************************************************************/
-static int		xmlSecNssKeyDataRawX509CertBinRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 const xmlSecByte* buf,
-								 xmlSecSize bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecNssKeyDataRawX509CertBinRead      (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyDataKlass xmlSecNssKeyDataRawX509CertKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -2100,58 +2118,58 @@ static xmlSecKeyDataKlass xmlSecNssKeyDataRawX509CertKlass = {
 
     /* data */
     xmlSecNameRawX509Cert,
-    xmlSecKeyDataUsageRetrievalMethodNodeBin, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRawX509Cert,			/* const xmlChar* href; */
-    NULL,					/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageRetrievalMethodNodeBin,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRawX509Cert,                      /* const xmlChar* href; */
+    NULL,                                       /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    NULL,			 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    NULL,					/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    NULL,					/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecNssKeyDataRawX509CertBinRead,	/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    NULL,                                       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,                                       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecNssKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecNssKeyDataRawX509CertGetKlass:
- * 
+ *
  * The raw X509 certificates key data klass.
  *
  * Returns: raw X509 certificates key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecNssKeyDataRawX509CertGetKlass(void) {
     return(&xmlSecNssKeyDataRawX509CertKlass);
 }
 
 static int
 xmlSecNssKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     CERTCertificate* cert;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecNssKeyDataRawX509CertId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
@@ -2160,44 +2178,44 @@ xmlSecNssKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     cert = xmlSecNssX509CertDerRead(buf, bufSize);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNssX509CertDerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509CertDerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     data = xmlSecKeyEnsureData(key, xmlSecNssKeyDataX509Id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        return(-1);
+    }
+
     ret = xmlSecNssKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	CERT_DestroyCertificate(cert);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        CERT_DestroyCertificate(cert);
+        return(-1);
     }
 
     ret = xmlSecNssKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecNssKeyDataX509VerifyAndExtractKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecNssKeyDataX509VerifyAndExtractKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
diff --git a/src/nss/x509vfy.c b/src/nss/x509vfy.c
index 25bf5042..fdb866fe 100644
--- a/src/nss/x509vfy.c
+++ b/src/nss/x509vfy.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,7 +6,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (c) 2003 America Online, Inc.  All rights reserved.
  */
 #include "globals.h"
@@ -40,11 +40,20 @@
  * Internal NSS X509 store CTX
  *
  *************************************************************************/
-typedef struct _xmlSecNssX509StoreCtx		xmlSecNssX509StoreCtx, 
-						*xmlSecNssX509StoreCtxPtr;
+typedef struct _xmlSecNssX509StoreCtx           xmlSecNssX509StoreCtx,
+                                                *xmlSecNssX509StoreCtxPtr;
 struct _xmlSecNssX509StoreCtx {
+    /* Two uses:
+     *
+     * 1) Just keeping a reference to destroy later.
+     *
+     * 2) NSS doesn't update it's cache correctly when new certs are added 
+     *          https://bugzilla.mozilla.org/show_bug.cgi?id=211051
+     *    we use this list to perform search ourselves.
+     */
+
     CERTCertList* certsList; /* just keeping a reference to destroy later */
-};	    
+};
 
 /****************************************************************************
  *
@@ -55,22 +64,23 @@ struct _xmlSecNssX509StoreCtx {
  ***************************************************************************/
 #define xmlSecNssX509StoreGetCtx(store) \
     ((xmlSecNssX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
-				    sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecNssX509StoreSize	\
+                                    sizeof(xmlSecKeyDataStoreKlass)))
+#define xmlSecNssX509StoreSize  \
     (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecNssX509StoreCtx))
- 
-static int		xmlSecNssX509StoreInitialize	(xmlSecKeyDataStorePtr store);
-static void		xmlSecNssX509StoreFinalize	(xmlSecKeyDataStorePtr store);
-static int 		xmlSecNssX509NameStringRead	(xmlSecByte **str, 
-							 int *strLen, 
-							 xmlSecByte *res, 
-							 int resLen,
-							 xmlSecByte delim, 
-							 int ingoreTrailingSpaces);
-static xmlSecByte * 	xmlSecNssX509NameRead		(xmlSecByte *str, 
-							 int len);
 
-static void 		xmlSecNssNumToItem(SECItem *it, unsigned long num);
+static int              xmlSecNssX509StoreInitialize    (xmlSecKeyDataStorePtr store);
+static void             xmlSecNssX509StoreFinalize      (xmlSecKeyDataStorePtr store);
+static int              xmlSecNssX509NameStringRead     (xmlSecByte **str,
+                                                         int *strLen,
+                                                         xmlSecByte *res,
+                                                         int resLen,
+                                                         xmlSecByte delim,
+                                                         int ingoreTrailingSpaces);
+static xmlSecByte *     xmlSecNssX509NameRead           (xmlSecByte *str,
+                                                         int len);
+
+static int              xmlSecNssNumToItem              (SECItem *it, 
+                                                         PRUint64 num);
 
 
 static xmlSecKeyDataStoreKlass xmlSecNssX509StoreKlass = {
@@ -78,43 +88,44 @@ static xmlSecKeyDataStoreKlass xmlSecNssX509StoreKlass = {
     xmlSecNssX509StoreSize,
 
     /* data */
-    xmlSecNameX509Store,			/* const xmlChar* name; */ 
-        
+    xmlSecNameX509Store,                        /* const xmlChar* name; */
+
     /* constructors/destructor */
-    xmlSecNssX509StoreInitialize,		/* xmlSecKeyDataStoreInitializeMethod initialize; */
-    xmlSecNssX509StoreFinalize,			/* xmlSecKeyDataStoreFinalizeMethod finalize; */
+    xmlSecNssX509StoreInitialize,               /* xmlSecKeyDataStoreInitializeMethod initialize; */
+    xmlSecNssX509StoreFinalize,                 /* xmlSecKeyDataStoreFinalizeMethod finalize; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-static CERTCertificate*		xmlSecNssX509FindCert(xmlChar *subjectName,
-						      xmlChar *issuerName,
-						      xmlChar *issuerSerial,
-						      xmlChar *ski);
+static CERTCertificate*         xmlSecNssX509FindCert(CERTCertList* certsList,
+                                                      const xmlChar *subjectName,
+                                                      const xmlChar *issuerName,
+                                                      const xmlChar *issuerSerial,
+                                                      xmlChar *ski);
 
 
-/** 
+/**
  * xmlSecNssX509StoreGetKlass:
- * 
+ *
  * The NSS X509 certificates key data store klass.
  *
  * Returns: pointer to NSS X509 certificates key data store klass.
  */
-xmlSecKeyDataStoreId 
+xmlSecKeyDataStoreId
 xmlSecNssX509StoreGetKlass(void) {
     return(&xmlSecNssX509StoreKlass);
 }
 
 /**
  * xmlSecNssX509StoreFindCert:
- * @store:		the pointer to X509 key data store klass.
- * @subjectName:	the desired certificate name.
- * @issuerName:		the desired certificate issuer name.
- * @issuerSerial:	the desired certificate issuer serial number.
- * @ski:		the desired certificate SKI.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @store:              the pointer to X509 key data store klass.
+ * @subjectName:        the desired certificate name.
+ * @issuerName:         the desired certificate issuer name.
+ * @issuerSerial:       the desired certificate issuer serial number.
+ * @ski:                the desired certificate SKI.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Searches @store for a certificate that matches given criteria.
  *
@@ -123,32 +134,32 @@ xmlSecNssX509StoreGetKlass(void) {
  */
 CERTCertificate *
 xmlSecNssX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
-				xmlChar *issuerName, xmlChar *issuerSerial,
-				xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
+                                xmlChar *issuerName, xmlChar *issuerSerial,
+                                xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecNssX509StoreCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecNssX509StoreId), NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
 
     ctx = xmlSecNssX509StoreGetCtx(store);
     xmlSecAssert2(ctx != NULL, NULL);
 
-    return(xmlSecNssX509FindCert(subjectName, issuerName, issuerSerial, ski));
+    return xmlSecNssX509FindCert(ctx->certsList, subjectName, issuerName, issuerSerial, ski);
 }
 
 /**
  * xmlSecNssX509StoreVerify:
- * @store:		the pointer to X509 key data store klass.
- * @certs:		the untrusted certificates stack.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @store:              the pointer to X509 key data store klass.
+ * @certs:              the untrusted certificates stack.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Verifies @certs list.
  *
  * Returns: pointer to the first verified certificate from @certs.
- */ 
-CERTCertificate * 	
+ */
+CERTCertificate *
 xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
-			     xmlSecKeyInfoCtx* keyInfoCtx) {
+                         xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecNssX509StoreCtxPtr ctx;
     CERTCertListNode*       head;
     CERTCertificate*       cert = NULL;
@@ -169,88 +180,88 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs,
          !CERT_LIST_END(head, certs);
          head = CERT_LIST_NEXT(head)) {
         cert = head->cert;
-	if(keyInfoCtx->certsVerificationTime > 0) {
-	    /* convert the time since epoch in seconds to microseconds */
-	    LL_UI2L(timeboundary, keyInfoCtx->certsVerificationTime);
-	    tmp1 = (int64)PR_USEC_PER_SEC;
-	    tmp2 = timeboundary;
-	    LL_MUL(timeboundary, tmp1, tmp2);
-	} else {
-	    timeboundary = PR_Now();
-	}
-
-	/* if cert is the issuer of any other cert in the list, then it is 
-	 * to be skipped */
-	for (head1 = CERT_LIST_HEAD(certs); 
-	     !CERT_LIST_END(head1, certs);
-	     head1 = CERT_LIST_NEXT(head1)) {
-
-	    cert1 = head1->cert;
-	    if (cert1 == cert) {
-		continue;
-	    }
-
-	    if (SECITEM_CompareItem(&cert1->derIssuer, &cert->derSubject)
-	                              == SECEqual) {
-		break;
-	    }
-	}
-
-	if (!CERT_LIST_END(head1, certs)) {
-	    continue;
-	}
-
-	status = CERT_VerifyCertificate(CERT_GetDefaultCertDB(), 
-					cert, PR_FALSE, 
-					(SECCertificateUsage)0,
-                			timeboundary , NULL, NULL, NULL);
-	if (status == SECSuccess) {
-	    break;
-	}
+        if(keyInfoCtx->certsVerificationTime > 0) {
+            /* convert the time since epoch in seconds to microseconds */
+            LL_UI2L(timeboundary, keyInfoCtx->certsVerificationTime);
+            tmp1 = (int64)PR_USEC_PER_SEC;
+            tmp2 = timeboundary;
+            LL_MUL(timeboundary, tmp1, tmp2);
+        } else {
+            timeboundary = PR_Now();
+        }
+
+        /* if cert is the issuer of any other cert in the list, then it is
+         * to be skipped */
+        for (head1 = CERT_LIST_HEAD(certs);
+             !CERT_LIST_END(head1, certs);
+             head1 = CERT_LIST_NEXT(head1)) {
+
+            cert1 = head1->cert;
+            if (cert1 == cert) {
+                continue;
+            }
+
+            if (SECITEM_CompareItem(&cert1->derIssuer, &cert->derSubject)
+                                      == SECEqual) {
+                break;
+            }
+        }
+
+        if (!CERT_LIST_END(head1, certs)) {
+            continue;
+        }
+
+        status = CERT_VerifyCertificate(CERT_GetDefaultCertDB(),
+                                        cert, PR_FALSE,
+                                        (SECCertificateUsage)0,
+                                        timeboundary , NULL, NULL, NULL);
+        if (status == SECSuccess) {
+            break;
+        }
     }
 
     if (status == SECSuccess) {
-	return (cert);
+        return (cert);
     }
-    
+
     switch(PORT_GetError()) {
-	case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
-	case SEC_ERROR_CA_CERT_INVALID:
-	case SEC_ERROR_UNKNOWN_SIGNER:
+        case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
+        case SEC_ERROR_CA_CERT_INVALID:
+        case SEC_ERROR_UNKNOWN_SIGNER:
             xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                         NULL,
                         XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
                         "cert with subject name %s could not be verified because the issuer's cert is expired/invalid or not found",
                         cert->subjectName);
-	    break;
-	case SEC_ERROR_EXPIRED_CERTIFICATE:
+            break;
+        case SEC_ERROR_EXPIRED_CERTIFICATE:
             xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                         NULL,
                         XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
                         "cert with subject name %s has expired",
                         cert->subjectName);
-	    break;
-	case SEC_ERROR_REVOKED_CERTIFICATE:
+            break;
+        case SEC_ERROR_REVOKED_CERTIFICATE:
             xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                         NULL,
                         XMLSEC_ERRORS_R_CERT_REVOKED,
                         "cert with subject name %s has been revoked",
                         cert->subjectName);
-	    break;
-	default:
+            break;
+        default:
             xmlSecError(XMLSEC_ERRORS_HERE,
                         xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                         NULL,
                         XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
-						"cert with subject name %s could not be verified, errcode %d",
-						cert->subjectName,
-			PORT_GetError());
-	    break;
+                                                "cert with subject name %s could not be verified, errcode %d",
+                                                cert->subjectName,
+                        PORT_GetError());
+            break;
     }
-   
+
     return (NULL);
 }
 
@@ -282,7 +293,7 @@ xmlSecNssX509StoreAdoptCert(xmlSecKeyDataStorePtr store, CERTCertificate* cert,
                         xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                         "CERT_NewCertList",
                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
-						"error code=%d", PORT_GetError());
+                                                "error code=%d", PORT_GetError());
             return(-1);
         }
     }
@@ -293,7 +304,7 @@ xmlSecNssX509StoreAdoptCert(xmlSecKeyDataStorePtr store, CERTCertificate* cert,
                     xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                     "CERT_AddCertToListTail",
                     XMLSEC_ERRORS_R_CRYPTO_FAILED,
-					"error code=%d", PORT_GetError());
+                                        "error code=%d", PORT_GetError());
         return(-1);
     }
 
@@ -310,7 +321,7 @@ xmlSecNssX509StoreInitialize(xmlSecKeyDataStorePtr store) {
 
     memset(ctx, 0, sizeof(xmlSecNssX509StoreCtx));
 
-    return(0);    
+    return(0);
 }
 
 static void
@@ -320,10 +331,10 @@ xmlSecNssX509StoreFinalize(xmlSecKeyDataStorePtr store) {
 
     ctx = xmlSecNssX509StoreGetCtx(store);
     xmlSecAssert(ctx != NULL);
-    
+
     if (ctx->certsList) {
-	CERT_DestroyCertList(ctx->certsList);
-	ctx->certsList = NULL;
+        CERT_DestroyCertList(ctx->certsList);
+        ctx->certsList = NULL;
     }
 
     memset(ctx, 0, sizeof(xmlSecNssX509StoreCtx));
@@ -335,126 +346,188 @@ xmlSecNssX509StoreFinalize(xmlSecKeyDataStorePtr store) {
  * Low-level x509 functions
  *
  *****************************************************************************/
-static CERTCertificate*		
-xmlSecNssX509FindCert(xmlChar *subjectName, xmlChar *issuerName, 
-		      xmlChar *issuerSerial, xmlChar *ski) {
+static CERTName *
+xmlSecNssGetCertName(const xmlChar * name) {
+    xmlChar *tmp, *name2;
+    xmlChar *p;
+    CERTName *res;
+
+    xmlSecAssert2(name != NULL, NULL);
+
+    /* nss doesn't support emailAddress (see https://bugzilla.mozilla.org/show_bug.cgi?id=561689)
+     * This code is not bullet proof and may produce incorrect results if someone has
+     * "emailAddress=" string in one of the fields, but it is best I can suggest to fix 
+     * this problem.
+     */
+    name2 = xmlStrdup(name);
+    if(name2 == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "xmlStrlen(name)=%d",
+                    xmlStrlen(name));
+        return(NULL);
+    }
+    while( (p = (xmlChar*)xmlStrstr(name2, BAD_CAST "emailAddress=")) != NULL) {
+        memcpy(p, "           E=", 13);
+    }
+
+    tmp = xmlSecNssX509NameRead(name2, xmlStrlen(name2));
+    if(tmp == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNssX509NameRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name2=\"%s\"",
+                    xmlSecErrorsSafeString(name2));
+        xmlFree(name2);
+        return(NULL);
+    }
+
+    res = CERT_AsciiToName((char*)tmp);
+    if (name == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CERT_AsciiToName",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ascii=\"%s\", error code=%d",
+                    xmlSecErrorsSafeString((char*)tmp),
+                    PORT_GetError());
+        PORT_Free(tmp);
+        xmlFree(name2);
+        return(NULL);
+    }
+
+    PORT_Free(tmp);
+    return(res);
+}
+
+static CERTCertificate*
+xmlSecNssX509FindCert(CERTCertList* certsList, const xmlChar *subjectName,
+                      const xmlChar *issuerName, const xmlChar *issuerSerial,
+                      xmlChar *ski) {
     CERTCertificate *cert = NULL;
-    xmlChar         *p = NULL;
     CERTName *name = NULL;
     SECItem *nameitem = NULL;
+    CERTCertListNode* head;
+    SECItem tmpitem;
+    SECStatus status;
     PRArenaPool *arena = NULL;
+    int rv;
 
-    if (subjectName != NULL) {
-	p = xmlSecNssX509NameRead(subjectName, xmlStrlen(subjectName));
-	if (p == NULL) {
+    if ((cert == NULL) && (subjectName != NULL)) {
+        name = xmlSecNssGetCertName(subjectName);
+        if (name == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "xmlSecNssX509NameRead",
+                        "xmlSecNssGetCertName",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         "subject=%s",
                         xmlSecErrorsSafeString(subjectName));
-	    goto done;
-	}
-
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
-            xmlSecError(XMLSEC_ERRORS_HERE,
-                        NULL,
-                        "PORT_NewArena",
-                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
-                        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+            goto done;
+        }
 
-	name = CERT_AsciiToName((char*)p);
-	if (name == NULL) {
-            xmlSecError(XMLSEC_ERRORS_HERE,
-                        NULL,
-                        "CERT_AsciiToName",
-                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+        if(arena == NULL) {
+            arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+            if (arena == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PORT_NewArena",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
 
-	nameitem = SEC_ASN1EncodeItem(arena, NULL, (void *)name,
-				      SEC_ASN1_GET(CERT_NameTemplate));
-	if (nameitem == NULL) {
+        nameitem = SEC_ASN1EncodeItem(arena, NULL, (void *)name,
+                                      SEC_ASN1_GET(CERT_NameTemplate));
+        if (nameitem == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "SEC_ASN1EncodeItem",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
-						"error code=%d", PORT_GetError());
-	    goto done;
-	}
+                        "error code=%d", PORT_GetError());
+            goto done;
+        }
 
-	cert = CERT_FindCertByName(CERT_GetDefaultCertDB(), nameitem);
-	goto done;
+        cert = CERT_FindCertByName(CERT_GetDefaultCertDB(), nameitem);
     }
 
-    if((issuerName != NULL) && (issuerSerial != NULL)) {
-	CERTIssuerAndSN issuerAndSN;
+    if((cert == NULL) && (issuerName != NULL) && (issuerSerial != NULL)) {
+        CERTIssuerAndSN issuerAndSN;
+        PRUint64 issuerSN = 0;
 
-	p = xmlSecNssX509NameRead(issuerName, xmlStrlen(issuerName));
-	if (p == NULL) {
+        name = xmlSecNssGetCertName(issuerName);
+        if (name == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "xmlSecNssX509NameRead",
+                        "xmlSecNssGetCertName",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         "issuer=%s",
                         xmlSecErrorsSafeString(issuerName));
-	    goto done;
-	}
+            goto done;
+        }
 
-	arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-	if (arena == NULL) {
+        if(arena == NULL) {
+            arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+            if (arena == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PORT_NewArena",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+
+        nameitem = SEC_ASN1EncodeItem(arena, NULL, (void *)name,
+                                      SEC_ASN1_GET(CERT_NameTemplate));
+        if (nameitem == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "PORT_NewArena",
+                        "SEC_ASN1EncodeItem",
                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
-                        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+                        "error code=%d", PORT_GetError());
+            goto done;
+        }
+
+        memset(&issuerAndSN, 0, sizeof(issuerAndSN));
+
+        issuerAndSN.derIssuer.data = nameitem->data;
+        issuerAndSN.derIssuer.len = nameitem->len;
 
-	name = CERT_AsciiToName((char*)p);
-	if (name == NULL) {
+        /* TBD: serial num can be arbitrarily long */
+        if(PR_sscanf((char *)issuerSerial, "%llu", &issuerSN) != 1) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "CERT_AsciiToName",
+                        "PR_sscanf",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
-                        XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
+                        "error code=%d", PR_GetError());
+            SECITEM_FreeItem(&issuerAndSN.serialNumber, PR_FALSE);
+            goto done;
+        }
 
-	nameitem = SEC_ASN1EncodeItem(arena, NULL, (void *)name,
-				      SEC_ASN1_GET(CERT_NameTemplate));
-	if (nameitem == NULL) {
+        rv = xmlSecNssNumToItem(&issuerAndSN.serialNumber, issuerSN);
+        if(rv <= 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
-                        "SEC_ASN1EncodeItem",
+                        "xmlSecNssNumToItem",
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
-						"error code=%d", PORT_GetError());
-	    goto done;
-	}
-
-	memset(&issuerAndSN, 0, sizeof(issuerAndSN));
-
-	issuerAndSN.derIssuer.data = nameitem->data;
-	issuerAndSN.derIssuer.len = nameitem->len;
-
-	/* TBD: serial num can be arbitrarily long */
-	xmlSecNssNumToItem(&issuerAndSN.serialNumber, PORT_Atoi((char *)issuerSerial));
+                        "error code=%d", PR_GetError());
+            SECITEM_FreeItem(&issuerAndSN.serialNumber, PR_FALSE);
+            goto done;
+        }
 
-	cert = CERT_FindCertByIssuerAndSN(CERT_GetDefaultCertDB(), 
-					  &issuerAndSN);
-	SECITEM_FreeItem(&issuerAndSN.serialNumber, PR_FALSE);
-	goto done;
+        cert = CERT_FindCertByIssuerAndSN(CERT_GetDefaultCertDB(), &issuerAndSN);
+        SECITEM_FreeItem(&issuerAndSN.serialNumber, PR_FALSE);
     }
 
-    if(ski != NULL) {
-	SECItem subjKeyID;
-	int len;
+    if((cert == NULL) && (ski != NULL)) {
+        SECItem subjKeyID;
+        int len;
 
-	len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
+        len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
         if(len < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
@@ -462,25 +535,63 @@ xmlSecNssX509FindCert(xmlChar *subjectName, xmlChar *issuerName,
                         XMLSEC_ERRORS_R_XMLSEC_FAILED,
                         "ski=%s",
                         xmlSecErrorsSafeString(ski));
-	    goto done;
+            goto done;
         }
 
-	memset(&subjKeyID, 0, sizeof(subjKeyID));
-	subjKeyID.data = ski;
-	subjKeyID.len = xmlStrlen(ski);
-        cert = CERT_FindCertBySubjectKeyID(CERT_GetDefaultCertDB(), 
-					   &subjKeyID);
+        memset(&subjKeyID, 0, sizeof(subjKeyID));
+        subjKeyID.data = ski;
+        subjKeyID.len = len;
+        cert = CERT_FindCertBySubjectKeyID(CERT_GetDefaultCertDB(),
+                                           &subjKeyID);
+
+        /* try to search in our list - NSS doesn't update it's cache correctly
+         * when new certs are added https://bugzilla.mozilla.org/show_bug.cgi?id=211051
+         */
+        if((cert == NULL) && (certsList != NULL)) {
+
+            for(head = CERT_LIST_HEAD(certsList);
+                (cert == NULL) && !CERT_LIST_END(head, certsList) &&
+                (head != NULL) && (head->cert != NULL);
+                head = CERT_LIST_NEXT(head)
+            ) {
+
+                memset(&tmpitem, 0, sizeof(tmpitem));
+                status = CERT_FindSubjectKeyIDExtension(head->cert, &tmpitem);
+                if (status != SECSuccess)  {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "CERT_FindSubjectKeyIDExtension",
+                                XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                "ski");
+                    SECITEM_FreeItem(&tmpitem, PR_FALSE);
+                    goto done;
+                }
+
+                if((tmpitem.len == subjKeyID.len) &&
+                   (memcmp(tmpitem.data, subjKeyID.data, subjKeyID.len) == 0)
+                ) {
+                    cert = CERT_DupCertificate(head->cert);
+                    if(cert == NULL) {
+                        xmlSecError(XMLSEC_ERRORS_HERE,
+                                    NULL,
+                                    "CERT_DupCertificate",
+                                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                                    "error code=%d", PORT_GetError());
+                        SECITEM_FreeItem(&tmpitem, PR_FALSE);
+                        goto done;
+                    }
+                }
+                SECITEM_FreeItem(&tmpitem, PR_FALSE);
+            }
+        }
     }
 
 done:
-    if (p != NULL) {
-	PORT_Free(p);
-    }
     if (arena != NULL) {
-	PORT_FreeArena(arena, PR_FALSE);
+        PORT_FreeArena(arena, PR_FALSE);
     }
     if (name != NULL) {
-	CERT_DestroyName(name);
+        CERT_DestroyName(name);
     }
 
     return(cert);
@@ -495,161 +606,161 @@ xmlSecNssX509NameRead(xmlSecByte *str, int len) {
     int nameLen, valueLen;
 
     xmlSecAssert2(str != NULL, NULL);
-    
+
     /* return string should be no longer than input string */
     retval = (xmlSecByte *)PORT_Alloc(len+1);
     if(retval == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PORT_Alloc",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PORT_Alloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     p = retval;
-    
+
     while(len > 0) {
-	/* skip spaces after comma or semicolon */
-	while((len > 0) && isspace(*str)) {
-	    ++str; --len;
-	}
-
-	nameLen = xmlSecNssX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);	
-	if(nameLen < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNssX509NameStringRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
-	memcpy(p, name, nameLen);
-	p+=nameLen;
-	*p++='=';
-	if(len > 0) {
-	    ++str; --len;
-	    if((*str) == '\"') {
-		valueLen = xmlSecNssX509NameStringRead(&str, &len, 
-					value, sizeof(value), '"', 1);	
-		if(valueLen < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"xmlSecNssX509NameStringRead",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		    goto done;
-    		}
-		/* skip spaces before comma or semicolon */
-		while((len > 0) && isspace(*str)) {
-		    ++str; --len;
-		}
-		if((len > 0) && ((*str) != ',')) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"comma is expected");
-		    goto done;
-		}
-		if(len > 0) {
-		    ++str; --len;
-		}
-		*p++='\"';
-		memcpy(p, value, valueLen);
-		p+=valueLen;
-		*p++='\"';
-	    } else if((*str) == '#') {
-		/* TODO: read octect values */
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_DATA,
-			    "reading octect values is not implemented yet");
-		goto done;
-	    } else {
-		valueLen = xmlSecNssX509NameStringRead(&str, &len, 
-					value, sizeof(value), ',', 1);	
-		if(valueLen < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"xmlSecNssX509NameStringRead",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		    goto done;
-    		}
-		memcpy(p, value, valueLen);
-		p+=valueLen;
-		if (len > 0)
-		    *p++=',';
-	    } 			
-	} else {
-	    valueLen = 0;
-	}
-	if(len > 0) {
-	    ++str; --len;
-	}	
+        /* skip spaces after comma or semicolon */
+        while((len > 0) && isspace(*str)) {
+            ++str; --len;
+        }
+
+        nameLen = xmlSecNssX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);
+        if(nameLen < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNssX509NameStringRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+        memcpy(p, name, nameLen);
+        p+=nameLen;
+        *p++='=';
+        if(len > 0) {
+            ++str; --len;
+            if((*str) == '\"') {
+                valueLen = xmlSecNssX509NameStringRead(&str, &len,
+                                        value, sizeof(value), '"', 1);
+                if(valueLen < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecNssX509NameStringRead",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
+                }
+                /* skip spaces before comma or semicolon */
+                while((len > 0) && isspace(*str)) {
+                    ++str; --len;
+                }
+                if((len > 0) && ((*str) != ',')) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "comma is expected");
+                    goto done;
+                }
+                if(len > 0) {
+                    ++str; --len;
+                }
+                *p++='\"';
+                memcpy(p, value, valueLen);
+                p+=valueLen;
+                *p++='\"';
+            } else if((*str) == '#') {
+                /* TODO: read octect values */
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_DATA,
+                            "reading octect values is not implemented yet");
+                goto done;
+            } else {
+                valueLen = xmlSecNssX509NameStringRead(&str, &len,
+                                        value, sizeof(value), ',', 1);
+                if(valueLen < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecNssX509NameStringRead",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    goto done;
+                }
+                memcpy(p, value, valueLen);
+                p+=valueLen;
+                if (len > 0)
+                    *p++=',';
+            }
+        } else {
+            valueLen = 0;
+        }
+        if(len > 0) {
+            ++str; --len;
+        }
     }
 
     *p = 0;
     return(retval);
-    
+
 done:
     PORT_Free(retval);
     return (NULL);
 }
 
-static int 
-xmlSecNssX509NameStringRead(xmlSecByte **str, int *strLen, 
-			    xmlSecByte *res, int resLen,
-			    xmlSecByte delim, int ingoreTrailingSpaces) {
-    xmlSecByte *p, *q, *nonSpace; 
+static int
+xmlSecNssX509NameStringRead(xmlSecByte **str, int *strLen,
+                            xmlSecByte *res, int resLen,
+                            xmlSecByte delim, int ingoreTrailingSpaces) {
+    xmlSecByte *p, *q, *nonSpace;
 
     xmlSecAssert2(str != NULL, -1);
     xmlSecAssert2(strLen != NULL, -1);
     xmlSecAssert2(res != NULL, -1);
-    
+
     p = (*str);
     nonSpace = q = res;
-    while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) { 
-	if((*p) != '\\') {
-	    if(ingoreTrailingSpaces && !isspace(*p)) {
-		nonSpace = q;	
-	    }
-	    *(q++) = *(p++);
-	} else {
-	    ++p;
-	    nonSpace = q;    
-	    if(xmlSecIsHex((*p))) {
-		if((p - (*str) + 1) >= (*strLen)) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"two hex digits expected");
-	    	    return(-1);
-		}
-		*(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
-		p += 2;
-	    } else {
-		if(((++p) - (*str)) >= (*strLen)) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"escaped symbol missed");
-		    return(-1);
-		}
-		*(q++) = *(p++); 
-	    }
-	}	    
+    while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) {
+        if((*p) != '\\') {
+            if(ingoreTrailingSpaces && !isspace(*p)) {
+                nonSpace = q;
+            }
+            *(q++) = *(p++);
+        } else {
+            ++p;
+            nonSpace = q;
+            if(xmlSecIsHex((*p))) {
+                if((p - (*str) + 1) >= (*strLen)) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "two hex digits expected");
+                    return(-1);
+                }
+                *(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
+                p += 2;
+            } else {
+                if(((++p) - (*str)) >= (*strLen)) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "escaped symbol missed");
+                    return(-1);
+                }
+                *(q++) = *(p++);
+            }
+        }
     }
     if(((p - (*str)) < (*strLen)) && ((*p) != delim)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "buffer is too small");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "buffer is too small");
+        return(-1);
     }
     (*strLen) -= (p - (*str));
     (*str) = p;
@@ -657,47 +768,40 @@ xmlSecNssX509NameStringRead(xmlSecByte **str, int *strLen,
 }
 
 /* code lifted from NSS */
-static void
-xmlSecNssNumToItem(SECItem *it, unsigned long ui)
+static int
+xmlSecNssNumToItem(SECItem *it, PRUint64 ui)
 {
-    unsigned char bb[5];
-    int len;
+    unsigned char bb[9];
+    unsigned int zeros_len;
 
-    bb[0] = 0;
-    bb[1] = (unsigned char) (ui >> 24);
-    bb[2] = (unsigned char) (ui >> 16);
-    bb[3] = (unsigned char) (ui >> 8);
-    bb[4] = (unsigned char) (ui);
+    xmlSecAssert2(it != NULL, -1);
+
+    bb[0] = 0; /* important: we should have 0 at the beginning! */
+    bb[1] = (unsigned char) (ui >> 56);
+    bb[2] = (unsigned char) (ui >> 48);
+    bb[3] = (unsigned char) (ui >> 40);
+    bb[4] = (unsigned char) (ui >> 32);
+    bb[5] = (unsigned char) (ui >> 24);
+    bb[6] = (unsigned char) (ui >> 16);
+    bb[7] = (unsigned char) (ui >> 8);
+    bb[8] = (unsigned char) (ui);
 
     /*
     ** Small integers are encoded in a single byte. Larger integers
-    ** require progressively more space.
+    ** require progressively more space. Start from 1 because byte at 
+    ** position 0 is zero
     */
-    if (ui > 0x7f) {
-        if (ui > 0x7fff) {
-            if (ui > 0x7fffffL) {
-                if (ui >= 0x80000000L) {
-                    len = 5;
-                } else {
-                    len = 4;
-                }
-            } else {
-                len = 3;
-            }
-        } else {
-            len = 2;
-        }
-    } else {
-        len = 1;
-    }
+    for(zeros_len = 1; (zeros_len < sizeof(bb)) && (bb[zeros_len] == 0); ++zeros_len);
 
-    it->data = (unsigned char *)PORT_Alloc(len);
+    it->len = sizeof(bb) - (zeros_len - 1);
+    it->data = (unsigned char *)PORT_Alloc(it->len);
     if (it->data == NULL) {
-        return;
+        it->len = 0;
+        return (-1);
     }
 
-    it->len = len;
-    PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len);
+    PORT_Memcpy(it->data, bb + (zeros_len - 1), it->len);
+    return(it->len);
 }
 #endif /* XMLSEC_NO_X509 */
 
diff --git a/src/openssl/Makefile.am b/src/openssl/Makefile.am
index db2cd43e..23c225a1 100644
--- a/src/openssl/Makefile.am
+++ b/src/openssl/Makefile.am
@@ -41,10 +41,10 @@ libxmlsec1_openssl_la_SOURCES += ../strings.c
 endif
 
 libxmlsec1_openssl_la_LIBADD = \
-	../libxmlsec1.la \
 	$(OPENSSL_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_openssl_la_DEPENDENCIES = \
diff --git a/src/openssl/Makefile.in b/src/openssl/Makefile.in
index 1cb63c49..fd16efd0 100644
--- a/src/openssl/Makefile.in
+++ b/src/openssl/Makefile.in
@@ -1,9 +1,9 @@
-# Makefile.in generated by automake 1.11 from Makefile.am.
+# Makefile.in generated by automake 1.11.3 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
-# 2003, 2004, 2005, 2006, 2007, 2008, 2009  Free Software Foundation,
-# Inc.
+# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software
+# Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -38,10 +38,13 @@ host_triplet = @host@
 subdir = src/openssl
 DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
-am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__aclocal_m4_deps = $(top_srcdir)/m4/libtool.m4 \
+	$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
+	$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
+	$(top_srcdir)/configure.in
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
-mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
@@ -66,6 +69,12 @@ am__nobase_list = $(am__nobase_strip_setup); \
 am__base_list = \
   sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
   sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+  test -z "$$files" \
+    || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+    || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+         $(am__cd) "$$dir" && rm -f $$files; }; \
+  }
 am__installdirs = "$(DESTDIR)$(libdir)"
 LTLIBRARIES = $(lib_LTLIBRARIES)
 am__DEPENDENCIES_1 =
@@ -86,22 +95,39 @@ am_libxmlsec1_openssl_la_OBJECTS = libxmlsec1_openssl_la-app.lo \
 	libxmlsec1_openssl_la-x509vfy.lo $(am__objects_1) \
 	$(am__objects_2)
 libxmlsec1_openssl_la_OBJECTS = $(am_libxmlsec1_openssl_la_OBJECTS)
-libxmlsec1_openssl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
-	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
-	$(libxmlsec1_openssl_la_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+libxmlsec1_openssl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+	$(AM_CFLAGS) $(CFLAGS) $(libxmlsec1_openssl_la_LDFLAGS) \
+	$(LDFLAGS) -o $@
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
-LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
-	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo "  CC    " $@;
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
 CCLD = $(CC)
-LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
-	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
-	$(LDFLAGS) -o $@
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo "  CCLD  " $@;
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo "  GEN   " $@;
 SOURCES = $(libxmlsec1_openssl_la_SOURCES)
 DIST_SOURCES = $(am__libxmlsec1_openssl_la_SOURCES_DIST)
 ETAGS = etags
@@ -109,6 +135,7 @@ CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 ACLOCAL = @ACLOCAL@
 AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
 AR = @AR@
 AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
@@ -123,6 +150,7 @@ CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
+DLLTOOL = @DLLTOOL@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -131,6 +159,10 @@ ECHO_T = @ECHO_T@
 EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
+GCRYPT_CFLAGS = @GCRYPT_CFLAGS@
+GCRYPT_CRYPTO_LIB = @GCRYPT_CRYPTO_LIB@
+GCRYPT_LIBS = @GCRYPT_LIBS@
+GCRYPT_MIN_VERSION = @GCRYPT_MIN_VERSION@
 GNUTLS_CFLAGS = @GNUTLS_CFLAGS@
 GNUTLS_CRYPTO_LIB = @GNUTLS_CRYPTO_LIB@
 GNUTLS_LIBS = @GNUTLS_LIBS@
@@ -161,6 +193,7 @@ LTLIBOBJS = @LTLIBOBJS@
 MAINT = @MAINT@
 MAKEINFO = @MAKEINFO@
 MAN2HTML = @MAN2HTML@
+MANIFEST_TOOL = @MANIFEST_TOOL@
 MKDIR_P = @MKDIR_P@
 MOZILLA_MIN_VERSION = @MOZILLA_MIN_VERSION@
 MSCRYPTO_CFLAGS = @MSCRYPTO_CFLAGS@
@@ -192,8 +225,10 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PKGCONFIG_PRESENT = @PKGCONFIG_PRESENT@
 PKG_CONFIG = @PKG_CONFIG@
-PKG_CONFIG_ENABLED = @PKG_CONFIG_ENABLED@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
 RANLIB = @RANLIB@
 RM = @RM@
 SED = @SED@
@@ -201,7 +236,6 @@ SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
 STRIP = @STRIP@
 TAR = @TAR@
-U = @U@
 VERSION = @VERSION@
 XMLSEC_APP_DEFINES = @XMLSEC_APP_DEFINES@
 XMLSEC_CFLAGS = @XMLSEC_CFLAGS@
@@ -220,6 +254,8 @@ XMLSEC_DL_INCLUDES = @XMLSEC_DL_INCLUDES@
 XMLSEC_DL_LIBS = @XMLSEC_DL_LIBS@
 XMLSEC_DOCDIR = @XMLSEC_DOCDIR@
 XMLSEC_EXTRA_LDFLAGS = @XMLSEC_EXTRA_LDFLAGS@
+XMLSEC_GCRYPT_CFLAGS = @XMLSEC_GCRYPT_CFLAGS@
+XMLSEC_GCRYPT_LIBS = @XMLSEC_GCRYPT_LIBS@
 XMLSEC_GNUTLS_CFLAGS = @XMLSEC_GNUTLS_CFLAGS@
 XMLSEC_GNUTLS_LIBS = @XMLSEC_GNUTLS_LIBS@
 XMLSEC_LIBDIR = @XMLSEC_LIBDIR@
@@ -229,6 +265,7 @@ XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_APPS_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_CRYPTO_DYNAMIC_LOADING = @XMLSEC_NO_CRYPTO_DYNAMIC_LOADING@
 XMLSEC_NO_DES = @XMLSEC_NO_DES@
 XMLSEC_NO_DSA = @XMLSEC_NO_DSA@
+XMLSEC_NO_GCRYPT = @XMLSEC_NO_GCRYPT@
 XMLSEC_NO_GNUTLS = @XMLSEC_NO_GNUTLS@
 XMLSEC_NO_GOST = @XMLSEC_NO_GOST@
 XMLSEC_NO_HMAC = @XMLSEC_NO_HMAC@
@@ -264,6 +301,7 @@ abs_builddir = @abs_builddir@
 abs_srcdir = @abs_srcdir@
 abs_top_builddir = @abs_top_builddir@
 abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
 ac_ct_CC = @ac_ct_CC@
 ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
 am__include = @am__include@
@@ -296,7 +334,6 @@ libdir = @libdir@
 libexecdir = @libexecdir@
 localedir = @localedir@
 localstatedir = @localstatedir@
-lt_ECHO = @lt_ECHO@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
 oldincludedir = @oldincludedir@
@@ -335,10 +372,10 @@ libxmlsec1_openssl_la_SOURCES = app.c bn.c ciphers.c crypto.c \
 	digests.c evp.c hmac.c kw_aes.c kw_des.c kt_rsa.c signatures.c \
 	symkeys.c x509.c x509vfy.c globals.h $(NULL) $(am__append_1)
 libxmlsec1_openssl_la_LIBADD = \
-	../libxmlsec1.la \
 	$(OPENSSL_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_openssl_la_DEPENDENCIES = \
@@ -414,8 +451,8 @@ clean-libLTLIBRARIES:
 	  echo "rm -f \"$${dir}/so_locations\""; \
 	  rm -f "$${dir}/so_locations"; \
 	done
-libxmlsec1-openssl.la: $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_DEPENDENCIES) 
-	$(libxmlsec1_openssl_la_LINK) -rpath $(libdir) $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_LIBADD) $(LIBS)
+libxmlsec1-openssl.la: $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_DEPENDENCIES) $(EXTRA_libxmlsec1_openssl_la_DEPENDENCIES) 
+	$(AM_V_CCLD)$(libxmlsec1_openssl_la_LINK) -rpath $(libdir) $(libxmlsec1_openssl_la_OBJECTS) $(libxmlsec1_openssl_la_LIBADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -440,130 +477,130 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo@am__quote@
 
 .c.o:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c $<
 
 .c.obj:
-@am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
 
 .c.lo:
-@am__fastdepCC_TRUE@	$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
 libxmlsec1_openssl_la-app.lo: app.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo $(DEPDIR)/libxmlsec1_openssl_la-app.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='app.c' object='libxmlsec1_openssl_la-app.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-app.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-app.Tpo $(DEPDIR)/libxmlsec1_openssl_la-app.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='app.c' object='libxmlsec1_openssl_la-app.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-app.lo `test -f 'app.c' || echo '$(srcdir)/'`app.c
 
 libxmlsec1_openssl_la-bn.lo: bn.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-bn.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo $(DEPDIR)/libxmlsec1_openssl_la-bn.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='bn.c' object='libxmlsec1_openssl_la-bn.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-bn.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-bn.Tpo $(DEPDIR)/libxmlsec1_openssl_la-bn.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='bn.c' object='libxmlsec1_openssl_la-bn.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-bn.lo `test -f 'bn.c' || echo '$(srcdir)/'`bn.c
 
 libxmlsec1_openssl_la-ciphers.lo: ciphers.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='ciphers.c' object='libxmlsec1_openssl_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-ciphers.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Tpo $(DEPDIR)/libxmlsec1_openssl_la-ciphers.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='ciphers.c' object='libxmlsec1_openssl_la-ciphers.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-ciphers.lo `test -f 'ciphers.c' || echo '$(srcdir)/'`ciphers.c
 
 libxmlsec1_openssl_la-crypto.lo: crypto.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo $(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='crypto.c' object='libxmlsec1_openssl_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-crypto.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-crypto.Tpo $(DEPDIR)/libxmlsec1_openssl_la-crypto.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='crypto.c' object='libxmlsec1_openssl_la-crypto.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-crypto.lo `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c
 
 libxmlsec1_openssl_la-digests.lo: digests.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo $(DEPDIR)/libxmlsec1_openssl_la-digests.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='digests.c' object='libxmlsec1_openssl_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-digests.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-digests.Tpo $(DEPDIR)/libxmlsec1_openssl_la-digests.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='digests.c' object='libxmlsec1_openssl_la-digests.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-digests.lo `test -f 'digests.c' || echo '$(srcdir)/'`digests.c
 
 libxmlsec1_openssl_la-evp.lo: evp.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-evp.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo $(DEPDIR)/libxmlsec1_openssl_la-evp.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='evp.c' object='libxmlsec1_openssl_la-evp.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-evp.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-evp.Tpo $(DEPDIR)/libxmlsec1_openssl_la-evp.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='evp.c' object='libxmlsec1_openssl_la-evp.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-evp.lo `test -f 'evp.c' || echo '$(srcdir)/'`evp.c
 
 libxmlsec1_openssl_la-hmac.lo: hmac.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo $(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='hmac.c' object='libxmlsec1_openssl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-hmac.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-hmac.Tpo $(DEPDIR)/libxmlsec1_openssl_la-hmac.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='hmac.c' object='libxmlsec1_openssl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-hmac.lo `test -f 'hmac.c' || echo '$(srcdir)/'`hmac.c
 
 libxmlsec1_openssl_la-kw_aes.lo: kw_aes.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kw_aes.c' object='libxmlsec1_openssl_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_aes.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_aes.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_aes.c' object='libxmlsec1_openssl_la-kw_aes.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_aes.lo `test -f 'kw_aes.c' || echo '$(srcdir)/'`kw_aes.c
 
 libxmlsec1_openssl_la-kw_des.lo: kw_des.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kw_des.c' object='libxmlsec1_openssl_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kw_des.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kw_des.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kw_des.c' object='libxmlsec1_openssl_la-kw_des.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kw_des.lo `test -f 'kw_des.c' || echo '$(srcdir)/'`kw_des.c
 
 libxmlsec1_openssl_la-kt_rsa.lo: kt_rsa.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='kt_rsa.c' object='libxmlsec1_openssl_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-kt_rsa.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Tpo $(DEPDIR)/libxmlsec1_openssl_la-kt_rsa.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='kt_rsa.c' object='libxmlsec1_openssl_la-kt_rsa.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-kt_rsa.lo `test -f 'kt_rsa.c' || echo '$(srcdir)/'`kt_rsa.c
 
 libxmlsec1_openssl_la-signatures.lo: signatures.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo $(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='signatures.c' object='libxmlsec1_openssl_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-signatures.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-signatures.Tpo $(DEPDIR)/libxmlsec1_openssl_la-signatures.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='signatures.c' object='libxmlsec1_openssl_la-signatures.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-signatures.lo `test -f 'signatures.c' || echo '$(srcdir)/'`signatures.c
 
 libxmlsec1_openssl_la-symkeys.lo: symkeys.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='symkeys.c' object='libxmlsec1_openssl_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-symkeys.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Tpo $(DEPDIR)/libxmlsec1_openssl_la-symkeys.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='symkeys.c' object='libxmlsec1_openssl_la-symkeys.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-symkeys.lo `test -f 'symkeys.c' || echo '$(srcdir)/'`symkeys.c
 
 libxmlsec1_openssl_la-x509.lo: x509.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509.c' object='libxmlsec1_openssl_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509.c' object='libxmlsec1_openssl_la-x509.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509.lo `test -f 'x509.c' || echo '$(srcdir)/'`x509.c
 
 libxmlsec1_openssl_la-x509vfy.lo: x509vfy.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='x509vfy.c' object='libxmlsec1_openssl_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-x509vfy.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Tpo $(DEPDIR)/libxmlsec1_openssl_la-x509vfy.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='x509vfy.c' object='libxmlsec1_openssl_la-x509vfy.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-x509vfy.lo `test -f 'x509vfy.c' || echo '$(srcdir)/'`x509vfy.c
 
 libxmlsec1_openssl_la-strings.lo: ../strings.c
-@am__fastdepCC_TRUE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
-@am__fastdepCC_TRUE@	$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo $(DEPDIR)/libxmlsec1_openssl_la-strings.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='../strings.c' object='libxmlsec1_openssl_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libxmlsec1_openssl_la-strings.lo -MD -MP -MF $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libxmlsec1_openssl_la-strings.Tpo $(DEPDIR)/libxmlsec1_openssl_la-strings.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='../strings.c' object='libxmlsec1_openssl_la-strings.lo' libtool=yes @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(LIBTOOL)  --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libxmlsec1_openssl_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libxmlsec1_openssl_la-strings.lo `test -f '../strings.c' || echo '$(srcdir)/'`../strings.c
 
 mostlyclean-libtool:
 	-rm -f *.lo
@@ -670,10 +707,15 @@ install-am: all-am
 
 installcheck: installcheck-am
 install-strip:
-	$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
-	  install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
-	  `test -z '$(STRIP)' || \
-	    echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+	if test -z '$(STRIP)'; then \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	      install; \
+	else \
+	  $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+	    install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+	    "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+	fi
 mostlyclean-generic:
 
 clean-generic:
diff --git a/src/openssl/README b/src/openssl/README
index 462b1842..0f1c625d 100644
--- a/src/openssl/README
+++ b/src/openssl/README
@@ -5,13 +5,13 @@ OpenSSL 0.9.6 is supported but some functionality requires 0.9.7 or greater.
 KEYS MANAGER
 ------------------------------------------------------------------------
 
-OpenSSL does not have a keys or certificates storage implementation. The 
-default xmlsec-openssl key manager uses a simple keys store from xmlsec 
+OpenSSL does not have a keys or certificates storage implementation. The
+default xmlsec-openssl key manager uses a simple keys store from xmlsec
 core library based on plain keys list. Trusted/untrusted certificates
 are stored in STACK_OF(X509) structures.
 
 KNOWN ISSUES.
 ------------------------------------------------------------------------
-1) One day we might decide to drop OpenSSL 0.9.6 supprot and remove all 
+1) One day we might decide to drop OpenSSL 0.9.6 supprot and remove all
 these ifdef's to simplify the code.
 
diff --git a/src/openssl/app.c b/src/openssl/app.c
index 88dbc090..4f8f79e6 100644
--- a/src/openssl/app.c
+++ b/src/openssl/app.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -32,17 +32,27 @@
 #include <xmlsec/openssl/evp.h>
 #include <xmlsec/openssl/x509.h>
 
-static int 		xmlSecOpenSSLAppLoadRANDFile		(const char *file);
-static int 		xmlSecOpenSSLAppSaveRANDFile		(const char *file);
-static int		xmlSecOpenSSLDefaultPasswordCallback(char *buf, int bufsiz, int verify, void *userdata);
-static int      xmlSecOpenSSLDummyPasswordCallback  (char *buf, int bufsize, int verify, void *userdata);
+static int      xmlSecOpenSSLAppLoadRANDFile            (const char *file);
+static int      xmlSecOpenSSLAppSaveRANDFile            (const char *file);
+static int      xmlSecOpenSSLDefaultPasswordCallback    (char *buf,
+                                                         int bufsiz,
+                                                         int verify,
+                                                         void *userdata);
+static int      xmlSecOpenSSLDummyPasswordCallback      (char *buf,
+                                                         int bufsize,
+                                                         int verify,
+                                                         void *userdata);
+
+/* conversion from ptr to func "the right way" */
+XMLSEC_PTR_TO_FUNC_IMPL(pem_password_cb)
+
 
 /**
  * xmlSecOpenSSLAppInit:
- * @config:		the path to certs.
+ * @config:             the path to certs.
  *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -54,21 +64,21 @@ xmlSecOpenSSLAppInit(const char* config) {
     OpenSSL_add_all_algorithms();
 
     if((RAND_status() != 1) && (xmlSecOpenSSLAppLoadRANDFile(NULL) != 1)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppLoadRANDFile",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppLoadRANDFile",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     if((config != NULL) && (xmlSecOpenSSLSetDefaultTrustedCertsFolder(BAD_CAST config) < 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLSetDefaultTrustedCertsFolder",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLSetDefaultTrustedCertsFolder",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -76,9 +86,9 @@ xmlSecOpenSSLAppInit(const char* config) {
 
 /**
  * xmlSecOpenSSLAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -87,15 +97,15 @@ int
 xmlSecOpenSSLAppShutdown(void) {
     xmlSecOpenSSLAppSaveRANDFile(NULL);
     RAND_cleanup();
-    EVP_cleanup();    
+    EVP_cleanup();
 
 #ifndef XMLSEC_NO_X509
     X509_TRUST_cleanup();
-#endif /* XMLSEC_NO_X509 */    
+#endif /* XMLSEC_NO_X509 */
 
 #ifndef XMLSEC_OPENSSL_096
     CRYPTO_cleanup_all_ex_data();
-#endif /* XMLSEC_OPENSSL_096 */     
+#endif /* XMLSEC_OPENSSL_096 */
 
     /* finally cleanup errors */
     ERR_remove_state(0);
@@ -106,11 +116,11 @@ xmlSecOpenSSLAppShutdown(void) {
 
 /**
  * xmlSecOpenSSLAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file.
  *
@@ -118,89 +128,89 @@ xmlSecOpenSSLAppShutdown(void) {
  */
 xmlSecKeyPtr
 xmlSecOpenSSLAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-			const char *pwd, void* pwdCallback, 
-			void* pwdCallbackCtx) {
+                        const char *pwd, void* pwdCallback,
+                        void* pwdCallbackCtx) {
     BIO* bio;
     xmlSecKeyPtr key;
-    
+
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
     bio = BIO_new_file(filename, "rb");
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_file",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        return(NULL);
     }
 
     key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeyLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	BIO_free(bio);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeyLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        BIO_free(bio);
+        return(NULL);
+    }
+
     BIO_free(bio);
     return(key);
 }
 
 /**
  * xmlSecOpenSSLAppKeyLoadMemory:
- * @data:		the binary key data.
- * @dataSize:		the size of binary key.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the binary key data.
+ * @dataSize:           the size of binary key.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the memory buffer.
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
 xmlSecKeyPtr
-xmlSecOpenSSLAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
-			xmlSecKeyDataFormat format, const char *pwd, 
-			void* pwdCallback, void* pwdCallbackCtx) {
+xmlSecOpenSSLAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecKeyDataFormat format, const char *pwd,
+                        void* pwdCallback, void* pwdCallbackCtx) {
     BIO* bio;
     xmlSecKeyPtr key;
-    
+
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
+
     /* this would be a read only BIO, cast from const is ok */
     bio = BIO_new_mem_buf((void*)data, dataSize);
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_mem_buf",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "errno=%d", 
-		    errno);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_mem_buf",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "errno=%d",
+                    errno);
+        return(NULL);
     }
 
     key = xmlSecOpenSSLAppKeyLoadBIO (bio, format, pwd, pwdCallback, pwdCallbackCtx);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeyLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free(bio);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeyLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free(bio);
+        return(NULL);
+    }
+
     BIO_free(bio);
     return(key);
 }
@@ -208,11 +218,11 @@ xmlSecOpenSSLAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
 
 /**
  * xmlSecOpenSSLAppKeyLoadBIO:
- * @bio:		the key BIO.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @bio:                the key BIO.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the an OpenSSL BIO object.
  *
@@ -220,12 +230,12 @@ xmlSecOpenSSLAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
  */
 xmlSecKeyPtr
 xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
-			const char *pwd, void* pwdCallback, 
-			void* pwdCallbackCtx) {
+                        const char *pwd, void* pwdCallback,
+                        void* pwdCallbackCtx) {
 
     xmlSecKeyPtr key = NULL;
     xmlSecKeyDataPtr data;
-    EVP_PKEY* pKey = NULL;    
+    EVP_PKEY* pKey = NULL;
     int ret;
 
     xmlSecAssert2(bio != NULL, NULL);
@@ -233,208 +243,220 @@ xmlSecOpenSSLAppKeyLoadBIO(BIO* bio, xmlSecKeyDataFormat format,
 
     switch(format) {
     case xmlSecKeyDataFormatPem:
-        /* try to read private key first */    
-	    pKey = PEM_read_bio_PrivateKey(bio, NULL, 
-            (pwd != NULL) ? xmlSecOpenSSLDummyPasswordCallback : (pem_password_cb*)pwdCallback, 
-            (pwd != NULL) ? pwd : pwdCallbackCtx);
+        /* try to read private key first */
+        if(pwd != NULL) {
+            pKey = PEM_read_bio_PrivateKey(bio, NULL,
+                        xmlSecOpenSSLDummyPasswordCallback,
+                        (void*)pwd);
+        } else {
+            pKey = PEM_read_bio_PrivateKey(bio, NULL,
+                            XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
+                            pwdCallbackCtx);
+        }
         if(pKey == NULL) {
-    	    /* go to start of the file and try to read public key */
-	    BIO_reset(bio); 
-	    pKey = PEM_read_bio_PUBKEY(bio, NULL, (pem_password_cb*)pwdCallback, pwdCallbackCtx);
-	    if(pKey == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(NULL);
-	    }
-	}
-	break;
+            /* go to start of the file and try to read public key */
+            BIO_reset(bio);
+            pKey = PEM_read_bio_PUBKEY(bio, NULL,
+                            XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
+                            pwdCallbackCtx);
+            if(pKey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(NULL);
+            }
+        }
+        break;
     case xmlSecKeyDataFormatDer:
-        /* try to read private key first */    
-	pKey = d2i_PrivateKey_bio(bio, NULL);
+        /* try to read private key first */
+        pKey = d2i_PrivateKey_bio(bio, NULL);
         if(pKey == NULL) {
-    	    /* go to start of the file and try to read public key */
-	    BIO_reset(bio); 
-	    pKey = d2i_PUBKEY_bio(bio, NULL);
-	    if(pKey == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "d2i_PrivateKey_bio and d2i_PUBKEY_bio",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(NULL);
-	    }
-	}
-	break;
+            /* go to start of the file and try to read public key */
+            BIO_reset(bio);
+            pKey = d2i_PUBKEY_bio(bio, NULL);
+            if(pKey == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "d2i_PrivateKey_bio and d2i_PUBKEY_bio",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(NULL);
+            }
+        }
+        break;
     case xmlSecKeyDataFormatPkcs8Pem:
-        /* try to read private key first */    
-	pKey = PEM_read_bio_PrivateKey(bio, NULL, (pem_password_cb*)pwdCallback, pwdCallbackCtx);
+        /* try to read private key first */
+        pKey = PEM_read_bio_PrivateKey(bio, NULL,
+                            XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
+                            pwdCallbackCtx);
         if(pKey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"PEM_read_bio_PrivateKey",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	break;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "PEM_read_bio_PrivateKey",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
     case xmlSecKeyDataFormatPkcs8Der:
-        /* try to read private key first */    
-	pKey = d2i_PKCS8PrivateKey_bio(bio, NULL, (pem_password_cb*)pwdCallback, pwdCallbackCtx);
+        /* try to read private key first */
+        pKey = d2i_PKCS8PrivateKey_bio(bio, NULL,
+                            XMLSEC_PTR_TO_FUNC(pem_password_cb, pwdCallback),
+                            pwdCallbackCtx);
         if(pKey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"d2i_PrivateKey_bio and d2i_PUBKEY_bio",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}
-	break;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "d2i_PrivateKey_bio and d2i_PUBKEY_bio",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
 #ifndef XMLSEC_NO_X509
     case xmlSecKeyDataFormatPkcs12:
-	key = xmlSecOpenSSLAppPkcs12LoadBIO(bio, pwd, pwdCallback, pwdCallbackCtx);
+        key = xmlSecOpenSSLAppPkcs12LoadBIO(bio, pwd, pwdCallback, pwdCallbackCtx);
         if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLAppPkcs12LoadBIO",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	return(key);
-	
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLAppPkcs12LoadBIO",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        return(key);
+
     case xmlSecKeyDataFormatCertPem:
-    case xmlSecKeyDataFormatCertDer: 
-	key = xmlSecOpenSSLAppKeyFromCertLoadBIO(bio, format);
+    case xmlSecKeyDataFormatCertDer:
+        key = xmlSecOpenSSLAppKeyFromCertLoadBIO(bio, format);
         if(key == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLAppKeyFromCertLoadBIO",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-	return(key);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLAppKeyFromCertLoadBIO",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        return(key);
 #endif /* XMLSEC_NO_X509 */
 
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format); 
-	return(NULL);
-    }        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
+    }
 
     data = xmlSecOpenSSLEvpKeyAdopt(pKey);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLEvpKeyAdopt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	EVP_PKEY_free(pKey);
-	return(NULL);	    
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLEvpKeyAdopt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        EVP_PKEY_free(pKey);
+        return(NULL);
+    }
 
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
+    }
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	xmlSecKeyDestroy(key);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+        xmlSecKeyDestroy(key);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
+    }
+
     return(key);
 }
 
 
 #ifndef XMLSEC_NO_X509
-static X509*		xmlSecOpenSSLAppCertLoadBIO		(BIO* bio,
-								 xmlSecKeyDataFormat format);
+static X509*            xmlSecOpenSSLAppCertLoadBIO             (BIO* bio,
+                                                                 xmlSecKeyDataFormat format);
 /**
  * xmlSecOpenSSLAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@filename and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
+int
 xmlSecOpenSSLAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, xmlSecKeyDataFormat format) {
     BIO* bio;
     int ret;
-        
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     bio = BIO_new_file(filename, "rb");
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_file",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeyCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	BIO_free(bio);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeyCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        BIO_free(bio);
+        return(-1);
+    }
+
     BIO_free(bio);
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from memory buffer and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
-				xmlSecKeyDataFormat format) {
+int
+xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
+                                xmlSecKeyDataFormat format) {
     BIO* bio;
     int ret;
-        
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -442,106 +464,106 @@ xmlSecOpenSSLAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlS
     /* this would be a read only BIO, cast from const is ok */
     bio = BIO_new_mem_buf((void*)data, dataSize);
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_mem_buf",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "errno=%d", 
-		    errno);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_mem_buf",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "errno=%d",
+                    errno);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLAppKeyCertLoadBIO (key, bio, format);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeyCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free(bio);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeyCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free(bio);
+        return(-1);
+    }
+
     BIO_free(bio);
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppKeyCertLoadBIO:
- * @key:		the pointer to key.
- * @bio:		the certificate bio.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @bio:                the certificate bio.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from memory buffer and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
+int
 xmlSecOpenSSLAppKeyCertLoadBIO(xmlSecKeyPtr key, BIO* bio, xmlSecKeyDataFormat format) {
 
     xmlSecKeyDataFormat certFormat;
     xmlSecKeyDataPtr data;
     X509 *cert;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(bio != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyEnsureData",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id)));
+        return(-1);
     }
 
     /* adjust cert format */
     switch(format) {
     case xmlSecKeyDataFormatPkcs8Pem:
-	certFormat = xmlSecKeyDataFormatPem;
-	break;
+        certFormat = xmlSecKeyDataFormatPem;
+        break;
     case xmlSecKeyDataFormatPkcs8Der:
-	certFormat = xmlSecKeyDataFormatDer;
-	break;
+        certFormat = xmlSecKeyDataFormatDer;
+        break;
     default:
-	certFormat = format;
+        certFormat = format;
     }
 
     cert = xmlSecOpenSSLAppCertLoadBIO(bio, certFormat);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppCertLoad", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
-    }    	
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppCertLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
-	X509_free(cert);
-	return(-1);    
-    }
-    
-    return(0);        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)));
+        X509_free(cert);
+        return(-1);
+    }
+
+    return(0);
 }
 
 /**
  * xmlSecOpenSSLAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file.
  * For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
@@ -549,50 +571,50 @@ xmlSecOpenSSLAppKeyCertLoadBIO(xmlSecKeyPtr key, BIO* bio, xmlSecKeyDataFormat f
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
-			   void* pwdCallback, void* pwdCallbackCtx) {
+                           void* pwdCallback, void* pwdCallbackCtx) {
     BIO* bio;
     xmlSecKeyPtr key;
-    
+
     xmlSecAssert2(filename != NULL, NULL);
 
     bio = BIO_new_file(filename, "rb");
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_file",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        return(NULL);
     }
 
     key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppPkcs12LoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	BIO_free(bio);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppPkcs12LoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        BIO_free(bio);
+        return(NULL);
+    }
+
     BIO_free(bio);
     return(key);
 }
 
 /**
  * xmlSecOpenSSLAppPkcs12LoadMemory:
- * @data:		the PKCS12 binary data.
- * @dataSize:		the PKCS12 binary data size.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the PKCS12 binary data.
+ * @dataSize:           the PKCS12 binary data size.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 data in memory buffer.
  * For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
@@ -600,48 +622,48 @@ xmlSecOpenSSLAppPkcs12Load(const char *filename, const char *pwd,
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, 
-			   const char *pwd, void* pwdCallback, 
-			   void* pwdCallbackCtx) {
+xmlSecKeyPtr
+xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
+                           const char *pwd, void* pwdCallback,
+                           void* pwdCallbackCtx) {
     BIO* bio;
     xmlSecKeyPtr key;
-    
+
     xmlSecAssert2(data != NULL, NULL);
 
     /* this would be a read only BIO, cast from const is ok */
     bio = BIO_new_mem_buf((void*)data, dataSize);
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_mem_buf",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "errno=%d", 
-		    errno);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_mem_buf",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "errno=%d",
+                    errno);
+        return(NULL);
     }
 
     key = xmlSecOpenSSLAppPkcs12LoadBIO (bio, pwd, pwdCallback, pwdCallbackCtx);
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppPkcs12LoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free(bio);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppPkcs12LoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free(bio);
+        return(NULL);
+    }
+
     BIO_free(bio);
     return(key);
 }
 
 /**
  * xmlSecOpenSSLAppPkcs12LoadBIO:
- * @bio:		the PKCS12 key bio.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @bio:                the PKCS12 key bio.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 data in an OpenSSL BIO object.
  * For uniformity, call xmlSecOpenSSLAppKeyLoad instead of this function. Pass
@@ -649,10 +671,10 @@ xmlSecOpenSSLAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize,
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecOpenSSLAppPkcs12LoadBIO(BIO* bio, const char *pwd,
-			   void* pwdCallback ATTRIBUTE_UNUSED, 
-			   void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+                           void* pwdCallback ATTRIBUTE_UNUSED,
+                           void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
 
     PKCS12 *p12 = NULL;
     EVP_PKEY *pKey = NULL;
@@ -663,206 +685,229 @@ xmlSecOpenSSLAppPkcs12LoadBIO(BIO* bio, const char *pwd,
     X509 *cert = NULL;
     X509 *tmpcert = NULL;
     int i;
+    int has_cert;
     int ret;
 
     xmlSecAssert2(bio != NULL, NULL);
-        
+
     p12 = d2i_PKCS12_bio(bio, NULL);
     if(p12 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "d2i_PKCS12_fp",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "d2i_PKCS12_fp",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = PKCS12_verify_mac(p12, pwd, (pwd != NULL) ? strlen(pwd) : 0);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PKCS12_verify_mac",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PKCS12_verify_mac",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = PKCS12_parse(p12, pwd, &pKey, &cert, &chain);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "PKCS12_parse",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "PKCS12_parse",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
 
     data = xmlSecOpenSSLEvpKeyAdopt(pKey);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLEvpKeyAdopt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	EVP_PKEY_free(pKey);	
-	goto done;
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLEvpKeyAdopt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        EVP_PKEY_free(pKey);
+        goto done;
+    }
 
     x509Data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataX509Id);
     if(x509Data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id)));
-	goto done;
-    }    
-
-    tmpcert = X509_dup(cert);
-    if(tmpcert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	goto done;	
-    }
-
-    /* starting from openssl 1.0.0 the PKCS12_parse() call will not create certs 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecOpenSSLKeyDataX509Id)));
+        goto done;
+    }
+
+    /* starting from openssl 1.0.0 the PKCS12_parse() call will not create certs
        chain object if there is no certificates in the pkcs12 file and it will be null
      */
     if(chain == NULL) {
-	chain = sk_X509_new_null();
-	if(chain == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"sk_X509_new_null",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}    
-    } 
-        
-    ret = sk_X509_push(chain, tmpcert);
-    if(ret < 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "sk_X509_push",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	X509_free(tmpcert);
-	goto done;	
-    }
-    
+        chain = sk_X509_new_null();
+        if(chain == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "sk_X509_new_null",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+    }
+
+    /*
+        The documentation states (http://www.openssl.org/docs/crypto/PKCS12_parse.html):
+
+        If successful the private key will be written to "*pkey", the
+        corresponding certificate to "*cert" and any additional certificates
+        to "*ca".
+
+        In reality, the function sometime returns in the "ca" the certificates
+        including the one it is already returned in "cert".
+    */
+    has_cert = 0;
+    for(i = 0; i < sk_X509_num(chain); ++i) {
+        xmlSecAssert2(sk_X509_value(chain, i), NULL);
+
+        if(X509_cmp(sk_X509_value(chain, i), cert) == 0) {
+            has_cert = 1;
+            break;
+        }
+    }
+
+    if(has_cert == 0) {
+        tmpcert = X509_dup(cert);
+        if(tmpcert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "X509_dup",
+                         XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+
+        ret = sk_X509_push(chain, tmpcert);
+        if(ret < 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "sk_X509_push",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            X509_free(tmpcert);
+            goto done;
+        }
+    }
+
     ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(x509Data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKeyDataX509AdoptKeyCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKeyDataX509AdoptKeyCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        goto done;
     }
     cert = NULL;
 
     for(i = 0; i < sk_X509_num(chain); ++i) {
-	xmlSecAssert2(sk_X509_value(chain, i), NULL);
+        xmlSecAssert2(sk_X509_value(chain, i), NULL);
 
-	tmpcert = X509_dup(sk_X509_value(chain, i));
+        tmpcert = X509_dup(sk_X509_value(chain, i));
         if(tmpcert == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"X509_dup",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"data=%s",
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    X509_free(tmpcert);
-	    goto done;	
-	}
-	
-	ret = xmlSecOpenSSLKeyDataX509AdoptCert(x509Data, tmpcert);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"data=%s",
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	    goto done;
-	}
-    }
-        
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "X509_dup",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            X509_free(tmpcert);
+            goto done;
+        }
+
+        ret = xmlSecOpenSSLKeyDataX509AdoptCert(x509Data, tmpcert);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "data=%s",
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+            goto done;
+        }
+    }
+
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     data = NULL;
 
     ret = xmlSecKeyAdoptData(key, x509Data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyAdoptData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "data=%s",
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
-	xmlSecKeyDestroy(key);
-	key = NULL;
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyAdoptData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "data=%s",
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(x509Data)));
+        xmlSecKeyDestroy(key);
+        key = NULL;
+        goto done;
     }
     x509Data = NULL;
-    
-done: 
+
+done:
     if(x509Data != NULL) {
-	xmlSecKeyDataDestroy(x509Data);
+        xmlSecKeyDataDestroy(x509Data);
     }
     if(data != NULL) {
-	xmlSecKeyDataDestroy(data);
+        xmlSecKeyDataDestroy(data);
     }
     if(chain != NULL) {
-	sk_X509_pop_free(chain, X509_free); 
+        sk_X509_pop_free(chain, X509_free);
     }
     if(cert != NULL) {
-	X509_free(cert);
+        X509_free(cert);
     }
     if(p12 != NULL) {
         PKCS12_free(p12);
     }
-    return(key);    
+    return(key);
 }
 
 /**
  * xmlSecOpenSSLAppKeyFromCertLoadBIO:
- * @bio:		the BIO.
- * @format:		the cert format.
+ * @bio:                the BIO.
+ * @format:             the cert format.
  *
  * Loads public key from cert.
  *
  * Returns: pointer to key or NULL if an error occurs.
  */
-xmlSecKeyPtr 
+xmlSecKeyPtr
 xmlSecOpenSSLAppKeyFromCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
     xmlSecKeyPtr key;
     xmlSecKeyDataPtr keyData;
@@ -872,147 +917,147 @@ xmlSecOpenSSLAppKeyFromCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
 
     xmlSecAssert2(bio != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
+
     /* load cert */
     cert = xmlSecOpenSSLAppCertLoadBIO(bio, format);
     if(cert == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);    
+                    NULL,
+                    "xmlSecOpenSSLAppCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* get key value */
     keyData = xmlSecOpenSSLX509CertGetKey(cert);
     if(keyData == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509CertGetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert);
-	return(NULL);    
-    }
-    
+                    NULL,
+                    "xmlSecOpenSSLX509CertGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert);
+        return(NULL);
+    }
+
     /* create key */
     key = xmlSecKeyCreate();
     if(key == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(keyData);
-	X509_free(cert);
-	return(NULL);    
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(keyData);
+        X509_free(cert);
+        return(NULL);
+    }
+
     /* set key value */
     ret = xmlSecKeySetValue(key, keyData);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	xmlSecKeyDataDestroy(keyData);
-	X509_free(cert);
-	return(NULL);    
-    }
-
-    /* create cert data */ 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        xmlSecKeyDataDestroy(keyData);
+        X509_free(cert);
+        return(NULL);
+    }
+
+    /* create cert data */
     certData = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
     if(certData == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyEnsureData",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	X509_free(cert);
-	return(NULL);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        X509_free(cert);
+        return(NULL);
     }
 
     /* put cert in the cert data */
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(certData, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	X509_free(cert);
-	return(NULL);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        X509_free(cert);
+        return(NULL);
+    }
+
     return(key);
 }
 
 
 /**
  * xmlSecOpenSSLAppKeysMngrCertLoad:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-			    xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
+xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+                            xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
     BIO* bio;
     int ret;
-        
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     bio = BIO_new_file(filename, "rb");
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_file",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLAppKeysMngrCertLoadBIO(mngr, bio, format, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s;errno=%d", 
-		    xmlSecErrorsSafeString(filename), 
-		    errno);
-	BIO_free(bio);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s;errno=%d",
+                    xmlSecErrorsSafeString(filename),
+                    errno);
+        BIO_free(bio);
+        return(-1);
+    }
+
     BIO_free(bio);
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppKeysMngrCertLoadMemory:
- * @mngr: 		the keys manager.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate trusted or not.
+ *
  * Reads cert from binary buffer @data and adds to the list of trusted or known
  * untrusted certs in @store.
  *
@@ -1020,11 +1065,11 @@ xmlSecOpenSSLAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
  */
 int
 xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
-				    xmlSecSize dataSize, xmlSecKeyDataFormat format, 
-				    xmlSecKeyDataType type) {
+                                    xmlSecSize dataSize, xmlSecKeyDataFormat format,
+                                    xmlSecKeyDataType type) {
     BIO* bio;
     int ret;
-        
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
@@ -1032,45 +1077,45 @@ xmlSecOpenSSLAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte*
     /* this would be a read only BIO, cast from const is ok */
     bio = BIO_new_mem_buf((void*)data, dataSize);
     if(bio == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new_mem_buf",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "errno=%d", 
-		    errno);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new_mem_buf",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "errno=%d",
+                    errno);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLAppKeysMngrCertLoadBIO(mngr, bio, format, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free(bio);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppKeysMngrCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free(bio);
+        return(-1);
+    }
+
     BIO_free(bio);
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppKeysMngrCertLoadBIO:
- * @mngr: 		the keys manager.
- * @bio: 		the certificate BIO.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @bio:                the certificate BIO.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate trusted or not.
+ *
  * Reads cert from an OpenSSL BIO object and adds to the list of trusted or known
  * untrusted certs in @store.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, BIO* bio, 
-				    xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
+xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, BIO* bio,
+                                    xmlSecKeyDataFormat format, xmlSecKeyDataType type) {
     xmlSecKeyDataStorePtr x509Store;
     X509* cert;
     int ret;
@@ -1078,46 +1123,46 @@ xmlSecOpenSSLAppKeysMngrCertLoadBIO(xmlSecKeysMngrPtr mngr, BIO* bio,
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(bio != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecOpenSSLX509StoreId");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecOpenSSLX509StoreId");
+        return(-1);
     }
 
     cert = xmlSecOpenSSLAppCertLoadBIO(bio, format);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLAppCertLoadBIO",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
-    }    	
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLAppCertLoadBIO",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLX509StoreAdoptCert(x509Store, cert, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509StoreAdoptCert",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert);
-	return(-1);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509StoreAdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppKeysMngrAddCertsPath:
- * @mngr: 		the keys manager.
- * @path:		the path to trusted certificates.
- * 
+ * @mngr:               the keys manager.
+ * @path:               the path to trusted certificates.
+ *
  * Reads cert from @path and adds to the list of trusted certificates.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -1129,27 +1174,27 @@ xmlSecOpenSSLAppKeysMngrAddCertsPath(xmlSecKeysMngrPtr mngr, const char *path) {
 
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(path != NULL, -1);
-    
+
     x509Store = xmlSecKeysMngrGetDataStore(mngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecOpenSSLX509StoreId");
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecOpenSSLX509StoreId");
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLX509StoreAddCertsPath(x509Store, path);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509StoreAddCertsPath",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "path=%s", xmlSecErrorsSafeString(path));
-	return(-1);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509StoreAddCertsPath",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "path=%s", xmlSecErrorsSafeString(path));
+        return(-1);
+    }
+
     return(0);
 }
 
@@ -1194,47 +1239,47 @@ xmlSecOpenSSLAppKeysMngrAddCertsFile(xmlSecKeysMngrPtr mngr, const char *file) {
     return(0);
 }
 
-static X509*	
+static X509*
 xmlSecOpenSSLAppCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
     X509 *cert;
-    
+
     xmlSecAssert2(bio != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
     switch(format) {
     case xmlSecKeyDataFormatPem:
     case xmlSecKeyDataFormatCertPem:
-	cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"PEM_read_bio_X509_AUX",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);    
-	}
-	break;
+        cert = PEM_read_bio_X509_AUX(bio, NULL, NULL, NULL);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "PEM_read_bio_X509_AUX",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
     case xmlSecKeyDataFormatDer:
     case xmlSecKeyDataFormatCertDer:
-	cert = d2i_X509_bio(bio, NULL);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"d2i_X509_bio",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);    
-	}
-	break;
+        cert = d2i_X509_bio(bio, NULL);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "d2i_X509_bio",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        break;
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_FORMAT,
-		    "format=%d", format); 
-	return(NULL);
-    }
-        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_FORMAT,
+                    "format=%d", format);
+        return(NULL);
+    }
+
     return(cert);
 }
 
@@ -1242,55 +1287,55 @@ xmlSecOpenSSLAppCertLoadBIO(BIO* bio, xmlSecKeyDataFormat format) {
 
 /**
  * xmlSecOpenSSLAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default OpenSSL crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecOpenSSLAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
 
-    /* create simple keys store if needed */        
+    /* create simple keys store if needed */
     if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
-	xmlSecKeyStorePtr keysStore;
-
-	keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
-	if(keysStore == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecSimpleKeysStoreId");
-	    return(-1);
-	}
-	
-	ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptKeysStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(keysStore);
-	    return(-1);        
-	}
-    }
-
-    ret = xmlSecOpenSSLKeysMngrInit(mngr);    
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecSimpleKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
+    }
+
+    ret = xmlSecOpenSSLKeysMngrInit(mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKeysMngrInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1); 
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKeysMngrInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* TODO */
     mngr->getKey = xmlSecKeysMngrGetKey;
     return(0);
@@ -1298,185 +1343,185 @@ xmlSecOpenSSLAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
 
 /**
  * xmlSecOpenSSLAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecOpenSSLAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecOpenSSLAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecOpenSSLAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecOpenSSLAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", xmlSecErrorsSafeString(uri));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
-xmlSecOpenSSLAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, 
-				    xmlSecKeyDataType type) {
+ */
+int
+xmlSecOpenSSLAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename,
+                                    xmlSecKeyDataType type) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecSimpleKeysStoreSave(store, filename, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreSave",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename%s", xmlSecErrorsSafeString(filename));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreSave",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename%s", xmlSecErrorsSafeString(filename));
+        return(-1);
+    }
+
     return(0);
 }
 
 
-/**
+/*
  * Random numbers initialization from openssl (apps/app_rand.c)
  */
 static int seeded = 0;
 static int egdsocket = 0;
 
-static int 
+static int
 xmlSecOpenSSLAppLoadRANDFile(const char *file) {
     char buffer[1024];
-	
+
     if(file == NULL) {
-	file = RAND_file_name(buffer, sizeof(buffer));
+        file = RAND_file_name(buffer, sizeof(buffer));
     }else if(RAND_egd(file) > 0) {
-	/* we try if the given filename is an EGD socket.
-	 * if it is, we don't write anything back to the file. */
-	egdsocket = 1;
-	return 1;
+        /* we try if the given filename is an EGD socket.
+         * if it is, we don't write anything back to the file. */
+        egdsocket = 1;
+        return 1;
     }
 
     if((file == NULL) || !RAND_load_file(file, -1)) {
-	if(RAND_status() == 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"RAND_load_file",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"file=%s", xmlSecErrorsSafeString(file));
-	    return 0;
-	}
+        if(RAND_status() == 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "RAND_load_file",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "file=%s", xmlSecErrorsSafeString(file));
+            return 0;
+        }
     }
     seeded = 1;
     return 1;
 }
 
-static int 
+static int
 xmlSecOpenSSLAppSaveRANDFile(const char *file) {
     char buffer[1024];
-	
+
     if(egdsocket || !seeded) {
-	/* If we did not manage to read the seed file,
-	 * we should not write a low-entropy seed file back --
-	 * it would suppress a crucial warning the next time
-	 * we want to use it. */
-	return 0;
+        /* If we did not manage to read the seed file,
+         * we should not write a low-entropy seed file back --
+         * it would suppress a crucial warning the next time
+         * we want to use it. */
+        return 0;
     }
-    
+
     if(file == NULL) {
-	file = RAND_file_name(buffer, sizeof(buffer));
+        file = RAND_file_name(buffer, sizeof(buffer));
     }
     if((file == NULL) || !RAND_write_file(file)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "RAND_write_file",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "file=%s", 
-		    xmlSecErrorsSafeString(file));
-	return 0;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "RAND_write_file",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "file=%s",
+                    xmlSecErrorsSafeString(file));
+        return 0;
     }
 
     return 1;
@@ -1491,7 +1536,7 @@ xmlSecOpenSSLAppSaveRANDFile(const char *file) {
  */
 void*
 xmlSecOpenSSLAppGetDefaultPwdCallback(void) {
-    return((void*)xmlSecOpenSSLDefaultPasswordCallback);
+    return XMLSEC_FUNC_TO_PTR(pem_password_cb, xmlSecOpenSSLDefaultPasswordCallback);
 }
 
 static int
@@ -1500,81 +1545,83 @@ xmlSecOpenSSLDefaultPasswordCallback(char *buf, int bufsize, int verify, void *u
     char* buf2;
     xmlChar prompt[2048];
     int i, ret;
-        
+
     xmlSecAssert2(buf != NULL, -1);
 
     /* try 3 times */
     for(i = 0; i < 3; i++) {
         if(filename != NULL) {
-    	    xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password for \"%s\" file: ", filename); 
-	} else {
-	    xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password: "); 
+            xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password for \"%s\" file: ", filename);
+        } else {
+            xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password: ");
         }
-	ret = EVP_read_pw_string(buf, bufsize, (char*)prompt, 0);
+        ret = EVP_read_pw_string(buf, bufsize, (char*)prompt, 0);
         if(ret != 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"EVP_read_pw_string",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    
-	/* if we don't need to verify password then we are done */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "EVP_read_pw_string",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* if we don't need to verify password then we are done */
         if(verify == 0) {
-	    return(strlen(buf));
+            return(strlen(buf));
+        }
+
+        if(filename != NULL) {
+            xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password for \"%s\" file again: ", filename);
+        } else {
+            xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password again: ");
+        }
+
+        buf2 = (char*)xmlMalloc(bufsize);
+        if(buf2 == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "size=%d", bufsize);
+            return(-1);
+        }
+        ret = EVP_read_pw_string(buf2, bufsize, (char*)prompt, 0);
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "EVP_read_pw_string",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            memset(buf2, 0, bufsize);
+            xmlFree(buf2);
+            return(-1);
         }
 
-	if(filename != NULL) {
-	    xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password for \"%s\" file again: ", filename); 
-	} else {
-	    xmlSecStrPrintf(prompt, sizeof(prompt), BAD_CAST "Enter password again: "); 
-	}
-
-	buf2 = (char*)xmlMalloc(bufsize);
-	if(buf2 == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-			"size=%d", bufsize);
-	    return(-1);
-	}
-	ret = EVP_read_pw_string(buf2, bufsize, (char*)prompt, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"EVP_read_pw_string",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    memset(buf2, 0, bufsize);
-    	    xmlFree(buf2);
-	    return(-1);
-	}
-    
-	/* check if passwords match */
-	if(strcmp(buf, buf2) == 0) {
-	    memset(buf2, 0, bufsize);
-    	xmlFree(buf2);
-	    return(strlen(buf));	    
-	}
-	
-	/* try again */
-	memset(buf2, 0, bufsize);
-	xmlFree(buf2);
-    }
-    
+        /* check if passwords match */
+        if(strcmp(buf, buf2) == 0) {
+            memset(buf2, 0, bufsize);
+        xmlFree(buf2);
+            return(strlen(buf));
+        }
+
+        /* try again */
+        memset(buf2, 0, bufsize);
+        xmlFree(buf2);
+    }
+
     return(-1);
 }
 
 static int
-xmlSecOpenSSLDummyPasswordCallback(char *buf, int bufsize, int verify, void *userdata) {
+xmlSecOpenSSLDummyPasswordCallback(char *buf, int bufsize,
+                                   int verify ATTRIBUTE_UNUSED,
+                                   void *userdata) {
     char* password = (char*)userdata;
-    
-    if((password == NULL) || (strlen(password) + 1 > bufsize)) {
+
+    if((password == NULL) || ((int)strlen(password) + 1 > bufsize)) {
         return(-1);
     }
-    
+
     strcpy(buf, password);
     return (strlen(buf));
 }
diff --git a/src/openssl/bn.c b/src/openssl/bn.c
index 28025d14..dfeae6ea 100644
--- a/src/openssl/bn.c
+++ b/src/openssl/bn.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XMLSec library
- * 
+ *
  * Reading/writing BIGNUM values
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -13,7 +13,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <libxml/tree.h> 
+#include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -28,8 +28,8 @@
  * @cur: the poitner to an XML node.
  * @a: the BIGNUM buffer.
  *
- * Converts the node content from CryptoBinary format 
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary) 
+ * Converts the node content from CryptoBinary format
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
  * to a BIGNUM. If no BIGNUM buffer provided then a new
  * BIGNUM is created (caller is responsible for freeing it).
  *
@@ -45,34 +45,34 @@ xmlSecOpenSSLNodeGetBNValue(const xmlNodePtr cur, BIGNUM **a) {
 
     ret = xmlSecBufferInitialize(&buf, 128);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     ret = xmlSecBufferBase64NodeContentRead(&buf, cur);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferBase64NodeContentRead",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(NULL);
+    }
+
     (*a) = BN_bin2bn(xmlSecBufferGetData(&buf), xmlSecBufferGetSize(&buf), (*a));
-    if( (*a) == NULL) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BN_bin2bn",
-	    	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(NULL);
+    if( (*a) == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_bin2bn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(NULL);
     }
     xmlSecBufferFinalize(&buf);
     return(*a);
@@ -82,16 +82,16 @@ xmlSecOpenSSLNodeGetBNValue(const xmlNodePtr cur, BIGNUM **a) {
  * xmlSecOpenSSLNodeSetBNValue:
  * @cur: the pointer to an XML node.
  * @a: the BIGNUM.
- * @addLineBreaks: if the flag is equal to 1 then 
- *		linebreaks will be added before and after
- *		new buffer content.
+ * @addLineBreaks: if the flag is equal to 1 then
+ *              linebreaks will be added before and after
+ *              new buffer content.
  *
  * Converts BIGNUM to CryptoBinary string
- * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary) 
- * and sets it as the content of the given node. If the 
- * addLineBreaks is set then line breaks are added 
+ * (http://www.w3.org/TR/xmldsig-core/#sec-CryptoBinary)
+ * and sets it as the content of the given node. If the
+ * addLineBreaks is set then line breaks are added
  * before and after the CryptoBinary string.
- * 
+ *
  * Returns: 0 on success or -1 otherwise.
  */
 int
@@ -99,62 +99,62 @@ xmlSecOpenSSLNodeSetBNValue(xmlNodePtr cur, const BIGNUM *a, int addLineBreaks)
     xmlSecBuffer buf;
     xmlSecSize size;
     int ret;
-    
+
     xmlSecAssert2(a != NULL, -1);
     xmlSecAssert2(cur != NULL, -1);
 
     ret = xmlSecBufferInitialize(&buf, BN_num_bytes(a) + 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", BN_num_bytes(a) + 1);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", BN_num_bytes(a) + 1);
+        return(-1);
+    }
 
     ret = BN_bn2bin(a, xmlSecBufferGetData(&buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BN_bn2bin",
-	    	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_bn2bin",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
     size = ret;
-    
+
     ret = xmlSecBufferSetSize(&buf, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     if(addLineBreaks) {
-	xmlNodeSetContent(cur, xmlSecStringCR);
+        xmlNodeSetContent(cur, xmlSecStringCR);
     } else {
-	xmlNodeSetContent(cur, xmlSecStringEmpty);
+        xmlNodeSetContent(cur, xmlSecStringEmpty);
     }
-    
+
     ret = xmlSecBufferBase64NodeContentWrite(&buf, cur, xmlSecBase64GetDefaultLineSize());
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferBase64NodeContentWrite",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferBase64NodeContentWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buf);
+        return(-1);
     }
 
     if(addLineBreaks) {
-	xmlNodeAddContent(cur, xmlSecStringCR);
+        xmlNodeAddContent(cur, xmlSecStringCR);
     }
 
     xmlSecBufferFinalize(&buf);
diff --git a/src/openssl/ciphers.c b/src/openssl/ciphers.c
index 4799cb52..1b600625 100644
--- a/src/openssl/ciphers.c
+++ b/src/openssl/ciphers.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -23,7 +23,7 @@
 
 /* this is not defined in OpenSSL 0.9.6 */
 #ifndef EVP_MAX_BLOCK_LENGTH
-#define EVP_MAX_BLOCK_LENGTH		32
+#define EVP_MAX_BLOCK_LENGTH            32
 #endif /* EVP_MAX_BLOCK_LENGTH */
 
 /**************************************************************************
@@ -31,39 +31,39 @@
  * Internal OpenSSL Block cipher CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecOpenSSLEvpBlockCipherCtx		xmlSecOpenSSLEvpBlockCipherCtx,
-							*xmlSecOpenSSLEvpBlockCipherCtxPtr;
+typedef struct _xmlSecOpenSSLEvpBlockCipherCtx          xmlSecOpenSSLEvpBlockCipherCtx,
+                                                        *xmlSecOpenSSLEvpBlockCipherCtxPtr;
 struct _xmlSecOpenSSLEvpBlockCipherCtx {
-    const EVP_CIPHER*	cipher;
-    xmlSecKeyDataId	keyId;
-    EVP_CIPHER_CTX	cipherCtx;
-    int			keyInitialized;
-    int			ctxInitialized;
-    xmlSecByte		key[EVP_MAX_KEY_LENGTH];
-    xmlSecByte		iv[EVP_MAX_IV_LENGTH];
-    xmlSecByte	 	pad[EVP_MAX_BLOCK_LENGTH];
+    const EVP_CIPHER*   cipher;
+    xmlSecKeyDataId     keyId;
+    EVP_CIPHER_CTX      cipherCtx;
+    int                 keyInitialized;
+    int                 ctxInitialized;
+    xmlSecByte          key[EVP_MAX_KEY_LENGTH];
+    xmlSecByte          iv[EVP_MAX_IV_LENGTH];
+    xmlSecByte          pad[EVP_MAX_BLOCK_LENGTH];
 };
-static int 	xmlSecOpenSSLEvpBlockCipherCtxInit	(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 int encrypt,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecOpenSSLEvpBlockCipherCtxUpdate	(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr in,
-							 xmlSecBufferPtr out,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 	xmlSecOpenSSLEvpBlockCipherCtxFinal	(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-							 xmlSecBufferPtr out,
-							 const xmlChar* cipherName,
-							 xmlSecTransformCtxPtr transformCtx);
-static int 
+static int      xmlSecOpenSSLEvpBlockCipherCtxInit      (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         int encrypt,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpBlockCipherCtxUpdate    (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr in,
+                                                         xmlSecBufferPtr out,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpBlockCipherCtxFinal     (xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
+                                                         xmlSecBufferPtr out,
+                                                         const xmlChar* cipherName,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int
 xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-				xmlSecBufferPtr in, xmlSecBufferPtr out,
-				int encrypt,
-				const xmlChar* cipherName,
-				xmlSecTransformCtxPtr transformCtx) {
+                                xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                int encrypt,
+                                const xmlChar* cipherName,
+                                xmlSecTransformCtxPtr transformCtx) {
     int ivLen;
     int ret;
 
@@ -78,88 +78,88 @@ xmlSecOpenSSLEvpBlockCipherCtxInit(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
     ivLen = EVP_CIPHER_iv_length(ctx->cipher);
     xmlSecAssert2(ivLen > 0, -1);
     xmlSecAssert2((xmlSecSize)ivLen <= sizeof(ctx->iv), -1);
-    
+
     if(encrypt) {
         /* generate random iv */
         ret = RAND_bytes(ctx->iv, ivLen);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(cipherName),
-			"RAND_bytes",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"size=%d", ivLen);
-	    return(-1);    
-	}
-
-	/* write iv to the output */
-	ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", ivLen);
-	    return(-1);
-	}
-	
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "RAND_bytes",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
+
+        /* write iv to the output */
+        ret = xmlSecBufferAppend(out, ctx->iv, ivLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
+
     } else {
-	/* if we don't have enough data, exit and hope that 
-	 * we'll have iv next time */
-	if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
-	    return(0);
-	}
-	
-	/* copy iv to our buffer*/
-	xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
-	memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
-	
-	/* and remove from input */
-	ret = xmlSecBufferRemoveHead(in, ivLen);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", ivLen);
-	    return(-1);
-	}
+        /* if we don't have enough data, exit and hope that
+         * we'll have iv next time */
+        if(xmlSecBufferGetSize(in) < (xmlSecSize)ivLen) {
+            return(0);
+        }
+
+        /* copy iv to our buffer*/
+        xmlSecAssert2(xmlSecBufferGetData(in) != NULL, -1);
+        memcpy(ctx->iv, xmlSecBufferGetData(in), ivLen);
+
+        /* and remove from input */
+        ret = xmlSecBufferRemoveHead(in, ivLen);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", ivLen);
+            return(-1);
+        }
     }
 
     /* set iv */
     ret = EVP_CipherInit(&(ctx->cipherCtx), ctx->cipher, ctx->key, ctx->iv, encrypt);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "EVP_CipherInit",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "EVP_CipherInit",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ctx->ctxInitialized = 1;
-    
+
     /*
      * The padding used in XML Enc does not follow RFC 1423
      * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
      * it is possible to disable padding and do it by yourself
      * For OpenSSL 0.9.6 you have interop problems
      */
-#ifndef XMLSEC_OPENSSL_096	
-    EVP_CIPHER_CTX_set_padding(&(ctx->cipherCtx), 0);    
-#endif /* XMLSEC_OPENSSL_096 */	
+#ifndef XMLSEC_OPENSSL_096
+    EVP_CIPHER_CTX_set_padding(&(ctx->cipherCtx), 0);
+#endif /* XMLSEC_OPENSSL_096 */
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-				  xmlSecBufferPtr in, xmlSecBufferPtr out,
-				  const xmlChar* cipherName,
-				  xmlSecTransformCtxPtr transformCtx) {
+                                  xmlSecBufferPtr in, xmlSecBufferPtr out,
+                                  const xmlChar* cipherName,
+                                  xmlSecTransformCtxPtr transformCtx) {
     int blockLen, fixLength = 0, outLen = 0;
     xmlSecSize inSize, outSize;
     xmlSecByte* outBuf;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->keyInitialized != 0, -1);
     xmlSecAssert2(ctx->ctxInitialized != 0, -1);
@@ -174,25 +174,25 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
     outSize = xmlSecBufferGetSize(out);
 
     if(inSize == 0) {
-	/* wait for more data */
-	return(0);
+        /* wait for more data */
+        return(0);
     }
 
-    /* OpenSSL docs: The amount of data written depends on the block 
-     * alignment of the encrypted data: as a result the amount of data 
+    /* OpenSSL docs: The amount of data written depends on the block
+     * alignment of the encrypted data: as a result the amount of data
      * written may be anything from zero bytes to (inl + cipher_block_size - 1).
      */
     ret = xmlSecBufferSetMaxSize(out, outSize + inSize + blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + inSize + blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + inSize + blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
-    
+
     /*
      * The padding used in XML Enc does not follow RFC 1423
      * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
@@ -206,82 +206,82 @@ xmlSecOpenSSLEvpBlockCipherCtxUpdate(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
      */
 #ifndef XMLSEC_OPENSSL_096
     if(!ctx->cipherCtx.encrypt) {
-	if(ctx->cipherCtx.final_used) {
-	    memcpy(outBuf, ctx->cipherCtx.final, blockLen);
-	    outBuf += blockLen;
-	    fixLength = 1;
-	} else {
-	    fixLength = 0;
-	}
+        if(ctx->cipherCtx.final_used) {
+            memcpy(outBuf, ctx->cipherCtx.final, blockLen);
+            outBuf += blockLen;
+            fixLength = 1;
+        } else {
+            fixLength = 0;
+        }
     }
 #endif /* XMLSEC_OPENSSL_096 */
 
     /* encrypt/decrypt */
     ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, xmlSecBufferGetData(in), inSize);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "EVP_CipherUpdate",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "EVP_CipherUpdate",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_OPENSSL_096
     if(!ctx->cipherCtx.encrypt) {
-	/*
-	 * The logic below is copied from EVP_DecryptUpdate() function.
-	 * This is a hack but it's the only way I can provide binary
-	 * compatibility with previous versions of xmlsec.
-	 * This needs to be fixed in the next XMLSEC API refresh.
-	 */
-	if (blockLen > 1 && !ctx->cipherCtx.buf_len) {
-	    outLen -= blockLen;
-	    ctx->cipherCtx.final_used = 1;
-	    memcpy(ctx->cipherCtx.final, &outBuf[outLen], blockLen);
-	} else {
-	    ctx->cipherCtx.final_used = 0;
-	}
-	if (fixLength) {
-	    outLen += blockLen;
-	}
+        /*
+         * The logic below is copied from EVP_DecryptUpdate() function.
+         * This is a hack but it's the only way I can provide binary
+         * compatibility with previous versions of xmlsec.
+         * This needs to be fixed in the next XMLSEC API refresh.
+         */
+        if (blockLen > 1 && !ctx->cipherCtx.buf_len) {
+            outLen -= blockLen;
+            ctx->cipherCtx.final_used = 1;
+            memcpy(ctx->cipherCtx.final, &outBuf[outLen], blockLen);
+        } else {
+            ctx->cipherCtx.final_used = 0;
+        }
+        if (fixLength) {
+            outLen += blockLen;
+        }
     }
 #endif /* XMLSEC_OPENSSL_096 */
-    
+
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + outLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen);
+        return(-1);
     }
-        
+
     /* remove the processed block from input */
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
-				 xmlSecBufferPtr out,
-				 const xmlChar* cipherName,
-				 xmlSecTransformCtxPtr transformCtx) {
+                                 xmlSecBufferPtr out,
+                                 const xmlChar* cipherName,
+                                 xmlSecTransformCtxPtr transformCtx) {
     int blockLen, outLen = 0, outLen2 = 0;
     xmlSecSize outSize;
     xmlSecByte* outBuf;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->keyInitialized != 0, -1);
     xmlSecAssert2(ctx->ctxInitialized != 0, -1);
@@ -292,22 +292,22 @@ xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
     xmlSecAssert2(blockLen > 0, -1);
 
     outSize = xmlSecBufferGetSize(out);
-        
-    /* OpenSSL docs: The encrypted final data is written to out which should 
-     * have sufficient space for one cipher block. We might have to write 
+
+    /* OpenSSL docs: The encrypted final data is written to out which should
+     * have sufficient space for one cipher block. We might have to write
      * one more block with padding
      */
     ret = xmlSecBufferSetMaxSize(out, outSize + 2 * blockLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + 2 * blockLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + 2 * blockLen);
+        return(-1);
     }
     outBuf = xmlSecBufferGetData(out) + outSize;
-    
+
     /*
      * The padding used in XML Enc does not follow RFC 1423
      * and is not supported by OpenSSL. In the case of OpenSSL 0.9.7
@@ -321,50 +321,50 @@ xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
      */
 #ifndef XMLSEC_OPENSSL_096
     if(ctx->cipherCtx.encrypt) {
-	int padLen;
-	
+        int padLen;
+
         xmlSecAssert2(blockLen <= EVP_MAX_BLOCK_LENGTH, -1);
-    
-	padLen = blockLen - ctx->cipherCtx.buf_len;
-	xmlSecAssert2(padLen > 0, -1);
-    
-	/* generate random padding */
-	if(padLen > 1) {
-	    ret = RAND_bytes(ctx->pad, padLen - 1);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(cipherName),
-			    "RAND_bytes",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "size=%d", padLen - 1);
-		return(-1);    
-	    }
-	}
-	ctx->pad[padLen - 1] = padLen;
-
-        /* write padding */    
-	ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, ctx->pad, padLen);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(cipherName),
-			"EVP_CipherUpdate",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	outBuf += outLen;
+
+        padLen = blockLen - ctx->cipherCtx.buf_len;
+        xmlSecAssert2(padLen > 0, -1);
+
+        /* generate random padding */
+        if(padLen > 1) {
+            ret = RAND_bytes(ctx->pad, padLen - 1);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(cipherName),
+                            "RAND_bytes",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "size=%d", padLen - 1);
+                return(-1);
+            }
+        }
+        ctx->pad[padLen - 1] = padLen;
+
+        /* write padding */
+        ret = EVP_CipherUpdate(&(ctx->cipherCtx), outBuf, &outLen, ctx->pad, padLen);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(cipherName),
+                        "EVP_CipherUpdate",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outBuf += outLen;
     }
-#endif /* XMLSEC_OPENSSL_096 */			
+#endif /* XMLSEC_OPENSSL_096 */
 
     /* finalize transform */
     ret = EVP_CipherFinal(&(ctx->cipherCtx), outBuf, &outLen2);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "EVP_CipherFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "EVP_CipherFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /*
@@ -380,39 +380,39 @@ xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
      */
 #ifndef XMLSEC_OPENSSL_096
      if(!ctx->cipherCtx.encrypt) {
-	/* we instructed openssl to do not use padding so there 
-	 * should be no final block 
-	 */
-	xmlSecAssert2(outLen2 == 0, -1);
-	xmlSecAssert2(ctx->cipherCtx.buf_len == 0, -1);
-	xmlSecAssert2(ctx->cipherCtx.final_used, -1);
-	    
+        /* we instructed openssl to do not use padding so there
+         * should be no final block
+         */
+        xmlSecAssert2(outLen2 == 0, -1);
+        xmlSecAssert2(ctx->cipherCtx.buf_len == 0, -1);
+        xmlSecAssert2(ctx->cipherCtx.final_used, -1);
+
         if(blockLen > 1) {
-    	    outLen2 = blockLen - ctx->cipherCtx.final[blockLen - 1];
-	    if(outLen2 > 0) {
-		memcpy(outBuf, ctx->cipherCtx.final, outLen2);
-	    } else if(outLen2 < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(cipherName),
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_DATA,
-			    "padding=%d;buffer=%d",
-			    ctx->cipherCtx.final[blockLen - 1], blockLen);
-		return(-1);	
-	    }
-	}
-    } 
-#endif /* XMLSEC_OPENSSL_096 */			
+            outLen2 = blockLen - ctx->cipherCtx.final[blockLen - 1];
+            if(outLen2 > 0) {
+                memcpy(outBuf, ctx->cipherCtx.final, outLen2);
+            } else if(outLen2 < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(cipherName),
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_DATA,
+                            "padding=%d;buffer=%d",
+                            ctx->cipherCtx.final[blockLen - 1], blockLen);
+                return(-1);
+            }
+        }
+    }
+#endif /* XMLSEC_OPENSSL_096 */
 
     /* set correct output buffer size */
     ret = xmlSecBufferSetSize(out, outSize + outLen + outLen2);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(cipherName),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize + outLen + outLen2);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(cipherName),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize + outLen + outLen2);
+        return(-1);
     }
 
     return(0);
@@ -424,31 +424,31 @@ xmlSecOpenSSLEvpBlockCipherCtxFinal(xmlSecOpenSSLEvpBlockCipherCtxPtr ctx,
  * EVP Block Cipher transforms
  *
  * xmlSecOpenSSLEvpBlockCipherCtx block is located after xmlSecTransform structure
- * 
+ *
  *****************************************************************************/
-#define xmlSecOpenSSLEvpBlockCipherSize	\
+#define xmlSecOpenSSLEvpBlockCipherSize \
     (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpBlockCipherCtx))
 #define xmlSecOpenSSLEvpBlockCipherGetCtx(transform) \
     ((xmlSecOpenSSLEvpBlockCipherCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecOpenSSLEvpBlockCipherInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecOpenSSLEvpBlockCipherFinalize	(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLEvpBlockCipherSetKeyReq	(xmlSecTransformPtr transform, 
-							 xmlSecKeyReqPtr keyReq);
-static int	xmlSecOpenSSLEvpBlockCipherSetKey	(xmlSecTransformPtr transform,
-							 xmlSecKeyPtr key);
-static int	xmlSecOpenSSLEvpBlockCipherExecute	(xmlSecTransformPtr transform,
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecOpenSSLEvpBlockCipherCheckId	(xmlSecTransformPtr transform);
-							 
+static int      xmlSecOpenSSLEvpBlockCipherInitialize   (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLEvpBlockCipherFinalize     (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLEvpBlockCipherSetKeyReq    (xmlSecTransformPtr transform,
+                                                         xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLEvpBlockCipherSetKey       (xmlSecTransformPtr transform,
+                                                         xmlSecKeyPtr key);
+static int      xmlSecOpenSSLEvpBlockCipherExecute      (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpBlockCipherCheckId      (xmlSecTransformPtr transform);
+
 
 
 static int
 xmlSecOpenSSLEvpBlockCipherCheckId(xmlSecTransformPtr transform) {
 #ifndef XMLSEC_NO_DES
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDes3CbcId)) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DES */
 
@@ -456,60 +456,60 @@ xmlSecOpenSSLEvpBlockCipherCheckId(xmlSecTransformPtr transform) {
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformAes128CbcId) ||
        xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformAes192CbcId) ||
        xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformAes256CbcId)) {
-       
+
        return(1);
     }
 #endif /* XMLSEC_NO_AES */
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpBlockCipherInitialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpBlockCipherSize), -1);
 
     ctx = xmlSecOpenSSLEvpBlockCipherGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecOpenSSLEvpBlockCipherCtx));
 
 #ifndef XMLSEC_NO_DES
     if(transform->id == xmlSecOpenSSLTransformDes3CbcId) {
-	ctx->cipher 	= EVP_des_ede3_cbc();
-	ctx->keyId 	= xmlSecOpenSSLKeyDataDesId;
-    } else 
+        ctx->cipher     = EVP_des_ede3_cbc();
+        ctx->keyId      = xmlSecOpenSSLKeyDataDesId;
+    } else
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_AES
     if(transform->id == xmlSecOpenSSLTransformAes128CbcId) {
-	ctx->cipher 	= EVP_aes_128_cbc();	
-	ctx->keyId 	= xmlSecOpenSSLKeyDataAesId;
+        ctx->cipher     = EVP_aes_128_cbc();
+        ctx->keyId      = xmlSecOpenSSLKeyDataAesId;
     } else if(transform->id == xmlSecOpenSSLTransformAes192CbcId) {
-	ctx->cipher 	= EVP_aes_192_cbc();	
-	ctx->keyId 	= xmlSecOpenSSLKeyDataAesId;
+        ctx->cipher     = EVP_aes_192_cbc();
+        ctx->keyId      = xmlSecOpenSSLKeyDataAesId;
     } else if(transform->id == xmlSecOpenSSLTransformAes256CbcId) {
-	ctx->cipher 	= EVP_aes_256_cbc();	
-	ctx->keyId 	= xmlSecOpenSSLKeyDataAesId;
-    } else 
+        ctx->cipher     = EVP_aes_256_cbc();
+        ctx->keyId      = xmlSecOpenSSLKeyDataAesId;
+    } else
 #endif /* XMLSEC_NO_AES */
 
     if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }        
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     EVP_CIPHER_CTX_init(&(ctx->cipherCtx));
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
 
@@ -518,12 +518,12 @@ xmlSecOpenSSLEvpBlockCipherFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLEvpBlockCipherGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     EVP_CIPHER_CTX_cleanup(&(ctx->cipherCtx));
     memset(ctx, 0, sizeof(xmlSecOpenSSLEvpBlockCipherCtx));
 }
 
-static int  
+static int
 xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
     int cipherKeyLen;
@@ -538,12 +538,12 @@ xmlSecOpenSSLEvpBlockCipherSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReq
     xmlSecAssert2(ctx->cipher != NULL, -1);
     xmlSecAssert2(ctx->keyId != NULL, -1);
 
-    keyReq->keyId 	= ctx->keyId;
+    keyReq->keyId       = ctx->keyId;
     keyReq->keyType = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
 
     cipherKeyLen = EVP_CIPHER_key_length(ctx->cipher);
@@ -558,7 +558,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
     xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
     xmlSecBufferPtr buffer;
     int cipherKeyLen;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpBlockCipherSize), -1);
@@ -570,7 +570,7 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
     xmlSecAssert2(ctx->keyInitialized == 0, -1);
     xmlSecAssert2(ctx->keyId != NULL, -1);
     xmlSecAssert2(xmlSecKeyCheckId(key, ctx->keyId), -1);
-    
+
     cipherKeyLen = EVP_CIPHER_key_length(ctx->cipher);
     xmlSecAssert2(cipherKeyLen > 0, -1);
     xmlSecAssert2((xmlSecSize)cipherKeyLen <= sizeof(ctx->key), -1);
@@ -579,28 +579,28 @@ xmlSecOpenSSLEvpBlockCipherSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key
     xmlSecAssert2(buffer != NULL, -1);
 
     if(xmlSecBufferGetSize(buffer) < (xmlSecSize)cipherKeyLen) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "keySize=%d;expected=%d",
-		    xmlSecBufferGetSize(buffer), cipherKeyLen);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=%d;expected=%d",
+                    xmlSecBufferGetSize(buffer), cipherKeyLen);
+        return(-1);
     }
-    
+
     xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
     memcpy(ctx->key, xmlSecBufferGetData(buffer), cipherKeyLen);
-    
+
     ctx->keyInitialized = 1;
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLEvpBlockCipherCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpBlockCipherCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpBlockCipherSize), -1);
@@ -613,77 +613,77 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe
     xmlSecAssert2(ctx != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
 
-    if(transform->status == xmlSecTransformStatusWorking) {    
-	if(ctx->ctxInitialized == 0) {
-	    ret = xmlSecOpenSSLEvpBlockCipherCtxInit(ctx, in, out, 
-			(transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
-			xmlSecTransformGetName(transform), transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLEvpBlockCipherCtxInit",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-	if((ctx->ctxInitialized == 0) && (last != 0)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"not enough data to initialize transform");
-	    return(-1);
-	}
-
-	if(ctx->ctxInitialized != 0) {
-	    ret = xmlSecOpenSSLEvpBlockCipherCtxUpdate(ctx, in, out,
-						xmlSecTransformGetName(transform), 
-						transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLEvpBlockCipherCtxUpdate",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
-
-	if(last != 0) {
-	    /* by now there should be no input */
-	    xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
-	    ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, out,
-					    xmlSecTransformGetName(transform), 
-					    transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLEvpBlockCipherCtxFinal",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	} 
+    if(transform->status == xmlSecTransformStatusWorking) {
+        if(ctx->ctxInitialized == 0) {
+            ret = xmlSecOpenSSLEvpBlockCipherCtxInit(ctx, in, out,
+                        (transform->operation == xmlSecTransformOperationEncrypt) ? 1 : 0,
+                        xmlSecTransformGetName(transform), transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecOpenSSLEvpBlockCipherCtxInit",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        if((ctx->ctxInitialized == 0) && (last != 0)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "not enough data to initialize transform");
+            return(-1);
+        }
+
+        if(ctx->ctxInitialized != 0) {
+            ret = xmlSecOpenSSLEvpBlockCipherCtxUpdate(ctx, in, out,
+                                                xmlSecTransformGetName(transform),
+                                                transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecOpenSSLEvpBlockCipherCtxUpdate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+
+        if(last != 0) {
+            /* by now there should be no input */
+            xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+            ret = xmlSecOpenSSLEvpBlockCipherCtxFinal(ctx, out,
+                                            xmlSecTransformGetName(transform),
+                                            transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecOpenSSLEvpBlockCipherCtxFinal",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else if(transform->status == xmlSecTransformStatusNone) {
-	/* the only way we can get here is if there is no enough data in the input */
-	xmlSecAssert2(last == 0, -1);
+        /* the only way we can get here is if there is no enough data in the input */
+        xmlSecAssert2(last == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -696,117 +696,117 @@ xmlSecOpenSSLEvpBlockCipherExecute(xmlSecTransformPtr transform, int last, xmlSe
  ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLAes128CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes128Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes128Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLEvpBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpBlockCipherFinalize,	/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpBlockCipherSetKeyReq,	/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLEvpBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpBlockCipherSize,            /* xmlSecSize objSize */
+
+    xmlSecNameAes128Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes128Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLEvpBlockCipherInitialize,      /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpBlockCipherFinalize,        /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpBlockCipherSetKeyReq,       /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLEvpBlockCipherSetKey,          /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpBlockCipherExecute,         /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformAes128CbcGetKlass:
- * 
+ *
  * AES 128 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 128 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecOpenSSLTransformAes128CbcGetKlass(void) {
     return(&xmlSecOpenSSLAes128CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecOpenSSLAes192CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes192Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes192Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLEvpBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpBlockCipherFinalize,	/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpBlockCipherSetKeyReq,	/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLEvpBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpBlockCipherSize,            /* xmlSecSize objSize */
+
+    xmlSecNameAes192Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes192Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLEvpBlockCipherInitialize,      /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpBlockCipherFinalize,        /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpBlockCipherSetKeyReq,       /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLEvpBlockCipherSetKey,          /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpBlockCipherExecute,         /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformAes192CbcGetKlass:
- * 
+ *
  * AES 192 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 192 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecOpenSSLTransformAes192CbcGetKlass(void) {
     return(&xmlSecOpenSSLAes192CbcKlass);
 }
 
 static xmlSecTransformKlass xmlSecOpenSSLAes256CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameAes256Cbc,			/* const xmlChar* name; */
-    xmlSecHrefAes256Cbc,			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLEvpBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpBlockCipherFinalize,	/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpBlockCipherSetKeyReq,	/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLEvpBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpBlockCipherSize,            /* xmlSecSize objSize */
+
+    xmlSecNameAes256Cbc,                        /* const xmlChar* name; */
+    xmlSecHrefAes256Cbc,                        /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLEvpBlockCipherInitialize,      /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpBlockCipherFinalize,        /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpBlockCipherSetKeyReq,       /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLEvpBlockCipherSetKey,          /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpBlockCipherExecute,         /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformAes256CbcGetKlass:
- * 
+ *
  * AES 256 CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to AES 256 CBC encryption transform.
- */ 
-xmlSecTransformId 
+ */
+xmlSecTransformId
 xmlSecOpenSSLTransformAes256CbcGetKlass(void) {
     return(&xmlSecOpenSSLAes256CbcKlass);
 }
@@ -816,39 +816,39 @@ xmlSecOpenSSLTransformAes256CbcGetKlass(void) {
 #ifndef XMLSEC_NO_DES
 static xmlSecTransformKlass xmlSecOpenSSLDes3CbcKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpBlockCipherSize,		/* xmlSecSize objSize */
-
-    xmlSecNameDes3Cbc,				/* const xmlChar* name; */
-    xmlSecHrefDes3Cbc, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLEvpBlockCipherInitialize, 	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpBlockCipherFinalize,	/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpBlockCipherSetKeyReq,	/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLEvpBlockCipherSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpBlockCipherExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpBlockCipherSize,            /* xmlSecSize objSize */
+
+    xmlSecNameDes3Cbc,                          /* const xmlChar* name; */
+    xmlSecHrefDes3Cbc,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLEvpBlockCipherInitialize,      /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpBlockCipherFinalize,        /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpBlockCipherSetKeyReq,       /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLEvpBlockCipherSetKey,          /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpBlockCipherExecute,         /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformDes3CbcGetKlass:
  *
  * Triple DES CBC encryption transform klass.
- * 
+ *
  * Returns: pointer to Triple DES encryption transform.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformDes3CbcGetKlass(void) {
     return(&xmlSecOpenSSLDes3CbcKlass);
 }
diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index fa226620..eba1a323 100644
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -25,7 +25,7 @@
 #include <xmlsec/openssl/crypto.h>
 #include <xmlsec/openssl/x509.h>
 
-static int 		xmlSecOpenSSLErrorsInit			(void);
+static int              xmlSecOpenSSLErrorsInit                 (void);
 
 static xmlSecCryptoDLFunctionsPtr gXmlSecOpenSSLFunctions = NULL;
 static xmlChar* gXmlSecOpenSSLTrustedCertsFolder = NULL;
@@ -40,250 +40,313 @@ static xmlChar* gXmlSecOpenSSLTrustedCertsFolder = NULL;
 xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoGetFunctions_openssl(void) {
     static xmlSecCryptoDLFunctions functions;
-    
+
     if(gXmlSecOpenSSLFunctions != NULL) {
-	return(gXmlSecOpenSSLFunctions);
+        return(gXmlSecOpenSSLFunctions);
     }
 
     memset(&functions, 0, sizeof(functions));
     gXmlSecOpenSSLFunctions = &functions;
 
-    /**  
+    /********************************************************************
+     *
      * Crypto Init/shutdown
-     */
-    gXmlSecOpenSSLFunctions->cryptoInit 		= xmlSecOpenSSLInit;
-    gXmlSecOpenSSLFunctions->cryptoShutdown 		= xmlSecOpenSSLShutdown;
-    gXmlSecOpenSSLFunctions->cryptoKeysMngrInit 	= xmlSecOpenSSLKeysMngrInit;
-
-    /**
+     *
+     ********************************************************************/
+    gXmlSecOpenSSLFunctions->cryptoInit                 = xmlSecOpenSSLInit;
+    gXmlSecOpenSSLFunctions->cryptoShutdown             = xmlSecOpenSSLShutdown;
+    gXmlSecOpenSSLFunctions->cryptoKeysMngrInit         = xmlSecOpenSSLKeysMngrInit;
+
+    /********************************************************************
+     *
      * Key data ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecOpenSSLFunctions->keyDataAesGetKlass		= xmlSecOpenSSLKeyDataAesGetKlass;
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecOpenSSLFunctions->keyDataAesGetKlass         = xmlSecOpenSSLKeyDataAesGetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecOpenSSLFunctions->keyDataDesGetKlass 	= xmlSecOpenSSLKeyDataDesGetKlass;
+#ifndef XMLSEC_NO_DES
+    gXmlSecOpenSSLFunctions->keyDataDesGetKlass         = xmlSecOpenSSLKeyDataDesGetKlass;
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_DSA
-    gXmlSecOpenSSLFunctions->keyDataDsaGetKlass 	= xmlSecOpenSSLKeyDataDsaGetKlass;
-#endif /* XMLSEC_NO_DSA */    
+    gXmlSecOpenSSLFunctions->keyDataDsaGetKlass         = xmlSecOpenSSLKeyDataDsaGetKlass;
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_ECDSA
+    gXmlSecOpenSSLFunctions->keyDataEcdsaGetKlass       = xmlSecOpenSSLKeyDataEcdsaGetKlass;
+#endif /* XMLSEC_NO_ECDSA */
 
-#ifndef XMLSEC_NO_HMAC  
-    gXmlSecOpenSSLFunctions->keyDataHmacGetKlass 	= xmlSecOpenSSLKeyDataHmacGetKlass;
-#endif /* XMLSEC_NO_HMAC */    
+#ifndef XMLSEC_NO_GOST
+    gXmlSecOpenSSLFunctions->keyDataGost2001GetKlass           = xmlSecOpenSSLKeyDataGost2001GetKlass;
+#endif /* XMLSEC_NO_GOST*/
+
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecOpenSSLFunctions->keyDataHmacGetKlass        = xmlSecOpenSSLKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
 
 #ifndef XMLSEC_NO_RSA
-    gXmlSecOpenSSLFunctions->keyDataRsaGetKlass 	= xmlSecOpenSSLKeyDataRsaGetKlass;
+    gXmlSecOpenSSLFunctions->keyDataRsaGetKlass         = xmlSecOpenSSLKeyDataRsaGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
 #ifndef XMLSEC_NO_X509
-    gXmlSecOpenSSLFunctions->keyDataX509GetKlass 	= xmlSecOpenSSLKeyDataX509GetKlass;
+    gXmlSecOpenSSLFunctions->keyDataX509GetKlass        = xmlSecOpenSSLKeyDataX509GetKlass;
     gXmlSecOpenSSLFunctions->keyDataRawX509CertGetKlass = xmlSecOpenSSLKeyDataRawX509CertGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Key data store ids
-     */
+     *
+     ********************************************************************/
 #ifndef XMLSEC_NO_X509
-    gXmlSecOpenSSLFunctions->x509StoreGetKlass 		= xmlSecOpenSSLX509StoreGetKlass;
+    gXmlSecOpenSSLFunctions->x509StoreGetKlass          = xmlSecOpenSSLX509StoreGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Crypto transforms ids
-     */
+     *
+     ********************************************************************/
+
     /******************************* AES ********************************/
-#ifndef XMLSEC_NO_AES    
-    gXmlSecOpenSSLFunctions->transformAes128CbcGetKlass 	= xmlSecOpenSSLTransformAes128CbcGetKlass;
-    gXmlSecOpenSSLFunctions->transformAes192CbcGetKlass 	= xmlSecOpenSSLTransformAes192CbcGetKlass;
-    gXmlSecOpenSSLFunctions->transformAes256CbcGetKlass 	= xmlSecOpenSSLTransformAes256CbcGetKlass;
-    gXmlSecOpenSSLFunctions->transformKWAes128GetKlass 		= xmlSecOpenSSLTransformKWAes128GetKlass;
-    gXmlSecOpenSSLFunctions->transformKWAes192GetKlass 		= xmlSecOpenSSLTransformKWAes192GetKlass;
-    gXmlSecOpenSSLFunctions->transformKWAes256GetKlass 		= xmlSecOpenSSLTransformKWAes256GetKlass;
+#ifndef XMLSEC_NO_AES
+    gXmlSecOpenSSLFunctions->transformAes128CbcGetKlass         = xmlSecOpenSSLTransformAes128CbcGetKlass;
+    gXmlSecOpenSSLFunctions->transformAes192CbcGetKlass         = xmlSecOpenSSLTransformAes192CbcGetKlass;
+    gXmlSecOpenSSLFunctions->transformAes256CbcGetKlass         = xmlSecOpenSSLTransformAes256CbcGetKlass;
+    gXmlSecOpenSSLFunctions->transformKWAes128GetKlass          = xmlSecOpenSSLTransformKWAes128GetKlass;
+    gXmlSecOpenSSLFunctions->transformKWAes192GetKlass          = xmlSecOpenSSLTransformKWAes192GetKlass;
+    gXmlSecOpenSSLFunctions->transformKWAes256GetKlass          = xmlSecOpenSSLTransformKWAes256GetKlass;
 #endif /* XMLSEC_NO_AES */
 
     /******************************* DES ********************************/
-#ifndef XMLSEC_NO_DES    
-    gXmlSecOpenSSLFunctions->transformDes3CbcGetKlass 		= xmlSecOpenSSLTransformDes3CbcGetKlass;
-    gXmlSecOpenSSLFunctions->transformKWDes3GetKlass 		= xmlSecOpenSSLTransformKWDes3GetKlass;
+#ifndef XMLSEC_NO_DES
+    gXmlSecOpenSSLFunctions->transformDes3CbcGetKlass           = xmlSecOpenSSLTransformDes3CbcGetKlass;
+    gXmlSecOpenSSLFunctions->transformKWDes3GetKlass            = xmlSecOpenSSLTransformKWDes3GetKlass;
 #endif /* XMLSEC_NO_DES */
 
-
     /******************************* DSA ********************************/
 #ifndef XMLSEC_NO_DSA
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecOpenSSLFunctions->transformDsaSha1GetKlass 		= xmlSecOpenSSLTransformDsaSha1GetKlass;
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecOpenSSLFunctions->transformDsaSha1GetKlass           = xmlSecOpenSSLTransformDsaSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecOpenSSLFunctions->transformDsaSha256GetKlass         = xmlSecOpenSSLTransformDsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+    /******************************* ECDSA ********************************/
+#ifndef XMLSEC_NO_ECDSA
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecOpenSSLFunctions->transformEcdsaSha1GetKlass         = xmlSecOpenSSLTransformEcdsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+    gXmlSecOpenSSLFunctions->transformEcdsaSha224GetKlass       = xmlSecOpenSSLTransformEcdsaSha224GetKlass;
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecOpenSSLFunctions->transformEcdsaSha256GetKlass       = xmlSecOpenSSLTransformEcdsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecOpenSSLFunctions->transformEcdsaSha384GetKlass       = xmlSecOpenSSLTransformEcdsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecOpenSSLFunctions->transformEcdsaSha512GetKlass       = xmlSecOpenSSLTransformEcdsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
+    /******************************* GOST ********************************/
+#ifndef XMLSEC_NO_GOST
+    gXmlSecOpenSSLFunctions->transformGost2001GostR3411_94GetKlass             = xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass;
+#endif /* XMLSEC_NO_GOST */
+
+#ifndef XMLSEC_NO_GOST
+    gXmlSecOpenSSLFunctions->transformGostR3411_94GetKlass             = xmlSecOpenSSLTransformGostR3411_94GetKlass;
+#endif /* XMLSEC_NO_GOST */
+
     /******************************* HMAC ********************************/
 #ifndef XMLSEC_NO_HMAC
+
 #ifndef XMLSEC_NO_MD5
-    gXmlSecOpenSSLFunctions->transformHmacMd5GetKlass 		= xmlSecOpenSSLTransformHmacMd5GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacMd5GetKlass           = xmlSecOpenSSLTransformHmacMd5GetKlass;
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
-    gXmlSecOpenSSLFunctions->transformHmacRipemd160GetKlass 	= xmlSecOpenSSLTransformHmacRipemd160GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacRipemd160GetKlass     = xmlSecOpenSSLTransformHmacRipemd160GetKlass;
 #endif /* XMLSEC_NO_RIPEMD160 */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecOpenSSLFunctions->transformHmacSha1GetKlass 		= xmlSecOpenSSLTransformHmacSha1GetKlass;
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecOpenSSLFunctions->transformHmacSha1GetKlass          = xmlSecOpenSSLTransformHmacSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
-    gXmlSecOpenSSLFunctions->transformHmacSha224GetKlass 	= xmlSecOpenSSLTransformHmacSha224GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacSha224GetKlass        = xmlSecOpenSSLTransformHmacSha224GetKlass;
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
-    gXmlSecOpenSSLFunctions->transformHmacSha256GetKlass 	= xmlSecOpenSSLTransformHmacSha256GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacSha256GetKlass        = xmlSecOpenSSLTransformHmacSha256GetKlass;
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
-    gXmlSecOpenSSLFunctions->transformHmacSha384GetKlass 	= xmlSecOpenSSLTransformHmacSha384GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacSha384GetKlass        = xmlSecOpenSSLTransformHmacSha384GetKlass;
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
-    gXmlSecOpenSSLFunctions->transformHmacSha512GetKlass 	= xmlSecOpenSSLTransformHmacSha512GetKlass;
+    gXmlSecOpenSSLFunctions->transformHmacSha512GetKlass        = xmlSecOpenSSLTransformHmacSha512GetKlass;
 #endif /* XMLSEC_NO_SHA512 */
 
-
 #endif /* XMLSEC_NO_HMAC */
 
     /******************************* MD5 ********************************/
 #ifndef XMLSEC_NO_MD5
-    gXmlSecOpenSSLFunctions->transformMd5GetKlass 		= xmlSecOpenSSLTransformMd5GetKlass;
+    gXmlSecOpenSSLFunctions->transformMd5GetKlass               = xmlSecOpenSSLTransformMd5GetKlass;
 #endif /* XMLSEC_NO_MD5 */
 
     /******************************* RIPEMD160 ********************************/
 #ifndef XMLSEC_NO_RIPEMD160
-    gXmlSecOpenSSLFunctions->transformRipemd160GetKlass 	= xmlSecOpenSSLTransformRipemd160GetKlass;
+    gXmlSecOpenSSLFunctions->transformRipemd160GetKlass         = xmlSecOpenSSLTransformRipemd160GetKlass;
 #endif /* XMLSEC_NO_RIPEMD160 */
 
     /******************************* RSA ********************************/
 #ifndef XMLSEC_NO_RSA
+
 #ifndef XMLSEC_NO_MD5
-    gXmlSecOpenSSLFunctions->transformRsaMd5GetKlass 		= xmlSecOpenSSLTransformRsaMd5GetKlass;
+    gXmlSecOpenSSLFunctions->transformRsaMd5GetKlass            = xmlSecOpenSSLTransformRsaMd5GetKlass;
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
-    gXmlSecOpenSSLFunctions->transformRsaRipemd160GetKlass	= xmlSecOpenSSLTransformRsaRipemd160GetKlass;
+    gXmlSecOpenSSLFunctions->transformRsaRipemd160GetKlass      = xmlSecOpenSSLTransformRsaRipemd160GetKlass;
 #endif /* XMLSEC_NO_RIPEMD160 */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecOpenSSLFunctions->transformRsaSha1GetKlass 		= xmlSecOpenSSLTransformRsaSha1GetKlass;
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecOpenSSLFunctions->transformRsaSha1GetKlass           = xmlSecOpenSSLTransformRsaSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
 
-#ifndef XMLSEC_NO_SHA224    
-    gXmlSecOpenSSLFunctions->transformRsaSha224GetKlass		= xmlSecOpenSSLTransformRsaSha224GetKlass;
+#ifndef XMLSEC_NO_SHA224
+    gXmlSecOpenSSLFunctions->transformRsaSha224GetKlass         = xmlSecOpenSSLTransformRsaSha224GetKlass;
 #endif /* XMLSEC_NO_SHA224 */
 
-#ifndef XMLSEC_NO_SHA256    
-    gXmlSecOpenSSLFunctions->transformRsaSha256GetKlass		= xmlSecOpenSSLTransformRsaSha256GetKlass;
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecOpenSSLFunctions->transformRsaSha256GetKlass         = xmlSecOpenSSLTransformRsaSha256GetKlass;
 #endif /* XMLSEC_NO_SHA256 */
 
-#ifndef XMLSEC_NO_SHA384    
-    gXmlSecOpenSSLFunctions->transformRsaSha384GetKlass 	= xmlSecOpenSSLTransformRsaSha384GetKlass;
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecOpenSSLFunctions->transformRsaSha384GetKlass         = xmlSecOpenSSLTransformRsaSha384GetKlass;
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
-    gXmlSecOpenSSLFunctions->transformRsaSha512GetKlass 	= xmlSecOpenSSLTransformRsaSha512GetKlass;
+    gXmlSecOpenSSLFunctions->transformRsaSha512GetKlass         = xmlSecOpenSSLTransformRsaSha512GetKlass;
 #endif /* XMLSEC_NO_SHA512 */
 
-    gXmlSecOpenSSLFunctions->transformRsaPkcs1GetKlass 		= xmlSecOpenSSLTransformRsaPkcs1GetKlass;
-    gXmlSecOpenSSLFunctions->transformRsaOaepGetKlass 		= xmlSecOpenSSLTransformRsaOaepGetKlass;
+    gXmlSecOpenSSLFunctions->transformRsaPkcs1GetKlass          = xmlSecOpenSSLTransformRsaPkcs1GetKlass;
+    gXmlSecOpenSSLFunctions->transformRsaOaepGetKlass           = xmlSecOpenSSLTransformRsaOaepGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
     /******************************* SHA ********************************/
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecOpenSSLFunctions->transformSha1GetKlass 		= xmlSecOpenSSLTransformSha1GetKlass;
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecOpenSSLFunctions->transformSha1GetKlass              = xmlSecOpenSSLTransformSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
+
 #ifndef XMLSEC_NO_SHA224
-    gXmlSecOpenSSLFunctions->transformSha224GetKlass 		= xmlSecOpenSSLTransformSha224GetKlass;
+    gXmlSecOpenSSLFunctions->transformSha224GetKlass            = xmlSecOpenSSLTransformSha224GetKlass;
 #endif /* XMLSEC_NO_SHA224 */
+
 #ifndef XMLSEC_NO_SHA256
-    gXmlSecOpenSSLFunctions->transformSha256GetKlass 		= xmlSecOpenSSLTransformSha256GetKlass;
+    gXmlSecOpenSSLFunctions->transformSha256GetKlass            = xmlSecOpenSSLTransformSha256GetKlass;
 #endif /* XMLSEC_NO_SHA256 */
+
 #ifndef XMLSEC_NO_SHA384
-    gXmlSecOpenSSLFunctions->transformSha384GetKlass 		= xmlSecOpenSSLTransformSha384GetKlass;
+    gXmlSecOpenSSLFunctions->transformSha384GetKlass            = xmlSecOpenSSLTransformSha384GetKlass;
 #endif /* XMLSEC_NO_SHA384 */
+
 #ifndef XMLSEC_NO_SHA512
-    gXmlSecOpenSSLFunctions->transformSha512GetKlass 		= xmlSecOpenSSLTransformSha512GetKlass;
+    gXmlSecOpenSSLFunctions->transformSha512GetKlass            = xmlSecOpenSSLTransformSha512GetKlass;
 #endif /* XMLSEC_NO_SHA512 */
 
-    /**
+    /********************************************************************
+     *
      * High level routines form xmlsec command line utility
-     */ 
-    gXmlSecOpenSSLFunctions->cryptoAppInit 			= xmlSecOpenSSLAppInit;
-    gXmlSecOpenSSLFunctions->cryptoAppShutdown 			= xmlSecOpenSSLAppShutdown;
-    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrInit 	= xmlSecOpenSSLAppDefaultKeysMngrInit;
-    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrAdoptKey 	= xmlSecOpenSSLAppDefaultKeysMngrAdoptKey;
-    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrLoad 	= xmlSecOpenSSLAppDefaultKeysMngrLoad;
-    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrSave 	= xmlSecOpenSSLAppDefaultKeysMngrSave;
+     *
+     ********************************************************************/
+    gXmlSecOpenSSLFunctions->cryptoAppInit                      = xmlSecOpenSSLAppInit;
+    gXmlSecOpenSSLFunctions->cryptoAppShutdown                  = xmlSecOpenSSLAppShutdown;
+    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrInit       = xmlSecOpenSSLAppDefaultKeysMngrInit;
+    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrAdoptKey   = xmlSecOpenSSLAppDefaultKeysMngrAdoptKey;
+    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrLoad       = xmlSecOpenSSLAppDefaultKeysMngrLoad;
+    gXmlSecOpenSSLFunctions->cryptoAppDefaultKeysMngrSave       = xmlSecOpenSSLAppDefaultKeysMngrSave;
 #ifndef XMLSEC_NO_X509
-    gXmlSecOpenSSLFunctions->cryptoAppKeysMngrCertLoad 		= xmlSecOpenSSLAppKeysMngrCertLoad;
-    gXmlSecOpenSSLFunctions->cryptoAppKeysMngrCertLoadMemory	= xmlSecOpenSSLAppKeysMngrCertLoadMemory;
-    gXmlSecOpenSSLFunctions->cryptoAppPkcs12Load  		= xmlSecOpenSSLAppPkcs12Load; 
-    gXmlSecOpenSSLFunctions->cryptoAppPkcs12LoadMemory 		= xmlSecOpenSSLAppPkcs12LoadMemory; 
-    gXmlSecOpenSSLFunctions->cryptoAppKeyCertLoad 		= xmlSecOpenSSLAppKeyCertLoad;
-    gXmlSecOpenSSLFunctions->cryptoAppKeyCertLoadMemory		= xmlSecOpenSSLAppKeyCertLoadMemory;
+    gXmlSecOpenSSLFunctions->cryptoAppKeysMngrCertLoad          = xmlSecOpenSSLAppKeysMngrCertLoad;
+    gXmlSecOpenSSLFunctions->cryptoAppKeysMngrCertLoadMemory    = xmlSecOpenSSLAppKeysMngrCertLoadMemory;
+    gXmlSecOpenSSLFunctions->cryptoAppPkcs12Load                = xmlSecOpenSSLAppPkcs12Load;
+    gXmlSecOpenSSLFunctions->cryptoAppPkcs12LoadMemory          = xmlSecOpenSSLAppPkcs12LoadMemory;
+    gXmlSecOpenSSLFunctions->cryptoAppKeyCertLoad               = xmlSecOpenSSLAppKeyCertLoad;
+    gXmlSecOpenSSLFunctions->cryptoAppKeyCertLoadMemory         = xmlSecOpenSSLAppKeyCertLoadMemory;
 #endif /* XMLSEC_NO_X509 */
-    gXmlSecOpenSSLFunctions->cryptoAppKeyLoad 			= xmlSecOpenSSLAppKeyLoad; 
-    gXmlSecOpenSSLFunctions->cryptoAppKeyLoadMemory		= xmlSecOpenSSLAppKeyLoadMemory; 
-    gXmlSecOpenSSLFunctions->cryptoAppDefaultPwdCallback	= (void*)xmlSecOpenSSLAppGetDefaultPwdCallback();
+    gXmlSecOpenSSLFunctions->cryptoAppKeyLoad                   = xmlSecOpenSSLAppKeyLoad;
+    gXmlSecOpenSSLFunctions->cryptoAppKeyLoadMemory             = xmlSecOpenSSLAppKeyLoadMemory;
+    gXmlSecOpenSSLFunctions->cryptoAppDefaultPwdCallback        = (void*)xmlSecOpenSSLAppGetDefaultPwdCallback();
 
     return(gXmlSecOpenSSLFunctions);
 }
 
 /**
  * xmlSecOpenSSLInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLInit (void)  {
     /* Check loaded xmlsec library version */
     if(xmlSecCheckVersionExact() != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCheckVersionExact",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if(xmlSecOpenSSLErrorsInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLErrorsInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLErrorsInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* register our klasses */
     if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_openssl()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLShutdown(void) {
     xmlSecOpenSSLSetDefaultTrustedCertsFolder(NULL);
     return(0);
@@ -291,7 +354,7 @@ xmlSecOpenSSLShutdown(void) {
 
 /**
  * xmlSecOpenSSLKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds OpenSSL specific key data stores in keys manager.
  *
@@ -300,172 +363,172 @@ xmlSecOpenSSLShutdown(void) {
 int
 xmlSecOpenSSLKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
 
 #ifndef XMLSEC_NO_X509
     /* create x509 store if needed */
     if(xmlSecKeysMngrGetDataStore(mngr, xmlSecOpenSSLX509StoreId) == NULL) {
-	xmlSecKeyDataStorePtr x509Store;
+        xmlSecKeyDataStorePtr x509Store;
 
         x509Store = xmlSecKeyDataStoreCreate(xmlSecOpenSSLX509StoreId);
-	if(x509Store == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecOpenSSLX509StoreId");
-	    return(-1);   
-	}
-    
+        if(x509Store == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLX509StoreId");
+            return(-1);
+        }
+
         ret = xmlSecKeysMngrAdoptDataStore(mngr, x509Store);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptDataStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyDataStoreDestroy(x509Store);
-	    return(-1); 
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptDataStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyDataStoreDestroy(x509Store);
+            return(-1);
+        }
     }
-#endif /* XMLSEC_NO_X509 */    
+#endif /* XMLSEC_NO_X509 */
     return(0);
 }
 
 /**
  * xmlSecOpenSSLGenerateRandom:
- * @buffer:		the destination buffer.
- * @size:		the numer of bytes to generate.
+ * @buffer:             the destination buffer.
+ * @size:               the numer of bytes to generate.
  *
  * Generates @size random bytes and puts result in @buffer.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecOpenSSLGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {	
+xmlSecOpenSSLGenerateRandom(xmlSecBufferPtr buffer, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(size > 0, -1);
 
     ret = xmlSecBufferSetSize(buffer, size);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
     }
-        
+
     /* get random data */
     ret = RAND_bytes((xmlSecByte*)xmlSecBufferGetData(buffer), size);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "RAND_bytes",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", size);
-	return(-1);    
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "RAND_bytes",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", size);
+        return(-1);
+    }
     return(0);
 }
 
 /**
  * xmlSecOpenSSLErrorsDefaultCallback:
- * @file:		the error location file name (__FILE__ macro).
- * @line:		the error location line number (__LINE__ macro).
- * @func:		the error location function name (__FUNCTION__ macro).
- * @errorObject:	the error specific error object 
- * @errorSubject:	the error specific error subject.
- * @reason:		the error code.
- * @msg:		the additional error message.
+ * @file:               the error location file name (__FILE__ macro).
+ * @line:               the error location line number (__LINE__ macro).
+ * @func:               the error location function name (__FUNCTION__ macro).
+ * @errorObject:        the error specific error object
+ * @errorSubject:       the error specific error subject.
+ * @reason:             the error code.
+ * @msg:                the additional error message.
  *
  * The default OpenSSL errors reporting callback function.
  */
-void 
+void
 xmlSecOpenSSLErrorsDefaultCallback(const char* file, int line, const char* func,
-				const char* errorObject, const char* errorSubject,
-				int reason, const char* msg) {
-
-    ERR_put_error(XMLSEC_OPENSSL_ERRORS_LIB, 
-		XMLSEC_OPENSSL_ERRORS_FUNCTION, 
-		reason, file, line);
-    xmlSecErrorsDefaultCallback(file, line, func, 
-		errorObject, errorSubject, 
-		reason, msg);
+                                const char* errorObject, const char* errorSubject,
+                                int reason, const char* msg) {
+
+    ERR_put_error(XMLSEC_OPENSSL_ERRORS_LIB,
+                XMLSEC_OPENSSL_ERRORS_FUNCTION,
+                reason, file, line);
+    xmlSecErrorsDefaultCallback(file, line, func,
+                errorObject, errorSubject,
+                reason, msg);
 }
 
-static int 
+static int
 xmlSecOpenSSLErrorsInit(void) {
     static ERR_STRING_DATA xmlSecOpenSSLStrReasons[XMLSEC_ERRORS_MAX_NUMBER + 1];
     static ERR_STRING_DATA xmlSecOpenSSLStrLib[]= {
-	{ ERR_PACK(XMLSEC_OPENSSL_ERRORS_LIB,0,0),	"xmlsec routines"},
-	{ 0,     					NULL}
-    }; 
+        { ERR_PACK(XMLSEC_OPENSSL_ERRORS_LIB,0,0),      "xmlsec routines"},
+        { 0,                                            NULL}
+    };
     static ERR_STRING_DATA xmlSecOpenSSLStrDefReason[]= {
-	{ XMLSEC_OPENSSL_ERRORS_LIB,			"xmlsec lib"},
-        { 0,						NULL}
+        { XMLSEC_OPENSSL_ERRORS_LIB,                    "xmlsec lib"},
+        { 0,                                            NULL}
     };
     xmlSecSize pos;
 
     /* initialize reasons array */
     memset(xmlSecOpenSSLStrReasons, 0, sizeof(xmlSecOpenSSLStrReasons));
     for(pos = 0; (pos < XMLSEC_ERRORS_MAX_NUMBER) && (xmlSecErrorsGetMsg(pos) != NULL); ++pos) {
-	xmlSecOpenSSLStrReasons[pos].error  = xmlSecErrorsGetCode(pos);
-	xmlSecOpenSSLStrReasons[pos].string = xmlSecErrorsGetMsg(pos);
+        xmlSecOpenSSLStrReasons[pos].error  = xmlSecErrorsGetCode(pos);
+        xmlSecOpenSSLStrReasons[pos].string = xmlSecErrorsGetMsg(pos);
     }
-    
+
     /* finally load xmlsec strings in OpenSSL */
     ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrLib); /* define xmlsec lib name */
     ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrDefReason); /* define default reason */
-    ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrReasons);     
-    
+    ERR_load_strings(XMLSEC_OPENSSL_ERRORS_LIB, xmlSecOpenSSLStrReasons);
+
     /* and set default errors callback for xmlsec to us */
     xmlSecErrorsSetCallback(xmlSecOpenSSLErrorsDefaultCallback);
-    
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLSetDefaultTrustedCertsFolder:
- * @path: 	the default trusted certs path.
+ * @path:       the default trusted certs path.
  *
  * Sets the default trusted certs folder.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecOpenSSLSetDefaultTrustedCertsFolder(const xmlChar* path) {
     if(gXmlSecOpenSSLTrustedCertsFolder != NULL) {
-	xmlFree(gXmlSecOpenSSLTrustedCertsFolder);
-	gXmlSecOpenSSLTrustedCertsFolder = NULL;
+        xmlFree(gXmlSecOpenSSLTrustedCertsFolder);
+        gXmlSecOpenSSLTrustedCertsFolder = NULL;
     }
 
     if(path != NULL) {
-	gXmlSecOpenSSLTrustedCertsFolder = xmlStrdup(BAD_CAST path);
-	if(gXmlSecOpenSSLTrustedCertsFolder == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlStrdup",
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        gXmlSecOpenSSLTrustedCertsFolder = xmlStrdup(BAD_CAST path);
+        if(gXmlSecOpenSSLTrustedCertsFolder == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLGetDefaultTrustedCertsFolder:
- * 
+ *
  * Gets the default trusted certs folder.
  *
  * Returns: the default trusted cert folder.
  */
-const xmlChar*	
+const xmlChar*
 xmlSecOpenSSLGetDefaultTrustedCertsFolder(void) {
     return(gXmlSecOpenSSLTrustedCertsFolder);
 }
diff --git a/src/openssl/digests.c b/src/openssl/digests.c
index c681e857..fa26fa65 100644
--- a/src/openssl/digests.c
+++ b/src/openssl/digests.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -25,13 +25,13 @@
  * Internal OpenSSL Digest CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecOpenSSLDigestCtx		xmlSecOpenSSLDigestCtx, *xmlSecOpenSSLDigestCtxPtr;
+typedef struct _xmlSecOpenSSLDigestCtx          xmlSecOpenSSLDigestCtx, *xmlSecOpenSSLDigestCtxPtr;
 struct _xmlSecOpenSSLDigestCtx {
-    const EVP_MD*	digest;
-    EVP_MD_CTX		digestCtx;
-    xmlSecByte 		dgst[EVP_MAX_MD_SIZE];
-    xmlSecSize		dgstSize;	/* dgst size in bytes */
-};	    
+    const EVP_MD*       digest;
+    EVP_MD_CTX          digestCtx;
+    xmlSecByte          dgst[EVP_MAX_MD_SIZE];
+    xmlSecSize          dgstSize;       /* dgst size in bytes */
+};
 
 /******************************************************************************
  *
@@ -40,80 +40,86 @@ struct _xmlSecOpenSSLDigestCtx {
  * xmlSecOpenSSLDigestCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecOpenSSLEvpDigestSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLDigestCtx))	
+#define xmlSecOpenSSLEvpDigestSize      \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLDigestCtx))
 #define xmlSecOpenSSLEvpDigestGetCtx(transform) \
     ((xmlSecOpenSSLDigestCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
 
-static int	xmlSecOpenSSLEvpDigestInitialize	(xmlSecTransformPtr transform);
-static void	xmlSecOpenSSLEvpDigestFinalize		(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLEvpDigestVerify		(xmlSecTransformPtr transform, 
-							 const xmlSecByte* data,
-							 xmlSecSize dataSize,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecOpenSSLEvpDigestExecute		(xmlSecTransformPtr transform, 
-							 int last,
-							 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecOpenSSLEvpDigestCheckId		(xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLEvpDigestInitialize        (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLEvpDigestFinalize          (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLEvpDigestVerify            (xmlSecTransformPtr transform,
+                                                         const xmlSecByte* data,
+                                                         xmlSecSize dataSize,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpDigestExecute           (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpDigestCheckId           (xmlSecTransformPtr transform);
 
 static int
 xmlSecOpenSSLEvpDigestCheckId(xmlSecTransformPtr transform) {
 
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformMd5Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_MD5 */    
+#endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRipemd160Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_RIPEMD160 */    
+#endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha1Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA1 */    
+#endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha224Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA224 */    
-    
+#endif /* XMLSEC_NO_SHA224 */
+
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha256Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA256 */    
+#endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha384Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA384 */    
+#endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha512Id)) {
-	return(1);
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_GOST
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_94Id)) {
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA512 */    
+#endif /* XMLSEC_NO_GOST*/
 
 
     {
-	return(0);
+        return(0);
     }
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLDigestCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
 
@@ -126,62 +132,77 @@ xmlSecOpenSSLEvpDigestInitialize(xmlSecTransformPtr transform) {
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformMd5Id)) {
         ctx->digest = EVP_md5();
-    } else 
+    } else
 #endif /* XMLSEC_NO_MD5 */
-    
-#ifndef XMLSEC_NO_RIPEMD160 
+
+#ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRipemd160Id)) {
         ctx->digest = EVP_ripemd160();
-    } else 
+    } else
 #endif /* XMLSEC_NO_RIPEMD160 */
-    
+
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha1Id)) {
         ctx->digest = EVP_sha1();
-    } else 
-#endif /* XMLSEC_NO_SHA1 */    
+    } else
+#endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha224Id)) {
         ctx->digest = EVP_sha224();
-    } else 
-#endif /* XMLSEC_NO_SHA224 */    
+    } else
+#endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha256Id)) {
         ctx->digest = EVP_sha256();
-    } else 
-#endif /* XMLSEC_NO_SHA256 */    
-    
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha384Id)) {
         ctx->digest = EVP_sha384();
-    } else 
-#endif /* XMLSEC_NO_SHA384 */    
+    } else
+#endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformSha512Id)) {
         ctx->digest = EVP_sha512();
-    } else 
-#endif /* XMLSEC_NO_SHA512 */    
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#ifndef XMLSEC_NO_GOST
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGostR3411_94Id)) {
+        ctx->digest = EVP_get_digestbyname("md_gost94");
+				if (!ctx->digest)
+				{
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+				}
+    } else
+#endif /* XMLSEC_NO_GOST*/
 
     {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_OPENSSL_096
     EVP_MD_CTX_init(&(ctx->digestCtx));
 #endif /* XMLSEC_OPENSSL_096 */
-    
+
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLDigestCtxPtr ctx;
 
@@ -190,7 +211,7 @@ xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
 #ifndef XMLSEC_OPENSSL_096
     EVP_MD_CTX_cleanup(&(ctx->digestCtx));
 #endif /* XMLSEC_OPENSSL_096 */
@@ -198,11 +219,11 @@ xmlSecOpenSSLEvpDigestFinalize(xmlSecTransformPtr transform) {
 }
 
 static int
-xmlSecOpenSSLEvpDigestVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLEvpDigestVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLDigestCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
@@ -213,38 +234,38 @@ xmlSecOpenSSLEvpDigestVerify(xmlSecTransformPtr transform,
     ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
+
     if(dataSize != ctx->dgstSize) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "data_size=%d;dgst_size=%d", 
-		    dataSize, ctx->dgstSize);
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data_size=%d;dgst_size=%d",
+                    dataSize, ctx->dgstSize);
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     if(memcmp(ctx->dgst, data, ctx->dgstSize) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLDigestCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpDigestCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpDigestSize), -1);
@@ -259,97 +280,100 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
     ctx = xmlSecOpenSSLEvpDigestGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->digest != NULL, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
 #ifndef XMLSEC_OPENSSL_096
-	ret = EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"EVP_DigestInit",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        ret = EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "EVP_DigestInit",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
 #else /* XMLSEC_OPENSSL_096 */
-	EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
+        EVP_DigestInit(&(ctx->digestCtx), ctx->digest);
 #endif /* XMLSEC_OPENSSL_096 */
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-	
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_DigestUpdate",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
+            ret = EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_DigestUpdate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            EVP_DigestUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
 #endif /* XMLSEC_OPENSSL_096 */
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-	if(last) {
-	    xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1);
-	        
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+        if(last) {
+            unsigned int dgstSize;
+
+            xmlSecAssert2((xmlSecSize)EVP_MD_size(ctx->digest) <= sizeof(ctx->dgst), -1);
+
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &ctx->dgstSize);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_DigestFinal",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
+            ret = EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &dgstSize);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_DigestFinal",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &ctx->dgstSize);
+            EVP_DigestFinal(&(ctx->digestCtx), ctx->dgst, &dgstSize);
 #endif /* XMLSEC_OPENSSL_096 */
-	    xmlSecAssert2(ctx->dgstSize > 0, -1);
-	    
-	    /* copy result to output */
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", ctx->dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+            xmlSecAssert2(dgstSize > 0, -1);
+            ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize);
+
+            /* copy result to output */
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, ctx->dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", ctx->dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
@@ -362,39 +386,39 @@ xmlSecOpenSSLEvpDigestExecute(xmlSecTransformPtr transform, int last, xmlSecTran
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLMd5Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameMd5,				/* const xmlChar* name; */
-    xmlSecHrefMd5, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameMd5,                              /* const xmlChar* name; */
+    xmlSecHrefMd5,                              /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformMd5GetKlass:
  *
  * MD5 digest transform klass.
  *
  * Returns: pointer to MD5 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformMd5GetKlass(void) {
     return(&xmlSecOpenSSLMd5Klass);
 }
@@ -408,39 +432,39 @@ xmlSecOpenSSLTransformMd5GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRipemd160Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameRipemd160,			/* const xmlChar* name; */
-    xmlSecHrefRipemd160, 			/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameRipemd160,                        /* const xmlChar* name; */
+    xmlSecHrefRipemd160,                        /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformRipemd160GetKlass:
  *
  * RIPEMD-160 digest transform klass.
  *
  * Returns: pointer to RIPEMD-160 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRipemd160GetKlass(void) {
     return(&xmlSecOpenSSLRipemd160Klass);
 }
@@ -455,39 +479,39 @@ xmlSecOpenSSLTransformRipemd160GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameSha1,				/* const xmlChar* name; */
-    xmlSecHrefSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameSha1,                             /* const xmlChar* name; */
+    xmlSecHrefSha1,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformSha1GetKlass:
  *
  * SHA-1 digest transform klass.
  *
  * Returns: pointer to SHA-1 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformSha1GetKlass(void) {
     return(&xmlSecOpenSSLSha1Klass);
 }
@@ -501,39 +525,39 @@ xmlSecOpenSSLTransformSha1GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLSha224Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameSha224,				/* const xmlChar* name; */
-    xmlSecHrefSha224, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameSha224,                           /* const xmlChar* name; */
+    xmlSecHrefSha224,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformSha224GetKlass:
  *
  * SHA-224 digest transform klass.
  *
  * Returns: pointer to SHA-224 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformSha224GetKlass(void) {
     return(&xmlSecOpenSSLSha224Klass);
 }
@@ -547,39 +571,39 @@ xmlSecOpenSSLTransformSha224GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLSha256Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameSha256,				/* const xmlChar* name; */
-    xmlSecHrefSha256, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameSha256,                           /* const xmlChar* name; */
+    xmlSecHrefSha256,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformSha256GetKlass:
  *
  * SHA-256 digest transform klass.
  *
  * Returns: pointer to SHA-256 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformSha256GetKlass(void) {
     return(&xmlSecOpenSSLSha256Klass);
 }
@@ -593,39 +617,39 @@ xmlSecOpenSSLTransformSha256GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLSha384Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameSha384,				/* const xmlChar* name; */
-    xmlSecHrefSha384, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameSha384,                           /* const xmlChar* name; */
+    xmlSecHrefSha384,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformSha384GetKlass:
  *
  * SHA-384 digest transform klass.
  *
  * Returns: pointer to SHA-384 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformSha384GetKlass(void) {
     return(&xmlSecOpenSSLSha384Klass);
 }
@@ -639,41 +663,85 @@ xmlSecOpenSSLTransformSha384GetKlass(void) {
  *****************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLSha512Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpDigestSize,			/* xmlSecSize objSize */
-
-    xmlSecNameSha512,				/* const xmlChar* name; */
-    xmlSecHrefSha512, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDigestMethod,		/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpDigestInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpDigestFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpDigestVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpDigestExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpDigestSize,                 /* xmlSecSize objSize */
+
+    xmlSecNameSha512,                           /* const xmlChar* name; */
+    xmlSecHrefSha512,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpDigestInitialize,           /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,             /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,               /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,              /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformSha512GetKlass:
  *
  * SHA-512 digest transform klass.
  *
  * Returns: pointer to SHA-512 digest transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformSha512GetKlass(void) {
     return(&xmlSecOpenSSLSha512Klass);
 }
 #endif /* XMLSEC_NO_SHA512 */
 
+#ifndef XMLSEC_NO_GOST
+/******************************************************************************
+ *
+ * GOSTR3411_94
+ *
+ *****************************************************************************/
+static xmlSecTransformKlass xmlSecOpenSSLGostR3411_94Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* size_t klassSize */
+    xmlSecOpenSSLEvpDigestSize,                   /* size_t objSize */
+
+    xmlSecNameGostR3411_94,                             /* const xmlChar* name; */
+    xmlSecHrefGostR3411_94,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDigestMethod,           /* xmlSecTransformUsage usage; */
+    xmlSecOpenSSLEvpDigestInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpDigestFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpDigestVerify,                 /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpDigestExecute,                /* xmlSecTransformExecuteMethod execute; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGostR3411_94GetKlass:
+ *
+ * GOSTR3411_94 digest transform klass.
+ *
+ * Returns: pointer to GOSTR3411_94 digest transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGostR3411_94GetKlass(void) {
+    return(&xmlSecOpenSSLGostR3411_94Klass);
+}
+#endif /* XMLSEC_NO_GOST*/
+
diff --git a/src/openssl/evp.c b/src/openssl/evp.c
index e9d87295..9cb52dc2 100644
--- a/src/openssl/evp.c
+++ b/src/openssl/evp.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -29,11 +29,11 @@
  * Internal OpenSSL EVP key CTX
  *
  *************************************************************************/
-typedef struct _xmlSecOpenSSLEvpKeyDataCtx	xmlSecOpenSSLEvpKeyDataCtx, 
-						*xmlSecOpenSSLEvpKeyDataCtxPtr;
+typedef struct _xmlSecOpenSSLEvpKeyDataCtx      xmlSecOpenSSLEvpKeyDataCtx,
+                                                *xmlSecOpenSSLEvpKeyDataCtxPtr;
 struct _xmlSecOpenSSLEvpKeyDataCtx {
-    EVP_PKEY*		pKey;
-};	    
+    EVP_PKEY*           pKey;
+};
 
 /******************************************************************************
  *
@@ -42,38 +42,38 @@ struct _xmlSecOpenSSLEvpKeyDataCtx {
  * xmlSecOpenSSLEvpKeyDataCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecOpenSSLEvpKeyDataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLEvpKeyDataCtx))	
+#define xmlSecOpenSSLEvpKeyDataSize     \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLEvpKeyDataCtx))
 #define xmlSecOpenSSLEvpKeyDataGetCtx(data) \
     ((xmlSecOpenSSLEvpKeyDataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
-static int		xmlSecOpenSSLEvpKeyDataInitialize	(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLEvpKeyDataDuplicate	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
-static void		xmlSecOpenSSLEvpKeyDataFinalize		(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLEvpKeyDataInitialize       (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLEvpKeyDataDuplicate        (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLEvpKeyDataFinalize         (xmlSecKeyDataPtr data);
 
 /**
  * xmlSecOpenSSLEvpKeyDataAdoptEvp:
- * @data:		the pointer to OpenSSL EVP key data.
- * @pKey:		the pointer to EVP key.
+ * @data:               the pointer to OpenSSL EVP key data.
+ * @pKey:               the pointer to EVP key.
  *
  * Sets the value of key data.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLEvpKeyDataAdoptEvp(xmlSecKeyDataPtr data, EVP_PKEY* pKey) {
     xmlSecOpenSSLEvpKeyDataCtxPtr ctx;
 
     xmlSecAssert2(xmlSecKeyDataIsValid(data), -1);
     xmlSecAssert2(xmlSecKeyDataCheckSize(data, xmlSecOpenSSLEvpKeyDataSize), -1);
     xmlSecAssert2(pKey != NULL, -1);
-    
+
     ctx = xmlSecOpenSSLEvpKeyDataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
     ctx->pKey = pKey;
     return(0);
@@ -81,13 +81,13 @@ xmlSecOpenSSLEvpKeyDataAdoptEvp(xmlSecKeyDataPtr data, EVP_PKEY* pKey) {
 
 /**
  * xmlSecOpenSSLEvpKeyDataGetEvp:
- * @data:		the pointer to OpenSSL EVP data.
+ * @data:               the pointer to OpenSSL EVP data.
  *
  * Gets the EVP_PKEY from the key data.
  *
  * Returns: pointer to EVP_PKEY or NULL if an error occurs.
  */
-EVP_PKEY* 
+EVP_PKEY*
 xmlSecOpenSSLEvpKeyDataGetEvp(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLEvpKeyDataCtxPtr ctx;
 
@@ -133,16 +133,16 @@ xmlSecOpenSSLEvpKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(ctxSrc != NULL, -1);
 
     if(ctxSrc->pKey != NULL) {
-	ctxDst->pKey = xmlSecOpenSSLEvpKeyDup(ctxSrc->pKey);
-	if(ctxDst->pKey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecOpenSSLEvpKeyDup",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-    } 
+        ctxDst->pKey = xmlSecOpenSSLEvpKeyDup(ctxSrc->pKey);
+        if(ctxDst->pKey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecOpenSSLEvpKeyDup",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
 
     return(0);
 }
@@ -150,15 +150,15 @@ xmlSecOpenSSLEvpKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 static void
 xmlSecOpenSSLEvpKeyDataFinalize(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLEvpKeyDataCtxPtr ctx;
-    
+
     xmlSecAssert(xmlSecKeyDataIsValid(data));
     xmlSecAssert(xmlSecKeyDataCheckSize(data, xmlSecOpenSSLEvpKeyDataSize));
 
     ctx = xmlSecOpenSSLEvpKeyDataGetCtx(data);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
     memset(ctx, 0, sizeof(xmlSecOpenSSLEvpKeyDataCtx));
 }
@@ -170,34 +170,34 @@ xmlSecOpenSSLEvpKeyDataFinalize(xmlSecKeyDataPtr data) {
  *****************************************************************************/
 /**
  * xmlSecOpenSSLEvpKeyDup:
- * @pKey:		the pointer to EVP_PKEY.
+ * @pKey:               the pointer to EVP_PKEY.
  *
  * Duplicates @pKey.
  *
  * Returns: pointer to newly created EVP_PKEY object or NULL if an error occurs.
  */
-EVP_PKEY* 
+EVP_PKEY*
 xmlSecOpenSSLEvpKeyDup(EVP_PKEY* pKey) {
     int ret;
 
     xmlSecAssert2(pKey != NULL, NULL);
-    
+
     ret = CRYPTO_add(&pKey->references,1,CRYPTO_LOCK_EVP_PKEY);
     if(ret <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CRYPTO_add",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);		    	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CRYPTO_add",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(pKey);
 }
 
 /**
  * xmlSecOpenSSLEvpKeyAdopt:
- * @pKey:		the pointer to EVP_PKEY.
+ * @pKey:               the pointer to EVP_PKEY.
  *
  * Creates xmlsec key object from OpenSSL key object.
  *
@@ -207,60 +207,86 @@ xmlSecKeyDataPtr
 xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
     xmlSecKeyDataPtr data = NULL;
     int ret;
-    
+
     xmlSecAssert2(pKey != NULL, NULL);
 
-    switch(pKey->type) {	
-#ifndef XMLSEC_NO_RSA    
+    switch(pKey->type) {
+#ifndef XMLSEC_NO_RSA
     case EVP_PKEY_RSA:
-	data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataRsaId);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecOpenSSLKeyDataRsaId");
-	    return(NULL);	    
-	}
-	break;
-#endif /* XMLSEC_NO_RSA */	
-#ifndef XMLSEC_NO_DSA	
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataRsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataRsaId");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_RSA */
+#ifndef XMLSEC_NO_DSA
     case EVP_PKEY_DSA:
-	data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataDsaId);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecOpenSSLKeyDataDsaId");
-	    return(NULL);	    
-	}
-	break;
-#endif /* XMLSEC_NO_DSA */	
-    default:	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "evp key type %d not supported", pKey->type);
-	return(NULL);
-    }
-
-    xmlSecAssert2(data != NULL, NULL);    
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataDsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataDsaId");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_DSA */
+#ifndef XMLSEC_NO_ECDSA
+    case EVP_PKEY_EC:
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataEcdsaId);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataEcdsaId");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_ECDSA */
+#ifndef XMLSEC_NO_GOST
+    case NID_id_GostR3410_2001:
+        data = xmlSecKeyDataCreate(xmlSecOpenSSLKeyDataGost2001Id);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecOpenSSLKeyDataGost2001Id");
+            return(NULL);
+        }
+        break;
+#endif /* XMLSEC_NO_GOST */
+    default:
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "evp key type %d not supported", pKey->type);
+        return(NULL);
+    }
+
+    xmlSecAssert2(data != NULL, NULL);
     ret = xmlSecOpenSSLEvpKeyDataAdoptEvp(data, pKey);
-    if(ret < 0) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLEvpKeyDataAdoptEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(NULL);	    
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLEvpKeyDataAdoptEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(NULL);
     }
     return(data);
 }
 
-#ifndef XMLSEC_NO_DSA    
+#ifndef XMLSEC_NO_DSA
 /**************************************************************************
  *
  * <dsig:DSAKeyValue> processing
@@ -268,57 +294,57 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
  *
  * The DSAKeyValue Element (http://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue)
  *
- * DSA keys and the DSA signature algorithm are specified in [DSS]. 
+ * DSA keys and the DSA signature algorithm are specified in [DSS].
  * DSA public key values can have the following fields:
- *      
- *   * P - a prime modulus meeting the [DSS] requirements 
- *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime 
- *         divisor of P-1 
- *   * G - an integer with certain properties with respect to P and Q 
- *   * Y - G**X mod P (where X is part of the private key and not made 
- *	   public) 
- *   * J - (P - 1) / Q 
- *   * seed - a DSA prime generation seed 
+ *
+ *   * P - a prime modulus meeting the [DSS] requirements
+ *   * Q - an integer in the range 2**159 < Q < 2**160 which is a prime
+ *         divisor of P-1
+ *   * G - an integer with certain properties with respect to P and Q
+ *   * Y - G**X mod P (where X is part of the private key and not made
+ *         public)
+ *   * J - (P - 1) / Q
+ *   * seed - a DSA prime generation seed
  *   * pgenCounter - a DSA prime generation counter
  *
- * Parameter J is available for inclusion solely for efficiency as it is 
- * calculatable from P and Q. Parameters seed and pgenCounter are used in the 
- * DSA prime number generation algorithm specified in [DSS]. As such, they are 
- * optional but must either both be present or both be absent. This prime 
- * generation algorithm is designed to provide assurance that a weak prime is 
- * not being used and it yields a P and Q value. Parameters P, Q, and G can be 
- * public and common to a group of users. They might be known from application 
- * context. As such, they are optional but P and Q must either both appear or 
- * both be absent. If all of P, Q, seed, and pgenCounter are present, 
- * implementations are not required to check if they are consistent and are 
- * free to use either P and Q or seed and pgenCounter. All parameters are 
+ * Parameter J is available for inclusion solely for efficiency as it is
+ * calculatable from P and Q. Parameters seed and pgenCounter are used in the
+ * DSA prime number generation algorithm specified in [DSS]. As such, they are
+ * optional but must either both be present or both be absent. This prime
+ * generation algorithm is designed to provide assurance that a weak prime is
+ * not being used and it yields a P and Q value. Parameters P, Q, and G can be
+ * public and common to a group of users. They might be known from application
+ * context. As such, they are optional but P and Q must either both appear or
+ * both be absent. If all of P, Q, seed, and pgenCounter are present,
+ * implementations are not required to check if they are consistent and are
+ * free to use either P and Q or seed and pgenCounter. All parameters are
  * encoded as base64 [MIME] values.
- *     
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ *
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
- *     
+ *
  * Schema Definition:
- *     
- * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/> 
- * <complexType name="DSAKeyValueType"> 
+ *
+ * <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+ * <complexType name="DSAKeyValueType">
  *   <sequence>
  *     <sequence minOccurs="0">
- *        <element name="P" type="ds:CryptoBinary"/> 
+ *        <element name="P" type="ds:CryptoBinary"/>
  *        <element name="Q" type="ds:CryptoBinary"/>
  *     </sequence>
- *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/> 
- *     <element name="Y" type="ds:CryptoBinary"/> 
+ *     <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+ *     <element name="Y" type="ds:CryptoBinary"/>
  *     <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
  *     <sequence minOccurs="0">
- *       <element name="Seed" type="ds:CryptoBinary"/> 
- *       <element name="PgenCounter" type="ds:CryptoBinary"/> 
+ *       <element name="Seed" type="ds:CryptoBinary"/>
+ *       <element name="PgenCounter" type="ds:CryptoBinary"/>
  *     </sequence>
  *   </sequence>
  * </complexType>
- *     
+ *
  * DTD Definition:
- *     
- *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) > 
+ *
+ *  <!ELEMENT DSAKeyValue ((P, Q)?, G?, Y, J?, (Seed, PgenCounter)?) >
  *  <!ELEMENT P (#PCDATA) >
  *  <!ELEMENT Q (#PCDATA) >
  *  <!ELEMENT G (#PCDATA) >
@@ -328,34 +354,34 @@ xmlSecOpenSSLEvpKeyAdopt(EVP_PKEY *pKey) {
  *  <!ELEMENT PgenCounter (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  * To support reading/writing private keys an X element added (before Y).
  * todo: The current implementation does not support Seed and PgenCounter!
  * by this the P, Q and G are *required*!
  *
  *************************************************************************/
-static int		xmlSecOpenSSLKeyDataDsaInitialize	(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataDsaDuplicate	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
-static void		xmlSecOpenSSLKeyDataDsaFinalize		(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataDsaXmlRead		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataDsaXmlWrite		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataDsaGenerate		(xmlSecKeyDataPtr data,
-								 xmlSecSize sizeBits,
-								 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecOpenSSLKeyDataDsaGetType		(xmlSecKeyDataPtr data);
-static xmlSecSize		xmlSecOpenSSLKeyDataDsaGetSize		(xmlSecKeyDataPtr data);
-static void		xmlSecOpenSSLKeyDataDsaDebugDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
-static void		xmlSecOpenSSLKeyDataDsaDebugXmlDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
+static int              xmlSecOpenSSLKeyDataDsaInitialize       (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataDsaDuplicate        (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataDsaFinalize         (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataDsaXmlRead          (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataDsaXmlWrite         (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataDsaGenerate         (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataDsaGetType         (xmlSecKeyDataPtr data);
+static xmlSecSize               xmlSecOpenSSLKeyDataDsaGetSize          (xmlSecKeyDataPtr data);
+static void             xmlSecOpenSSLKeyDataDsaDebugDump        (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecOpenSSLKeyDataDsaDebugXmlDump     (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
 
 static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataDsaKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -363,151 +389,151 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataDsaKlass = {
 
     /* data */
     xmlSecNameDSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDSAKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeDSAKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDSAKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDSAKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLKeyDataDsaInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLKeyDataDsaDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLKeyDataDsaFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecOpenSSLKeyDataDsaGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecOpenSSLKeyDataDsaInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataDsaDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataDsaFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecOpenSSLKeyDataDsaGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecOpenSSLKeyDataDsaGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecOpenSSLKeyDataDsaGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecOpenSSLKeyDataDsaGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataDsaGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLKeyDataDsaXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLKeyDataDsaXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLKeyDataDsaXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLKeyDataDsaXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLKeyDataDsaDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLKeyDataDsaDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLKeyDataDsaDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataDsaDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLKeyDataDsaGetKlass:
- * 
+ *
  * The DSA key data klass.
  *
  * Returns: pointer to DSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataDsaGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataDsaKlass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataDsaAdoptDsa:
- * @data:		the pointer to DSA key data.
- * @dsa:		the pointer to OpenSSL DSA key.
+ * @data:               the pointer to DSA key data.
+ * @dsa:                the pointer to OpenSSL DSA key.
  *
  * Sets the value of DSA key data.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecOpenSSLKeyDataDsaAdoptDsa(xmlSecKeyDataPtr data, DSA* dsa) {
     EVP_PKEY* pKey = NULL;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
-    
+
     /* construct new EVP_PKEY */
     if(dsa != NULL) {
-	pKey = EVP_PKEY_new();
-	if(pKey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"EVP_PKEY_new",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	ret = EVP_PKEY_assign_DSA(pKey, dsa);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"EVP_PKEY_assign_DSA",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-    }
-    
+        pKey = EVP_PKEY_new();
+        if(pKey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_new",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = EVP_PKEY_assign_DSA(pKey, dsa);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_assign_DSA",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     ret = xmlSecOpenSSLKeyDataDsaAdoptEvp(data, pKey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataDsaAdoptEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	if(pKey != NULL) {
-	    EVP_PKEY_free(pKey);
-	}
-	return(-1);
-    }
-    return(0);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataDsaAdoptEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        if(pKey != NULL) {
+            EVP_PKEY_free(pKey);
+        }
+        return(-1);
+    }
+    return(0);
 }
 
 /**
  * xmlSecOpenSSLKeyDataDsaGetDsa:
- * @data:		the pointer to DSA key data.
+ * @data:               the pointer to DSA key data.
  *
  * Gets the OpenSSL DSA key from DSA key data.
  *
  * Returns: pointer to OpenSSL DSA key or NULL if an error occurs.
  */
-DSA* 
+DSA*
 xmlSecOpenSSLKeyDataDsaGetDsa(xmlSecKeyDataPtr data) {
     EVP_PKEY* pKey;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), NULL);
-    
+
     pKey = xmlSecOpenSSLKeyDataDsaGetEvp(data);
     xmlSecAssert2((pKey == NULL) || (pKey->type == EVP_PKEY_DSA), NULL);
-    
+
     return((pKey != NULL) ? pKey->pkey.dsa : (DSA*)NULL);
 }
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataDsaAdoptEvp:
- * @data:		the pointer to DSA key data.
- * @pKey:		the pointer to OpenSSL EVP key.
+ * @data:               the pointer to DSA key data.
+ * @pKey:               the pointer to OpenSSL EVP key.
  *
  * Sets the DSA key data value to OpenSSL EVP key.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLKeyDataDsaAdoptEvp(xmlSecKeyDataPtr data, EVP_PKEY* pKey) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
     xmlSecAssert2(pKey != NULL, -1);
     xmlSecAssert2(pKey->type == EVP_PKEY_DSA, -1);
-    
+
     return(xmlSecOpenSSLEvpKeyDataAdoptEvp(data, pKey));
 }
 
 /**
  * xmlSecOpenSSLKeyDataDsaGetEvp:
- * @data:		the pointer to DSA key data.
+ * @data:               the pointer to DSA key data.
  *
  * Gets the OpenSSL EVP key from DSA key data.
  *
  * Returns: pointer to OpenSSL EVP key or NULL if an error occurs.
  */
-EVP_PKEY* 
+EVP_PKEY*
 xmlSecOpenSSLKeyDataDsaGetEvp(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), NULL);
 
@@ -532,13 +558,13 @@ xmlSecOpenSSLKeyDataDsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 static void
 xmlSecOpenSSLKeyDataDsaFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
-    
+
     xmlSecOpenSSLEvpKeyDataFinalize(data);
 }
 
 static int
 xmlSecOpenSSLKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     xmlNodePtr cur;
     DSA *dsa;
@@ -550,202 +576,202 @@ xmlSecOpenSSLKeyDataDsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     dsa = DSA_new();
     if(dsa == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "DSA_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "DSA_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     cur = xmlSecGetNextElementNode(node->children);
 
     /* first is P node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeDSAP, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	DSA_free(dsa);	
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        DSA_free(dsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->p)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        DSA_free(dsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is Q node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAQ, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        DSA_free(dsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->q)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        DSA_free(dsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is G node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAG, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        DSA_free(dsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->g)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        DSA_free(dsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAX, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * we are not sure exactly what do we read */
-	if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->priv_key)) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLNodeGetBNValue",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeDSAX));
-	    DSA_free(dsa);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+         * we are not sure exactly what do we read */
+        if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->priv_key)) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLNodeGetBNValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            DSA_free(dsa);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* next is Y node. */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeDSAY, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        DSA_free(dsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(dsa->pub_key)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s", xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        DSA_free(dsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* todo: add support for J */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAJ, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     /* todo: add support for seed */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSASeed, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* todo: add support for pgencounter */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDSAPgenCounter, xmlSecDSigNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);  
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        DSA_free(dsa);
+        return(-1);
     }
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        DSA_free(dsa);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataDsaAdoptDsa(data, dsa);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataDsaAdoptDsa",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataDsaAdoptDsa",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        DSA_free(dsa);
+        return(-1);
     }
 
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlNodePtr cur;
     DSA* dsa;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecOpenSSLKeyDataDsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataDsaId), -1);
@@ -754,126 +780,126 @@ xmlSecOpenSSLKeyDataDsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     dsa = xmlSecOpenSSLKeyDataDsaGetDsa(xmlSecKeyGetValue(key));
     xmlSecAssert2(dsa != NULL, -1);
-    
+
     if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only private key or public key */
-	return(0);
-    }    
-    
+        /* we can have only private key or public key */
+        return(0);
+    }
+
     /* first is P node */
     xmlSecAssert2(dsa->p != NULL, -1);
     cur = xmlSecAddChild(node, xmlSecNodeDSAP, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->p, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAP));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAP));
+        return(-1);
+    }
 
     /* next is Q node. */
     xmlSecAssert2(dsa->q != NULL, -1);
     cur = xmlSecAddChild(node, xmlSecNodeDSAQ, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->q, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAQ));
+        return(-1);
     }
 
     /* next is G node. */
     xmlSecAssert2(dsa->g != NULL, -1);
     cur = xmlSecAddChild(node, xmlSecNodeDSAG, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->g, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAG));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAG));
+        return(-1);
     }
 
     /* next is X node: write it ONLY for private keys and ONLY if it is requested */
     if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (dsa->priv_key != NULL)) {
-	cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeDSAX));
-	    return(-1);	
-	}
-	ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->priv_key, 1);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLNodeSetBNValue",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeDSAX));
-	    return(-1);
-	}
+        cur = xmlSecAddChild(node, xmlSecNodeDSAX, xmlSecNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            return(-1);
+        }
+        ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->priv_key, 1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLNodeSetBNValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDSAX));
+            return(-1);
+        }
     }
 
     /* next is Y node. */
     xmlSecAssert2(dsa->pub_key != NULL, -1);
     cur = xmlSecAddChild(node, xmlSecNodeDSAY, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, dsa->pub_key, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeDSAY));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDSAY));
+        return(-1);
     }
     return(0);
 }
@@ -884,40 +910,40 @@ xmlSecOpenSSLKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
     int counter_ret;
     unsigned long h_ret;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), -1);
     xmlSecAssert2(sizeBits > 0, -1);
 
-    dsa = DSA_generate_parameters(sizeBits, NULL, 0, &counter_ret, &h_ret, NULL, NULL); 
+    dsa = DSA_generate_parameters(sizeBits, NULL, 0, &counter_ret, &h_ret, NULL, NULL);
     if(dsa == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "DSA_generate_parameters",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", sizeBits);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "DSA_generate_parameters",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", sizeBits);
+        return(-1);
     }
 
     ret = DSA_generate_key(dsa);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "DSA_generate_key",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	DSA_free(dsa);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "DSA_generate_key",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        DSA_free(dsa);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataDsaAdoptDsa(data, dsa);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataDsaAdoptDsa",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	DSA_free(dsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataDsaAdoptDsa",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        DSA_free(dsa);
+        return(-1);
     }
 
     return(0);
@@ -926,32 +952,32 @@ xmlSecOpenSSLKeyDataDsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
 static xmlSecKeyDataType
 xmlSecOpenSSLKeyDataDsaGetType(xmlSecKeyDataPtr data) {
     DSA* dsa;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId), xmlSecKeyDataTypeUnknown);
-    
+
     dsa = xmlSecOpenSSLKeyDataDsaGetDsa(data);
-    if((dsa != NULL) && (dsa->p != NULL) && (dsa->q != NULL) && 
+    if((dsa != NULL) && (dsa->p != NULL) && (dsa->q != NULL) &&
        (dsa->g != NULL) && (dsa->pub_key != NULL)) {
-       
+
         if(dsa->priv_key != NULL) {
-	    return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
-	} else if(dsa->engine != NULL) {
-	    /*
-	     * !!! HACK !!! Also see RSA key
-	     * We assume here that engine *always* has private key.
-	     * This might be incorrect but it seems that there is no
-	     * way to ask engine if given key is private or not.
-	     */
-	    return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
-	} else {
-	    return(xmlSecKeyDataTypePublic);
-	}
+            return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        } else if(dsa->engine != NULL) {
+            /*
+             * !!! HACK !!! Also see RSA key
+             * We assume here that engine *always* has private key.
+             * This might be incorrect but it seems that there is no
+             * way to ask engine if given key is private or not.
+             */
+            return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        } else {
+            return(xmlSecKeyDataTypePublic);
+        }
     }
 
     return(xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecOpenSSLKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
     DSA* dsa;
 
@@ -959,31 +985,297 @@ xmlSecOpenSSLKeyDataDsaGetSize(xmlSecKeyDataPtr data) {
 
     dsa = xmlSecOpenSSLKeyDataDsaGetDsa(data);
     if((dsa != NULL) && (dsa->p != NULL)) {
-	return(BN_num_bits(dsa->p));
-    }    
+        return(BN_num_bits(dsa->p));
+    }
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLKeyDataDsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== dsa key: size = %d\n", 
-	    xmlSecOpenSSLKeyDataDsaGetSize(data));
+
+    fprintf(output, "=== dsa key: size = %d\n",
+            xmlSecOpenSSLKeyDataDsaGetSize(data));
 }
 
 static void
 xmlSecOpenSSLKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<DSAKeyValue size=\"%d\" />\n", 
-	    xmlSecOpenSSLKeyDataDsaGetSize(data));
+
+    fprintf(output, "<DSAKeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataDsaGetSize(data));
 }
 
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_ECDSA
+/**************************************************************************
+ *
+ * ECDSA XML key representation processing.
+ *
+ * http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7802
+ *
+ * RFC 4050 [RFC4050] describes a possible <dsig:KeyValue> representation
+ * for an ECDSA key. The representation and processing instructions
+ * described in [RFC4050] are not completely compatible with [XMLDSIG-11];
+ * therefore, ECDSA keys SHOULD NOT be provided through a <dsig:KeyValue>
+ * element.
+ *
+ *************************************************************************/
+static int              xmlSecOpenSSLKeyDataEcdsaInitialize(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst,
+                                                           xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataEcdsaFinalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataEcdsaGetType(xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data);
+static void              xmlSecOpenSSLKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecOpenSSLKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataEcdsaKlass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecOpenSSLEvpKeyDataSize,
+
+    /* data */
+    xmlSecNameECDSAKeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefECDSAKeyValue,                    /* const xmlChar* href; */
+    xmlSecNodeECDSAKeyValue,                    /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecOpenSSLKeyDataEcdsaInitialize,        /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataEcdsaDuplicate,         /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataEcdsaFinalize,          /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecOpenSSLKeyDataEcdsaGetType,           /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataEcdsaGetSize,           /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    NULL,           				/* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,           				/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecOpenSSLKeyDataEcdsaDebugDump,         /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataEcdsaDebugXmlDump,      /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaGetKlass:
+ *
+ * The ECDSA key data klass.
+ *
+ * Returns: pointer to ECDSA key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataEcdsaGetKlass(void) {
+    return(&xmlSecOpenSSLKeyDataEcdsaKlass);
+}
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa:
+ * @data:               the pointer to ECDSA key data.
+ * @ecdsa:              the pointer to OpenSSL ECDSA key.
+ *
+ * Sets the value of ECDSA key data.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecOpenSSLKeyDataEcdsaAdoptEcdsa(xmlSecKeyDataPtr data, EC_KEY* ecdsa) {
+    EVP_PKEY* pKey = NULL;
+    int ret;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), -1);
+
+    /* construct new EVP_PKEY */
+    if(ecdsa != NULL) {
+        pKey = EVP_PKEY_new();
+        if(pKey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_new",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = EVP_PKEY_assign_EC_KEY(pKey, ecdsa);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_assign_EC_KEY",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    ret = xmlSecOpenSSLKeyDataEcdsaAdoptEvp(data, pKey);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataEcdsaAdoptEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        if(pKey != NULL) {
+            EVP_PKEY_free(pKey);
+        }
+        return(-1);
+    }
+    return(0);
+}
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaGetEcdsa:
+ * @data:               the pointer to ECDSA key data.
+ *
+ * Gets the OpenSSL ECDSA key from ECDSA key data.
+ *
+ * Returns: pointer to OpenSSL ECDSA key or NULL if an error occurs.
+ */
+EC_KEY*
+xmlSecOpenSSLKeyDataEcdsaGetEcdsa(xmlSecKeyDataPtr data) {
+    EVP_PKEY* pKey;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), NULL);
+
+    pKey = xmlSecOpenSSLKeyDataEcdsaGetEvp(data);
+    xmlSecAssert2((pKey == NULL) || (pKey->type == EVP_PKEY_EC), NULL);
+
+    return((pKey != NULL) ? pKey->pkey.ec : (EC_KEY*)NULL);
+}
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaAdoptEvp:
+ * @data:               the pointer to ECDSA key data.
+ * @pKey:               the pointer to OpenSSL EVP key.
+ *
+ * Sets the ECDSA key data value to OpenSSL EVP key.
+ *
+ * Returns: 0 on success or a negative value otherwise.
+ */
+int
+xmlSecOpenSSLKeyDataEcdsaAdoptEvp(xmlSecKeyDataPtr data, EVP_PKEY* pKey) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), -1);
+    xmlSecAssert2(pKey != NULL, -1);
+    xmlSecAssert2(pKey->type == EVP_PKEY_EC, -1);
+
+    return(xmlSecOpenSSLEvpKeyDataAdoptEvp(data, pKey));
+}
+
+/**
+ * xmlSecOpenSSLKeyDataEcdsaGetEvp:
+ * @data:               the pointer to ECDSA key data.
+ *
+ * Gets the OpenSSL EVP key from ECDSA key data.
+ *
+ * Returns: pointer to OpenSSL EVP key or NULL if an error occurs.
+ */
+EVP_PKEY*
+xmlSecOpenSSLKeyDataEcdsaGetEvp(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), NULL);
+
+    return(xmlSecOpenSSLEvpKeyDataGetEvp(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataEcdsaInitialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataEcdsaDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataEcdsaId), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataEcdsaId), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataEcdsaFinalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId));
+
+    xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataEcdsaGetType(xmlSecKeyDataPtr data ATTRIBUTE_UNUSED) {
+    /* XXX-MAK: Fix this. */
+    return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataEcdsaGetSize(xmlSecKeyDataPtr data) {
+    const EC_GROUP *group;
+    const EC_KEY *ecdsa;
+    BIGNUM order;
+
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId), 0);
+
+    ecdsa = xmlSecOpenSSLKeyDataEcdsaGetEcdsa(data);
+    if((ecdsa == NULL)) {
+        return(0);
+    }
+
+    group = EC_KEY_get0_group(ecdsa);
+    if(group == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_KEY_get0_group",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
+    }
+
+    if(EC_GROUP_get_order(group, &order, NULL) != 1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_GROUP_get_order",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
+    }
+
+    return(BN_num_bytes(&order));
+}
+
+static void
+xmlSecOpenSSLKeyDataEcdsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== ecdsa key: size = %d\n",
+            xmlSecOpenSSLKeyDataEcdsaGetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataEcdsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataEcdsaId));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<ECDSAKeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataEcdsaGetSize(data));
+}
+
+#endif /* XMLSEC_NO_ECDSA */
+
 #ifndef XMLSEC_NO_RSA
 /**************************************************************************
  *
@@ -997,210 +1289,210 @@ xmlSecOpenSSLKeyDataDsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
  * <RSAKeyValue>
  *   <Modulus>xA7SEU+e0yQH5rm9kbCDN9o3aPIo7HbP7tX6WOocLZAtNfyxSZDU16ksL6W
  *     jubafOqNEpcwR3RdFsT7bCqnXPBe5ELh5u4VEy19MzxkXRgrMvavzyBpVRgBUwUlV
- *   	  5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
+ *        5foK5hhmbktQhyNdy/6LpQRhDUDsTvK+g9Ucj47es9AQJ3U=
  *   </Modulus>
  *   <Exponent>AQAB</Exponent>
  * </RSAKeyValue>
  *
- * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are 
+ * Arbitrary-length integers (e.g. "bignums" such as RSA moduli) are
  * represented in XML as octet strings as defined by the ds:CryptoBinary type.
  *
  * Schema Definition:
- * 
+ *
  * <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
  * <complexType name="RSAKeyValueType">
  *   <sequence>
- *     <element name="Modulus" type="ds:CryptoBinary"/> 
+ *     <element name="Modulus" type="ds:CryptoBinary"/>
  *     <element name="Exponent" type="ds:CryptoBinary"/>
  *   </sequence>
  * </complexType>
  *
  * DTD Definition:
- * 
- * <!ELEMENT RSAKeyValue (Modulus, Exponent) > 
+ *
+ * <!ELEMENT RSAKeyValue (Modulus, Exponent) >
  * <!ELEMENT Modulus (#PCDATA) >
  * <!ELEMENT Exponent (#PCDATA) >
  *
  * ============================================================================
- * 
+ *
  * To support reading/writing private keys an PrivateExponent element is added
  * to the end
  *
  *************************************************************************/
 
-static int		xmlSecOpenSSLKeyDataRsaInitialize	(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataRsaDuplicate	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
-static void		xmlSecOpenSSLKeyDataRsaFinalize		(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataRsaXmlRead		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataRsaXmlWrite		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataRsaGenerate		(xmlSecKeyDataPtr data,
-							    	 xmlSecSize sizeBits,
-								 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecOpenSSLKeyDataRsaGetType		(xmlSecKeyDataPtr data);
-static xmlSecSize		xmlSecOpenSSLKeyDataRsaGetSize		(xmlSecKeyDataPtr data);
-static void		xmlSecOpenSSLKeyDataRsaDebugDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
-static void		xmlSecOpenSSLKeyDataRsaDebugXmlDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
+static int              xmlSecOpenSSLKeyDataRsaInitialize       (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataRsaDuplicate        (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataRsaFinalize         (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataRsaXmlRead          (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataRsaXmlWrite         (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataRsaGenerate         (xmlSecKeyDataPtr data,
+                                                                 xmlSecSize sizeBits,
+                                                                 xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataRsaGetType         (xmlSecKeyDataPtr data);
+static xmlSecSize               xmlSecOpenSSLKeyDataRsaGetSize          (xmlSecKeyDataPtr data);
+static void             xmlSecOpenSSLKeyDataRsaDebugDump        (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecOpenSSLKeyDataRsaDebugXmlDump     (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
 static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataRsaKlass = {
     sizeof(xmlSecKeyDataKlass),
     xmlSecOpenSSLEvpKeyDataSize,
 
     /* data */
     xmlSecNameRSAKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRSAKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeRSAKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRSAKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeRSAKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLKeyDataRsaInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLKeyDataRsaDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLKeyDataRsaFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecOpenSSLKeyDataRsaGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecOpenSSLKeyDataRsaInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataRsaDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataRsaFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecOpenSSLKeyDataRsaGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecOpenSSLKeyDataRsaGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecOpenSSLKeyDataRsaGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecOpenSSLKeyDataRsaGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataRsaGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLKeyDataRsaXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLKeyDataRsaXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLKeyDataRsaXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLKeyDataRsaXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLKeyDataRsaDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLKeyDataRsaDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLKeyDataRsaDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataRsaDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataRsaGetKlass:
  *
  * The OpenSSL RSA key data klass.
  *
  * Returns: pointer to OpenSSL RSA key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataRsaGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataRsaKlass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataRsaAdoptRsa:
- * @data:		the pointer to RSA key data.
- * @rsa:		the pointer to OpenSSL RSA key.
+ * @data:               the pointer to RSA key data.
+ * @rsa:                the pointer to OpenSSL RSA key.
  *
  * Sets the value of RSA key data.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecOpenSSLKeyDataRsaAdoptRsa(xmlSecKeyDataPtr data, RSA* rsa) {
     EVP_PKEY* pKey = NULL;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
-    
+
     /* construct new EVP_PKEY */
     if(rsa != NULL) {
-	pKey = EVP_PKEY_new();
-	if(pKey == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"EVP_PKEY_new",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	ret = EVP_PKEY_assign_RSA(pKey, rsa);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"EVP_PKEY_assign_RSA",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-    }
-    
+        pKey = EVP_PKEY_new();
+        if(pKey == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_new",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = EVP_PKEY_assign_RSA(pKey, rsa);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "EVP_PKEY_assign_RSA",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     ret = xmlSecOpenSSLKeyDataRsaAdoptEvp(data, pKey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataRsaAdoptEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	if(pKey != NULL) {
-	    EVP_PKEY_free(pKey);
-	}
-	return(-1);
-    }
-    return(0);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataRsaAdoptEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        if(pKey != NULL) {
+            EVP_PKEY_free(pKey);
+        }
+        return(-1);
+    }
+    return(0);
 }
 
 /**
  * xmlSecOpenSSLKeyDataRsaGetRsa:
- * @data:		the pointer to RSA key data.
+ * @data:               the pointer to RSA key data.
  *
  * Gets the OpenSSL RSA key from RSA key data.
  *
  * Returns: pointer to OpenSSL RSA key or NULL if an error occurs.
  */
-RSA* 
+RSA*
 xmlSecOpenSSLKeyDataRsaGetRsa(xmlSecKeyDataPtr data) {
     EVP_PKEY* pKey;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), NULL);
-    
+
     pKey = xmlSecOpenSSLKeyDataRsaGetEvp(data);
     xmlSecAssert2((pKey == NULL) || (pKey->type == EVP_PKEY_RSA), NULL);
-    
+
     return((pKey != NULL) ? pKey->pkey.rsa : (RSA*)NULL);
 }
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataRsaAdoptEvp:
- * @data:		the pointer to RSA key data.
- * @pKey:		the pointer to OpenSSL EVP key.
+ * @data:               the pointer to RSA key data.
+ * @pKey:               the pointer to OpenSSL EVP key.
  *
  * Sets the RSA key data value to OpenSSL EVP key.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLKeyDataRsaAdoptEvp(xmlSecKeyDataPtr data, EVP_PKEY* pKey) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
     xmlSecAssert2(pKey != NULL, -1);
     xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1);
-    
+
     return(xmlSecOpenSSLEvpKeyDataAdoptEvp(data, pKey));
 }
 
 /**
  * xmlSecOpenSSLKeyDataRsaGetEvp:
- * @data:		the pointer to RSA key data.
+ * @data:               the pointer to RSA key data.
  *
  * Gets the OpenSSL EVP key from RSA key data.
  *
  * Returns: pointer to OpenSSL EVP key or NULL if an error occurs.
  */
-EVP_PKEY* 
+EVP_PKEY*
 xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), NULL);
 
@@ -1231,7 +1523,7 @@ xmlSecOpenSSLKeyDataRsaFinalize(xmlSecKeyDataPtr data) {
 
 static int
 xmlSecOpenSSLKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     xmlNodePtr cur;
     RSA *rsa;
@@ -1243,142 +1535,142 @@ xmlSecOpenSSLKeyDataRsaXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     if(xmlSecKeyGetValue(key) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    NULL,		    
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
-		    "key already has a value");
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA,
+                    "key already has a value");
+        return(-1);
     }
 
     rsa = RSA_new();
     if(rsa == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "RSA_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "RSA_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecGetNextElementNode(node->children);
-    
+
     /* first is Modulus node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur,  xmlSecNodeRSAModulus, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	RSA_free(rsa);	
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        RSA_free(rsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(rsa->n)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        RSA_free(rsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is Exponent node. It is REQUIRED because we do not support Seed and PgenCounter*/
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeRSAExponent, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        RSA_free(rsa);
+        return(-1);
     }
     if(xmlSecOpenSSLNodeGetBNValue(cur, &(rsa->e)) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeGetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeGetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        RSA_free(rsa);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeRSAPrivateExponent, xmlSecNs))) {
         /* next is X node. It is REQUIRED for private key but
-	 * we are not sure exactly what do we read */
-	if(xmlSecOpenSSLNodeGetBNValue(cur, &(rsa->d)) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLNodeGetBNValue",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
-	    RSA_free(rsa);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+         * we are not sure exactly what do we read */
+        if(xmlSecOpenSSLNodeGetBNValue(cur, &(rsa->d)) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLNodeGetBNValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+            RSA_free(rsa);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "no nodes expected");
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "no nodes expected");
+        RSA_free(rsa);
+        return(-1);
     }
 
     data = xmlSecKeyDataCreate(id);
     if(data == NULL ) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        RSA_free(rsa);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLKeyDataRsaAdoptRsa",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLKeyDataRsaAdoptRsa",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        RSA_free(rsa);
+        return(-1);
     }
 
     ret = xmlSecKeySetValue(key, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeySetValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDataDestroy(data);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeySetValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDataDestroy(data);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                            xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlNodePtr cur;
     RSA* rsa;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecOpenSSLKeyDataRsaId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataRsaId), -1);
@@ -1387,80 +1679,80 @@ xmlSecOpenSSLKeyDataRsaXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     rsa = xmlSecOpenSSLKeyDataRsaGetRsa(xmlSecKeyGetValue(key));
     xmlSecAssert2(rsa != NULL, -1);
-    
+
     if(((xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate) & keyInfoCtx->keyReq.keyType) == 0) {
-	/* we can have only private key or public key */
-	return(0);
-    }    
+        /* we can have only private key or public key */
+        return(0);
+    }
 
     /* first is Modulus node */
     cur = xmlSecAddChild(node, xmlSecNodeRSAModulus, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, rsa->n, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAModulus));
+        return(-1);
+    }
 
     /* next is Exponent node. */
     cur = xmlSecAddChild(node, xmlSecNodeRSAExponent, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        return(-1);
     }
     ret = xmlSecOpenSSLNodeSetBNValue(cur, rsa->e, 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLNodeSetBNValue",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLNodeSetBNValue",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRSAExponent));
+        return(-1);
     }
 
     /* next is PrivateExponent node: write it ONLY for private keys and ONLY if it is requested */
     if(((keyInfoCtx->keyReq.keyType & xmlSecKeyDataTypePrivate) != 0) && (rsa->d != NULL)) {
-	cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
-	    return(-1);	
-	}
-	ret = xmlSecOpenSSLNodeSetBNValue(cur, rsa->d, 1);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLNodeSetBNValue",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
-	    return(-1);
-	}
-    }
-    
+        cur = xmlSecAddChild(node, xmlSecNodeRSAPrivateExponent, xmlSecNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+            return(-1);
+        }
+        ret = xmlSecOpenSSLNodeSetBNValue(cur, rsa->d, 1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLNodeSetBNValue",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRSAPrivateExponent));
+            return(-1);
+        }
+    }
+
     return(0);
 }
 
@@ -1468,29 +1760,29 @@ static int
 xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     RSA* rsa;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), -1);
     xmlSecAssert2(sizeBits > 0, -1);
 
-    rsa = RSA_generate_key(sizeBits, 3, NULL, NULL); 
+    rsa = RSA_generate_key(sizeBits, 3, NULL, NULL);
     if(rsa == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "RSA_generate_key",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "sizeBits=%d", sizeBits);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "RSA_generate_key",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "sizeBits=%d", sizeBits);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataRsaAdoptRsa(data, rsa);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataRsaAdoptRsa",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	RSA_free(rsa);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataRsaAdoptRsa",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        RSA_free(rsa);
+        return(-1);
     }
 
     return(0);
@@ -1499,30 +1791,30 @@ xmlSecOpenSSLKeyDataRsaGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
 static xmlSecKeyDataType
 xmlSecOpenSSLKeyDataRsaGetType(xmlSecKeyDataPtr data) {
     RSA* rsa;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId), xmlSecKeyDataTypeUnknown);
-    
+
     rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
     if((rsa != NULL) && (rsa->n != NULL) && (rsa->e != NULL)) {
-	if(rsa->d != NULL) {
-	    return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
-	} else if(rsa->engine != NULL) {
-	    /*
-	     * !!! HACK !!! Also see DSA key
-	     * We assume here that engine *always* has private key.
-	     * This might be incorrect but it seems that there is no
-	     * way to ask engine if given key is private or not.
-	     */
-	    return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
-	} else {
-	    return(xmlSecKeyDataTypePublic);
-	}
+        if(rsa->d != NULL) {
+            return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        } else if(rsa->engine != NULL) {
+            /*
+             * !!! HACK !!! Also see DSA key
+             * We assume here that engine *always* has private key.
+             * This might be incorrect but it seems that there is no
+             * way to ask engine if given key is private or not.
+             */
+            return(xmlSecKeyDataTypePrivate | xmlSecKeyDataTypePublic);
+        } else {
+            return(xmlSecKeyDataTypePublic);
+        }
     }
 
     return(xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
     RSA* rsa;
 
@@ -1530,30 +1822,154 @@ xmlSecOpenSSLKeyDataRsaGetSize(xmlSecKeyDataPtr data) {
 
     rsa = xmlSecOpenSSLKeyDataRsaGetRsa(data);
     if((rsa != NULL) && (rsa->n != NULL)) {
-	return(BN_num_bits(rsa->n));
-    }    
+        return(BN_num_bits(rsa->n));
+    }
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLKeyDataRsaDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
     xmlSecAssert(output != NULL);
-    
-    fprintf(output, "=== rsa key: size = %d\n", 
-	    xmlSecOpenSSLKeyDataRsaGetSize(data));
+
+    fprintf(output, "=== rsa key: size = %d\n",
+            xmlSecOpenSSLKeyDataRsaGetSize(data));
 }
 
 static void
 xmlSecOpenSSLKeyDataRsaDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataRsaId));
     xmlSecAssert(output != NULL);
-        
-    fprintf(output, "<RSAKeyValue size=\"%d\" />\n", 
-	    xmlSecOpenSSLKeyDataRsaGetSize(data));
+
+    fprintf(output, "<RSAKeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataRsaGetSize(data));
 }
-    
+
 #endif /* XMLSEC_NO_RSA */
 
 
+#ifndef XMLSEC_NO_GOST
+/**************************************************************************
+ *
+ * GOST2001 xml key representation processing. Contain errors.
+ *
+ *************************************************************************/
+static int              xmlSecOpenSSLKeyDataGost2001Initialize(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataGost2001Duplicate(xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataGost2001Finalize(xmlSecKeyDataPtr data);
+
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data);
+static xmlSecSize        xmlSecOpenSSLKeyDataGost2001GetSize(xmlSecKeyDataPtr data);
+static void              xmlSecOpenSSLKeyDataGost2001DebugDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void             xmlSecOpenSSLKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data,
+                                                         FILE* output);
+
+static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataGost2001Klass = {
+    sizeof(xmlSecKeyDataKlass),
+    xmlSecOpenSSLEvpKeyDataSize,
+
+    /* data */
+    xmlSecNameGOST2001KeyValue,
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                        /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefGOST2001KeyValue,         /* const xmlChar* href; */
+    xmlSecNodeGOST2001KeyValue,         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                       /* const xmlChar* dataNodeNs; */
+
+    /* constructors/destructor */
+    xmlSecOpenSSLKeyDataGost2001Initialize,    /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataGost2001Duplicate,     /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataGost2001Finalize,      /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL, /* xmlSecOpenSSLKeyDataGost2001Generate,*/   /* xmlSecKeyDataGenerateMethod generate; */
+
+    /* get info */
+    xmlSecOpenSSLKeyDataGost2001GetType,       /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLKeyDataGost2001GetSize,       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                               /* xmlSecKeyDataGetIdentifier getIdentifier; */
+
+    /* read/write */
+    NULL,       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                               /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                               /* xmlSecKeyDataBinWriteMethod binWrite; */
+
+    /* debug */
+    xmlSecOpenSSLKeyDataGost2001DebugDump,     /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataGost2001DebugXmlDump,/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+
+    /* reserved for the future */
+    NULL,                               /* void* reserved0; */
+    NULL,                               /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLKeyDataGost2001GetKlass:
+ *
+ * The GOST2001 key data klass.
+ *
+ * Returns: pointer to GOST2001 key data klass.
+ */
+xmlSecKeyDataId
+xmlSecOpenSSLKeyDataGost2001GetKlass(void) {
+    return(&xmlSecOpenSSLKeyDataGost2001Klass);
+}
+
+
+static int
+xmlSecOpenSSLKeyDataGost2001Initialize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataInitialize(data));
+}
+
+static int
+xmlSecOpenSSLKeyDataGost2001Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataGost2001Id), -1);
+    xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataGost2001Id), -1);
+
+    return(xmlSecOpenSSLEvpKeyDataDuplicate(dst, src));
+}
+
+static void
+xmlSecOpenSSLKeyDataGost2001Finalize(xmlSecKeyDataPtr data) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id));
+
+    xmlSecOpenSSLEvpKeyDataFinalize(data);
+}
+
+static xmlSecKeyDataType
+xmlSecOpenSSLKeyDataGost2001GetType(xmlSecKeyDataPtr data) {
+	/* Now I don't know how to find whether we have both private and public key 
+	or the public only*/
+	return(xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
+}
+
+static xmlSecSize
+xmlSecOpenSSLKeyDataGost2001GetSize(xmlSecKeyDataPtr data) {
+    xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id), 0);
+
+    return 512;
+}
+
+static void
+xmlSecOpenSSLKeyDataGost2001DebugDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "=== gost key: size = %d\n",
+            xmlSecOpenSSLKeyDataGost2001GetSize(data));
+}
+
+static void
+xmlSecOpenSSLKeyDataGost2001DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
+    xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataGost2001Id));
+    xmlSecAssert(output != NULL);
+
+    fprintf(output, "<GOST2001KeyValue size=\"%d\" />\n",
+            xmlSecOpenSSLKeyDataGost2001GetSize(data));
+}
+
+#endif /* XMLSEC_NO_GOST*/
 
diff --git a/src/openssl/globals.h b/src/openssl/globals.h
index 272a27b8..770b6dba 100644
--- a/src/openssl/globals.h
+++ b/src/openssl/globals.h
@@ -5,14 +5,14 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GLOBALS_H__
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
diff --git a/src/openssl/hmac.c b/src/openssl/hmac.c
index 0b6605b8..bad1ac03 100644
--- a/src/openssl/hmac.c
+++ b/src/openssl/hmac.c
@@ -1,18 +1,18 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * HMAC Algorithm support (http://www.w3.org/TR/xmldsig-core/#sec-HMAC):
- * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits 
- * as a parameter; if the parameter is not specified then all the bits of the 
- * hash are output. An example of an HMAC SignatureMethod element:  
+ * The HMAC algorithm (RFC2104 [HMAC]) takes the truncation length in bits
+ * as a parameter; if the parameter is not specified then all the bits of the
+ * hash are output. An example of an HMAC SignatureMethod element:
  * <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1">
  *   <HMACOutputLength>128</HMACOutputLength>
  * </SignatureMethod>
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef XMLSEC_NO_HMAC
@@ -34,8 +34,8 @@
 #include <xmlsec/openssl/crypto.h>
 
 /* sizes in bits */
-#define XMLSEC_OPENSSL_MIN_HMAC_SIZE		80
-#define XMLSEC_OPENSSL_MAX_HMAC_SIZE		(EVP_MAX_MD_SIZE * 8)
+#define XMLSEC_OPENSSL_MIN_HMAC_SIZE            80
+#define XMLSEC_OPENSSL_MAX_HMAC_SIZE            (EVP_MAX_MD_SIZE * 8)
 
 /**************************************************************************
  *
@@ -45,10 +45,10 @@
 static int g_xmlsec_openssl_hmac_min_length = XMLSEC_OPENSSL_MIN_HMAC_SIZE;
 
 /**
- * xmlSecOpenSSLHmacGetMinOutputLength: 
- * 
+ * xmlSecOpenSSLHmacGetMinOutputLength:
+ *
  * Gets the value of min HMAC length.
- * 
+ *
  * Returns: the min HMAC output length
  */
 int xmlSecOpenSSLHmacGetMinOutputLength(void)
@@ -57,9 +57,9 @@ int xmlSecOpenSSLHmacGetMinOutputLength(void)
 }
 
 /**
- * xmlSecOpenSSLHmacSetMinOutputLength: 
- * @min_length: the new min length 
- * 
+ * xmlSecOpenSSLHmacSetMinOutputLength:
+ * @min_length: the new min length
+ *
  * Sets the min HMAC output length
  */
 void xmlSecOpenSSLHmacSetMinOutputLength(int min_length)
@@ -72,14 +72,14 @@ void xmlSecOpenSSLHmacSetMinOutputLength(int min_length)
  * Internal OpenSSL HMAC CTX
  *
  *****************************************************************************/
-typedef struct _xmlSecOpenSSLHmacCtx		xmlSecOpenSSLHmacCtx, *xmlSecOpenSSLHmacCtxPtr;
+typedef struct _xmlSecOpenSSLHmacCtx            xmlSecOpenSSLHmacCtx, *xmlSecOpenSSLHmacCtxPtr;
 struct _xmlSecOpenSSLHmacCtx {
-    const EVP_MD*	hmacDgst;
-    HMAC_CTX		hmacCtx;
-    int			ctxInitialized;
-    xmlSecByte 		dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
-    xmlSecSize		dgstSize;	/* dgst size in bits */
-};	    
+    const EVP_MD*       hmacDgst;
+    HMAC_CTX            hmacCtx;
+    int                 ctxInitialized;
+    xmlSecByte          dgst[XMLSEC_OPENSSL_MAX_HMAC_SIZE];
+    xmlSecSize          dgstSize;       /* dgst size in bits */
+};
 
 /**************************************************************************
  *
@@ -90,26 +90,26 @@ struct _xmlSecOpenSSLHmacCtx {
  *****************************************************************************/
 #define xmlSecOpenSSLHmacGetCtx(transform) \
     ((xmlSecOpenSSLHmacCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecOpenSSLHmacSize	\
+#define xmlSecOpenSSLHmacSize   \
     (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLHmacCtx))
 
-static int	xmlSecOpenSSLHmacCheckId			(xmlSecTransformPtr transform);
-static int	xmlSecOpenSSLHmacInitialize			(xmlSecTransformPtr transform);
-static void	xmlSecOpenSSLHmacFinalize			(xmlSecTransformPtr transform);
-static int 	xmlSecOpenSSLHmacNodeRead			(xmlSecTransformPtr transform,
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecOpenSSLHmacSetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecOpenSSLHmacSetKey				(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLHmacVerify				(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecOpenSSLHmacExecute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLHmacCheckId                        (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLHmacInitialize                     (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLHmacFinalize                       (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLHmacNodeRead                       (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLHmacSetKeyReq                      (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLHmacSetKey                         (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLHmacVerify                         (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLHmacExecute                        (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 
 static int
@@ -117,117 +117,119 @@ xmlSecOpenSSLHmacCheckId(xmlSecTransformPtr transform) {
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha1Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA1 */    
+#endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha224Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA224 */    
-    
+#endif /* XMLSEC_NO_SHA224 */
+
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha256Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA256 */    
+#endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha384Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA384 */    
+#endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha512Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_SHA512 */    
+#endif /* XMLSEC_NO_SHA512 */
 
 #ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacRipemd160Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_RIPEMD160 */    
+#endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacMd5Id)) {
-	return(1);
+        return(1);
     } else
-#endif /* XMLSEC_NO_MD5 */    
+#endif /* XMLSEC_NO_MD5 */
 
+    /* not found */
     {
-	return(0);
+        return(0);
     }
-    
+
+    /* just in case */
     return(0);
 }
 
 
 
-static int 
+static int
 xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLHmacCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
 
     ctx = xmlSecOpenSSLHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     /* initialize context */
     memset(ctx, 0, sizeof(xmlSecOpenSSLHmacCtx));
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha1Id)) {
         ctx->hmacDgst = EVP_sha1();
-    } else 
-#endif /* XMLSEC_NO_SHA1 */    
+    } else
+#endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha224Id)) {
         ctx->hmacDgst = EVP_sha224();
-    } else 
-#endif /* XMLSEC_NO_SHA224 */    
+    } else
+#endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha256Id)) {
         ctx->hmacDgst = EVP_sha256();
-    } else 
-#endif /* XMLSEC_NO_SHA256 */    
-    
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha384Id)) {
         ctx->hmacDgst = EVP_sha384();
-    } else 
-#endif /* XMLSEC_NO_SHA384 */    
+    } else
+#endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacSha512Id)) {
         ctx->hmacDgst = EVP_sha512();
-    } else 
-#endif /* XMLSEC_NO_SHA512 */    
+    } else
+#endif /* XMLSEC_NO_SHA512 */
 
-#ifndef XMLSEC_NO_RIPEMD160 
+#ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacRipemd160Id)) {
         ctx->hmacDgst = EVP_ripemd160();
-    } else 
+    } else
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformHmacMd5Id)) {
         ctx->hmacDgst = EVP_md5();
-    } else 
+    } else
 #endif /* XMLSEC_NO_MD5 */
-    
+
     {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_OPENSSL_096
@@ -236,7 +238,7 @@ xmlSecOpenSSLHmacInitialize(xmlSecTransformPtr transform) {
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLHmacFinalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLHmacCtxPtr ctx;
 
@@ -245,7 +247,7 @@ xmlSecOpenSSLHmacFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLHmacGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
 #ifndef XMLSEC_OPENSSL_096
     HMAC_CTX_cleanup(&(ctx->hmacCtx));
 #endif /* XMLSEC_OPENSSL_096 */
@@ -265,44 +267,44 @@ xmlSecOpenSSLHmacNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecT
     ctx = xmlSecOpenSSLHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    cur = xmlSecGetNextElementNode(node->children); 
-    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {  
-	xmlChar *content;
-	
-	content = xmlNodeGetContent(cur);
-	if(content != NULL) {
-	    ctx->dgstSize = atoi((char*)content);	    
-	    xmlFree(content);
-	}
-
-	/* Ensure that HMAC length is greater than min specified.
-	   Otherwise, an attacker can set this lenght to 0 or very 
-	   small value
-	*/
-	if((int)ctx->dgstSize < xmlSecOpenSSLHmacGetMinOutputLength()) {
- 	   xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),		    
-		    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-		    "HMAC output length is too small");
-	   return(-1);
-	}
-
-	cur = xmlSecGetNextElementNode(cur->next);
+    cur = xmlSecGetNextElementNode(node->children);
+    if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeHMACOutputLength, xmlSecDSigNs)) {
+        xmlChar *content;
+
+        content = xmlNodeGetContent(cur);
+        if(content != NULL) {
+            ctx->dgstSize = atoi((char*)content);
+            xmlFree(content);
+        }
+
+        /* Ensure that HMAC length is greater than min specified.
+           Otherwise, an attacker can set this length to 0 or very
+           small value
+        */
+        if((int)ctx->dgstSize < xmlSecOpenSSLHmacGetMinOutputLength()) {
+           xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                    "HMAC output length is too small");
+           return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    return(0); 
+    return(0);
 }
 
-static int  
+static int
 xmlSecOpenSSLHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecAssert2(xmlSecOpenSSLHmacCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
@@ -312,11 +314,11 @@ xmlSecOpenSSLHmacSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq
     keyReq->keyId   = xmlSecOpenSSLKeyDataHmacId;
     keyReq->keyType = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationSign) {
-	keyReq->keyUsage = xmlSecKeyUsageSign;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
     }
-    
+
     return(0);
 }
 
@@ -335,7 +337,7 @@ xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->hmacDgst != NULL, -1);
     xmlSecAssert2(ctx->ctxInitialized == 0, -1);
-    
+
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(xmlSecKeyDataCheckId(value, xmlSecOpenSSLKeyDataHmacId), -1);
 
@@ -343,33 +345,33 @@ xmlSecOpenSSLHmacSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(buffer != NULL, -1);
 
     if(xmlSecBufferGetSize(buffer) == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "keySize=0");
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "keySize=0");
+        return(-1);
     }
-    
+
     xmlSecAssert2(xmlSecBufferGetData(buffer) != NULL, -1);
-    HMAC_Init(&(ctx->hmacCtx), 
-		xmlSecBufferGetData(buffer),  
-		xmlSecBufferGetSize(buffer), 
-		ctx->hmacDgst); 
+    HMAC_Init(&(ctx->hmacCtx),
+                xmlSecBufferGetData(buffer),
+                xmlSecBufferGetSize(buffer),
+                ctx->hmacDgst);
     ctx->ctxInitialized = 1;
     return(0);
 }
 
 static int
-xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
-    static xmlSecByte last_byte_masks[] = 	
-		{ 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
+xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
+    static xmlSecByte last_byte_masks[] =
+                { 0xFF, 0x80, 0xC0, 0xE0, 0xF0, 0xF8, 0xFC, 0xFE };
 
     xmlSecOpenSSLHmacCtxPtr ctx;
     xmlSecByte mask;
-        
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
@@ -380,61 +382,61 @@ xmlSecOpenSSLHmacVerify(xmlSecTransformPtr transform,
     ctx = xmlSecOpenSSLHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->dgstSize > 0, -1);
-    
+
     /* compare the digest size in bytes */
     if(dataSize != ((ctx->dgstSize + 7) / 8)){
-	/* NO COMMIT */
-	xmlChar* a;
-	mask = last_byte_masks[ctx->dgstSize % 8];
-	ctx->dgst[dataSize - 1] &= mask;
-	a = xmlSecBase64Encode(ctx->dgst, (ctx->dgstSize + 7) / 8, -1);
-	fprintf(stderr, "%s\n", a);
-	xmlFree(a);
-
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "data=%d;dgst=%d",
-		    dataSize, ((ctx->dgstSize + 7) / 8));
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        /* NO COMMIT */
+        xmlChar* a;
+        mask = last_byte_masks[ctx->dgstSize % 8];
+        ctx->dgst[dataSize - 1] &= mask;
+        a = xmlSecBase64Encode(ctx->dgst, (ctx->dgstSize + 7) / 8, -1);
+        fprintf(stderr, "%s\n", a);
+        xmlFree(a);
+
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "data=%d;dgst=%d",
+                    dataSize, ((ctx->dgstSize + 7) / 8));
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
 
     /* we check the last byte separatelly */
     xmlSecAssert2(dataSize > 0, -1);
     mask = last_byte_masks[ctx->dgstSize % 8];
     if((ctx->dgst[dataSize - 1] & mask) != (data[dataSize - 1]  & mask)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match (last byte)");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match (last byte)");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
 
     /* now check the rest of the digest */
     if((dataSize > 1) && (memcmp(ctx->dgst, data, dataSize - 1) != 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "data and digest do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "data and digest do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-    
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLHmacCtxPtr ctx;
     xmlSecBufferPtr in, out;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLHmacSize), -1);
@@ -446,120 +448,122 @@ xmlSecOpenSSLHmacExecute(xmlSecTransformPtr transform, int last, xmlSecTransform
     ctx = xmlSecOpenSSLHmacGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->ctxInitialized != 0, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	/* we should be already initialized when we set key */
-	transform->status = xmlSecTransformStatusWorking;
+        /* we should be already initialized when we set key */
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if(transform->status == xmlSecTransformStatusWorking) {
-	xmlSecSize inSize;
-	
-	inSize = xmlSecBufferGetSize(in);
-	if(inSize > 0) {
-	    HMAC_Update(&(ctx->hmacCtx), xmlSecBufferGetData(in), inSize);
-	    
-	    ret = xmlSecBufferRemoveHead(in, inSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferRemoveHead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize);
-		return(-1);
-	    }
-	}
-    	
-	if(last) {
-	    xmlSecSize dgstSize;
-	    
-	    HMAC_Final(&(ctx->hmacCtx), ctx->dgst, &dgstSize);
-	    xmlSecAssert2(dgstSize > 0, -1);
-	    	    
-	    /* check/set the result digest size */
-	    if(ctx->dgstSize == 0) {
-		ctx->dgstSize = dgstSize * 8; /* no dgst size specified, use all we have */
-	    } else if(ctx->dgstSize <= 8 * dgstSize) {
-		dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
-	    } else {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_SIZE,
-			    "result-bits=%d;required-bits=%d",
-			    8 * dgstSize, ctx->dgstSize);
-		return(-1);
-	    }
-	    
-	    /* finally write result to output */    
-	    if(transform->operation == xmlSecTransformOperationSign) {
-		ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE, 
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferAppend",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", dgstSize);
-		    return(-1);
-		}
-	    }
-	    transform->status = xmlSecTransformStatusFinished;
-	}
+        xmlSecSize inSize;
+
+        inSize = xmlSecBufferGetSize(in);
+        if(inSize > 0) {
+            HMAC_Update(&(ctx->hmacCtx), xmlSecBufferGetData(in), inSize);
+
+            ret = xmlSecBufferRemoveHead(in, inSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferRemoveHead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize);
+                return(-1);
+            }
+        }
+
+        if(last) {
+            unsigned int dgstSize;
+
+            HMAC_Final(&(ctx->hmacCtx), ctx->dgst, &dgstSize);
+            xmlSecAssert2(dgstSize > 0, -1);
+
+            /* check/set the result digest size */
+            if(ctx->dgstSize == 0) {
+                ctx->dgstSize = XMLSEC_SIZE_BAD_CAST(dgstSize * 8); /* no dgst size specified, use all we have */
+            } else if(ctx->dgstSize <= XMLSEC_SIZE_BAD_CAST(8 * dgstSize)) {
+                dgstSize = ((ctx->dgstSize + 7) / 8); /* we need to truncate result digest */
+            } else {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_SIZE,
+                            "result-bits=%d;required-bits=%d",
+                            8 * dgstSize, ctx->dgstSize);
+                return(-1);
+            }
+
+            /* finally write result to output */
+            if(transform->operation == xmlSecTransformOperationSign) {
+                ret = xmlSecBufferAppend(out, ctx->dgst, dgstSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferAppend",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", dgstSize);
+                    return(-1);
+                }
+            }
+            transform->status = xmlSecTransformStatusFinished;
+        }
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(in) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
-#ifndef XMLSEC_NO_MD5 
+#ifndef XMLSEC_NO_MD5
 
-/** 
+/********************************************************************
+ *
  * HMAC MD5
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacMd5Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacMd5,				/* const xmlChar* name; */
-    xmlSecHrefHmacMd5, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-	
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacMd5,                          /* const xmlChar* name; */
+    xmlSecHrefHmacMd5,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacMd5GetKlass:
  *
  * The HMAC-MD5 transform klass.
  *
  * Returns: the HMAC-MD5 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacMd5GetKlass(void) {
     return(&xmlSecOpenSSLHmacMd5Klass);
 }
@@ -567,89 +571,93 @@ xmlSecOpenSSLTransformHmacMd5GetKlass(void) {
 #endif /* XMLSEC_NO_MD5 */
 
 
-#ifndef XMLSEC_NO_RIPEMD160 
-/** 
- * HMAC RIPEMD160 
- */
+#ifndef XMLSEC_NO_RIPEMD160
+/********************************************************************
+ *
+ * HMAC RIPEMD160
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacRipemd160Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacRipemd160,			/* const xmlChar* name; */
-    xmlSecHrefHmacRipemd160, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacRipemd160,                    /* const xmlChar* name; */
+    xmlSecHrefHmacRipemd160,                    /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacRipemd160GetKlass:
  *
  * The HMAC-RIPEMD160 transform klass.
  *
  * Returns: the HMAC-RIPEMD160 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacRipemd160GetKlass(void) {
     return(&xmlSecOpenSSLHmacRipemd160Klass);
 }
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
-/** 
+/********************************************************************
+ *
  * HMAC SHA1
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha1,				/* const xmlChar* name; */
-    xmlSecHrefHmacSha1, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha1,                         /* const xmlChar* name; */
+    xmlSecHrefHmacSha1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacSha1GetKlass:
  *
  * The HMAC-SHA1 transform klass.
  *
  * Returns: the HMAC-SHA1 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacSha1GetKlass(void) {
     return(&xmlSecOpenSSLHmacSha1Klass);
 }
@@ -657,44 +665,46 @@ xmlSecOpenSSLTransformHmacSha1GetKlass(void) {
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
-/** 
+/********************************************************************
+ *
  * HMAC SHA224
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacSha224Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha224,			/* const xmlChar* name; */
-    xmlSecHrefHmacSha224, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha224,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha224,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacSha224GetKlass:
  *
  * The HMAC-SHA224 transform klass.
  *
  * Returns: the HMAC-SHA224 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacSha224GetKlass(void) {
     return(&xmlSecOpenSSLHmacSha224Klass);
 }
@@ -702,44 +712,46 @@ xmlSecOpenSSLTransformHmacSha224GetKlass(void) {
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
-/** 
+/********************************************************************
+ *
  * HMAC SHA256
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacSha256Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha256,			/* const xmlChar* name; */
-    xmlSecHrefHmacSha256, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha256,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha256,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacSha256GetKlass:
  *
  * The HMAC-SHA256 transform klass.
  *
  * Returns: the HMAC-SHA256 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacSha256GetKlass(void) {
     return(&xmlSecOpenSSLHmacSha256Klass);
 }
@@ -747,44 +759,46 @@ xmlSecOpenSSLTransformHmacSha256GetKlass(void) {
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
-/** 
+/********************************************************************
+ *
  * HMAC SHA384
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacSha384Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha384,			/* const xmlChar* name; */
-    xmlSecHrefHmacSha384, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha384,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha384,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacSha384GetKlass:
  *
  * The HMAC-SHA384 transform klass.
  *
  * Returns: the HMAC-SHA384 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacSha384GetKlass(void) {
     return(&xmlSecOpenSSLHmacSha384Klass);
 }
@@ -792,44 +806,46 @@ xmlSecOpenSSLTransformHmacSha384GetKlass(void) {
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
-/** 
+/********************************************************************
+ *
  * HMAC SHA512
- */
+ *
+ ********************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLHmacSha512Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLHmacSize,			/* xmlSecSize objSize */
-
-    xmlSecNameHmacSha512,			/* const xmlChar* name; */
-    xmlSecHrefHmacSha512, 			/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLHmacInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLHmacFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLHmacNodeRead,			/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLHmacSetKeyReq,			/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLHmacSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLHmacVerify,			/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLHmacExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLHmacSize,                      /* xmlSecSize objSize */
+
+    xmlSecNameHmacSha512,                       /* const xmlChar* name; */
+    xmlSecHrefHmacSha512,                       /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLHmacInitialize,                /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLHmacFinalize,                  /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLHmacNodeRead,                  /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLHmacSetKeyReq,                 /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLHmacSetKey,                    /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLHmacVerify,                    /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLHmacExecute,                   /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformHmacSha512GetKlass:
  *
  * The HMAC-SHA512 transform klass.
  *
  * Returns: the HMAC-SHA512 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformHmacSha512GetKlass(void) {
     return(&xmlSecOpenSSLHmacSha512Klass);
 }
diff --git a/src/openssl/kt_rsa.c b/src/openssl/kt_rsa.c
index 1ed3685e..1cf1aba1 100644
--- a/src/openssl/kt_rsa.c
+++ b/src/openssl/kt_rsa.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * RSA Algorithms support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -40,11 +40,11 @@
  * Internal OpenSSL RSA PKCS1 CTX
  *
  *************************************************************************/
-typedef struct _xmlSecOpenSSLRsaPkcs1Ctx	xmlSecOpenSSLRsaPkcs1Ctx, 
-						*xmlSecOpenSSLRsaPkcs1CtxPtr;
+typedef struct _xmlSecOpenSSLRsaPkcs1Ctx        xmlSecOpenSSLRsaPkcs1Ctx,
+                                                *xmlSecOpenSSLRsaPkcs1CtxPtr;
 struct _xmlSecOpenSSLRsaPkcs1Ctx {
-    EVP_PKEY*		pKey;
-};	    
+    EVP_PKEY*           pKey;
+};
 
 /*********************************************************************
  *
@@ -53,77 +53,77 @@ struct _xmlSecOpenSSLRsaPkcs1Ctx {
  * xmlSecOpenSSLRsaPkcs1Ctx is located after xmlSecTransform
  *
  ********************************************************************/
-#define xmlSecOpenSSLRsaPkcs1Size	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaPkcs1Ctx))	
+#define xmlSecOpenSSLRsaPkcs1Size       \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaPkcs1Ctx))
 #define xmlSecOpenSSLRsaPkcs1GetCtx(transform) \
     ((xmlSecOpenSSLRsaPkcs1CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int 	xmlSecOpenSSLRsaPkcs1Initialize			(xmlSecTransformPtr transform);
-static void 	xmlSecOpenSSLRsaPkcs1Finalize			(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLRsaPkcs1SetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecOpenSSLRsaPkcs1SetKey			(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLRsaPkcs1Execute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecOpenSSLRsaPkcs1Process			(xmlSecTransformPtr transform, 
-								 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLRsaPkcs1Initialize                 (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLRsaPkcs1Finalize                   (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLRsaPkcs1SetKeyReq                  (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLRsaPkcs1SetKey                     (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLRsaPkcs1Execute                    (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLRsaPkcs1Process                    (xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecOpenSSLRsaPkcs1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLRsaPkcs1Size,			/* xmlSecSize objSize */
-
-    xmlSecNameRsaPkcs1,				/* const xmlChar* name; */
-    xmlSecHrefRsaPkcs1, 			/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLRsaPkcs1Initialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLRsaPkcs1Finalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLRsaPkcs1SetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLRsaPkcs1SetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLRsaPkcs1Execute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLRsaPkcs1Size,                  /* xmlSecSize objSize */
+
+    xmlSecNameRsaPkcs1,                         /* const xmlChar* name; */
+    xmlSecHrefRsaPkcs1,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLRsaPkcs1Initialize,            /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLRsaPkcs1Finalize,              /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLRsaPkcs1SetKeyReq,             /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLRsaPkcs1SetKey,                /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLRsaPkcs1Execute,               /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformRsaPkcs1GetKlass:
  *
  * The RSA-PKCS1 key transport transform klass.
  *
  * Returns: RSA-PKCS1 key transport transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaPkcs1GetKlass(void) {
     return(&xmlSecOpenSSLRsaPkcs1Klass);
 }
 
-static int 
+static int
 xmlSecOpenSSLRsaPkcs1Initialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size), -1);
 
     ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecOpenSSLRsaPkcs1Ctx));
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLRsaPkcs1Finalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
 
@@ -132,14 +132,14 @@ xmlSecOpenSSLRsaPkcs1Finalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
     memset(ctx, 0, sizeof(xmlSecOpenSSLRsaPkcs1Ctx));
 }
 
-static int  
+static int
 xmlSecOpenSSLRsaPkcs1SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
 
@@ -151,22 +151,22 @@ xmlSecOpenSSLRsaPkcs1SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr ke
     ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    keyReq->keyId 	 = xmlSecOpenSSLKeyDataRsaId;
+    keyReq->keyId        = xmlSecOpenSSLKeyDataRsaId;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
         keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
         keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
-    }    
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+    }
     return(0);
 }
 
-static int  	
+static int
 xmlSecOpenSSLRsaPkcs1SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
     EVP_PKEY* pKey;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaPkcs1Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaPkcs1Size), -1);
@@ -179,30 +179,30 @@ xmlSecOpenSSLRsaPkcs1SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
 
     pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key));
     if(pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLKeyDataRsaGetEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLKeyDataRsaGetEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1);    
-    xmlSecAssert2(pKey->pkey.rsa != NULL, -1);    
-    
-    ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);    
+    xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1);
+    xmlSecAssert2(pKey->pkey.rsa != NULL, -1);
+
+    ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
     if(ctx->pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLEvpKeyDup",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLEvpKeyDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLRsaPkcs1Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
     int ret;
@@ -217,37 +217,37 @@ xmlSecOpenSSLRsaPkcs1Execute(xmlSecTransformPtr transform, int last, xmlSecTrans
     xmlSecAssert2(ctx->pKey != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    } 
-    
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	ret = xmlSecOpenSSLRsaPkcs1Process(transform, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecOpenSSLRsaPkcs1Process",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusFinished;
+        ret = xmlSecOpenSSLRsaPkcs1Process(transform, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecOpenSSLRsaPkcs1Process",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
-static int  
+static int
 xmlSecOpenSSLRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLRsaPkcs1CtxPtr ctx;
     xmlSecBufferPtr in, out;
@@ -263,110 +263,110 @@ xmlSecOpenSSLRsaPkcs1Process(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
     ctx = xmlSecOpenSSLRsaPkcs1GetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->pKey != NULL, -1);
-    xmlSecAssert2(ctx->pKey->type == EVP_PKEY_RSA, -1);    
-    xmlSecAssert2(ctx->pKey->pkey.rsa != NULL, -1);    
-    
+    xmlSecAssert2(ctx->pKey->type == EVP_PKEY_RSA, -1);
+    xmlSecAssert2(ctx->pKey->pkey.rsa != NULL, -1);
+
     keySize = RSA_size(ctx->pKey->pkey.rsa);
     xmlSecAssert2(keySize > 0, -1);
-    
+
     in = &(transform->inBuf);
     out = &(transform->outBuf);
-	
+
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
 
     /* the encoded size is equal to the keys size so we could not
      * process more than that */
     if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "%d when expected less than %d", inSize, keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "%d when expected less than %d", inSize, keySize);
+        return(-1);
     } else if((transform->operation == xmlSecTransformOperationDecrypt) && (inSize != keySize)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "%d when expected %d", inSize, keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "%d when expected %d", inSize, keySize);
+        return(-1);
     }
-	
-    outSize = keySize; 
+
+    outSize = keySize;
     ret = xmlSecBufferSetMaxSize(out, outSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize);
+        return(-1);
     }
 
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_PKCS1_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_public_encrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	outSize = ret;
+        ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_PKCS1_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_public_encrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+        outSize = ret;
     } else {
-	ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_PKCS1_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_private_decrypt",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	outSize = ret;
+        ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_PKCS1_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_private_decrypt",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+        outSize = ret;
     }
 
     ret = xmlSecBufferSetSize(out, outSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetSize",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize);
+        return(-1);
     }
-	
+
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-        xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**************************************************************************
  *
- * Internal OpenSSL RSA OAPE CTX
+ * Internal OpenSSL RSA OAEP CTX
  *
  *************************************************************************/
-typedef struct _xmlSecOpenSSLRsaOaepCtx		xmlSecOpenSSLRsaOaepCtx, 
-						*xmlSecOpenSSLRsaOaepCtxPtr;
+typedef struct _xmlSecOpenSSLRsaOaepCtx         xmlSecOpenSSLRsaOaepCtx,
+                                                *xmlSecOpenSSLRsaOaepCtxPtr;
 struct _xmlSecOpenSSLRsaOaepCtx {
-    EVP_PKEY*		pKey;
-    xmlSecBuffer	oaepParams;
-};	    
+    EVP_PKEY*           pKey;
+    xmlSecBuffer        oaepParams;
+};
 
 /*********************************************************************
  *
@@ -375,91 +375,91 @@ struct _xmlSecOpenSSLRsaOaepCtx {
  * xmlSecOpenSSLRsaOaepCtx is located after xmlSecTransform
  *
  ********************************************************************/
-#define xmlSecOpenSSLRsaOaepSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaOaepCtx))	
+#define xmlSecOpenSSLRsaOaepSize        \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLRsaOaepCtx))
 #define xmlSecOpenSSLRsaOaepGetCtx(transform) \
     ((xmlSecOpenSSLRsaOaepCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int 	xmlSecOpenSSLRsaOaepInitialize			(xmlSecTransformPtr transform);
-static void 	xmlSecOpenSSLRsaOaepFinalize			(xmlSecTransformPtr transform);
-static int 	xmlSecOpenSSLRsaOaepNodeRead			(xmlSecTransformPtr transform, 
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecOpenSSLRsaOaepSetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecOpenSSLRsaOaepSetKey			(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLRsaOaepExecute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecOpenSSLRsaOaepProcess			(xmlSecTransformPtr transform, 
-								 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLRsaOaepInitialize                  (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLRsaOaepFinalize                    (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLRsaOaepNodeRead                    (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLRsaOaepSetKeyReq                   (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLRsaOaepSetKey                      (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLRsaOaepExecute                     (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLRsaOaepProcess                     (xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecOpenSSLRsaOaepKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLRsaOaepSize,			/* xmlSecSize objSize */
-
-    xmlSecNameRsaOaep,				/* const xmlChar* name; */
-    xmlSecHrefRsaOaep, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLRsaOaepInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLRsaOaepFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecOpenSSLRsaOaepNodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLRsaOaepSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLRsaOaepSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLRsaOaepExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLRsaOaepSize,                   /* xmlSecSize objSize */
+
+    xmlSecNameRsaOaep,                          /* const xmlChar* name; */
+    xmlSecHrefRsaOaep,                          /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLRsaOaepInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLRsaOaepFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecOpenSSLRsaOaepNodeRead,               /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLRsaOaepSetKeyReq,              /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLRsaOaepSetKey,                 /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLRsaOaepExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformRsaOaepGetKlass:
  *
  * The RSA-OAEP key transport transform klass.
  *
  * Returns: RSA-OAEP key transport transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaOaepGetKlass(void) {
     return(&xmlSecOpenSSLRsaOaepKlass);
 }
 
-static int 
+static int
 xmlSecOpenSSLRsaOaepInitialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
 
     ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx));    
+    memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx));
 
     ret = xmlSecBufferInitialize(&(ctx->oaepParams), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLRsaOaepFinalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
 
@@ -468,20 +468,20 @@ xmlSecOpenSSLRsaOaepFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
     xmlSecBufferFinalize(&(ctx->oaepParams));
-    memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx));    
+    memset(ctx, 0, sizeof(xmlSecOpenSSLRsaOaepCtx));
 }
 
-static int 	
+static int
 xmlSecOpenSSLRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
     xmlSecAssert2(node != NULL, -1);
@@ -490,64 +490,63 @@ xmlSecOpenSSLRsaOaepNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS
     ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(xmlSecBufferGetSize(&(ctx->oaepParams)) == 0, -1);
-    
+
     cur = xmlSecGetNextElementNode(node->children);
-    if((cur != NULL) && xmlSecCheckNodeName(cur,  xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
-	ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferBase64NodeContentRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-    
-    if((cur != NULL) && xmlSecCheckNodeName(cur,  xmlSecNodeDigestMethod, xmlSecDSigNs)) {
-	xmlChar* algorithm;
-
-	/* Algorithm attribute is required */
-	algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
-	if(algorithm == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-			XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-			"node=%s", 
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);		
+    while(cur != NULL) {
+        if(xmlSecCheckNodeName(cur,  xmlSecNodeRsaOAEPparams, xmlSecEncNs)) {
+            ret = xmlSecBufferBase64NodeContentRead(&(ctx->oaepParams), cur);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferBase64NodeContentRead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } else if(xmlSecCheckNodeName(cur,  xmlSecNodeDigestMethod, xmlSecDSigNs)) {
+            xmlChar* algorithm;
+
+            /* Algorithm attribute is required */
+            algorithm = xmlGetProp(cur, xmlSecAttrAlgorithm);
+            if(algorithm == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                            XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+                return(-1);
+            }
+
+            /* for now we support only sha1 */
+            if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            xmlSecErrorsSafeString(algorithm),
+                            XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                            "digest algorithm is not supported for rsa/oaep");
+                xmlFree(algorithm);
+                return(-1);
+            }
+            xmlFree(algorithm);
+        } else {
+            /* not found */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
 
-	/* for now we support only sha1 */	
-	if(xmlStrcmp(algorithm, xmlSecHrefSha1) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(algorithm),
-			XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-			"digest algorithm is not supported for rsa/oaep");
-	    xmlFree(algorithm);
-	    return(-1);		
-	}
-	xmlFree(algorithm);
-	
-	cur = xmlSecGetNextElementNode(cur->next);
+        /* next node */
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
-    if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-        
     return(0);
 }
 
-static int  
+static int
 xmlSecOpenSSLRsaOaepSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
 
@@ -559,23 +558,23 @@ xmlSecOpenSSLRsaOaepSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr key
     ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    keyReq->keyId 	 = xmlSecOpenSSLKeyDataRsaId;
+    keyReq->keyId        = xmlSecOpenSSLKeyDataRsaId;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
         keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
         keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
-    
+
     return(0);
 }
 
-static int  	
+static int
 xmlSecOpenSSLRsaOaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
     EVP_PKEY* pKey;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaOaepId), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLRsaOaepSize), -1);
@@ -588,30 +587,30 @@ xmlSecOpenSSLRsaOaepSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
 
     pKey = xmlSecOpenSSLKeyDataRsaGetEvp(xmlSecKeyGetValue(key));
     if(pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLKeyDataRsaGetEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLKeyDataRsaGetEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1);    
-    xmlSecAssert2(pKey->pkey.rsa != NULL, -1);    
-    
-    ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);    
+    xmlSecAssert2(pKey->type == EVP_PKEY_RSA, -1);
+    xmlSecAssert2(pKey->pkey.rsa != NULL, -1);
+
+    ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
     if(ctx->pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLEvpKeyDup",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLEvpKeyDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
     int ret;
@@ -626,37 +625,37 @@ xmlSecOpenSSLRsaOaepExecute(xmlSecTransformPtr transform, int last, xmlSecTransf
     xmlSecAssert2(ctx->pKey != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    } 
-    
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	ret = xmlSecOpenSSLRsaOaepProcess(transform, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecOpenSSLRsaOaepProcess",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	transform->status = xmlSecTransformStatusFinished;
+        ret = xmlSecOpenSSLRsaOaepProcess(transform, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecOpenSSLRsaOaepProcess",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
-static int  
+static int
 xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLRsaOaepCtxPtr ctx;
     xmlSecSize paramsSize;
@@ -673,203 +672,203 @@ xmlSecOpenSSLRsaOaepProcess(xmlSecTransformPtr transform, xmlSecTransformCtxPtr
     ctx = xmlSecOpenSSLRsaOaepGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->pKey != NULL, -1);
-    xmlSecAssert2(ctx->pKey->type == EVP_PKEY_RSA, -1);    
-    xmlSecAssert2(ctx->pKey->pkey.rsa != NULL, -1);    
-    
+    xmlSecAssert2(ctx->pKey->type == EVP_PKEY_RSA, -1);
+    xmlSecAssert2(ctx->pKey->pkey.rsa != NULL, -1);
+
     keySize = RSA_size(ctx->pKey->pkey.rsa);
     xmlSecAssert2(keySize > 0, -1);
-    
+
     in = &(transform->inBuf);
     out = &(transform->outBuf);
-	
+
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
 
     /* the encoded size is equal to the keys size so we could not
      * process more than that */
     if((transform->operation == xmlSecTransformOperationEncrypt) && (inSize >= keySize)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "%d when expected less than %d", inSize, keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "%d when expected less than %d", inSize, keySize);
+        return(-1);
     } else if((transform->operation == xmlSecTransformOperationDecrypt) && (inSize != keySize)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "%d when expected %d", inSize, keySize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "%d when expected %d", inSize, keySize);
+        return(-1);
     }
-	
-    outSize = keySize; 
+
+    outSize = keySize;
     ret = xmlSecBufferSetMaxSize(out, outSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetMaxSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetMaxSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize);
+        return(-1);
     }
 
     paramsSize = xmlSecBufferGetSize(&(ctx->oaepParams));
     if((transform->operation == xmlSecTransformOperationEncrypt) && (paramsSize == 0)) {
-	/* encode w/o OAEPParams --> simple */
-	ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_PKCS1_OAEP_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_public_encrypt(RSA_PKCS1_OAEP_PADDING)",			
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	outSize = ret;
+        /* encode w/o OAEPParams --> simple */
+        ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_PKCS1_OAEP_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_public_encrypt(RSA_PKCS1_OAEP_PADDING)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outSize = ret;
     } else if((transform->operation == xmlSecTransformOperationEncrypt) && (paramsSize > 0)) {
-	xmlSecAssert2(xmlSecBufferGetData(&(ctx->oaepParams)) != NULL, -1);
-	
-	/* add space for padding */
-	ret = xmlSecBufferSetMaxSize(in, keySize);
+        xmlSecAssert2(xmlSecBufferGetData(&(ctx->oaepParams)) != NULL, -1);
+
+        /* add space for padding */
+        ret = xmlSecBufferSetMaxSize(in, keySize);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", keySize);
-	    return(-1);
-	}
-	
-	/* add padding */
-	ret = RSA_padding_add_PKCS1_OAEP(xmlSecBufferGetData(in), keySize, 
-					 xmlSecBufferGetData(in), inSize,
-					 xmlSecBufferGetData(&(ctx->oaepParams)), 
-					 paramsSize);
-	if(ret != 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_padding_add_PKCS1_OAEP",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-	inSize = keySize;
-
-	/* encode with OAEPParams */
-	ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_NO_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_public_encrypt(RSA_NO_PADDING)",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	outSize = ret;
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", keySize);
+            return(-1);
+        }
+
+        /* add padding */
+        ret = RSA_padding_add_PKCS1_OAEP(xmlSecBufferGetData(in), keySize,
+                                         xmlSecBufferGetData(in), inSize,
+                                         xmlSecBufferGetData(&(ctx->oaepParams)),
+                                         paramsSize);
+        if(ret != 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_padding_add_PKCS1_OAEP",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        inSize = keySize;
+
+        /* encode with OAEPParams */
+        ret = RSA_public_encrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_NO_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_public_encrypt(RSA_NO_PADDING)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outSize = ret;
     } else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize == 0)) {
-	ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_PKCS1_OAEP_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_private_decrypt(RSA_PKCS1_OAEP_PADDING)",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	outSize = ret;
+        ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_PKCS1_OAEP_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_private_decrypt(RSA_PKCS1_OAEP_PADDING)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outSize = ret;
     } else if((transform->operation == xmlSecTransformOperationDecrypt) && (paramsSize != 0)) {
-	BIGNUM bn;
-	
-	ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
-				xmlSecBufferGetData(out), 
-				ctx->pKey->pkey.rsa, RSA_NO_PADDING);
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_private_decrypt(RSA_NO_PADDING)",			
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	outSize = ret;
-	
-	/* 
-    	 * the private decrypt w/o padding adds '0's at the begginning.
-	 * it's not clear for me can I simply skip all '0's from the
-	 * beggining so I have to do decode it back to BIGNUM and dump
-	 * buffer again
-	 */
-	BN_init(&bn);
-	if(BN_bin2bn(xmlSecBufferGetData(out), outSize, &bn) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"BN_bin2bn",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			"size=%d", outSize);
-	    BN_clear_free(&bn);
-	    return(-1);		    
-	}
-	
-	ret = BN_bn2bin(&bn, xmlSecBufferGetData(out));
-	if(ret <= 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"BN_bn2bin",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    BN_clear_free(&bn);
-	    return(-1);		    
-	}
-	BN_clear_free(&bn);
-	outSize = ret;
-
-	ret = RSA_padding_check_PKCS1_OAEP(xmlSecBufferGetData(out), outSize,
-					   xmlSecBufferGetData(out), outSize,
-					   keySize,
-					   xmlSecBufferGetData(&(ctx->oaepParams)), 
-					   paramsSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"RSA_padding_check_PKCS1_OAEP",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-	outSize = ret;	
+        BIGNUM bn;
+
+        ret = RSA_private_decrypt(inSize, xmlSecBufferGetData(in),
+                                xmlSecBufferGetData(out),
+                                ctx->pKey->pkey.rsa, RSA_NO_PADDING);
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_private_decrypt(RSA_NO_PADDING)",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outSize = ret;
+
+        /*
+         * the private decrypt w/o padding adds '0's at the begginning.
+         * it's not clear for me can I simply skip all '0's from the
+         * beggining so I have to do decode it back to BIGNUM and dump
+         * buffer again
+         */
+        BN_init(&bn);
+        if(BN_bin2bn(xmlSecBufferGetData(out), outSize, &bn) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "BN_bin2bn",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        "size=%d", outSize);
+            BN_clear_free(&bn);
+            return(-1);
+        }
+
+        ret = BN_bn2bin(&bn, xmlSecBufferGetData(out));
+        if(ret <= 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "BN_bn2bin",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            BN_clear_free(&bn);
+            return(-1);
+        }
+        BN_clear_free(&bn);
+        outSize = ret;
+
+        ret = RSA_padding_check_PKCS1_OAEP(xmlSecBufferGetData(out), outSize,
+                                           xmlSecBufferGetData(out), outSize,
+                                           keySize,
+                                           xmlSecBufferGetData(&(ctx->oaepParams)),
+                                           paramsSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "RSA_padding_check_PKCS1_OAEP",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        outSize = ret;
     } else {
-	xmlSecAssert2("we could not be here" == NULL, -1);
-	return(-1);
+        xmlSecAssert2("we could not be here" == NULL, -1);
+        return(-1);
     }
 
     ret = xmlSecBufferSetSize(out, outSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", outSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", outSize);
+        return(-1);
     }
-	
+
     ret = xmlSecBufferRemoveHead(in, inSize);
     if(ret < 0) {
-        xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferRemoveHead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", inSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferRemoveHead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", inSize);
+        return(-1);
     }
-    
+
     return(0);
 }
 
diff --git a/src/openssl/kw_aes.c b/src/openssl/kw_aes.c
index 94cfeddb..573fb985 100644
--- a/src/openssl/kw_aes.c
+++ b/src/openssl/kw_aes.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * AES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef XMLSEC_NO_AES
@@ -28,269 +28,193 @@
 
 #include <xmlsec/openssl/crypto.h>
 
-#define XMLSEC_OPENSSL_AES128_KEY_SIZE			16
-#define XMLSEC_OPENSSL_AES192_KEY_SIZE			24
-#define XMLSEC_OPENSSL_AES256_KEY_SIZE			32
-#define XMLSEC_OPENSSL_AES_IV_SIZE			16
-#define XMLSEC_OPENSSL_AES_BLOCK_SIZE			16
+#include "../kw_aes_des.h"
 
 
 /*********************************************************************
  *
- * AES KW transforms
- *
- * key (xmlSecBuffer) is located after xmlSecTransform structure
+ * AES KW implementation
  *
- ********************************************************************/
-#define xmlSecOpenSSLKWAesGetKey(transform) \
-    ((xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecOpenSSLKWAesSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
-
-static int 	xmlSecOpenSSLKWAesInitialize			(xmlSecTransformPtr transform);
-static void 	xmlSecOpenSSLKWAesFinalize			(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLKWAesSetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecOpenSSLKWAesSetKey			(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLKWAesExecute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static xmlSecSize  	xmlSecOpenSSLKWAesGetKeySize			(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLKWAesEncode			(const xmlSecByte *key,
-								 xmlSecSize keySize,
-								 const xmlSecByte* in,
-								 xmlSecSize inSize,
-								 xmlSecByte* out,
-								 xmlSecSize outSize);
-static int  	xmlSecOpenSSLKWAesDecode			(const xmlSecByte *key,
-								 xmlSecSize keySize,
-								 const xmlSecByte* in,
-								 xmlSecSize inSize,
-								 xmlSecByte* out,
-								 xmlSecSize outSize);
-
-static xmlSecTransformKlass xmlSecOpenSSLKWAes128Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLKWAesSize,			/* xmlSecSize objSize */
-
-    xmlSecNameKWAes128,				/* const xmlChar* name; */
-    xmlSecHrefKWAes128,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLKWAesInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLKWAesSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+ *********************************************************************/
+static int        xmlSecOpenSSLKWAesBlockEncrypt                (const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize,
+                                                                 void * context);
+static int        xmlSecOpenSSLKWAesBlockDecrypt                (const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize,
+                                                                 void * context);
+static xmlSecKWAesKlass xmlSecOpenSSLKWAesKlass = {
+    /* callbacks */
+    xmlSecOpenSSLKWAesBlockEncrypt,         /* xmlSecKWAesBlockEncryptMethod       encrypt; */
+    xmlSecOpenSSLKWAesBlockDecrypt,         /* xmlSecKWAesBlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL                                    /* void*                               reserved1; */
 };
 
-static xmlSecTransformKlass xmlSecOpenSSLKWAes192Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLKWAesSize,			/* xmlSecSize objSize */
-
-    xmlSecNameKWAes192,				/* const xmlChar* name; */
-    xmlSecHrefKWAes192,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLKWAesInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLKWAesSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
 
-static xmlSecTransformKlass xmlSecOpenSSLKWAes256Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLKWAesSize,			/* xmlSecSize objSize */
-
-    xmlSecNameKWAes256,				/* const xmlChar* name; */
-    xmlSecHrefKWAes256,				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLKWAesInitialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLKWAesFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLKWAesSetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLKWAesSetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLKWAesExecute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+/*********************************************************************
+ *
+ * AES KW transforms
+ *
+ ********************************************************************/
+typedef struct _xmlSecOpenSSLKWAesCtx              xmlSecOpenSSLKWAesCtx,
+                                                  *xmlSecOpenSSLKWAesCtxPtr;
+struct _xmlSecOpenSSLKWAesCtx {
+    xmlSecBuffer        keyBuffer;
+    xmlSecSize          keyExpectedSize;
 };
-
-#define XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE		8
-
+#define xmlSecOpenSSLKWAesSize     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLKWAesCtx))
+#define xmlSecOpenSSLKWAesGetCtx(transform) \
+    ((xmlSecOpenSSLKWAesCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 #define xmlSecOpenSSLKWAesCheckId(transform) \
     (xmlSecTransformCheckId((transform), xmlSecOpenSSLTransformKWAes128Id) || \
      xmlSecTransformCheckId((transform), xmlSecOpenSSLTransformKWAes192Id) || \
      xmlSecTransformCheckId((transform), xmlSecOpenSSLTransformKWAes256Id))
 
-/** 
- * xmlSecOpenSSLTransformKWAes128GetKlass:
- *
- * The AES-128 kew wrapper transform klass.
- *
- * Returns: AES-128 kew wrapper transform klass.
- */
-xmlSecTransformId 
-xmlSecOpenSSLTransformKWAes128GetKlass(void) {
-    return(&xmlSecOpenSSLKWAes128Klass);
-}
-
-/** 
- * xmlSecOpenSSLTransformKWAes192GetKlass:
- *
- * The AES-192 kew wrapper transform klass.
- *
- * Returns: AES-192 kew wrapper transform klass.
- */
-xmlSecTransformId 
-xmlSecOpenSSLTransformKWAes192GetKlass(void) {
-    return(&xmlSecOpenSSLKWAes192Klass);
-}
-
-/** 
- * xmlSecOpenSSLTransformKWAes256GetKlass:
- *
- * The AES-256 kew wrapper transform klass.
- *
- * Returns: AES-256 kew wrapper transform klass.
- */
-xmlSecTransformId 
-xmlSecOpenSSLTransformKWAes256GetKlass(void) {
-    return(&xmlSecOpenSSLKWAes256Klass);
-}
-
-static int 
+static int      xmlSecOpenSSLKWAesInitialize                    (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLKWAesFinalize                      (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLKWAesSetKeyReq                     (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLKWAesSetKey                        (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLKWAesExecute                       (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+
+static int
 xmlSecOpenSSLKWAesInitialize(xmlSecTransformPtr transform) {
+    xmlSecOpenSSLKWAesCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
-    
-    ret = xmlSecBufferInitialize(xmlSecOpenSSLKWAesGetKey(transform), 0);
+
+    ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes128Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES128_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes192Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES192_KEY_SIZE;
+    } else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes256Id)) {
+        ctx->keyExpectedSize = XMLSEC_KW_AES256_KEY_SIZE;
+    } else {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLKWAesGetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLKWAesGetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLKWAesFinalize(xmlSecTransformPtr transform) {
+    xmlSecOpenSSLKWAesCtxPtr ctx;
+
     xmlSecAssert(xmlSecOpenSSLKWAesCheckId(transform));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize));
-    
-    if(xmlSecOpenSSLKWAesGetKey(transform) != NULL) {
-	xmlSecBufferFinalize(xmlSecOpenSSLKWAesGetKey(transform));
-    }
+
+    ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
 }
 
-static int  
+static int
 xmlSecOpenSSLKWAesSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecOpenSSLKWAesCtxPtr ctx;
+
     xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
     xmlSecAssert2(keyReq != NULL, -1);
 
-    keyReq->keyId 	 = xmlSecOpenSSLKeyDataAesId;
+    ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId    = xmlSecOpenSSLKeyDataAesId;
     keyReq->keyType  = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage = xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage = xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage = xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage = xmlSecKeyUsageDecrypt;
     }
-    keyReq->keyBitsSize = 8 * xmlSecOpenSSLKWAesGetKeySize(transform);
-    
+    keyReq->keyBitsSize = 8 * ctx->keyExpectedSize;
+
     return(0);
 }
 
-static int  	
+static int
 xmlSecOpenSSLKWAesSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecOpenSSLKWAesCtxPtr ctx;
     xmlSecBufferPtr buffer;
     xmlSecSize keySize;
-    xmlSecSize expectedKeySize;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
-    xmlSecAssert2(xmlSecOpenSSLKWAesGetKey(transform) != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataAesId), -1);
-    
+
+    ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
     xmlSecAssert2(buffer != NULL, -1);
 
     keySize = xmlSecBufferGetSize(buffer);
-    expectedKeySize = xmlSecOpenSSLKWAesGetKeySize(transform);
-    if(keySize < expectedKeySize) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key=%d;expected=%d",
-		    keySize, expectedKeySize);
-	return(-1);
+    if(keySize < ctx->keyExpectedSize) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key=%d;expected=%d",
+                    keySize, ctx->keyExpectedSize);
+        return(-1);
     }
-        
-    ret = xmlSecBufferSetData(xmlSecOpenSSLKWAesGetKey(transform),
-			    xmlSecBufferGetData(buffer), 
-			    expectedKeySize);
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer),
+                            xmlSecBufferGetData(buffer),
+                            ctx->keyExpectedSize);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "expected-size=%d", expectedKeySize);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "expected-size=%d", 
+                    ctx->keyExpectedSize);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecBufferPtr in, out, key;
-    xmlSecSize inSize, outSize, keySize, expectedKeySize;
+    xmlSecOpenSSLKWAesCtxPtr ctx;
+    xmlSecBufferPtr in, out;
+    xmlSecSize inSize, outSize, keySize;
+    AES_KEY aesKey;
     int ret;
 
     xmlSecAssert2(xmlSecOpenSSLKWAesCheckId(transform), -1);
@@ -298,325 +222,292 @@ xmlSecOpenSSLKWAesExecute(xmlSecTransformPtr transform, int last, xmlSecTransfor
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWAesSize), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    key = xmlSecOpenSSLKWAesGetKey(transform);
-    xmlSecAssert2(key != NULL, -1);
+    ctx = xmlSecOpenSSLKWAesGetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == ctx->keyExpectedSize, -1);
 
-    keySize = xmlSecBufferGetSize(key);
-    expectedKeySize = xmlSecOpenSSLKWAesGetKeySize(transform);
-    xmlSecAssert2(keySize == expectedKeySize, -1);
-    
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	if((inSize % 8) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_SIZE,
-			"size=%d(not 8 bytes aligned)", inSize);
-	    return(-1);
-	}	
-	
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
-	    outSize = inSize + XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE + 
-			       XMLSEC_OPENSSL_AES_BLOCK_SIZE;
-	} else {
-	    outSize = inSize + XMLSEC_OPENSSL_AES_BLOCK_SIZE;
-	}
-
-	ret = xmlSecBufferSetMaxSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"outSize=%d", outSize);
-	    return(-1);
-	}
-
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    ret = xmlSecOpenSSLKWAesEncode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLKWAesEncode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    outSize = ret;
-	} else {
-	    ret = xmlSecOpenSSLKWAesDecode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLKWAesDecode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    outSize = ret;
-	}
-
-	ret = xmlSecBufferSetSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetSize", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"outSize=%d", outSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"inSize%d", inSize);
-	    return(-1);
-	}
-	
-	transform->status = xmlSecTransformStatusFinished;
+        if((inSize % 8) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "size=%d(not 8 bytes aligned)", inSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 8 bytes longer plus 8 bytes just in case */
+            outSize = inSize + XMLSEC_KW_AES_MAGIC_BLOCK_SIZE +
+                               XMLSEC_KW_AES_BLOCK_SIZE;
+        } else {
+            outSize = inSize + XMLSEC_KW_AES_BLOCK_SIZE;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* prepare key */
+            ret = AES_set_encrypt_key(xmlSecBufferGetData(&(ctx->keyBuffer)),
+                                      8 * keySize,
+                                      &aesKey);
+            if(ret != 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "AES_set_decrypt_key",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            ret = xmlSecKWAesEncode(&xmlSecOpenSSLKWAesKlass, &aesKey,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            /* prepare key */
+            ret = AES_set_decrypt_key(xmlSecBufferGetData(&(ctx->keyBuffer)),
+                                      8 * keySize,
+                                      &aesKey);
+            if(ret != 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "AES_set_decrypt_key",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            ret = xmlSecKWAesDecode(&xmlSecOpenSSLKWAesKlass, &aesKey,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWAesEncode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "outSize=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "inSize%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
-static xmlSecSize  
-xmlSecOpenSSLKWAesGetKeySize(xmlSecTransformPtr transform) {
-    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes128Id)) {
-	return(XMLSEC_OPENSSL_AES128_KEY_SIZE);
-    } else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes192Id)) {
-	return(XMLSEC_OPENSSL_AES192_KEY_SIZE);
-    } else if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWAes256Id)) {
-	return(XMLSEC_OPENSSL_AES256_KEY_SIZE);
-    }
-    return(0);
-}
+static xmlSecTransformKlass xmlSecOpenSSLKWAes128Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLKWAesSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameKWAes128,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes128,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLKWAesInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLKWAesFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLKWAesSetKeyReq,                /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLKWAesSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLKWAesExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
 
 /**
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap:
- *
- * Assume that the data to be wrapped consists of N 64-bit data blocks 
- * denoted P(1), P(2), P(3) ... P(N). The result of wrapping will be N+1 
- * 64-bit blocks denoted C(0), C(1), C(2), ... C(N). The key encrypting 
- * key is represented by K. Assume integers i, j, and t and intermediate 
- * 64-bit register A, 128-bit register B, and array of 64-bit quantities 
- * R(1) through R(N).
+ * xmlSecOpenSSLTransformKWAes128GetKlass:
  *
- * "|" represents concatentation so x|y, where x and y and 64-bit quantities, 
- * is the 128-bit quantity with x in the most significant bits and y in the 
- * least significant bits. AES(K)enc(x) is the operation of AES encrypting 
- * the 128-bit quantity x under the key K. AES(K)dec(x) is the corresponding 
- * decryption opteration. XOR(x,y) is the bitwise exclusive or of x and y. 
- * MSB(x) and LSB(y) are the most significant 64 bits and least significant 
- * 64 bits of x and y respectively.
+ * The AES-128 kew wrapper transform klass.
  *
- * If N is 1, a single AES operation is performed for wrap or unwrap. 
- * If N>1, then 6*N AES operations are performed for wrap or unwrap.
+ * Returns: AES-128 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformKWAes128GetKlass(void) {
+    return(&xmlSecOpenSSLKWAes128Klass);
+}
+
+static xmlSecTransformKlass xmlSecOpenSSLKWAes192Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLKWAesSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameKWAes192,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes192,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLKWAesInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLKWAesFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLKWAesSetKeyReq,                /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLKWAesSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLKWAesExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+
+/**
+ * xmlSecOpenSSLTransformKWAes192GetKlass:
  *
- * The key wrap algorithm is as follows:
+ * The AES-192 kew wrapper transform klass.
  *
- *   1. If N is 1:
- *          * B=AES(K)enc(0xA6A6A6A6A6A6A6A6|P(1))
- *          * C(0)=MSB(B)
- *          * C(1)=LSB(B)
- *      If N>1, perform the following steps:
- *   2. Initialize variables:
- *          * Set A to 0xA6A6A6A6A6A6A6A6
- *          * Fori=1 to N,
- *            R(i)=P(i)
- *   3. Calculate intermediate values:
- *          * Forj=0 to 5,
- *                o For i=1 to N,
- *                  t= i + j*N
- *                  B=AES(K)enc(A|R(i))
- *                  A=XOR(t,MSB(B))
- *                  R(i)=LSB(B)
- *   4. Output the results:
- *          * Set C(0)=A
- *          * For i=1 to N,
- *            C(i)=R(i)
+ * Returns: AES-192 kew wrapper transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformKWAes192GetKlass(void) {
+    return(&xmlSecOpenSSLKWAes192Klass);
+}
+
+static xmlSecTransformKlass xmlSecOpenSSLKWAes256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLKWAesSize,                     /* xmlSecSize objSize */
+
+    xmlSecNameKWAes256,                         /* const xmlChar* name; */
+    xmlSecHrefKWAes256,                         /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLKWAesInitialize,               /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLKWAesFinalize,                 /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLKWAesSetKeyReq,                /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLKWAesSetKey,                   /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLKWAesExecute,                  /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformKWAes256GetKlass:
  *
- * The key unwrap algorithm is as follows:
+ * The AES-256 kew wrapper transform klass.
  *
- *   1. If N is 1:
- *          * B=AES(K)dec(C(0)|C(1))
- *          * P(1)=LSB(B)
- *          * If MSB(B) is 0xA6A6A6A6A6A6A6A6, return success. Otherwise, 
- *            return an integrity check failure error.
- *      If N>1, perform the following steps:
- *   2. Initialize the variables:
- *          * A=C(0)
- *          * For i=1 to N,
- *            R(i)=C(i)
- *   3. Calculate intermediate values:
- *          * For j=5 to 0,
- *                o For i=N to 1,
- *                  t= i + j*N
- *                  B=AES(K)dec(XOR(t,A)|R(i))
- *                  A=MSB(B)
- *                  R(i)=LSB(B)
- *   4. Output the results:
- *          * For i=1 to N,
- *            P(i)=R(i)
- *          * If A is 0xA6A6A6A6A6A6A6A6, return success. Otherwise, return 
- *            an integrity check failure error.
+ * Returns: AES-256 kew wrapper transform klass.
  */
-static const xmlSecByte xmlSecOpenSSLKWAesMagicBlock[XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE] = { 
-    0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6,  0xA6
-};
-					    	
-static int  	
-xmlSecOpenSSLKWAesEncode(const xmlSecByte *key, xmlSecSize keySize,
-			 const xmlSecByte *in, xmlSecSize inSize,
-			 xmlSecByte *out, xmlSecSize outSize) {
-    AES_KEY aesKey;
-    xmlSecByte block[XMLSEC_OPENSSL_AES_BLOCK_SIZE];
-    xmlSecByte *p;
-    int N, i, j, t;
-    int ret;
-    
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize > 0, -1);
+xmlSecTransformId
+xmlSecOpenSSLTransformKWAes256GetKlass(void) {
+    return(&xmlSecOpenSSLKWAes256Klass);
+}
+
+/*********************************************************************
+ *
+ * AES KW implementation
+ *
+ *********************************************************************/
+static int
+xmlSecOpenSSLKWAesBlockEncrypt(const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize,
+                               void * context) {
     xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize + 8, -1);
-
-    ret = AES_set_encrypt_key(key, 8 * keySize, &aesKey);
-    if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "AES_set_encrypt_key",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }
+    xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(context != NULL, -1);
 
-    /* prepend magic block */
-    if(in != out) {
-        memcpy(out + XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE, in, inSize);
-    } else {
-        memmove(out + XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE, out, inSize);
-    }
-    memcpy(out, xmlSecOpenSSLKWAesMagicBlock, XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE);
-    
-    N = (inSize / 8);
-    if(N == 1) {
-	AES_encrypt(out, out, &aesKey); 
-    } else {
-	for(j = 0; j <= 5; ++j) {
-	    for(i = 1; i <= N; ++i) {
-		t = i + (j * N);
-		p = out + i * 8;
-
-		memcpy(block, out, 8);
-		memcpy(block + 8, p, 8);
-		
-		AES_encrypt(block, block, &aesKey);
-		block[7] ^=  t;
-		memcpy(out, block, 8);
-		memcpy(p, block + 8, 8);
-	    }
-	}
-    }
-    
-    return(inSize + 8);
+    AES_encrypt(in, out, (AES_KEY*)context);
+    return(AES_BLOCK_SIZE);
 }
 
-static int  	
-xmlSecOpenSSLKWAesDecode(const xmlSecByte *key, xmlSecSize keySize,
-			 const xmlSecByte *in, xmlSecSize inSize,
-			 xmlSecByte *out, xmlSecSize outSize) {
-    AES_KEY aesKey;
-    xmlSecByte block[XMLSEC_OPENSSL_AES_BLOCK_SIZE];
-    xmlSecByte *p;
-    int N, i, j, t;
-    int ret;
-
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize > 0, -1);
+static int
+xmlSecOpenSSLKWAesBlockDecrypt(const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize,
+                               void * context) {
     xmlSecAssert2(in != NULL, -1);
-    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(inSize >= AES_BLOCK_SIZE, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize, -1);
-    
-    ret = AES_set_decrypt_key(key, 8 * keySize, &aesKey);
-    if(ret != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    "AES_set_decrypt_key",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }
-    
-    /* copy input */
-    if(in != out) {
-        memcpy(out, in, inSize);
-    }
-        
-    N = (inSize / 8) - 1;
-    if(N == 1) {
-	AES_decrypt(out, out, &aesKey);
-    } else {
-	for(j = 5; j >= 0; --j) {
-	    for(i = N; i > 0; --i) {
-		t = i + (j * N);
-		p = out + i * 8;
-
-		memcpy(block, out, 8);
-		memcpy(block + 8, p, 8);
-		block[7] ^= t;
-		
-		AES_decrypt(block, block, &aesKey);
-		memcpy(out, block, 8);
-		memcpy(p, block + 8, 8);
-	    }
-	}
-    }
-    /* do not left data in memory */
-    memset(block, 0, sizeof(block));
-    
-    if(memcmp(xmlSecOpenSSLKWAesMagicBlock, out, XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "bad magic block");
-	return(-1);	
-    }
-	
-    memmove(out, out + XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE, inSize - XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE);
-    return(inSize - XMLSEC_OPENSSL_KW_AES_MAGIC_BLOCK_SIZE);
+    xmlSecAssert2(outSize >= AES_BLOCK_SIZE, -1);
+    xmlSecAssert2(context != NULL, -1);
+
+    AES_decrypt(in, out, (AES_KEY*)context);
+    return(AES_BLOCK_SIZE);
 }
 
+
 #endif /* XMLSEC_OPENSSL_096 */
 #endif /* XMLSEC_NO_AES */
diff --git a/src/openssl/kw_des.c b/src/openssl/kw_des.c
index f5ebf435..9d55e107 100644
--- a/src/openssl/kw_des.c
+++ b/src/openssl/kw_des.c
@@ -1,13 +1,13 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * DES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
- * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
+ *
+ * Copyright (C) 2002-2010 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef XMLSEC_NO_DES
 #include "globals.h"
@@ -28,9 +28,58 @@
 
 #include <xmlsec/openssl/crypto.h>
 
-#define XMLSEC_OPENSSL_DES3_KEY_LENGTH				24
-#define XMLSEC_OPENSSL_DES3_IV_LENGTH				8
-#define XMLSEC_OPENSSL_DES3_BLOCK_LENGTH			8
+#include "../kw_aes_des.h"
+
+/*********************************************************************
+ *
+ * DES KW implementation
+ *
+ *********************************************************************/
+static int       xmlSecOpenSSLKWDes3GenerateRandom               (void * context,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int       xmlSecOpenSSLKWDes3Sha1                         (void * context,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize, 
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecOpenSSLKWDes3BlockEncrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+static int      xmlSecOpenSSLKWDes3BlockDecrypt                  (void * context,
+                                                                 const xmlSecByte * iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte * in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte * out, 
+                                                                 xmlSecSize outSize);
+
+static xmlSecKWDes3Klass xmlSecOpenSSLKWDes3ImplKlass = {
+    /* callbacks */
+    xmlSecOpenSSLKWDes3GenerateRandom,       /* xmlSecKWDes3GenerateRandomMethod     generateRandom; */
+    xmlSecOpenSSLKWDes3Sha1,                 /* xmlSecKWDes3Sha1Method               sha1; */
+    xmlSecOpenSSLKWDes3BlockEncrypt,         /* xmlSecKWDes3BlockEncryptMethod       encrypt; */
+    xmlSecOpenSSLKWDes3BlockDecrypt,         /* xmlSecKWDes3BlockDecryptMethod       decrypt; */
+
+    /* for the future */
+    NULL,                                   /* void*                               reserved0; */
+    NULL,                                   /* void*                               reserved1; */
+}; 
+
+static int      xmlSecOpenSSLKWDes3Encrypt                      (const xmlSecByte *key, 
+                                                                 xmlSecSize keySize,
+                                                                 const xmlSecByte *iv, 
+                                                                 xmlSecSize ivSize,
+                                                                 const xmlSecByte *in, 
+                                                                 xmlSecSize inSize,
+                                                                 xmlSecByte *out, 
+                                                                 xmlSecSize outSize, 
+                                                                 int enc);
+
 
 /*********************************************************************
  *
@@ -39,176 +88,171 @@
  * key (xmlSecBuffer) is located after xmlSecTransform structure
  *
  ********************************************************************/
-#define xmlSecOpenSSLKWDes3GetKey(transform) \
-    ((xmlSecBufferPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
-#define xmlSecOpenSSLKWDes3Size	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecBuffer))
-
-static int 	xmlSecOpenSSLKWDes3Initialize			(xmlSecTransformPtr transform);
-static void 	xmlSecOpenSSLKWDes3Finalize			(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLKWDes3SetKeyReq			(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int  	xmlSecOpenSSLKWDes3SetKey			(xmlSecTransformPtr transform, 
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLKWDes3Execute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static int  	xmlSecOpenSSLKWDes3Encode			(const xmlSecByte *key,
-								 xmlSecSize keySize,
-								 const xmlSecByte *in,
-								 xmlSecSize inSize,
-								 xmlSecByte *out,
-								 xmlSecSize outSize);
-static int  	xmlSecOpenSSLKWDes3Decode			(const xmlSecByte *key,
-							         xmlSecSize keySize,
-								 const xmlSecByte *in,
-								 xmlSecSize inSize,
-								 xmlSecByte *out,
-								 xmlSecSize outSize);
-static int	xmlSecOpenSSLKWDes3Encrypt			(const xmlSecByte *key, 
-								 xmlSecSize keySize,
-						    		 const xmlSecByte *iv,
-								 xmlSecSize ivSize,
-								 const xmlSecByte *in, 
-								 xmlSecSize inSize,
-								 xmlSecByte *out,
-								 xmlSecSize outSize, 
-								 int enc);
-static int 	xmlSecOpenSSLKWDes3BufferReverse		(xmlSecByte *buf, 
-								 xmlSecSize size);
-
+typedef struct _xmlSecOpenSSLKWDes3Ctx              xmlSecOpenSSLKWDes3Ctx,
+                                                  *xmlSecOpenSSLKWDes3CtxPtr;
+struct _xmlSecOpenSSLKWDes3Ctx {
+    xmlSecBuffer        keyBuffer;
+};
+#define xmlSecOpenSSLKWDes3Size     \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLKWDes3Ctx))
+#define xmlSecOpenSSLKWDes3GetCtx(transform) \
+    ((xmlSecOpenSSLKWDes3CtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
+
+static int      xmlSecOpenSSLKWDes3Initialize                   (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLKWDes3Finalize                     (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLKWDes3SetKeyReq                    (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLKWDes3SetKey                       (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLKWDes3Execute                      (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 static xmlSecTransformKlass xmlSecOpenSSLKWDes3Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLKWDes3Size,			/* xmlSecSize objSize */
-
-    xmlSecNameKWDes3,				/* const xmlChar* name; */
-    xmlSecHrefKWDes3, 				/* const xmlChar* href; */
-    xmlSecTransformUsageEncryptionMethod,	/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecOpenSSLKWDes3Initialize, 		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLKWDes3Finalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLKWDes3SetKeyReq,		/* xmlSecTransformSetKeyMethod setKeyReq; */
-    xmlSecOpenSSLKWDes3SetKey,			/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLKWDes3Execute,			/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLKWDes3Size,                    /* xmlSecSize objSize */
+
+    xmlSecNameKWDes3,                           /* const xmlChar* name; */
+    xmlSecHrefKWDes3,                           /* const xmlChar* href; */
+    xmlSecTransformUsageEncryptionMethod,       /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecOpenSSLKWDes3Initialize,              /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLKWDes3Finalize,                /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLKWDes3SetKeyReq,               /* xmlSecTransformSetKeyMethod setKeyReq; */
+    xmlSecOpenSSLKWDes3SetKey,                  /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLKWDes3Execute,                 /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLTransformKWDes3GetKlass:
- * 
+ *
  * The Triple DES key wrapper transform klass.
  *
  * Returns: Triple DES key wrapper transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformKWDes3GetKlass(void) {
     return(&xmlSecOpenSSLKWDes3Klass);
 }
 
-static int 
+static int
 xmlSecOpenSSLKWDes3Initialize(xmlSecTransformPtr transform) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
-    
-    ret = xmlSecBufferInitialize(xmlSecOpenSSLKWDes3GetKey(transform), 0);
+
+    ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    ret = xmlSecBufferInitialize(&(ctx->keyBuffer), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-        
+
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLKWDes3Finalize(xmlSecTransformPtr transform) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx;
+
     xmlSecAssert(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id));
     xmlSecAssert(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size));
-    
-    if(xmlSecOpenSSLKWDes3GetKey(transform) != NULL) {
-	xmlSecBufferFinalize(xmlSecOpenSSLKWDes3GetKey(transform));
-    }
+
+    ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+    xmlSecAssert(ctx != NULL);
+
+    xmlSecBufferFinalize(&(ctx->keyBuffer));
 }
 
-static int  
+static int
 xmlSecOpenSSLKWDes3SetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx;
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
     xmlSecAssert2(keyReq != NULL, -1);
 
-    keyReq->keyId 	= xmlSecOpenSSLKeyDataDesId;
-    keyReq->keyType 	= xmlSecKeyDataTypeSymmetric;
+    ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keyReq->keyId       = xmlSecOpenSSLKeyDataDesId;
+    keyReq->keyType     = xmlSecKeyDataTypeSymmetric;
     if(transform->operation == xmlSecTransformOperationEncrypt) {
-	keyReq->keyUsage= xmlSecKeyUsageEncrypt;
+        keyReq->keyUsage= xmlSecKeyUsageEncrypt;
     } else {
-	keyReq->keyUsage= xmlSecKeyUsageDecrypt;
+        keyReq->keyUsage= xmlSecKeyUsageDecrypt;
     }
-    keyReq->keyBitsSize = 8 * XMLSEC_OPENSSL_DES3_KEY_LENGTH;
+    keyReq->keyBitsSize = 8 * XMLSEC_KW_DES3_KEY_LENGTH;
     return(0);
 }
 
-static int  	
+static int
 xmlSecOpenSSLKWDes3SetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx;
     xmlSecBufferPtr buffer;
     xmlSecSize keySize;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformKWDes3Id), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationEncrypt) || (transform->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
-    xmlSecAssert2(xmlSecOpenSSLKWDes3GetKey(transform) != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(xmlSecKeyGetValue(key), xmlSecOpenSSLKeyDataDesId), -1);
-    
+
+    ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(xmlSecKeyGetValue(key));
     xmlSecAssert2(buffer != NULL, -1);
 
     keySize = xmlSecBufferGetSize(buffer);
-    if(keySize < XMLSEC_OPENSSL_DES3_KEY_LENGTH) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
-		    "key length %d is not enough (%d expected)",
-		    keySize, XMLSEC_OPENSSL_DES3_KEY_LENGTH);
-	return(-1);
+    if(keySize < XMLSEC_KW_DES3_KEY_LENGTH) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE,
+                    "key length %d is not enough (%d expected)",
+                    keySize, XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
     }
-        
-    ret = xmlSecBufferSetData(xmlSecOpenSSLKWDes3GetKey(transform),
-			    xmlSecBufferGetData(buffer), 
-			    XMLSEC_OPENSSL_DES3_KEY_LENGTH);
+
+    ret = xmlSecBufferSetData(&(ctx->keyBuffer), xmlSecBufferGetData(buffer), XMLSEC_KW_DES3_KEY_LENGTH);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferSetData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", XMLSEC_OPENSSL_DES3_KEY_LENGTH);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferSetData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", XMLSEC_KW_DES3_KEY_LENGTH);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecBufferPtr in, out, key;
+    xmlSecOpenSSLKWDes3CtxPtr ctx;
+    xmlSecBufferPtr in, out;
     xmlSecSize inSize, outSize, keySize;
     int ret;
 
@@ -217,347 +261,255 @@ xmlSecOpenSSLKWDes3Execute(xmlSecTransformPtr transform, int last, xmlSecTransfo
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLKWDes3Size), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    key = xmlSecOpenSSLKWDes3GetKey(transform);
-    xmlSecAssert2(key != NULL, -1);
+    ctx = xmlSecOpenSSLKWDes3GetCtx(transform);
+    xmlSecAssert2(ctx != NULL, -1);
+
+    keySize = xmlSecBufferGetSize(&(ctx->keyBuffer));
+    xmlSecAssert2(keySize == XMLSEC_KW_DES3_KEY_LENGTH, -1);
 
-    keySize = xmlSecBufferGetSize(key);
-    xmlSecAssert2(keySize == XMLSEC_OPENSSL_DES3_KEY_LENGTH, -1);
-    
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
+    outSize = xmlSecBufferGetSize(out);
     xmlSecAssert2(outSize == 0, -1);
-    
+
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
+        /* just do nothing */
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	if((inSize % XMLSEC_OPENSSL_DES3_BLOCK_LENGTH) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_SIZE,
-			"%d bytes - not %d bytes aligned", 
-			inSize, XMLSEC_OPENSSL_DES3_BLOCK_LENGTH);
-	    return(-1);
-	}	
-	
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    /* the encoded key might be 16 bytes longer plus one block just in case */
-	    outSize = inSize + XMLSEC_OPENSSL_DES3_IV_LENGTH +
-			       XMLSEC_OPENSSL_DES3_BLOCK_LENGTH +
-			       XMLSEC_OPENSSL_DES3_BLOCK_LENGTH;
-	} else {
-	    outSize = inSize + XMLSEC_OPENSSL_DES3_BLOCK_LENGTH;
-	}
-
-	ret = xmlSecBufferSetMaxSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetMaxSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize);
-	    return(-1);
-	}
-
-	if(transform->operation == xmlSecTransformOperationEncrypt) {
-	    ret = xmlSecOpenSSLKWDes3Encode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLKWDes3Encode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "key=%d,in=%d,out=%d",
-			    keySize, inSize, outSize);
-		return(-1);
-	    }
-	    outSize = ret;
-	} else {
-	    ret = xmlSecOpenSSLKWDes3Decode(xmlSecBufferGetData(key), keySize,
-					    xmlSecBufferGetData(in), inSize,
-					    xmlSecBufferGetData(out), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecOpenSSLKWDes3Decode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "key=%d,in=%d,out=%d",
-			    keySize, inSize, outSize);
-		return(-1);
-	    }
-	    outSize = ret;
-	}
-
-	ret = xmlSecBufferSetSize(out, outSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferSetSize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	
-	transform->status = xmlSecTransformStatusFinished;
+        if((inSize % XMLSEC_KW_DES3_BLOCK_LENGTH) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_SIZE,
+                        "%d bytes - not %d bytes aligned",
+                        inSize, XMLSEC_KW_DES3_BLOCK_LENGTH);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            /* the encoded key might be 16 bytes longer plus one block just in case */
+            outSize = inSize + XMLSEC_KW_DES3_IV_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH +
+                               XMLSEC_KW_DES3_BLOCK_LENGTH;
+        } else {
+            /* just in case, add a block */
+            outSize = inSize + XMLSEC_KW_DES3_BLOCK_LENGTH;
+        }
+
+        ret = xmlSecBufferSetMaxSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetMaxSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        if(transform->operation == xmlSecTransformOperationEncrypt) {
+            ret = xmlSecKWDes3Encode(&xmlSecOpenSSLKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Encode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        } else {
+            ret = xmlSecKWDes3Decode(&xmlSecOpenSSLKWDes3ImplKlass, ctx,
+                                    xmlSecBufferGetData(in), inSize,
+                                    xmlSecBufferGetData(out), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecKWDes3Decode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "key=%d,in=%d,out=%d",
+                            keySize, inSize, outSize);
+                return(-1);
+            }
+            outSize = ret;
+        }
+
+        ret = xmlSecBufferSetSize(out, outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferSetSize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
+
     return(0);
 }
 
-static xmlSecByte xmlSecOpenSSLKWDes3Iv[XMLSEC_OPENSSL_DES3_IV_LENGTH] = { 
-    0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 
-};
-/**
- * CMS Triple DES Key Wrap
- *
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
- *
- * The following algorithm wraps (encrypts) a key (the wrapped key, WK) 
- * under a TRIPLEDES key-encryption-key (KEK) as specified in [CMS-Algorithms]:
+/*********************************************************************
  *
- * 1. Represent the key being wrapped as an octet sequence. If it is a 
- *    TRIPLEDES key, this is 24 octets (192 bits) with odd parity bit as 
- *    the bottom bit of each octet.
- * 2. Compute the CMS key checksum (section 5.6.1) call this CKS.
- * 3. Let WKCKS = WK || CKS, where || is concatenation.
- * 4. Generate 8 random octets [RANDOM] and call this IV.
- * 5. Encrypt WKCKS in CBC mode using KEK as the key and IV as the 
- *    initialization vector. Call the results TEMP1.
- * 6. Left TEMP2 = IV || TEMP1.
- * 7. Reverse the order of the octets in TEMP2 and call the result TEMP3.
- * 8. Encrypt TEMP3 in CBC mode using the KEK and an initialization vector 
- *    of 0x4adda22c79e82105. The resulting cipher text is the desired result. 
- *    It is 40 octets long if a 168 bit key is being wrapped.
+ * DES KW implementation
  *
- */
-static int  	
-xmlSecOpenSSLKWDes3Encode(const xmlSecByte *key, xmlSecSize keySize,
-			const xmlSecByte *in, xmlSecSize inSize,
-			xmlSecByte *out, xmlSecSize outSize) {
-    xmlSecByte sha1[SHA_DIGEST_LENGTH];    
-    xmlSecByte iv[XMLSEC_OPENSSL_DES3_IV_LENGTH];
-    xmlSecSize s;    
-    int ret;
+ *********************************************************************/
+static int
+xmlSecOpenSSLKWDes3Sha1(void * context,
+                       const xmlSecByte * in, xmlSecSize inSize, 
+                       xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
 
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize == XMLSEC_OPENSSL_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(outSize >= inSize + 16, -1);
-
-    /* step 2: calculate sha1 and CMS */
-    if(SHA1(in, inSize, sha1) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SHA1",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+    xmlSecAssert2(outSize >= SHA_DIGEST_LENGTH, -1);
+
+    if(SHA1(in, inSize, out) == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "SHA1",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
+    return(SHA_DIGEST_LENGTH);
+}
+
+static int
+xmlSecOpenSSLKWDes3GenerateRandom(void * context,
+                                 xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+    int ret;
 
-    /* step 3: construct WKCKS */
-    memcpy(out, in, inSize);
-    memcpy(out + inSize, sha1, XMLSEC_OPENSSL_DES3_BLOCK_LENGTH);
-    
-    /* step 4: generate random iv */
-    ret = RAND_bytes(iv, XMLSEC_OPENSSL_DES3_IV_LENGTH);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize > 0, -1);
+
+    ret = RAND_bytes(out, outSize);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "RAND_bytes",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "ret=%d", ret);
-	return(-1);    
-    }	
-
-    /* step 5: first encryption, result is TEMP1 */
-    ret = xmlSecOpenSSLKWDes3Encrypt(key, keySize, 
-				    iv, XMLSEC_OPENSSL_DES3_IV_LENGTH, 
-				    out, inSize + XMLSEC_OPENSSL_DES3_BLOCK_LENGTH, 
-				    out, outSize, 1);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "RAND_bytes",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "ret=%d", ret);
+        return(-1);
     }
 
-    /* step 6: construct TEMP2=IV || TEMP1 */
-    memmove(out + XMLSEC_OPENSSL_DES3_IV_LENGTH, out, 
-	    inSize + XMLSEC_OPENSSL_DES3_IV_LENGTH);
-    memcpy(out, iv, XMLSEC_OPENSSL_DES3_IV_LENGTH);
-    s = ret + XMLSEC_OPENSSL_DES3_IV_LENGTH; 
-    
-    /* step 7: reverse octets order, result is TEMP3 */
-    ret = xmlSecOpenSSLKWDes3BufferReverse(out, s);
-    if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3BufferReverse",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
+    return((int)outSize);
+}
 
-    /* step 8: second encryption with static IV */
-    ret = xmlSecOpenSSLKWDes3Encrypt(key, keySize, 
-				    xmlSecOpenSSLKWDes3Iv, XMLSEC_OPENSSL_DES3_IV_LENGTH,
-				    out, s, out, outSize, 1);
+static int
+xmlSecOpenSSLKWDes3BlockEncrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
+    int ret;
+
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
+    xmlSecAssert2(in != NULL, -1);
+    xmlSecAssert2(inSize > 0, -1);
+    xmlSecAssert2(out != NULL, -1);
+    xmlSecAssert2(outSize >= inSize, -1);
+
+    ret = xmlSecOpenSSLKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
+                                    iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                    in, inSize,
+                                    out, outSize, 
+                                    1); /* encrypt */
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    s = ret; 
-    return(s);
+
+    return(ret);
 }
 
-/**
- * CMS Triple DES Key Wrap
- *
- * http://www.w3.org/TR/xmlenc-core/#sec-Alg-SymmetricKeyWrap
- *
- * The following algorithm unwraps (decrypts) a key as specified in 
- * [CMS-Algorithms]:
- *
- * 1. Check if the length of the cipher text is reasonable given the key type. 
- *    It must be 40 bytes for a 168 bit key and either 32, 40, or 48 bytes for 
- *    a 128, 192, or 256 bit key. If the length is not supported or inconsistent 
- *    with the algorithm for which the key is intended, return error.
- * 2. Decrypt the cipher text with TRIPLEDES in CBC mode using the KEK and 
- *    an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
- * 3. Reverse the order of the octets in TEMP3 and call the result TEMP2.
- * 4. Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining 
- *    octets.
- * 5. Decrypt TEMP1 using TRIPLEDES in CBC mode using the KEK and the IV found 
- *    in the previous step. Call the result WKCKS.
- * 6. Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are 
- *    those octets before the CKS.
- * 7. Calculate a CMS key checksum (section 5.6.1) over the WK and compare 
- *    with the CKS extracted in the above step. If they are not equal, return 
- *    error.
- * 8. WK is the wrapped key, now extracted for use in data decryption.
- */
-static int  	
-xmlSecOpenSSLKWDes3Decode(const xmlSecByte *key, xmlSecSize keySize,
-			const xmlSecByte *in, xmlSecSize inSize,
-			xmlSecByte *out, xmlSecSize outSize) {
-    xmlSecByte sha1[SHA_DIGEST_LENGTH];    
-    xmlSecSize s;    
+static int
+xmlSecOpenSSLKWDes3BlockDecrypt(void * context,
+                               const xmlSecByte * iv, xmlSecSize ivSize,
+                               const xmlSecByte * in, xmlSecSize inSize,
+                               xmlSecByte * out, xmlSecSize outSize) {
+    xmlSecOpenSSLKWDes3CtxPtr ctx = (xmlSecOpenSSLKWDes3CtxPtr)context;
     int ret;
 
-    xmlSecAssert2(key != NULL, -1);
-    xmlSecAssert2(keySize == XMLSEC_OPENSSL_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(ctx != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetData(&(ctx->keyBuffer)) != NULL, -1);
+    xmlSecAssert2(xmlSecBufferGetSize(&(ctx->keyBuffer)) >= XMLSEC_KW_DES3_KEY_LENGTH, -1);
+    xmlSecAssert2(iv != NULL, -1);
+    xmlSecAssert2(ivSize >= XMLSEC_KW_DES3_IV_LENGTH, -1);
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
     xmlSecAssert2(outSize >= inSize, -1);
 
-    /* step 2: first decryption with static IV, result is TEMP3 */
-    ret = xmlSecOpenSSLKWDes3Encrypt(key, keySize, 
-				    xmlSecOpenSSLKWDes3Iv, XMLSEC_OPENSSL_DES3_IV_LENGTH,
-				    in, inSize, out, outSize, 0);
-    if((ret < 0) || (ret < XMLSEC_OPENSSL_DES3_IV_LENGTH)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-    s = ret; 
-    
-    /* step 3: reverse octets order in TEMP3, result is TEMP2 */
-    ret = xmlSecOpenSSLKWDes3BufferReverse(out, s);
+    ret = xmlSecOpenSSLKWDes3Encrypt(xmlSecBufferGetData(&(ctx->keyBuffer)), XMLSEC_KW_DES3_KEY_LENGTH,
+                                    iv, XMLSEC_KW_DES3_IV_LENGTH,
+                                    in, inSize,
+                                    out, outSize, 
+                                    0); /* decrypt */
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3BufferReverse",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-
-    /* steps 4 and 5: get IV and decrypt second time, result is WKCKS */
-    ret = xmlSecOpenSSLKWDes3Encrypt(key, keySize, 
-				     out, XMLSEC_OPENSSL_DES3_IV_LENGTH,
-				     out + XMLSEC_OPENSSL_DES3_IV_LENGTH, 
-				     s - XMLSEC_OPENSSL_DES3_IV_LENGTH, 
-				     out, outSize, 0);
-    if((ret < 0) || (ret < XMLSEC_OPENSSL_DES3_BLOCK_LENGTH)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLKWDes3Encrypt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
-    }
-    s = ret - XMLSEC_OPENSSL_DES3_BLOCK_LENGTH; 
-    
-    /* steps 6 and 7: calculate SHA1 and validate it */
-    if(SHA1(out, s, sha1) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "SHA1",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLKWDes3Encrypt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
-    if(memcmp(sha1, out + s, XMLSEC_OPENSSL_DES3_BLOCK_LENGTH) != 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "SHA1 does not match");
-	return(-1);	    
-    }
-    
-    return(s);
+    return(ret);
 }
 
+
+
 static int
 xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
-			   const xmlSecByte *iv, xmlSecSize ivSize,
-            		   const xmlSecByte *in, xmlSecSize inSize,
-	        	   xmlSecByte *out, xmlSecSize outSize, int enc) {
+                           const xmlSecByte *iv, xmlSecSize ivSize,
+                           const xmlSecByte *in, xmlSecSize inSize,
+                           xmlSecByte *out, xmlSecSize outSize, 
+                           int enc) {
     EVP_CIPHER_CTX cipherCtx;
     int updateLen;
     int finalLen;
     int ret;
-    
+
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keySize == (xmlSecSize)EVP_CIPHER_key_length(EVP_des_ede3_cbc()), -1);
     xmlSecAssert2(iv != NULL, -1);
@@ -566,63 +518,46 @@ xmlSecOpenSSLKWDes3Encrypt(const xmlSecByte *key, xmlSecSize keySize,
     xmlSecAssert2(inSize > 0, -1);
     xmlSecAssert2(out != NULL, -1);
     xmlSecAssert2(outSize >= inSize, -1);
-    
+
     EVP_CIPHER_CTX_init(&cipherCtx);
-    ret = EVP_CipherInit(&cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);  
+    ret = EVP_CipherInit(&cipherCtx, EVP_des_ede3_cbc(), key, iv, enc);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "EVP_CipherInit",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EVP_CipherInit",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_OPENSSL_096
-    EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);    
-#endif /* XMLSEC_OPENSSL_096 */	
-    
+    EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);
+#endif /* XMLSEC_OPENSSL_096 */
+
     ret = EVP_CipherUpdate(&cipherCtx, out, &updateLen, in, inSize);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "EVP_CipherUpdate",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EVP_CipherUpdate",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = EVP_CipherFinal(&cipherCtx, out + updateLen, &finalLen);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "EVP_CipherFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EVP_CipherFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     EVP_CIPHER_CTX_cleanup(&cipherCtx);
 
     return(updateLen + finalLen);
-}	      
-
-static int 
-xmlSecOpenSSLKWDes3BufferReverse(xmlSecByte *buf, xmlSecSize size) {
-    xmlSecSize s;
-    xmlSecSize i;
-    xmlSecByte c;
-    
-    xmlSecAssert2(buf != NULL, -1);
-    
-    s = size / 2;
-    --size;
-    for(i = 0; i < s; ++i) {
-	c = buf[i];
-	buf[i] = buf[size - i];
-	buf[size - i] = c;
-    }
-    return(0);
 }
 
+
 #endif /* XMLSEC_NO_DES */
 
diff --git a/src/openssl/signatures.c b/src/openssl/signatures.c
index 2a16983a..7e3dbc7d 100644
--- a/src/openssl/signatures.c
+++ b/src/openssl/signatures.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -23,24 +23,61 @@
 #include <xmlsec/openssl/evp.h>
 
 #ifndef XMLSEC_NO_DSA
-#define XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE			40
-static const EVP_MD *xmlSecOpenSSLDsaSha1Evp			(void);
+
+#define XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE                       (20 * 2)
+
+#ifndef XMLSEC_NO_SHA1
+static const EVP_MD *xmlSecOpenSSLDsaSha1Evp                    (void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+#ifdef XMLSEC_OPENSSL_100
+static const EVP_MD *xmlSecOpenSSLDsaSha256Evp                  (void);
+#endif /* XMLSEC_OPENSSL_100 */
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_ECDSA
+
+#define XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE                     ((512 / 8) * 2)
+
+#ifndef XMLSEC_NO_SHA1
+static const EVP_MD *xmlSecOpenSSLEcdsaSha1Evp                  (void);
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+static const EVP_MD *xmlSecOpenSSLEcdsaSha224Evp                (void);
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+static const EVP_MD *xmlSecOpenSSLEcdsaSha256Evp                (void);
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+static const EVP_MD *xmlSecOpenSSLEcdsaSha384Evp                (void);
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+static const EVP_MD *xmlSecOpenSSLEcdsaSha512Evp                (void);
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
 
 /**************************************************************************
  *
  * Internal OpenSSL evp signatures ctx
  *
  *****************************************************************************/
-typedef struct _xmlSecOpenSSLEvpSignatureCtx	xmlSecOpenSSLEvpSignatureCtx, 
-						*xmlSecOpenSSLEvpSignatureCtxPtr;
+typedef struct _xmlSecOpenSSLEvpSignatureCtx    xmlSecOpenSSLEvpSignatureCtx,
+                                                *xmlSecOpenSSLEvpSignatureCtxPtr;
 struct _xmlSecOpenSSLEvpSignatureCtx {
-    const EVP_MD* 	digest;
-    EVP_MD_CTX		digestCtx;
-    xmlSecKeyDataId	keyId;
-    EVP_PKEY* 		pKey;
-};	    
+    const EVP_MD*       digest;
+    EVP_MD_CTX          digestCtx;
+    xmlSecKeyDataId     keyId;
+    EVP_PKEY*           pKey;
+};
 
 /******************************************************************************
  *
@@ -49,25 +86,25 @@ struct _xmlSecOpenSSLEvpSignatureCtx {
  * xmlSecOpenSSLEvpSignatureCtx is located after xmlSecTransform
  *
  *****************************************************************************/
-#define xmlSecOpenSSLEvpSignatureSize	\
+#define xmlSecOpenSSLEvpSignatureSize   \
     (sizeof(xmlSecTransform) + sizeof(xmlSecOpenSSLEvpSignatureCtx))
 #define xmlSecOpenSSLEvpSignatureGetCtx(transform) \
     ((xmlSecOpenSSLEvpSignatureCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int	xmlSecOpenSSLEvpSignatureCheckId		(xmlSecTransformPtr transform);
-static int	xmlSecOpenSSLEvpSignatureInitialize		(xmlSecTransformPtr transform);
-static void	xmlSecOpenSSLEvpSignatureFinalize		(xmlSecTransformPtr transform);
-static int  	xmlSecOpenSSLEvpSignatureSetKeyReq		(xmlSecTransformPtr transform, 
-								 xmlSecKeyReqPtr keyReq);
-static int	xmlSecOpenSSLEvpSignatureSetKey			(xmlSecTransformPtr transform,
-								 xmlSecKeyPtr key);
-static int  	xmlSecOpenSSLEvpSignatureVerify			(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 xmlSecTransformCtxPtr transformCtx);
-static int	xmlSecOpenSSLEvpSignatureExecute		(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpSignatureCheckId                (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLEvpSignatureInitialize             (xmlSecTransformPtr transform);
+static void     xmlSecOpenSSLEvpSignatureFinalize               (xmlSecTransformPtr transform);
+static int      xmlSecOpenSSLEvpSignatureSetKeyReq              (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyReqPtr keyReq);
+static int      xmlSecOpenSSLEvpSignatureSetKey                 (xmlSecTransformPtr transform,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecOpenSSLEvpSignatureVerify                 (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int      xmlSecOpenSSLEvpSignatureExecute                (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static int
 xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
@@ -75,148 +112,258 @@ xmlSecOpenSSLEvpSignatureCheckId(xmlSecTransformPtr transform) {
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha1Id)) {
-	return(1);
+        return(1);
     } else
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_ECDSA
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha1Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha224Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha256Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha384Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha512Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
 #ifndef XMLSEC_NO_RSA
 
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
-	return(1);
-    } else 
+        return(1);
+    } else
 #endif /* XMLSEC_NO_SHA512 */
 
 #endif /* XMLSEC_NO_RSA */
-    
+
+#ifndef XMLSEC_NO_GOST
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
+        return(1);
+    } else
+#endif /* XMLSEC_NO_GOST*/
+
     {
-	return(0);
+        return(0);
     }
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
 
     ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
 
-    memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
 
 #ifndef XMLSEC_NO_DSA
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha1Id)) {
-	ctx->digest	= xmlSecOpenSSLDsaSha1Evp();
-	ctx->keyId	= xmlSecOpenSSLKeyDataDsaId;
-    } else 
+        ctx->digest     = xmlSecOpenSSLDsaSha1Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataDsaId;
+    } else
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+#ifdef XMLSEC_OPENSSL_100
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformDsaSha256Id)) {
+        ctx->digest     = xmlSecOpenSSLDsaSha256Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataDsaId;
+    } else
+#endif /* XMLSEC_OPENSSL_100 */
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_ECDSA
+
+#ifndef XMLSEC_NO_SHA1
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha1Id)) {
+        ctx->digest     = xmlSecOpenSSLEcdsaSha1Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataEcdsaId;
+    } else
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha224Id)) {
+        ctx->digest     = xmlSecOpenSSLEcdsaSha224Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataEcdsaId;
+    } else
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha256Id)) {
+        ctx->digest     = xmlSecOpenSSLEcdsaSha256Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataEcdsaId;
+    } else
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha384Id)) {
+        ctx->digest     = xmlSecOpenSSLEcdsaSha384Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataEcdsaId;
+    } else
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformEcdsaSha512Id)) {
+        ctx->digest     = xmlSecOpenSSLEcdsaSha512Evp();
+        ctx->keyId      = xmlSecOpenSSLKeyDataEcdsaId;
+    } else
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
 #ifndef XMLSEC_NO_RSA
 
 #ifndef XMLSEC_NO_MD5
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaMd5Id)) {
-	ctx->digest	= EVP_md5();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_md5();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_MD5 */
 
 #ifndef XMLSEC_NO_RIPEMD160
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaRipemd160Id)) {
-	ctx->digest	= EVP_ripemd160();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_ripemd160();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_RIPEMD160 */
 
 #ifndef XMLSEC_NO_SHA1
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha1Id)) {
-	ctx->digest	= EVP_sha1();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_sha1();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_SHA1 */
 
 #ifndef XMLSEC_NO_SHA224
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha224Id)) {
-	ctx->digest	= EVP_sha224();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_sha224();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_SHA224 */
 
 #ifndef XMLSEC_NO_SHA256
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha256Id)) {
-	ctx->digest	= EVP_sha256();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_sha256();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_SHA256 */
 
 #ifndef XMLSEC_NO_SHA384
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha384Id)) {
-	ctx->digest	= EVP_sha384();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_sha384();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_SHA384 */
 
 #ifndef XMLSEC_NO_SHA512
     if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformRsaSha512Id)) {
-	ctx->digest	= EVP_sha512();
-	ctx->keyId	= xmlSecOpenSSLKeyDataRsaId;
-    } else 
+        ctx->digest     = EVP_sha512();
+        ctx->keyId      = xmlSecOpenSSLKeyDataRsaId;
+    } else
 #endif /* XMLSEC_NO_SHA512 */
 
 #endif /* XMLSEC_NO_RSA */
 
+#ifndef XMLSEC_NO_GOST
+    if(xmlSecTransformCheckId(transform, xmlSecOpenSSLTransformGost2001GostR3411_94Id)) {
+        ctx->keyId          = xmlSecOpenSSLKeyDataGost2001Id;
+        ctx->digest = EVP_get_digestbyname("md_gost94");
+				if (!ctx->digest)
+				{
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+				}
+    } else
+#endif /* XMLSEC_NO_GOST*/
+
     if(1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 #ifndef XMLSEC_OPENSSL_096
@@ -225,7 +372,7 @@ xmlSecOpenSSLEvpSignatureInitialize(xmlSecTransformPtr transform) {
     return(0);
 }
 
-static void 
+static void
 xmlSecOpenSSLEvpSignatureFinalize(xmlSecTransformPtr transform) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
 
@@ -234,18 +381,18 @@ xmlSecOpenSSLEvpSignatureFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
 
 #ifndef XMLSEC_OPENSSL_096
     EVP_MD_CTX_cleanup(&(ctx->digestCtx));
 #endif /* XMLSEC_OPENSSL_096 */
-    memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));    
+    memset(ctx, 0, sizeof(xmlSecOpenSSLEvpSignatureCtx));
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
     xmlSecKeyDataPtr value;
@@ -264,35 +411,35 @@ xmlSecOpenSSLEvpSignatureSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key)
 
     value = xmlSecKeyGetValue(key);
     xmlSecAssert2(value != NULL, -1);
-    
+
     pKey = xmlSecOpenSSLEvpKeyDataGetEvp(value);
     if(pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLEvpKeyDataGetEvp",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLEvpKeyDataGetEvp",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     if(ctx->pKey != NULL) {
-	EVP_PKEY_free(ctx->pKey);
+        EVP_PKEY_free(ctx->pKey);
     }
 
     ctx->pKey = xmlSecOpenSSLEvpKeyDup(pKey);
     if(ctx->pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecOpenSSLEvpKeyDup",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecOpenSSLEvpKeyDup",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-static int  
+static int
 xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPtr keyReq) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
 
@@ -308,22 +455,22 @@ xmlSecOpenSSLEvpSignatureSetKeyReq(xmlSecTransformPtr transform,  xmlSecKeyReqPt
     keyReq->keyId        = ctx->keyId;
     if(transform->operation == xmlSecTransformOperationSign) {
         keyReq->keyType  = xmlSecKeyDataTypePrivate;
-	keyReq->keyUsage = xmlSecKeyUsageSign;
+        keyReq->keyUsage = xmlSecKeyUsageSign;
     } else {
         keyReq->keyType  = xmlSecKeyDataTypePublic;
-	keyReq->keyUsage = xmlSecKeyUsageVerify;
+        keyReq->keyUsage = xmlSecKeyUsageVerify;
     }
     return(0);
 }
 
 
 static int
-xmlSecOpenSSLEvpSignatureVerify(xmlSecTransformPtr transform, 
-			const xmlSecByte* data, xmlSecSize dataSize,
-			xmlSecTransformCtxPtr transformCtx) {
+xmlSecOpenSSLEvpSignatureVerify(xmlSecTransformPtr transform,
+                        const xmlSecByte* data, xmlSecSize dataSize,
+                        xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
     xmlSecAssert2(transform->operation == xmlSecTransformOperationVerify, -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
@@ -336,33 +483,34 @@ xmlSecOpenSSLEvpSignatureVerify(xmlSecTransformPtr transform,
 
     ret = EVP_VerifyFinal(&(ctx->digestCtx), (xmlSecByte*)data, dataSize, ctx->pKey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "EVP_VerifyFinal",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "EVP_VerifyFinal",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     } else if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "EVP_VerifyFinal",
-		    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
-		    "signature do not match");
-	transform->status = xmlSecTransformStatusFail;
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "EVP_VerifyFinal",
+                    XMLSEC_ERRORS_R_DATA_NOT_MATCH,
+                    "signature do not match");
+        transform->status = xmlSecTransformStatusFail;
+        return(0);
     }
-        
+
     transform->status = xmlSecTransformStatusOk;
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecOpenSSLEvpSignatureCtxPtr ctx;
     xmlSecBufferPtr in, out;
-    xmlSecSize inSize, outSize;
+    xmlSecSize inSize;
+    xmlSecSize outSize;
     int ret;
-    
+
     xmlSecAssert2(xmlSecOpenSSLEvpSignatureCheckId(transform), -1);
     xmlSecAssert2((transform->operation == xmlSecTransformOperationSign) || (transform->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecOpenSSLEvpSignatureSize), -1);
@@ -374,274 +522,213 @@ xmlSecOpenSSLEvpSignatureExecute(xmlSecTransformPtr transform, int last, xmlSecT
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
-    
+    outSize = xmlSecBufferGetSize(out);
+
     ctx = xmlSecOpenSSLEvpSignatureGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->digest != NULL, -1);
     xmlSecAssert2(ctx->pKey != NULL, -1);
 
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlSecAssert2(outSize == 0, -1);
-	
-	if(transform->operation == xmlSecTransformOperationSign) {
+        xmlSecAssert2(outSize == 0, -1);
+
+        if(transform->operation == xmlSecTransformOperationSign) {
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_SignInit(&(ctx->digestCtx), ctx->digest);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_SignInit",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
+            ret = EVP_SignInit(&(ctx->digestCtx), ctx->digest);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_SignInit",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_SignInit(&(ctx->digestCtx), ctx->digest);
+            EVP_SignInit(&(ctx->digestCtx), ctx->digest);
 #endif /* XMLSEC_OPENSSL_096 */
-	} else {
+        } else {
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_VerifyInit",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
+            ret = EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_VerifyInit",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
+            EVP_VerifyInit(&(ctx->digestCtx), ctx->digest);
 #endif /* XMLSEC_OPENSSL_096 */
-	}
-	transform->status = xmlSecTransformStatusWorking;
+        }
+        transform->status = xmlSecTransformStatusWorking;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) && (inSize > 0)) {
-	xmlSecAssert2(outSize == 0, -1);
+        xmlSecAssert2(outSize == 0, -1);
 
-	if(transform->operation == xmlSecTransformOperationSign) {
+        if(transform->operation == xmlSecTransformOperationSign) {
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_SignUpdate",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
+            ret = EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_SignUpdate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            EVP_SignUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
 #endif /* XMLSEC_OPENSSL_096 */
-	} else {
+        } else {
 #ifndef XMLSEC_OPENSSL_096
-	    ret = EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_VerifyUpdate",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
+            ret = EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_VerifyUpdate",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
 #else /* XMLSEC_OPENSSL_096 */
-	    EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
+            EVP_VerifyUpdate(&(ctx->digestCtx), xmlSecBufferGetData(in), inSize);
 #endif /* XMLSEC_OPENSSL_096 */
-	}
-	    
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	xmlSecAssert2(outSize == 0, -1);
-	if(transform->operation == xmlSecTransformOperationSign) {
-	    /* this is a hack: for rsa signatures 
-	     * we get size from EVP_PKEY_size(),
-	     * for dsa signature we use a fixed constant */
-	    outSize = EVP_PKEY_size(ctx->pKey);
-#ifndef XMLSEC_NO_DSA 
-	    if(outSize < XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE) {
-		outSize = XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE;
-	    }
-#endif /* XMLSEC_NO_DSA */ 
-
-	    ret = xmlSecBufferSetMaxSize(out, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetMaxSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		return(-1);
-	    }
-	
-	    ret = EVP_SignFinal(&(ctx->digestCtx), xmlSecBufferGetData(out), &outSize, ctx->pKey);
-	    if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "EVP_SignFinal",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-		
-	    ret = xmlSecBufferSetSize(out, outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE, 
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		return(-1);
-	    }
-	}
-	transform->status = xmlSecTransformStatusFinished;
+        xmlSecAssert2(outSize == 0, -1);
+        if(transform->operation == xmlSecTransformOperationSign) {
+            unsigned int signSize;
+
+            /* this is a hack: for rsa signatures
+             * we get size from EVP_PKEY_size(),
+             * for dsa signature we use a fixed constant */
+            signSize = EVP_PKEY_size(ctx->pKey);
+#ifndef XMLSEC_NO_DSA
+            if(signSize < XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE) {
+                signSize = XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE;
+            }
+#endif /* XMLSEC_NO_DSA */
+#ifndef XMLSEC_NO_ECDSA
+            if(signSize < XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE) {
+                signSize = XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE;
+            }
+#endif /* XMLSEC_NO_ECDSA */
+
+            ret = xmlSecBufferSetMaxSize(out, signSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetMaxSize",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%u", signSize);
+                return(-1);
+            }
+
+            ret = EVP_SignFinal(&(ctx->digestCtx), xmlSecBufferGetData(out), &signSize, ctx->pKey);
+            if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "EVP_SignFinal",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            ret = xmlSecBufferSetSize(out, signSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetSize",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%u", signSize);
+                return(-1);
+            }
+        }
+        transform->status = xmlSecTransformStatusFinished;
     }
-    
+
     if((transform->status == xmlSecTransformStatusWorking) || (transform->status == xmlSecTransformStatusFinished)) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(xmlSecBufferGetSize(&(transform->inBuf)) == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 #ifndef XMLSEC_NO_DSA
-
-#ifndef XMLSEC_NO_SHA1
-/****************************************************************************
- *
- * DSA-SHA1 signature transform
- *
- ***************************************************************************/
-
-static xmlSecTransformKlass xmlSecOpenSSLDsaSha1Klass = {
-    /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameDsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefDsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
-};
-
-/**
- * xmlSecOpenSSLTransformDsaSha1GetKlass:
- * 
- * The DSA-SHA1 signature transform klass.
- *
- * Returns: DSA-SHA1 signature transform klass.
- */
-xmlSecTransformId 
-xmlSecOpenSSLTransformDsaSha1GetKlass(void) {
-    return(&xmlSecOpenSSLDsaSha1Klass);
-}
-
 /****************************************************************************
  *
- * DSA-SHA1 EVP
+ * DSA EVP
  *
- * XMLDSig specifies dsa signature packing not supported by OpenSSL so 
+ * XMLDSig specifies DSA signature packing not supported by OpenSSL so
  * we created our own EVP_MD.
  *
  * http://www.w3.org/TR/xmldsig-core/#sec-SignatureAlg:
- * 
- * The output of the DSA algorithm consists of a pair of integers 
- * usually referred by the pair (r, s). The signature value consists of 
- * the base64 encoding of the concatenation of two octet-streams that 
- * respectively result from the octet-encoding of the values r and s in 
- * that order. Integer to octet-stream conversion must be done according 
- * to the I2OSP operation defined in the RFC 2437 [PKCS1] specification 
- * with a l parameter equal to 20. For example, the SignatureValue element 
+ *
+ * The output of the DSA algorithm consists of a pair of integers
+ * usually referred by the pair (r, s). The signature value consists of
+ * the base64 encoding of the concatenation of two octet-streams that
+ * respectively result from the octet-encoding of the values r and s in
+ * that order. Integer to octet-stream conversion must be done according
+ * to the I2OSP operation defined in the RFC 2437 [PKCS1] specification
+ * with a l parameter equal to 20. For example, the SignatureValue element
  * for a DSA signature (r, s) with values specified in hexadecimal:
  *
- *  r = 8BAC1AB6 6410435C B7181F95 B16AB97C 92B341C0 
+ *  r = 8BAC1AB6 6410435C B7181F95 B16AB97C 92B341C0
  *  s = 41E2345F 1F56DF24 58F426D1 55B4BA2D B6DCD8C8
- *       
+ *
  * from the example in Appendix 5 of the DSS standard would be
- *        
+ *
  * <SignatureValue>i6watmQQQ1y3GB+VsWq5fJKzQcBB4jRfH1bfJFj0JtFVtLotttzYyA==</SignatureValue>
  *
  ***************************************************************************/
-#ifndef XMLSEC_OPENSSL_096
-static int 
-xmlSecOpenSSLDsaSha1EvpInit(EVP_MD_CTX *ctx)
-{ 
-    return SHA1_Init(ctx->md_data); 
-}
-
-static int 
-xmlSecOpenSSLDsaSha1EvpUpdate(EVP_MD_CTX *ctx,const void *data,unsigned long count)
-{ 
-    return SHA1_Update(ctx->md_data,data,count); 
-}
-
-static int 
-xmlSecOpenSSLDsaSha1EvpFinal(EVP_MD_CTX *ctx,xmlSecByte *md)
-{ 
-    return SHA1_Final(md,ctx->md_data); 
-}
-#endif /* XMLSEC_OPENSSL_096 */
-
-static int 	
-xmlSecOpenSSLDsaSha1EvpSign(int type ATTRIBUTE_UNUSED, 
-			const xmlSecByte *dgst, int dlen,
-			xmlSecByte *sig, unsigned int *siglen, DSA *dsa) {
+static int
+xmlSecOpenSSLDsaEvpSign(int type ATTRIBUTE_UNUSED,
+                        const unsigned char *dgst, unsigned int dlen,
+                        unsigned char *sig, unsigned int *siglen, void *dsa) {
     DSA_SIG *s;
     int rSize, sSize;
 
     s = DSA_do_sign(dgst, dlen, dsa);
     if(s == NULL) {
-	*siglen=0;
-	return(0);
+        *siglen=0;
+        return(0);
     }
 
     rSize = BN_num_bytes(s->r);
     sSize = BN_num_bytes(s->s);
     if((rSize > (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2)) ||
        (sSize > (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2))) {
-
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "size(r)=%d or size(s)=%d > %d", 
-		    rSize, sSize, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2);
-	DSA_SIG_free(s);
-	return(0);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "size(r)=%d or size(s)=%d > %d",
+                    rSize, sSize, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2);
+        DSA_SIG_free(s);
+        return(0);
+    }
 
     memset(sig, 0, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE);
     BN_bn2bin(s->r, sig + (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2) - rSize);
@@ -649,51 +736,118 @@ xmlSecOpenSSLDsaSha1EvpSign(int type ATTRIBUTE_UNUSED,
     *siglen = XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE;
 
     DSA_SIG_free(s);
-    return(1);    
+    return(1);
 }
 
-static int 
-xmlSecOpenSSLDsaSha1EvpVerify(int type ATTRIBUTE_UNUSED, 
-			const xmlSecByte *dgst, int dgst_len,
-			const xmlSecByte *sigbuf, int siglen, DSA *dsa) {
-    DSA_SIG *s;    
+static int
+xmlSecOpenSSLDsaEvpVerify(int type ATTRIBUTE_UNUSED,
+                        const unsigned char *dgst, unsigned int dgst_len,
+                        const unsigned char *sigbuf, unsigned int siglen,
+                        void *dsa) {
+    DSA_SIG *s;
     int ret = -1;
 
     s = DSA_SIG_new();
     if (s == NULL) {
-	return(ret);
+        return(ret);
     }
 
     if(siglen != XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "invalid length %d (%d expected)",
-		    siglen, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE);
-	goto err;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "invalid length %d (%d expected)",
+                    siglen, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE);
+        goto done;
     }
 
     s->r = BN_bin2bn(sigbuf, XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2, NULL);
-    s->s = BN_bin2bn(sigbuf + (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2), 
-		       XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2, NULL);
+    s->s = BN_bin2bn(sigbuf + (XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2),
+                       XMLSEC_OPENSSL_DSA_SIGNATURE_SIZE / 2, NULL);
     if((s->r == NULL) || (s->s == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BN_bin2bn",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto err;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_bin2bn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = DSA_do_verify(dgst, dgst_len, s, dsa);
 
-err:
+done:
     DSA_SIG_free(s);
     return(ret);
 }
 
-static const EVP_MD xmlSecOpenSSLDsaMdEvp = {
+#ifndef XMLSEC_NO_SHA1
+/****************************************************************************
+ *
+ * DSA-SHA1 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLDsaSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameDsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefDsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformDsaSha1GetKlass:
+ *
+ * The DSA-SHA1 signature transform klass.
+ *
+ * Returns: DSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformDsaSha1GetKlass(void) {
+    return(&xmlSecOpenSSLDsaSha1Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLDsaSha1EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLDsaSha1EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLDsaSha1EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLDsaSha1MdEvp = {
     NID_dsaWithSHA,
     NID_dsaWithSHA,
     SHA_DIGEST_LENGTH,
@@ -709,21 +863,799 @@ static const EVP_MD xmlSecOpenSSLDsaMdEvp = {
     SHA1_Update,
     SHA1_Final,
 #endif /* XMLSEC_OPENSSL_096 */
-    xmlSecOpenSSLDsaSha1EvpSign,
-    xmlSecOpenSSLDsaSha1EvpVerify, 
+    xmlSecOpenSSLDsaEvpSign,
+    xmlSecOpenSSLDsaEvpVerify,
     {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,EVP_PKEY_DSA4,0},
     SHA_CBLOCK,
-    sizeof(EVP_MD *)+sizeof(SHA_CTX),
+    sizeof(EVP_MD *)+sizeof(SHA_CTX)
+#ifdef XMLSEC_OPENSSL_100
+   , NULL
+#endif /* XMLSEC_OPENSSL_100 */
 };
 
 static const EVP_MD *xmlSecOpenSSLDsaSha1Evp(void)
 {
-    return(&xmlSecOpenSSLDsaMdEvp);
+    return(&xmlSecOpenSSLDsaSha1MdEvp);
 }
+
 #endif /* XMLSEC_NO_SHA1 */
 
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * DSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLDsaSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameDsaSha256,                        /* const xmlChar* name; */
+    xmlSecHrefDsaSha256,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformDsaSha256GetKlass:
+ *
+ * The DSA-SHA256 signature transform klass.
+ *
+ * Returns: DSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformDsaSha256GetKlass(void) {
+    return(&xmlSecOpenSSLDsaSha256Klass);
+}
+
+#ifdef XMLSEC_OPENSSL_100
+static int
+xmlSecOpenSSLDsaSha256EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA256_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLDsaSha256EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA256_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLDsaSha256EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA256_Final(md,ctx->md_data);
+}
+
+static const EVP_MD xmlSecOpenSSLDsaSha256MdEvp = {
+    NID_dsa_with_SHA256,
+    NID_dsa_with_SHA256,
+    SHA256_DIGEST_LENGTH,
+    0,
+    xmlSecOpenSSLDsaSha256EvpInit,
+    xmlSecOpenSSLDsaSha256EvpUpdate,
+    xmlSecOpenSSLDsaSha256EvpFinal,
+    NULL,
+    NULL,
+    xmlSecOpenSSLDsaEvpSign,
+    xmlSecOpenSSLDsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,EVP_PKEY_DSA4,0},
+    SHA256_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA256_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLDsaSha256Evp(void)
+{
+    return(&xmlSecOpenSSLDsaSha256MdEvp);
+}
+#endif /* XMLSEC_OPENSSL_100 */
+
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+#ifndef XMLSEC_NO_ECDSA
+/****************************************************************************
+ *
+ * ECDSA EVP
+ *
+ * NIST-IR-7802 (TMSAD) specifies ECDSA signature packing not supported by
+ * OpenSSL so we created our own EVP_MD.
+ *
+ * http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7802
+ *
+ * The ECDSA algorithm signature is a pair of integers referred to as (r, s).
+ * The <dsig:SignatureValue> consists of the base64 [RFC2045] encoding of the
+ * concatenation of two octet-streams that respectively result from the
+ * octet-encoding of the values r and s, in that order. Integer to
+ * octet-stream conversion MUST be done according to the I2OSP operation
+ * defined in Section 4.1 of RFC 3447 [PKCS1] with the xLen parameter equal
+ * to the size of the base point order of the curve in bytes (32 for the
+ * P-256 curve).
+ *
+ ***************************************************************************/
+static int
+xmlSecOpenSSLEcdsaEvpSign(int type ATTRIBUTE_UNUSED,
+                        const unsigned char *dgst, unsigned int dlen,
+                        unsigned char *sig, unsigned int *siglen, void *ecdsa) {
+    int rSize, sSize, xLen;
+    const EC_GROUP *group;
+    BIGNUM *order = NULL;
+    ECDSA_SIG *s;
+    int ret = 0;
+
+    s = ECDSA_do_sign(dgst, dlen, ecdsa);
+    if(s == NULL) {
+        *siglen = 0;
+        return(ret);
+    }
+
+    group = EC_KEY_get0_group(ecdsa);
+    if(group == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_KEY_get0_group",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    order = BN_new();
+    if(order == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    if(EC_GROUP_get_order(group, order, NULL) != 1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_GROUP_get_order",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    xLen = BN_num_bytes(order);
+    if(xLen > (XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "xLen=%d > %d",
+                    xLen, XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2);
+        goto done;
+    }
+
+    rSize = BN_num_bytes(s->r);
+    sSize = BN_num_bytes(s->s);
+    if((rSize > xLen) || (sSize > xLen)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "size(r)=%d or size(s)=%d > %d",
+                    rSize, sSize, xLen);
+        goto done;
+    }
+
+    memset(sig, 0, xLen * 2);
+    BN_bn2bin(s->r, sig + xLen - rSize);
+    BN_bn2bin(s->s, sig + (xLen * 2) - sSize);
+    *siglen = xLen * 2;
+
+    ret = 1;
+
+done:
+    if(order != NULL) {
+        BN_clear_free(order);
+    }
+    ECDSA_SIG_free(s);
+    return(ret);
+}
+
+static int
+xmlSecOpenSSLEcdsaEvpVerify(int type ATTRIBUTE_UNUSED,
+                        const unsigned char *dgst, unsigned int dgst_len,
+                        const unsigned char *sigbuf, unsigned int siglen,
+                        void *ecdsa) {
+    const EC_GROUP *group;
+    unsigned int xLen;
+    BIGNUM *order = NULL;
+    ECDSA_SIG *s;
+    int ret = -1;
+
+    s = ECDSA_SIG_new();
+    if (s == NULL) {
+        return(ret);
+    }
+
+    group = EC_KEY_get0_group(ecdsa);
+    if(group == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_KEY_get0_group",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    order = BN_new();
+    if(order == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    if(EC_GROUP_get_order(group, order, NULL) != 1) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "EC_GROUP_get_order",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    xLen = BN_num_bytes(order);
+    if(xLen > (XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "xLen=%d > %d",
+                    xLen, XMLSEC_OPENSSL_ECDSA_SIGNATURE_SIZE / 2);
+        goto done;
+    }
+
+    if(siglen != xLen * 2) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "invalid length %d (%d expected)",
+                    siglen, xLen * 2);
+        goto done;
+    }
+
+    s->r = BN_bin2bn(sigbuf, xLen, NULL);
+    s->s = BN_bin2bn(sigbuf + xLen, xLen, NULL);
+    if((s->r == NULL) || (s->s == NULL)) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_bin2bn",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    ret = ECDSA_do_verify(dgst, dgst_len, s, ecdsa);
+
+done:
+    if(order != NULL) {
+        BN_clear_free(order);
+    }
+    ECDSA_SIG_free(s);
+    return(ret);
+}
+
+#ifndef XMLSEC_NO_SHA1
+/****************************************************************************
+ *
+ * ECDSA-SHA1 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha1Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameEcdsaSha1,                        /* const xmlChar* name; */
+    xmlSecHrefEcdsaSha1,                        /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformEcdsaSha1GetKlass:
+ *
+ * The ECDSA-SHA1 signature transform klass.
+ *
+ * Returns: ECDSA-SHA1 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformEcdsaSha1GetKlass(void) {
+    return(&xmlSecOpenSSLEcdsaSha1Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLEcdsaSha1EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha1EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha1EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLEcdsaSha1MdEvp = {
+    NID_ecdsa_with_SHA1,
+    NID_ecdsa_with_SHA1,
+    SHA_DIGEST_LENGTH,
+#ifndef XMLSEC_OPENSSL_096
+    0,
+    xmlSecOpenSSLEcdsaSha1EvpInit,
+    xmlSecOpenSSLEcdsaSha1EvpUpdate,
+    xmlSecOpenSSLEcdsaSha1EvpFinal,
+    NULL,
+    NULL,
+#else /* XMLSEC_OPENSSL_096 */
+    SHA1_Init,
+    SHA1_Update,
+    SHA1_Final,
+#endif /* XMLSEC_OPENSSL_096 */
+    xmlSecOpenSSLEcdsaEvpSign,
+    xmlSecOpenSSLEcdsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA1,0,0,0},
+    SHA_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLEcdsaSha1Evp(void)
+{
+    return(&xmlSecOpenSSLEcdsaSha1MdEvp);
+}
+
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+/****************************************************************************
+ *
+ * ECDSA-SHA224 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha224Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameEcdsaSha224,                      /* const xmlChar* name; */
+    xmlSecHrefEcdsaSha224,                      /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformEcdsaSha224GetKlass:
+ *
+ * The ECDSA-SHA224 signature transform klass.
+ *
+ * Returns: ECDSA-SHA224 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformEcdsaSha224GetKlass(void) {
+    return(&xmlSecOpenSSLEcdsaSha224Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLEcdsaSha224EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA224_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha224EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA224_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha224EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA224_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLEcdsaSha224MdEvp = {
+    NID_ecdsa_with_SHA224,
+    NID_ecdsa_with_SHA224,
+    SHA224_DIGEST_LENGTH,
+#ifndef XMLSEC_OPENSSL_096
+    0,
+    xmlSecOpenSSLEcdsaSha224EvpInit,
+    xmlSecOpenSSLEcdsaSha224EvpUpdate,
+    xmlSecOpenSSLEcdsaSha224EvpFinal,
+    NULL,
+    NULL,
+#else /* XMLSEC_OPENSSL_096 */
+    SHA224_Init,
+    SHA224_Update,
+    SHA224_Final,
+#endif /* XMLSEC_OPENSSL_096 */
+    xmlSecOpenSSLEcdsaEvpSign,
+    xmlSecOpenSSLEcdsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA224,0,0,0},
+    SHA256_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA256_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLEcdsaSha224Evp(void)
+{
+    return(&xmlSecOpenSSLEcdsaSha224MdEvp);
+}
+
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+/****************************************************************************
+ *
+ * ECDSA-SHA256 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha256Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameEcdsaSha256,                      /* const xmlChar* name; */
+    xmlSecHrefEcdsaSha256,                      /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformEcdsaSha256GetKlass:
+ *
+ * The ECDSA-SHA256 signature transform klass.
+ *
+ * Returns: ECDSA-SHA256 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformEcdsaSha256GetKlass(void) {
+    return(&xmlSecOpenSSLEcdsaSha256Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLEcdsaSha256EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA256_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha256EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA256_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha256EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA256_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLEcdsaSha256MdEvp = {
+    NID_ecdsa_with_SHA256,
+    NID_ecdsa_with_SHA256,
+    SHA256_DIGEST_LENGTH,
+#ifndef XMLSEC_OPENSSL_096
+    0,
+    xmlSecOpenSSLEcdsaSha256EvpInit,
+    xmlSecOpenSSLEcdsaSha256EvpUpdate,
+    xmlSecOpenSSLEcdsaSha256EvpFinal,
+    NULL,
+    NULL,
+#else /* XMLSEC_OPENSSL_096 */
+    SHA256_Init,
+    SHA256_Update,
+    SHA256_Final,
+#endif /* XMLSEC_OPENSSL_096 */
+    xmlSecOpenSSLEcdsaEvpSign,
+    xmlSecOpenSSLEcdsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA256,0,0,0},
+    SHA256_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA256_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLEcdsaSha256Evp(void)
+{
+    return(&xmlSecOpenSSLEcdsaSha256MdEvp);
+}
+
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+/****************************************************************************
+ *
+ * ECDSA-SHA384 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha384Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameEcdsaSha384,                      /* const xmlChar* name; */
+    xmlSecHrefEcdsaSha384,                      /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformEcdsaSha384GetKlass:
+ *
+ * The ECDSA-SHA384 signature transform klass.
+ *
+ * Returns: ECDSA-SHA384 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformEcdsaSha384GetKlass(void) {
+    return(&xmlSecOpenSSLEcdsaSha384Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLEcdsaSha384EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA384_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha384EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA384_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha384EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA384_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLEcdsaSha384MdEvp = {
+    NID_ecdsa_with_SHA384,
+    NID_ecdsa_with_SHA384,
+    SHA384_DIGEST_LENGTH,
+#ifndef XMLSEC_OPENSSL_096
+    0,
+    xmlSecOpenSSLEcdsaSha384EvpInit,
+    xmlSecOpenSSLEcdsaSha384EvpUpdate,
+    xmlSecOpenSSLEcdsaSha384EvpFinal,
+    NULL,
+    NULL,
+#else /* XMLSEC_OPENSSL_096 */
+    SHA384_Init,
+    SHA384_Update,
+    SHA384_Final,
+#endif /* XMLSEC_OPENSSL_096 */
+    xmlSecOpenSSLEcdsaEvpSign,
+    xmlSecOpenSSLEcdsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA384,0,0,0},
+    SHA512_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA512_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLEcdsaSha384Evp(void)
+{
+    return(&xmlSecOpenSSLEcdsaSha384MdEvp);
+}
+
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+/****************************************************************************
+ *
+ * ECDSA-SHA512 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLEcdsaSha512Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameEcdsaSha512,                      /* const xmlChar* name; */
+    xmlSecHrefEcdsaSha512,                      /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformEcdsaSha512GetKlass:
+ *
+ * The ECDSA-SHA512 signature transform klass.
+ *
+ * Returns: ECDSA-SHA512 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformEcdsaSha512GetKlass(void) {
+    return(&xmlSecOpenSSLEcdsaSha512Klass);
+}
+
+#ifndef XMLSEC_OPENSSL_096
+static int
+xmlSecOpenSSLEcdsaSha512EvpInit(EVP_MD_CTX *ctx)
+{
+    return SHA512_Init(ctx->md_data);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha512EvpUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA512_Update(ctx->md_data,data,count);
+}
+
+static int
+xmlSecOpenSSLEcdsaSha512EvpFinal(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA512_Final(md,ctx->md_data);
+}
+#endif /* XMLSEC_OPENSSL_096 */
+
+static const EVP_MD xmlSecOpenSSLEcdsaSha512MdEvp = {
+    NID_ecdsa_with_SHA512,
+    NID_ecdsa_with_SHA512,
+    SHA512_DIGEST_LENGTH,
+#ifndef XMLSEC_OPENSSL_096
+    0,
+    xmlSecOpenSSLEcdsaSha512EvpInit,
+    xmlSecOpenSSLEcdsaSha512EvpUpdate,
+    xmlSecOpenSSLEcdsaSha512EvpFinal,
+    NULL,
+    NULL,
+#else /* XMLSEC_OPENSSL_096 */
+    SHA512_Init,
+    SHA512_Update,
+    SHA512_Final,
+#endif /* XMLSEC_OPENSSL_096 */
+    xmlSecOpenSSLEcdsaEvpSign,
+    xmlSecOpenSSLEcdsaEvpVerify,
+    /* XXX-MAK: This worries me, not sure that the keys are right. */
+    {NID_X9_62_id_ecPublicKey,NID_ecdsa_with_SHA512,0,0,0},
+    SHA512_CBLOCK,
+    sizeof(EVP_MD *)+sizeof(SHA512_CTX),
+    NULL
+};
+
+static const EVP_MD *xmlSecOpenSSLEcdsaSha512Evp(void)
+{
+    return(&xmlSecOpenSSLEcdsaSha512MdEvp);
+}
+
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
 #ifndef XMLSEC_NO_RSA
 
 #ifndef XMLSEC_NO_MD5
@@ -734,39 +1666,39 @@ static const EVP_MD *xmlSecOpenSSLDsaSha1Evp(void)
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaMd5Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaMd5,				/* const xmlChar* name; */
-    xmlSecHrefRsaMd5, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaMd5,                           /* const xmlChar* name; */
+    xmlSecHrefRsaMd5,                           /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaMd5GetKlass:
- * 
+ *
  * The RSA-MD5 signature transform klass.
  *
  * Returns: RSA-MD5 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaMd5GetKlass(void) {
     return(&xmlSecOpenSSLRsaMd5Klass);
 }
@@ -781,39 +1713,39 @@ xmlSecOpenSSLTransformRsaMd5GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaRipemd160Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaRipemd160,				/* const xmlChar* name; */
-    xmlSecHrefRsaRipemd160, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaRipemd160,                             /* const xmlChar* name; */
+    xmlSecHrefRsaRipemd160,                             /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaRipemd160GetKlass:
- * 
+ *
  * The RSA-RIPEMD160 signature transform klass.
  *
  * Returns: RSA-RIPEMD160 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaRipemd160GetKlass(void) {
     return(&xmlSecOpenSSLRsaRipemd160Klass);
 }
@@ -828,39 +1760,39 @@ xmlSecOpenSSLTransformRsaRipemd160GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaSha1Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha1,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha1, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha1,                          /* const xmlChar* name; */
+    xmlSecHrefRsaSha1,                          /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaSha1GetKlass:
- * 
+ *
  * The RSA-SHA1 signature transform klass.
  *
  * Returns: RSA-SHA1 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaSha1GetKlass(void) {
     return(&xmlSecOpenSSLRsaSha1Klass);
 }
@@ -875,39 +1807,39 @@ xmlSecOpenSSLTransformRsaSha1GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaSha224Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha224,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha224, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha224,                                /* const xmlChar* name; */
+    xmlSecHrefRsaSha224,                                /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaSha224GetKlass:
- * 
+ *
  * The RSA-SHA224 signature transform klass.
  *
  * Returns: RSA-SHA224 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaSha224GetKlass(void) {
     return(&xmlSecOpenSSLRsaSha224Klass);
 }
@@ -922,39 +1854,39 @@ xmlSecOpenSSLTransformRsaSha224GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaSha256Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha256,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha256, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha256,                                /* const xmlChar* name; */
+    xmlSecHrefRsaSha256,                                /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaSha256GetKlass:
- * 
+ *
  * The RSA-SHA256 signature transform klass.
  *
  * Returns: RSA-SHA256 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaSha256GetKlass(void) {
     return(&xmlSecOpenSSLRsaSha256Klass);
 }
@@ -969,39 +1901,39 @@ xmlSecOpenSSLTransformRsaSha256GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaSha384Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha384,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha384, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha384,                                /* const xmlChar* name; */
+    xmlSecHrefRsaSha384,                                /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaSha384GetKlass:
- * 
+ *
  * The RSA-SHA384 signature transform klass.
  *
  * Returns: RSA-SHA384 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaSha384GetKlass(void) {
     return(&xmlSecOpenSSLRsaSha384Klass);
 }
@@ -1016,39 +1948,39 @@ xmlSecOpenSSLTransformRsaSha384GetKlass(void) {
  ***************************************************************************/
 static xmlSecTransformKlass xmlSecOpenSSLRsaSha512Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecOpenSSLEvpSignatureSize,		/* xmlSecSize objSize */
-
-    xmlSecNameRsaSha512,				/* const xmlChar* name; */
-    xmlSecHrefRsaSha512, 				/* const xmlChar* href; */
-    xmlSecTransformUsageSignatureMethod,	/* xmlSecTransformUsage usage; */
-    
-    xmlSecOpenSSLEvpSignatureInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecOpenSSLEvpSignatureFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    xmlSecOpenSSLEvpSignatureSetKeyReq,		/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    xmlSecOpenSSLEvpSignatureSetKey,		/* xmlSecTransformSetKeyMethod setKey; */
-    xmlSecOpenSSLEvpSignatureVerify,		/* xmlSecTransformVerifyMethod verify; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecTransformDefaultPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecOpenSSLEvpSignatureExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,              /* xmlSecSize objSize */
+
+    xmlSecNameRsaSha512,                                /* const xmlChar* name; */
+    xmlSecHrefRsaSha512,                                /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,         /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,            /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,            /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLTransformRsaSha512GetKlass:
- * 
+ *
  * The RSA-SHA512 signature transform klass.
  *
  * Returns: RSA-SHA512 signature transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
     return(&xmlSecOpenSSLRsaSha512Klass);
 }
@@ -1058,4 +1990,52 @@ xmlSecOpenSSLTransformRsaSha512GetKlass(void) {
 #endif /* XMLSEC_NO_RSA */
 
 
+#ifndef XMLSEC_NO_GOST
+/****************************************************************************
+ *
+ * GOST2001-GOSTR3411_94 signature transform
+ *
+ ***************************************************************************/
+
+static xmlSecTransformKlass xmlSecOpenSSLGost2001GostR3411_94Klass = {
+    /* klass/object sizes */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecOpenSSLEvpSignatureSize,                /* xmlSecSize objSize */
+
+    xmlSecNameGost2001GostR3411_94,                             /* const xmlChar* name; */
+    xmlSecHrefGost2001GostR3411_94,                             /* const xmlChar* href; */
+    xmlSecTransformUsageSignatureMethod,        /* xmlSecTransformUsage usage; */
+
+    xmlSecOpenSSLEvpSignatureInitialize,          /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecOpenSSLEvpSignatureFinalize,            /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    xmlSecOpenSSLEvpSignatureSetKeyReq,           /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    xmlSecOpenSSLEvpSignatureSetKey,              /* xmlSecTransformSetKeyMethod setKey; */
+    xmlSecOpenSSLEvpSignatureVerify,              /* xmlSecTransformVerifyMethod verify; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecTransformDefaultPushBin,              /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecOpenSSLEvpSignatureExecute,             /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
+};
+
+/**
+ * xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass:
+ *
+ * The GOST2001-GOSTR3411_94 signature transform klass.
+ *
+ * Returns: GOST2001-GOSTR3411_94 signature transform klass.
+ */
+xmlSecTransformId
+xmlSecOpenSSLTransformGost2001GostR3411_94GetKlass(void) {
+    return(&xmlSecOpenSSLGost2001GostR3411_94Klass);
+}
+
+#endif /* XMLSEC_NO_GOST*/
+
 
diff --git a/src/openssl/symkeys.c b/src/openssl/symkeys.c
index fdcf2876..6195ed6d 100644
--- a/src/openssl/symkeys.c
+++ b/src/openssl/symkeys.c
@@ -1,12 +1,12 @@
-/** 
+/**
  *
  * XMLSec library
- * 
+ *
  * DES Algorithm support
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -27,43 +27,43 @@
 #include <xmlsec/openssl/crypto.h>
 
 /*****************************************************************************
- * 
+ *
  * Symmetic (binary) keys - just a wrapper for xmlSecKeyDataBinary
  *
  ****************************************************************************/
-static int	xmlSecOpenSSLSymKeyDataInitialize	(xmlSecKeyDataPtr data);
-static int	xmlSecOpenSSLSymKeyDataDuplicate	(xmlSecKeyDataPtr dst,
-							 xmlSecKeyDataPtr src);
-static void	xmlSecOpenSSLSymKeyDataFinalize		(xmlSecKeyDataPtr data);
-static int	xmlSecOpenSSLSymKeyDataXmlRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecOpenSSLSymKeyDataXmlWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlNodePtr node,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecOpenSSLSymKeyDataBinRead		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 const xmlSecByte* buf,
-							 xmlSecSize bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecOpenSSLSymKeyDataBinWrite		(xmlSecKeyDataId id,
-							 xmlSecKeyPtr key,
-							 xmlSecByte** buf,
-							 xmlSecSize* bufSize,
-							 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int	xmlSecOpenSSLSymKeyDataGenerate		(xmlSecKeyDataPtr data,
-							 xmlSecSize sizeBits,
-							 xmlSecKeyDataType type);
-
-static xmlSecKeyDataType xmlSecOpenSSLSymKeyDataGetType	(xmlSecKeyDataPtr data);
-static xmlSecSize	xmlSecOpenSSLSymKeyDataGetSize		(xmlSecKeyDataPtr data);
-static void	xmlSecOpenSSLSymKeyDataDebugDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static void	xmlSecOpenSSLSymKeyDataDebugXmlDump	(xmlSecKeyDataPtr data,
-							 FILE* output);
-static int	xmlSecOpenSSLSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
+static int      xmlSecOpenSSLSymKeyDataInitialize       (xmlSecKeyDataPtr data);
+static int      xmlSecOpenSSLSymKeyDataDuplicate        (xmlSecKeyDataPtr dst,
+                                                         xmlSecKeyDataPtr src);
+static void     xmlSecOpenSSLSymKeyDataFinalize         (xmlSecKeyDataPtr data);
+static int      xmlSecOpenSSLSymKeyDataXmlRead          (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecOpenSSLSymKeyDataXmlWrite         (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlNodePtr node,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecOpenSSLSymKeyDataBinRead          (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         const xmlSecByte* buf,
+                                                         xmlSecSize bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecOpenSSLSymKeyDataBinWrite         (xmlSecKeyDataId id,
+                                                         xmlSecKeyPtr key,
+                                                         xmlSecByte** buf,
+                                                         xmlSecSize* bufSize,
+                                                         xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int      xmlSecOpenSSLSymKeyDataGenerate         (xmlSecKeyDataPtr data,
+                                                         xmlSecSize sizeBits,
+                                                         xmlSecKeyDataType type);
+
+static xmlSecKeyDataType xmlSecOpenSSLSymKeyDataGetType (xmlSecKeyDataPtr data);
+static xmlSecSize       xmlSecOpenSSLSymKeyDataGetSize          (xmlSecKeyDataPtr data);
+static void     xmlSecOpenSSLSymKeyDataDebugDump        (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static void     xmlSecOpenSSLSymKeyDataDebugXmlDump     (xmlSecKeyDataPtr data,
+                                                         FILE* output);
+static int      xmlSecOpenSSLSymKeyDataKlassCheck       (xmlSecKeyDataKlass* klass);
 
 #define xmlSecOpenSSLSymKeyDataCheckId(data) \
     (xmlSecKeyDataIsValid((data)) && \
@@ -72,7 +72,7 @@ static int	xmlSecOpenSSLSymKeyDataKlassCheck	(xmlSecKeyDataKlass* klass);
 static int
 xmlSecOpenSSLSymKeyDataInitialize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), -1);
-    
+
     return(xmlSecKeyDataBinaryValueInitialize(data));
 }
 
@@ -81,48 +81,48 @@ xmlSecOpenSSLSymKeyDataDuplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(dst), -1);
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(src), -1);
     xmlSecAssert2(dst->id == src->id, -1);
-        
+
     return(xmlSecKeyDataBinaryValueDuplicate(dst, src));
 }
 
 static void
 xmlSecOpenSSLSymKeyDataFinalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
-    
+
     xmlSecKeyDataBinaryValueFinalize(data);
 }
 
 static int
 xmlSecOpenSSLSymKeyDataXmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-			       xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                               xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueXmlRead(id, key, node, keyInfoCtx));
 }
 
-static int 
+static int
 xmlSecOpenSSLSymKeyDataXmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueXmlWrite(id, key, node, keyInfoCtx));
 }
 
 static int
 xmlSecOpenSSLSymKeyDataBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueBinRead(id, key, buf, bufSize, keyInfoCtx));
 }
 
 static int
 xmlSecOpenSSLSymKeyDataBinWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    xmlSecByte** buf, xmlSecSize* bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlSecByte** buf, xmlSecSize* bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataKlassCheck(id), -1);
-    
+
     return(xmlSecKeyDataBinaryValueBinWrite(id, key, buf, bufSize, keyInfoCtx));
 }
 
@@ -135,7 +135,7 @@ xmlSecOpenSSLSymKeyDataGenerate(xmlSecKeyDataPtr data, xmlSecSize sizeBits, xmlS
 
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecOpenSSLGenerateRandom(buffer, (sizeBits + 7) / 8));
 }
 
@@ -151,46 +151,46 @@ xmlSecOpenSSLSymKeyDataGetType(xmlSecKeyDataPtr data) {
     return((xmlSecBufferGetSize(buffer) > 0) ? xmlSecKeyDataTypeSymmetric : xmlSecKeyDataTypeUnknown);
 }
 
-static xmlSecSize 
+static xmlSecSize
 xmlSecOpenSSLSymKeyDataGetSize(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecOpenSSLSymKeyDataCheckId(data), 0);
-    
+
     return(xmlSecKeyDataBinaryValueGetSize(data));
 }
 
-static void 
+static void
 xmlSecOpenSSLSymKeyDataDebugDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugDump(data, output);    
+
+    xmlSecKeyDataBinaryValueDebugDump(data, output);
 }
 
 static void
 xmlSecOpenSSLSymKeyDataDebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     xmlSecAssert(xmlSecOpenSSLSymKeyDataCheckId(data));
-    
-    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);    
+
+    xmlSecKeyDataBinaryValueDebugXmlDump(data, output);
 }
 
-static int 
-xmlSecOpenSSLSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {    
+static int
+xmlSecOpenSSLSymKeyDataKlassCheck(xmlSecKeyDataKlass* klass) {
 #ifndef XMLSEC_NO_DES
     if(klass == xmlSecOpenSSLKeyDataDesId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_AES
 #ifndef XMLSEC_OPENSSL_096
     if(klass == xmlSecOpenSSLKeyDataAesId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_OPENSSL_096 */
 #endif /* XMLSEC_NO_AES */
 
 #ifndef XMLSEC_NO_HMAC
     if(klass == xmlSecOpenSSLKeyDataHmacId) {
-	return(1);
+        return(1);
     }
 #endif /* XMLSEC_NO_HMAC */
 
@@ -210,55 +210,55 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataAesKlass = {
 
     /* data */
     xmlSecNameAESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefAESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeAESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefAESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeAESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecOpenSSLSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecOpenSSLSymKeyDataInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLSymKeyDataDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLSymKeyDataFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecOpenSSLSymKeyDataGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecOpenSSLSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecOpenSSLSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecOpenSSLSymKeyDataGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLSymKeyDataGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecOpenSSLSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecOpenSSLSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLSymKeyDataXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLSymKeyDataXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecOpenSSLSymKeyDataBinRead,             /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecOpenSSLSymKeyDataBinWrite,            /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLSymKeyDataDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLSymKeyDataDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataAesGetKlass:
- * 
+ *
  * The AES key data klass.
  *
  * Returns: AES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataAesGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataAesKlass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataAesSet:
- * @data:		the pointer to AES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to AES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of AES key data.
  *
@@ -267,14 +267,14 @@ xmlSecOpenSSLKeyDataAesGetKlass(void) {
 int
 xmlSecOpenSSLKeyDataAesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataAesId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
@@ -293,55 +293,55 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataDesKlass = {
 
     /* data */
     xmlSecNameDESKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefDESKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeDESKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefDESKeyValue,                      /* const xmlChar* href; */
+    xmlSecNodeDESKeyValue,                      /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecOpenSSLSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecOpenSSLSymKeyDataInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLSymKeyDataDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLSymKeyDataFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecOpenSSLSymKeyDataGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecOpenSSLSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecOpenSSLSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecOpenSSLSymKeyDataGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLSymKeyDataGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecOpenSSLSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecOpenSSLSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLSymKeyDataXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLSymKeyDataXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecOpenSSLSymKeyDataBinRead,             /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecOpenSSLSymKeyDataBinWrite,            /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLSymKeyDataDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLSymKeyDataDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataDesGetKlass:
- * 
+ *
  * The DES key data klass.
  *
  * Returns: DES key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataDesGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataDesKlass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataDesSet:
- * @data:		the pointer to DES key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to DES key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of DES key data.
  *
@@ -350,14 +350,14 @@ xmlSecOpenSSLKeyDataDesGetKlass(void) {
 int
 xmlSecOpenSSLKeyDataDesSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataDesId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
@@ -375,55 +375,55 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataHmacKlass = {
 
     /* data */
     xmlSecNameHMACKeyValue,
-    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefHMACKeyValue,			/* const xmlChar* href; */
-    xmlSecNodeHMACKeyValue,			/* const xmlChar* dataNodeName; */
-    xmlSecNs,					/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyValueNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefHMACKeyValue,                     /* const xmlChar* href; */
+    xmlSecNodeHMACKeyValue,                     /* const xmlChar* dataNodeName; */
+    xmlSecNs,                                   /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLSymKeyDataInitialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLSymKeyDataDuplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLSymKeyDataFinalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    xmlSecOpenSSLSymKeyDataGenerate,		/* xmlSecKeyDataGenerateMethod generate; */
-    
+    xmlSecOpenSSLSymKeyDataInitialize,          /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLSymKeyDataDuplicate,           /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLSymKeyDataFinalize,            /* xmlSecKeyDataFinalizeMethod finalize; */
+    xmlSecOpenSSLSymKeyDataGenerate,            /* xmlSecKeyDataGenerateMethod generate; */
+
     /* get info */
-    xmlSecOpenSSLSymKeyDataGetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    xmlSecOpenSSLSymKeyDataGetSize,		/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */
+    xmlSecOpenSSLSymKeyDataGetType,             /* xmlSecKeyDataGetTypeMethod getType; */
+    xmlSecOpenSSLSymKeyDataGetSize,             /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLSymKeyDataXmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLSymKeyDataXmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecOpenSSLSymKeyDataBinRead,		/* xmlSecKeyDataBinReadMethod binRead; */
-    xmlSecOpenSSLSymKeyDataBinWrite,		/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLSymKeyDataXmlRead,             /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLSymKeyDataXmlWrite,            /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecOpenSSLSymKeyDataBinRead,             /* xmlSecKeyDataBinReadMethod binRead; */
+    xmlSecOpenSSLSymKeyDataBinWrite,            /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLSymKeyDataDebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLSymKeyDataDebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLSymKeyDataDebugDump,           /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLSymKeyDataDebugXmlDump,        /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataHmacGetKlass:
- * 
+ *
  * The HMAC key data klass.
  *
  * Returns: HMAC key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataHmacGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataHmacKlass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataHmacSet:
- * @data:		the pointer to HMAC key data.
- * @buf:		the pointer to key value.
- * @bufSize:		the key value size (in bytes).
+ * @data:               the pointer to HMAC key data.
+ * @buf:                the pointer to key value.
+ * @bufSize:            the key value size (in bytes).
  *
  * Sets the value of HMAC key data.
  *
@@ -432,14 +432,14 @@ xmlSecOpenSSLKeyDataHmacGetKlass(void) {
 int
 xmlSecOpenSSLKeyDataHmacSet(xmlSecKeyDataPtr data, const xmlSecByte* buf, xmlSecSize bufSize) {
     xmlSecBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataHmacId), -1);
     xmlSecAssert2(buf != NULL, -1);
     xmlSecAssert2(bufSize > 0, -1);
-    
+
     buffer = xmlSecKeyDataBinaryValueGetBuffer(data);
     xmlSecAssert2(buffer != NULL, -1);
-    
+
     return(xmlSecBufferSetData(buffer, buf, bufSize));
 }
 
diff --git a/src/openssl/x509.c b/src/openssl/x509.c
index 74dd4096..459a312d 100644
--- a/src/openssl/x509.c
+++ b/src/openssl/x509.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,7 +6,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -45,73 +45,73 @@
  * X509 utility functions
  *
  ************************************************************************/
-static int		xmlSecOpenSSLX509DataNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509CertificateNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509CertificateNodeWrite	(X509* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509SubjectNameNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509SubjectNameNodeWrite	(X509* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509IssuerSerialNodeRead	(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509IssuerSerialNodeWrite	(X509* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509SKINodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509SKINodeWrite		(X509* cert,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509CRLNodeRead		(xmlSecKeyDataPtr data,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLX509CRLNodeWrite		(X509_CRL* crl,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, 
-								xmlSecKeyPtr key,
-								xmlSecKeyInfoCtxPtr keyInfoCtx);
-static X509*		xmlSecOpenSSLX509CertDerRead		(const xmlSecByte* buf, 
-								 xmlSecSize size);
-static X509*		xmlSecOpenSSLX509CertBase64DerRead	(xmlChar* buf);
-static xmlChar*		xmlSecOpenSSLX509CertBase64DerWrite	(X509* cert, 
-								 int base64LineWrap);
-static X509_CRL*	xmlSecOpenSSLX509CrlDerRead		(xmlSecByte* buf, 
-								 xmlSecSize size);
-static X509_CRL*	xmlSecOpenSSLX509CrlBase64DerRead	(xmlChar* buf);
-static xmlChar*		xmlSecOpenSSLX509CrlBase64DerWrite	(X509_CRL* crl, 
-								 int base64LineWrap);
-static xmlChar*		xmlSecOpenSSLX509NameWrite		(X509_NAME* nm);
-static xmlChar*		xmlSecOpenSSLASN1IntegerWrite		(ASN1_INTEGER *asni);
-static xmlChar*		xmlSecOpenSSLX509SKIWrite		(X509* cert);
-static void		xmlSecOpenSSLX509CertDebugDump		(X509* cert, 
-								 FILE* output);
-static void		xmlSecOpenSSLX509CertDebugXmlDump	(X509* cert, 
-								 FILE* output);
-static int		xmlSecOpenSSLX509CertGetTime		(ASN1_TIME* t,
-								 time_t* res);
+static int              xmlSecOpenSSLX509DataNodeRead           (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509CertificateNodeRead    (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509CertificateNodeWrite   (X509* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509SubjectNameNodeRead    (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509SubjectNameNodeWrite   (X509* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509IssuerSerialNodeRead   (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509IssuerSerialNodeWrite  (X509* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509SKINodeRead            (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509SKINodeWrite           (X509* cert,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509CRLNodeRead            (xmlSecKeyDataPtr data,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLX509CRLNodeWrite           (X509_CRL* crl,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data,
+                                                                xmlSecKeyPtr key,
+                                                                xmlSecKeyInfoCtxPtr keyInfoCtx);
+static X509*            xmlSecOpenSSLX509CertDerRead            (const xmlSecByte* buf,
+                                                                 xmlSecSize size);
+static X509*            xmlSecOpenSSLX509CertBase64DerRead      (xmlChar* buf);
+static xmlChar*         xmlSecOpenSSLX509CertBase64DerWrite     (X509* cert,
+                                                                 int base64LineWrap);
+static X509_CRL*        xmlSecOpenSSLX509CrlDerRead             (xmlSecByte* buf,
+                                                                 xmlSecSize size);
+static X509_CRL*        xmlSecOpenSSLX509CrlBase64DerRead       (xmlChar* buf);
+static xmlChar*         xmlSecOpenSSLX509CrlBase64DerWrite      (X509_CRL* crl,
+                                                                 int base64LineWrap);
+static xmlChar*         xmlSecOpenSSLX509NameWrite              (X509_NAME* nm);
+static xmlChar*         xmlSecOpenSSLASN1IntegerWrite           (ASN1_INTEGER *asni);
+static xmlChar*         xmlSecOpenSSLX509SKIWrite               (X509* cert);
+static void             xmlSecOpenSSLX509CertDebugDump          (X509* cert,
+                                                                 FILE* output);
+static void             xmlSecOpenSSLX509CertDebugXmlDump       (X509* cert,
+                                                                 FILE* output);
+static int              xmlSecOpenSSLX509CertGetTime            (ASN1_TIME* t,
+                                                                 time_t* res);
 
 /*************************************************************************
  *
  * Internal OpenSSL X509 data CTX
  *
  ************************************************************************/
-typedef struct _xmlSecOpenSSLX509DataCtx		xmlSecOpenSSLX509DataCtx,
-							*xmlSecOpenSSLX509DataCtxPtr;
+typedef struct _xmlSecOpenSSLX509DataCtx                xmlSecOpenSSLX509DataCtx,
+                                                        *xmlSecOpenSSLX509DataCtxPtr;
 struct _xmlSecOpenSSLX509DataCtx {
-    X509*		keyCert;
-    STACK_OF(X509)*	certsList;
-    STACK_OF(X509_CRL)*	crlsList;
+    X509*               keyCert;
+    STACK_OF(X509)*     certsList;
+    STACK_OF(X509_CRL)* crlsList;
 };
 
 /**************************************************************************
@@ -121,52 +121,52 @@ struct _xmlSecOpenSSLX509DataCtx {
  *
  * The X509Data  Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data)
  *
- * An X509Data element within KeyInfo contains one or more identifiers of keys 
- * or X509 certificates (or certificates' identifiers or a revocation list). 
+ * An X509Data element within KeyInfo contains one or more identifiers of keys
+ * or X509 certificates (or certificates' identifiers or a revocation list).
  * The content of X509Data is:
  *
  *  1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate:
  *  2.
- *    * The X509IssuerSerial element, which contains an X.509 issuer 
- *	distinguished name/serial number pair that SHOULD be compliant 
- *	with RFC2253 [LDAP-DN],
- *    * The X509SubjectName element, which contains an X.509 subject 
- *	distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
- *    * The X509SKI element, which contains the base64 encoded plain (i.e. 
- *	non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
- *    * The X509Certificate element, which contains a base64-encoded [X509v3] 
- *	certificate, and
- *    * Elements from an external namespace which accompanies/complements any 
- *	of the elements above.
- *    * The X509CRL element, which contains a base64-encoded certificate 
- *	revocation list (CRL) [X509v3].
+ *    * The X509IssuerSerial element, which contains an X.509 issuer
+ *      distinguished name/serial number pair that SHOULD be compliant
+ *      with RFC2253 [LDAP-DN],
+ *    * The X509SubjectName element, which contains an X.509 subject
+ *      distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN],
+ *    * The X509SKI element, which contains the base64 encoded plain (i.e.
+ *      non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension.
+ *    * The X509Certificate element, which contains a base64-encoded [X509v3]
+ *      certificate, and
+ *    * Elements from an external namespace which accompanies/complements any
+ *      of the elements above.
+ *    * The X509CRL element, which contains a base64-encoded certificate
+ *      revocation list (CRL) [X509v3].
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear
  * MUST refer to the certificate or certificates containing the validation key.
- * All such elements that refer to a particular individual certificate MUST be 
- * grouped inside a single X509Data element and if the certificate to which 
+ * All such elements that refer to a particular individual certificate MUST be
+ * grouped inside a single X509Data element and if the certificate to which
  * they refer appears, it MUST also be in that X509Data element.
  *
- * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to 
- * the same key but different certificates MUST be grouped within a single 
+ * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to
+ * the same key but different certificates MUST be grouped within a single
  * KeyInfo but MAY occur in multiple X509Data elements.
  *
- * All certificates appearing in an X509Data element MUST relate to the 
- * validation key by either containing it or being part of a certification 
+ * All certificates appearing in an X509Data element MUST relate to the
+ * validation key by either containing it or being part of a certification
  * chain that terminates in a certificate containing the validation key.
  *
  * No ordering is implied by the above constraints.
  *
- * Note, there is no direct provision for a PKCS#7 encoded "bag" of 
- * certificates or CRLs. However, a set of certificates and CRLs can occur 
- * within an X509Data element and multiple X509Data elements can occur in a 
- * KeyInfo. Whenever multiple certificates occur in an X509Data element, at 
- * least one such certificate must contain the public key which verifies the 
+ * Note, there is no direct provision for a PKCS#7 encoded "bag" of
+ * certificates or CRLs. However, a set of certificates and CRLs can occur
+ * within an X509Data element and multiple X509Data elements can occur in a
+ * KeyInfo. Whenever multiple certificates occur in an X509Data element, at
+ * least one such certificate must contain the public key which verifies the
  * signature.
  *
  * Schema Definition
  *
- *  <element name="X509Data" type="ds:X509DataType"/> 
+ *  <element name="X509Data" type="ds:X509DataType"/>
  *  <complexType name="X509DataType">
  *    <sequence maxOccurs="unbounded">
  *      <choice>
@@ -179,10 +179,10 @@ struct _xmlSecOpenSSLX509DataCtx {
  *      </choice>
  *    </sequence>
  *  </complexType>
- *  <complexType name="X509IssuerSerialType"> 
- *    <sequence> 
- *       <element name="X509IssuerName" type="string"/> 
- *       <element name="X509SerialNumber" type="integer"/> 
+ *  <complexType name="X509IssuerSerialType">
+ *    <sequence>
+ *       <element name="X509IssuerName" type="string"/>
+ *       <element name="X509SerialNumber" type="integer"/>
  *     </sequence>
  *  </complexType>
  *
@@ -203,30 +203,30 @@ struct _xmlSecOpenSSLX509DataCtx {
  * xmlSecOpenSSLX509DataCtx is located after xmlSecTransform
  *
  *************************************************************************/
-#define xmlSecOpenSSLX509DataSize	\
-    (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLX509DataCtx))	
+#define xmlSecOpenSSLX509DataSize       \
+    (sizeof(xmlSecKeyData) + sizeof(xmlSecOpenSSLX509DataCtx))
 #define xmlSecOpenSSLX509DataGetCtx(data) \
     ((xmlSecOpenSSLX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData)))
 
-static int		xmlSecOpenSSLKeyDataX509Initialize	(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataX509Duplicate	(xmlSecKeyDataPtr dst,
-								 xmlSecKeyDataPtr src);
-static void		xmlSecOpenSSLKeyDataX509Finalize	(xmlSecKeyDataPtr data);
-static int		xmlSecOpenSSLKeyDataX509XmlRead		(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static int		xmlSecOpenSSLKeyDataX509XmlWrite	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 xmlNodePtr node,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
-static xmlSecKeyDataType xmlSecOpenSSLKeyDataX509GetType	(xmlSecKeyDataPtr data);
-static const xmlChar*	xmlSecOpenSSLKeyDataX509GetIdentifier	(xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataX509Initialize      (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataX509Duplicate       (xmlSecKeyDataPtr dst,
+                                                                 xmlSecKeyDataPtr src);
+static void             xmlSecOpenSSLKeyDataX509Finalize        (xmlSecKeyDataPtr data);
+static int              xmlSecOpenSSLKeyDataX509XmlRead         (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataX509XmlWrite        (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static xmlSecKeyDataType xmlSecOpenSSLKeyDataX509GetType        (xmlSecKeyDataPtr data);
+static const xmlChar*   xmlSecOpenSSLKeyDataX509GetIdentifier   (xmlSecKeyDataPtr data);
 
-static void		xmlSecOpenSSLKeyDataX509DebugDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
-static void		xmlSecOpenSSLKeyDataX509DebugXmlDump	(xmlSecKeyDataPtr data,
-								 FILE* output);
+static void             xmlSecOpenSSLKeyDataX509DebugDump       (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
+static void             xmlSecOpenSSLKeyDataX509DebugXmlDump    (xmlSecKeyDataPtr data,
+                                                                 FILE* output);
 
 
 
@@ -236,63 +236,63 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataX509Klass = {
 
     /* data */
     xmlSecNameX509Data,
-    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefX509Data,				/* const xmlChar* href; */
-    xmlSecNodeX509Data,				/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefX509Data,                         /* const xmlChar* href; */
+    xmlSecNodeX509Data,                         /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLKeyDataX509Initialize,		/* xmlSecKeyDataInitializeMethod initialize; */
-    xmlSecOpenSSLKeyDataX509Duplicate,		/* xmlSecKeyDataDuplicateMethod duplicate; */
-    xmlSecOpenSSLKeyDataX509Finalize,		/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    xmlSecOpenSSLKeyDataX509Initialize,         /* xmlSecKeyDataInitializeMethod initialize; */
+    xmlSecOpenSSLKeyDataX509Duplicate,          /* xmlSecKeyDataDuplicateMethod duplicate; */
+    xmlSecOpenSSLKeyDataX509Finalize,           /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    xmlSecOpenSSLKeyDataX509GetType, 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    xmlSecOpenSSLKeyDataX509GetIdentifier,	/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    xmlSecOpenSSLKeyDataX509GetType,            /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    xmlSecOpenSSLKeyDataX509GetIdentifier,      /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    xmlSecOpenSSLKeyDataX509XmlRead,		/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    xmlSecOpenSSLKeyDataX509XmlWrite,		/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    NULL,					/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    xmlSecOpenSSLKeyDataX509XmlRead,            /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    xmlSecOpenSSLKeyDataX509XmlWrite,           /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    NULL,                                       /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    xmlSecOpenSSLKeyDataX509DebugDump,		/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    xmlSecOpenSSLKeyDataX509DebugXmlDump, 	/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    xmlSecOpenSSLKeyDataX509DebugDump,          /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    xmlSecOpenSSLKeyDataX509DebugXmlDump,       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-/** 
+/**
  * xmlSecOpenSSLKeyDataX509GetKlass:
- * 
+ *
  * The OpenSSL X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data).
  *
  * Returns: the X509 data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataX509GetKlass(void) {
     return(&xmlSecOpenSSLKeyDataX509Klass);
 }
 
 /**
  * xmlSecOpenSSLKeyDataX509GetKeyCert:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
- * Gets the certificate from which the key was extracted. 
+ * Gets the certificate from which the key was extracted.
  *
  * Returns: the key's certificate or NULL if key data was not used for key
  * extraction or an error occurs.
  */
-X509* 	
+X509*
 xmlSecOpenSSLKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
 
     ctx = xmlSecOpenSSLX509DataGetCtx(data);
@@ -303,8 +303,8 @@ xmlSecOpenSSLKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecOpenSSLKeyDataX509AdoptKeyCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to OpenSSL X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to OpenSSL X509 certificate.
  *
  * Sets the key's certificate in @data.
  *
@@ -319,9 +319,9 @@ xmlSecOpenSSLKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, X509* cert) {
 
     ctx = xmlSecOpenSSLX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->keyCert != NULL) {
-	X509_free(ctx->keyCert);
+        X509_free(ctx->keyCert);
     }
     ctx->keyCert = cert;
     return(0);
@@ -329,60 +329,60 @@ xmlSecOpenSSLKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, X509* cert) {
 
 /**
  * xmlSecOpenSSLKeyDataX509AdoptCert:
- * @data:		the pointer to X509 key data.
- * @cert:		the pointer to OpenSSL X509 certificate.
+ * @data:               the pointer to X509 key data.
+ * @cert:               the pointer to OpenSSL X509 certificate.
  *
  * Adds certificate to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecOpenSSLKeyDataX509AdoptCert(xmlSecKeyDataPtr data, X509* cert) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(cert != NULL, -1);
 
     ctx = xmlSecOpenSSLX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->certsList == NULL) {
-	ctx->certsList = sk_X509_new_null();
-	if(ctx->certsList == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"sk_X509_new_null",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	
-	}
-    }
-    
+        ctx->certsList = sk_X509_new_null();
+        if(ctx->certsList == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "sk_X509_new_null",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     ret = sk_X509_push(ctx->certsList, cert);
     if(ret < 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "sk_X509_push",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "sk_X509_push",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLKeyDataX509GetCert:
- * @data:		the pointer to X509 key data.
- * @pos:		the desired certificate position.
- * 
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired certificate position.
+ *
  * Gets a certificate from X509 key data.
  *
- * Returns: the pointer to certificate or NULL if @pos is larger than the 
+ * Returns: the pointer to certificate or NULL if @pos is larger than the
  * number of certificates in @data or an error occurs.
  */
-X509* 
+X509*
 xmlSecOpenSSLKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
 
@@ -398,13 +398,13 @@ xmlSecOpenSSLKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) {
 
 /**
  * xmlSecOpenSSLKeyDataX509GetCertsSize:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
  * Gets the number of certificates in @data.
  *
  * Returns: te number of certificates in @data.
  */
-xmlSecSize 	
+xmlSecSize
 xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
 
@@ -418,60 +418,60 @@ xmlSecOpenSSLKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) {
 
 /**
  * xmlSecOpenSSLKeyDataX509AdoptCrl:
- * @data:		the pointer to X509 key data.
- * @crl:		the pointer to OpenSSL X509 CRL.
+ * @data:               the pointer to X509 key data.
+ * @crl:                the pointer to OpenSSL X509 CRL.
  *
  * Adds CRL to the X509 key data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecOpenSSLKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, X509_CRL* crl) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(crl != NULL, -1);
 
     ctx = xmlSecOpenSSLX509DataGetCtx(data);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     if(ctx->crlsList == NULL) {
-	ctx->crlsList = sk_X509_CRL_new_null();
-	if(ctx->crlsList == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"sk_X509_CRL_new_null",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	
-	}
-    }
-    
+        ctx->crlsList = sk_X509_CRL_new_null();
+        if(ctx->crlsList == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "sk_X509_CRL_new_null",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     ret = sk_X509_CRL_push(ctx->crlsList, crl);
     if(ret < 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "sk_X509_CRL_push",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "sk_X509_CRL_push",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecOpenSSLKeyDataX509GetCrl:
- * @data:		the pointer to X509 key data.
- * @pos:		the desired CRL position.
- * 
+ * @data:               the pointer to X509 key data.
+ * @pos:                the desired CRL position.
+ *
  * Gets a CRL from X509 key data.
  *
- * Returns: the pointer to CRL or NULL if @pos is larger than the 
+ * Returns: the pointer to CRL or NULL if @pos is larger than the
  * number of CRLs in @data or an error occurs.
  */
-X509_CRL* 
+X509_CRL*
 xmlSecOpenSSLKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
 
@@ -488,13 +488,13 @@ xmlSecOpenSSLKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) {
 
 /**
  * xmlSecOpenSSLKeyDataX509GetCrlsSize:
- * @data:		the pointer to X509 key data.
+ * @data:               the pointer to X509 key data.
  *
  * Gets the number of CRLs in @data.
  *
  * Returns: te number of CRLs in @data.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
 
@@ -506,7 +506,7 @@ xmlSecOpenSSLKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) {
     return((ctx->crlsList != NULL) ? sk_X509_CRL_num(ctx->crlsList) : 0);
 }
 
-static int	
+static int
 xmlSecOpenSSLKeyDataX509Initialize(xmlSecKeyDataPtr data) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
 
@@ -530,99 +530,99 @@ xmlSecOpenSSLKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) {
 
     xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecOpenSSLKeyDataX509Id), -1);
-    
+
     /* copy certsList */
     size = xmlSecOpenSSLKeyDataX509GetCertsSize(src);
     for(pos = 0; pos < size; ++pos) {
-	certSrc = xmlSecOpenSSLKeyDataX509GetCert(src, pos);
-	if(certSrc == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
-			"xmlSecOpenSSLKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-	
-	certDst = X509_dup(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"X509_dup",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	ret = xmlSecOpenSSLKeyDataX509AdoptCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecOpenSSLKeyDataX509AdoptCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    X509_free(certDst);
-	    return(-1);
-	}
+        certSrc = xmlSecOpenSSLKeyDataX509GetCert(src, pos);
+        if(certSrc == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecOpenSSLKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        certDst = X509_dup(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "X509_dup",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecOpenSSLKeyDataX509AdoptCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecOpenSSLKeyDataX509AdoptCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            X509_free(certDst);
+            return(-1);
+        }
     }
 
     /* copy crls */
     size = xmlSecOpenSSLKeyDataX509GetCrlsSize(src);
     for(pos = 0; pos < size; ++pos) {
-	crlSrc = xmlSecOpenSSLKeyDataX509GetCrl(src, pos);
-	if(crlSrc == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
-			"xmlSecOpenSSLKeyDataX509GetCrl",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-	
-	crlDst = X509_CRL_dup(crlSrc);
-	if(crlDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"X509_CRL_dup",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	ret = xmlSecOpenSSLKeyDataX509AdoptCrl(dst, crlDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecOpenSSLKeyDataX509AdoptCrl",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    X509_CRL_free(crlDst);
-	    return(-1);
-	}
+        crlSrc = xmlSecOpenSSLKeyDataX509GetCrl(src, pos);
+        if(crlSrc == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)),
+                        "xmlSecOpenSSLKeyDataX509GetCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        crlDst = X509_CRL_dup(crlSrc);
+        if(crlDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "X509_CRL_dup",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecOpenSSLKeyDataX509AdoptCrl(dst, crlDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecOpenSSLKeyDataX509AdoptCrl",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            X509_CRL_free(crlDst);
+            return(-1);
+        }
     }
 
     /* copy key cert if exist */
     certSrc = xmlSecOpenSSLKeyDataX509GetKeyCert(src);
     if(certSrc != NULL) {
-	certDst = X509_dup(certSrc);
-	if(certDst == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"X509_dup",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(dst, certDst);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
-			"xmlSecOpenSSLKeyDataX509AdoptKeyCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    X509_free(certDst);
-	    return(-1);
-	}
+        certDst = X509_dup(certSrc);
+        if(certDst == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "X509_dup",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        ret = xmlSecOpenSSLKeyDataX509AdoptKeyCert(dst, certDst);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)),
+                        "xmlSecOpenSSLKeyDataX509AdoptKeyCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            X509_free(certDst);
+            return(-1);
+        }
     }
     return(0);
 }
@@ -637,72 +637,72 @@ xmlSecOpenSSLKeyDataX509Finalize(xmlSecKeyDataPtr data) {
     xmlSecAssert(ctx != NULL);
 
     if(ctx->certsList != NULL) {
-	sk_X509_pop_free(ctx->certsList, X509_free); 	
+        sk_X509_pop_free(ctx->certsList, X509_free);
     }
     if(ctx->crlsList != NULL) {
-	sk_X509_CRL_pop_free(ctx->crlsList, X509_CRL_free); 	
+        sk_X509_CRL_pop_free(ctx->crlsList, X509_CRL_free);
     }
     if(ctx->keyCert != NULL) {
-	X509_free(ctx->keyCert);
+        X509_free(ctx->keyCert);
     }
     memset(ctx, 0, sizeof(xmlSecOpenSSLX509DataCtx));
 }
 
 static int
 xmlSecOpenSSLKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     data = xmlSecKeyEnsureData(key, id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLX509DataNodeRead(data, node, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLX509DataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLX509DataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) {
         ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     X509* cert;
     X509_CRL* crl;
     xmlSecSize size, pos;
     int content;
     int ret;
-    			
+
     xmlSecAssert2(id == xmlSecOpenSSLKeyDataX509Id, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -710,112 +710,112 @@ xmlSecOpenSSLKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx);
     if (content < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecX509DataGetNodeContent",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "content=%d", content);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecX509DataGetNodeContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "content=%d", content);
+        return(-1);
     } else if(content == 0) {
-	/* by default we are writing certificates and crls */
-	content = XMLSEC_X509DATA_DEFAULT;
+        /* by default we are writing certificates and crls */
+        content = XMLSEC_X509DATA_DEFAULT;
     }
 
     /* get x509 data */
     data = xmlSecKeyGetData(key, id);
     if(data == NULL) {
-	/* no x509 data in the key */
-	return(0);	
+        /* no x509 data in the key */
+        return(0);
     }
 
     /* write certs */
     size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			"xmlSecOpenSSLKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return(-1);
-	}
-	
-	if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
-	    ret = xmlSecOpenSSLX509CertificateNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLX509CertificateNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
-	    ret = xmlSecOpenSSLX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLX509SubjectNameNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
-	    ret = xmlSecOpenSSLX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLX509IssuerSerialNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-
-	if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
-	    ret = xmlSecOpenSSLX509SKINodeWrite(cert, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLX509SKINodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-    }    
+        cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                        "xmlSecOpenSSLKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return(-1);
+        }
+
+        if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) {
+            ret = xmlSecOpenSSLX509CertificateNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLX509CertificateNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) {
+            ret = xmlSecOpenSSLX509SubjectNameNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLX509SubjectNameNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) {
+            ret = xmlSecOpenSSLX509IssuerSerialNodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLX509IssuerSerialNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+
+        if((content & XMLSEC_X509DATA_SKI_NODE) != 0) {
+            ret = xmlSecOpenSSLX509SKINodeWrite(cert, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLX509SKINodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
 
     /* write crls if needed */
     if((content & XMLSEC_X509DATA_CRL_NODE) != 0) {
-	size = xmlSecOpenSSLKeyDataX509GetCrlsSize(data);
-	for(pos = 0; pos < size; ++pos) {
-	    crl = xmlSecOpenSSLKeyDataX509GetCrl(data, pos);
-	    if(crl == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLKeyDataX509GetCrl",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	    
-	    ret = xmlSecOpenSSLX509CRLNodeWrite(crl, node, keyInfoCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-			    "xmlSecOpenSSLX509CRLNodeWrite",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "pos=%d", pos);
-		return(-1);
-	    }
-	}
-    }
-    
+        size = xmlSecOpenSSLKeyDataX509GetCrlsSize(data);
+        for(pos = 0; pos < size; ++pos) {
+            crl = xmlSecOpenSSLKeyDataX509GetCrl(data, pos);
+            if(crl == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLKeyDataX509GetCrl",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+
+            ret = xmlSecOpenSSLX509CRLNodeWrite(crl, node, keyInfoCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                            "xmlSecOpenSSLX509CRLNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "pos=%d", pos);
+                return(-1);
+            }
+        }
+    }
+
     return(0);
 }
 
@@ -824,19 +824,19 @@ static xmlSecKeyDataType
 xmlSecOpenSSLKeyDataX509GetType(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), xmlSecKeyDataTypeUnknown);
 
-    /* TODO: return verified/not verified status */    
+    /* TODO: return verified/not verified status */
     return(xmlSecKeyDataTypeUnknown);
 }
 
 static const xmlChar*
 xmlSecOpenSSLKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) {
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), NULL);
-    
-    /* TODO */    
+
+    /* TODO */
     return(NULL);
 }
 
-static void 
+static void
 xmlSecOpenSSLKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     X509* cert;
     xmlSecSize size, pos;
@@ -847,25 +847,25 @@ xmlSecOpenSSLKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "=== X509 Data:\n");
     cert = xmlSecOpenSSLKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "==== Key Certificate:\n");
-	xmlSecOpenSSLX509CertDebugDump(cert, output);
+        fprintf(output, "==== Key Certificate:\n");
+        xmlSecOpenSSLX509CertDebugDump(cert, output);
     }
-    
+
     size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecOpenSSLKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "==== Certificate:\n");
-	xmlSecOpenSSLX509CertDebugDump(cert, output);
-    }
-    
+        cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecOpenSSLKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "==== Certificate:\n");
+        xmlSecOpenSSLX509CertDebugDump(cert, output);
+    }
+
     /* we don't print out crls */
 }
 
@@ -880,78 +880,78 @@ xmlSecOpenSSLKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) {
     fprintf(output, "<X509Data>\n");
     cert = xmlSecOpenSSLKeyDataX509GetKeyCert(data);
     if(cert != NULL) {
-	fprintf(output, "<KeyCertificate>\n");
-	xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</KeyCertificate>\n");
+        fprintf(output, "<KeyCertificate>\n");
+        xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</KeyCertificate>\n");
     }
-    
+
     size = xmlSecOpenSSLKeyDataX509GetCertsSize(data);
     for(pos = 0; pos < size; ++pos) {
-	cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
-	if(cert == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			"xmlSecOpenSSLKeyDataX509GetCert",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    return;
-	}
-	fprintf(output, "<Certificate>\n");
-	xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
-	fprintf(output, "</Certificate>\n");
-    }
-    
+        cert = xmlSecOpenSSLKeyDataX509GetCert(data, pos);
+        if(cert == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        "xmlSecOpenSSLKeyDataX509GetCert",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            return;
+        }
+        fprintf(output, "<Certificate>\n");
+        xmlSecOpenSSLX509CertDebugXmlDump(cert, output);
+        fprintf(output, "</Certificate>\n");
+    }
+
     /* we don't print out crls */
     fprintf(output, "</X509Data>\n");
 }
 
 static int
 xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
-    xmlNodePtr cur; 
+    xmlNodePtr cur;
     int ret;
-        
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     for(cur = xmlSecGetNextElementNode(node->children);
-	cur != NULL;
-	cur = xmlSecGetNextElementNode(cur->next)) {
-	
-	ret = 0;
-	if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
-	    ret = xmlSecOpenSSLX509CertificateNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
-	    ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
-	    ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
-	    ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
-	    ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
-	    /* laxi schema validation: ignore unknown nodes */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"read node failed");
-	    return(-1);  
-	}	
+        cur != NULL;
+        cur = xmlSecGetNextElementNode(cur->next)) {
+
+        ret = 0;
+        if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+            ret = xmlSecOpenSSLX509CertificateNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+            ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+            ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+            ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+            ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
+            /* laxi schema validation: ignore unknown nodes */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "read node failed");
+            return(-1);
+        }
     }
     return(0);
 }
 
 static int
-xmlSecOpenSSLX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+xmlSecOpenSSLX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     X509* cert;
     int ret;
@@ -962,77 +962,77 @@ xmlSecOpenSSLX509CertificateNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
 
     content = xmlNodeGetContent(node);
     if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecOpenSSLX509CertBase64DerRead(content);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLX509CertBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLX509CertBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert);
-	xmlFree(content);
-	return(-1);
-    }
-     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert);
+        xmlFree(content);
+        return(-1);
+    }
+
     xmlFree(content);
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLX509CertificateNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar* buf;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(cert != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
-    
+
     /* set base64 lines size from context */
-    buf = xmlSecOpenSSLX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize); 
+    buf = xmlSecOpenSSLX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509CertBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509CertBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
-	xmlFree(buf);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+        xmlFree(buf);
+        return(-1);
     }
 
     /* todo: add \n around base64 data - from context */
@@ -1043,14 +1043,14 @@ xmlSecOpenSSLX509CertificateNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfo
     return(0);
 }
 
-static int		
-xmlSecOpenSSLX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {	
+static int
+xmlSecOpenSSLX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* subject;
     X509* cert;
     X509* cert2;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1058,72 +1058,72 @@ xmlSecOpenSSLX509SubjectNameNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xml
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     subject = xmlNodeGetContent(node);
     if((subject == NULL) || (xmlSecIsEmptyString(subject) == 1)) {
-	if(subject != NULL) {
-	    xmlFree(subject);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(subject != NULL) {
+            xmlFree(subject);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecOpenSSLX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx);
     if(cert == NULL){
 
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"subject=%s", 
-			xmlSecErrorsSafeString(subject));
-    	    xmlFree(subject);
-	    return(-1);
-	}
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "subject=%s",
+                        xmlSecErrorsSafeString(subject));
+            xmlFree(subject);
+            return(-1);
+        }
 
-	xmlFree(subject);	
-	return(0);
+        xmlFree(subject);
+        return(0);
     }
 
     cert2 = X509_dup(cert);
     if(cert2 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "X509_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "X509_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
 
-	xmlFree(subject);
-	return(-1);
+        xmlFree(subject);
+        return(-1);
     }
-    
+
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert2);
-	xmlFree(subject);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert2);
+        xmlFree(subject);
+        return(-1);
+    }
+
     xmlFree(subject);
     return(0);
 }
@@ -1138,36 +1138,36 @@ xmlSecOpenSSLX509SubjectNameNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfo
 
     buf = xmlSecOpenSSLX509NameWrite(X509_get_subject_name(cert));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-	    NULL,
-	    "xmlSecOpenSSLX509NameWrite(X509_get_subject_name)",
-	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecOpenSSLX509NameWrite(X509_get_subject_name)",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-	    NULL,
-	    "xmlSecAddChild",
-	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	    "node=%s",
-	    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+            NULL,
+            "xmlSecAddChild",
+            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+            "node=%s",
+            xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlNodePtr cur;
     xmlChar *issuerName;
-    xmlChar *issuerSerial;    
+    xmlChar *issuerSerial;
     X509* cert;
     X509* cert2;
     int ret;
@@ -1179,130 +1179,130 @@ xmlSecOpenSSLX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xm
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecGetNextElementNode(node->children);
     if(cur == NULL) {
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-			XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
-	return(0);
-    }
-    
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+        return(0);
+    }
+
     /* the first is required node X509IssuerName */
     if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        return(-1);
+    }
     issuerName = xmlNodeGetContent(cur);
     if(issuerName == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is required node X509SerialNumber */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	xmlFree(issuerName);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        xmlFree(issuerName);
+        return(-1);
+    }
     issuerSerial = xmlNodeGetContent(cur);
     if(issuerSerial == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+        xmlFree(issuerName);
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next); 
+    cur = xmlSecGetNextElementNode(cur->next);
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
     }
 
     cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, issuerName, issuerSerial, NULL, keyInfoCtx);
     if(cert == NULL){
 
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"issuerName=%s;issuerSerial=%s",
-		        xmlSecErrorsSafeString(issuerName), 
-			xmlSecErrorsSafeString(issuerSerial));
-    	    xmlFree(issuerSerial);
-	    xmlFree(issuerName);
-	    return(-1);
-	}
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(0);    
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "issuerName=%s;issuerSerial=%s",
+                        xmlSecErrorsSafeString(issuerName),
+                        xmlSecErrorsSafeString(issuerSerial));
+            xmlFree(issuerSerial);
+            xmlFree(issuerName);
+            return(-1);
+        }
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(0);
     }
 
     cert2 = X509_dup(cert);
     if(cert2 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "X509_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "X509_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert2);
-	xmlFree(issuerSerial);
-	xmlFree(issuerName);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert2);
+        xmlFree(issuerSerial);
+        xmlFree(issuerName);
+        return(-1);
+    }
+
     xmlFree(issuerSerial);
     xmlFree(issuerName);
     return(0);
@@ -1314,65 +1314,65 @@ xmlSecOpenSSLX509IssuerSerialNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInf
     xmlNodePtr issuerNameNode;
     xmlNodePtr issuerNumberNode;
     xmlChar* buf;
-    
+
     xmlSecAssert2(cert != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* create xml nodes */
     cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+        return(-1);
     }
 
     issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs);
     if(issuerNameNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(-1);
     }
 
     issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
     if(issuerNumberNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+        return(-1);
     }
 
     /* write data */
     buf = xmlSecOpenSSLX509NameWrite(X509_get_issuer_name(cert));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509NameWrite(X509_get_issuer_name)",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509NameWrite(X509_get_issuer_name)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(issuerNameNode, buf);
     xmlFree(buf);
 
     buf = xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber(cert));
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber)",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLASN1IntegerWrite(X509_get_serialNumber)",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(issuerNumberNode, buf);
     xmlFree(buf);
@@ -1381,14 +1381,14 @@ xmlSecOpenSSLX509IssuerSerialNodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInf
 }
 
 
-static int 
+static int
 xmlSecOpenSSLX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataStorePtr x509Store;
     xmlChar* ski;
     X509* cert;
     X509* cert2;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1396,70 +1396,70 @@ xmlSecOpenSSLX509SKINodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyIn
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ski = xmlNodeGetContent(node);
     if((ski == NULL) || (xmlSecIsEmptyString(ski) == 1)) {
-	if(ski != NULL) {
-	    xmlFree(ski);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	    return(-1);
-	}
-	return(0);
+        if(ski != NULL) {
+            xmlFree(ski);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+            return(-1);
+        }
+        return(0);
     }
 
     cert = xmlSecOpenSSLX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx);
     if(cert == NULL){
-	xmlFree(ski);
-
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-		        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			"ski=%s", 
-			xmlSecErrorsSafeString(ski));
-	    return(-1);
-	}
-	return(0);
+        xmlFree(ski);
+
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        "ski=%s",
+                        xmlSecErrorsSafeString(ski));
+            return(-1);
+        }
+        return(0);
     }
 
     cert2 = X509_dup(cert);
     if(cert2 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "X509_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(ski);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "X509_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(ski);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert2);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert2);
-	xmlFree(ski);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert2);
+        xmlFree(ski);
+        return(-1);
+    }
+
     xmlFree(ski);
     return(0);
 }
@@ -1474,24 +1474,24 @@ xmlSecOpenSSLX509SKINodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr k
 
     buf = xmlSecOpenSSLX509SKIWrite(cert);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509SKIWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509SKIWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+        xmlFree(buf);
+        return(-1);
     }
     xmlSecNodeEncodeAndSetContent(cur, buf);
     xmlFree(buf);
@@ -1499,7 +1499,7 @@ xmlSecOpenSSLX509SKINodeWrite(X509* cert, xmlNodePtr node, xmlSecKeyInfoCtxPtr k
     return(0);
 }
 
-static int 
+static int
 xmlSecOpenSSLX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlChar *content;
     X509_CRL* crl;
@@ -1511,43 +1511,43 @@ xmlSecOpenSSLX509CRLNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyIn
 
     content = xmlNodeGetContent(node);
     if((content == NULL) || (xmlSecIsEmptyString(content) == 1)) {
-	if(content != NULL) {
-	    xmlFree(content);
-	}
-	if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	return(0);
+        if(content != NULL) {
+            xmlFree(content);
+        }
+        if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        return(0);
     }
 
     crl = xmlSecOpenSSLX509CrlBase64DerRead(content);
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLX509CrlBase64DerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFree(content);
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLX509CrlBase64DerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFree(content);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLKeyDataX509AdoptCrl(data, crl);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCrl",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_CRL_free(crl);
-	xmlFree(content);
-	return(-1);
-    }
-     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCrl",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_CRL_free(crl);
+        xmlFree(content);
+        return(-1);
+    }
+
     xmlFree(content);
     return(0);
 }
@@ -1562,26 +1562,26 @@ xmlSecOpenSSLX509CRLNodeWrite(X509_CRL* crl, xmlNodePtr node, xmlSecKeyInfoCtxPt
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     /* set base64 lines size from context */
-    buf = xmlSecOpenSSLX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize); 
+    buf = xmlSecOpenSSLX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509CrlBase64DerWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509CrlBase64DerWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "new_node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
-	xmlFree(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "new_node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+        xmlFree(buf);
+        return(-1);
     }
     /* todo: add \n around base64 data - from context */
     /* todo: add errors check */
@@ -1594,11 +1594,11 @@ xmlSecOpenSSLX509CRLNodeWrite(X509_CRL* crl, xmlNodePtr node, xmlSecKeyInfoCtxPt
 
 static int
 xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecOpenSSLX509DataCtxPtr ctx;
     xmlSecKeyDataStorePtr x509Store;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecOpenSSLKeyDataX509Id), -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(keyInfoCtx != NULL, -1);
@@ -1609,93 +1609,93 @@ xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr
 
     x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecOpenSSLX509StoreId);
     if(x509Store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-		    "xmlSecKeysMngrGetDataStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                    "xmlSecKeysMngrGetDataStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) {
-	X509* cert;
-	
-	cert = xmlSecOpenSSLX509StoreVerify(x509Store, ctx->certsList, ctx->crlsList, keyInfoCtx);
-	if(cert != NULL) {
-	    xmlSecKeyDataPtr keyValue;
-	    
-	    ctx->keyCert = X509_dup(cert);
-	    if(ctx->keyCert == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "X509_dup",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	
-	    keyValue = xmlSecOpenSSLX509CertGetKey(ctx->keyCert);
-	    if(keyValue == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecOpenSSLX509CertGetKey",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    
-	    /* verify that the key matches our expectations */
-	    if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecKeyReqMatchKeyValue",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDataDestroy(keyValue);
-		return(-1);
-	    }	
-	        
-	    ret = xmlSecKeySetValue(key, keyValue);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			    "xmlSecKeySetValue",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlSecKeyDataDestroy(keyValue);
-		return(-1);
-	    }	    
-	    
-	    if((X509_get_notBefore(ctx->keyCert) != NULL) && (X509_get_notAfter(ctx->keyCert) != NULL)) {
-		ret = xmlSecOpenSSLX509CertGetTime(X509_get_notBefore(ctx->keyCert), &(key->notValidBefore));
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-				"xmlSecOpenSSLX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"notValidBefore");
-		    return(-1);
-		}
-		ret = xmlSecOpenSSLX509CertGetTime(X509_get_notAfter(ctx->keyCert), &(key->notValidAfter));
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-			        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-				"xmlSecOpenSSLX509CertGetTime",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"notValidAfter");
-		    return(-1);
-		}
-	    } else {
-		key->notValidBefore = key->notValidAfter = 0;
-	    }
-	} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_FOUND,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        X509* cert;
+
+        cert = xmlSecOpenSSLX509StoreVerify(x509Store, ctx->certsList, ctx->crlsList, keyInfoCtx);
+        if(cert != NULL) {
+            xmlSecKeyDataPtr keyValue;
+
+            ctx->keyCert = X509_dup(cert);
+            if(ctx->keyCert == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "X509_dup",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            keyValue = xmlSecOpenSSLX509CertGetKey(ctx->keyCert);
+            if(keyValue == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecOpenSSLX509CertGetKey",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* verify that the key matches our expectations */
+            if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeyReqMatchKeyValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            ret = xmlSecKeySetValue(key, keyValue);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                            "xmlSecKeySetValue",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecKeyDataDestroy(keyValue);
+                return(-1);
+            }
+
+            if((X509_get_notBefore(ctx->keyCert) != NULL) && (X509_get_notAfter(ctx->keyCert) != NULL)) {
+                ret = xmlSecOpenSSLX509CertGetTime(X509_get_notBefore(ctx->keyCert), &(key->notValidBefore));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecOpenSSLX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidBefore");
+                    return(-1);
+                }
+                ret = xmlSecOpenSSLX509CertGetTime(X509_get_notAfter(ctx->keyCert), &(key->notValidAfter));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                                "xmlSecOpenSSLX509CertGetTime",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "notValidAfter");
+                    return(-1);
+                }
+            } else {
+                key->notValidBefore = key->notValidAfter = 0;
+            }
+        } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
@@ -1704,38 +1704,38 @@ xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr
 extern time_t timegm (struct tm *tm);
 #else  /* HAVE_TIMEGM */
 #ifdef WIN32
-#define timegm(tm)	(mktime(tm) - _timezone)
+#define timegm(tm)      (mktime(tm) - _timezone)
 #else /* WIN32 */
 /* Absolutely not the best way but it's the only ANSI compatible way I know.
  * If you system has a native struct tm --> GMT time_t conversion function
  * (like timegm) use it instead.
  */
-static time_t 
-my_timegm(struct tm *t) {  
-    time_t tl, tb;  
-    struct tm *tg;  
+static time_t
+my_timegm(struct tm *t) {
+    time_t tl, tb;
+    struct tm *tg;
 
-    tl = mktime (t);  
+    tl = mktime (t);
     if(tl == -1) {
-	t->tm_hour--;
-	tl = mktime (t);
-	if (tl == -1) {
-	    return -1;
-	}
-	tl += 3600;    
-    }  
-    tg = gmtime (&tl);  
-    tg->tm_isdst = 0;  
-    tb = mktime (tg);  
+        t->tm_hour--;
+        tl = mktime (t);
+        if (tl == -1) {
+            return -1;
+        }
+        tl += 3600;
+    }
+    tg = gmtime (&tl);
+    tg->tm_isdst = 0;
+    tb = mktime (tg);
     if (tb == -1) {
-	tg->tm_hour--;
-	tb = mktime (tg);
-	if (tb == -1) {
-	    return -1;
-	}
-	tb += 3600;    
-    }  
-    return (tl - (tb - tl)); 
+        tg->tm_hour--;
+        tb = mktime (tg);
+        if (tb == -1) {
+            return -1;
+        }
+        tb += 3600;
+    }
+    return (tl - (tb - tl));
 }
 
 #define timegm(tm) my_timegm(tm)
@@ -1746,112 +1746,112 @@ static int
 xmlSecOpenSSLX509CertGetTime(ASN1_TIME* t, time_t* res) {
     struct tm tm;
     int offset;
-    
+
     xmlSecAssert2(t != NULL, -1);
     xmlSecAssert2(res != NULL, -1);
 
     (*res) = 0;
 #ifndef XMLSEC_OPENSSL_096
     if(!ASN1_TIME_check(t)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "ASN1_TIME_check",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "ASN1_TIME_check",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 #endif /* XMLSEC_OPENSSL_096 */
-        
+
     memset(&tm, 0, sizeof(tm));
 
 #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
     if(t->type == V_ASN1_UTCTIME) {
-	xmlSecAssert2(t->length > 12, -1);
-
-	
-	/* this code is copied from OpenSSL asn1/a_utctm.c file */	
-	tm.tm_year = g2(t->data);
-	if(tm.tm_year < 50) {
-	    tm.tm_year += 100;
-	}
-	tm.tm_mon  = g2(t->data + 2) - 1;
-	tm.tm_mday = g2(t->data + 4);
-	tm.tm_hour = g2(t->data + 6);
-	tm.tm_min  = g2(t->data + 8);
-	tm.tm_sec  = g2(t->data + 10);
-	if(t->data[12] == 'Z') {
-	    offset = 0;
-	} else {
-	    xmlSecAssert2(t->length > 16, -1);
-	    
-	    offset = g2(t->data + 13) * 60 + g2(t->data + 15);
-	    if(t->data[12] == '-') {
-		offset = -offset;
-	    }
-	}
-	tm.tm_isdst = -1;
+        xmlSecAssert2(t->length > 12, -1);
+
+
+        /* this code is copied from OpenSSL asn1/a_utctm.c file */
+        tm.tm_year = g2(t->data);
+        if(tm.tm_year < 50) {
+            tm.tm_year += 100;
+        }
+        tm.tm_mon  = g2(t->data + 2) - 1;
+        tm.tm_mday = g2(t->data + 4);
+        tm.tm_hour = g2(t->data + 6);
+        tm.tm_min  = g2(t->data + 8);
+        tm.tm_sec  = g2(t->data + 10);
+        if(t->data[12] == 'Z') {
+            offset = 0;
+        } else {
+            xmlSecAssert2(t->length > 16, -1);
+
+            offset = g2(t->data + 13) * 60 + g2(t->data + 15);
+            if(t->data[12] == '-') {
+                offset = -offset;
+            }
+        }
+        tm.tm_isdst = -1;
     } else {
-	xmlSecAssert2(t->length > 14, -1);
-	
-	tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
-	tm.tm_mon  = g2(t->data + 4) - 1;
-	tm.tm_mday = g2(t->data + 6);
-	tm.tm_hour = g2(t->data + 8);
-	tm.tm_min  = g2(t->data + 10);
-	tm.tm_sec  = g2(t->data + 12);
-	if(t->data[14] == 'Z') {
-	    offset = 0;
-	} else {
-	    xmlSecAssert2(t->length > 18, -1);
-	    
-	    offset = g2(t->data + 15) * 60 + g2(t->data + 17);
-	    if(t->data[14] == '-') {
-		offset = -offset;
-	    }
-	}
-	tm.tm_isdst = -1;
+        xmlSecAssert2(t->length > 14, -1);
+
+        tm.tm_year = g2(t->data) * 100 + g2(t->data + 2);
+        tm.tm_mon  = g2(t->data + 4) - 1;
+        tm.tm_mday = g2(t->data + 6);
+        tm.tm_hour = g2(t->data + 8);
+        tm.tm_min  = g2(t->data + 10);
+        tm.tm_sec  = g2(t->data + 12);
+        if(t->data[14] == 'Z') {
+            offset = 0;
+        } else {
+            xmlSecAssert2(t->length > 18, -1);
+
+            offset = g2(t->data + 15) * 60 + g2(t->data + 17);
+            if(t->data[14] == '-') {
+                offset = -offset;
+            }
+        }
+        tm.tm_isdst = -1;
     }
 #undef g2
     (*res) = timegm(&tm) - offset * 60;
     return(0);
 }
 
-/** 
+/**
  * xmlSecOpenSSLX509CertGetKey:
- * @cert:		the certificate.
- * 
+ * @cert:               the certificate.
+ *
  * Extracts public key from the @cert.
  *
  * Returns: public key value or NULL if an error occurs.
  */
-xmlSecKeyDataPtr	
+xmlSecKeyDataPtr
 xmlSecOpenSSLX509CertGetKey(X509* cert) {
     xmlSecKeyDataPtr data;
     EVP_PKEY *pKey = NULL;
-    
+
     xmlSecAssert2(cert != NULL, NULL);
 
     pKey = X509_get_pubkey(cert);
     if(pKey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_get_pubkey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_get_pubkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
 
     data = xmlSecOpenSSLEvpKeyAdopt(pKey);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLEvpKeyAdopt",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	EVP_PKEY_free(pKey);
-	return(NULL);	    
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLEvpKeyAdopt",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        EVP_PKEY_free(pKey);
+        return(NULL);
+    }
+
     return(data);
 }
 
@@ -1860,18 +1860,18 @@ xmlSecOpenSSLX509CertBase64DerRead(xmlChar* buf) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(xmlSecOpenSSLX509CertDerRead((xmlSecByte*)buf, ret));
 }
 
@@ -1883,37 +1883,37 @@ xmlSecOpenSSLX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) {
 
     xmlSecAssert2(buf != NULL, NULL);
     xmlSecAssert2(size > 0, NULL);
-    
+
     mem = BIO_new(BIO_s_mem());
     if(mem == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "BIO_s_mem");
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "BIO_s_mem");
+        return(NULL);
+    }
+
     ret = BIO_write(mem, buf, size);
     if(ret <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_write",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", size);
-	BIO_free_all(mem);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_write",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", size);
+        BIO_free_all(mem);
+        return(NULL);
     }
 
     cert = d2i_X509_bio(mem, NULL);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "d2i_X509_bio",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "d2i_X509_bio",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
     }
 
     BIO_free_all(mem);
@@ -1928,42 +1928,42 @@ xmlSecOpenSSLX509CertBase64DerWrite(X509* cert, int base64LineWrap) {
     long size;
 
     xmlSecAssert2(cert != NULL, NULL);
-	
+
     mem = BIO_new(BIO_s_mem());
     if(mem == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "BIO_s_mem");
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "BIO_s_mem");
+        return(NULL);
     }
 
     /* todo: add error checks */
     i2d_X509_bio(mem, cert);
     BIO_flush(mem);
-        
+
     size = BIO_get_mem_data(mem, &p);
     if((size <= 0) || (p == NULL)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_get_mem_data",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_get_mem_data",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
+    }
+
     res = xmlSecBase64Encode(p, size, base64LineWrap);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
+    }
 
     BIO_free_all(mem);
     return(res);
@@ -1974,18 +1974,18 @@ xmlSecOpenSSLX509CrlBase64DerRead(xmlChar* buf) {
     int ret;
 
     xmlSecAssert2(buf != NULL, NULL);
-    
+
     /* usual trick with base64 decoding "in-place" */
-    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); 
+    ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Decode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Decode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(xmlSecOpenSSLX509CrlDerRead((xmlSecByte*)buf, ret));
 }
 
@@ -1997,37 +1997,37 @@ xmlSecOpenSSLX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) {
 
     xmlSecAssert2(buf != NULL, NULL);
     xmlSecAssert2(size > 0, NULL);
-    
+
     mem = BIO_new(BIO_s_mem());
     if(mem == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "BIO_s_mem");
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "BIO_s_mem");
+        return(NULL);
+    }
+
     ret = BIO_write(mem, buf, size);
     if(ret <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_write",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "size=%d", size);
-	BIO_free_all(mem);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_write",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "size=%d", size);
+        BIO_free_all(mem);
+        return(NULL);
     }
 
     crl = d2i_X509_CRL_bio(mem, NULL);
     if(crl == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "d2i_X509_CRL_bio",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "d2i_X509_CRL_bio",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
     }
 
     BIO_free_all(mem);
@@ -2042,44 +2042,44 @@ xmlSecOpenSSLX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) {
     long size;
 
     xmlSecAssert2(crl != NULL, NULL);
-	
+
     mem = BIO_new(BIO_s_mem());
     if(mem == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "BIO_s_mem");
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "BIO_s_mem");
+        return(NULL);
     }
 
     /* todo: add error checks */
     i2d_X509_CRL_bio(mem, crl);
     BIO_flush(mem);
-        
+
     size = BIO_get_mem_data(mem, &p);
     if((size <= 0) || (p == NULL)){
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BIO_get_mem_data",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BIO_get_mem_data",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
+    }
+
     res = xmlSecBase64Encode(p, size, base64LineWrap);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
-    }    
-
-    BIO_free_all(mem);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
+    }
+
+    BIO_free_all(mem);
     return(res);
 }
 
@@ -2094,19 +2094,19 @@ xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
     mem = BIO_new(BIO_s_mem());
     if(mem == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-        	    NULL,
-        	    "BIO_new",
-        	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-        	    "BIO_s_mem");
+                    NULL,
+                    "BIO_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "BIO_s_mem");
         return(NULL);
     }
 
     if (X509_NAME_print_ex(mem, nm, 0, XN_FLAG_RFC2253) <=0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-        	    NULL,
-        	    "X509_NAME_print_ex",
-        	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-        	    XMLSEC_ERRORS_NO_MESSAGE);
+                    NULL,
+                    "X509_NAME_print_ex",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         BIO_free_all(mem);
         return(NULL);
     }
@@ -2116,13 +2116,13 @@ xmlSecOpenSSLX509NameWrite(X509_NAME* nm) {
     size = BIO_pending(mem);
     res = xmlMalloc(size + 1);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlMalloc",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BIO_free_all(mem);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlMalloc",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BIO_free_all(mem);
+        return(NULL);
     }
 
     size = BIO_read(mem, res, size);
@@ -2137,28 +2137,28 @@ xmlSecOpenSSLASN1IntegerWrite(ASN1_INTEGER *asni) {
     xmlChar *res = NULL;
     BIGNUM *bn;
     char *p;
-    
+
     xmlSecAssert2(asni != NULL, NULL);
 
     bn = ASN1_INTEGER_to_BN(asni, NULL);
     if(bn == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "ASN1_INTEGER_to_BN",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "ASN1_INTEGER_to_BN",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     p = BN_bn2dec(bn);
     if (p == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "BN_bn2dec",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	BN_free(bn);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "BN_bn2dec",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        BN_free(bn);
+        return(NULL);
     }
     BN_free(bn);
     bn = NULL;
@@ -2169,13 +2169,13 @@ xmlSecOpenSSLASN1IntegerWrite(ASN1_INTEGER *asni) {
      */
     res = xmlCharStrdup(p);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlCharStrdup",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	OPENSSL_free(p);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlCharStrdup",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        OPENSSL_free(p);
+        return(NULL);
     }
     OPENSSL_free(p);
     p = NULL;
@@ -2193,51 +2193,51 @@ xmlSecOpenSSLX509SKIWrite(X509* cert) {
 
     index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
     if (index < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "Certificate without SubjectKeyIdentifier extension",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "Certificate without SubjectKeyIdentifier extension",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     ext = X509_get_ext(cert, index);
     if (ext == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_get_ext",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_get_ext",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     keyId = X509V3_EXT_d2i(ext);
     if (keyId == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509V3_EXT_d2i",
-	    	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	M_ASN1_OCTET_STRING_free(keyId);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509V3_EXT_d2i",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        M_ASN1_OCTET_STRING_free(keyId);
+        return(NULL);
     }
 
     res = xmlSecBase64Encode(M_ASN1_STRING_data(keyId), M_ASN1_STRING_length(keyId), 0);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	M_ASN1_OCTET_STRING_free(keyId);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        M_ASN1_OCTET_STRING_free(keyId);
+        return(NULL);
     }
     M_ASN1_OCTET_STRING_free(keyId);
-    
+
     return(res);
 }
 
-static void 
+static void
 xmlSecOpenSSLX509CertDebugDump(X509* cert, FILE* output) {
     char buf[1024];
     BIGNUM *bn = NULL;
@@ -2245,47 +2245,47 @@ xmlSecOpenSSLX509CertDebugDump(X509* cert, FILE* output) {
     xmlSecAssert(cert != NULL);
     xmlSecAssert(output != NULL);
 
-    fprintf(output, "==== Subject Name: %s\n", 
-	X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))); 
-    fprintf(output, "==== Issuer Name: %s\n", 
-	X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf))); 
+    fprintf(output, "==== Subject Name: %s\n",
+        X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf)));
+    fprintf(output, "==== Issuer Name: %s\n",
+        X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
     fprintf(output, "==== Issuer Serial: ");
     bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
     if(bn != NULL) {
-	BN_print_fp(output, bn);
-	BN_free(bn);
-	fprintf(output, "\n");
+        BN_print_fp(output, bn);
+        BN_free(bn);
+        fprintf(output, "\n");
     } else {
-	fprintf(output, "unknown\n");
+        fprintf(output, "unknown\n");
     }
 }
 
 
-static void 
+static void
 xmlSecOpenSSLX509CertDebugXmlDump(X509* cert, FILE* output) {
     char buf[1024];
     BIGNUM *bn = NULL;
 
     xmlSecAssert(cert != NULL);
     xmlSecAssert(output != NULL);
-    
+
     fprintf(output, "<SubjectName>");
-    xmlSecPrintXmlString(output, 
-	BAD_CAST X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))
+    xmlSecPrintXmlString(output,
+        BAD_CAST X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))
     );
     fprintf(output, "</SubjectName>\n");
-    
-    
+
+
     fprintf(output, "<IssuerName>");
-    xmlSecPrintXmlString(output, 
-	BAD_CAST X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf))); 
+    xmlSecPrintXmlString(output,
+        BAD_CAST X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf)));
     fprintf(output, "</IssuerName>\n");
 
     fprintf(output, "<SerialNumber>");
     bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL);
     if(bn != NULL) {
-	BN_print_fp(output, bn);
-	BN_free(bn);
+        BN_print_fp(output, bn);
+        BN_free(bn);
     }
     fprintf(output, "</SerialNumber>\n");
 }
@@ -2297,11 +2297,11 @@ xmlSecOpenSSLX509CertDebugXmlDump(X509* cert, FILE* output) {
  *
  *
  *************************************************************************/
-static int		xmlSecOpenSSLKeyDataRawX509CertBinRead	(xmlSecKeyDataId id,
-								 xmlSecKeyPtr key,
-								 const xmlSecByte* buf,
-								 xmlSecSize bufSize,
-								 xmlSecKeyInfoCtxPtr keyInfoCtx);
+static int              xmlSecOpenSSLKeyDataRawX509CertBinRead  (xmlSecKeyDataId id,
+                                                                 xmlSecKeyPtr key,
+                                                                 const xmlSecByte* buf,
+                                                                 xmlSecSize bufSize,
+                                                                 xmlSecKeyInfoCtxPtr keyInfoCtx);
 
 static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataRawX509CertKlass = {
     sizeof(xmlSecKeyDataKlass),
@@ -2309,58 +2309,58 @@ static xmlSecKeyDataKlass xmlSecOpenSSLKeyDataRawX509CertKlass = {
 
     /* data */
     xmlSecNameRawX509Cert,
-    xmlSecKeyDataUsageRetrievalMethodNodeBin, 
-						/* xmlSecKeyDataUsage usage; */
-    xmlSecHrefRawX509Cert,			/* const xmlChar* href; */
-    NULL,					/* const xmlChar* dataNodeName; */
-    xmlSecDSigNs,				/* const xmlChar* dataNodeNs; */
-    
+    xmlSecKeyDataUsageRetrievalMethodNodeBin,
+                                                /* xmlSecKeyDataUsage usage; */
+    xmlSecHrefRawX509Cert,                      /* const xmlChar* href; */
+    NULL,                                       /* const xmlChar* dataNodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* dataNodeNs; */
+
     /* constructors/destructor */
-    NULL,					/* xmlSecKeyDataInitializeMethod initialize; */
-    NULL,					/* xmlSecKeyDataDuplicateMethod duplicate; */
-    NULL,					/* xmlSecKeyDataFinalizeMethod finalize; */
-    NULL,					/* xmlSecKeyDataGenerateMethod generate; */
+    NULL,                                       /* xmlSecKeyDataInitializeMethod initialize; */
+    NULL,                                       /* xmlSecKeyDataDuplicateMethod duplicate; */
+    NULL,                                       /* xmlSecKeyDataFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecKeyDataGenerateMethod generate; */
 
     /* get info */
-    NULL,			 		/* xmlSecKeyDataGetTypeMethod getType; */
-    NULL,					/* xmlSecKeyDataGetSizeMethod getSize; */
-    NULL,					/* xmlSecKeyDataGetIdentifier getIdentifier; */    
+    NULL,                                       /* xmlSecKeyDataGetTypeMethod getType; */
+    NULL,                                       /* xmlSecKeyDataGetSizeMethod getSize; */
+    NULL,                                       /* xmlSecKeyDataGetIdentifier getIdentifier; */
 
     /* read/write */
-    NULL,					/* xmlSecKeyDataXmlReadMethod xmlRead; */
-    NULL,					/* xmlSecKeyDataXmlWriteMethod xmlWrite; */
-    xmlSecOpenSSLKeyDataRawX509CertBinRead,	/* xmlSecKeyDataBinReadMethod binRead; */
-    NULL,					/* xmlSecKeyDataBinWriteMethod binWrite; */
+    NULL,                                       /* xmlSecKeyDataXmlReadMethod xmlRead; */
+    NULL,                                       /* xmlSecKeyDataXmlWriteMethod xmlWrite; */
+    xmlSecOpenSSLKeyDataRawX509CertBinRead,     /* xmlSecKeyDataBinReadMethod binRead; */
+    NULL,                                       /* xmlSecKeyDataBinWriteMethod binWrite; */
 
     /* debug */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugDump; */
-    NULL,					/* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugDump; */
+    NULL,                                       /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecOpenSSLKeyDataRawX509CertGetKlass:
- * 
+ *
  * The raw X509 certificates key data klass.
  *
  * Returns: raw X509 certificates key data klass.
  */
-xmlSecKeyDataId 
+xmlSecKeyDataId
 xmlSecOpenSSLKeyDataRawX509CertGetKlass(void) {
     return(&xmlSecOpenSSLKeyDataRawX509CertKlass);
 }
 
 static int
 xmlSecOpenSSLKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
-				    const xmlSecByte* buf, xmlSecSize bufSize,
-				    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                                    const xmlSecByte* buf, xmlSecSize bufSize,
+                                    xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlSecKeyDataPtr data;
     X509* cert;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecOpenSSLKeyDataRawX509CertId, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
@@ -2369,44 +2369,44 @@ xmlSecOpenSSLKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key,
 
     cert = xmlSecOpenSSLX509CertDerRead(buf, bufSize);
     if(cert == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecOpenSSLX509CertDerRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecOpenSSLX509CertDerRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     data = xmlSecKeyEnsureData(key, xmlSecOpenSSLKeyDataX509Id);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecKeyEnsureData",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecKeyEnsureData",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert);
+        return(-1);
+    }
+
     ret = xmlSecOpenSSLKeyDataX509AdoptCert(data, cert);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLKeyDataX509AdoptCert",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	X509_free(cert);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLKeyDataX509AdoptCert",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        X509_free(cert);
+        return(-1);
     }
 
     ret = xmlSecOpenSSLKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
-		    "xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)),
+                    "xmlSecOpenSSLKeyDataX509VerifyAndExtractKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
diff --git a/src/openssl/x509vfy.c b/src/openssl/x509vfy.c
index 40264c0d..fe51da4e 100644
--- a/src/openssl/x509vfy.c
+++ b/src/openssl/x509vfy.c
@@ -1,4 +1,4 @@
-/** 
+/**
  * XMLSec library
  *
  * X509 support
@@ -6,7 +6,7 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -42,17 +42,17 @@
  * Internal OpenSSL X509 store CTX
  *
  *************************************************************************/
-typedef struct _xmlSecOpenSSLX509StoreCtx		xmlSecOpenSSLX509StoreCtx, 
-							*xmlSecOpenSSLX509StoreCtxPtr;
+typedef struct _xmlSecOpenSSLX509StoreCtx               xmlSecOpenSSLX509StoreCtx,
+                                                        *xmlSecOpenSSLX509StoreCtxPtr;
 struct _xmlSecOpenSSLX509StoreCtx {
-    X509_STORE* 	xst;
-    STACK_OF(X509)* 	untrusted;
+    X509_STORE*         xst;
+    STACK_OF(X509)*     untrusted;
     STACK_OF(X509_CRL)* crls;
-    
+
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
-    X509_VERIFY_PARAM * vpm;	    
+    X509_VERIFY_PARAM * vpm;
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
-};	    
+};
 
 /****************************************************************************
  *
@@ -63,88 +63,88 @@ struct _xmlSecOpenSSLX509StoreCtx {
  ***************************************************************************/
 #define xmlSecOpenSSLX509StoreGetCtx(store) \
     ((xmlSecOpenSSLX509StoreCtxPtr)(((xmlSecByte*)(store)) + \
-				    sizeof(xmlSecKeyDataStoreKlass)))
-#define xmlSecOpenSSLX509StoreSize	\
+                                    sizeof(xmlSecKeyDataStoreKlass)))
+#define xmlSecOpenSSLX509StoreSize      \
     (sizeof(xmlSecKeyDataStoreKlass) + sizeof(xmlSecOpenSSLX509StoreCtx))
- 
-static int		xmlSecOpenSSLX509StoreInitialize	(xmlSecKeyDataStorePtr store);
-static void		xmlSecOpenSSLX509StoreFinalize		(xmlSecKeyDataStorePtr store);
+
+static int              xmlSecOpenSSLX509StoreInitialize        (xmlSecKeyDataStorePtr store);
+static void             xmlSecOpenSSLX509StoreFinalize          (xmlSecKeyDataStorePtr store);
 
 static xmlSecKeyDataStoreKlass xmlSecOpenSSLX509StoreKlass = {
     sizeof(xmlSecKeyDataStoreKlass),
     xmlSecOpenSSLX509StoreSize,
 
     /* data */
-    xmlSecNameX509Store,			/* const xmlChar* name; */ 
-        
+    xmlSecNameX509Store,                        /* const xmlChar* name; */
+
     /* constructors/destructor */
-    xmlSecOpenSSLX509StoreInitialize,		/* xmlSecKeyDataStoreInitializeMethod initialize; */
-    xmlSecOpenSSLX509StoreFinalize,		/* xmlSecKeyDataStoreFinalizeMethod finalize; */
+    xmlSecOpenSSLX509StoreInitialize,           /* xmlSecKeyDataStoreInitializeMethod initialize; */
+    xmlSecOpenSSLX509StoreFinalize,             /* xmlSecKeyDataStoreFinalizeMethod finalize; */
 
     /* reserved for the future */
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
-static int		xmlSecOpenSSLX509VerifyCRL			(X509_STORE* xst, 
-									 X509_CRL *crl );
-static X509*		xmlSecOpenSSLX509FindCert			(STACK_OF(X509) *certs,
-									 xmlChar *subjectName,
-									 xmlChar *issuerName, 
-									 xmlChar *issuerSerial,
-									 xmlChar *ski);
-static X509*		xmlSecOpenSSLX509FindNextChainCert		(STACK_OF(X509) *chain, 
-		    							 X509 *cert);
-static int		xmlSecOpenSSLX509VerifyCertAgainstCrls		(STACK_OF(X509_CRL) *crls, 
-								         X509* cert);
-static X509_NAME*	xmlSecOpenSSLX509NameRead			(xmlSecByte *str, 
-									 int len);
-static int 		xmlSecOpenSSLX509NameStringRead			(xmlSecByte **str, 
-									 int *strLen, 
-									 xmlSecByte *res, 
-									 int resLen, 
-									 xmlSecByte delim, 
-									 int ingoreTrailingSpaces);
-static int		xmlSecOpenSSLX509NamesCompare			(X509_NAME *a,
-									 X509_NAME *b);
-static int 		xmlSecOpenSSLX509_NAME_cmp			(const X509_NAME *a, 
-									 const X509_NAME *b);
-static int 		xmlSecOpenSSLX509_NAME_ENTRY_cmp		(const X509_NAME_ENTRY **a, 
-									 const X509_NAME_ENTRY **b);
-
-/** 
+static int              xmlSecOpenSSLX509VerifyCRL                      (X509_STORE* xst,
+                                                                         X509_CRL *crl );
+static X509*            xmlSecOpenSSLX509FindCert                       (STACK_OF(X509) *certs,
+                                                                         xmlChar *subjectName,
+                                                                         xmlChar *issuerName,
+                                                                         xmlChar *issuerSerial,
+                                                                         xmlChar *ski);
+static X509*            xmlSecOpenSSLX509FindNextChainCert              (STACK_OF(X509) *chain,
+                                                                         X509 *cert);
+static int              xmlSecOpenSSLX509VerifyCertAgainstCrls          (STACK_OF(X509_CRL) *crls,
+                                                                         X509* cert);
+static X509_NAME*       xmlSecOpenSSLX509NameRead                       (xmlSecByte *str,
+                                                                         int len);
+static int              xmlSecOpenSSLX509NameStringRead                 (xmlSecByte **str,
+                                                                         int *strLen,
+                                                                         xmlSecByte *res,
+                                                                         int resLen,
+                                                                         xmlSecByte delim,
+                                                                         int ingoreTrailingSpaces);
+static int              xmlSecOpenSSLX509NamesCompare                   (X509_NAME *a,
+                                                                         X509_NAME *b);
+static int              xmlSecOpenSSLX509_NAME_cmp                      (const X509_NAME * a,
+                                                                         const X509_NAME * b);
+static int              xmlSecOpenSSLX509_NAME_ENTRY_cmp                (const X509_NAME_ENTRY * const *a,
+                                                                         const X509_NAME_ENTRY * const *b);
+
+/**
  * xmlSecOpenSSLX509StoreGetKlass:
- * 
+ *
  * The OpenSSL X509 certificates key data store klass.
  *
  * Returns: pointer to OpenSSL X509 certificates key data store klass.
  */
-xmlSecKeyDataStoreId 
+xmlSecKeyDataStoreId
 xmlSecOpenSSLX509StoreGetKlass(void) {
     return(&xmlSecOpenSSLX509StoreKlass);
 }
 
 /**
  * xmlSecOpenSSLX509StoreFindCert:
- * @store:		the pointer to X509 key data store klass.
- * @subjectName:	the desired certificate name.
- * @issuerName:		the desired certificate issuer name.
- * @issuerSerial:	the desired certificate issuer serial number.
- * @ski:		the desired certificate SKI.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @store:              the pointer to X509 key data store klass.
+ * @subjectName:        the desired certificate name.
+ * @issuerName:         the desired certificate issuer name.
+ * @issuerSerial:       the desired certificate issuer serial number.
+ * @ski:                the desired certificate SKI.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Searches @store for a certificate that matches given criteria.
  *
  * Returns: pointer to found certificate or NULL if certificate is not found
  * or an error occurs.
  */
-X509* 
+X509*
 xmlSecOpenSSLX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName,
-				xmlChar *issuerName, xmlChar *issuerSerial,
-				xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
+                                xmlChar *issuerName, xmlChar *issuerSerial,
+                                xmlChar *ski, xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     X509* res = NULL;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), NULL);
     xmlSecAssert2(keyInfoCtx != NULL, NULL);
 
@@ -159,24 +159,24 @@ xmlSecOpenSSLX509StoreFindCert(xmlSecKeyDataStorePtr store, xmlChar *subjectName
 
 /**
  * xmlSecOpenSSLX509StoreVerify:
- * @store:		the pointer to X509 key data store klass.
- * @certs:		the untrusted certificates stack.
- * @crls:		the crls stack.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> element processing context.
+ * @store:              the pointer to X509 key data store klass.
+ * @certs:              the untrusted certificates stack.
+ * @crls:               the crls stack.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> element processing context.
  *
  * Verifies @certs list.
  *
  * Returns: pointer to the first verified certificate from @certs.
- */ 
-X509* 	
+ */
+X509*
 xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509* certs,
-			     XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
+                             XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     STACK_OF(X509)* certs2 = NULL;
     STACK_OF(X509_CRL)* crls2 = NULL;
-    X509* res = NULL;
-    X509* cert;
-    X509 *err_cert = NULL;
+    X509 * res = NULL;
+    X509 * cert;
+    X509 * err_cert = NULL;
     char buf[256];
     int err = 0, depth;
     int i;
@@ -189,256 +189,256 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDataStorePtr store, XMLSEC_STACK_OF_X509*
     ctx = xmlSecOpenSSLX509StoreGetCtx(store);
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(ctx->xst != NULL, NULL);
-    
+
     /* dup certs */
     certs2 = sk_X509_dup(certs);
     if(certs2 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "sk_X509_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "sk_X509_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     /* add untrusted certs from the store */
     if(ctx->untrusted != NULL) {
-	for(i = 0; i < sk_X509_num(ctx->untrusted); ++i) { 
-	    ret = sk_X509_push(certs2, sk_X509_value(ctx->untrusted, i));
-	    if(ret < 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "sk_X509_push",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	}
+        for(i = 0; i < sk_X509_num(ctx->untrusted); ++i) {
+            ret = sk_X509_push(certs2, sk_X509_value(ctx->untrusted, i));
+            if(ret < 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "sk_X509_push",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
     }
-    
+
     /* dup crls but remove all non-verified */
     if(crls != NULL) {
-	crls2 = sk_X509_CRL_dup(crls);
-	if(crls2 == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			"sk_X509_CRL_dup",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    goto done;
-	}
-
-	for(i = 0; i < sk_X509_CRL_num(crls2); ) { 
-	    ret = xmlSecOpenSSLX509VerifyCRL(ctx->xst, sk_X509_CRL_value(crls2, i));
-	    if(ret == 1) {
-		++i;
-	    } else if(ret == 0) {
-		sk_X509_CRL_delete(crls2, i);
-	    } else {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "xmlSecOpenSSLX509VerifyCRL",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	}	
+        crls2 = sk_X509_CRL_dup(crls);
+        if(crls2 == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "sk_X509_CRL_dup",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            goto done;
+        }
+
+        for(i = 0; i < sk_X509_CRL_num(crls2); ) {
+            ret = xmlSecOpenSSLX509VerifyCRL(ctx->xst, sk_X509_CRL_value(crls2, i));
+            if(ret == 1) {
+                ++i;
+            } else if(ret == 0) {
+                (void)sk_X509_CRL_delete(crls2, i);
+            } else {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "xmlSecOpenSSLX509VerifyCRL",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
     }
-    
+
     /* remove all revoked certs */
-    for(i = 0; i < sk_X509_num(certs2);) { 
-	cert = sk_X509_value(certs2, i);
-
-	if(crls2 != NULL) {
-	    ret = xmlSecOpenSSLX509VerifyCertAgainstCrls(crls2, cert);
-	    if(ret == 0) {
-		sk_X509_delete(certs2, i);
-		continue;
-	    } else if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "xmlSecOpenSSLX509VerifyCertAgainstCrls",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	}	    	    
-
-	if(ctx->crls != NULL) {
-	    ret = xmlSecOpenSSLX509VerifyCertAgainstCrls(ctx->crls, cert);
-	    if(ret == 0) {
-		sk_X509_delete(certs2, i);
-		continue;
-	    } else if(ret != 1) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "xmlSecOpenSSLX509VerifyCertAgainstCrls",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		goto done;
-	    }
-	}
-	++i;
-    }	
+    for(i = 0; i < sk_X509_num(certs2);) {
+        cert = sk_X509_value(certs2, i);
+
+        if(crls2 != NULL) {
+            ret = xmlSecOpenSSLX509VerifyCertAgainstCrls(crls2, cert);
+            if(ret == 0) {
+                (void)sk_X509_delete(certs2, i);
+                continue;
+            } else if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "xmlSecOpenSSLX509VerifyCertAgainstCrls",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+
+        if(ctx->crls != NULL) {
+            ret = xmlSecOpenSSLX509VerifyCertAgainstCrls(ctx->crls, cert);
+            if(ret == 0) {
+                (void)sk_X509_delete(certs2, i);
+                continue;
+            } else if(ret != 1) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "xmlSecOpenSSLX509VerifyCertAgainstCrls",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+        }
+        ++i;
+    }
 
     /* get one cert after another and try to verify */
-    for(i = 0; i < sk_X509_num(certs2); ++i) { 
-	cert = sk_X509_value(certs2, i);
-	if(xmlSecOpenSSLX509FindNextChainCert(certs2, cert) == NULL) {
-	    X509_STORE_CTX xsc; 
+    for(i = 0; i < sk_X509_num(certs2); ++i) {
+        cert = sk_X509_value(certs2, i);
+        if(xmlSecOpenSSLX509FindNextChainCert(certs2, cert) == NULL) {
+            X509_STORE_CTX xsc;
 
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
-	    X509_VERIFY_PARAM * vpm = NULL;	    
-	    unsigned long vpm_flags = 0;
-
-	    vpm = X509_VERIFY_PARAM_new();
-	    if(vpm == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "X509_VERIFY_PARAM_new",
-		    	    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        goto done;
-	    }
-	    vpm_flags = vpm->flags;
+            X509_VERIFY_PARAM * vpm = NULL;
+            unsigned long vpm_flags = 0;
+
+            vpm = X509_VERIFY_PARAM_new();
+            if(vpm == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "X509_VERIFY_PARAM_new",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                goto done;
+            }
+            vpm_flags = vpm->flags;
 /*
-	    vpm_flags &= (~X509_V_FLAG_X509_STRICT);
+            vpm_flags &= (~X509_V_FLAG_X509_STRICT);
 */
-	    vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
+            vpm_flags &= (~X509_V_FLAG_CRL_CHECK);
 
-	    X509_VERIFY_PARAM_set_depth(vpm, 9);  
-	    X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
+            X509_VERIFY_PARAM_set_depth(vpm, 9);
+            X509_VERIFY_PARAM_set_flags(vpm, vpm_flags);
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
-    
 
-	    X509_STORE_CTX_init (&xsc, ctx->xst, cert, certs2);
 
-	    if(keyInfoCtx->certsVerificationTime > 0) {	
+            X509_STORE_CTX_init (&xsc, ctx->xst, cert, certs2);
+
+            if(keyInfoCtx->certsVerificationTime > 0) {
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
-		vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
-	        X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
+                vpm_flags |= X509_V_FLAG_USE_CHECK_TIME;
+                X509_VERIFY_PARAM_set_time(vpm, keyInfoCtx->certsVerificationTime);
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
-		X509_STORE_CTX_set_time(&xsc, 0, keyInfoCtx->certsVerificationTime);
-	    }
+                X509_STORE_CTX_set_time(&xsc, 0, keyInfoCtx->certsVerificationTime);
+            }
 
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
-	    X509_STORE_CTX_set0_param(&xsc, vpm);	    
+            X509_STORE_CTX_set0_param(&xsc, vpm);
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
 
-	    
-	    ret 	= X509_verify_cert(&xsc); 
-	    err_cert 	= X509_STORE_CTX_get_current_cert(&xsc);
-	    err	 	= X509_STORE_CTX_get_error(&xsc);
-	    depth	= X509_STORE_CTX_get_error_depth(&xsc);
-	    
-	    X509_STORE_CTX_cleanup (&xsc);  
-	    
-	    if(ret == 1) {
-		res = cert;
-		goto done;
-	    } else if(ret < 0) {
-		const char* err_msg;
-		
-		buf[0] = '\0';
-	        X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof buf);
-		err_msg = X509_verify_cert_error_string(err);
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "X509_verify_cert",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    	    "subj=%s;err=%d;msg=%s", 
-			    xmlSecErrorsSafeString(buf),
-			    err, 
-			    xmlSecErrorsSafeString(err_msg));
-		goto done;
-	    } else if(ret == 0) {
-		const char* err_msg;
-		
-		buf[0] = '\0';
-	        X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof buf);
-		err_msg = X509_verify_cert_error_string(err);
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			    "X509_verify_cert",
-			    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    	    "subj=%s;err=%d;msg=%s", 
-			    xmlSecErrorsSafeString(buf),
-			    err, 
-			    xmlSecErrorsSafeString(err_msg));
-	    }
-	}
+
+            ret         = X509_verify_cert(&xsc);
+            err_cert    = X509_STORE_CTX_get_current_cert(&xsc);
+            err         = X509_STORE_CTX_get_error(&xsc);
+            depth       = X509_STORE_CTX_get_error_depth(&xsc);
+
+            X509_STORE_CTX_cleanup (&xsc);
+
+            if(ret == 1) {
+                res = cert;
+                goto done;
+            } else if(ret < 0) {
+                const char* err_msg;
+
+                buf[0] = '\0';
+                X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof buf);
+                err_msg = X509_verify_cert_error_string(err);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "X509_verify_cert",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "subj=%s;err=%d;msg=%s",
+                            xmlSecErrorsSafeString(buf),
+                            err,
+                            xmlSecErrorsSafeString(err_msg));
+                goto done;
+            } else if(ret == 0) {
+                const char* err_msg;
+
+                buf[0] = '\0';
+                X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof buf);
+                err_msg = X509_verify_cert_error_string(err);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                            "X509_verify_cert",
+                            XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                            "subj=%s;err=%d;msg=%s",
+                            xmlSecErrorsSafeString(buf),
+                            err,
+                            xmlSecErrorsSafeString(err_msg));
+            }
+        }
     }
 
     /* if we came here then we found nothing. do we have any error? */
     if((err != 0) && (err_cert != NULL)) {
-	const char* err_msg;
-
-	err_msg = X509_verify_cert_error_string(err);
-	switch (err) {
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-	    X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, sizeof buf);
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
-		        "err=%d;msg=%s;issuer=%s", 
-			err, 
-			xmlSecErrorsSafeString(err_msg),
-			xmlSecErrorsSafeString(buf));
-	    break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_NOT_YET_VALID,
-			"err=%d;msg=%s", err,
-			xmlSecErrorsSafeString(err_msg));
-	    break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
-			"err=%d;msg=%s", err,
-			xmlSecErrorsSafeString(err_msg));
-	    break;
-	default:			
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			NULL,
-			XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
-			"err=%d;msg=%s", err,
-			xmlSecErrorsSafeString(err_msg));
-	}		    
+        const char* err_msg;
+
+        err_msg = X509_verify_cert_error_string(err);
+        switch (err) {
+        case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+            X509_NAME_oneline(X509_get_issuer_name(err_cert), buf, sizeof buf);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_ISSUER_FAILED,
+                        "err=%d;msg=%s;issuer=%s",
+                        err,
+                        xmlSecErrorsSafeString(err_msg),
+                        xmlSecErrorsSafeString(buf));
+            break;
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_NOT_YET_VALID,
+                        "err=%d;msg=%s", err,
+                        xmlSecErrorsSafeString(err_msg));
+            break;
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+        case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_HAS_EXPIRED,
+                        "err=%d;msg=%s", err,
+                        xmlSecErrorsSafeString(err_msg));
+            break;
+        default:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_VERIFY_FAILED,
+                        "err=%d;msg=%s", err,
+                        xmlSecErrorsSafeString(err_msg));
+        }
     }
-    
-done:    
+
+done:
     if(certs2 != NULL) {
-	sk_X509_free(certs2);
+        sk_X509_free(certs2);
     }
     if(crls2 != NULL) {
-	sk_X509_CRL_free(crls2);
+        sk_X509_CRL_free(crls2);
     }
     return(res);
 }
 
 /**
  * xmlSecOpenSSLX509StoreAdoptCert:
- * @store:		the pointer to X509 key data store klass.
- * @cert:		the pointer to OpenSSL X509 certificate.
- * @type:		the certificate type (trusted/untrusted).
+ * @store:              the pointer to X509 key data store klass.
+ * @cert:               the pointer to OpenSSL X509 certificate.
+ * @type:               the certificate type (trusted/untrusted).
  *
  * Adds trusted (root) or untrusted certificate to the store.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecOpenSSLX509StoreAdoptCert(xmlSecKeyDataStorePtr store, X509* cert, xmlSecKeyDataType type) {
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), -1);
     xmlSecAssert2(cert != NULL, -1);
 
@@ -460,51 +460,51 @@ xmlSecOpenSSLX509StoreAdoptCert(xmlSecKeyDataStorePtr store, X509* cert, xmlSecK
         /* add cert increments the reference */
         X509_free(cert);
     } else {
-	xmlSecAssert2(ctx->untrusted != NULL, -1);
-
-	ret = sk_X509_push(ctx->untrusted, cert);
-	if(ret < 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			"sk_X509_push",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(ctx->untrusted != NULL, -1);
+
+        ret = sk_X509_push(ctx->untrusted, cert);
+        if(ret < 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "sk_X509_push",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     return(0);
 }
 
 /**
  * xmlSecOpenSSLX509StoreAdoptCrl:
- * @store:		the pointer to X509 key data store klass.
- * @crl:		the pointer to OpenSSL X509_CRL.
+ * @store:              the pointer to X509 key data store klass.
+ * @crl:                the pointer to OpenSSL X509_CRL.
  *
  * Adds X509 CRL to the store.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecOpenSSLX509StoreAdoptCrl(xmlSecKeyDataStorePtr store, X509_CRL* crl) {
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), -1);
     xmlSecAssert2(crl != NULL, -1);
 
     ctx = xmlSecOpenSSLX509StoreGetCtx(store);
     xmlSecAssert2(ctx != NULL, -1);
-	xmlSecAssert2(ctx->crls != NULL, -1);
-
-	ret = sk_X509_CRL_push(ctx->crls, crl);
-	if(ret < 1) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-			"sk_X509_CRL_push",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(ctx->crls != NULL, -1);
+
+        ret = sk_X509_CRL_push(ctx->crls, crl);
+        if(ret < 1) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                        "sk_X509_CRL_push",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
 
     return (0);
 }
@@ -519,7 +519,7 @@ xmlSecOpenSSLX509StoreAdoptCrl(xmlSecKeyDataStorePtr store, X509_CRL* crl) {
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecOpenSSLX509StoreAddCertsPath(xmlSecKeyDataStorePtr store, const char *path) {
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     X509_LOOKUP *lookup = NULL;
@@ -530,25 +530,25 @@ xmlSecOpenSSLX509StoreAddCertsPath(xmlSecKeyDataStorePtr store, const char *path
     ctx = xmlSecOpenSSLX509StoreGetCtx(store);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->xst != NULL, -1);
-    
+
     lookup = X509_STORE_add_lookup(ctx->xst, X509_LOOKUP_hash_dir());
     if(lookup == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_STORE_add_lookup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_STORE_add_lookup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     if(!X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_LOOKUP_add_dir",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "path='%s'",
-		    xmlSecErrorsSafeString(path)
-	);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_LOOKUP_add_dir",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "path='%s'",
+                    xmlSecErrorsSafeString(path)
+        );
+        return(-1);
     }
     return(0);
 }
@@ -589,9 +589,9 @@ xmlSecOpenSSLX509StoreAddCertsFile(xmlSecKeyDataStorePtr store, const char *file
                     xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
                     "X509_LOOKUP_load_file",
                     XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "file='%s'",
-		    xmlSecErrorsSafeString(file)
-	);
+                    "file='%s'",
+                    xmlSecErrorsSafeString(file)
+        );
         return(-1);
     }
     return(0);
@@ -601,7 +601,7 @@ static int
 xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
     const xmlChar* path;
     X509_LOOKUP *lookup = NULL;
-    
+
     xmlSecOpenSSLX509StoreCtxPtr ctx;
     xmlSecAssert2(xmlSecKeyDataStoreCheckId(store, xmlSecOpenSSLX509StoreId), -1);
 
@@ -612,96 +612,96 @@ xmlSecOpenSSLX509StoreInitialize(xmlSecKeyDataStorePtr store) {
 
     ctx->xst = X509_STORE_new();
     if(ctx->xst == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_STORE_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_STORE_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     if(!X509_STORE_set_default_paths(ctx->xst)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_STORE_set_default_paths",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_STORE_set_default_paths",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
-	
+
+
     lookup = X509_STORE_add_lookup(ctx->xst, X509_LOOKUP_hash_dir());
     if(lookup == NULL) {
          xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_STORE_add_lookup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_STORE_add_lookup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
          return(-1);
-    }    
+    }
 
     path = xmlSecOpenSSLGetDefaultTrustedCertsFolder();
     if(path != NULL) {
-	if(!X509_LOOKUP_add_dir(lookup, (char*)path, X509_FILETYPE_PEM)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_LOOKUP_add_dir",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    "path='%s'",
-		    xmlSecErrorsSafeString(path)
-	    );
-	    return(-1);
-	}    
+        if(!X509_LOOKUP_add_dir(lookup, (char*)path, X509_FILETYPE_PEM)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_LOOKUP_add_dir",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    "path='%s'",
+                    xmlSecErrorsSafeString(path)
+            );
+            return(-1);
+        }
     } else {
-	if(!X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_LOOKUP_add_dir",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE
-	    );
-	    return(-1);
-	}    
+        if(!X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_LOOKUP_add_dir",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE
+            );
+            return(-1);
+        }
     }
 
     ctx->untrusted = sk_X509_new_null();
     if(ctx->untrusted == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "sk_X509_new_null",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "sk_X509_new_null",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
 
     ctx->crls = sk_X509_CRL_new_null();
     if(ctx->crls == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "sk_X509_CRL_new_null",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "sk_X509_CRL_new_null",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
     ctx->vpm = X509_VERIFY_PARAM_new();
     if(ctx->vpm == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
-		    "X509_VERIFY_PARAM_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
-    X509_VERIFY_PARAM_set_depth(ctx->vpm, 9); /* the default cert verification path in openssl */	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecKeyDataStoreGetName(store)),
+                    "X509_VERIFY_PARAM_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    X509_VERIFY_PARAM_set_depth(ctx->vpm, 9); /* the default cert verification path in openssl */
     X509_STORE_set1_param(ctx->xst, ctx->vpm);
-    
+
 #else  /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
-    ctx->xst->depth = 9; /* the default cert verification path in openssl */	
+    ctx->xst->depth = 9; /* the default cert verification path in openssl */
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
 
-    return(0);    
+    return(0);
 }
 
 static void
@@ -711,20 +711,20 @@ xmlSecOpenSSLX509StoreFinalize(xmlSecKeyDataStorePtr store) {
 
     ctx = xmlSecOpenSSLX509StoreGetCtx(store);
     xmlSecAssert(ctx != NULL);
-    
+
 
     if(ctx->xst != NULL) {
-	X509_STORE_free(ctx->xst);
+        X509_STORE_free(ctx->xst);
     }
     if(ctx->untrusted != NULL) {
-	sk_X509_pop_free(ctx->untrusted, X509_free);
+        sk_X509_pop_free(ctx->untrusted, X509_free);
     }
     if(ctx->crls != NULL) {
-	sk_X509_CRL_pop_free(ctx->crls, X509_CRL_free);
+        sk_X509_CRL_pop_free(ctx->crls, X509_CRL_free);
     }
 #if !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097)
     if(ctx->vpm != NULL) {
-	X509_VERIFY_PARAM_free(ctx->vpm);
+        X509_VERIFY_PARAM_free(ctx->vpm);
     }
 #endif /* !defined(XMLSEC_OPENSSL_096) && !defined(XMLSEC_OPENSSL_097) */
 
@@ -739,179 +739,179 @@ xmlSecOpenSSLX509StoreFinalize(xmlSecKeyDataStorePtr store) {
  *****************************************************************************/
 static int
 xmlSecOpenSSLX509VerifyCRL(X509_STORE* xst, X509_CRL *crl ) {
-    X509_STORE_CTX xsc; 
+    X509_STORE_CTX xsc;
     X509_OBJECT xobj;
     EVP_PKEY *pkey;
-    int ret;  
+    int ret;
 
     xmlSecAssert2(xst != NULL, -1);
     xmlSecAssert2(crl != NULL, -1);
-    
+
     X509_STORE_CTX_init(&xsc, xst, NULL, NULL);
-    ret = X509_STORE_get_by_subject(&xsc, X509_LU_X509, 
-				    X509_CRL_get_issuer(crl), &xobj);
+    ret = X509_STORE_get_by_subject(&xsc, X509_LU_X509,
+                                    X509_CRL_get_issuer(crl), &xobj);
     if(ret <= 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_STORE_get_by_subject",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_STORE_get_by_subject",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     pkey = X509_get_pubkey(xobj.data.x509);
     X509_OBJECT_free_contents(&xobj);
     if(pkey == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_get_pubkey",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_get_pubkey",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     ret = X509_CRL_verify(crl, pkey);
-    EVP_PKEY_free(pkey);    
+    EVP_PKEY_free(pkey);
     if(ret != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_CRL_verify",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_CRL_verify",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
     }
-    X509_STORE_CTX_cleanup (&xsc);  
+    X509_STORE_CTX_cleanup (&xsc);
     return((ret == 1) ? 1 : 0);
 }
 
-static X509*		
+static X509*
 xmlSecOpenSSLX509FindCert(STACK_OF(X509) *certs, xmlChar *subjectName,
-			xmlChar *issuerName, xmlChar *issuerSerial,
-			xmlChar *ski) {
+                        xmlChar *issuerName, xmlChar *issuerSerial,
+                        xmlChar *ski) {
     X509 *cert = NULL;
     int i;
 
     xmlSecAssert2(certs != NULL, NULL);
-    
+
     /* todo: may be this is not the fastest way to search certs */
     if(subjectName != NULL) {
-	X509_NAME *nm;
-	X509_NAME *subj;
-
-	nm = xmlSecOpenSSLX509NameRead(subjectName, xmlStrlen(subjectName));
-	if(nm == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLX509NameRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"subject=%s", 
-			xmlSecErrorsSafeString(subjectName));
-	    return(NULL);    
-	}
-
-	for(i = 0; i < sk_X509_num(certs); ++i) {
-	    cert = sk_X509_value(certs, i);
-	    subj = X509_get_subject_name(cert);
-	    if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) {
-		X509_NAME_free(nm);
-		return(cert);
-	    }	    
-	}
-	X509_NAME_free(nm);
+        X509_NAME *nm;
+        X509_NAME *subj;
+
+        nm = xmlSecOpenSSLX509NameRead(subjectName, xmlStrlen(subjectName));
+        if(nm == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLX509NameRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "subject=%s",
+                        xmlSecErrorsSafeString(subjectName));
+            return(NULL);
+        }
+
+        for(i = 0; i < sk_X509_num(certs); ++i) {
+            cert = sk_X509_value(certs, i);
+            subj = X509_get_subject_name(cert);
+            if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) {
+                X509_NAME_free(nm);
+                return(cert);
+            }
+        }
+        X509_NAME_free(nm);
     } else if((issuerName != NULL) && (issuerSerial != NULL)) {
-	X509_NAME *nm;
-	X509_NAME *issuer;
-	BIGNUM *bn;
-	ASN1_INTEGER *serial;
-
-	nm = xmlSecOpenSSLX509NameRead(issuerName, xmlStrlen(issuerName));
-	if(nm == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLX509NameRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"issuer=%s", 
-			xmlSecErrorsSafeString(issuerName));
-	    return(NULL);    
-	}
-		
-	bn = BN_new();
-	if(bn == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"BN_new",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    X509_NAME_free(nm);
-	    return(NULL);    
-	}
-	if(BN_dec2bn(&bn, (char*)issuerSerial) == 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"BN_dec2bn",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    BN_free(bn);
-	    X509_NAME_free(nm);
-	    return(NULL);    
-	}
-	
-	serial = BN_to_ASN1_INTEGER(bn, NULL);
-	if(serial == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"BN_to_ASN1_INTEGER",
-			XMLSEC_ERRORS_R_CRYPTO_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    BN_free(bn);
-	    X509_NAME_free(nm);
-	    return(NULL);    
-	}
-	BN_free(bn); 
-
-
-	for(i = 0; i < sk_X509_num(certs); ++i) {
-	    cert = sk_X509_value(certs, i);
-	    if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) {
-		continue;
-	    } 
-	    issuer = X509_get_issuer_name(cert);
-	    if(xmlSecOpenSSLX509NamesCompare(nm, issuer) == 0) {
-		ASN1_INTEGER_free(serial);
-		X509_NAME_free(nm);
-		return(cert);
-	    }	    
-	}
+        X509_NAME *nm;
+        X509_NAME *issuer;
+        BIGNUM *bn;
+        ASN1_INTEGER *serial;
+
+        nm = xmlSecOpenSSLX509NameRead(issuerName, xmlStrlen(issuerName));
+        if(nm == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLX509NameRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "issuer=%s",
+                        xmlSecErrorsSafeString(issuerName));
+            return(NULL);
+        }
+
+        bn = BN_new();
+        if(bn == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "BN_new",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            X509_NAME_free(nm);
+            return(NULL);
+        }
+        if(BN_dec2bn(&bn, (char*)issuerSerial) == 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "BN_dec2bn",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            BN_free(bn);
+            X509_NAME_free(nm);
+            return(NULL);
+        }
+
+        serial = BN_to_ASN1_INTEGER(bn, NULL);
+        if(serial == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "BN_to_ASN1_INTEGER",
+                        XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            BN_free(bn);
+            X509_NAME_free(nm);
+            return(NULL);
+        }
+        BN_free(bn);
+
+
+        for(i = 0; i < sk_X509_num(certs); ++i) {
+            cert = sk_X509_value(certs, i);
+            if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) {
+                continue;
+            }
+            issuer = X509_get_issuer_name(cert);
+            if(xmlSecOpenSSLX509NamesCompare(nm, issuer) == 0) {
+                ASN1_INTEGER_free(serial);
+                X509_NAME_free(nm);
+                return(cert);
+            }
+        }
 
         X509_NAME_free(nm);
-	ASN1_INTEGER_free(serial);
+        ASN1_INTEGER_free(serial);
     } else if(ski != NULL) {
-	int len;
-	int index;
-	X509_EXTENSION *ext;
-	ASN1_OCTET_STRING *keyId;
-	
-	/* our usual trick with base64 decode */
-	len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
-	if(len < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecBase64Decode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"ski=%s", 
-			xmlSecErrorsSafeString(ski));
-	    return(NULL);    	
-	}
-	for(i = 0; i < sk_X509_num(certs); ++i) {
-	    cert = sk_X509_value(certs, i);
-	    index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); 
-	    if((index >= 0)  && (ext = X509_get_ext(cert, index))) {
-		keyId = X509V3_EXT_d2i(ext);
-		if((keyId != NULL) && (keyId->length == len) && 
-				    (memcmp(keyId->data, ski, len) == 0)) {
-		    M_ASN1_OCTET_STRING_free(keyId);
-		    return(cert);
-		}
-		M_ASN1_OCTET_STRING_free(keyId);
-	    }
-	}	
+        int len;
+        int index;
+        X509_EXTENSION *ext;
+        ASN1_OCTET_STRING *keyId;
+
+        /* our usual trick with base64 decode */
+        len = xmlSecBase64Decode(ski, (xmlSecByte*)ski, xmlStrlen(ski));
+        if(len < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecBase64Decode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "ski=%s",
+                        xmlSecErrorsSafeString(ski));
+            return(NULL);
+        }
+        for(i = 0; i < sk_X509_num(certs); ++i) {
+            cert = sk_X509_value(certs, i);
+            index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
+            if((index >= 0)  && (ext = X509_get_ext(cert, index))) {
+                keyId = X509V3_EXT_d2i(ext);
+                if((keyId != NULL) && (keyId->length == len) &&
+                                    (memcmp(keyId->data, ski, len) == 0)) {
+                    M_ASN1_OCTET_STRING_free(keyId);
+                    return(cert);
+                }
+                M_ASN1_OCTET_STRING_free(keyId);
+            }
+        }
     }
 
     return(NULL);
@@ -924,14 +924,14 @@ xmlSecOpenSSLX509FindNextChainCert(STACK_OF(X509) *chain, X509 *cert) {
 
     xmlSecAssert2(chain != NULL, NULL);
     xmlSecAssert2(cert != NULL, NULL);
-    
+
     certSubjHash = X509_subject_name_hash(cert);
     for(i = 0; i < sk_X509_num(chain); ++i) {
-	if((sk_X509_value(chain, i) != cert) && 
-	   (X509_issuer_name_hash(sk_X509_value(chain, i)) == certSubjHash)) {
+        if((sk_X509_value(chain, i) != cert) &&
+           (X509_issuer_name_hash(sk_X509_value(chain, i)) == certSubjHash)) {
 
-	    return(sk_X509_value(chain, i));
-	}
+            return(sk_X509_value(chain, i));
+        }
     }
     return(NULL);
 }
@@ -942,57 +942,57 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(STACK_OF(X509_CRL) *crls, X509* cert) {
     X509_CRL *crl = NULL;
     X509_REVOKED *revoked;
     int i, n;
-    int ret;  
+    int ret;
 
     xmlSecAssert2(crls != NULL, -1);
     xmlSecAssert2(cert != NULL, -1);
-    
+
     /*
      * Try to retrieve a CRL corresponding to the issuer of
-     * the current certificate 
-     */    
+     * the current certificate
+     */
     n = sk_X509_CRL_num(crls);
     for(i = 0; i < n; i++) {
-	crl = sk_X509_CRL_value(crls, i);
-	if(crl == NULL) {
-	    continue;
-	}
-	
-	issuer = X509_CRL_get_issuer(crl);
-	if(xmlSecOpenSSLX509NamesCompare(X509_CRL_get_issuer(crl), issuer) == 0) { 
-	    break;
-	}
+        crl = sk_X509_CRL_value(crls, i);
+        if(crl == NULL) {
+            continue;
+        }
+
+        issuer = X509_CRL_get_issuer(crl);
+        if(xmlSecOpenSSLX509NamesCompare(X509_CRL_get_issuer(crl), issuer) == 0) {
+            break;
+        }
     }
     if((i >= n) || (crl == NULL)){
-	/* no crls for this issuer */
-	return(1);
+        /* no crls for this issuer */
+        return(1);
     }
 
-    /* 
-     * Check date of CRL to make sure it's not expired 
+    /*
+     * Check date of CRL to make sure it's not expired
      */
     ret = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
     if (ret == 0) {
-	/* crl expired */
-	return(1);
+        /* crl expired */
+        return(1);
     }
-    
-    /* 
+
+    /*
      * Check if the current certificate is revoked by this CRL
      */
     n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
     for (i = 0; i < n; i++) {
         revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
         if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_CERT_REVOKED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(0);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_CERT_REVOKED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(0);
         }
     }
-    return(1);    
+    return(1);
 }
 
 static X509_NAME *
@@ -1004,167 +1004,167 @@ xmlSecOpenSSLX509NameRead(xmlSecByte *str, int len) {
     int type = MBSTRING_ASC;
 
     xmlSecAssert2(str != NULL, NULL);
-    
+
     nm = X509_NAME_new();
     if(nm == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_NAME_new",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_NAME_new",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     while(len > 0) {
-	/* skip spaces after comma or semicolon */
-	while((len > 0) && isspace(*str)) {
-	    ++str; --len;
-	}
-
-	nameLen = xmlSecOpenSSLX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);	
-	if(nameLen < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecOpenSSLX509NameStringRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    X509_NAME_free(nm);
-	    return(NULL);
-	}
-	name[nameLen] = '\0';
-	if(len > 0) {
-	    ++str; --len;
-	    if((*str) == '\"') {
-		++str; --len;
-		valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len, 
-					value, sizeof(value), '"', 1);	
-		if(valueLen < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"xmlSecOpenSSLX509NameStringRead",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		    X509_NAME_free(nm);
-		    return(NULL);
-    		}
-		
-		/* skip quote */
-		if((len <= 0) || ((*str) != '\"')) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"quote is expected:%s",
-				xmlSecErrorsSafeString(str));
-		    X509_NAME_free(nm);
-		    return(NULL);
-		}
+        /* skip spaces after comma or semicolon */
+        while((len > 0) && isspace(*str)) {
+            ++str; --len;
+        }
+
+        nameLen = xmlSecOpenSSLX509NameStringRead(&str, &len, name, sizeof(name), '=', 0);
+        if(nameLen < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecOpenSSLX509NameStringRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            X509_NAME_free(nm);
+            return(NULL);
+        }
+        name[nameLen] = '\0';
+        if(len > 0) {
+            ++str; --len;
+            if((*str) == '\"') {
+                ++str; --len;
+                valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len,
+                                        value, sizeof(value), '"', 1);
+                if(valueLen < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecOpenSSLX509NameStringRead",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    X509_NAME_free(nm);
+                    return(NULL);
+                }
+
+                /* skip quote */
+                if((len <= 0) || ((*str) != '\"')) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "quote is expected:%s",
+                                xmlSecErrorsSafeString(str));
+                    X509_NAME_free(nm);
+                    return(NULL);
+                }
                 ++str; --len;
 
-		/* skip spaces before comma or semicolon */
-		while((len > 0) && isspace(*str)) {
-		    ++str; --len;
-		}
-		if((len > 0) && ((*str) != ',')) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"comma is expected:%s",
-				xmlSecErrorsSafeString(str));
-		    X509_NAME_free(nm);
-		    return(NULL);
-		}
-		if(len > 0) {
-		    ++str; --len;
-		}
-		type = MBSTRING_ASC;
-	    } else if((*str) == '#') {
-		/* TODO: read octect values */
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    NULL,
-			    XMLSEC_ERRORS_R_INVALID_DATA,
-			    "reading octect values is not implemented yet");
-    	        X509_NAME_free(nm);
-		return(NULL);
-	    } else {
-		valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len, 
-					value, sizeof(value), ',', 1);	
-		if(valueLen < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"xmlSecOpenSSLX509NameStringRead",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				XMLSEC_ERRORS_NO_MESSAGE);
-    	    	    X509_NAME_free(nm);
-		    return(NULL);
-    		}
-		type = MBSTRING_ASC;
-	    } 			
-	} else {
-	    valueLen = 0;
-	}
-	value[valueLen] = '\0';
-	if(len > 0) {
-	    ++str; --len;
-	}	
-	X509_NAME_add_entry_by_txt(nm, (char*)name, type, value, valueLen, -1, 0);
+                /* skip spaces before comma or semicolon */
+                while((len > 0) && isspace(*str)) {
+                    ++str; --len;
+                }
+                if((len > 0) && ((*str) != ',')) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "comma is expected:%s",
+                                xmlSecErrorsSafeString(str));
+                    X509_NAME_free(nm);
+                    return(NULL);
+                }
+                if(len > 0) {
+                    ++str; --len;
+                }
+                type = MBSTRING_ASC;
+            } else if((*str) == '#') {
+                /* TODO: read octect values */
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            NULL,
+                            XMLSEC_ERRORS_R_INVALID_DATA,
+                            "reading octect values is not implemented yet");
+                X509_NAME_free(nm);
+                return(NULL);
+            } else {
+                valueLen = xmlSecOpenSSLX509NameStringRead(&str, &len,
+                                        value, sizeof(value), ',', 1);
+                if(valueLen < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecOpenSSLX509NameStringRead",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                    X509_NAME_free(nm);
+                    return(NULL);
+                }
+                type = MBSTRING_ASC;
+            }
+        } else {
+            valueLen = 0;
+        }
+        value[valueLen] = '\0';
+        if(len > 0) {
+            ++str; --len;
+        }
+        X509_NAME_add_entry_by_txt(nm, (char*)name, type, value, valueLen, -1, 0);
     }
-    
+
     return(nm);
 }
 
-static int 
-xmlSecOpenSSLX509NameStringRead(xmlSecByte **str, int *strLen, 
-			xmlSecByte *res, int resLen,
-			xmlSecByte delim, int ingoreTrailingSpaces) {
-    xmlSecByte *p, *q, *nonSpace; 
+static int
+xmlSecOpenSSLX509NameStringRead(xmlSecByte **str, int *strLen,
+                        xmlSecByte *res, int resLen,
+                        xmlSecByte delim, int ingoreTrailingSpaces) {
+    xmlSecByte *p, *q, *nonSpace;
 
     xmlSecAssert2(str != NULL, -1);
     xmlSecAssert2(strLen != NULL, -1);
     xmlSecAssert2(res != NULL, -1);
-    
+
     p = (*str);
     nonSpace = q = res;
-    while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) { 
-	if((*p) != '\\') {
-	    if(ingoreTrailingSpaces && !isspace(*p)) nonSpace = q;	
-	    *(q++) = *(p++);
-	} else {
-	    ++p;
-	    nonSpace = q;    
-	    if(xmlSecIsHex((*p))) {
-		if((p - (*str) + 1) >= (*strLen)) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"two hex digits expected");
-	    	    return(-1);
-		}
-		*(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
-		p += 2;
-	    } else {
-		if(((++p) - (*str)) >= (*strLen)) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				NULL,
-				XMLSEC_ERRORS_R_INVALID_DATA,
-				"escaped symbol missed");
-		    return(-1);
-		}
-		*(q++) = *(p++); 
-	    }
-	}	    
+    while(((p - (*str)) < (*strLen)) && ((*p) != delim) && ((q - res) < resLen)) {
+        if((*p) != '\\') {
+            if(ingoreTrailingSpaces && !isspace(*p)) nonSpace = q;
+            *(q++) = *(p++);
+        } else {
+            ++p;
+            nonSpace = q;
+            if(xmlSecIsHex((*p))) {
+                if((p - (*str) + 1) >= (*strLen)) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "two hex digits expected");
+                    return(-1);
+                }
+                *(q++) = xmlSecGetHex(p[0]) * 16 + xmlSecGetHex(p[1]);
+                p += 2;
+            } else {
+                if(((++p) - (*str)) >= (*strLen)) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                NULL,
+                                XMLSEC_ERRORS_R_INVALID_DATA,
+                                "escaped symbol missed");
+                    return(-1);
+                }
+                *(q++) = *(p++);
+            }
+        }
     }
     if(((p - (*str)) < (*strLen)) && ((*p) != delim)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_SIZE,
-		    "buffer is too small");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_SIZE,
+                    "buffer is too small");
+        return(-1);
     }
     (*strLen) -= (p - (*str));
     (*str) = p;
@@ -1172,106 +1172,106 @@ xmlSecOpenSSLX509NameStringRead(xmlSecByte **str, int *strLen,
 }
 
 static
-int xmlSecOpenSSLX509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) {
+int xmlSecOpenSSLX509_NAME_cmp(const X509_NAME * a, const X509_NAME * b) {
     int i,ret;
     const X509_NAME_ENTRY *na,*nb;
 
     xmlSecAssert2(a != NULL, -1);
     xmlSecAssert2(b != NULL, 1);
-	
+
     if (sk_X509_NAME_ENTRY_num(a->entries) != sk_X509_NAME_ENTRY_num(b->entries)) {
-	return sk_X509_NAME_ENTRY_num(a->entries) - sk_X509_NAME_ENTRY_num(b->entries);
+        return sk_X509_NAME_ENTRY_num(a->entries) - sk_X509_NAME_ENTRY_num(b->entries);
     }
-	
+
     for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) {
-	na=sk_X509_NAME_ENTRY_value(a->entries,i);
-	nb=sk_X509_NAME_ENTRY_value(b->entries,i);
-	
-	ret = xmlSecOpenSSLX509_NAME_ENTRY_cmp(&na, &nb);
-	if(ret != 0) {
-	    return(ret);
-	}
-    }	
+        na=sk_X509_NAME_ENTRY_value(a->entries,i);
+        nb=sk_X509_NAME_ENTRY_value(b->entries,i);
+
+        ret = xmlSecOpenSSLX509_NAME_ENTRY_cmp(&na, &nb);
+        if(ret != 0) {
+            return(ret);
+        }
+    }
 
     return(0);
 }
 
 
-/** 
+/**
  * xmlSecOpenSSLX509NamesCompare:
  *
  * We have to sort X509_NAME entries to get correct results.
  * This is ugly but OpenSSL does not support it
  */
-static int		
+static int
 xmlSecOpenSSLX509NamesCompare(X509_NAME *a, X509_NAME *b) {
     X509_NAME *a1 = NULL;
     X509_NAME *b1 = NULL;
     int ret;
-    
-    xmlSecAssert2(a != NULL, -1);    
-    xmlSecAssert2(b != NULL, 1);    
-    
+
+    xmlSecAssert2(a != NULL, -1);
+    xmlSecAssert2(b != NULL, 1);
+
     a1 = X509_NAME_dup(a);
     if(a1 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_NAME_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_NAME_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
     b1 = X509_NAME_dup(b);
     if(b1 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "X509_NAME_dup",
-		    XMLSEC_ERRORS_R_CRYPTO_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "X509_NAME_dup",
+                    XMLSEC_ERRORS_R_CRYPTO_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(1);
     }
-        
+
     /* sort both */
-    sk_X509_NAME_ENTRY_set_cmp_func(a1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
+    (void)sk_X509_NAME_ENTRY_set_cmp_func(a1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
     sk_X509_NAME_ENTRY_sort(a1->entries);
-    sk_X509_NAME_ENTRY_set_cmp_func(b1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
+    (void)sk_X509_NAME_ENTRY_set_cmp_func(b1->entries, xmlSecOpenSSLX509_NAME_ENTRY_cmp);
     sk_X509_NAME_ENTRY_sort(b1->entries);
 
     /* actually compare */
     ret = xmlSecOpenSSLX509_NAME_cmp(a1, b1);
-    
+
     /* cleanup */
     X509_NAME_free(a1);
     X509_NAME_free(b1);
     return(ret);
 }
 
-static int 
-xmlSecOpenSSLX509_NAME_ENTRY_cmp(const X509_NAME_ENTRY **a, const X509_NAME_ENTRY **b) {
+static int
+xmlSecOpenSSLX509_NAME_ENTRY_cmp(const X509_NAME_ENTRY * const *a, const X509_NAME_ENTRY * const *b) {
     int ret;
-    
+
     xmlSecAssert2(a != NULL, -1);
     xmlSecAssert2(b != NULL, 1);
     xmlSecAssert2((*a) != NULL, -1);
     xmlSecAssert2((*b) != NULL, 1);
 
-    /* first compare values */    
+    /* first compare values */
     if(((*a)->value == NULL) && ((*b)->value != NULL)) {
-	return(-1);
+        return(-1);
     } else if(((*a)->value != NULL) && ((*b)->value == NULL)) {
-	return(1);
+        return(1);
     } else if(((*a)->value == NULL) && ((*b)->value == NULL)) {
-	return(0);
-    }	
-    
+        return(0);
+    }
+
     ret = (*a)->value->length - (*b)->value->length;
     if(ret != 0) {
-	return(ret);
+        return(ret);
     }
-		
+
     ret = memcmp((*a)->value->data, (*b)->value->data, (*a)->value->length);
     if(ret != 0) {
-	return(ret);
+        return(ret);
     }
 
     /* next compare names */
diff --git a/src/parser.c b/src/parser.c
index 74c15229..9bb50905 100644
--- a/src/parser.c
+++ b/src/parser.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * XML Parser transform and utility functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -29,62 +29,62 @@
  * Internal parser
  *
  *****************************************************************************/
-typedef struct _xmlSecParserCtx					xmlSecParserCtx, 
-								*xmlSecParserCtxPtr;
+typedef struct _xmlSecParserCtx                                 xmlSecParserCtx,
+                                                                *xmlSecParserCtxPtr;
 struct _xmlSecParserCtx {
-    xmlParserCtxtPtr 	parserCtx;
-};	    
+    xmlParserCtxtPtr    parserCtx;
+};
 
 /**************************************************************************
  *
- * XML Parser transform 
+ * XML Parser transform
  *
  * xmlSecParserCtx is located after xmlSecTransform
- * 
+ *
  ***************************************************************************/
-#define xmlSecParserSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecParserCtx))	
+#define xmlSecParserSize        \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecParserCtx))
 #define xmlSecParserGetCtx(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecParserSize)) ? \
-	((xmlSecParserCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform))) : \
-	(xmlSecParserCtxPtr)NULL)	    
-
-static int		xmlSecParserInitialize			(xmlSecTransformPtr transform);
-static void		xmlSecParserFinalize			(xmlSecTransformPtr transform);
-static int 		xmlSecParserPushBin			(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 int final,
-							         xmlSecTransformCtxPtr transformCtx);
-static int 		xmlSecParserPopXml			(xmlSecTransformPtr transform, 
-								 xmlSecNodeSetPtr* nodes,
-								 xmlSecTransformCtxPtr transformCtx);
+        ((xmlSecParserCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform))) : \
+        (xmlSecParserCtxPtr)NULL)
+
+static int              xmlSecParserInitialize                  (xmlSecTransformPtr transform);
+static void             xmlSecParserFinalize                    (xmlSecTransformPtr transform);
+static int              xmlSecParserPushBin                     (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 int final,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecParserPopXml                      (xmlSecTransformPtr transform,
+                                                                 xmlSecNodeSetPtr* nodes,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecParserKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecParserSize,				/* xmlSecSize objSize */
-
-    BAD_CAST "xml-parser",			/* const xmlChar* name; */
-    NULL,					/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-    
-    xmlSecParserInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecParserFinalize,			/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecParserPushBin,		/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecParserPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    NULL,					/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecParserSize,                           /* xmlSecSize objSize */
+
+    BAD_CAST "xml-parser",                      /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    xmlSecParserInitialize,                     /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecParserFinalize,                       /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecParserPushBin,                /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecParserPopXml,         /* xmlSecTransformPopXmlMethod popXml; */
+    NULL,                                       /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
@@ -94,21 +94,21 @@ static xmlSecTransformKlass xmlSecParserKlass = {
  *
  * Returns: XML parser transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformXmlParserGetKlass(void) {
     return(&xmlSecParserKlass);
 }
 
-static int 
-xmlSecParserInitialize(xmlSecTransformPtr transform) {    
+static int
+xmlSecParserInitialize(xmlSecTransformPtr transform) {
     xmlSecParserCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXmlParserId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecParserSize), -1);
 
     ctx = xmlSecParserGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     /* initialize context */
     memset(ctx, 0, sizeof(xmlSecParserCtx));
     return(0);
@@ -123,19 +123,19 @@ xmlSecParserFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecParserGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->parserCtx != NULL) {
-	xmlFreeParserCtxt(ctx->parserCtx);
+        xmlFreeParserCtxt(ctx->parserCtx);
     }
     memset(ctx, 0, sizeof(xmlSecParserCtx));
 }
 
-static int 
+static int
 xmlSecParserPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
-				xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+                                xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
     xmlSecParserCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXmlParserId), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
@@ -144,108 +144,108 @@ xmlSecParserPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
 
     /* check/update current transform status */
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlSecAssert2(ctx->parserCtx == NULL, -1);
-	
-	ctx->parserCtx = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
-	if(ctx->parserCtx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlCreatePushParserCtxt",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(ctx->parserCtx == NULL, -1);
+
+        ctx->parserCtx = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
+        if(ctx->parserCtx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlCreatePushParserCtxt",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
 
         /* required for c14n! */
-	ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
-	ctx->parserCtx->replaceEntities = 1;
+        ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+        ctx->parserCtx->replaceEntities = 1;
 
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	return(0);
+        return(0);
     } else if(transform->status != xmlSecTransformStatusWorking) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
     xmlSecAssert2(ctx->parserCtx != NULL, -1);
-    
+
     /* push data to the input buffer */
     if((data != NULL) && (dataSize > 0)) {
-	ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"size=%d", dataSize);
-	    return(-1);
-	}	
-    }    
-    
+        ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "size=%d", dataSize);
+            return(-1);
+        }
+    }
+
     /* finish parsing and push to next in the chain */
     if(final != 0) {
-	ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
-	if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-
-	/* todo: check that document is well formed? */
-	transform->outNodes = xmlSecNodeSetCreate(ctx->parserCtx->myDoc, 
-						  NULL, xmlSecNodeSetTree);
-	if(transform->outNodes == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecNodeSetCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFreeDoc(ctx->parserCtx->myDoc);
-	    ctx->parserCtx->myDoc = NULL;
-	    return(-1);
-	}
-	xmlSecNodeSetDocDestroy(transform->outNodes); /* this node set "owns" the doc pointer */
-	ctx->parserCtx->myDoc = NULL;
-	
-	/* push result to the next transform (if exist) */
-	if(transform->next != NULL) {
-	    ret = xmlSecTransformPushXml(transform->next, transform->outNodes, transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecTransformPushXml",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}        
-	
-	transform->status = xmlSecTransformStatusFinished;
+        ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
+        if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* todo: check that document is well formed? */
+        transform->outNodes = xmlSecNodeSetCreate(ctx->parserCtx->myDoc,
+                                                  NULL, xmlSecNodeSetTree);
+        if(transform->outNodes == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecNodeSetCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFreeDoc(ctx->parserCtx->myDoc);
+            ctx->parserCtx->myDoc = NULL;
+            return(-1);
+        }
+        xmlSecNodeSetDocDestroy(transform->outNodes); /* this node set "owns" the doc pointer */
+        ctx->parserCtx->myDoc = NULL;
+
+        /* push result to the next transform (if exist) */
+        if(transform->next != NULL) {
+            ret = xmlSecTransformPushXml(transform->next, transform->outNodes, transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecTransformPushXml",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecParserPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
-			       xmlSecTransformCtxPtr transformCtx) {
+                               xmlSecTransformCtxPtr transformCtx) {
     xmlSecParserCtxPtr ctx;
     xmlParserInputBufferPtr buf;
     xmlParserInputPtr input;
     xmlParserCtxtPtr ctxt;
     xmlDocPtr doc;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXmlParserId), -1);
-    xmlSecAssert2(nodes != NULL, -1);    
+    xmlSecAssert2(nodes != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
     ctx = xmlSecParserGetCtx(transform);
@@ -254,115 +254,115 @@ xmlSecParserPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
     /* check/update current transform status */
     switch(transform->status) {
     case xmlSecTransformStatusNone:
-	transform->status = xmlSecTransformStatusWorking;
-	break;
+        transform->status = xmlSecTransformStatusWorking;
+        break;
     case xmlSecTransformStatusWorking:
-	/* just do nothing */
-	break;
+        /* just do nothing */
+        break;
     case xmlSecTransformStatusFinished:
-	(*nodes) = NULL;
-	return(0);
+        (*nodes) = NULL;
+        return(0);
     default:
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
-    
+
     /* prepare parser context */
     if(transform->prev == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    "prev transform is null");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    "prev transform is null");
+        return(-1);
     }
-    
+
     buf = xmlSecTransformCreateInputBuffer(transform->prev, transformCtx);
     if(buf == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformCreateInputBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformCreateInputBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ctxt = xmlNewParserCtxt();
     if (ctxt == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlNewParserCtxt",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeParserInputBuffer(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlNewParserCtxt",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeParserInputBuffer(buf);
+        return(-1);
     }
-    
+
     input = xmlNewIOInputStream(ctxt, buf, XML_CHAR_ENCODING_NONE);
     if(input == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlNewParserCtxt",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeParserCtxt(ctxt);
-	xmlFreeParserInputBuffer(buf);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlNewParserCtxt",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeParserCtxt(ctxt);
+        xmlFreeParserInputBuffer(buf);
+        return(-1);
     }
-    
+
     ret = inputPush(ctxt, input);
     if(input == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "inputPush",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeInputStream(input);
-	xmlFreeParserCtxt(ctxt);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "inputPush",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeInputStream(input);
+        xmlFreeParserCtxt(ctxt);
+        return(-1);
     }
 
     /* required for c14n! */
-    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
+    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
     ctxt->replaceEntities = 1;
 
     /* finaly do the parsing */
     ret = xmlParseDocument(ctxt);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlParseDocument",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	if(ctxt->myDoc != NULL) {
-	    xmlFreeDoc(ctxt->myDoc);
-	    ctxt->myDoc = NULL;
-	}
-	xmlFreeParserCtxt(ctxt);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlParseDocument",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        if(ctxt->myDoc != NULL) {
+            xmlFreeDoc(ctxt->myDoc);
+            ctxt->myDoc = NULL;
+        }
+        xmlFreeParserCtxt(ctxt);
+        return(-1);
     }
-    
+
     /* remember the result and free parsing context */
     doc = ctxt->myDoc;
     ctxt->myDoc = NULL;
-    xmlFreeParserCtxt(ctxt);    
+    xmlFreeParserCtxt(ctxt);
 
     /* return result to the caller */
     (*nodes) = xmlSecNodeSetCreate(doc, NULL, xmlSecNodeSetTree);
     if((*nodes) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecNodeSetCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(doc);
-	return(-1);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecNodeSetCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(doc);
+        return(-1);
+    }
     xmlSecNodeSetDocDestroy((*nodes)); /* this node set "owns" the doc pointer */
     transform->status = xmlSecTransformStatusFinished;
     return(0);
@@ -374,19 +374,19 @@ xmlSecParserPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
  *
  *************************************************************************/
 typedef struct _xmlSecExtMemoryParserCtx {
-    const xmlSecByte 	*prefix; 
-    xmlSecSize 			prefixSize;
-    const xmlSecByte 	*buffer;
-    xmlSecSize			bufferSize;
-    const xmlSecByte 	*postfix;
-    xmlSecSize 			postfixSize;
+    const xmlSecByte    *prefix;
+    xmlSecSize                  prefixSize;
+    const xmlSecByte    *buffer;
+    xmlSecSize                  bufferSize;
+    const xmlSecByte    *postfix;
+    xmlSecSize                  postfixSize;
 } xmlSecExtMemoryParserCtx, *xmlSecExtMemoryParserCtxPtr;
 
-/** 
+/**
  * xmlSecParseFile:
- * @filename: 		the filename.
+ * @filename:           the filename.
  *
- * Loads XML Doc from file @filename. We need a special version because of 
+ * Loads XML Doc from file @filename. We need a special version because of
  * c14n issue. The code is copied from xmlSAXParseFileWithData() function.
  *
  * Returns: pointer to the loaded XML document or NULL if an error occurs.
@@ -396,129 +396,132 @@ xmlSecParseFile(const char *filename) {
     xmlDocPtr ret;
     xmlParserCtxtPtr ctxt;
     char *directory = NULL;
-    
+
     xmlSecAssert2(filename != NULL, NULL);
 
     xmlInitParser();
     ctxt = xmlCreateFileParserCtxt(filename);
     if (ctxt == NULL) {
-	return(NULL);
+        return(NULL);
     }
 
-    /* todo: set directories from current doc? */    
+    /* enable parsing of XML documents with large text nodes */
+    /* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */
+
+    /* todo: set directories from current doc? */
     if ((ctxt->directory == NULL) && (directory == NULL))
         directory = xmlParserGetDirectory(filename);
     if ((ctxt->directory == NULL) && (directory != NULL))
         ctxt->directory = (char *) xmlStrdup((xmlChar *) directory);
 
     /* required for c14n! */
-    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
+    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
     ctxt->replaceEntities = 1;
-    
+
     xmlParseDocument(ctxt);
 
-    if(ctxt->wellFormed) { 
-	ret = ctxt->myDoc;
+    if(ctxt->wellFormed) {
+        ret = ctxt->myDoc;
     } else {
        ret = NULL;
        xmlFreeDoc(ctxt->myDoc);
        ctxt->myDoc = NULL;
     }
-    xmlFreeParserCtxt(ctxt);    
+    xmlFreeParserCtxt(ctxt);
     return(ret);
-    
+
 }
 
 /**
  * xmlSecParseMemoryExt:
- * @prefix: 		the first part of the input.
- * @prefixSize: 	the size of the first part of the input.
- * @buffer: 		the second part of the input.
- * @bufferSize: 	the size of the second part of the input.
- * @postfix: 		the third part of the input.
- * @postfixSize: 	the size of the third part of the input.
+ * @prefix:             the first part of the input.
+ * @prefixSize:         the size of the first part of the input.
+ * @buffer:             the second part of the input.
+ * @bufferSize:         the size of the second part of the input.
+ * @postfix:            the third part of the input.
+ * @postfixSize:        the size of the third part of the input.
  *
- * Loads XML Doc from 3 chunks of memory: @prefix, @buffer and @postfix. 
+ * Loads XML Doc from 3 chunks of memory: @prefix, @buffer and @postfix.
  *
  * Returns: pointer to the loaded XML document or NULL if an error occurs.
  */
 xmlDocPtr
 xmlSecParseMemoryExt(const xmlSecByte *prefix, xmlSecSize prefixSize,
-		     const xmlSecByte *buffer, xmlSecSize bufferSize, 
-		     const xmlSecByte *postfix, xmlSecSize postfixSize) {
+                     const xmlSecByte *buffer, xmlSecSize bufferSize,
+                     const xmlSecByte *postfix, xmlSecSize postfixSize) {
     xmlParserCtxtPtr ctxt = NULL;
     xmlDocPtr doc = NULL;
     int ret;
-    
+
     /* create context */
     ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
     if(ctxt == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlCreatePushParserCtxt",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlCreatePushParserCtxt",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     /* required for c14n! */
-    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
+    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
     ctxt->replaceEntities = 1;
 
     /* prefix */
     if((prefix != NULL) && (prefixSize > 0)) {
         ret = xmlParseChunk(ctxt, (const char*)prefix, prefixSize, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"prefixSize=%d", prefixSize);
-	    goto done;
-	}
-    }	
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "prefixSize=%d", prefixSize);
+            goto done;
+        }
+    }
 
     /* buffer */
     if((buffer != NULL) && (bufferSize > 0)) {
         ret = xmlParseChunk(ctxt, (const char*)buffer, bufferSize, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"bufferSize=%d", bufferSize);
-	    goto done;
-	}
-    }	
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "bufferSize=%d", bufferSize);
+            goto done;
+        }
+    }
 
     /* postfix */
     if((postfix != NULL) && (postfixSize > 0)) {
         ret = xmlParseChunk(ctxt, (const char*)postfix, postfixSize, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"postfixSize=%d", postfixSize);
-	    goto done;
-	}
-    }	
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "postfixSize=%d", postfixSize);
+            goto done;
+        }
+    }
 
     /* finishing */
     ret = xmlParseChunk(ctxt, NULL, 0, 1);
     if((ret != 0) || (ctxt->myDoc == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlParseChunk",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlParseChunk",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
     doc = ctxt->myDoc;
 
 done:
     if(ctxt != NULL) {
-	xmlFreeParserCtxt(ctxt);
+        xmlFreeParserCtxt(ctxt);
     }
     return(doc);
 }
@@ -526,11 +529,11 @@ done:
 
 /**
  * xmlSecParseMemory:
- * @buffer: 		the input buffer.
- * @size: 		the input buffer size.
- * @recovery: 		the flag.
+ * @buffer:             the input buffer.
+ * @size:               the input buffer size.
+ * @recovery:           the flag.
  *
- * Loads XML Doc from memory. We need a special version because of 
+ * Loads XML Doc from memory. We need a special version because of
  * c14n issue. The code is copied from xmlSAXParseMemory() function.
  *
  * Returns: pointer to the loaded XML document or NULL if an error occurs.
@@ -541,31 +544,31 @@ xmlSecParseMemory(const xmlSecByte *buffer, xmlSecSize size, int recovery) {
     xmlParserCtxtPtr ctxt;
 
     xmlSecAssert2(buffer != NULL, NULL);
-    
+
     ctxt = xmlCreateMemoryParserCtxt((char*)buffer, size);
     if (ctxt == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlCreateMemoryParserCtxt",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlCreateMemoryParserCtxt",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* required for c14n! */
-    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
+    ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
     ctxt->replaceEntities = 1;
 
     xmlParseDocument(ctxt);
 
     if((ctxt->wellFormed) || recovery) {
-	ret = ctxt->myDoc; 
+        ret = ctxt->myDoc;
     } else {
        ret = NULL;
        xmlFreeDoc(ctxt->myDoc);
        ctxt->myDoc = NULL;
     }
-    xmlFreeParserCtxt(ctxt);    
+    xmlFreeParserCtxt(ctxt);
     return(ret);
 }
 
diff --git a/src/skeleton/Makefile.am b/src/skeleton/Makefile.am
index 8e2e910b..2f54f9de 100644
--- a/src/skeleton/Makefile.am
+++ b/src/skeleton/Makefile.am
@@ -30,10 +30,10 @@ libxmlsec1_skeleton_la_SOURCES += ../strings.c
 endif
 
 libxmlsec1_skeleton_la_LIBADD = \
-	../libxmlsec1.la \
 	$(SKELETON_LIBS) \
 	$(LIBXSLT_LIBS) \
 	$(LIBXML_LIBS) \
+	../libxmlsec1.la \
 	$(NULL)
 
 libxmlsec1_skeleton_la_DEPENDENCIES = \
diff --git a/src/skeleton/app.c b/src/skeleton/app.c
index e229ab34..15ba3cf7 100644
--- a/src/skeleton/app.c
+++ b/src/skeleton/app.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -22,10 +22,10 @@
 
 /**
  * xmlSecSkeletonAppInit:
- * @config:		the path to Skeleton configuration (unused).
- * 
+ * @config:             the path to Skeleton configuration (unused).
+ *
  * General crypto engine initialization. This function is used
- * by XMLSec command line utility and called before 
+ * by XMLSec command line utility and called before
  * @xmlSecInit function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -38,9 +38,9 @@ xmlSecSkeletonAppInit(const char* config ATTRIBUTE_UNUSED) {
 
 /**
  * xmlSecSkeletonAppShutdown:
- * 
+ *
  * General crypto engine shutdown. This function is used
- * by XMLSec command line utility and called after 
+ * by XMLSec command line utility and called after
  * @xmlSecShutdown function.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -48,17 +48,17 @@ xmlSecSkeletonAppInit(const char* config ATTRIBUTE_UNUSED) {
 int
 xmlSecSkeletonAppShutdown(void) {
     /* TODO: shutdown Skeleton crypto engine */
-    
+
     return(0);
 }
 
 /**
  * xmlSecSkeletonAppKeyLoad:
- * @filename:		the key filename.
- * @format:		the key file format.
- * @pwd:		the key file password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the key filename.
+ * @format:             the key file format.
+ * @pwd:                the key file password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from the a file (not implemented yet).
  *
@@ -66,29 +66,29 @@ xmlSecSkeletonAppShutdown(void) {
  */
 xmlSecKeyPtr
 xmlSecSkeletonAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
-			const char *pwd,
-			void* pwdCallback,
-			void* pwdCallbackCtx) {
+                        const char *pwd,
+                        void* pwdCallback,
+                        void* pwdCallbackCtx) {
     xmlSecAssert2(filename != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
-    
+
     /* TODO: load key */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeyLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeyLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(NULL);
 }
 
 /**
  * xmlSecSkeletonAppKeyLoadMemory:
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @format:		the key data format.
- * @pwd:		the key data2 password.
- * @pwdCallback:	the key password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @format:             the key data format.
+ * @pwd:                the key data2 password.
+ * @pwdCallback:        the key password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key from a binary @data.
  *
@@ -96,16 +96,16 @@ xmlSecSkeletonAppKeyLoad(const char *filename, xmlSecKeyDataFormat format,
  */
 xmlSecKeyPtr
 xmlSecSkeletonAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlSecKeyDataFormat format,
-		    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
+                    const char *pwd, void* pwdCallback, void* pwdCallbackCtx) {
     xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, NULL);
 
     /* TODO: load key */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeyLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeyLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(NULL);
 }
 
@@ -113,64 +113,64 @@ xmlSecSkeletonAppKeyLoadMemory(const xmlSecByte* data, xmlSecSize dataSize, xmlS
 #ifndef XMLSEC_NO_X509
 /**
  * xmlSecSkeletonAppKeyCertLoad:
- * @key:		the pointer to key.
- * @filename:		the certificate filename.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @filename:           the certificate filename.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from $@filename and adds it to key
  * (not implemented yet).
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecSkeletonAppKeyCertLoad(xmlSecKeyPtr key, const char* filename, 
-			  xmlSecKeyDataFormat format) {
+int
+xmlSecSkeletonAppKeyCertLoad(xmlSecKeyPtr key, const char* filename,
+                          xmlSecKeyDataFormat format) {
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     /* TODO */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeyCertLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeyCertLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
 }
 
 /**
  * xmlSecSkeletonAppKeyCertLoadMemory:
- * @key:		the pointer to key.
- * @data:		the certificate binary data.
- * @dataSize:		the certificate binary data size.
- * @format:		the certificate file format.
+ * @key:                the pointer to key.
+ * @data:               the certificate binary data.
+ * @dataSize:           the certificate binary data size.
+ * @format:             the certificate file format.
  *
  * Reads the certificate from memory buffer and adds it to key.
- * 
+ *
  * Returns: 0 on success or a negative value otherwise.
  */
-int		
-xmlSecSkeletonAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize, 
-				xmlSecKeyDataFormat format) {
+int
+xmlSecSkeletonAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xmlSecSize dataSize,
+                                xmlSecKeyDataFormat format) {
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
-    
+
     /* TODO */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeyCertLoadMemory",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeyCertLoadMemory",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
 }
 
 /**
  * xmlSecSkeletonAppPkcs12Load:
- * @filename:		the PKCS12 key filename.
- * @pwd:		the PKCS12 file password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @filename:           the PKCS12 key filename.
+ * @pwd:                the PKCS12 file password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 file
  * (not implemented yet).
@@ -180,29 +180,29 @@ xmlSecSkeletonAppKeyCertLoadMemory(xmlSecKeyPtr key, const xmlSecByte* data, xml
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
-xmlSecSkeletonAppPkcs12Load(const char *filename, 
-			  const char *pwd ATTRIBUTE_UNUSED,
-		          void* pwdCallback ATTRIBUTE_UNUSED, 
-			  void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+xmlSecKeyPtr
+xmlSecSkeletonAppPkcs12Load(const char *filename,
+                          const char *pwd ATTRIBUTE_UNUSED,
+                          void* pwdCallback ATTRIBUTE_UNUSED,
+                          void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     xmlSecAssert2(filename != NULL, NULL);
 
     /* TODO: load pkcs12 file */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppPkcs12Load",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL); 
+                NULL,
+                "xmlSecSkeletonAppPkcs12Load",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(NULL);
 }
 
 /**
  * xmlSecSkeletonAppPkcs12LoadMemory:
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @pwd:		the PKCS12 password.
- * @pwdCallback:	the password callback.
- * @pwdCallbackCtx:	the user context for password callback.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @pwd:                the PKCS12 password.
+ * @pwdCallback:        the password callback.
+ * @pwdCallbackCtx:     the user context for password callback.
  *
  * Reads key and all associated certificates from the PKCS12 binary data.
  * For uniformity, call xmlSecSkeletonAppKeyLoad instead of this function. Pass
@@ -210,60 +210,60 @@ xmlSecSkeletonAppPkcs12Load(const char *filename,
  *
  * Returns: pointer to the key or NULL if an error occurs.
  */
-xmlSecKeyPtr	
+xmlSecKeyPtr
 xmlSecSkeletonAppPkcs12LoadMemory(const xmlSecByte* data, xmlSecSize dataSize, const char *pwd,
-		       void *pwdCallback ATTRIBUTE_UNUSED, 
-		       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
+                       void *pwdCallback ATTRIBUTE_UNUSED,
+                       void* pwdCallbackCtx ATTRIBUTE_UNUSED) {
     xmlSecAssert2(data != NULL, NULL);
 
     /* TODO: load pkcs12 file */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppPkcs12Load",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
-    return(NULL); 
+                NULL,
+                "xmlSecSkeletonAppPkcs12Load",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
+    return(NULL);
 }
 
 
 
 /**
  * xmlSecSkeletonAppKeysMngrCertLoad:
- * @mngr: 		the keys manager.
- * @filename: 		the certificate file.
- * @format:		the certificate file format.
- * @type: 		the flag that indicates is the certificate in @filename
- *    			trusted or not.
- * 
+ * @mngr:               the keys manager.
+ * @filename:           the certificate file.
+ * @format:             the certificate file format.
+ * @type:               the flag that indicates is the certificate in @filename
+ *                      trusted or not.
+ *
  * Reads cert from @filename and adds to the list of trusted or known
  * untrusted certs in @store (not implemented yet).
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecSkeletonAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename, 
-				xmlSecKeyDataFormat format, 
-				xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
+xmlSecSkeletonAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
+                                xmlSecKeyDataFormat format,
+                                xmlSecKeyDataType type ATTRIBUTE_UNUSED) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     /* TODO: load cert and add to keys manager */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeysMngrCertLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeysMngrCertLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
 }
 
 /**
  * xmlSecSkeletonAppKeysMngrCertLoadMemory:
- * @mngr: 		the pointer to keys manager.
- * @data:		the key binary data.
- * @dataSize:		the key binary data size.
- * @format:		the certificate format (PEM or DER).
- * @type: 		the certificate type (trusted/untrusted).
+ * @mngr:               the pointer to keys manager.
+ * @data:               the key binary data.
+ * @dataSize:           the key binary data size.
+ * @format:             the certificate format (PEM or DER).
+ * @type:               the certificate type (trusted/untrusted).
  *
  * Reads cert from @data and adds to the list of trusted or known
  * untrusted certs in @store
@@ -271,19 +271,19 @@ xmlSecSkeletonAppKeysMngrCertLoad(xmlSecKeysMngrPtr mngr, const char *filename,
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecSkeletonAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data, 
-			     xmlSecSize dataSize, xmlSecKeyDataFormat format, 
-			     xmlSecKeyDataType type) {
+xmlSecSkeletonAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte* data,
+                             xmlSecSize dataSize, xmlSecKeyDataFormat format,
+                             xmlSecKeyDataType type) {
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(format != xmlSecKeyDataFormatUnknown, -1);
 
     /* TODO: load cert and add to keys manager */
     xmlSecError(XMLSEC_ERRORS_HERE,
-		NULL,
-		"xmlSecSkeletonAppKeysMngrCertLoad",
-		XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		XMLSEC_ERRORS_NO_MESSAGE);
+                NULL,
+                "xmlSecSkeletonAppKeysMngrCertLoad",
+                XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                XMLSEC_ERRORS_NO_MESSAGE);
     return(-1);
 }
 
@@ -291,196 +291,196 @@ xmlSecSkeletonAppKeysMngrCertLoadMemory(xmlSecKeysMngrPtr mngr, const xmlSecByte
 
 /**
  * xmlSecSkeletonAppDefaultKeysMngrInit:
- * @mngr: 		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Initializes @mngr with simple keys store #xmlSecSimpleKeysStoreId
  * and a default Skeleton crypto key data stores.
  *
  * Returns: 0 on success or a negative value otherwise.
- */ 
+ */
 int
 xmlSecSkeletonAppDefaultKeysMngrInit(xmlSecKeysMngrPtr mngr) {
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
-    
-    /* TODO: if Skeleton crypto engine has another default 
+
+    /* TODO: if Skeleton crypto engine has another default
      * keys storage then use it!
      */
 
-    /* create simple keys store if needed */        
+    /* create simple keys store if needed */
     if(xmlSecKeysMngrGetKeysStore(mngr) == NULL) {
-	xmlSecKeyStorePtr keysStore;
-
-	keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
-	if(keysStore == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyStoreCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecSimpleKeysStoreId");
-	    return(-1);
-	}
-	
-	ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeysMngrAdoptKeysStore",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyStoreDestroy(keysStore);
-	    return(-1);        
-	}
+        xmlSecKeyStorePtr keysStore;
+
+        keysStore = xmlSecKeyStoreCreate(xmlSecSimpleKeysStoreId);
+        if(keysStore == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyStoreCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecSimpleKeysStoreId");
+            return(-1);
+        }
+
+        ret = xmlSecKeysMngrAdoptKeysStore(mngr, keysStore);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeysMngrAdoptKeysStore",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyStoreDestroy(keysStore);
+            return(-1);
+        }
     }
 
-    ret = xmlSecSkeletonKeysMngrInit(mngr);    
+    ret = xmlSecSkeletonKeysMngrInit(mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSkeletonKeysMngrInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1); 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSkeletonKeysMngrInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     mngr->getKey = xmlSecKeysMngrGetKey;
     return(0);
 }
 
 /**
  * xmlSecSkeletonAppDefaultKeysMngrAdoptKey:
- * @mngr: 		the pointer to keys manager.
- * @key:		the pointer to key.
+ * @mngr:               the pointer to keys manager.
+ * @key:                the pointer to key.
  *
  * Adds @key to the keys manager @mngr created with #xmlSecSkeletonAppDefaultKeysMngrInit
  * function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecSkeletonAppDefaultKeysMngrAdoptKey(xmlSecKeysMngrPtr mngr, xmlSecKeyPtr key) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
 
-    /* TODO: if Skeleton crypto engine has another default 
+    /* TODO: if Skeleton crypto engine has another default
      * keys storage then use it!
      */
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecSimpleKeysStoreAdoptKey(store, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreAdoptKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreAdoptKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecSkeletonAppDefaultKeysMngrLoad:
- * @mngr: 		the pointer to keys manager.
- * @uri:		the uri.
+ * @mngr:               the pointer to keys manager.
+ * @uri:                the uri.
  *
- * Loads XML keys file from @uri to the keys manager @mngr created 
+ * Loads XML keys file from @uri to the keys manager @mngr created
  * with #xmlSecSkeletonAppDefaultKeysMngrInit function.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecSkeletonAppDefaultKeysMngrLoad(xmlSecKeysMngrPtr mngr, const char* uri) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
 
-    /* TODO: if Skeleton crypto engine has another default 
+    /* TODO: if Skeleton crypto engine has another default
      * keys storage then use it!
      */
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecSimpleKeysStoreLoad(store, uri, mngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreLoad",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s", xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreLoad",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s", xmlSecErrorsSafeString(uri));
+        return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecSkeletonAppDefaultKeysMngrSave:
- * @mngr: 		the pointer to keys manager.
- * @filename:		the destination filename.
- * @type:		the type of keys to save (public/private/symmetric).
+ * @mngr:               the pointer to keys manager.
+ * @filename:           the destination filename.
+ * @type:               the type of keys to save (public/private/symmetric).
  *
  * Saves keys from @mngr to  XML keys file.
- *  
+ *
  * Returns: 0 on success or a negative value otherwise.
- */ 
-int 
+ */
+int
 xmlSecSkeletonAppDefaultKeysMngrSave(xmlSecKeysMngrPtr mngr, const char* filename, xmlSecKeyDataType type) {
     xmlSecKeyStorePtr store;
     int ret;
-    
+
     xmlSecAssert2(mngr != NULL, -1);
     xmlSecAssert2(filename != NULL, -1);
 
-    /* TODO: if Skeleton crypto engine has another default 
+    /* TODO: if Skeleton crypto engine has another default
      * keys storage then use it!
      */
-    
+
     store = xmlSecKeysMngrGetKeysStore(mngr);
     if(store == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeysMngrGetKeysStore",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeysMngrGetKeysStore",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecSimpleKeysStoreSave(store, filename, type);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSimpleKeysStoreSave",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "filename=%s", 
-		    xmlSecErrorsSafeString(filename));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSimpleKeysStoreSave",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "filename=%s",
+                    xmlSecErrorsSafeString(filename));
+        return(-1);
     }
-    
+
     return(0);
 }
 
diff --git a/src/skeleton/crypto.c b/src/skeleton/crypto.c
index aff0945a..3be20644 100644
--- a/src/skeleton/crypto.c
+++ b/src/skeleton/crypto.c
@@ -1,9 +1,9 @@
-/** 
+/**
  * XMLSec library
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -34,129 +34,195 @@ static xmlSecCryptoDLFunctionsPtr gXmlSecSkeletonFunctions = NULL;
 xmlSecCryptoDLFunctionsPtr
 xmlSecCryptoGetFunctions_skeleton(void) {
     static xmlSecCryptoDLFunctions functions;
-    
+
     if(gXmlSecSkeletonFunctions != NULL) {
-	return(gXmlSecSkeletonFunctions);
+        return(gXmlSecSkeletonFunctions);
     }
 
     memset(&functions, 0, sizeof(functions));
     gXmlSecSkeletonFunctions = &functions;
 
-    /**  
+    /********************************************************************
+     *
      * Crypto Init/shutdown
-     */
-    gXmlSecSkeletonFunctions->cryptoInit 		= xmlSecSkeletonInit;
-    gXmlSecSkeletonFunctions->cryptoShutdown 		= xmlSecSkeletonShutdown;
-    gXmlSecSkeletonFunctions->cryptoKeysMngrInit 	= xmlSecSkeletonKeysMngrInit;
-
-    /**
+     *
+     ********************************************************************/
+    gXmlSecSkeletonFunctions->cryptoInit                = xmlSecSkeletonInit;
+    gXmlSecSkeletonFunctions->cryptoShutdown            = xmlSecSkeletonShutdown;
+    gXmlSecSkeletonFunctions->cryptoKeysMngrInit        = xmlSecSkeletonKeysMngrInit;
+
+    /********************************************************************
+     *
      * Key data ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecSkeletonFunctions->keyDataAesGetKlass	= xmlSecSkeletonKeyDataAesGetKlass;
+     *
+     ********************************************************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecSkeletonFunctions->keyDataAesGetKlass        = xmlSecSkeletonKeyDataAesGetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecSkeletonFunctions->keyDataDesGetKlass 	= xmlSecSkeletonKeyDataDesGetKlass;
+#ifndef XMLSEC_NO_DES
+    gXmlSecSkeletonFunctions->keyDataDesGetKlass        = xmlSecSkeletonKeyDataDesGetKlass;
 #endif /* XMLSEC_NO_DES */
 
 #ifndef XMLSEC_NO_DSA
-    gXmlSecSkeletonFunctions->keyDataDsaGetKlass 	= xmlSecSkeletonKeyDataDsaGetKlass;
-#endif /* XMLSEC_NO_DSA */    
+    gXmlSecSkeletonFunctions->keyDataDsaGetKlass        = xmlSecSkeletonKeyDataDsaGetKlass;
+#endif /* XMLSEC_NO_DSA */
+
+#ifndef XMLSEC_NO_ECDSA
+    gXmlSecSkeletonFunctions->keyDataEcdsaGetKlass      = xmlSecSkeletonKeyDataEcdsaGetKlass;
+#endif /* XMLSEC_NO_ECDSA */
 
 #ifndef XMLSEC_NO_GOST
-    gXmlSecSkeletonFunctions->keyDataGost2001GetKlass 	= xmlSecSkeletonKeyDataGost2001GetKlass;
-#endif /* XMLSEC_NO_GOST */    
+    gXmlSecSkeletonFunctions->keyDataGost2001GetKlass   = xmlSecSkeletonKeyDataGost2001GetKlass;
+#endif /* XMLSEC_NO_GOST */
 
-#ifndef XMLSEC_NO_HMAC  
-    gXmlSecSkeletonFunctions->keyDataHmacGetKlass 	= xmlSecSkeletonKeyDataHmacGetKlass;
-#endif /* XMLSEC_NO_HMAC */    
+#ifndef XMLSEC_NO_HMAC
+    gXmlSecSkeletonFunctions->keyDataHmacGetKlass       = xmlSecSkeletonKeyDataHmacGetKlass;
+#endif /* XMLSEC_NO_HMAC */
 
 #ifndef XMLSEC_NO_RSA
-    gXmlSecSkeletonFunctions->keyDataRsaGetKlass 	= xmlSecSkeletonKeyDataRsaGetKlass;
+    gXmlSecSkeletonFunctions->keyDataRsaGetKlass        = xmlSecSkeletonKeyDataRsaGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
 #ifndef XMLSEC_NO_X509
-    gXmlSecSkeletonFunctions->keyDataX509GetKlass 		= xmlSecSkeletonKeyDataX509GetKlass;
-    gXmlSecSkeletonFunctions->keyDataRawX509CertGetKlass 	= xmlSecSkeletonKeyDataRawX509CertGetKlass;
+    gXmlSecSkeletonFunctions->keyDataX509GetKlass               = xmlSecSkeletonKeyDataX509GetKlass;
+    gXmlSecSkeletonFunctions->keyDataRawX509CertGetKlass        = xmlSecSkeletonKeyDataRawX509CertGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Key data store ids
-     */
+     *
+     ********************************************************************/
 #ifndef XMLSEC_NO_X509
-    gXmlSecSkeletonFunctions->x509StoreGetKlass 		= xmlSecSkeletonX509StoreGetKlass;
+    gXmlSecSkeletonFunctions->x509StoreGetKlass                 = xmlSecSkeletonX509StoreGetKlass;
 #endif /* XMLSEC_NO_X509 */
 
-    /**
+    /********************************************************************
+     *
      * Crypto transforms ids
-     */
-#ifndef XMLSEC_NO_AES    
-    gXmlSecSkeletonFunctions->transformAes128CbcGetKlass 	= xmlSecSkeletonTransformAes128CbcGetKlass;
-    gXmlSecSkeletonFunctions->transformAes192CbcGetKlass 	= xmlSecSkeletonTransformAes192CbcGetKlass;
-    gXmlSecSkeletonFunctions->transformAes256CbcGetKlass 	= xmlSecSkeletonTransformAes256CbcGetKlass;
-    gXmlSecSkeletonFunctions->transformKWAes128GetKlass 	= xmlSecSkeletonTransformKWAes128GetKlass;
-    gXmlSecSkeletonFunctions->transformKWAes192GetKlass 	= xmlSecSkeletonTransformKWAes192GetKlass;
-    gXmlSecSkeletonFunctions->transformKWAes256GetKlass 	= xmlSecSkeletonTransformKWAes256GetKlass;
+     *
+     ********************************************************************/
+
+    /******************************* AES ********************************/
+#ifndef XMLSEC_NO_AES
+    gXmlSecSkeletonFunctions->transformAes128CbcGetKlass        = xmlSecSkeletonTransformAes128CbcGetKlass;
+    gXmlSecSkeletonFunctions->transformAes192CbcGetKlass        = xmlSecSkeletonTransformAes192CbcGetKlass;
+    gXmlSecSkeletonFunctions->transformAes256CbcGetKlass        = xmlSecSkeletonTransformAes256CbcGetKlass;
+    gXmlSecSkeletonFunctions->transformKWAes128GetKlass         = xmlSecSkeletonTransformKWAes128GetKlass;
+    gXmlSecSkeletonFunctions->transformKWAes192GetKlass         = xmlSecSkeletonTransformKWAes192GetKlass;
+    gXmlSecSkeletonFunctions->transformKWAes256GetKlass         = xmlSecSkeletonTransformKWAes256GetKlass;
 #endif /* XMLSEC_NO_AES */
 
-#ifndef XMLSEC_NO_DES    
-    gXmlSecSkeletonFunctions->transformDes3CbcGetKlass 		= xmlSecSkeletonTransformDes3CbcGetKlass;
-    gXmlSecSkeletonFunctions->transformKWDes3GetKlass 		= xmlSecSkeletonTransformKWDes3GetKlass;
+    /******************************* DES ********************************/
+#ifndef XMLSEC_NO_DES
+    gXmlSecSkeletonFunctions->transformDes3CbcGetKlass          = xmlSecSkeletonTransformDes3CbcGetKlass;
+    gXmlSecSkeletonFunctions->transformKWDes3GetKlass           = xmlSecSkeletonTransformKWDes3GetKlass;
 #endif /* XMLSEC_NO_DES */
 
+    /******************************* DSA ********************************/
 #ifndef XMLSEC_NO_DSA
-    gXmlSecSkeletonFunctions->transformDsaSha1GetKlass 		= xmlSecSkeletonTransformDsaSha1GetKlass;
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecSkeletonFunctions->transformDsaSha1GetKlass          = xmlSecSkeletonTransformDsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecSkeletonFunctions->transformDsaSha256GetKlass        = xmlSecSkeletonTransformDsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
 #endif /* XMLSEC_NO_DSA */
 
+    /******************************* ECDSA ********************************/
+#ifndef XMLSEC_NO_ECDSA
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecSkeletonFunctions->transformEcdsaSha1GetKlass        = xmlSecSkeletonTransformEcdsaSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_SHA224
+    gXmlSecSkeletonFunctions->transformEcdsaSha224GetKlass      = xmlSecSkeletonTransformEcdsaSha224GetKlass;
+#endif /* XMLSEC_NO_SHA224 */
+
+#ifndef XMLSEC_NO_SHA256
+    gXmlSecSkeletonFunctions->transformEcdsaSha256GetKlass      = xmlSecSkeletonTransformEcdsaSha256GetKlass;
+#endif /* XMLSEC_NO_SHA256 */
+
+#ifndef XMLSEC_NO_SHA384
+    gXmlSecSkeletonFunctions->transformEcdsaSha384GetKlass      = xmlSecSkeletonTransformEcdsaSha384GetKlass;
+#endif /* XMLSEC_NO_SHA384 */
+
+#ifndef XMLSEC_NO_SHA512
+    gXmlSecSkeletonFunctions->transformEcdsaSha512GetKlass      = xmlSecSkeletonTransformEcdsaSha512GetKlass;
+#endif /* XMLSEC_NO_SHA512 */
+
+#endif /* XMLSEC_NO_ECDSA */
+
+    /******************************* GOST ********************************/
 #ifndef XMLSEC_NO_GOST
-    gXmlSecSkeletonFunctions->transformGost2001GostR3411_94GetKlass 		= xmlSecSkeletonTransformGost2001GostR3411_94GetKlass;
+    gXmlSecSkeletonFunctions->transformGost2001GostR3411_94GetKlass             = xmlSecSkeletonTransformGost2001GostR3411_94GetKlass;
 #endif /* XMLSEC_GOST */
 
+#ifndef XMLSEC_NO_GOST
+    gXmlSecSkeletonFunctions->transformGostR3411_94GetKlass             = xmlSecSkeletonTransformGostR3411_94GetKlass;
+#endif /* XMLSEC_NO_GOST */
+
+    /******************************* HMAC ********************************/
 #ifndef XMLSEC_NO_HMAC
-    gXmlSecSkeletonFunctions->transformHmacSha1GetKlass 	= xmlSecSkeletonTransformHmacSha1GetKlass;
-    gXmlSecSkeletonFunctions->transformHmacRipemd160GetKlass 	= xmlSecSkeletonTransformHmacRipemd160GetKlass;
-    gXmlSecSkeletonFunctions->transformHmacMd5GetKlass 		= xmlSecSkeletonTransformHmacMd5GetKlass;
+
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecSkeletonFunctions->transformHmacSha1GetKlass         = xmlSecSkeletonTransformHmacSha1GetKlass;
+#endif /* XMLSEC_NO_SHA1 */
+
+#ifndef XMLSEC_NO_RIPEMD160
+    gXmlSecSkeletonFunctions->transformHmacRipemd160GetKlass    = xmlSecSkeletonTransformHmacRipemd160GetKlass;
+#endif /* XMLSEC_NO_RIPEMD160 */
+
+#ifndef XMLSEC_NO_MD5
+    gXmlSecSkeletonFunctions->transformHmacMd5GetKlass          = xmlSecSkeletonTransformHmacMd5GetKlass;
+#endif /* XMLSEC_NO_MD5 */
+
 #endif /* XMLSEC_NO_HMAC */
 
+    /******************************* RIPEMD160 ********************************/
 #ifndef XMLSEC_NO_RIPEMD160
-    gXmlSecSkeletonFunctions->transformRipemd160GetKlass 	= xmlSecSkeletonTransformRipemd160GetKlass;
+    gXmlSecSkeletonFunctions->transformRipemd160GetKlass        = xmlSecSkeletonTransformRipemd160GetKlass;
 #endif /* XMLSEC_NO_RIPEMD160 */
 
+    /******************************* RSA ********************************/
 #ifndef XMLSEC_NO_RSA
-    gXmlSecSkeletonFunctions->transformRsaSha1GetKlass 		= xmlSecSkeletonTransformRsaSha1GetKlass;
-    gXmlSecSkeletonFunctions->transformRsaPkcs1GetKlass 	= xmlSecSkeletonTransformRsaPkcs1GetKlass;
-    gXmlSecSkeletonFunctions->transformRsaOaepGetKlass 		= xmlSecSkeletonTransformRsaOaepGetKlass;
+    gXmlSecSkeletonFunctions->transformRsaSha1GetKlass          = xmlSecSkeletonTransformRsaSha1GetKlass;
+    gXmlSecSkeletonFunctions->transformRsaPkcs1GetKlass         = xmlSecSkeletonTransformRsaPkcs1GetKlass;
+    gXmlSecSkeletonFunctions->transformRsaOaepGetKlass          = xmlSecSkeletonTransformRsaOaepGetKlass;
 #endif /* XMLSEC_NO_RSA */
 
-#ifndef XMLSEC_NO_SHA1    
-    gXmlSecSkeletonFunctions->transformSha1GetKlass 		= xmlSecSkeletonTransformSha1GetKlass;
+    /******************************* SHA1 ********************************/
+#ifndef XMLSEC_NO_SHA1
+    gXmlSecSkeletonFunctions->transformSha1GetKlass             = xmlSecSkeletonTransformSha1GetKlass;
 #endif /* XMLSEC_NO_SHA1 */
 
-#ifndef XMLSEC_NO_GOST    
-    gXmlSecSkeletonFunctions->transformGostR3411_94GetKlass 		= xmlSecSkeletonTransformGostR3411_94GetKlass;
-#endif /* XMLSEC_NO_GOST */
-
-    /**
+    /********************************************************************
+     *
      * High level routines form xmlsec command line utility
-     */ 
-    gXmlSecSkeletonFunctions->cryptoAppInit 			= xmlSecSkeletonAppInit;
-    gXmlSecSkeletonFunctions->cryptoAppShutdown 		= xmlSecSkeletonAppShutdown;
-    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrInit 	= xmlSecSkeletonAppDefaultKeysMngrInit;
-    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrAdoptKey 	= xmlSecSkeletonAppDefaultKeysMngrAdoptKey;
-    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrLoad 	= xmlSecSkeletonAppDefaultKeysMngrLoad;
-    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrSave 	= xmlSecSkeletonAppDefaultKeysMngrSave;
+     *
+     ********************************************************************/
+    gXmlSecSkeletonFunctions->cryptoAppInit                     = xmlSecSkeletonAppInit;
+    gXmlSecSkeletonFunctions->cryptoAppShutdown                 = xmlSecSkeletonAppShutdown;
+    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrInit      = xmlSecSkeletonAppDefaultKeysMngrInit;
+    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrAdoptKey  = xmlSecSkeletonAppDefaultKeysMngrAdoptKey;
+    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrLoad      = xmlSecSkeletonAppDefaultKeysMngrLoad;
+    gXmlSecSkeletonFunctions->cryptoAppDefaultKeysMngrSave      = xmlSecSkeletonAppDefaultKeysMngrSave;
 #ifndef XMLSEC_NO_X509
-    gXmlSecSkeletonFunctions->cryptoAppKeysMngrCertLoad 	= xmlSecSkeletonAppKeysMngrCertLoad;
-    gXmlSecSkeletonFunctions->cryptoAppKeysMngrCertLoadMemory 	= xmlSecSkeletonAppKeysMngrCertLoadMemory;
-    gXmlSecSkeletonFunctions->cryptoAppPkcs12Load  		= xmlSecSkeletonAppPkcs12Load; 
-    gXmlSecSkeletonFunctions->cryptoAppPkcs12LoadMemory		= xmlSecSkeletonAppPkcs12LoadMemory; 
-    gXmlSecSkeletonFunctions->cryptoAppKeyCertLoad 		= xmlSecSkeletonAppKeyCertLoad;
-    gXmlSecSkeletonFunctions->cryptoAppKeyCertLoadMemory	= xmlSecSkeletonAppKeyCertLoadMemory;
+    gXmlSecSkeletonFunctions->cryptoAppKeysMngrCertLoad         = xmlSecSkeletonAppKeysMngrCertLoad;
+    gXmlSecSkeletonFunctions->cryptoAppKeysMngrCertLoadMemory   = xmlSecSkeletonAppKeysMngrCertLoadMemory;
+    gXmlSecSkeletonFunctions->cryptoAppPkcs12Load               = xmlSecSkeletonAppPkcs12Load;
+    gXmlSecSkeletonFunctions->cryptoAppPkcs12LoadMemory         = xmlSecSkeletonAppPkcs12LoadMemory;
+    gXmlSecSkeletonFunctions->cryptoAppKeyCertLoad              = xmlSecSkeletonAppKeyCertLoad;
+    gXmlSecSkeletonFunctions->cryptoAppKeyCertLoadMemory        = xmlSecSkeletonAppKeyCertLoadMemory;
 #endif /* XMLSEC_NO_X509 */
-    gXmlSecSkeletonFunctions->cryptoAppKeyLoad 			= xmlSecSkeletonAppKeyLoad; 
-    gXmlSecSkeletonFunctions->cryptoAppKeyLoadMemory		= xmlSecSkeletonAppKeyLoadMemory; 
-    gXmlSecSkeletonFunctions->cryptoAppDefaultPwdCallback	= (void*)xmlSecSkeletonAppGetDefaultPwdCallback();
+    gXmlSecSkeletonFunctions->cryptoAppKeyLoad                  = xmlSecSkeletonAppKeyLoad;
+    gXmlSecSkeletonFunctions->cryptoAppKeyLoadMemory            = xmlSecSkeletonAppKeyLoadMemory;
+    gXmlSecSkeletonFunctions->cryptoAppDefaultPwdCallback       = (void*)xmlSecSkeletonAppGetDefaultPwdCallback();
 
     return(gXmlSecSkeletonFunctions);
 }
@@ -164,31 +230,31 @@ xmlSecCryptoGetFunctions_skeleton(void) {
 
 /**
  * xmlSecSkeletonInit:
- * 
- * XMLSec library specific crypto engine initialization. 
+ *
+ * XMLSec library specific crypto engine initialization.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecSkeletonInit (void)  {
     /* Check loaded xmlsec library version */
     if(xmlSecCheckVersionExact() != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCheckVersionExact",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCheckVersionExact",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* register our klasses */
     if(xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms(xmlSecCryptoGetFunctions_skeleton()) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLFunctionsRegisterKeyDataAndTransforms",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 
@@ -197,12 +263,12 @@ xmlSecSkeletonInit (void)  {
 
 /**
  * xmlSecSkeletonShutdown:
- * 
- * XMLSec library specific crypto engine shutdown. 
+ *
+ * XMLSec library specific crypto engine shutdown.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecSkeletonShutdown(void) {
     /* TODO: if necessary, do additional shutdown here */
     return(0);
@@ -210,7 +276,7 @@ xmlSecSkeletonShutdown(void) {
 
 /**
  * xmlSecSkeletonKeysMngrInit:
- * @mngr:		the pointer to keys manager.
+ * @mngr:               the pointer to keys manager.
  *
  * Adds Skeleton specific key data stores in keys manager.
  *
diff --git a/src/skeleton/globals.h b/src/skeleton/globals.h
index 272a27b8..770b6dba 100644
--- a/src/skeleton/globals.h
+++ b/src/skeleton/globals.h
@@ -5,14 +5,14 @@
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #ifndef __XMLSEC_GLOBALS_H__
 #define __XMLSEC_GLOBALS_H__
 
 /**
- * Use autoconf defines if present. 
+ * Use autoconf defines if present.
  */
 #ifdef HAVE_CONFIG_H
 #include "config.h"
diff --git a/src/soap.c b/src/soap.c
index 84512b23..3757e1ad 100644
--- a/src/soap.c
+++ b/src/soap.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Simple SOAP messages parsing/creation.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -14,7 +14,7 @@
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -30,8 +30,8 @@
 /**
  * xmlSecSoap11CreateEnvelope:
  * @doc:        the parent doc (might be NULL).
- * 
- * Creates a new SOAP Envelope node. Caller is responsible for 
+ *
+ * Creates a new SOAP Envelope node. Caller is responsible for
  * adding the returned node to the XML document.
  *
  * XML Schema (http://schemas.xmlsoap.org/soap/envelope/):
@@ -41,7 +41,7 @@
  *         <xs:sequence>
  *             <xs:element ref="tns:Header" minOccurs="0"/>
  *             <xs:element ref="tns:Body" minOccurs="1"/>
- *             <xs:any namespace="##other" minOccurs="0" 
+ *             <xs:any namespace="##other" minOccurs="0"
  *                 maxOccurs="unbounded" processContents="lax"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##other" processContents="lax"/>
@@ -50,57 +50,57 @@
  * Returns: pointer to newly created <soap:Envelope> node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11CreateEnvelope(xmlDocPtr doc) {
     xmlNodePtr envNode;
     xmlNodePtr bodyNode;
     xmlNsPtr ns;
-    
+
     /* create Envelope node */
     envNode = xmlNewDocNode(doc, NULL, xmlSecNodeEnvelope, NULL);
     if(envNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewDocNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeEnvelope));
-	return(NULL);	            
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDocNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeEnvelope));
+        return(NULL);
     }
-    
+
     ns = xmlNewNs(envNode, xmlSecSoap11Ns, NULL) ;
     if(ns == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNs",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "ns=%s",
-		    xmlSecErrorsSafeString(xmlSecSoap11Ns));
-	xmlFreeNode(envNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "ns=%s",
+                    xmlSecErrorsSafeString(xmlSecSoap11Ns));
+        xmlFreeNode(envNode);
+        return(NULL);
     }
     xmlSetNs(envNode, ns);
-    
-    /* add required Body node */    
+
+    /* add required Body node */
     bodyNode = xmlSecAddChild(envNode, xmlSecNodeBody, xmlSecSoap11Ns);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeBody));
-	xmlFreeNode(envNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeBody));
+        xmlFreeNode(envNode);
+        return(NULL);
     }
-    
+
     return(envNode);
 }
 
 /**
  * xmlSecSoap11EnsureHeader:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets the pointer to <soap:Header> node (if necessary, the node
  * is created).
  *
@@ -109,7 +109,7 @@ xmlSecSoap11CreateEnvelope(xmlDocPtr doc) {
  *     <xs:element name="Header" type="tns:Header"/>
  *     <xs:complexType name="Header">
  *         <xs:sequence>
- *             <xs:any namespace="##other" minOccurs="0" 
+ *             <xs:any namespace="##other" minOccurs="0"
  *                 maxOccurs="unbounded" processContents="lax"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##other" processContents="lax"/>
@@ -117,11 +117,11 @@ xmlSecSoap11CreateEnvelope(xmlDocPtr doc) {
  *
  * Returns: pointer to <soap:Header> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11EnsureHeader(xmlNodePtr envNode) {
     xmlNodePtr hdrNode;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* try to find Header node first */
@@ -132,25 +132,25 @@ xmlSecSoap11EnsureHeader(xmlNodePtr envNode) {
 
     /* if the first element child is not Header then it is Body */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap11Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* finally add Header node before body */
     hdrNode = xmlSecAddPrevSibling(cur, xmlSecNodeHeader, xmlSecSoap11Ns);
     if(hdrNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
                     "xmlSecAddPrevSibling",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(hdrNode);
 }
 
@@ -158,7 +158,7 @@ xmlSecSoap11EnsureHeader(xmlNodePtr envNode) {
  * xmlSecSoap11AddBodyEntry:
  * @envNode:            the pointer to <soap:Envelope> node.
  * @entryNode:          the pointer to body entry node.
- * 
+ *
  * Adds a new entry to <soap:Body> node.
  *
  * Returns: pointer to the added entry (@contentNode) or NULL if an error occurs.
@@ -172,12 +172,12 @@ xmlSecSoap11AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
 
     bodyNode = xmlSecSoap11GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap11GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(xmlSecAddChildNode(bodyNode, entryNode));
@@ -186,7 +186,7 @@ xmlSecSoap11AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
 /**
  * xmlSecSoap11AddFaultEntry:
  * @envNode:            the pointer to <soap:Envelope> node.
- * @faultCodeHref:      the fault code QName href (must be known in th context of 
+ * @faultCodeHref:      the fault code QName href (must be known in th context of
  *                      <soap:Body> node).
  * @faultCodeLocalPart: the fault code QName LocalPart.
  * @faultString:        the human readable explanation of the fault.
@@ -208,17 +208,17 @@ xmlSecSoap11AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
  *     </xs:complexType>
  *     <xs:complexType name="detail">
  *         <xs:sequence>
- *             <xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" 
+ *             <xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded"
  *                 processContents="lax"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##any" processContents="lax"/>
  *     </xs:complexType>
- * 
+ *
  * Returns: pointer to the added entry or NULL if an error occurs.
  */
 xmlNodePtr
-xmlSecSoap11AddFaultEntry(xmlNodePtr envNode, const xmlChar* faultCodeHref, 
-                          const xmlChar* faultCodeLocalPart, 
+xmlSecSoap11AddFaultEntry(xmlNodePtr envNode, const xmlChar* faultCodeHref,
+                          const xmlChar* faultCodeLocalPart,
                           const xmlChar* faultString, const xmlChar* faultActor) {
     xmlNodePtr bodyNode;
     xmlNodePtr faultNode;
@@ -232,65 +232,65 @@ xmlSecSoap11AddFaultEntry(xmlNodePtr envNode, const xmlChar* faultCodeHref,
     /* get Body node */
     bodyNode = xmlSecSoap11GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap11GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* check that we don't have Fault node already */
     faultNode = xmlSecFindChild(bodyNode, xmlSecNodeFault, xmlSecSoap11Ns);
     if(faultNode != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* add Fault node */
     faultNode = xmlSecAddChild(bodyNode, xmlSecNodeFault, xmlSecSoap11Ns);
     if(faultNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeFault));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeFault));
+        return(NULL);
     }
-    
+
     /* add faultcode node */
     cur = xmlSecAddChild(faultNode, xmlSecNodeFaultCode, xmlSecSoap11Ns);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeFaultCode));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeFaultCode));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
-    
+
     /* create qname for fault code */
     qname = xmlSecGetQName(cur, faultCodeHref, faultCodeLocalPart);
     if(qname == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
                     NULL,
-	            "xmlSecGetQName",
-	            XMLSEC_ERRORS_R_XML_FAILED,
-	            "node=%s",
-	            xmlSecErrorsSafeString(cur->name));
+                    "xmlSecGetQName",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(cur->name));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
-    
+
     /* set faultcode value */
     xmlNodeSetContent(cur, qname);
     xmlFree(qname);
@@ -298,39 +298,39 @@ xmlSecSoap11AddFaultEntry(xmlNodePtr envNode, const xmlChar* faultCodeHref,
     /* add faultstring node */
     cur = xmlSecAddChild(faultNode, xmlSecNodeFaultString, xmlSecSoap11Ns);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeFaultString));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeFaultString));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
 
     /* set faultstring node */
     xmlNodeSetContent(cur, faultString);
-    
+
     if(faultActor != NULL) {
         /* add faultactor node */
         cur = xmlSecAddChild(faultNode, xmlSecNodeFaultActor, xmlSecSoap11Ns);
         if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecAddChild",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(xmlSecNodeFaultActor));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeFaultActor));
             xmlUnlinkNode(faultNode);
             xmlFreeNode(faultNode);
-	    return(NULL);	        	
+            return(NULL);
         }
-    
+
         /* set faultactor node */
         xmlNodeSetContent(cur, faultActor);
     }
-    
+
     return(faultNode);
 }
 
@@ -343,20 +343,20 @@ xmlSecSoap11AddFaultEntry(xmlNodePtr envNode, const xmlChar* faultCodeHref,
  * Returns: 1 if @envNode has a valid <soap:Envelope> element, 0 if it is
  * not valid or a negative value if an error occurs.
  */
-int 
+int
 xmlSecSoap11CheckEnvelope(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, -1);
-    
+
     /* verify envNode itself */
     if(!xmlSecCheckNodeName(envNode, xmlSecNodeEnvelope, xmlSecSoap11Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeEnvelope),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeEnvelope),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
 
     /* optional Header node first */
@@ -367,29 +367,29 @@ xmlSecSoap11CheckEnvelope(xmlNodePtr envNode) {
 
     /* required Body node is next */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap11Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
-    
+
     return(1);
 }
 
 /**
  * xmlSecSoap11GetHeader:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets pointer to the <soap:Header> node.
  *
  * Returns: pointer to <soap:Header> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11GetHeader(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* optional Header node is first */
@@ -404,15 +404,15 @@ xmlSecSoap11GetHeader(xmlNodePtr envNode) {
 /**
  * xmlSecSoap11GetBody:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets pointer to the <soap:Body> node.
  *
  * Returns: pointer to <soap:Body> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11GetBody(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* optional Header node first */
@@ -423,12 +423,12 @@ xmlSecSoap11GetBody(xmlNodePtr envNode) {
 
     /* Body node is next */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap11Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(cur);
@@ -442,23 +442,23 @@ xmlSecSoap11GetBody(xmlNodePtr envNode) {
  *
  * Returns: the number of body entries.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecSoap11GetBodyEntriesNumber(xmlNodePtr envNode) {
     xmlSecSize number = 0;
     xmlNodePtr bodyNode;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, 0);
 
     /* get Body node */
     bodyNode = xmlSecSoap11GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap11GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
 
     cur = xmlSecGetNextElementNode(bodyNode->children);
@@ -466,7 +466,7 @@ xmlSecSoap11GetBodyEntriesNumber(xmlNodePtr envNode) {
         number++;
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     return(number);
 }
 
@@ -474,27 +474,27 @@ xmlSecSoap11GetBodyEntriesNumber(xmlNodePtr envNode) {
  * xmlSecSoap11GetBodyEntry:
  * @envNode:    the pointer to <soap:Envelope> node.
  * @pos:        the body entry number.
- * 
+ *
  * Gets the body entry number @pos.
  *
  * Returns: pointer to body entry node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11GetBodyEntry(xmlNodePtr envNode, xmlSecSize pos) {
     xmlNodePtr bodyNode;
     xmlNodePtr cur;
- 
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* get Body node */
     bodyNode = xmlSecSoap11GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap11GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     cur = xmlSecGetNextElementNode(bodyNode->children);
@@ -509,12 +509,12 @@ xmlSecSoap11GetBodyEntry(xmlNodePtr envNode, xmlSecSize pos) {
 /**
  * xmlSecSoap11GetFaultEntry:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets the Fault entry (if any).
  *
  * Returns: pointer to Fault entry or NULL if it does not exist.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap11GetFaultEntry(xmlNodePtr envNode) {
     xmlNodePtr bodyNode;
 
@@ -523,24 +523,24 @@ xmlSecSoap11GetFaultEntry(xmlNodePtr envNode) {
     /* get Body node */
     bodyNode = xmlSecSoap11GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap11GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(xmlSecFindChild(bodyNode, xmlSecNodeFault, xmlSecSoap11Ns));
 }
-								 
+
 
 /***********************************************************************
  *
  * SOAP 1.2
  *
  **********************************************************************/
-static const xmlSecQName2IntegerInfo gXmlSecSoap12FaultCodeInfo[] = 
+static const xmlSecQName2IntegerInfo gXmlSecSoap12FaultCodeInfo[] =
 {
     { xmlSecSoap12Ns, xmlSecSoapFaultCodeVersionMismatch,
       xmlSecSoap12FaultCodeVersionMismatch },
@@ -552,18 +552,18 @@ static const xmlSecQName2IntegerInfo gXmlSecSoap12FaultCodeInfo[] =
       xmlSecSoap12FaultCodeSender },
     { xmlSecSoap12Ns, xmlSecSoapFaultCodeReceiver,
       xmlSecSoap12FaultCodeReceiver },
-    { NULL, NULL, 0 }	/* MUST be last in the list */
+    { NULL, NULL, 0 }   /* MUST be last in the list */
 };
 
 /**
  * xmlSecSoap12CreateEnvelope:
  * @doc:        the parent doc (might be NULL).
- * 
- * Creates a new SOAP 1.2 Envelope node. Caller is responsible for 
+ *
+ * Creates a new SOAP 1.2 Envelope node. Caller is responsible for
  * adding the returned node to the XML document.
  *
  * XML Schema (http://www.w3.org/2003/05/soap-envelope):
- * 
+ *
  *     <xs:element name="Envelope" type="tns:Envelope"/>
  *     <xs:complexType name="Envelope">
  *         <xs:sequence>
@@ -576,57 +576,57 @@ static const xmlSecQName2IntegerInfo gXmlSecSoap12FaultCodeInfo[] =
  * Returns: pointer to newly created <soap:Envelope> node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12CreateEnvelope(xmlDocPtr doc) {
     xmlNodePtr envNode;
     xmlNodePtr bodyNode;
     xmlNsPtr ns;
-    
+
     /* create Envelope node */
     envNode = xmlNewDocNode(doc, NULL, xmlSecNodeEnvelope, NULL);
     if(envNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewDocNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeEnvelope));
-	return(NULL);	            
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDocNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeEnvelope));
+        return(NULL);
     }
-    
+
     ns = xmlNewNs(envNode, xmlSecSoap12Ns, NULL) ;
     if(ns == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNs",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "ns=%s",
-		    xmlSecErrorsSafeString(xmlSecSoap12Ns));
-	xmlFreeNode(envNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "ns=%s",
+                    xmlSecErrorsSafeString(xmlSecSoap12Ns));
+        xmlFreeNode(envNode);
+        return(NULL);
     }
     xmlSetNs(envNode, ns);
-    
-    /* add required Body node */    
+
+    /* add required Body node */
     bodyNode = xmlSecAddChild(envNode, xmlSecNodeBody, xmlSecSoap12Ns);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeBody));
-	xmlFreeNode(envNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeBody));
+        xmlFreeNode(envNode);
+        return(NULL);
     }
-    
+
     return(envNode);
 }
 
 /**
  * xmlSecSoap12EnsureHeader:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets the pointer to <soap:Header> node (if necessary, the node
  * is created).
  *
@@ -635,7 +635,7 @@ xmlSecSoap12CreateEnvelope(xmlDocPtr doc) {
  *     <xs:element name="Header" type="tns:Header"/>
  *     <xs:complexType name="Header">
  *         <xs:sequence>
- *             <xs:any namespace="##any" processContents="lax" 
+ *             <xs:any namespace="##any" processContents="lax"
  *                     minOccurs="0" maxOccurs="unbounded"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##other" processContents="lax"/>
@@ -643,11 +643,11 @@ xmlSecSoap12CreateEnvelope(xmlDocPtr doc) {
  *
  * Returns: pointer to <soap:Header> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12EnsureHeader(xmlNodePtr envNode) {
     xmlNodePtr hdrNode;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* try to find Header node first */
@@ -658,25 +658,25 @@ xmlSecSoap12EnsureHeader(xmlNodePtr envNode) {
 
     /* if the first element child is not Header then it is Body */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap12Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* finally add Header node before body */
     hdrNode = xmlSecAddPrevSibling(cur, xmlSecNodeHeader, xmlSecSoap12Ns);
     if(hdrNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
                     "xmlSecAddPrevSibling",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
-    
+
     return(hdrNode);
 }
 
@@ -684,7 +684,7 @@ xmlSecSoap12EnsureHeader(xmlNodePtr envNode) {
  * xmlSecSoap12AddBodyEntry:
  * @envNode:            the pointer to <soap:Envelope> node.
  * @entryNode:          the pointer to body entry node.
- * 
+ *
  * Adds a new entry to <soap:Body> node.
  *
  * XML Schema (http://www.w3.org/2003/05/soap-envelope):
@@ -692,7 +692,7 @@ xmlSecSoap12EnsureHeader(xmlNodePtr envNode) {
  *     <xs:element name="Body" type="tns:Body"/>
  *     <xs:complexType name="Body">
  *         <xs:sequence>
- *             <xs:any namespace="##any" processContents="lax" 
+ *             <xs:any namespace="##any" processContents="lax"
  *                     minOccurs="0" maxOccurs="unbounded"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##other" processContents="lax"/>
@@ -709,12 +709,12 @@ xmlSecSoap12AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
 
     bodyNode = xmlSecSoap12GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(xmlSecAddChildNode(bodyNode, entryNode));
@@ -726,9 +726,9 @@ xmlSecSoap12AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
  * @faultCode:          the fault code.
  * @faultReasonText:    the human readable explanation of the fault.
  * @faultReasonLang:    the language (xml:lang) for @faultReason string.
- * @faultNodeURI:       the more preciese information about fault source 
+ * @faultNodeURI:       the more preciese information about fault source
  *                      (might be NULL).
- * @faultRole:          the role the node was operating in at the point 
+ * @faultRole:          the role the node was operating in at the point
  *                      the fault occurred (might be NULL).
  *
  * Adds <soap:Fault> entry to the @envNode. Note that only one <soap:Fault>
@@ -746,21 +746,21 @@ xmlSecSoap12AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
  *             <xs:element name="Detail" type="tns:detail" minOccurs="0"/>
  *         </xs:sequence>
  *     </xs:complexType>
- *     
+ *
  *     <xs:complexType name="faultcode">
  *         <xs:sequence>
  *             <xs:element name="Value" type="tns:faultcodeEnum"/>
  *             <xs:element name="Subcode" type="tns:subcode" minOccurs="0"/>
  *         </xs:sequence>
  *     </xs:complexType>
- *     
+ *
  *     <xs:complexType name="faultreason">
  *         <xs:sequence>
- *             <xs:element name="Text" type="tns:reasontext" 
+ *             <xs:element name="Text" type="tns:reasontext"
  *                         minOccurs="1" maxOccurs="unbounded"/>
  *         </xs:sequence>
  *     </xs:complexType>
- *     
+ *
  *     <xs:complexType name="reasontext">
  *         <xs:simpleContent>
  *             <xs:extension base="xs:string">
@@ -768,7 +768,7 @@ xmlSecSoap12AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
  *             </xs:extension>
  *         </xs:simpleContent>
  *     </xs:complexType>
- *     
+ *
  *     <xs:simpleType name="faultcodeEnum">
  *         <xs:restriction base="xs:QName">
  *             <xs:enumeration value="tns:DataEncodingUnknown"/>
@@ -778,28 +778,28 @@ xmlSecSoap12AddBodyEntry(xmlNodePtr envNode, xmlNodePtr entryNode) {
  *             <xs:enumeration value="tns:VersionMismatch"/>
  *         </xs:restriction>
  *     </xs:simpleType>
- *     
+ *
  *     <xs:complexType name="subcode">
  *         <xs:sequence>
  *             <xs:element name="Value" type="xs:QName"/>
  *             <xs:element name="Subcode" type="tns:subcode" minOccurs="0"/>
  *         </xs:sequence>
  *     </xs:complexType>
- *     
+ *
  *     <xs:complexType name="detail">
  *         <xs:sequence>
- *             <xs:any namespace="##any" processContents="lax" 
+ *             <xs:any namespace="##any" processContents="lax"
  *                 minOccurs="0" maxOccurs="unbounded"/>
  *         </xs:sequence>
  *         <xs:anyAttribute namespace="##other" processContents="lax"/>
  *     </xs:complexType>
- *     
+ *
  * Returns: pointer to the added entry or NULL if an error occurs.
  */
 xmlNodePtr
 xmlSecSoap12AddFaultEntry(xmlNodePtr envNode, xmlSecSoap12FaultCode faultCode,
-			 const xmlChar* faultReasonText, const xmlChar* faultReasonLang,
-			 const xmlChar* faultNodeURI, const xmlChar* faultRole) {
+                         const xmlChar* faultReasonText, const xmlChar* faultReasonLang,
+                         const xmlChar* faultNodeURI, const xmlChar* faultRole) {
     xmlNodePtr bodyNode;
     xmlNodePtr faultNode;
     xmlNodePtr cur;
@@ -813,107 +813,107 @@ xmlSecSoap12AddFaultEntry(xmlNodePtr envNode, xmlSecSoap12FaultCode faultCode,
     /* get Body node */
     bodyNode = xmlSecSoap12GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* check that we don't have Fault node already */
     faultNode = xmlSecFindChild(bodyNode, xmlSecNodeFault, xmlSecSoap12Ns);
     if(faultNode != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
-    
+
     /* add Fault node */
     faultNode = xmlSecAddChild(bodyNode, xmlSecNodeFault, xmlSecSoap12Ns);
     if(faultNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeFault));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeFault));
+        return(NULL);
     }
-    
+
     /* add Code node */
     cur = xmlSecAddChild(faultNode, xmlSecNodeCode, xmlSecSoap12Ns);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeCode));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCode));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
-    
+
     /* write the fault code in Value child */
     ret = xmlSecQName2IntegerNodeWrite(gXmlSecSoap12FaultCodeInfo, cur,
                                        xmlSecNodeValue, xmlSecSoap12Ns,
                                        faultCode);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "faultCode=%d",
-		    faultCode);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "faultCode=%d",
+                    faultCode);
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	
+        return(NULL);
     }
 
     /* add Reason node */
     cur = xmlSecAddChild(faultNode, xmlSecNodeReason, xmlSecSoap12Ns);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeReason));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeReason));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
-    
+
     /* Add Reason/Text node */
     if(xmlSecSoap12AddFaultReasonText(faultNode, faultReasonText, faultReasonLang) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12AddFaultReasonText",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "text=%s",
-		    xmlSecErrorsSafeString(faultReasonText));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12AddFaultReasonText",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "text=%s",
+                    xmlSecErrorsSafeString(faultReasonText));
         xmlUnlinkNode(faultNode);
         xmlFreeNode(faultNode);
-	return(NULL);	        	
+        return(NULL);
     }
 
     if(faultNodeURI != NULL) {
         /* add Node node */
         cur = xmlSecAddChild(faultNode, xmlSecNodeNode, xmlSecSoap12Ns);
         if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecAddChild",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(xmlSecNodeNode));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeNode));
             xmlUnlinkNode(faultNode);
             xmlFreeNode(faultNode);
-	    return(NULL);	        	
+            return(NULL);
         }
         xmlNodeSetContent(cur, faultNodeURI);
     }
@@ -922,19 +922,19 @@ xmlSecSoap12AddFaultEntry(xmlNodePtr envNode, xmlSecSoap12FaultCode faultCode,
         /* add Role node */
         cur = xmlSecAddChild(faultNode, xmlSecNodeRole, xmlSecSoap12Ns);
         if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecAddChild",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(xmlSecNodeRole));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeRole));
             xmlUnlinkNode(faultNode);
             xmlFreeNode(faultNode);
-	    return(NULL);	        	
+            return(NULL);
         }
         xmlNodeSetContent(cur, faultRole);
     }
-    
+
     return(faultNode);
 }
 
@@ -949,7 +949,7 @@ xmlSecSoap12AddFaultEntry(xmlNodePtr envNode, xmlSecSoap12FaultCode faultCode,
  * Returns: a pointer to the newly created <Subcode> node or NULL if an error
  * occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12AddFaultSubcode(xmlNodePtr faultNode, const xmlChar* subCodeHref, const xmlChar* subCodeName) {
     xmlNodePtr cur, subcodeNode, valueNode;
     xmlChar* qname;
@@ -962,11 +962,11 @@ xmlSecSoap12AddFaultSubcode(xmlNodePtr faultNode, const xmlChar* subCodeHref, co
     cur = xmlSecGetNextElementNode(faultNode->children);
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeCode, xmlSecSoap12Ns)) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
                     NULL,
-	    	    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s",
-    		    xmlSecErrorsSafeString(xmlSecNodeCode));
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCode));
         return(NULL);
     }
 
@@ -986,27 +986,27 @@ xmlSecSoap12AddFaultSubcode(xmlNodePtr faultNode, const xmlChar* subCodeHref, co
     /* add Subcode node */
     subcodeNode = xmlSecAddChild(cur, xmlSecNodeSubcode, xmlSecSoap12Ns);
     if(subcodeNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSubcode));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSubcode));
+        return(NULL);
     }
 
     /* add Value node */
     valueNode = xmlSecAddChild(subcodeNode, xmlSecNodeValue, xmlSecSoap12Ns);
     if(valueNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeValue));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeValue));
         xmlUnlinkNode(subcodeNode);
         xmlFreeNode(subcodeNode);
-	return(NULL);	        	
+        return(NULL);
     }
 
     /* create qname for fault code */
@@ -1014,13 +1014,13 @@ xmlSecSoap12AddFaultSubcode(xmlNodePtr faultNode, const xmlChar* subCodeHref, co
     if(qname == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
                     NULL,
-	            "xmlSecGetQName",
-	            XMLSEC_ERRORS_R_XML_FAILED,
-	            "node=%s",
-	            xmlSecErrorsSafeString(cur->name));
+                    "xmlSecGetQName",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(cur->name));
         xmlUnlinkNode(subcodeNode);
         xmlFreeNode(subcodeNode);
-	return(NULL);	        	
+        return(NULL);
     }
 
     /* set result qname in Value node */
@@ -1043,8 +1043,8 @@ xmlSecSoap12AddFaultSubcode(xmlNodePtr faultNode, const xmlChar* subCodeHref, co
  * Returns: a pointer to the newly created <Text> node or NULL if an error
  * occurs.
  */
-xmlNodePtr 
-xmlSecSoap12AddFaultReasonText(xmlNodePtr faultNode, const xmlChar* faultReasonText, 
+xmlNodePtr
+xmlSecSoap12AddFaultReasonText(xmlNodePtr faultNode, const xmlChar* faultReasonText,
                                const xmlChar* faultReasonLang) {
     xmlNodePtr reasonNode;
     xmlNodePtr textNode;
@@ -1056,25 +1056,25 @@ xmlSecSoap12AddFaultReasonText(xmlNodePtr faultNode, const xmlChar* faultReasonT
     /* find Reason node */
     reasonNode = xmlSecFindChild(faultNode,  xmlSecNodeReason, xmlSecSoap12Ns);
     if(reasonNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecFindChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeReason));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecFindChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeReason));
+        return(NULL);
     }
 
     /* add Text node */
     textNode = xmlSecAddChild(reasonNode, xmlSecNodeText, xmlSecSoap12Ns);
     if(textNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeText));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeText));
+        return(NULL);
     }
     xmlNodeSetContent(textNode, faultReasonText);
     xmlNodeSetLang(textNode, faultReasonLang);
@@ -1086,13 +1086,13 @@ xmlSecSoap12AddFaultReasonText(xmlNodePtr faultNode, const xmlChar* faultReasonT
  * xmlSecSoap12AddFaultDetailEntry:
  * @faultNode:          the pointer to <Fault> node.
  * @detailEntryNode:    the pointer to detail entry node.
- * 
+ *
  * Adds a new child to the Detail child element of @faultNode.
  *
- * Returns: pointer to the added child (@detailEntryNode) or NULL if an error 
+ * Returns: pointer to the added child (@detailEntryNode) or NULL if an error
  * occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12AddFaultDetailEntry(xmlNodePtr faultNode, xmlNodePtr detailEntryNode) {
     xmlNodePtr detailNode;
 
@@ -1104,16 +1104,16 @@ xmlSecSoap12AddFaultDetailEntry(xmlNodePtr faultNode, xmlNodePtr detailEntryNode
     if(detailNode == NULL) {
         detailNode = xmlSecAddChild(faultNode, xmlSecNodeDetail, xmlSecSoap12Ns);
         if(detailNode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecAddChild",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(xmlSecNodeDetail));
-	    return(NULL);	        	
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeDetail));
+            return(NULL);
         }
     }
-    
+
     return(xmlSecAddChildNode(detailNode, detailEntryNode));
 }
 
@@ -1126,20 +1126,20 @@ xmlSecSoap12AddFaultDetailEntry(xmlNodePtr faultNode, xmlNodePtr detailEntryNode
  * Returns: 1 if @envNode has a valid <soap:Envelope> element, 0 if it is
  * not valid or a negative value if an error occurs.
  */
-int 
+int
 xmlSecSoap12CheckEnvelope(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, -1);
-    
+
     /* verify envNode itself */
     if(!xmlSecCheckNodeName(envNode, xmlSecNodeEnvelope, xmlSecSoap12Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeEnvelope),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeEnvelope),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
 
     /* optional Header node first */
@@ -1150,29 +1150,29 @@ xmlSecSoap12CheckEnvelope(xmlNodePtr envNode) {
 
     /* required Body node is next */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap12Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
-    
+
     return(1);
 }
 
 /**
  * xmlSecSoap12GetHeader:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets pointer to the <soap:Header> node.
  *
  * Returns: pointer to <soap:Header> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12GetHeader(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* optional Header node is first */
@@ -1187,15 +1187,15 @@ xmlSecSoap12GetHeader(xmlNodePtr envNode) {
 /**
  * xmlSecSoap12GetBody:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets pointer to the <soap:Body> node.
  *
  * Returns: pointer to <soap:Body> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12GetBody(xmlNodePtr envNode) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* optional Header node first */
@@ -1206,12 +1206,12 @@ xmlSecSoap12GetBody(xmlNodePtr envNode) {
 
     /* Body node is next */
     if((cur == NULL) || !xmlSecCheckNodeName(cur, xmlSecNodeBody, xmlSecSoap12Ns)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeBody),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeBody),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(cur);
@@ -1225,23 +1225,23 @@ xmlSecSoap12GetBody(xmlNodePtr envNode) {
  *
  * Returns: the number of body entries.
  */
-xmlSecSize 
+xmlSecSize
 xmlSecSoap12GetBodyEntriesNumber(xmlNodePtr envNode) {
     xmlSecSize number = 0;
     xmlNodePtr bodyNode;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(envNode != NULL, 0);
 
     /* get Body node */
     bodyNode = xmlSecSoap12GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(0);
     }
 
     cur = xmlSecGetNextElementNode(bodyNode->children);
@@ -1249,7 +1249,7 @@ xmlSecSoap12GetBodyEntriesNumber(xmlNodePtr envNode) {
         number++;
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     return(number);
 }
 
@@ -1257,27 +1257,27 @@ xmlSecSoap12GetBodyEntriesNumber(xmlNodePtr envNode) {
  * xmlSecSoap12GetBodyEntry:
  * @envNode:    the pointer to <soap:Envelope> node.
  * @pos:        the body entry number.
- * 
+ *
  * Gets the body entry number @pos.
  *
  * Returns: pointer to body entry node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12GetBodyEntry(xmlNodePtr envNode, xmlSecSize pos) {
     xmlNodePtr bodyNode;
     xmlNodePtr cur;
- 
+
     xmlSecAssert2(envNode != NULL, NULL);
 
     /* get Body node */
     bodyNode = xmlSecSoap12GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     cur = xmlSecGetNextElementNode(bodyNode->children);
@@ -1292,12 +1292,12 @@ xmlSecSoap12GetBodyEntry(xmlNodePtr envNode, xmlSecSize pos) {
 /**
  * xmlSecSoap12GetFaultEntry:
  * @envNode:    the pointer to <soap:Envelope> node.
- * 
+ *
  * Gets the Fault entry (if any).
  *
  * Returns: pointer to Fault entry or NULL if it does not exist.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecSoap12GetFaultEntry(xmlNodePtr envNode) {
     xmlNodePtr bodyNode;
 
@@ -1306,17 +1306,17 @@ xmlSecSoap12GetFaultEntry(xmlNodePtr envNode) {
     /* get Body node */
     bodyNode = xmlSecSoap12GetBody(envNode);
     if(bodyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12GetBody",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecSoap12GetBody",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     return(xmlSecFindChild(bodyNode, xmlSecNodeFault, xmlSecSoap12Ns));
 }
-								 
+
 #endif /* XMLSEC_NO_SOAP */
 
 
diff --git a/src/strings.c b/src/strings.c
index 98971986..f746f4db 100644
--- a/src/strings.c
+++ b/src/strings.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * All the string constants.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -19,52 +19,52 @@
  * Global Namespaces
  *
  ************************************************************************/
-const xmlChar xmlSecNs[] 			= "http://www.aleksey.com/xmlsec/2002";
-const xmlChar xmlSecDSigNs[] 			= "http://www.w3.org/2000/09/xmldsig#";
-const xmlChar xmlSecEncNs[] 			= "http://www.w3.org/2001/04/xmlenc#";
-const xmlChar xmlSecXkmsNs[] 			= "http://www.w3.org/2002/03/xkms#";
-const xmlChar xmlSecXPathNs[] 			= "http://www.w3.org/TR/1999/REC-xpath-19991116";
-const xmlChar xmlSecXPath2Ns[] 			= "http://www.w3.org/2002/06/xmldsig-filter2";
-const xmlChar xmlSecXPointerNs[]		= "http://www.w3.org/2001/04/xmldsig-more/xptr";
-const xmlChar xmlSecSoap11Ns[]			= "http://schemas.xmlsoap.org/soap/envelope/";
-const xmlChar xmlSecSoap12Ns[]			= "http://www.w3.org/2002/06/soap-envelope";
+const xmlChar xmlSecNs[]                        = "http://www.aleksey.com/xmlsec/2002";
+const xmlChar xmlSecDSigNs[]                    = "http://www.w3.org/2000/09/xmldsig#";
+const xmlChar xmlSecEncNs[]                     = "http://www.w3.org/2001/04/xmlenc#";
+const xmlChar xmlSecXkmsNs[]                    = "http://www.w3.org/2002/03/xkms#";
+const xmlChar xmlSecXPathNs[]                   = "http://www.w3.org/TR/1999/REC-xpath-19991116";
+const xmlChar xmlSecXPath2Ns[]                  = "http://www.w3.org/2002/06/xmldsig-filter2";
+const xmlChar xmlSecXPointerNs[]                = "http://www.w3.org/2001/04/xmldsig-more/xptr";
+const xmlChar xmlSecSoap11Ns[]                  = "http://schemas.xmlsoap.org/soap/envelope/";
+const xmlChar xmlSecSoap12Ns[]                  = "http://www.w3.org/2002/06/soap-envelope";
 
 /*************************************************************************
  *
  * DSig Nodes
  *
  ************************************************************************/
-const xmlChar xmlSecNodeSignature[]		= "Signature";
-const xmlChar xmlSecNodeSignedInfo[]		= "SignedInfo";
+const xmlChar xmlSecNodeSignature[]             = "Signature";
+const xmlChar xmlSecNodeSignedInfo[]            = "SignedInfo";
 const xmlChar xmlSecNodeCanonicalizationMethod[]= "CanonicalizationMethod";
-const xmlChar xmlSecNodeSignatureMethod[]	= "SignatureMethod";
-const xmlChar xmlSecNodeSignatureValue[]	= "SignatureValue";
-const xmlChar xmlSecNodeDigestMethod[]		= "DigestMethod";
-const xmlChar xmlSecNodeDigestValue[]		= "DigestValue";
-const xmlChar xmlSecNodeObject[]		= "Object";
-const xmlChar xmlSecNodeManifest[]		= "Manifest";
-const xmlChar xmlSecNodeSignatureProperties[]	= "SignatureProperties";
+const xmlChar xmlSecNodeSignatureMethod[]       = "SignatureMethod";
+const xmlChar xmlSecNodeSignatureValue[]        = "SignatureValue";
+const xmlChar xmlSecNodeDigestMethod[]          = "DigestMethod";
+const xmlChar xmlSecNodeDigestValue[]           = "DigestValue";
+const xmlChar xmlSecNodeObject[]                = "Object";
+const xmlChar xmlSecNodeManifest[]              = "Manifest";
+const xmlChar xmlSecNodeSignatureProperties[]   = "SignatureProperties";
 
 /*************************************************************************
  *
  * Encryption Nodes
  *
  ************************************************************************/
-const xmlChar xmlSecNodeEncryptedData[]		= "EncryptedData";
-const xmlChar xmlSecNodeEncryptionMethod[]	= "EncryptionMethod";
-const xmlChar xmlSecNodeEncryptionProperties[]	= "EncryptionProperties";
-const xmlChar xmlSecNodeEncryptionProperty[]	= "EncryptionProperty";
-const xmlChar xmlSecNodeCipherData[]		= "CipherData";
-const xmlChar xmlSecNodeCipherValue[]		= "CipherValue";
-const xmlChar xmlSecNodeCipherReference[]	= "CipherReference";
-const xmlChar xmlSecNodeReferenceList[]		= "ReferenceList";
+const xmlChar xmlSecNodeEncryptedData[]         = "EncryptedData";
+const xmlChar xmlSecNodeEncryptionMethod[]      = "EncryptionMethod";
+const xmlChar xmlSecNodeEncryptionProperties[]  = "EncryptionProperties";
+const xmlChar xmlSecNodeEncryptionProperty[]    = "EncryptionProperty";
+const xmlChar xmlSecNodeCipherData[]            = "CipherData";
+const xmlChar xmlSecNodeCipherValue[]           = "CipherValue";
+const xmlChar xmlSecNodeCipherReference[]       = "CipherReference";
+const xmlChar xmlSecNodeReferenceList[]         = "ReferenceList";
 const xmlChar xmlSecNodeDataReference[]         = "DataReference";
 const xmlChar xmlSecNodeKeyReference[]          = "KeyReference";
 
-const xmlChar xmlSecNodeCarriedKeyName[]	= "CarriedKeyName";
+const xmlChar xmlSecNodeCarriedKeyName[]        = "CarriedKeyName";
 
-const xmlChar xmlSecTypeEncContent[]		= "http://www.w3.org/2001/04/xmlenc#Content";
-const xmlChar xmlSecTypeEncElement[]		= "http://www.w3.org/2001/04/xmlenc#Element";
+const xmlChar xmlSecTypeEncContent[]            = "http://www.w3.org/2001/04/xmlenc#Content";
+const xmlChar xmlSecTypeEncElement[]            = "http://www.w3.org/2001/04/xmlenc#Element";
 
 /*************************************************************************
  *
@@ -72,108 +72,108 @@ const xmlChar xmlSecTypeEncElement[]		= "http://www.w3.org/2001/04/xmlenc#Elemen
  *
  ************************************************************************/
 #ifndef XMLSEC_NO_XKMS
-const xmlChar xmlSecXkmsServerRequestResultName[]	= "result-response";
-const xmlChar xmlSecXkmsServerRequestStatusName[]	= "status-request";
-const xmlChar xmlSecXkmsServerRequestLocateName[]	= "locate-request";
-const xmlChar xmlSecXkmsServerRequestValidateName[]	= "validate-request";
-const xmlChar xmlSecXkmsServerRequestCompoundName[]	= "compound-request";
-
-const xmlChar xmlSecNodeResult[]		= "Result";
-const xmlChar xmlSecNodeStatusRequest[]		= "StatusRequest";
-const xmlChar xmlSecNodeStatusResult[]		= "StatusResult";
-const xmlChar xmlSecNodeLocateRequest[]		= "LocateRequest";
-const xmlChar xmlSecNodeLocateResult[]		= "LocateResult";
-const xmlChar xmlSecNodeValidateRequest[]	= "ValidateRequest";
-const xmlChar xmlSecNodeValidateResult[]	= "ValidateResult";
-const xmlChar xmlSecNodeCompoundRequest[]	= "CompoundRequest";
-const xmlChar xmlSecNodeCompoundResult[]	= "CompoundResult";
-
-const xmlChar xmlSecNodeMessageExtension[]	= "MessageExtension";
-const xmlChar xmlSecNodeOpaqueClientData[]	= "OpaqueClientData";
-const xmlChar xmlSecNodeResponseMechanism[]	= "ResponseMechanism";
-const xmlChar xmlSecNodeRespondWith[]		= "RespondWith";
-const xmlChar xmlSecNodePendingNotification[]	= "PendingNotification";
-const xmlChar xmlSecNodeQueryKeyBinding[]	= "QueryKeyBinding";
-const xmlChar xmlSecNodeKeyUsage[]		= "KeyUsage";
-const xmlChar xmlSecNodeUseKeyWith[]		= "UseKeyWith";
-const xmlChar xmlSecNodeTimeInstant[]		= "TimeInstant";
-const xmlChar xmlSecNodeRequestSignatureValue[]	= "RequestSignatureValue";
-const xmlChar xmlSecNodeUnverifiedKeyBinding[]	= "UnverifiedKeyBinding";
-const xmlChar xmlSecNodeValidityInterval[]	= "ValidityInterval";
+const xmlChar xmlSecXkmsServerRequestResultName[]       = "result-response";
+const xmlChar xmlSecXkmsServerRequestStatusName[]       = "status-request";
+const xmlChar xmlSecXkmsServerRequestLocateName[]       = "locate-request";
+const xmlChar xmlSecXkmsServerRequestValidateName[]     = "validate-request";
+const xmlChar xmlSecXkmsServerRequestCompoundName[]     = "compound-request";
+
+const xmlChar xmlSecNodeResult[]                = "Result";
+const xmlChar xmlSecNodeStatusRequest[]         = "StatusRequest";
+const xmlChar xmlSecNodeStatusResult[]          = "StatusResult";
+const xmlChar xmlSecNodeLocateRequest[]         = "LocateRequest";
+const xmlChar xmlSecNodeLocateResult[]          = "LocateResult";
+const xmlChar xmlSecNodeValidateRequest[]       = "ValidateRequest";
+const xmlChar xmlSecNodeValidateResult[]        = "ValidateResult";
+const xmlChar xmlSecNodeCompoundRequest[]       = "CompoundRequest";
+const xmlChar xmlSecNodeCompoundResult[]        = "CompoundResult";
+
+const xmlChar xmlSecNodeMessageExtension[]      = "MessageExtension";
+const xmlChar xmlSecNodeOpaqueClientData[]      = "OpaqueClientData";
+const xmlChar xmlSecNodeResponseMechanism[]     = "ResponseMechanism";
+const xmlChar xmlSecNodeRespondWith[]           = "RespondWith";
+const xmlChar xmlSecNodePendingNotification[]   = "PendingNotification";
+const xmlChar xmlSecNodeQueryKeyBinding[]       = "QueryKeyBinding";
+const xmlChar xmlSecNodeKeyUsage[]              = "KeyUsage";
+const xmlChar xmlSecNodeUseKeyWith[]            = "UseKeyWith";
+const xmlChar xmlSecNodeTimeInstant[]           = "TimeInstant";
+const xmlChar xmlSecNodeRequestSignatureValue[] = "RequestSignatureValue";
+const xmlChar xmlSecNodeUnverifiedKeyBinding[]  = "UnverifiedKeyBinding";
+const xmlChar xmlSecNodeValidityInterval[]      = "ValidityInterval";
 const xmlChar xmlSecNodeStatus[]                = "Status";
 const xmlChar xmlSecNodeValidReason[]           = "ValidReason";
 const xmlChar xmlSecNodeInvalidReason[]         = "InvalidReason";
 const xmlChar xmlSecNodeIndeterminateReason[]   = "IndeterminateReason";
 
-const xmlChar xmlSecAttrService[]		= "Service";
-const xmlChar xmlSecAttrNonce[]			= "Nonce";
-const xmlChar xmlSecAttrOriginalRequestId[]	= "OriginalRequestId";
-const xmlChar xmlSecAttrResponseLimit[]		= "ResponseLimit";
-const xmlChar xmlSecAttrMechanism[]		= "Mechanism[";
-const xmlChar xmlSecAttrIdentifier[]		= "Identifier";
-const xmlChar xmlSecAttrApplication[]		= "Application";
-const xmlChar xmlSecAttrResultMajor[]		= "ResultMajor";
-const xmlChar xmlSecAttrResultMinor[]		= "ResultMinor";
-const xmlChar xmlSecAttrRequestId[]		= "RequestId";
-const xmlChar xmlSecAttrNotBefore[]		= "NotBefore";
-const xmlChar xmlSecAttrNotOnOrAfter[]		= "NotOnOrAfter";
-const xmlChar xmlSecAttrTime[]			= "Time";
+const xmlChar xmlSecAttrService[]               = "Service";
+const xmlChar xmlSecAttrNonce[]                 = "Nonce";
+const xmlChar xmlSecAttrOriginalRequestId[]     = "OriginalRequestId";
+const xmlChar xmlSecAttrResponseLimit[]         = "ResponseLimit";
+const xmlChar xmlSecAttrMechanism[]             = "Mechanism[";
+const xmlChar xmlSecAttrIdentifier[]            = "Identifier";
+const xmlChar xmlSecAttrApplication[]           = "Application";
+const xmlChar xmlSecAttrResultMajor[]           = "ResultMajor";
+const xmlChar xmlSecAttrResultMinor[]           = "ResultMinor";
+const xmlChar xmlSecAttrRequestId[]             = "RequestId";
+const xmlChar xmlSecAttrNotBefore[]             = "NotBefore";
+const xmlChar xmlSecAttrNotOnOrAfter[]          = "NotOnOrAfter";
+const xmlChar xmlSecAttrTime[]                  = "Time";
 const xmlChar xmlSecAttrStatusValue[]           = "StatusValue";
 
-const xmlChar xmlSecResponseMechanismPending[]	= "Pending";
+const xmlChar xmlSecResponseMechanismPending[]  = "Pending";
 const xmlChar xmlSecResponseMechanismRepresent[]= "Represent";
 const xmlChar xmlSecResponseMechanismRequestSignatureValue[] = "RequestSignatureValue";
 
-const xmlChar xmlSecRespondWithKeyName[]	= "KeyName";
-const xmlChar xmlSecRespondWithKeyValue[]	= "KeyValue";
-const xmlChar xmlSecRespondWithX509Cert[]	= "X509Cert";
-const xmlChar xmlSecRespondWithX509Chain[]	= "X509Chain";
-const xmlChar xmlSecRespondWithX509CRL[]	= "X509CRL";
-const xmlChar xmlSecRespondWithOCSP[]		= "OCSP";
+const xmlChar xmlSecRespondWithKeyName[]        = "KeyName";
+const xmlChar xmlSecRespondWithKeyValue[]       = "KeyValue";
+const xmlChar xmlSecRespondWithX509Cert[]       = "X509Cert";
+const xmlChar xmlSecRespondWithX509Chain[]      = "X509Chain";
+const xmlChar xmlSecRespondWithX509CRL[]        = "X509CRL";
+const xmlChar xmlSecRespondWithOCSP[]           = "OCSP";
 const xmlChar xmlSecRespondWithRetrievalMethod[]= "RetrievalMethod";
-const xmlChar xmlSecRespondWithPGP[]		= "PGP";
-const xmlChar xmlSecRespondWithPGPWeb[]		= "PGPWeb";
-const xmlChar xmlSecRespondWithSPKI[]		= "SPKI";
-const xmlChar xmlSecRespondWithPrivateKey[]	= "PrivateKey";
+const xmlChar xmlSecRespondWithPGP[]            = "PGP";
+const xmlChar xmlSecRespondWithPGPWeb[]         = "PGPWeb";
+const xmlChar xmlSecRespondWithSPKI[]           = "SPKI";
+const xmlChar xmlSecRespondWithPrivateKey[]     = "PrivateKey";
 
-const xmlChar xmlSecStatusResultSuccess[]	= "Success";
-const xmlChar xmlSecStatusResultFailed[]	= "Failed";
-const xmlChar xmlSecStatusResultPending[]	= "Pending";
+const xmlChar xmlSecStatusResultSuccess[]       = "Success";
+const xmlChar xmlSecStatusResultFailed[]        = "Failed";
+const xmlChar xmlSecStatusResultPending[]       = "Pending";
 
-const xmlChar xmlSecKeyUsageEncryption[]	= "Encryption";
-const xmlChar xmlSecKeyUsageSignature[]		= "Signature";
-const xmlChar xmlSecKeyUsageExchange[]		= "Exchange";
+const xmlChar xmlSecKeyUsageEncryption[]        = "Encryption";
+const xmlChar xmlSecKeyUsageSignature[]         = "Signature";
+const xmlChar xmlSecKeyUsageExchange[]          = "Exchange";
 
-const xmlChar xmlSecKeyBindingStatusValid[]	        = "Valid";
-const xmlChar xmlSecKeyBindingStatusInvalid[]	        = "Invalid";
-const xmlChar xmlSecKeyBindingStatusIndeterminate[]	= "Indeterminate";
+const xmlChar xmlSecKeyBindingStatusValid[]             = "Valid";
+const xmlChar xmlSecKeyBindingStatusInvalid[]           = "Invalid";
+const xmlChar xmlSecKeyBindingStatusIndeterminate[]     = "Indeterminate";
 
 const xmlChar xmlSecKeyBindingReasonIssuerTrust[]       = "IssuerTrust";
 const xmlChar xmlSecKeyBindingReasonRevocationStatus[]  = "RevocationStatus";
 const xmlChar xmlSecKeyBindingReasonValidityInterval[]  = "ValidityInterval";
 const xmlChar xmlSecKeyBindingReasonSignature[]         = "Signature";
 
-const xmlChar xmlSecResultMajorCodeSuccess[]		= "Success";
-const xmlChar xmlSecResultMajorCodeVersionMismatch[]	= "VersionMismatch";
-const xmlChar xmlSecResultMajorCodeSender[]		= "Sender";
-const xmlChar xmlSecResultMajorCodeReceiver[]		= "Receiver";
-const xmlChar xmlSecResultMajorCodeRepresent[]		= "Represent";
-const xmlChar xmlSecResultMajorCodePending[]		= "Pending";
-
-const xmlChar xmlSecResultMinorCodeNoMatch[]		= "NoMatch";
-const xmlChar xmlSecResultMinorCodeTooManyResponses[]	= "TooManyResponses";
-const xmlChar xmlSecResultMinorCodeIncomplete[]		= "Incomplete";
-const xmlChar xmlSecResultMinorCodeFailure[]		= "Failure";
-const xmlChar xmlSecResultMinorCodeRefused[]		= "Refused";
-const xmlChar xmlSecResultMinorCodeNoAuthentication[]	= "NoAuthentication";
+const xmlChar xmlSecResultMajorCodeSuccess[]            = "Success";
+const xmlChar xmlSecResultMajorCodeVersionMismatch[]    = "VersionMismatch";
+const xmlChar xmlSecResultMajorCodeSender[]             = "Sender";
+const xmlChar xmlSecResultMajorCodeReceiver[]           = "Receiver";
+const xmlChar xmlSecResultMajorCodeRepresent[]          = "Represent";
+const xmlChar xmlSecResultMajorCodePending[]            = "Pending";
+
+const xmlChar xmlSecResultMinorCodeNoMatch[]            = "NoMatch";
+const xmlChar xmlSecResultMinorCodeTooManyResponses[]   = "TooManyResponses";
+const xmlChar xmlSecResultMinorCodeIncomplete[]         = "Incomplete";
+const xmlChar xmlSecResultMinorCodeFailure[]            = "Failure";
+const xmlChar xmlSecResultMinorCodeRefused[]            = "Refused";
+const xmlChar xmlSecResultMinorCodeNoAuthentication[]   = "NoAuthentication";
 const xmlChar xmlSecResultMinorCodeMessageNotSupported[]= "MessageNotSupported";
-const xmlChar xmlSecResultMinorCodeUnknownResponseId[]	= "UnknownResponseId";
-const xmlChar xmlSecResultMinorCodeNotSynchronous[]	= "NotSynchronous";
+const xmlChar xmlSecResultMinorCodeUnknownResponseId[]  = "UnknownResponseId";
+const xmlChar xmlSecResultMinorCodeNotSynchronous[]     = "NotSynchronous";
 
 const xmlChar xmlSecXkmsSoapSubcodeValueMessageNotSupported[] = "MessageNotSupported";
-const xmlChar xmlSecXkmsSoapSubcodeValueBadMessage[]	= "BadMessage";
+const xmlChar xmlSecXkmsSoapSubcodeValueBadMessage[]    = "BadMessage";
 
-const xmlChar xmlSecXkmsSoapFaultReasonLang[] 		    = "en";
+const xmlChar xmlSecXkmsSoapFaultReasonLang[]               = "en";
 const xmlChar xmlSecXkmsSoapFaultReasonUnsupportedVersion[] = "Unsupported SOAP version";
 const xmlChar xmlSecXkmsSoapFaultReasonUnableToProcess[]    = "Unable to process %s";
 const xmlChar xmlSecXkmsSoapFaultReasonServiceUnavailable[] = "Service temporarily unable";
@@ -191,365 +191,401 @@ const xmlChar xmlSecXkmsFormatStrSoap12[]               = "soap-1.2";
  * KeyInfo Nodes
  *
  ************************************************************************/
-const xmlChar xmlSecNodeKeyInfo[]		= "KeyInfo";
-const xmlChar xmlSecNodeReference[]		= "Reference";
-const xmlChar xmlSecNodeTransforms[]		= "Transforms";
-const xmlChar xmlSecNodeTransform[]		= "Transform";
+const xmlChar xmlSecNodeKeyInfo[]               = "KeyInfo";
+const xmlChar xmlSecNodeReference[]             = "Reference";
+const xmlChar xmlSecNodeTransforms[]            = "Transforms";
+const xmlChar xmlSecNodeTransform[]             = "Transform";
 
 /*************************************************************************
  *
  * Attributes
  *
  ************************************************************************/
-const xmlChar xmlSecAttrId[]			= "Id";
-const xmlChar xmlSecAttrURI[]			= "URI";
-const xmlChar xmlSecAttrType[]			= "Type";
-const xmlChar xmlSecAttrMimeType[]		= "MimeType";
-const xmlChar xmlSecAttrEncoding[]		= "Encoding";
-const xmlChar xmlSecAttrAlgorithm[]		= "Algorithm";
-const xmlChar xmlSecAttrFilter[]		= "Filter";
-const xmlChar xmlSecAttrRecipient[]		= "Recipient";
-const xmlChar xmlSecAttrTarget[]		= "Target";
+const xmlChar xmlSecAttrId[]                    = "Id";
+const xmlChar xmlSecAttrURI[]                   = "URI";
+const xmlChar xmlSecAttrType[]                  = "Type";
+const xmlChar xmlSecAttrMimeType[]              = "MimeType";
+const xmlChar xmlSecAttrEncoding[]              = "Encoding";
+const xmlChar xmlSecAttrAlgorithm[]             = "Algorithm";
+const xmlChar xmlSecAttrFilter[]                = "Filter";
+const xmlChar xmlSecAttrRecipient[]             = "Recipient";
+const xmlChar xmlSecAttrTarget[]                = "Target";
 
 /*************************************************************************
  *
  * AES strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameAESKeyValue[]		= "aes";
-const xmlChar xmlSecNodeAESKeyValue[]		= "AESKeyValue";
-const xmlChar xmlSecHrefAESKeyValue[]		= "http://www.aleksey.com/xmlsec/2002#AESKeyValue";
+const xmlChar xmlSecNameAESKeyValue[]           = "aes";
+const xmlChar xmlSecNodeAESKeyValue[]           = "AESKeyValue";
+const xmlChar xmlSecHrefAESKeyValue[]           = "http://www.aleksey.com/xmlsec/2002#AESKeyValue";
 
-const xmlChar xmlSecNameAes128Cbc[]		= "aes128-cbc";
-const xmlChar xmlSecHrefAes128Cbc[]		= "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
+const xmlChar xmlSecNameAes128Cbc[]             = "aes128-cbc";
+const xmlChar xmlSecHrefAes128Cbc[]             = "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
 
-const xmlChar xmlSecNameAes192Cbc[]		= "aes192-cbc";
-const xmlChar xmlSecHrefAes192Cbc[]		= "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
+const xmlChar xmlSecNameAes192Cbc[]             = "aes192-cbc";
+const xmlChar xmlSecHrefAes192Cbc[]             = "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
 
-const xmlChar xmlSecNameAes256Cbc[]		= "aes256-cbc";
-const xmlChar xmlSecHrefAes256Cbc[]		= "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
+const xmlChar xmlSecNameAes256Cbc[]             = "aes256-cbc";
+const xmlChar xmlSecHrefAes256Cbc[]             = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
 
-const xmlChar xmlSecNameKWAes128[]		= "kw-aes128";
-const xmlChar xmlSecHrefKWAes128[]		= "http://www.w3.org/2001/04/xmlenc#kw-aes128";
+const xmlChar xmlSecNameKWAes128[]              = "kw-aes128";
+const xmlChar xmlSecHrefKWAes128[]              = "http://www.w3.org/2001/04/xmlenc#kw-aes128";
 
-const xmlChar xmlSecNameKWAes192[]		= "kw-aes192";
-const xmlChar xmlSecHrefKWAes192[]		= "http://www.w3.org/2001/04/xmlenc#kw-aes192";
+const xmlChar xmlSecNameKWAes192[]              = "kw-aes192";
+const xmlChar xmlSecHrefKWAes192[]              = "http://www.w3.org/2001/04/xmlenc#kw-aes192";
 
-const xmlChar xmlSecNameKWAes256[]		= "kw-aes256";
-const xmlChar xmlSecHrefKWAes256[]		= "http://www.w3.org/2001/04/xmlenc#kw-aes256";
+const xmlChar xmlSecNameKWAes256[]              = "kw-aes256";
+const xmlChar xmlSecHrefKWAes256[]              = "http://www.w3.org/2001/04/xmlenc#kw-aes256";
 
 /*************************************************************************
  *
  * BASE64 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameBase64[]		= "base64";
-const xmlChar xmlSecHrefBase64[]		= "http://www.w3.org/2000/09/xmldsig#base64";
+const xmlChar xmlSecNameBase64[]                = "base64";
+const xmlChar xmlSecHrefBase64[]                = "http://www.w3.org/2000/09/xmldsig#base64";
 
 /*************************************************************************
  *
  * C14N strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameC14N[]			= "c14n";
-const xmlChar xmlSecHrefC14N[]			= "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
+const xmlChar xmlSecNameC14N[]                  = "c14n";
+const xmlChar xmlSecHrefC14N[]                  = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
 
-const xmlChar xmlSecNameC14NWithComments[]	= "c14n-with-comments";
-const xmlChar xmlSecHrefC14NWithComments[]	= "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
+const xmlChar xmlSecNameC14NWithComments[]      = "c14n-with-comments";
+const xmlChar xmlSecHrefC14NWithComments[]      = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
 
-const xmlChar xmlSecNameC14N11[]		= "c14n11";
-const xmlChar xmlSecHrefC14N11[]		= "http://www.w3.org/2006/12/xml-c14n11";
+const xmlChar xmlSecNameC14N11[]                = "c14n11";
+const xmlChar xmlSecHrefC14N11[]                = "http://www.w3.org/2006/12/xml-c14n11";
 
-const xmlChar xmlSecNameC14N11WithComments[]	= "c14n11-with-comments";
-const xmlChar xmlSecHrefC14N11WithComments[]	= "http://www.w3.org/2006/12/xml-c14n11#WithComments";
+const xmlChar xmlSecNameC14N11WithComments[]    = "c14n11-with-comments";
+const xmlChar xmlSecHrefC14N11WithComments[]    = "http://www.w3.org/2006/12/xml-c14n11#WithComments";
 
-const xmlChar xmlSecNameExcC14N[]		= "exc-c14n";
-const xmlChar xmlSecHrefExcC14N[]		= "http://www.w3.org/2001/10/xml-exc-c14n#";
+const xmlChar xmlSecNameExcC14N[]               = "exc-c14n";
+const xmlChar xmlSecHrefExcC14N[]               = "http://www.w3.org/2001/10/xml-exc-c14n#";
 
-const xmlChar xmlSecNameExcC14NWithComments[]	= "exc-c14n-with-comments";
-const xmlChar xmlSecHrefExcC14NWithComments[]	= "http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
+const xmlChar xmlSecNameExcC14NWithComments[]   = "exc-c14n-with-comments";
+const xmlChar xmlSecHrefExcC14NWithComments[]   = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
 
-const xmlChar xmlSecNsExcC14N[]			= "http://www.w3.org/2001/10/xml-exc-c14n#";
-const xmlChar xmlSecNsExcC14NWithComments[]	= "http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
+const xmlChar xmlSecNsExcC14N[]                 = "http://www.w3.org/2001/10/xml-exc-c14n#";
+const xmlChar xmlSecNsExcC14NWithComments[]     = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
 
-const xmlChar xmlSecNodeInclusiveNamespaces[]	= "InclusiveNamespaces";
-const xmlChar xmlSecAttrPrefixList[]		= "PrefixList";
+const xmlChar xmlSecNodeInclusiveNamespaces[]   = "InclusiveNamespaces";
+const xmlChar xmlSecAttrPrefixList[]            = "PrefixList";
 
 /*************************************************************************
  *
  * DES strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameDESKeyValue[]		= "des";
-const xmlChar xmlSecNodeDESKeyValue[]		= "DESKeyValue";
-const xmlChar xmlSecHrefDESKeyValue[]		= "http://www.aleksey.com/xmlsec/2002#DESKeyValue";
+const xmlChar xmlSecNameDESKeyValue[]           = "des";
+const xmlChar xmlSecNodeDESKeyValue[]           = "DESKeyValue";
+const xmlChar xmlSecHrefDESKeyValue[]           = "http://www.aleksey.com/xmlsec/2002#DESKeyValue";
 
-const xmlChar xmlSecNameDes3Cbc[]		= "tripledes-cbc";
-const xmlChar xmlSecHrefDes3Cbc[]		= "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
+const xmlChar xmlSecNameDes3Cbc[]               = "tripledes-cbc";
+const xmlChar xmlSecHrefDes3Cbc[]               = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
 
-const xmlChar xmlSecNameKWDes3[]		= "kw-tripledes";
-const xmlChar xmlSecHrefKWDes3[]		= "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
+const xmlChar xmlSecNameKWDes3[]                = "kw-tripledes";
+const xmlChar xmlSecHrefKWDes3[]                = "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
 
 /*************************************************************************
  *
  * GOST2001 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameGOST2001KeyValue[]		= "gost2001";
-const xmlChar xmlSecNodeGOST2001KeyValue[]		= "gostr34102001-gostr3411";
-const xmlChar xmlSecHrefGOST2001KeyValue[]		= "http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411";
+const xmlChar xmlSecNameGOST2001KeyValue[]              = "gost2001";
+const xmlChar xmlSecNodeGOST2001KeyValue[]              = "gostr34102001-gostr3411";
+const xmlChar xmlSecHrefGOST2001KeyValue[]              = "http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411";
 
-const xmlChar xmlSecNameGost2001GostR3411_94[]		= "gostr34102001-gostr3411";
-const xmlChar xmlSecHrefGost2001GostR3411_94[]		= "http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411";
+const xmlChar xmlSecNameGost2001GostR3411_94[]          = "gostr34102001-gostr3411";
+const xmlChar xmlSecHrefGost2001GostR3411_94[]          = "http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411";
 
 /*************************************************************************
  *
  * DSA strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameDSAKeyValue[]		= "dsa";
-const xmlChar xmlSecNodeDSAKeyValue[]		= "DSAKeyValue";
-const xmlChar xmlSecHrefDSAKeyValue[]		= "http://www.w3.org/2000/09/xmldsig#DSAKeyValue";
-const xmlChar xmlSecNodeDSAP[]			= "P";
-const xmlChar xmlSecNodeDSAQ[]			= "Q";
-const xmlChar xmlSecNodeDSAG[]			= "G";
-const xmlChar xmlSecNodeDSAJ[]			= "J";
-const xmlChar xmlSecNodeDSAX[]			= "X";
-const xmlChar xmlSecNodeDSAY[]			= "Y";
-const xmlChar xmlSecNodeDSASeed[]		= "Seed";
-const xmlChar xmlSecNodeDSAPgenCounter[]	= "PgenCounter";
+const xmlChar xmlSecNameDSAKeyValue[]           = "dsa";
+const xmlChar xmlSecNodeDSAKeyValue[]           = "DSAKeyValue";
+const xmlChar xmlSecHrefDSAKeyValue[]           = "http://www.w3.org/2000/09/xmldsig#DSAKeyValue";
+const xmlChar xmlSecNodeDSAP[]                  = "P";
+const xmlChar xmlSecNodeDSAQ[]                  = "Q";
+const xmlChar xmlSecNodeDSAG[]                  = "G";
+const xmlChar xmlSecNodeDSAJ[]                  = "J";
+const xmlChar xmlSecNodeDSAX[]                  = "X";
+const xmlChar xmlSecNodeDSAY[]                  = "Y";
+const xmlChar xmlSecNodeDSASeed[]               = "Seed";
+const xmlChar xmlSecNodeDSAPgenCounter[]        = "PgenCounter";
+
+const xmlChar xmlSecNameDsaSha1[]               = "dsa-sha1";
+const xmlChar xmlSecHrefDsaSha1[]               = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
+
+const xmlChar xmlSecNameDsaSha256[]             = "dsa-sha256";
+const xmlChar xmlSecHrefDsaSha256[]             = "http://www.w3.org/2009/xmldsig11#dsa-sha256";
 
-const xmlChar xmlSecNameDsaSha1[]		= "dsa-sha1";
-const xmlChar xmlSecHrefDsaSha1[]		= "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
+/*************************************************************************
+ *
+ * ECDSA strings
+ *
+ ************************************************************************/
+/* XXX-MAK: More constants will be needed later. */
+const xmlChar xmlSecNameECDSAKeyValue[]         = "ecdsa";
+const xmlChar xmlSecNodeECDSAKeyValue[]         = "ECDSAKeyValue";
+const xmlChar xmlSecHrefECDSAKeyValue[]         = "http://scap.nist.gov/specifications/tmsad/#resource-1.0";
+const xmlChar xmlSecNodeECDSAP[]                = "P";
+const xmlChar xmlSecNodeECDSAQ[]                = "Q";
+const xmlChar xmlSecNodeECDSAG[]                = "G";
+const xmlChar xmlSecNodeECDSAJ[]                = "J";
+const xmlChar xmlSecNodeECDSAX[]                = "X";
+const xmlChar xmlSecNodeECDSAY[]                = "Y";
+const xmlChar xmlSecNodeECDSASeed[]             = "Seed";
+const xmlChar xmlSecNodeECDSAPgenCounter[]      = "PgenCounter";
+
+const xmlChar xmlSecNameEcdsaSha1[]             = "ecdsa-sha1";
+const xmlChar xmlSecHrefEcdsaSha1[]             = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1";
+
+const xmlChar xmlSecNameEcdsaSha224[]           = "ecdsa-sha224";
+const xmlChar xmlSecHrefEcdsaSha224[]           = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224";
+
+const xmlChar xmlSecNameEcdsaSha256[]           = "ecdsa-sha256";
+const xmlChar xmlSecHrefEcdsaSha256[]           = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256";
+
+const xmlChar xmlSecNameEcdsaSha384[]           = "ecdsa-sha384";
+const xmlChar xmlSecHrefEcdsaSha384[]           = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384";
+
+const xmlChar xmlSecNameEcdsaSha512[]           = "ecdsa-sha512";
+const xmlChar xmlSecHrefEcdsaSha512[]           = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512";
 
 /*************************************************************************
  *
  * EncryptedKey
  *
  ************************************************************************/
-const xmlChar xmlSecNameEncryptedKey[]		= "enc-key";
-const xmlChar xmlSecNodeEncryptedKey[]		= "EncryptedKey";
-const xmlChar xmlSecHrefEncryptedKey[]		= "http://www.w3.org/2001/04/xmlenc#EncryptedKey";
+const xmlChar xmlSecNameEncryptedKey[]          = "enc-key";
+const xmlChar xmlSecNodeEncryptedKey[]          = "EncryptedKey";
+const xmlChar xmlSecHrefEncryptedKey[]          = "http://www.w3.org/2001/04/xmlenc#EncryptedKey";
 
 /*************************************************************************
  *
  * Enveloped transform strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameEnveloped[]		= "enveloped-signature";
-const xmlChar xmlSecHrefEnveloped[]		= "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
+const xmlChar xmlSecNameEnveloped[]             = "enveloped-signature";
+const xmlChar xmlSecHrefEnveloped[]             = "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
 
 /*************************************************************************
  *
  * HMAC strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameHMACKeyValue[]		= "hmac";
-const xmlChar xmlSecNodeHMACKeyValue[]		= "HMACKeyValue";
-const xmlChar xmlSecHrefHMACKeyValue[]		= "http://www.aleksey.com/xmlsec/2002#HMACKeyValue";
+const xmlChar xmlSecNameHMACKeyValue[]          = "hmac";
+const xmlChar xmlSecNodeHMACKeyValue[]          = "HMACKeyValue";
+const xmlChar xmlSecHrefHMACKeyValue[]          = "http://www.aleksey.com/xmlsec/2002#HMACKeyValue";
 
-const xmlChar xmlSecNodeHMACOutputLength[] 	= "HMACOutputLength";
+const xmlChar xmlSecNodeHMACOutputLength[]      = "HMACOutputLength";
 
-const xmlChar xmlSecNameHmacMd5[]		= "hmac-md5";
-const xmlChar xmlSecHrefHmacMd5[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
+const xmlChar xmlSecNameHmacMd5[]               = "hmac-md5";
+const xmlChar xmlSecHrefHmacMd5[]               = "http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
 
-const xmlChar xmlSecNameHmacRipemd160[]		= "hmac-ripemd160";
-const xmlChar xmlSecHrefHmacRipemd160[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
+const xmlChar xmlSecNameHmacRipemd160[]         = "hmac-ripemd160";
+const xmlChar xmlSecHrefHmacRipemd160[]         = "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
 
-const xmlChar xmlSecNameHmacSha1[]		= "hmac-sha1";
-const xmlChar xmlSecHrefHmacSha1[]		= "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
+const xmlChar xmlSecNameHmacSha1[]              = "hmac-sha1";
+const xmlChar xmlSecHrefHmacSha1[]              = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
 
-const xmlChar xmlSecNameHmacSha224[]		= "hmac-sha224";
-const xmlChar xmlSecHrefHmacSha224[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-sha224";
+const xmlChar xmlSecNameHmacSha224[]            = "hmac-sha224";
+const xmlChar xmlSecHrefHmacSha224[]            = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha224";
 
-const xmlChar xmlSecNameHmacSha256[]		= "hmac-sha256";
-const xmlChar xmlSecHrefHmacSha256[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
+const xmlChar xmlSecNameHmacSha256[]            = "hmac-sha256";
+const xmlChar xmlSecHrefHmacSha256[]            = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
 
-const xmlChar xmlSecNameHmacSha384[]		= "hmac-sha384";
-const xmlChar xmlSecHrefHmacSha384[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
+const xmlChar xmlSecNameHmacSha384[]            = "hmac-sha384";
+const xmlChar xmlSecHrefHmacSha384[]            = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
 
-const xmlChar xmlSecNameHmacSha512[]		= "hmac-sha512";
-const xmlChar xmlSecHrefHmacSha512[]		= "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
+const xmlChar xmlSecNameHmacSha512[]            = "hmac-sha512";
+const xmlChar xmlSecHrefHmacSha512[]            = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
 
 /*************************************************************************
  *
  * KeyName strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameKeyName[]		= "key-name";
-const xmlChar xmlSecNodeKeyName[]		= "KeyName";
+const xmlChar xmlSecNameKeyName[]               = "key-name";
+const xmlChar xmlSecNodeKeyName[]               = "KeyName";
 
 /*************************************************************************
  *
  * KeyValue strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameKeyValue[]		= "key-value";
-const xmlChar xmlSecNodeKeyValue[]		= "KeyValue";
+const xmlChar xmlSecNameKeyValue[]              = "key-value";
+const xmlChar xmlSecNodeKeyValue[]              = "KeyValue";
 
 /*************************************************************************
  *
  * Memory Buffer strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameMemBuf[]		= "membuf-transform";
+const xmlChar xmlSecNameMemBuf[]                = "membuf-transform";
 
 /*************************************************************************
  *
  * MD5 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameMd5[]			= "md5";
-const xmlChar xmlSecHrefMd5[]			= "http://www.w3.org/2001/04/xmldsig-more#md5";
+const xmlChar xmlSecNameMd5[]                   = "md5";
+const xmlChar xmlSecHrefMd5[]                   = "http://www.w3.org/2001/04/xmldsig-more#md5";
 
 /*************************************************************************
  *
  * RetrievalMethod
  *
  ************************************************************************/
-const xmlChar xmlSecNameRetrievalMethod[] 	= "retrieval-method";
-const xmlChar xmlSecNodeRetrievalMethod[] 	= "RetrievalMethod";
+const xmlChar xmlSecNameRetrievalMethod[]       = "retrieval-method";
+const xmlChar xmlSecNodeRetrievalMethod[]       = "RetrievalMethod";
 
 /*************************************************************************
  *
  * RIPEMD160 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameRipemd160[]		= "ripemd160";
-const xmlChar xmlSecHrefRipemd160[]		= "http://www.w3.org/2001/04/xmlenc#ripemd160";
+const xmlChar xmlSecNameRipemd160[]             = "ripemd160";
+const xmlChar xmlSecHrefRipemd160[]             = "http://www.w3.org/2001/04/xmlenc#ripemd160";
 
 /*************************************************************************
  *
  * RSA strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameRSAKeyValue[]		= "rsa";
-const xmlChar xmlSecNodeRSAKeyValue[]		= "RSAKeyValue";
-const xmlChar xmlSecHrefRSAKeyValue[]		= "http://www.w3.org/2000/09/xmldsig#RSAKeyValue";
-const xmlChar xmlSecNodeRSAModulus[]		= "Modulus";
-const xmlChar xmlSecNodeRSAExponent[]		= "Exponent";
-const xmlChar xmlSecNodeRSAPrivateExponent[] 	= "PrivateExponent";
+const xmlChar xmlSecNameRSAKeyValue[]           = "rsa";
+const xmlChar xmlSecNodeRSAKeyValue[]           = "RSAKeyValue";
+const xmlChar xmlSecHrefRSAKeyValue[]           = "http://www.w3.org/2000/09/xmldsig#RSAKeyValue";
+const xmlChar xmlSecNodeRSAModulus[]            = "Modulus";
+const xmlChar xmlSecNodeRSAExponent[]           = "Exponent";
+const xmlChar xmlSecNodeRSAPrivateExponent[]    = "PrivateExponent";
 
-const xmlChar xmlSecNameRsaMd5[]		= "rsa-md5";
-const xmlChar xmlSecHrefRsaMd5[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-md5";
+const xmlChar xmlSecNameRsaMd5[]                = "rsa-md5";
+const xmlChar xmlSecHrefRsaMd5[]                = "http://www.w3.org/2001/04/xmldsig-more#rsa-md5";
 
-const xmlChar xmlSecNameRsaRipemd160[]		= "rsa-ripemd160";
-const xmlChar xmlSecHrefRsaRipemd160[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
+const xmlChar xmlSecNameRsaRipemd160[]          = "rsa-ripemd160";
+const xmlChar xmlSecHrefRsaRipemd160[]          = "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
 
-const xmlChar xmlSecNameRsaSha1[]		= "rsa-sha1";
-const xmlChar xmlSecHrefRsaSha1[]		= "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
+const xmlChar xmlSecNameRsaSha1[]               = "rsa-sha1";
+const xmlChar xmlSecHrefRsaSha1[]               = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
 
-const xmlChar xmlSecNameRsaSha224[]		= "rsa-sha224";
-const xmlChar xmlSecHrefRsaSha224[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224";
+const xmlChar xmlSecNameRsaSha224[]             = "rsa-sha224";
+const xmlChar xmlSecHrefRsaSha224[]             = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224";
 
-const xmlChar xmlSecNameRsaSha256[]		= "rsa-sha256";
-const xmlChar xmlSecHrefRsaSha256[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
+const xmlChar xmlSecNameRsaSha256[]             = "rsa-sha256";
+const xmlChar xmlSecHrefRsaSha256[]             = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
 
-const xmlChar xmlSecNameRsaSha384[]		= "rsa-sha384";
-const xmlChar xmlSecHrefRsaSha384[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
+const xmlChar xmlSecNameRsaSha384[]             = "rsa-sha384";
+const xmlChar xmlSecHrefRsaSha384[]             = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
 
-const xmlChar xmlSecNameRsaSha512[]		= "rsa-sha512";
-const xmlChar xmlSecHrefRsaSha512[]		= "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
+const xmlChar xmlSecNameRsaSha512[]             = "rsa-sha512";
+const xmlChar xmlSecHrefRsaSha512[]             = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
 
-const xmlChar xmlSecNameRsaPkcs1[]		= "rsa-1_5";
-const xmlChar xmlSecHrefRsaPkcs1[]		= "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
+const xmlChar xmlSecNameRsaPkcs1[]              = "rsa-1_5";
+const xmlChar xmlSecHrefRsaPkcs1[]              = "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
 
-const xmlChar xmlSecNameRsaOaep[]		= "rsa-oaep-mgf1p";
-const xmlChar xmlSecHrefRsaOaep[]		= "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
-const xmlChar xmlSecNodeRsaOAEPparams[]		= "OAEPparams";
+const xmlChar xmlSecNameRsaOaep[]               = "rsa-oaep-mgf1p";
+const xmlChar xmlSecHrefRsaOaep[]               = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
+const xmlChar xmlSecNodeRsaOAEPparams[]         = "OAEPparams";
 
 /*************************************************************************
  *
  * GOSTR3411_94 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameGostR3411_94[]			= "gostr3411";
-const xmlChar xmlSecHrefGostR3411_94[]			= "http://www.w3.org/2001/04/xmldsig-more#gostr3411";
+const xmlChar xmlSecNameGostR3411_94[]                  = "gostr3411";
+const xmlChar xmlSecHrefGostR3411_94[]                  = "http://www.w3.org/2001/04/xmldsig-more#gostr3411";
 
 /*************************************************************************
  *
  * SHA1 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameSha1[]			= "sha1";
-const xmlChar xmlSecHrefSha1[]			= "http://www.w3.org/2000/09/xmldsig#sha1";
+const xmlChar xmlSecNameSha1[]                  = "sha1";
+const xmlChar xmlSecHrefSha1[]                  = "http://www.w3.org/2000/09/xmldsig#sha1";
 
-const xmlChar xmlSecNameSha224[]		= "sha224";
-const xmlChar xmlSecHrefSha224[]		= "http://www.w3.org/2001/04/xmldsig-more#sha224";
+const xmlChar xmlSecNameSha224[]                = "sha224";
+const xmlChar xmlSecHrefSha224[]                = "http://www.w3.org/2001/04/xmldsig-more#sha224";
 
-const xmlChar xmlSecNameSha256[]		= "sha256";
-const xmlChar xmlSecHrefSha256[]		= "http://www.w3.org/2001/04/xmlenc#sha256";
+const xmlChar xmlSecNameSha256[]                = "sha256";
+const xmlChar xmlSecHrefSha256[]                = "http://www.w3.org/2001/04/xmlenc#sha256";
 
-const xmlChar xmlSecNameSha384[]		= "sha384";
-const xmlChar xmlSecHrefSha384[]		= "http://www.w3.org/2001/04/xmldsig-more#sha384";
+const xmlChar xmlSecNameSha384[]                = "sha384";
+const xmlChar xmlSecHrefSha384[]                = "http://www.w3.org/2001/04/xmldsig-more#sha384";
 
-const xmlChar xmlSecNameSha512[]		= "sha512";
-const xmlChar xmlSecHrefSha512[]		= "http://www.w3.org/2001/04/xmlenc#sha512";
+const xmlChar xmlSecNameSha512[]                = "sha512";
+const xmlChar xmlSecHrefSha512[]                = "http://www.w3.org/2001/04/xmlenc#sha512";
 
 /*************************************************************************
  *
  * X509 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameX509Data[]		= "x509";
-const xmlChar xmlSecNodeX509Data[]		= "X509Data";
-const xmlChar xmlSecHrefX509Data[]		= "http://www.w3.org/2000/09/xmldsig#X509Data";
+const xmlChar xmlSecNameX509Data[]              = "x509";
+const xmlChar xmlSecNodeX509Data[]              = "X509Data";
+const xmlChar xmlSecHrefX509Data[]              = "http://www.w3.org/2000/09/xmldsig#X509Data";
 
-const xmlChar xmlSecNodeX509Certificate[]	= "X509Certificate";
-const xmlChar xmlSecNodeX509CRL[]		= "X509CRL";
-const xmlChar xmlSecNodeX509SubjectName[]	= "X509SubjectName";
-const xmlChar xmlSecNodeX509IssuerSerial[]	= "X509IssuerSerial";
-const xmlChar xmlSecNodeX509IssuerName[]	= "X509IssuerName";
-const xmlChar xmlSecNodeX509SerialNumber[]	= "X509SerialNumber";
-const xmlChar xmlSecNodeX509SKI[]		= "X509SKI";
+const xmlChar xmlSecNodeX509Certificate[]       = "X509Certificate";
+const xmlChar xmlSecNodeX509CRL[]               = "X509CRL";
+const xmlChar xmlSecNodeX509SubjectName[]       = "X509SubjectName";
+const xmlChar xmlSecNodeX509IssuerSerial[]      = "X509IssuerSerial";
+const xmlChar xmlSecNodeX509IssuerName[]        = "X509IssuerName";
+const xmlChar xmlSecNodeX509SerialNumber[]      = "X509SerialNumber";
+const xmlChar xmlSecNodeX509SKI[]               = "X509SKI";
 
-const xmlChar xmlSecNameRawX509Cert[]		= "raw-x509-cert";
-const xmlChar xmlSecHrefRawX509Cert[]		= "http://www.w3.org/2000/09/xmldsig#rawX509Certificate";
+const xmlChar xmlSecNameRawX509Cert[]           = "raw-x509-cert";
+const xmlChar xmlSecHrefRawX509Cert[]           = "http://www.w3.org/2000/09/xmldsig#rawX509Certificate";
 
-const xmlChar xmlSecNameX509Store[]		= "x509-store";
+const xmlChar xmlSecNameX509Store[]             = "x509-store";
 
 /*************************************************************************
  *
  * PGP strings
  *
  ************************************************************************/
-const xmlChar xmlSecNamePGPData[]		= "pgp";
-const xmlChar xmlSecNodePGPData[]		= "PGPData";
-const xmlChar xmlSecHrefPGPData[]		= "http://www.w3.org/2000/09/xmldsig#PGPData";
+const xmlChar xmlSecNamePGPData[]               = "pgp";
+const xmlChar xmlSecNodePGPData[]               = "PGPData";
+const xmlChar xmlSecHrefPGPData[]               = "http://www.w3.org/2000/09/xmldsig#PGPData";
 
 /*************************************************************************
  *
  * SPKI strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameSPKIData[]		= "spki";
-const xmlChar xmlSecNodeSPKIData[]		= "SPKIData";
-const xmlChar xmlSecHrefSPKIData[]		= "http://www.w3.org/2000/09/xmldsig#SPKIData";
+const xmlChar xmlSecNameSPKIData[]              = "spki";
+const xmlChar xmlSecNodeSPKIData[]              = "SPKIData";
+const xmlChar xmlSecHrefSPKIData[]              = "http://www.w3.org/2000/09/xmldsig#SPKIData";
 
 /*************************************************************************
  *
  * XPath/XPointer strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameXPath[]			= "xpath";
-const xmlChar xmlSecNodeXPath[]			= "XPath";
+const xmlChar xmlSecNameXPath[]                 = "xpath";
+const xmlChar xmlSecNodeXPath[]                 = "XPath";
 
-const xmlChar xmlSecNameXPath2[]		= "xpath2";
-const xmlChar xmlSecNodeXPath2[]		= "XPath";
-const xmlChar xmlSecXPath2FilterIntersect[]	= "intersect";
-const xmlChar xmlSecXPath2FilterSubtract[]	= "subtract";
-const xmlChar xmlSecXPath2FilterUnion[]		= "union";
+const xmlChar xmlSecNameXPath2[]                = "xpath2";
+const xmlChar xmlSecNodeXPath2[]                = "XPath";
+const xmlChar xmlSecXPath2FilterIntersect[]     = "intersect";
+const xmlChar xmlSecXPath2FilterSubtract[]      = "subtract";
+const xmlChar xmlSecXPath2FilterUnion[]         = "union";
 
-const xmlChar xmlSecNameXPointer[]		= "xpointer";
-const xmlChar xmlSecNodeXPointer[]		= "XPointer";
+const xmlChar xmlSecNameXPointer[]              = "xpointer";
+const xmlChar xmlSecNodeXPointer[]              = "XPointer";
 
 /*************************************************************************
  *
  * Xslt strings
  *
  ************************************************************************/
-const xmlChar xmlSecNameXslt[]			= "xslt";
-const xmlChar xmlSecHrefXslt[]			= "http://www.w3.org/TR/1999/REC-xslt-19991116";
+const xmlChar xmlSecNameXslt[]                  = "xslt";
+const xmlChar xmlSecHrefXslt[]                  = "http://www.w3.org/TR/1999/REC-xslt-19991116";
 
 #ifndef XMLSEC_NO_SOAP
 /*************************************************************************
@@ -557,31 +593,31 @@ const xmlChar xmlSecHrefXslt[]			= "http://www.w3.org/TR/1999/REC-xslt-19991116"
  * SOAP 1.1/1.2 strings
  *
  ************************************************************************/
-const xmlChar xmlSecNodeEnvelope[]		= "Envelope";
-const xmlChar xmlSecNodeHeader[]		= "Header";
-const xmlChar xmlSecNodeBody[]		        = "Body";
-const xmlChar xmlSecNodeFault[]		        = "Fault";
-const xmlChar xmlSecNodeFaultCode[]		= "faultcode";
-const xmlChar xmlSecNodeFaultString[]	        = "faultstring";
-const xmlChar xmlSecNodeFaultActor[]	        = "faultactor";
-const xmlChar xmlSecNodeFaultDetail[]	        = "detail";
-const xmlChar xmlSecNodeCode[]			= "Code";
-const xmlChar xmlSecNodeReason[]		= "Reason";
-const xmlChar xmlSecNodeNode[]			= "Node";
-const xmlChar xmlSecNodeRole[]			= "Role";
-const xmlChar xmlSecNodeDetail[]		= "Detail";
-const xmlChar xmlSecNodeValue[]			= "Value";
-const xmlChar xmlSecNodeSubcode[]		= "Subcode";
-const xmlChar xmlSecNodeText[]			= "Text";
-
-
-const xmlChar xmlSecSoapFaultCodeVersionMismatch[] 	= "VersionMismatch";
-const xmlChar xmlSecSoapFaultCodeMustUnderstand[]	= "MustUnderstand";
-const xmlChar xmlSecSoapFaultCodeClient[]		= "Client";
-const xmlChar xmlSecSoapFaultCodeServer[]		= "Server";
-const xmlChar xmlSecSoapFaultCodeReceiver[]		= "Receiver";
-const xmlChar xmlSecSoapFaultCodeSender[]		= "Sender";
-const xmlChar xmlSecSoapFaultDataEncodningUnknown[]	= "DataEncodingUnknown";
+const xmlChar xmlSecNodeEnvelope[]              = "Envelope";
+const xmlChar xmlSecNodeHeader[]                = "Header";
+const xmlChar xmlSecNodeBody[]                  = "Body";
+const xmlChar xmlSecNodeFault[]                 = "Fault";
+const xmlChar xmlSecNodeFaultCode[]             = "faultcode";
+const xmlChar xmlSecNodeFaultString[]           = "faultstring";
+const xmlChar xmlSecNodeFaultActor[]            = "faultactor";
+const xmlChar xmlSecNodeFaultDetail[]           = "detail";
+const xmlChar xmlSecNodeCode[]                  = "Code";
+const xmlChar xmlSecNodeReason[]                = "Reason";
+const xmlChar xmlSecNodeNode[]                  = "Node";
+const xmlChar xmlSecNodeRole[]                  = "Role";
+const xmlChar xmlSecNodeDetail[]                = "Detail";
+const xmlChar xmlSecNodeValue[]                 = "Value";
+const xmlChar xmlSecNodeSubcode[]               = "Subcode";
+const xmlChar xmlSecNodeText[]                  = "Text";
+
+
+const xmlChar xmlSecSoapFaultCodeVersionMismatch[]      = "VersionMismatch";
+const xmlChar xmlSecSoapFaultCodeMustUnderstand[]       = "MustUnderstand";
+const xmlChar xmlSecSoapFaultCodeClient[]               = "Client";
+const xmlChar xmlSecSoapFaultCodeServer[]               = "Server";
+const xmlChar xmlSecSoapFaultCodeReceiver[]             = "Receiver";
+const xmlChar xmlSecSoapFaultCodeSender[]               = "Sender";
+const xmlChar xmlSecSoapFaultDataEncodningUnknown[]     = "DataEncodingUnknown";
 
 
 #endif /* XMLSEC_NO_SOAP */
@@ -591,11 +627,7 @@ const xmlChar xmlSecSoapFaultDataEncodningUnknown[]	= "DataEncodingUnknown";
  * Utility strings
  *
  ************************************************************************/
-const xmlChar xmlSecStringEmpty[]		= "";
-const xmlChar xmlSecStringCR[]			= "\n";
-
-
-
-
+const xmlChar xmlSecStringEmpty[]               = "";
+const xmlChar xmlSecStringCR[]                  = "\n";
 
 
diff --git a/src/templates.c b/src/templates.c
index 67cadb14..2270db67 100644
--- a/src/templates.c
+++ b/src/templates.c
@@ -1,18 +1,18 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Creating signature and encryption templates.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 
 #include <xmlsec/xmlsec.h>
@@ -24,15 +24,15 @@
 #include <xmlsec/errors.h>
 
 
-static xmlNodePtr 	xmlSecTmplAddReference		(xmlNodePtr parentNode, 
-							 xmlSecTransformId digestMethodId,
-							 const xmlChar *id, 
-							 const xmlChar *uri, 
-							 const xmlChar *type);
-static int	 	xmlSecTmplPrepareEncData	(xmlNodePtr parentNode, 
-							 xmlSecTransformId encMethodId);
-static int 		xmlSecTmplNodeWriteNsList	(xmlNodePtr parentNode, 
-							 const xmlChar** namespaces);
+static xmlNodePtr       xmlSecTmplAddReference          (xmlNodePtr parentNode,
+                                                         xmlSecTransformId digestMethodId,
+                                                         const xmlChar *id,
+                                                         const xmlChar *uri,
+                                                         const xmlChar *type);
+static int              xmlSecTmplPrepareEncData        (xmlNodePtr parentNode,
+                                                         xmlSecTransformId encMethodId);
+static int              xmlSecTmplNodeWriteNsList       (xmlNodePtr parentNode,
+                                                         const xmlChar** namespaces);
 /**************************************************************************
  *
  * <dsig:Signature/> node
@@ -40,39 +40,39 @@ static int 		xmlSecTmplNodeWriteNsList	(xmlNodePtr parentNode,
  **************************************************************************/
 /**
  * xmlSecTmplSignatureCreate:
- * @doc: 		the pointer to signature document or NULL; in the 
- *			second case, application must later call @xmlSetTreeDoc
- *			to ensure that all the children nodes have correct 
- *			pointer to XML document.
- * @c14nMethodId: 	the signature canonicalization method.
- * @signMethodId: 	the signature  method.
- * @id: 		the node id (may be NULL).
- *
- * Creates new <dsig:Signature/> node with the mandatory <dsig:SignedInfo/>, 
- * <dsig:CanonicalizationMethod/>, <dsig:SignatureMethod/> and 
- * <dsig:SignatureValue/> children and sub-children. 
+ * @doc:                the pointer to signature document or NULL; in the
+ *                      second case, application must later call @xmlSetTreeDoc
+ *                      to ensure that all the children nodes have correct
+ *                      pointer to XML document.
+ * @c14nMethodId:       the signature canonicalization method.
+ * @signMethodId:       the signature  method.
+ * @id:                 the node id (may be NULL).
+ *
+ * Creates new <dsig:Signature/> node with the mandatory <dsig:SignedInfo/>,
+ * <dsig:CanonicalizationMethod/>, <dsig:SignatureMethod/> and
+ * <dsig:SignatureValue/> children and sub-children.
  * The application is responsible for inserting the returned node
- * in the XML document. 
+ * in the XML document.
  *
- * Returns: the pointer to newly created <dsig:Signature/> node or NULL if an 
+ * Returns: the pointer to newly created <dsig:Signature/> node or NULL if an
  * error occurs.
  */
 xmlNodePtr
 xmlSecTmplSignatureCreate(xmlDocPtr doc, xmlSecTransformId c14nMethodId,
-		      xmlSecTransformId signMethodId, const xmlChar *id) {
+                      xmlSecTransformId signMethodId, const xmlChar *id) {
     return xmlSecTmplSignatureCreateNsPref(doc, c14nMethodId, signMethodId, id, NULL);
 }
 
 /**
  * xmlSecTmplSignatureCreateNsPref:
- * @doc: 		the pointer to signature document or NULL; in the 
- *			second case, application must later call @xmlSetTreeDoc
- *			to ensure that all the children nodes have correct 
- *			pointer to XML document.
- * @c14nMethodId: 	the signature canonicalization method.
- * @signMethodId: 	the signature  method.
- * @id: 		the node id (may be NULL).
- * @nsPrefix:	the namespace prefix for the signature element (e.g. "dsig"), or NULL 
+ * @doc:                the pointer to signature document or NULL; in the
+ *                      second case, application must later call @xmlSetTreeDoc
+ *                      to ensure that all the children nodes have correct
+ *                      pointer to XML document.
+ * @c14nMethodId:       the signature canonicalization method.
+ * @signMethodId:       the signature  method.
+ * @id:                 the node id (may be NULL).
+ * @nsPrefix:   the namespace prefix for the signature element (e.g. "dsig"), or NULL
  *
  * Creates new <dsig:Signature/> node with the mandatory
  * <dsig:SignedInfo/>, <dsig:CanonicalizationMethod/>,
@@ -83,7 +83,7 @@ xmlSecTmplSignatureCreate(xmlDocPtr doc, xmlSecTransformId c14nMethodId,
  * appropriate child nodes.  The application is responsible for
  * inserting the returned node in the XML document.
  *
- * Returns: the pointer to newly created <dsig:Signature/> node or NULL if an 
+ * Returns: the pointer to newly created <dsig:Signature/> node or NULL if an
  * error occurs.
  */
 xmlNodePtr
@@ -94,209 +94,209 @@ xmlSecTmplSignatureCreateNsPref(xmlDocPtr doc, xmlSecTransformId c14nMethodId,
     xmlNodePtr signedInfoNode;
     xmlNodePtr cur;
     xmlNsPtr ns;
-    
+
     xmlSecAssert2(c14nMethodId != NULL, NULL);
     xmlSecAssert2(c14nMethodId->href != NULL, NULL);
     xmlSecAssert2(signMethodId != NULL, NULL);
     xmlSecAssert2(signMethodId->href != NULL, NULL);
-    
+
     /* create Signature node itself */
     signNode = xmlNewDocNode(doc, NULL, xmlSecNodeSignature, NULL);
     if(signNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewDocNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignature));
-	return(NULL);	            
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDocNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignature));
+        return(NULL);
+    }
+
     ns = xmlNewNs(signNode, xmlSecDSigNs, nsPrefix);
     if(ns == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNs",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "ns=%s",
-		    xmlSecErrorsSafeString(xmlSecDSigNs));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "ns=%s",
+                    xmlSecErrorsSafeString(xmlSecDSigNs));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
     xmlSetNs(signNode, ns);
-    
+
     if(id != NULL) {
-	xmlSetProp(signNode, BAD_CAST "Id", id);
+        xmlSetProp(signNode, BAD_CAST "Id", id);
     }
 
-    /* add SignedInfo node */    
+    /* add SignedInfo node */
     signedInfoNode = xmlSecAddChild(signNode, xmlSecNodeSignedInfo, xmlSecDSigNs);
     if(signedInfoNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignedInfo));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignedInfo));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
 
-    /* add SignatureValue node */    
+    /* add SignatureValue node */
     cur = xmlSecAddChild(signNode, xmlSecNodeSignatureValue, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignatureValue));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignatureValue));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
 
     /* add CanonicaizationMethod node to SignedInfo */
     cur = xmlSecAddChild(signedInfoNode, xmlSecNodeCanonicalizationMethod, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeCanonicalizationMethod));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCanonicalizationMethod));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
     if(xmlSetProp(cur, xmlSecAttrAlgorithm, c14nMethodId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(c14nMethodId->href));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(c14nMethodId->href));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
 
     /* add SignatureMethod node to SignedInfo */
     cur = xmlSecAddChild(signedInfoNode, xmlSecNodeSignatureMethod, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignatureMethod));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignatureMethod));
+        xmlFreeNode(signNode);
+        return(NULL);
     }
     if(xmlSetProp(cur, xmlSecAttrAlgorithm, signMethodId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(signMethodId->href));
-	xmlFreeNode(signNode);
-	return(NULL);	        	
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(signMethodId->href));
+        xmlFreeNode(signNode);
+        return(NULL);
+    }
+
     return(signNode);
 }
 
 /**
  * xmlSecTmplSignatureEnsureKeyInfo:
- * @signNode: 		the  pointer to <dsig:Signature/> node.
- * @id: 		the node id (may be NULL).
+ * @signNode:           the  pointer to <dsig:Signature/> node.
+ * @id:                 the node id (may be NULL).
  *
- * Adds (if necessary) <dsig:KeyInfo/> node to the <dsig:Signature/> 
- * node @signNode. 
+ * Adds (if necessary) <dsig:KeyInfo/> node to the <dsig:Signature/>
+ * node @signNode.
  *
- * Returns: the pointer to newly created <dsig:KeyInfo/> node or NULL if an 
+ * Returns: the pointer to newly created <dsig:KeyInfo/> node or NULL if an
  * error occurs.
  */
 xmlNodePtr
 xmlSecTmplSignatureEnsureKeyInfo(xmlNodePtr signNode, const xmlChar *id) {
     xmlNodePtr res;
-    
+
     xmlSecAssert2(signNode != NULL, NULL);
 
     res = xmlSecFindChild(signNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
     if(res == NULL) {
-	xmlNodePtr signValueNode;
-    
+        xmlNodePtr signValueNode;
+
         signValueNode = xmlSecFindChild(signNode, xmlSecNodeSignatureValue, xmlSecDSigNs);
-	if(signValueNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			xmlSecErrorsSafeString(xmlSecNodeSignatureValue),
-		        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-
-	res = xmlSecAddNextSibling(signValueNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
-	if(res == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecAddNextSibling",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    return(NULL);	        	
-	}
+        if(signValueNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        xmlSecErrorsSafeString(xmlSecNodeSignatureValue),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+
+        res = xmlSecAddNextSibling(signValueNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddNextSibling",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            return(NULL);
+        }
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
-    return(res);        
-}         
+    return(res);
+}
 
 /**
  * xmlSecTmplSignatureAddReference:
- * @signNode: 		the pointer to <dsig:Signature/> node.
- * @digestMethodId:	the reference digest method.
- * @id: 		the node id (may be NULL).
- * @uri: 		the reference node uri (may be NULL).
- * @type: 		the reference node type (may be NULL).
+ * @signNode:           the pointer to <dsig:Signature/> node.
+ * @digestMethodId:     the reference digest method.
+ * @id:                 the node id (may be NULL).
+ * @uri:                the reference node uri (may be NULL).
+ * @type:               the reference node type (may be NULL).
  *
- * Adds <dsig:Reference/> node with given URI (@uri), Id (@id) and 
+ * Adds <dsig:Reference/> node with given URI (@uri), Id (@id) and
  * Type (@type) attributes and the required children <dsig:DigestMethod/> and
- * <dsig:DigestValue/> to the <dsig:SignedInfo/> child of @signNode. 
+ * <dsig:DigestValue/> to the <dsig:SignedInfo/> child of @signNode.
  *
- * Returns: the pointer to newly created <dsig:Reference/> node or NULL 
+ * Returns: the pointer to newly created <dsig:Reference/> node or NULL
  * if an error occurs.
  */
-xmlNodePtr	
+xmlNodePtr
 xmlSecTmplSignatureAddReference(xmlNodePtr signNode, xmlSecTransformId digestMethodId,
-		    const xmlChar *id, const xmlChar *uri, const xmlChar *type) {
+                    const xmlChar *id, const xmlChar *uri, const xmlChar *type) {
     xmlNodePtr signedInfoNode;
-    
+
     xmlSecAssert2(signNode != NULL, NULL);
     xmlSecAssert2(digestMethodId != NULL, NULL);
     xmlSecAssert2(digestMethodId->href != NULL, NULL);
 
     signedInfoNode = xmlSecFindChild(signNode, xmlSecNodeSignedInfo, xmlSecDSigNs);
     if(signedInfoNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     return(xmlSecTmplAddReference(signedInfoNode, digestMethodId, id, uri, type));
 }
 
-static xmlNodePtr 
+static xmlNodePtr
 xmlSecTmplAddReference(xmlNodePtr parentNode, xmlSecTransformId digestMethodId,
-		    const xmlChar *id, const xmlChar *uri, const xmlChar *type) {    
+                    const xmlChar *id, const xmlChar *uri, const xmlChar *type) {
     xmlNodePtr res;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(parentNode != NULL, NULL);
     xmlSecAssert2(digestMethodId != NULL, NULL);
     xmlSecAssert2(digestMethodId->href != NULL, NULL);
@@ -304,177 +304,177 @@ xmlSecTmplAddReference(xmlNodePtr parentNode, xmlSecTransformId digestMethodId,
     /* add Reference node */
     res = xmlSecAddChild(parentNode, xmlSecNodeReference, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeReference));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeReference));
+        return(NULL);
     }
 
     /* set Reference node attributes */
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
     if(type != NULL) {
-	xmlSetProp(res, xmlSecAttrType, type);
+        xmlSetProp(res, xmlSecAttrType, type);
     }
     if(uri != NULL) {
-	xmlSetProp(res, xmlSecAttrURI, uri);
+        xmlSetProp(res, xmlSecAttrURI, uri);
     }
 
-    /* add DigestMethod node and set algorithm */    
+    /* add DigestMethod node and set algorithm */
     cur = xmlSecAddChild(res, xmlSecNodeDigestMethod, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeDigestMethod));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDigestMethod));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
     }
     if(xmlSetProp(cur, xmlSecAttrAlgorithm, digestMethodId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(digestMethodId->href));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
-    }
-
-    /* add DigestValue node */    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(digestMethodId->href));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
+    }
+
+    /* add DigestValue node */
     cur = xmlSecAddChild(res, xmlSecNodeDigestValue, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeDigestValue));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
-    }
-    
-    return(res);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDigestValue));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
+    }
+
+    return(res);
 }
 
 /**
  * xmlSecTmplSignatureAddObject:
- * @signNode: 		the pointer to <dsig:Signature/> node.
- * @id: 		the node id (may be NULL).
- * @mimeType: 		the object mime type (may be NULL).
- * @encoding: 		the object encoding (may be NULL).
+ * @signNode:           the pointer to <dsig:Signature/> node.
+ * @id:                 the node id (may be NULL).
+ * @mimeType:           the object mime type (may be NULL).
+ * @encoding:           the object encoding (may be NULL).
  *
- * Adds <dsig:Object/> node to the <dsig:Signature/> node @signNode. 
+ * Adds <dsig:Object/> node to the <dsig:Signature/> node @signNode.
  *
- * Returns: the pointer to newly created <dsig:Object/> node or NULL 
+ * Returns: the pointer to newly created <dsig:Object/> node or NULL
  * if an error occurs.
  */
 xmlNodePtr
-xmlSecTmplSignatureAddObject(xmlNodePtr signNode, const xmlChar *id, 
-			 const xmlChar *mimeType, const xmlChar *encoding) {
+xmlSecTmplSignatureAddObject(xmlNodePtr signNode, const xmlChar *id,
+                         const xmlChar *mimeType, const xmlChar *encoding) {
     xmlNodePtr res;
 
     xmlSecAssert2(signNode != NULL, NULL);
-    
+
     res = xmlSecAddChild(signNode, xmlSecNodeObject, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeObject));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeObject));
+        return(NULL);
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
     if(mimeType != NULL) {
-	xmlSetProp(res, xmlSecAttrMimeType, mimeType);
+        xmlSetProp(res, xmlSecAttrMimeType, mimeType);
     }
     if(encoding != NULL) {
-	xmlSetProp(res, xmlSecAttrEncoding, encoding);
+        xmlSetProp(res, xmlSecAttrEncoding, encoding);
     }
-    return(res);        
+    return(res);
 }
 
-/** 
+/**
  * xmlSecTmplSignatureGetSignMethodNode:
- * @signNode:		the pointer to <dsig:Signature /> node.
+ * @signNode:           the pointer to <dsig:Signature /> node.
  *
  * Gets pointer to <dsig:SignatureMethod/> child of <dsig:KeyInfo/> node.
  *
  * Returns: pointer to <dsig:SignatureMethod /> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplSignatureGetSignMethodNode(xmlNodePtr signNode) {
     xmlNodePtr signedInfoNode;
-    
+
     xmlSecAssert2(signNode != NULL, NULL);
-    
+
     signedInfoNode = xmlSecFindChild(signNode, xmlSecNodeSignedInfo, xmlSecDSigNs);
     if(signedInfoNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     return(xmlSecFindChild(signedInfoNode, xmlSecNodeSignatureMethod, xmlSecDSigNs));
 }
 
-/** 
+/**
  * xmlSecTmplSignatureGetC14NMethodNode:
- * @signNode:		the pointer to <dsig:Signature /> node.
+ * @signNode:           the pointer to <dsig:Signature /> node.
  *
  * Gets pointer to <dsig:CanonicalizationMethod/> child of <dsig:KeyInfo/> node.
  *
  * Returns: pointer to <dsig:CanonicalizationMethod /> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplSignatureGetC14NMethodNode(xmlNodePtr signNode) {
     xmlNodePtr signedInfoNode;
-    
+
     xmlSecAssert2(signNode != NULL, NULL);
-    
+
     signedInfoNode = xmlSecFindChild(signNode, xmlSecNodeSignedInfo, xmlSecDSigNs);
     if(signedInfoNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeSignedInfo),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     return(xmlSecFindChild(signedInfoNode, xmlSecNodeCanonicalizationMethod, xmlSecDSigNs));
 }
 
 /**
  * xmlSecTmplReferenceAddTransform:
- * @referenceNode: 		the pointer to <dsig:Reference/> node.
- * @transformId: 		the transform method id.
+ * @referenceNode:              the pointer to <dsig:Reference/> node.
+ * @transformId:                the transform method id.
  *
  * Adds <dsig:Transform/> node to the <dsig:Reference/> node @referenceNode.
- * 
- * Returns: the pointer to newly created <dsig:Transform/> node or NULL if an 
+ *
+ * Returns: the pointer to newly created <dsig:Transform/> node or NULL if an
  * error occurs.
  */
 xmlNodePtr
 xmlSecTmplReferenceAddTransform(xmlNodePtr referenceNode, xmlSecTransformId transformId) {
     xmlNodePtr transformsNode;
     xmlNodePtr res;
-    
+
     xmlSecAssert2(referenceNode != NULL, NULL);
     xmlSecAssert2(transformId != NULL, NULL);
     xmlSecAssert2(transformId->href != NULL, NULL);
@@ -482,64 +482,64 @@ xmlSecTmplReferenceAddTransform(xmlNodePtr referenceNode, xmlSecTransformId tran
     /* do we need to create Transforms node first */
     transformsNode = xmlSecFindChild(referenceNode, xmlSecNodeTransforms, xmlSecDSigNs);
     if(transformsNode == NULL) {
-	xmlNodePtr tmp;
-	
-	tmp = xmlSecGetNextElementNode(referenceNode->children);
-	if(tmp == NULL) {
-	    transformsNode = xmlSecAddChild(referenceNode, xmlSecNodeTransforms, xmlSecDSigNs);
-	} else {
-	    transformsNode = xmlSecAddPrevSibling(tmp, xmlSecNodeTransforms, xmlSecDSigNs);
-	}   
-	if(transformsNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild or xmlSecAddPrevSibling",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeTransforms));
-	    return(NULL);	        	
-	}
+        xmlNodePtr tmp;
+
+        tmp = xmlSecGetNextElementNode(referenceNode->children);
+        if(tmp == NULL) {
+            transformsNode = xmlSecAddChild(referenceNode, xmlSecNodeTransforms, xmlSecDSigNs);
+        } else {
+            transformsNode = xmlSecAddPrevSibling(tmp, xmlSecNodeTransforms, xmlSecDSigNs);
+        }
+        if(transformsNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild or xmlSecAddPrevSibling",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeTransforms));
+            return(NULL);
+        }
     }
 
     res = xmlSecAddChild(transformsNode, xmlSecNodeTransform, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeTransform));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeTransform));
+        return(NULL);
     }
 
     if(xmlSetProp(res, xmlSecAttrAlgorithm, transformId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(transformId->href));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
-    }
-
-    return(res);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(transformId->href));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
+    }
+
+    return(res);
 }
 
 /**
  * xmlSecTmplObjectAddSignProperties:
- * @objectNode: 	the  pointer to <dsig:Object/> node.
- * @id: 		the node id (may be NULL).
- * @target: 		the Target  (may be NULL).
+ * @objectNode:         the  pointer to <dsig:Object/> node.
+ * @id:                 the node id (may be NULL).
+ * @target:             the Target  (may be NULL).
  *
  * Adds <dsig:SignatureProperties/> node to the <dsig:Object/> node @objectNode.
  *
- * Returns: the pointer to newly created <dsig:SignatureProperties/> node or NULL 
+ * Returns: the pointer to newly created <dsig:SignatureProperties/> node or NULL
  * if an error occurs.
  */
-xmlNodePtr		
+xmlNodePtr
 xmlSecTmplObjectAddSignProperties(xmlNodePtr objectNode, const xmlChar *id, const xmlChar *target) {
     xmlNodePtr res;
 
@@ -547,31 +547,31 @@ xmlSecTmplObjectAddSignProperties(xmlNodePtr objectNode, const xmlChar *id, cons
 
     res = xmlSecAddChild(objectNode, xmlSecNodeSignatureProperties, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignatureProperties));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignatureProperties));
+        return(NULL);
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
     if(target != NULL) {
-	xmlSetProp(res, xmlSecAttrTarget, target);
+        xmlSetProp(res, xmlSecAttrTarget, target);
     }
     return(res);
 }
 
 /**
  * xmlSecTmplObjectAddManifest:
- * @objectNode: 	the  pointer to <dsig:Object/> node.
- * @id: 		the node id (may be NULL).
+ * @objectNode:         the  pointer to <dsig:Object/> node.
+ * @id:                 the node id (may be NULL).
  *
  * Adds <dsig:Manifest/> node to the <dsig:Object/> node @objectNode.
  *
- * Returns: the pointer to newly created <dsig:Manifest/> node or NULL 
+ * Returns: the pointer to newly created <dsig:Manifest/> node or NULL
  * if an error occurs.
  */
 xmlNodePtr
@@ -582,38 +582,38 @@ xmlSecTmplObjectAddManifest(xmlNodePtr objectNode,  const xmlChar *id) {
 
     res = xmlSecAddChild(objectNode, xmlSecNodeManifest, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeManifest));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeManifest));
+        return(NULL);
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
     return(res);
 }
 
 /**
  * xmlSecTmplManifestAddReference:
- * @manifestNode: 	the pointer to <dsig:Manifest/> node.
- * @digestMethodId:	the reference digest method.
- * @id: 		the node id (may be NULL).
- * @uri: 		the reference node uri (may be NULL).
- * @type: 		the reference node type (may be NULL).
+ * @manifestNode:       the pointer to <dsig:Manifest/> node.
+ * @digestMethodId:     the reference digest method.
+ * @id:                 the node id (may be NULL).
+ * @uri:                the reference node uri (may be NULL).
+ * @type:               the reference node type (may be NULL).
  *
- * Adds <dsig:Reference/> node with specified URI (@uri), Id (@id) and 
+ * Adds <dsig:Reference/> node with specified URI (@uri), Id (@id) and
  * Type (@type) attributes and the required children <dsig:DigestMethod/> and
  * <dsig:DigestValue/> to the <dsig:Manifest/> node @manifestNode.
  *
- * Returns: the pointer to newly created <dsig:Reference/> node or NULL 
+ * Returns: the pointer to newly created <dsig:Reference/> node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplManifestAddReference(xmlNodePtr manifestNode, xmlSecTransformId digestMethodId,
-			      const xmlChar *id, const xmlChar *uri, const xmlChar *type) {
+                              const xmlChar *id, const xmlChar *uri, const xmlChar *type) {
     return(xmlSecTmplAddReference(manifestNode, digestMethodId, id, uri, type));
 }
 
@@ -622,175 +622,175 @@ xmlSecTmplManifestAddReference(xmlNodePtr manifestNode, xmlSecTransformId digest
  * <enc:EncryptedData/> node
  *
  **************************************************************************/
-/** 
+/**
  * xmlSecTmplEncDataCreate:
- * @doc: 		the pointer to signature document or NULL; in the later
- *			case, application must later call @xmlSetTreeDoc to ensure 
- *			that all the children nodes have correct pointer to XML document.
- * @encMethodId:	the encryption method (may be NULL).
- * @id: 		the Id attribute (optional).
- * @type: 		the Type attribute (optional)
- * @mimeType: 		the MimeType attribute (optional)
- * @encoding: 		the Encoding attribute (optional)
- *
- * Creates new <enc:EncryptedData /> node for encryption template. 
- *
- * Returns: the pointer newly created  <enc:EncryptedData/> node or NULL 
+ * @doc:                the pointer to signature document or NULL; in the later
+ *                      case, application must later call @xmlSetTreeDoc to ensure
+ *                      that all the children nodes have correct pointer to XML document.
+ * @encMethodId:        the encryption method (may be NULL).
+ * @id:                 the Id attribute (optional).
+ * @type:               the Type attribute (optional)
+ * @mimeType:           the MimeType attribute (optional)
+ * @encoding:           the Encoding attribute (optional)
+ *
+ * Creates new <enc:EncryptedData /> node for encryption template.
+ *
+ * Returns: the pointer newly created  <enc:EncryptedData/> node or NULL
  * if an error occurs.
  */
-xmlNodePtr		
+xmlNodePtr
 xmlSecTmplEncDataCreate(xmlDocPtr doc, xmlSecTransformId encMethodId,
-			    const xmlChar *id, const xmlChar *type,
-			    const xmlChar *mimeType, const xmlChar *encoding) {
+                            const xmlChar *id, const xmlChar *type,
+                            const xmlChar *mimeType, const xmlChar *encoding) {
     xmlNodePtr encNode;
     xmlNsPtr ns;
-    
+
     encNode = xmlNewDocNode(doc, NULL, xmlSecNodeEncryptedData, NULL);
     if(encNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewDocNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeEncryptedData));
-	return(NULL);	        
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDocNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeEncryptedData));
+        return(NULL);
+    }
+
     ns = xmlNewNs(encNode, xmlSecEncNs, NULL);
     if(ns == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNs",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "ns=%s",
-		    xmlSecErrorsSafeString(xmlSecEncNs));
-	return(NULL);	        	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "ns=%s",
+                    xmlSecErrorsSafeString(xmlSecEncNs));
+        return(NULL);
     }
     xmlSetNs(encNode, ns);
-    
+
     if(id != NULL) {
-	xmlSetProp(encNode, xmlSecAttrId, id);
+        xmlSetProp(encNode, xmlSecAttrId, id);
     }
     if(type != NULL) {
-	xmlSetProp(encNode, xmlSecAttrType, type);
+        xmlSetProp(encNode, xmlSecAttrType, type);
     }
     if(mimeType != NULL) {
-	xmlSetProp(encNode, xmlSecAttrMimeType, mimeType);
+        xmlSetProp(encNode, xmlSecAttrMimeType, mimeType);
     }
     if(encoding != NULL) {
-	xmlSetProp(encNode, xmlSecAttrEncoding, encoding);
+        xmlSetProp(encNode, xmlSecAttrEncoding, encoding);
     }
-    
+
     if(xmlSecTmplPrepareEncData(encNode, encMethodId) < 0) {
-	xmlFreeNode(encNode);
-	return(NULL);
+        xmlFreeNode(encNode);
+        return(NULL);
     }
     return(encNode);
 }
 
-static int  
+static int
 xmlSecTmplPrepareEncData(xmlNodePtr parentNode, xmlSecTransformId encMethodId) {
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(parentNode != NULL, -1);
     xmlSecAssert2((encMethodId == NULL) || (encMethodId->href != NULL), -1);
-    
+
     /* add EncryptionMethod node if requested */
     if(encMethodId != NULL) {
-	cur = xmlSecAddChild(parentNode, xmlSecNodeEncryptionMethod, xmlSecEncNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeEncryptionMethod));
-	    return(-1);        	
-	}
-	if(xmlSetProp(cur, xmlSecAttrAlgorithm, encMethodId->href) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSetProp",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-			"name=%s,value=%s",
-		        xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-			xmlSecErrorsSafeString(encMethodId->href));
-	    return(-1); 	
-	}	
-    }
-        
+        cur = xmlSecAddChild(parentNode, xmlSecNodeEncryptionMethod, xmlSecEncNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeEncryptionMethod));
+            return(-1);
+        }
+        if(xmlSetProp(cur, xmlSecAttrAlgorithm, encMethodId->href) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s,value=%s",
+                        xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                        xmlSecErrorsSafeString(encMethodId->href));
+            return(-1);
+        }
+    }
+
     /* and CipherData node */
     cur = xmlSecAddChild(parentNode, xmlSecNodeCipherData, xmlSecEncNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeCipherData));
-	return(-1);	        	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCipherData));
+        return(-1);
+    }
+
     return(0);
 }
 
 
-/** 
+/**
  * xmlSecTmplEncDataEnsureKeyInfo:
- * @encNode: 		the pointer to <enc:EncryptedData/> node.
- * @id:			the Id attrbibute (optional).
+ * @encNode:            the pointer to <enc:EncryptedData/> node.
+ * @id:                 the Id attrbibute (optional).
  *
  * Adds <dsig:KeyInfo/> to the  <enc:EncryptedData/> node @encNode.
  *
- * Returns: the pointer to newly created <dsig:KeyInfo/> node or 
+ * Returns: the pointer to newly created <dsig:KeyInfo/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
 xmlSecTmplEncDataEnsureKeyInfo(xmlNodePtr encNode, const xmlChar* id) {
     xmlNodePtr res;
-    
+
     xmlSecAssert2(encNode != NULL, NULL);
 
     res = xmlSecFindChild(encNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
     if(res == NULL) {
-	xmlNodePtr cipherDataNode;
-    
+        xmlNodePtr cipherDataNode;
+
         cipherDataNode = xmlSecFindChild(encNode, xmlSecNodeCipherData, xmlSecEncNs);
-	if(cipherDataNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			xmlSecErrorsSafeString(xmlSecNodeCipherData),
-		        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);	
-	}
-
-	res = xmlSecAddPrevSibling(cipherDataNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
-	if(res == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecAddPrevSibling",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	    return(NULL);	        	
-	}
+        if(cipherDataNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        xmlSecErrorsSafeString(xmlSecNodeCipherData),
+                        XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+
+        res = xmlSecAddPrevSibling(cipherDataNode, xmlSecNodeKeyInfo, xmlSecDSigNs);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddPrevSibling",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+            return(NULL);
+        }
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
-    return(res);        
+    return(res);
 }
 
-/** 
+/**
  * xmlSecTmplEncDataEnsureEncProperties:
- * @encNode: 		the pointer to <enc:EncryptedData/> node.
- * @id: 		the Id attribute (optional).
+ * @encNode:            the pointer to <enc:EncryptedData/> node.
+ * @id:                 the Id attribute (optional).
  *
- * Adds <enc:EncryptionProperties/> node to the <enc:EncryptedData/> 
+ * Adds <enc:EncryptionProperties/> node to the <enc:EncryptedData/>
  * node @encNode.
  *
- * Returns: the pointer to newly created <enc:EncryptionProperties/> node or 
+ * Returns: the pointer to newly created <enc:EncryptionProperties/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
@@ -801,264 +801,264 @@ xmlSecTmplEncDataEnsureEncProperties(xmlNodePtr encNode, const xmlChar *id) {
 
     res = xmlSecFindChild(encNode, xmlSecNodeEncryptionProperties, xmlSecEncNs);
     if(res == NULL) {
-	res = xmlSecAddChild(encNode, xmlSecNodeEncryptionProperties, xmlSecEncNs);
-	if(res == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeEncryptionProperties));
-	    return(NULL);	        	
-	}
+        res = xmlSecAddChild(encNode, xmlSecNodeEncryptionProperties, xmlSecEncNs);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeEncryptionProperties));
+            return(NULL);
+        }
     }
 
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
-    
+
     return(res);
 }
 
-/** 
+/**
  * xmlSecTmplEncDataAddEncProperty:
- * @encNode: 		the pointer to <enc:EncryptedData/> node.
- * @id: 		the Id attribute (optional).
- * @target: 		the Target attribute (optional).
+ * @encNode:            the pointer to <enc:EncryptedData/> node.
+ * @id:                 the Id attribute (optional).
+ * @target:             the Target attribute (optional).
  *
- * Adds <enc:EncryptionProperty/> node (and the parent 
- * <enc:EncryptionProperties/> node if required) to the 
+ * Adds <enc:EncryptionProperty/> node (and the parent
+ * <enc:EncryptionProperties/> node if required) to the
  * <enc:EncryptedData/> node @encNode.
  *
- * Returns: the pointer to newly created <enc:EncryptionProperty/> node or 
+ * Returns: the pointer to newly created <enc:EncryptionProperty/> node or
  * NULL if an error occurs.
  */
-xmlNodePtr	
+xmlNodePtr
 xmlSecTmplEncDataAddEncProperty(xmlNodePtr encNode, const xmlChar *id, const xmlChar *target) {
     xmlNodePtr encProps;
     xmlNodePtr res;
-        
+
     xmlSecAssert2(encNode != NULL, NULL);
 
     encProps = xmlSecTmplEncDataEnsureEncProperties(encNode, NULL);
     if(encProps == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTmplEncDataEnsureEncProperties",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTmplEncDataEnsureEncProperties",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     res = xmlSecAddChild(encProps, xmlSecNodeEncryptionProperty, xmlSecEncNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeEncryptionProperty));
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeEncryptionProperty));
+        return(NULL);
     }
     if(id != NULL) {
-	xmlSetProp(res, xmlSecAttrId, id);
+        xmlSetProp(res, xmlSecAttrId, id);
     }
     if(target != NULL) {
-	xmlSetProp(res, xmlSecAttrTarget, target);
+        xmlSetProp(res, xmlSecAttrTarget, target);
     }
-    
+
     return(res);
 }
 
-/** 
+/**
  * xmlSecTmplEncDataEnsureCipherValue:
- * @encNode: 		the pointer to <enc:EncryptedData/> node.
+ * @encNode:            the pointer to <enc:EncryptedData/> node.
  *
  * Adds <enc:CipherValue/> to the <enc:EncryptedData/> node @encNode.
  *
- * Returns: the pointer to newly created <enc:CipherValue/> node or 
+ * Returns: the pointer to newly created <enc:CipherValue/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
 xmlSecTmplEncDataEnsureCipherValue(xmlNodePtr encNode) {
     xmlNodePtr cipherDataNode;
     xmlNodePtr res, tmp;
-        
+
     xmlSecAssert2(encNode != NULL, NULL);
 
     cipherDataNode = xmlSecFindChild(encNode, xmlSecNodeCipherData, xmlSecEncNs);
     if(cipherDataNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeCipherData),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeCipherData),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* check that we don;t have CipherReference node */
     tmp = xmlSecFindChild(cipherDataNode, xmlSecNodeCipherReference, xmlSecEncNs);
     if(tmp != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeCipherReference),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeCipherReference),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     res = xmlSecFindChild(cipherDataNode, xmlSecNodeCipherValue, xmlSecEncNs);
     if(res == NULL) {
-	res = xmlSecAddChild(cipherDataNode, xmlSecNodeCipherValue, xmlSecEncNs);
-	if(res == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeCipherValue));
-	    return(NULL);	        	
-	}
-    }
-        
+        res = xmlSecAddChild(cipherDataNode, xmlSecNodeCipherValue, xmlSecEncNs);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeCipherValue));
+            return(NULL);
+        }
+    }
+
     return(res);
 }
 
-/** 
+/**
  * xmlSecTmplEncDataEnsureCipherReference:
- * @encNode: 		the pointer to <enc:EncryptedData/> node.
- * @uri: 		the URI attribute (may be NULL).
+ * @encNode:            the pointer to <enc:EncryptedData/> node.
+ * @uri:                the URI attribute (may be NULL).
  *
  * Adds <enc:CipherReference/> node with specified URI attribute @uri
  * to the <enc:EncryptedData/> node @encNode.
  *
- * Returns: the pointer to newly created <enc:CipherReference/> node or 
+ * Returns: the pointer to newly created <enc:CipherReference/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
 xmlSecTmplEncDataEnsureCipherReference(xmlNodePtr encNode, const xmlChar *uri) {
     xmlNodePtr cipherDataNode;
     xmlNodePtr res, tmp;
-        
+
     xmlSecAssert2(encNode != NULL, NULL);
 
     cipherDataNode = xmlSecFindChild(encNode, xmlSecNodeCipherData, xmlSecEncNs);
     if(cipherDataNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeCipherData),
-		    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeCipherData),
+                    XMLSEC_ERRORS_R_NODE_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* check that we don;t have CipherValue node */
     tmp = xmlSecFindChild(cipherDataNode, xmlSecNodeCipherValue, xmlSecEncNs);
     if(tmp != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeCipherValue),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeCipherValue),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     res = xmlSecFindChild(cipherDataNode, xmlSecNodeCipherReference, xmlSecEncNs);
     if(res == NULL) {
-	res = xmlSecAddChild(cipherDataNode, xmlSecNodeCipherReference, xmlSecEncNs);
-	if(res == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeCipherReference));
-	    return(NULL);	        	
-	}
-    }
-    
+        res = xmlSecAddChild(cipherDataNode, xmlSecNodeCipherReference, xmlSecEncNs);
+        if(res == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeCipherReference));
+            return(NULL);
+        }
+    }
+
     if(uri != NULL) {
-	xmlSetProp(res, xmlSecAttrURI, uri);
+        xmlSetProp(res, xmlSecAttrURI, uri);
     }
-    
+
     return(res);
 }
 
-/** 
+/**
  * xmlSecTmplEncDataGetEncMethodNode:
- * @encNode:		the pointer to <enc:EcnryptedData /> node.
+ * @encNode:            the pointer to <enc:EcnryptedData /> node.
  *
  * Gets pointer to <enc:EncrytpionMethod/> node.
  *
  * Returns: pointer to <enc:EncryptionMethod /> node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplEncDataGetEncMethodNode(xmlNodePtr encNode) {
     xmlSecAssert2(encNode != NULL, NULL);
 
     return(xmlSecFindChild(encNode, xmlSecNodeEncryptionMethod, xmlSecEncNs));
 }
 
-/** 
+/**
  * xmlSecTmplCipherReferenceAddTransform:
- * @cipherReferenceNode: 	the pointer to <enc:CipherReference/> node.
- * @transformId: 		the transform id.
+ * @cipherReferenceNode:        the pointer to <enc:CipherReference/> node.
+ * @transformId:                the transform id.
  *
  * Adds <dsig:Transform/> node (and the parent <dsig:Transforms/> node)
  * with specified transform methods @transform to the <enc:CipherReference/>
  * child node of the <enc:EncryptedData/> node @encNode.
  *
- * Returns: the pointer to newly created <dsig:Transform/> node or 
+ * Returns: the pointer to newly created <dsig:Transform/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
-xmlSecTmplCipherReferenceAddTransform(xmlNodePtr cipherReferenceNode, 
-				  xmlSecTransformId transformId) {
+xmlSecTmplCipherReferenceAddTransform(xmlNodePtr cipherReferenceNode,
+                                  xmlSecTransformId transformId) {
     xmlNodePtr transformsNode;
     xmlNodePtr res;
 
     xmlSecAssert2(cipherReferenceNode != NULL, NULL);
-    xmlSecAssert2(transformId != NULL, NULL);    
-    xmlSecAssert2(transformId->href != NULL, NULL);    
+    xmlSecAssert2(transformId != NULL, NULL);
+    xmlSecAssert2(transformId->href != NULL, NULL);
 
     transformsNode = xmlSecFindChild(cipherReferenceNode, xmlSecNodeTransforms, xmlSecEncNs);
     if(transformsNode == NULL) {
-	transformsNode = xmlSecAddChild(cipherReferenceNode, xmlSecNodeTransforms, xmlSecEncNs);
-	if(transformsNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeTransforms));
-	    return(NULL);	
-	}
-    }
-    
+        transformsNode = xmlSecAddChild(cipherReferenceNode, xmlSecNodeTransforms, xmlSecEncNs);
+        if(transformsNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeTransforms));
+            return(NULL);
+        }
+    }
+
     res = xmlSecAddChild(transformsNode,  xmlSecNodeTransform, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeTransform));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeTransform));
+        return(NULL);
+    }
+
     if(xmlSetProp(res, xmlSecAttrAlgorithm, transformId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(transformId->href));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(transformId->href));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
+    }
+
     return(res);
 }
 
@@ -1067,16 +1067,16 @@ xmlSecTmplCipherReferenceAddTransform(xmlNodePtr cipherReferenceNode,
  *
  * <enc:EncryptedKey> node
  *
- **********************************************************************/ 
+ **********************************************************************/
 
-/** 
+/**
  * xmlSecTmplReferenceListAddDataReference:
- * @encNode: 	                the pointer to <enc:EncryptedKey/> node.
+ * @encNode:                    the pointer to <enc:EncryptedKey/> node.
  * @uri:                        uri to reference (optional)
  *
  * Adds <enc:DataReference/> and the parent <enc:ReferenceList/> node (if needed).
  *
- * Returns: the pointer to newly created <enc:DataReference/> node or 
+ * Returns: the pointer to newly created <enc:DataReference/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
@@ -1084,58 +1084,58 @@ xmlSecTmplReferenceListAddDataReference(xmlNodePtr encNode, const xmlChar *uri)
     xmlNodePtr refListNode, res;
 
     xmlSecAssert2(encNode != NULL, NULL);
-    
+
     refListNode = xmlSecFindChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
     if(refListNode == NULL) {
-	refListNode = xmlSecAddChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
-	if(refListNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeReferenceList));
-	    return(NULL);	
-	}
-    }
-    
+        refListNode = xmlSecAddChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
+        if(refListNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeReferenceList));
+            return(NULL);
+        }
+    }
+
     res = xmlSecAddChild(refListNode,  xmlSecNodeDataReference, xmlSecEncNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeDataReference));
-	return(NULL);	
-    }
- 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDataReference));
+        return(NULL);
+    }
+
     if(uri != NULL) {
         if(xmlSetProp(res, xmlSecAttrURI, uri) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSetProp",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "name=%s,value=%s",
-		        xmlSecErrorsSafeString(xmlSecAttrURI),
-		        xmlSecErrorsSafeString(uri));
-	    xmlUnlinkNode(res);
-	    xmlFreeNode(res);
-	    return(NULL);	        	
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s,value=%s",
+                        xmlSecErrorsSafeString(xmlSecAttrURI),
+                        xmlSecErrorsSafeString(uri));
+            xmlUnlinkNode(res);
+            xmlFreeNode(res);
+            return(NULL);
         }
     }
 
     return(res);
 }
 
-/** 
+/**
  * xmlSecTmplReferenceListAddKeyReference:
- * @encNode: 	                the pointer to <enc:EncryptedKey/> node.
+ * @encNode:                    the pointer to <enc:EncryptedKey/> node.
  * @uri:                        uri to reference (optional)
  *
  * Adds <enc:KeyReference/> and the parent <enc:ReferenceList/> node (if needed).
  *
- * Returns: the pointer to newly created <enc:KeyReference/> node or 
+ * Returns: the pointer to newly created <enc:KeyReference/> node or
  * NULL if an error occurs.
  */
 xmlNodePtr
@@ -1143,44 +1143,44 @@ xmlSecTmplReferenceListAddKeyReference(xmlNodePtr encNode, const xmlChar *uri) {
     xmlNodePtr refListNode, res;
 
     xmlSecAssert2(encNode != NULL, NULL);
-    
+
     refListNode = xmlSecFindChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
     if(refListNode == NULL) {
-	refListNode = xmlSecAddChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
-	if(refListNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeReferenceList));
-	    return(NULL);	
-	}
-    }
-    
+        refListNode = xmlSecAddChild(encNode, xmlSecNodeReferenceList, xmlSecEncNs);
+        if(refListNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeReferenceList));
+            return(NULL);
+        }
+    }
+
     res = xmlSecAddChild(refListNode,  xmlSecNodeKeyReference, xmlSecEncNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyReference));
-	return(NULL);	
-    }
- 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyReference));
+        return(NULL);
+    }
+
     if(uri != NULL) {
         if(xmlSetProp(res, xmlSecAttrURI, uri) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSetProp",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "name=%s,value=%s",
-		        xmlSecErrorsSafeString(xmlSecAttrURI),
-		        xmlSecErrorsSafeString(uri));
-	    xmlUnlinkNode(res);
-	    xmlFreeNode(res);
-	    return(NULL);	        	
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s,value=%s",
+                        xmlSecErrorsSafeString(xmlSecAttrURI),
+                        xmlSecErrorsSafeString(uri));
+            xmlUnlinkNode(res);
+            xmlFreeNode(res);
+            return(NULL);
         }
     }
 
@@ -1196,39 +1196,39 @@ xmlSecTmplReferenceListAddKeyReference(xmlNodePtr encNode, const xmlChar *uri) {
 
 /**
  * xmlSecTmplKeyInfoAddKeyName:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @name:		the key name (optional).	
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @name:               the key name (optional).
  *
  * Adds <dsig:KeyName/> node to the <dsig:KeyInfo/> node @keyInfoNode.
  *
  * Returns: the pointer to the newly created <dsig:KeyName/> node or
  * NULL if an error occurs.
  */
-xmlNodePtr	
+xmlNodePtr
 xmlSecTmplKeyInfoAddKeyName(xmlNodePtr keyInfoNode, const xmlChar* name) {
     xmlNodePtr res;
 
     xmlSecAssert2(keyInfoNode != NULL, NULL);
-        
-    res = xmlSecAddChild(keyInfoNode, xmlSecNodeKeyName, xmlSecDSigNs); 
+
+    res = xmlSecAddChild(keyInfoNode, xmlSecNodeKeyName, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyName));
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyName));
+        return(NULL);
     }
     if(name != NULL) {
-	xmlSecNodeEncodeAndSetContent(res, name);
+        xmlSecNodeEncodeAndSetContent(res, name);
     }
     return(res);
 }
 
 /**
  * xmlSecTmplKeyInfoAddKeyValue:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
  *
  * Adds <dsig:KeyValue/> node to the <dsig:KeyInfo/> node @keyInfoNode.
  *
@@ -1240,24 +1240,24 @@ xmlSecTmplKeyInfoAddKeyValue(xmlNodePtr keyInfoNode) {
     xmlNodePtr res;
 
     xmlSecAssert2(keyInfoNode != NULL, NULL);
-        
-    res = xmlSecAddChild(keyInfoNode, xmlSecNodeKeyValue, xmlSecDSigNs); 
+
+    res = xmlSecAddChild(keyInfoNode, xmlSecNodeKeyValue, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyValue));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyValue));
+        return(NULL);
+    }
+
     return(res);
 }
 
 /**
  * xmlSecTmplKeyInfoAddX509Data:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
  *
  * Adds <dsig:X509Data/> node to the <dsig:KeyInfo/> node @keyInfoNode.
  *
@@ -1269,26 +1269,26 @@ xmlSecTmplKeyInfoAddX509Data(xmlNodePtr keyInfoNode) {
     xmlNodePtr res;
 
     xmlSecAssert2(keyInfoNode != NULL, NULL);
-        
-    res = xmlSecAddChild(keyInfoNode, xmlSecNodeX509Data, xmlSecDSigNs); 
+
+    res = xmlSecAddChild(keyInfoNode, xmlSecNodeX509Data, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509Data));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Data));
+        return(NULL);
+    }
+
     return(res);
 }
 
 /**
  * xmlSecTmplKeyInfoAddRetrievalMethod:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @uri: 		the URI attribute (optional).
- * @type: 		the Type attribute(optional).
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @uri:                the URI attribute (optional).
+ * @type:               the Type attribute(optional).
  *
  * Adds <dsig:RetrievalMethod/> node to the <dsig:KeyInfo/> node @keyInfoNode.
  *
@@ -1297,36 +1297,36 @@ xmlSecTmplKeyInfoAddX509Data(xmlNodePtr keyInfoNode) {
  */
 xmlNodePtr
 xmlSecTmplKeyInfoAddRetrievalMethod(xmlNodePtr keyInfoNode, const xmlChar *uri,
-			     const xmlChar *type) {
+                             const xmlChar *type) {
     xmlNodePtr res;
 
     xmlSecAssert2(keyInfoNode != NULL, NULL);
-        
-    res = xmlSecAddChild(keyInfoNode, xmlSecNodeRetrievalMethod, xmlSecDSigNs); 
+
+    res = xmlSecAddChild(keyInfoNode, xmlSecNodeRetrievalMethod, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeRetrievalMethod));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRetrievalMethod));
+        return(NULL);
+    }
+
     if(uri != NULL) {
-	xmlSetProp(res, xmlSecAttrURI, uri);
+        xmlSetProp(res, xmlSecAttrURI, uri);
     }
     if(type != NULL) {
-	xmlSetProp(res, xmlSecAttrType, type);
+        xmlSetProp(res, xmlSecAttrType, type);
     }
     return(res);
 }
 
 /**
  * xmlSecTmplRetrievalMethodAddTransform:
- * @retrMethodNode: 	the pointer to <dsig:RetrievalMethod/> node.
- * @transformId: 	the transform id.
- * 
+ * @retrMethodNode:     the pointer to <dsig:RetrievalMethod/> node.
+ * @transformId:        the transform id.
+ *
  * Adds <dsig:Transform/> node (and the parent <dsig:Transforms/> node
  * if required) to the <dsig:RetrievalMethod/> node @retrMethod.
  *
@@ -1339,118 +1339,118 @@ xmlSecTmplRetrievalMethodAddTransform(xmlNodePtr retrMethodNode, xmlSecTransform
     xmlNodePtr res;
 
     xmlSecAssert2(retrMethodNode != NULL, NULL);
-    xmlSecAssert2(transformId != NULL, NULL);    
-    xmlSecAssert2(transformId->href != NULL, NULL);    
+    xmlSecAssert2(transformId != NULL, NULL);
+    xmlSecAssert2(transformId->href != NULL, NULL);
 
     transformsNode = xmlSecFindChild(retrMethodNode, xmlSecNodeTransforms, xmlSecDSigNs);
     if(transformsNode == NULL) {
-	transformsNode = xmlSecAddChild(retrMethodNode, xmlSecNodeTransforms, xmlSecDSigNs);
-	if(transformsNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeTransforms));
-	    return(NULL);	
-	}
-    }
-    
+        transformsNode = xmlSecAddChild(retrMethodNode, xmlSecNodeTransforms, xmlSecDSigNs);
+        if(transformsNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeTransforms));
+            return(NULL);
+        }
+    }
+
     res = xmlSecAddChild(transformsNode,  xmlSecNodeTransform, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeTransform));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeTransform));
+        return(NULL);
+    }
+
     if(xmlSetProp(res, xmlSecAttrAlgorithm, transformId->href) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    xmlSecErrorsSafeString(transformId->href));
-	xmlUnlinkNode(res);
-	xmlFreeNode(res);
-	return(NULL);	        	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    xmlSecErrorsSafeString(transformId->href));
+        xmlUnlinkNode(res);
+        xmlFreeNode(res);
+        return(NULL);
+    }
+
     return(res);
 }
 
 
 /**
  * xmlSecTmplKeyInfoAddEncryptedKey:
- * @keyInfoNode: 	the pointer to <dsig:KeyInfo/> node.
- * @encMethodId:	the encryption method (optional).
- * @id: 		the Id attribute (optional).
- * @type: 		the Type attribute (optional). 
- * @recipient: 		the Recipient attribute (optional). 
+ * @keyInfoNode:        the pointer to <dsig:KeyInfo/> node.
+ * @encMethodId:        the encryption method (optional).
+ * @id:                 the Id attribute (optional).
+ * @type:               the Type attribute (optional).
+ * @recipient:          the Recipient attribute (optional).
  *
- * Adds <enc:EncryptedKey/> node with given attributes to 
+ * Adds <enc:EncryptedKey/> node with given attributes to
  * the <dsig:KeyInfo/> node @keyInfoNode.
  *
  * Returns: the pointer to the newly created <enc:EncryptedKey/> node or
  * NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplKeyInfoAddEncryptedKey(xmlNodePtr keyInfoNode, xmlSecTransformId encMethodId,
-			 const xmlChar* id, const xmlChar* type, const xmlChar* recipient) {
+                         const xmlChar* id, const xmlChar* type, const xmlChar* recipient) {
     xmlNodePtr encKeyNode;
 
     xmlSecAssert2(keyInfoNode != NULL, NULL);
 
     /* we allow multiple encrypted key elements */
-    encKeyNode = xmlSecAddChild(keyInfoNode, xmlSecNodeEncryptedKey, xmlSecEncNs); 
+    encKeyNode = xmlSecAddChild(keyInfoNode, xmlSecNodeEncryptedKey, xmlSecEncNs);
     if(encKeyNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeEncryptedKey));
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeEncryptedKey));
+        return(NULL);
+    }
+
     if(id != NULL) {
-	xmlSetProp(encKeyNode, xmlSecAttrId, id);
+        xmlSetProp(encKeyNode, xmlSecAttrId, id);
     }
     if(type != NULL) {
-	xmlSetProp(encKeyNode, xmlSecAttrType, type);
+        xmlSetProp(encKeyNode, xmlSecAttrType, type);
     }
     if(recipient != NULL) {
-	xmlSetProp(encKeyNode, xmlSecAttrRecipient, recipient);
+        xmlSetProp(encKeyNode, xmlSecAttrRecipient, recipient);
     }
 
     if(xmlSecTmplPrepareEncData(encKeyNode, encMethodId) < 0) {
-	xmlUnlinkNode(encKeyNode);
-	xmlFreeNode(encKeyNode);
-	return(NULL);	        	
-    }    
-    return(encKeyNode);    
+        xmlUnlinkNode(encKeyNode);
+        xmlFreeNode(encKeyNode);
+        return(NULL);
+    }
+    return(encKeyNode);
 }
 
 /***********************************************************************
  *
  * <dsig:X509Data> node
  *
- **********************************************************************/ 
+ **********************************************************************/
 /**
  * xmlSecTmplX509DataAddIssuerSerial:
- * @x509DataNode: 	the pointer to <dsig:X509Data/> node.
- * 
+ * @x509DataNode:       the pointer to <dsig:X509Data/> node.
+ *
  * Adds <dsig:X509IssuerSerial/> node to the given <dsig:X509Data/> node.
  *
  * Returns: the pointer to the newly created <dsig:X509IssuerSerial/> node or
  * NULL if an error occurs.
  */
 
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplX509DataAddIssuerSerial(xmlNodePtr x509DataNode) {
     xmlNodePtr cur;
 
@@ -1458,32 +1458,32 @@ xmlSecTmplX509DataAddIssuerSerial(xmlNodePtr x509DataNode) {
 
     cur = xmlSecFindChild(x509DataNode, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     cur = xmlSecAddChild(x509DataNode, xmlSecNodeX509IssuerSerial, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial));
+        return(NULL);
+    }
+
     return (cur);
 }
 
 /**
  * xmlSecTmplX509IssuerSerialAddIssuerName:
- * @x509IssuerSerialNode: 	the pointer to <dsig:X509IssuerSerial/> node.
- * @issuerName:		the issuer name (optional).	
+ * @x509IssuerSerialNode:       the pointer to <dsig:X509IssuerSerial/> node.
+ * @issuerName:         the issuer name (optional).
  *
  * Adds <dsig:X509IssuerName/> node to the <dsig:X509IssuerSerial/> node @x509IssuerSerialNode.
  *
@@ -1492,41 +1492,41 @@ xmlSecTmplX509DataAddIssuerSerial(xmlNodePtr x509DataNode) {
  */
 xmlNodePtr
 xmlSecTmplX509IssuerSerialAddIssuerName(xmlNodePtr x509IssuerSerialNode, const xmlChar* issuerName) {
-	xmlNodePtr res;
-	
-	xmlSecAssert2(x509IssuerSerialNode != NULL, NULL);
-	
+        xmlNodePtr res;
+
+        xmlSecAssert2(x509IssuerSerialNode != NULL, NULL);
+
   if(xmlSecFindChild(x509IssuerSerialNode, xmlSecNodeX509IssuerName,
-				xmlSecDSigNs) != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-	}
-
-	res = xmlSecAddChild(x509IssuerSerialNode, xmlSecNodeX509IssuerName, xmlSecDSigNs);
+                                xmlSecDSigNs) != NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+        }
+
+        res = xmlSecAddChild(x509IssuerSerialNode, xmlSecNodeX509IssuerName, xmlSecDSigNs);
     if(res == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
-	return(NULL);	
-    }
-
-		if (issuerName != NULL) {
-			xmlSecNodeEncodeAndSetContent(res, issuerName);
-		}
-		return(res);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509IssuerName));
+        return(NULL);
+    }
+
+                if (issuerName != NULL) {
+                        xmlSecNodeEncodeAndSetContent(res, issuerName);
+                }
+                return(res);
 }
 
 /**
  * xmlSecTmplX509IssuerSerialAddSerialNumber:
- * @x509IssuerSerialNode: 	the pointer to <dsig:X509IssuerSerial/> node.
- * @serial:		the serial number (optional).	
+ * @x509IssuerSerialNode:       the pointer to <dsig:X509IssuerSerial/> node.
+ * @serial:             the serial number (optional).
  *
  * Adds <dsig:X509SerialNumber/> node to the <dsig:X509IssuerSerial/> node @x509IssuerSerialNode.
  *
@@ -1535,48 +1535,48 @@ xmlSecTmplX509IssuerSerialAddIssuerName(xmlNodePtr x509IssuerSerialNode, const x
  */
 xmlNodePtr
 xmlSecTmplX509IssuerSerialAddSerialNumber(xmlNodePtr x509IssuerSerialNode, const xmlChar* serial) {
-	xmlNodePtr res;
-
-	xmlSecAssert2(x509IssuerSerialNode != NULL, NULL);
-
-	if(xmlSecFindChild(x509IssuerSerialNode, xmlSecNodeX509SerialNumber,
-				xmlSecDSigNs) != NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
-				XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-				XMLSEC_ERRORS_NO_MESSAGE);
-		return(NULL);
-	}
-
-	res = xmlSecAddChild(x509IssuerSerialNode, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
-	if(res == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-				"xmlSecAddChild",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"node=%s",
-				xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
-		return(NULL);	
-	}
-
-	if (serial != NULL) {
-		xmlSecNodeEncodeAndSetContent(res, serial);
-	}
-	return(res);
+        xmlNodePtr res;
+
+        xmlSecAssert2(x509IssuerSerialNode != NULL, NULL);
+
+        if(xmlSecFindChild(x509IssuerSerialNode, xmlSecNodeX509SerialNumber,
+                                xmlSecDSigNs) != NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber),
+                                XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                                XMLSEC_ERRORS_NO_MESSAGE);
+                return(NULL);
+        }
+
+        res = xmlSecAddChild(x509IssuerSerialNode, xmlSecNodeX509SerialNumber, xmlSecDSigNs);
+        if(res == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecAddChild",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "node=%s",
+                                xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber));
+                return(NULL);
+        }
+
+        if (serial != NULL) {
+                xmlSecNodeEncodeAndSetContent(res, serial);
+        }
+        return(res);
 }
 
 /**
  * xmlSecTmplX509DataAddSubjectName:
- * @x509DataNode: 	the pointer to <dsig:X509Data/> node.
- * 
+ * @x509DataNode:       the pointer to <dsig:X509Data/> node.
+ *
  * Adds <dsig:X509SubjectName/> node to the given <dsig:X509Data/> node.
  *
  * Returns: the pointer to the newly created <dsig:X509SubjectName/> node or
  * NULL if an error occurs.
  */
 
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplX509DataAddSubjectName(xmlNodePtr x509DataNode) {
     xmlNodePtr cur;
 
@@ -1584,39 +1584,39 @@ xmlSecTmplX509DataAddSubjectName(xmlNodePtr x509DataNode) {
 
     cur = xmlSecFindChild(x509DataNode, xmlSecNodeX509SubjectName, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     cur = xmlSecAddChild(x509DataNode, xmlSecNodeX509SubjectName, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SubjectName));
+        return(NULL);
+    }
+
     return (cur);
 }
 
 /**
  * xmlSecTmplX509DataAddSKI:
- * @x509DataNode: 	the pointer to <dsig:X509Data/> node.
- * 
+ * @x509DataNode:       the pointer to <dsig:X509Data/> node.
+ *
  * Adds <dsig:X509SKI/> node to the given <dsig:X509Data/> node.
  *
  * Returns: the pointer to the newly created <dsig:X509SKI/> node or
  * NULL if an error occurs.
  */
 
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplX509DataAddSKI(xmlNodePtr x509DataNode) {
     xmlNodePtr cur;
 
@@ -1624,40 +1624,40 @@ xmlSecTmplX509DataAddSKI(xmlNodePtr x509DataNode) {
 
     cur = xmlSecFindChild(x509DataNode, xmlSecNodeX509SKI, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509SKI),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     cur = xmlSecAddChild(x509DataNode, xmlSecNodeX509SKI, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509SKI));
+        return(NULL);
+    }
+
     return (cur);
 }
 
 
 /**
  * xmlSecTmplX509DataAddCertificate:
- * @x509DataNode: 	the pointer to <dsig:X509Data/> node.
- * 
+ * @x509DataNode:       the pointer to <dsig:X509Data/> node.
+ *
  * Adds <dsig:X509Certificate/> node to the given <dsig:X509Data/> node.
  *
  * Returns: the pointer to the newly created <dsig:X509Certificate/> node or
  * NULL if an error occurs.
  */
 
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplX509DataAddCertificate(xmlNodePtr x509DataNode) {
     xmlNodePtr cur;
 
@@ -1665,39 +1665,39 @@ xmlSecTmplX509DataAddCertificate(xmlNodePtr x509DataNode) {
 
     cur = xmlSecFindChild(x509DataNode, xmlSecNodeX509Certificate, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509Certificate),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     cur = xmlSecAddChild(x509DataNode, xmlSecNodeX509Certificate, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509Certificate));
+        return(NULL);
+    }
+
     return (cur);
 }
 
 /**
  * xmlSecTmplX509DataAddCRL:
- * @x509DataNode: 	the pointer to <dsig:X509Data/> node.
- * 
+ * @x509DataNode:       the pointer to <dsig:X509Data/> node.
+ *
  * Adds <dsig:X509CRL/> node to the given <dsig:X509Data/> node.
  *
  * Returns: the pointer to the newly created <dsig:X509CRL/> node or
  * NULL if an error occurs.
  */
 
-xmlNodePtr 
+xmlNodePtr
 xmlSecTmplX509DataAddCRL(xmlNodePtr x509DataNode) {
     xmlNodePtr cur;
 
@@ -1705,25 +1705,25 @@ xmlSecTmplX509DataAddCRL(xmlNodePtr x509DataNode) {
 
     cur = xmlSecFindChild(x509DataNode, xmlSecNodeX509CRL, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeX509CRL),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     cur = xmlSecAddChild(x509DataNode, xmlSecNodeX509CRL, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
-	return(NULL);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeX509CRL));
+        return(NULL);
+    }
+
     return (cur);
 }
 
@@ -1735,10 +1735,10 @@ xmlSecTmplX509DataAddCRL(xmlNodePtr x509DataNode) {
 
 /**
  * xmlSecTmplTransformAddHmacOutputLength:
- * @transformNode: 	the pointer to <dsig:Transform/> node
- * @bitsLen: 		the required length in bits
+ * @transformNode:      the pointer to <dsig:Transform/> node
+ * @bitsLen:            the required length in bits
  *
- * Creates <dsig:HMACOutputLength/> child for the HMAC transform 
+ * Creates <dsig:HMACOutputLength/> child for the HMAC transform
  * node @node.
  *
  * Returns: 0 on success and a negatie value otherwise.
@@ -1753,25 +1753,25 @@ xmlSecTmplTransformAddHmacOutputLength(xmlNodePtr transformNode, xmlSecSize bits
 
     cur = xmlSecFindChild(transformNode, xmlSecNodeHMACOutputLength, xmlSecDSigNs);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeHMACOutputLength),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeHMACOutputLength),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     cur = xmlSecAddChild(transformNode, xmlSecNodeHMACOutputLength, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeHMACOutputLength));
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeHMACOutputLength));
+        return(-1);
+    }
+
     sprintf(buf, "%u", bitsLen);
     xmlNodeSetContent(cur, BAD_CAST buf);
     return(0);
@@ -1779,17 +1779,17 @@ xmlSecTmplTransformAddHmacOutputLength(xmlNodePtr transformNode, xmlSecSize bits
 
 /**
  * xmlSecTmplTransformAddRsaOaepParam:
- * @transformNode: 	the pointer to <dsig:Transform/> node.
- * @buf: 		the OAEP param buffer.
- * @size: 		the OAEP param buffer size.
- * 
+ * @transformNode:      the pointer to <dsig:Transform/> node.
+ * @buf:                the OAEP param buffer.
+ * @size:               the OAEP param buffer size.
+ *
  * Creates <enc:OAEPParam/> child node in the @node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int  	
-xmlSecTmplTransformAddRsaOaepParam(xmlNodePtr transformNode, 
-			const xmlSecByte *buf, xmlSecSize size) {
+int
+xmlSecTmplTransformAddRsaOaepParam(xmlNodePtr transformNode,
+                        const xmlSecByte *buf, xmlSecSize size) {
     xmlNodePtr oaepParamNode;
     xmlChar *base64;
 
@@ -1799,35 +1799,35 @@ xmlSecTmplTransformAddRsaOaepParam(xmlNodePtr transformNode,
 
     oaepParamNode = xmlSecFindChild(transformNode, xmlSecNodeRsaOAEPparams, xmlSecEncNs);
     if(oaepParamNode != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeRsaOAEPparams),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeRsaOAEPparams),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     oaepParamNode = xmlSecAddChild(transformNode, xmlSecNodeRsaOAEPparams, xmlSecEncNs);
     if(oaepParamNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeRsaOAEPparams));
-	return(-1);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeRsaOAEPparams));
+        return(-1);
+    }
+
     base64 = xmlSecBase64Encode(buf, size, 0);
     if(base64 == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", size);
-	return(-1);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", size);
+        return(-1);
+    }
+
     xmlNodeSetContent(oaepParamNode, base64);
     xmlFree(base64);
     return(0);
@@ -1835,9 +1835,9 @@ xmlSecTmplTransformAddRsaOaepParam(xmlNodePtr transformNode,
 
 /**
  * xmlSecTmplTransformAddXsltStylesheet:
- * @transformNode: 	the pointer to <dsig:Transform/> node.
- * @xslt: 		the XSLT transform exspression.
- * 
+ * @transformNode:      the pointer to <dsig:Transform/> node.
+ * @xslt:               the XSLT transform exspression.
+ *
  * Writes the XSLT transform expression to the @node.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -1846,140 +1846,140 @@ int
 xmlSecTmplTransformAddXsltStylesheet(xmlNodePtr transformNode, const xmlChar *xslt) {
     xmlDocPtr xsltDoc;
     int ret;
-        
-    xmlSecAssert2(transformNode != NULL, -1);    
-    xmlSecAssert2(xslt != NULL, -1);    
-    
+
+    xmlSecAssert2(transformNode != NULL, -1);
+    xmlSecAssert2(xslt != NULL, -1);
+
     xsltDoc = xmlParseMemory((const char*)xslt, xmlStrlen(xslt));
     if(xsltDoc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlParseMemory",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlParseMemory",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecReplaceContent(transformNode, xmlDocGetRootElement(xsltDoc));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecReplaceContent",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlFreeDoc(xsltDoc);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecReplaceContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlFreeDoc(xsltDoc);
+        return(-1);
+    }
+
     xmlFreeDoc(xsltDoc);
     return(0);
 }
 
 /**
  * xmlSecTmplTransformAddC14NInclNamespaces:
- * @transformNode: 	the pointer to <dsig:Transform/> node.
- * @prefixList: 	the white space delimited  list of namespace prefixes, 
- *			where "#default" indicates the default namespace
- *			(optional).
+ * @transformNode:      the pointer to <dsig:Transform/> node.
+ * @prefixList:         the white space delimited  list of namespace prefixes,
+ *                      where "#default" indicates the default namespace
+ *                      (optional).
  *
  * Adds "inclusive" namespaces to the ExcC14N transform node @node.
  *
  * Returns: 0 if success or a negative value otherwise.
  */
-int		
-xmlSecTmplTransformAddC14NInclNamespaces(xmlNodePtr transformNode, 
-					 const xmlChar *prefixList) {
+int
+xmlSecTmplTransformAddC14NInclNamespaces(xmlNodePtr transformNode,
+                                         const xmlChar *prefixList) {
     xmlNodePtr cur;
 
-    xmlSecAssert2(transformNode != NULL, -1);    
+    xmlSecAssert2(transformNode != NULL, -1);
     xmlSecAssert2(prefixList != NULL, -1);
 
     cur = xmlSecFindChild(transformNode, xmlSecNodeInclusiveNamespaces, xmlSecNsExcC14N);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeInclusiveNamespaces),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeInclusiveNamespaces),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     cur = xmlSecAddChild(transformNode, xmlSecNodeInclusiveNamespaces, xmlSecNsExcC14N);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(transformNode)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeInclusiveNamespaces));
-	return(-1);
-    }    
-    
-    xmlSetProp(cur, xmlSecAttrPrefixList, prefixList);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(transformNode)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeInclusiveNamespaces));
+        return(-1);
+    }
+
+    xmlSetProp(cur, xmlSecAttrPrefixList, prefixList);
     return(0);
 }
 
 /**
  * xmlSecTmplTransformAddXPath:
- * @transformNode: 	the pointer to the <dsig:Transform/> node.
- * @expression: 	the XPath expression.
- * @nsList: 		the NULL terminated list of namespace prefix/href pairs
- *			(optional).
+ * @transformNode:      the pointer to the <dsig:Transform/> node.
+ * @expression:         the XPath expression.
+ * @nsList:             the NULL terminated list of namespace prefix/href pairs
+ *                      (optional).
  *
- * Writes XPath transform infromation to the <dsig:Transform/> node 
+ * Writes XPath transform infromation to the <dsig:Transform/> node
  * @node.
  *
  * Returns: 0 for success or a negative value otherwise.
  */
-int 	
+int
 xmlSecTmplTransformAddXPath(xmlNodePtr transformNode, const xmlChar *expression,
-			 const xmlChar **nsList) {
+                         const xmlChar **nsList) {
     xmlNodePtr xpathNode;
-    
+
     xmlSecAssert2(transformNode != NULL, -1);
     xmlSecAssert2(expression != NULL, -1);
-    
+
     xpathNode = xmlSecFindChild(transformNode, xmlSecNodeXPath, xmlSecDSigNs);
     if(xpathNode != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeXPath),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeXPath),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     xpathNode = xmlSecAddChild(transformNode, xmlSecNodeXPath, xmlSecDSigNs);
     if(xpathNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeXPath));
-	return(-1);    
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeXPath));
+        return(-1);
+    }
+
     xmlSecNodeEncodeAndSetContent(xpathNode, expression);
     return((nsList != NULL) ? xmlSecTmplNodeWriteNsList(xpathNode, nsList) : 0);
 }
 
 /**
  * xmlSecTmplTransformAddXPath2:
- * @transformNode: 	the pointer to the <dsig:Transform/> node.
- * @type: 		the XPath2 transform type ("union", "intersect" or "subtract").
- * @expression: 	the XPath expression.
- * @nsList: 		the NULL terminated list of namespace prefix/href pairs.
- *			(optional).
+ * @transformNode:      the pointer to the <dsig:Transform/> node.
+ * @type:               the XPath2 transform type ("union", "intersect" or "subtract").
+ * @expression:         the XPath expression.
+ * @nsList:             the NULL terminated list of namespace prefix/href pairs.
+ *                      (optional).
  *
- * Writes XPath2 transform infromation to the <dsig:Transform/> node 
+ * Writes XPath2 transform infromation to the <dsig:Transform/> node
  * @node.
  *
  * Returns: 0 for success or a negative value otherwise.
  */
 int
 xmlSecTmplTransformAddXPath2(xmlNodePtr transformNode, const xmlChar* type,
-			const xmlChar *expression, const xmlChar **nsList) {
+                        const xmlChar *expression, const xmlChar **nsList) {
     xmlNodePtr xpathNode;
 
     xmlSecAssert2(transformNode != NULL, -1);
@@ -1988,35 +1988,35 @@ xmlSecTmplTransformAddXPath2(xmlNodePtr transformNode, const xmlChar* type,
 
     xpathNode = xmlSecAddChild(transformNode, xmlSecNodeXPath, xmlSecXPath2Ns);
     if(xpathNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeXPath));
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeXPath));
+        return(-1);
     }
     xmlSetProp(xpathNode, xmlSecAttrFilter, type);
-    
+
     xmlSecNodeEncodeAndSetContent(xpathNode, expression);
     return((nsList != NULL) ? xmlSecTmplNodeWriteNsList(xpathNode, nsList) : 0);
 }
 
 /**
  * xmlSecTmplTransformAddXPointer:
- * @transformNode: 	the pointer to the <dsig:Transform/> node.
- * @expression: 	the XPath expression.
- * @nsList: 		the NULL terminated list of namespace prefix/href pairs.
- *			(optional).
+ * @transformNode:      the pointer to the <dsig:Transform/> node.
+ * @expression:         the XPath expression.
+ * @nsList:             the NULL terminated list of namespace prefix/href pairs.
+ *                      (optional).
  *
- * Writes XPoniter transform infromation to the <dsig:Transform/> node 
+ * Writes XPoniter transform infromation to the <dsig:Transform/> node
  * @node.
  *
  * Returns: 0 for success or a negative value otherwise.
  */
-int 	
+int
 xmlSecTmplTransformAddXPointer(xmlNodePtr transformNode, const xmlChar *expression,
-			 const xmlChar **nsList) {
+                         const xmlChar **nsList) {
     xmlNodePtr xpointerNode;
 
     xmlSecAssert2(expression != NULL, -1);
@@ -2024,31 +2024,31 @@ xmlSecTmplTransformAddXPointer(xmlNodePtr transformNode, const xmlChar *expressi
 
     xpointerNode = xmlSecFindChild(transformNode, xmlSecNodeXPointer, xmlSecXPointerNs);
     if(xpointerNode != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeXPointer),
-		    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeXPointer),
+                    XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     xpointerNode = xmlSecAddChild(transformNode, xmlSecNodeXPointer, xmlSecXPointerNs);
     if(xpointerNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeXPointer));
-	return(-1);    
-    }
-    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeXPointer));
+        return(-1);
+    }
+
+
     xmlSecNodeEncodeAndSetContent(xpointerNode, expression);
     return((nsList != NULL) ? xmlSecTmplNodeWriteNsList(xpointerNode, nsList) : 0);
 }
 
-static int 
+static int
 xmlSecTmplNodeWriteNsList(xmlNodePtr parentNode, const xmlChar** nsList) {
     xmlNsPtr ns;
     const xmlChar *prefix;
@@ -2057,35 +2057,35 @@ xmlSecTmplNodeWriteNsList(xmlNodePtr parentNode, const xmlChar** nsList) {
 
     xmlSecAssert2(parentNode != NULL, -1);
     xmlSecAssert2(nsList != NULL, -1);
-    	
+
     ptr = nsList;
     while((*ptr) != NULL) {
-	if(xmlStrEqual(BAD_CAST "#default", (*ptr))) {
-	    prefix = NULL;
-	} else {
-	    prefix = (*ptr);
-	}
-	if((++ptr) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_INVALID_DATA,
-			"unexpected end of ns list");
-	    return(-1);
-	}
-	href = *(ptr++);
-
-	ns = xmlNewNs(parentNode, href, prefix);
-	if(ns == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlNewNs",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"href=%s;prefix=%s", 
-			xmlSecErrorsSafeString(href),
-			xmlSecErrorsSafeString(prefix));
-	    return(-1);
-	}
+        if(xmlStrEqual(BAD_CAST "#default", (*ptr))) {
+            prefix = NULL;
+        } else {
+            prefix = (*ptr);
+        }
+        if((++ptr) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "unexpected end of ns list");
+            return(-1);
+        }
+        href = *(ptr++);
+
+        ns = xmlNewNs(parentNode, href, prefix);
+        if(ns == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewNs",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "href=%s;prefix=%s",
+                        xmlSecErrorsSafeString(href),
+                        xmlSecErrorsSafeString(prefix));
+            return(-1);
+        }
     }
     return(0);
 }
diff --git a/src/transforms.c b/src/transforms.c
index 2ed3fe88..8a2ded23 100644
--- a/src/transforms.c
+++ b/src/transforms.c
@@ -1,41 +1,41 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * The Transforms Element (http://www.w3.org/TR/xmldsig-core/#sec-Transforms)
- * 
- * The optional Transforms element contains an ordered list of Transform 
- * elements; these describe how the signer obtained the data object that 
+ *
+ * The optional Transforms element contains an ordered list of Transform
+ * elements; these describe how the signer obtained the data object that
  * was digested.
  *
  * Schema Definition:
- * 
+ *
  *  <element name="Transforms" type="ds:TransformsType"/>
  *  <complexType name="TransformsType">
  *    <sequence>
- *      <element ref="ds:Transform" maxOccurs="unbounded"/> 
+ *      <element ref="ds:Transform" maxOccurs="unbounded"/>
  *    </sequence>
  *   </complexType>
  *
  *  <element name="Transform" type="ds:TransformType"/>
  *  <complexType name="TransformType" mixed="true">
- *    <choice minOccurs="0" maxOccurs="unbounded"> 
+ *    <choice minOccurs="0" maxOccurs="unbounded">
  *      <any namespace="##other" processContents="lax"/>
  *      <!-- (1,1) elements from (0,unbounded) namespaces -->
- *      <element name="XPath" type="string"/> 
+ *      <element name="XPath" type="string"/>
  *    </choice>
- *    <attribute name="Algorithm" type="anyURI" use="required"/> 
+ *    <attribute name="Algorithm" type="anyURI" use="required"/>
  *  </complexType>
- *    
+ *
  * DTD:
- *    
+ *
  *  <!ELEMENT Transforms (Transform+)>
  *  <!ELEMENT Transform (#PCDATA|XPath %Transform.ANY;)* >
  *  <!ATTLIST Transform Algorithm    CDATA    #REQUIRED >
  *  <!ELEMENT XPath (#PCDATA) >
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 
@@ -61,6 +61,8 @@
 #include <xmlsec/parser.h>
 #include <xmlsec/errors.h>
 
+#include <xmlsec/private/xslt.h>
+
 /**************************************************************************
  *
  * Global xmlSecTransformIds list functions
@@ -69,11 +71,11 @@
 static xmlSecPtrList xmlSecAllTransformIds;
 
 
-/** 
+/**
  * xmlSecTransformIdsGet:
  *
  * Gets global registered transform klasses list.
- * 
+ *
  * Returns: the pointer to list of all registered transform klasses.
  */
 xmlSecPtrListPtr
@@ -81,78 +83,86 @@ xmlSecTransformIdsGet(void) {
     return(&xmlSecAllTransformIds);
 }
 
-/** 
+/**
  * xmlSecTransformIdsInit:
  *
- * Initializes the transform klasses. This function is called from the 
+ * Initializes the transform klasses. This function is called from the
  * #xmlSecInit function and the application should not call it directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformIdsInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(xmlSecTransformIdsGet(), xmlSecTransformIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecTransformIdListId");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecTransformIdListId");
         return(-1);
     }
-    
+
     ret = xmlSecTransformIdsRegisterDefault();
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegisterDefault",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegisterDefault",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
+#ifndef XMLSEC_NO_XSLT
+    xmlSecTransformXsltInitialize();
+#endif /* XMLSEC_NO_XSLT */
+
     return(0);
 }
 
 /**
  * xmlSecTransformIdsShutdown:
- * 
- * Shuts down the keys data klasses. This function is called from the 
+ *
+ * Shuts down the keys data klasses. This function is called from the
  * #xmlSecShutdown function and the application should not call it directly.
  */
 void
 xmlSecTransformIdsShutdown(void) {
+#ifndef XMLSEC_NO_XSLT
+    xmlSecTransformXsltShutdown();
+#endif /* XMLSEC_NO_XSLT */
+
     xmlSecPtrListFinalize(xmlSecTransformIdsGet());
 }
 
-/** 
+/**
  * xmlSecTransformIdsRegister:
- * @id:			the transform klass.
+ * @id:                 the transform klass.
  *
  * Registers @id in the global list of transform klasses.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformIdsRegister(xmlSecTransformId id) {
     int ret;
-        
+
     xmlSecAssert2(id != xmlSecTransformIdUnknown, -1);
-    
+
     ret = xmlSecPtrListAdd(xmlSecTransformIdsGet(), (xmlSecPtr)id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
         return(-1);
     }
-    
-    return(0);    
+
+    return(0);
 }
 
 /**
@@ -163,126 +173,126 @@ xmlSecTransformIdsRegister(xmlSecTransformId id) {
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformIdsRegisterDefault(void) {
     if(xmlSecTransformIdsRegister(xmlSecTransformBase64Id) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformBase64Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformBase64Id)));
+        return(-1);
     }
 
     if(xmlSecTransformIdsRegister(xmlSecTransformEnvelopedId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformEnvelopedId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformEnvelopedId)));
+        return(-1);
     }
 
     /* c14n methods */
     if(xmlSecTransformIdsRegister(xmlSecTransformInclC14NId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NId)));
+        return(-1);
     }
     if(xmlSecTransformIdsRegister(xmlSecTransformInclC14NWithCommentsId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NWithCommentsId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NWithCommentsId)));
+        return(-1);
     }
     if(xmlSecTransformIdsRegister(xmlSecTransformInclC14N11Id) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14N11Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14N11Id)));
+        return(-1);
     }
     if(xmlSecTransformIdsRegister(xmlSecTransformInclC14N11WithCommentsId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14N11WithCommentsId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14N11WithCommentsId)));
+        return(-1);
     }
     if(xmlSecTransformIdsRegister(xmlSecTransformExclC14NId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformExclC14NId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformExclC14NId)));
+        return(-1);
     }
     if(xmlSecTransformIdsRegister(xmlSecTransformExclC14NWithCommentsId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformExclC14NWithCommentsId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformExclC14NWithCommentsId)));
+        return(-1);
     }
 
     if(xmlSecTransformIdsRegister(xmlSecTransformXPathId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPathId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPathId)));
+        return(-1);
     }
 
     if(xmlSecTransformIdsRegister(xmlSecTransformXPath2Id) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPath2Id)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPath2Id)));
+        return(-1);
     }
 
     if(xmlSecTransformIdsRegister(xmlSecTransformXPointerId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
+        return(-1);
     }
 
 #ifndef XMLSEC_NO_XSLT
     if(xmlSecTransformIdsRegister(xmlSecTransformXsltId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXsltId)));
-	return(-1);
-    }
-#endif /* XMLSEC_NO_XSLT */    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXsltId)));
+        return(-1);
+    }
+#endif /* XMLSEC_NO_XSLT */
+
     return(0);
 }
 
@@ -293,27 +303,27 @@ xmlSecTransformIdsRegisterDefault(void) {
  *************************************************************************/
 /**
  * xmlSecTransformUriTypeCheck:
- * @type:		the expected URI type.
- * @uri:		the uri for checking.
+ * @type:               the expected URI type.
+ * @uri:                the uri for checking.
  *
  * Checks if @uri matches expected type @type.
  *
  * Returns: 1 if @uri matches @type, 0 if not or a negative value
  * if an error occurs.
  */
-int 
+int
 xmlSecTransformUriTypeCheck(xmlSecTransformUriType type, const xmlChar* uri) {
     xmlSecTransformUriType uriType = 0;
 
     if((uri == NULL) || (xmlStrlen(uri) == 0)) {
-	uriType = xmlSecTransformUriTypeEmpty;
+        uriType = xmlSecTransformUriTypeEmpty;
     } else if(uri[0] == '#') {
-	uriType = xmlSecTransformUriTypeSameDocument;
+        uriType = xmlSecTransformUriTypeSameDocument;
     } else if(xmlStrncmp(uri, BAD_CAST "file://", 7) == 0) {
-	uriType = xmlSecTransformUriTypeLocal;
+        uriType = xmlSecTransformUriTypeLocal;
     } else {
-	uriType = xmlSecTransformUriTypeRemote;
-    }    
+        uriType = xmlSecTransformUriTypeRemote;
+    }
     return(((uriType & type) != 0) ? 1 : 0);
 }
 
@@ -327,82 +337,82 @@ xmlSecTransformUriTypeCheck(xmlSecTransformUriType type, const xmlChar* uri) {
  * xmlSecTransformCtxCreate:
  *
  * Creates transforms chain processing context.
- * The caller is responsible for destroying returend object by calling 
+ * The caller is responsible for destroying returned object by calling
  * #xmlSecTransformCtxDestroy function.
  *
  * Returns: pointer to newly allocated context object or NULL if an error
  * occurs.
  */
-xmlSecTransformCtxPtr 
+xmlSecTransformCtxPtr
 xmlSecTransformCtxCreate(void) {
     xmlSecTransformCtxPtr ctx;
     int ret;
-    
+
     /* Allocate a new xmlSecTransform and fill the fields. */
     ctx = (xmlSecTransformCtxPtr)xmlMalloc(sizeof(xmlSecTransformCtx));
     if(ctx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", sizeof(xmlSecTransformCtx)); 
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlSecTransformCtx));
+        return(NULL);
+    }
+
     ret = xmlSecTransformCtxInitialize(ctx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecTransformCtxDestroy(ctx);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecTransformCtxDestroy(ctx);
+        return(NULL);
+    }
+
     return(ctx);
 }
 
 /**
  * xmlSecTransformCtxDestroy:
- * @ctx:		the pointer to transforms chain processing context.
+ * @ctx:                the pointer to transforms chain processing context.
  *
  * Destroy context object created with #xmlSecTransformCtxCreate function.
  */
 void
 xmlSecTransformCtxDestroy(xmlSecTransformCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecTransformCtxFinalize(ctx);
     xmlFree(ctx);
 }
 
 /**
  * xmlSecTransformCtxInitialize:
- * @ctx:		the pointer to transforms chain processing context.
+ * @ctx:                the pointer to transforms chain processing context.
  *
  * Initializes transforms chain processing context.
- * The caller is responsible for cleaing up returend object by calling 
+ * The caller is responsible for cleaning up returned object by calling
  * #xmlSecTransformCtxFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformCtxInitialize(xmlSecTransformCtxPtr ctx) {
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecTransformCtx));
 
     ret = xmlSecPtrListInitialize(&(ctx->enabledTransforms), xmlSecTransformIdListId);
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ctx->enabledUris = xmlSecTransformUriTypeAny;
@@ -411,14 +421,14 @@ xmlSecTransformCtxInitialize(xmlSecTransformCtxPtr ctx) {
 
 /**
  * xmlSecTransformCtxFinalize:
- * @ctx:		the pointer to transforms chain processing context.
+ * @ctx:                the pointer to transforms chain processing context.
  *
  * Cleans up @ctx object initialized with #xmlSecTransformCtxInitialize function.
  */
-void 
+void
 xmlSecTransformCtxFinalize(xmlSecTransformCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecTransformCtxReset(ctx);
     xmlSecPtrListFinalize(&(ctx->enabledTransforms));
     memset(ctx, 0, sizeof(xmlSecTransformCtx));
@@ -426,104 +436,104 @@ xmlSecTransformCtxFinalize(xmlSecTransformCtxPtr ctx) {
 
 /**
  * xmlSecTransformCtxReset:
- * @ctx:		the pointer to transforms chain processing context.
+ * @ctx:                the pointer to transforms chain processing context.
  *
  * Resets transfroms context for new processing.
  */
-void 
+void
 xmlSecTransformCtxReset(xmlSecTransformCtxPtr ctx) {
-    xmlSecTransformPtr transform, tmp;    
-    
+    xmlSecTransformPtr transform, tmp;
+
     xmlSecAssert(ctx != NULL);
 
     ctx->result = NULL;
     ctx->status = xmlSecTransformStatusNone;
-    
+
     /* destroy uri */
     if(ctx->uri != NULL) {
-	xmlFree(ctx->uri);
-	ctx->uri = NULL;
+        xmlFree(ctx->uri);
+        ctx->uri = NULL;
     }
     if(ctx->xptrExpr != NULL) {
-	xmlFree(ctx->xptrExpr);
-	ctx->xptrExpr = NULL;
+        xmlFree(ctx->xptrExpr);
+        ctx->xptrExpr = NULL;
     }
-    
+
     /* destroy transforms chain */
     for(transform = ctx->first; transform != NULL; transform = tmp) {
-	tmp = transform->next;
-	xmlSecTransformDestroy(transform);
+        tmp = transform->next;
+        xmlSecTransformDestroy(transform);
     }
     ctx->first = ctx->last = NULL;
 }
 
 /**
- * xmlSecTransformCtxCopyUserPref: 
- * @dst:		the pointer to destination transforms chain processing context.
- * @src:		the pointer to source transforms chain processing context.
+ * xmlSecTransformCtxCopyUserPref:
+ * @dst:                the pointer to destination transforms chain processing context.
+ * @src:                the pointer to source transforms chain processing context.
  *
  * Copies user settings from @src context to @dst.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxCopyUserPref(xmlSecTransformCtxPtr dst, xmlSecTransformCtxPtr src) {
     int ret;
-    
+
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
-    
-    dst->userData 	 = src->userData;  
-    dst->flags		 = src->flags;  
-    dst->flags2		 = src->flags2;  
-    dst->enabledUris	 = src->enabledUris;
+
+    dst->userData        = src->userData;
+    dst->flags           = src->flags;
+    dst->flags2          = src->flags2;
+    dst->enabledUris     = src->enabledUris;
     dst->preExecCallback = src->preExecCallback;
-    
+
     ret = xmlSecPtrListCopy(&(dst->enabledTransforms), &(src->enabledTransforms));
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
- * xmlSecTransformCtxAppend: 
- * @ctx:		the pointer to transforms chain processing context.
- * @transform:		the pointer to new transform.
+ * xmlSecTransformCtxAppend:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @transform:          the pointer to new transform.
  *
- * Connects the @transform to the end of the chain of transforms in the @ctx 
+ * Connects the @transform to the end of the chain of transforms in the @ctx
  * (see #xmlSecTransformConnect function for details).
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxAppend(xmlSecTransformCtxPtr ctx, xmlSecTransformPtr transform) {
     int ret;
-    
-    xmlSecAssert2(ctx != NULL, -1);    
+
+    xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
 
     if(ctx->last != NULL) {
-	ret = xmlSecTransformConnect(ctx->last, transform, ctx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformConnect",	    
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	    return(-1);
-	}
+        ret = xmlSecTransformConnect(ctx->last, transform, ctx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformConnect",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+            return(-1);
+        }
     } else {
-	xmlSecAssert2(ctx->first == NULL, -1);
-	ctx->first = transform;
+        xmlSecAssert2(ctx->first == NULL, -1);
+        ctx->first = transform;
     }
     ctx->last = transform;
 
@@ -531,37 +541,37 @@ xmlSecTransformCtxAppend(xmlSecTransformCtxPtr ctx, xmlSecTransformPtr transform
 }
 
 /**
- * xmlSecTransformCtxPrepend: 
- * @ctx:		the pointer to transforms chain processing context.
- * @transform:		the pointer to new transform.
+ * xmlSecTransformCtxPrepend:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @transform:          the pointer to new transform.
  *
- * Connects the @transform to the beggining of the chain of transforms in the @ctx 
+ * Connects the @transform to the beggining of the chain of transforms in the @ctx
  * (see #xmlSecTransformConnect function for details).
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxPrepend(xmlSecTransformCtxPtr ctx, xmlSecTransformPtr transform) {
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
 
     if(ctx->first != NULL) {
-	ret = xmlSecTransformConnect(transform, ctx->first, ctx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformConnect",	    
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	    return(-1);
-	}
+        ret = xmlSecTransformConnect(transform, ctx->first, ctx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformConnect",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+            return(-1);
+        }
     } else {
-	xmlSecAssert2(ctx->last == NULL, -1);
-	ctx->last = transform;
+        xmlSecAssert2(ctx->last == NULL, -1);
+        ctx->last = transform;
     }
     ctx->first = transform;
 
@@ -569,235 +579,235 @@ xmlSecTransformCtxPrepend(xmlSecTransformCtxPtr ctx, xmlSecTransformPtr transfor
 }
 
 /**
- * xmlSecTransformCtxCreateAndAppend: 
- * @ctx:		the pointer to transforms chain processing context.
- * @id:			the new transform klass.
+ * xmlSecTransformCtxCreateAndAppend:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @id:                 the new transform klass.
  *
- * Creaeates new transform and connects it to the end of the chain of 
+ * Creaeates new transform and connects it to the end of the chain of
  * transforms in the @ctx (see #xmlSecTransformConnect function for details).
  *
  * Returns: pointer to newly created transform or NULL if an error occurs.
  */
-xmlSecTransformPtr 
+xmlSecTransformPtr
 xmlSecTransformCtxCreateAndAppend(xmlSecTransformCtxPtr ctx, xmlSecTransformId id) {
     xmlSecTransformPtr transform;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, NULL);
     xmlSecAssert2(id != xmlSecTransformIdUnknown, NULL);
 
     transform = xmlSecTransformCreate(id);
     if(!xmlSecTransformIsValid(transform)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCreate",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
+        return(NULL);
     }
 
     ret = xmlSecTransformCtxAppend(ctx, transform);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxAppend",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	xmlSecTransformDestroy(transform);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxAppend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+        xmlSecTransformDestroy(transform);
+        return(NULL);
     }
 
     return(transform);
 }
 
 /**
- * xmlSecTransformCtxCreateAndPrepend: 
- * @ctx:		the pointer to transforms chain processing context.
- * @id:			the new transform klass.
+ * xmlSecTransformCtxCreateAndPrepend:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @id:                 the new transform klass.
  *
- * Creaeates new transform and connects it to the end of the chain of 
+ * Creaeates new transform and connects it to the end of the chain of
  * transforms in the @ctx (see #xmlSecTransformConnect function for details).
  *
  * Returns: pointer to newly created transform or NULL if an error occurs.
  */
-xmlSecTransformPtr 
+xmlSecTransformPtr
 xmlSecTransformCtxCreateAndPrepend(xmlSecTransformCtxPtr ctx, xmlSecTransformId id) {
     xmlSecTransformPtr transform;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, NULL);
     xmlSecAssert2(id != xmlSecTransformIdUnknown, NULL);
 
     transform = xmlSecTransformCreate(id);
     if(!xmlSecTransformIsValid(transform)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCreate",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
+        return(NULL);
     }
 
     ret = xmlSecTransformCtxPrepend(ctx, transform);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPrepend",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	xmlSecTransformDestroy(transform);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxPrepend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+        xmlSecTransformDestroy(transform);
+        return(NULL);
     }
 
     return(transform);
 }
 
 /**
- * xmlSecTransformCtxNodeRead: 
- * @ctx:		the pointer to transforms chain processing context.
- * @node:		the pointer to transform's node.
- * @usage:		the transform's usage (signature, encryption, etc.).
+ * xmlSecTransformCtxNodeRead:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @node:               the pointer to transform's node.
+ * @usage:              the transform's usage (signature, encryption, etc.).
  *
- * Reads the transform from the @node and appends it to the current chain 
+ * Reads the transform from the @node and appends it to the current chain
  * of transforms in @ctx.
  *
  * Returns: pointer to newly created transform or NULL if an error occurs.
  */
 xmlSecTransformPtr
-xmlSecTransformCtxNodeRead(xmlSecTransformCtxPtr ctx, xmlNodePtr node, 
-			   xmlSecTransformUsage usage) {
+xmlSecTransformCtxNodeRead(xmlSecTransformCtxPtr ctx, xmlNodePtr node,
+                           xmlSecTransformUsage usage) {
     xmlSecTransformPtr transform;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, NULL);
     xmlSecAssert2(node != NULL, NULL);
-    
+
     transform = xmlSecTransformNodeRead(node, usage, ctx);
     if(transform == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node))); 
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+        return(NULL);
+    }
+
     ret = xmlSecTransformCtxAppend(ctx, transform);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxAppend",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	xmlSecTransformDestroy(transform);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxAppend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+        xmlSecTransformDestroy(transform);
+        return(NULL);
+    }
+
     return(transform);
 }
 
 /**
- * xmlSecTransformCtxNodesListRead: 
- * @ctx:		the pointer to transforms chain processing context.
- * @node:		the pointer to <dsig:Transform/> nodes parent node.
- * @usage:		the transform's usage (signature, encryption, etc.).
+ * xmlSecTransformCtxNodesListRead:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @node:               the pointer to <dsig:Transform/> nodes parent node.
+ * @usage:              the transform's usage (signature, encryption, etc.).
  *
- * Reads transforms from the <dsig:Transform/> children of the @node and 
+ * Reads transforms from the <dsig:Transform/> children of the @node and
  * appends them to the current transforms chain in @ctx object.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxNodesListRead(xmlSecTransformCtxPtr ctx, xmlNodePtr node, xmlSecTransformUsage usage) {
     xmlSecTransformPtr transform;
     xmlNodePtr cur;
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     cur = xmlSecGetNextElementNode(node->children);
     while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeTransform, xmlSecDSigNs)) {
-	transform = xmlSecTransformNodeRead(cur, usage, ctx);
-	if(transform == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
-	
-	ret = xmlSecTransformCtxAppend(ctx, transform); 
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    xmlSecTransformDestroy(transform);
-	    return(-1);
-	}	
-	cur = xmlSecGetNextElementNode(cur->next);
+        transform = xmlSecTransformNodeRead(cur, usage, ctx);
+        if(transform == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
+        ret = xmlSecTransformCtxAppend(ctx, transform);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            xmlSecTransformDestroy(transform);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     return(0);
 }
 
 /**
- * xmlSecTransformCtxSetUri: 
- * @ctx:		the pointer to transforms chain processing context.
- * @uri:		the URI.
- * @hereNode:		the pointer to "here" node required by some 
- *			XML transforms (may be NULL).
+ * xmlSecTransformCtxSetUri:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @uri:                the URI.
+ * @hereNode:           the pointer to "here" node required by some
+ *                      XML transforms (may be NULL).
  *
  * Parses uri and adds xpointer transforms if required.
  *
  * The following examples demonstrate what the URI attribute identifies and
- * how it is dereferenced 
+ * how it is dereferenced
  * (http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel):
  *
  * - URI="http://example.com/bar.xml"
- * identifies the octets that represent the external resource 
- * 'http://example.com/bar.xml', that is probably an XML document given 
- * its file extension. 
+ * identifies the octets that represent the external resource
+ * 'http://example.com/bar.xml', that is probably an XML document given
+ * its file extension.
  *
  * - URI="http://example.com/bar.xml#chapter1"
- * identifies the element with ID attribute value 'chapter1' of the 
- * external XML resource 'http://example.com/bar.xml', provided as an 
- * octet stream. Again, for the sake of interoperability, the element 
- * identified as 'chapter1' should be obtained using an XPath transform 
- * rather than a URI fragment (barename XPointer resolution in external 
- * resources is not REQUIRED in this specification). 
+ * identifies the element with ID attribute value 'chapter1' of the
+ * external XML resource 'http://example.com/bar.xml', provided as an
+ * octet stream. Again, for the sake of interoperability, the element
+ * identified as 'chapter1' should be obtained using an XPath transform
+ * rather than a URI fragment (barename XPointer resolution in external
+ * resources is not REQUIRED in this specification).
  *
  * - URI=""
- * identifies the node-set (minus any comment nodes) of the XML resource 
- * containing the signature 
+ * identifies the node-set (minus any comment nodes) of the XML resource
+ * containing the signature
  *
  * - URI="#chapter1"
- * identifies a node-set containing the element with ID attribute value 
- * 'chapter1' of the XML resource containing the signature. XML Signature 
- * (and its applications) modify this node-set to include the element plus 
+ * identifies a node-set containing the element with ID attribute value
+ * 'chapter1' of the XML resource containing the signature. XML Signature
+ * (and its applications) modify this node-set to include the element plus
  * all descendents including namespaces and attributes -- but not comments.
  *
  * Returns: 0 on success or a negative value otherwise.
@@ -809,7 +819,7 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
     xmlChar* buf = NULL;
     int useVisa3DHack = 0;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->uri == NULL, -1);
     xmlSecAssert2(ctx->xptrExpr == NULL, -1);
@@ -818,272 +828,272 @@ xmlSecTransformCtxSetUri(xmlSecTransformCtxPtr ctx, const xmlChar* uri, xmlNodeP
 
     /* check uri */
     if(xmlSecTransformUriTypeCheck(ctx->enabledUris, uri) != 1) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_URI_TYPE,
-		    "uri=%s", 
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_URI_TYPE,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
 
-    /* is it an empty uri? */    
+    /* is it an empty uri? */
     if((uri == NULL) || (xmlStrlen(uri) == 0)) {
-	return(0);
+        return(0);
     }
 
     /* do we have barename or full xpointer? */
     xptr = xmlStrchr(uri, '#');
     if(xptr == NULL){
         ctx->uri = xmlStrdup(uri);
-	if(ctx->uri == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_STRDUP_FAILED,
-			"size=%d", xmlStrlen(uri)); 
-	    return(-1);
-	}
-	/* we are done */
-	return(0);
+        if(ctx->uri == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_STRDUP_FAILED,
+                        "size=%d", xmlStrlen(uri));
+            return(-1);
+        }
+        /* we are done */
+        return(0);
     } else if(xmlStrcmp(uri, BAD_CAST "#xpointer(/)") == 0) {
         ctx->xptrExpr = xmlStrdup(uri);
-	if(ctx->xptrExpr == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_STRDUP_FAILED,
-			"size=%d", xmlStrlen(uri)); 
-	    return(-1);
-	}
-	/* we are done */
-	return(0);	
-    }
-    
+        if(ctx->xptrExpr == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_STRDUP_FAILED,
+                        "size=%d", xmlStrlen(uri));
+            return(-1);
+        }
+        /* we are done */
+        return(0);
+    }
+
     ctx->uri = xmlStrndup(uri, xptr - uri);
     if(ctx->uri == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_STRDUP_FAILED,
-		    "size=%d", xptr - uri); 
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_STRDUP_FAILED,
+                    "size=%d", xptr - uri);
+        return(-1);
     }
 
     ctx->xptrExpr = xmlStrdup(xptr);
     if(ctx->xptrExpr == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_STRDUP_FAILED,
-		    "size=%d", xmlStrlen(xptr)); 
-	return(-1);
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_STRDUP_FAILED,
+                    "size=%d", xmlStrlen(xptr));
+        return(-1);
     }
 
     /* do we have barename or full xpointer? */
     xmlSecAssert2(xptr != NULL, -1);
     if((xmlStrncmp(xptr, BAD_CAST "#xpointer(", 10) == 0) || (xmlStrncmp(xptr, BAD_CAST "#xmlns(", 7) == 0)) {
-	++xptr;
-	nodeSetType = xmlSecNodeSetTree;
+        ++xptr;
+        nodeSetType = xmlSecNodeSetTree;
     } else if((ctx->flags & XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK) != 0) {
-	++xptr;
-	nodeSetType = xmlSecNodeSetTreeWithoutComments;
-	useVisa3DHack = 1;
+        ++xptr;
+        nodeSetType = xmlSecNodeSetTreeWithoutComments;
+        useVisa3DHack = 1;
     } else {
-	static const char tmpl[] = "xpointer(id(\'%s\'))";
-	xmlSecSize size;
-	
-	/* we need to add "xpointer(id('..')) because otherwise we have 
-	 * problems with numeric ("111" and so on) and other "strange" ids */
-	size = xmlStrlen(BAD_CAST tmpl) + xmlStrlen(xptr) + 2;
-	buf = (xmlChar*)xmlMalloc(size * sizeof(xmlChar));
-	if(buf == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_MALLOC_FAILED,
-			"size=%d", size);
-	    return(-1);	    
-	}
-	sprintf((char*)buf, tmpl, xptr + 1);
-	xptr = buf;
-	nodeSetType = xmlSecNodeSetTreeWithoutComments;
-    }
-
-    if(useVisa3DHack == 0) {    
-	xmlSecTransformPtr transform;
-        
-	/* we need to create XPonter transform to execute expr */
-	transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformXPointerId);
-	if(!xmlSecTransformIsValid(transform)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecTransformCtxCreateAndPrepend", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
-	    return(-1);
-	}
-    
+        static const char tmpl[] = "xpointer(id(\'%s\'))";
+        xmlSecSize size;
+
+        /* we need to add "xpointer(id('..')) because otherwise we have
+         * problems with numeric ("111" and so on) and other "strange" ids */
+        size = xmlStrlen(BAD_CAST tmpl) + xmlStrlen(xptr) + 2;
+        buf = (xmlChar*)xmlMalloc(size * sizeof(xmlChar));
+        if(buf == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "size=%d", size);
+            return(-1);
+        }
+        sprintf((char*)buf, tmpl, xptr + 1);
+        xptr = buf;
+        nodeSetType = xmlSecNodeSetTreeWithoutComments;
+    }
+
+    if(useVisa3DHack == 0) {
+        xmlSecTransformPtr transform;
+
+        /* we need to create XPonter transform to execute expr */
+        transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformXPointerId);
+        if(!xmlSecTransformIsValid(transform)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndPrepend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXPointerId)));
+            return(-1);
+        }
+
         ret = xmlSecTransformXPointerSetExpr(transform, xptr, nodeSetType, hereNode);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecTransformXPointerSetExpr",  
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	    if(buf != NULL) {
-		xmlFree(buf);
-	    }
-	    return(-1);
-	}
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformXPointerSetExpr",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+            if(buf != NULL) {
+                xmlFree(buf);
+            }
+            return(-1);
+        }
     } else {
-	/* Visa3D protocol doesn't follow XML/XPointer/XMLDSig specs
-	 * and allows invalid XPointer expressions (e.g. "#12345") in 
-	 * the URI attribute. 
-	 * Since we couldn't evaluate such expressions thru XPath/XPointer 
-	 * engine, we need to have this hack here
-	 */
-	xmlSecTransformPtr transform;
-        
-	transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformVisa3DHackId);
-	if(!xmlSecTransformIsValid(transform)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecTransformCtxCreateAndPrepend", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformVisa3DHackId)));
-	    return(-1);
-	}
-    
+        /* Visa3D protocol doesn't follow XML/XPointer/XMLDSig specs
+         * and allows invalid XPointer expressions (e.g. "#12345") in
+         * the URI attribute.
+         * Since we couldn't evaluate such expressions thru XPath/XPointer
+         * engine, we need to have this hack here
+         */
+        xmlSecTransformPtr transform;
+
+        transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformVisa3DHackId);
+        if(!xmlSecTransformIsValid(transform)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndPrepend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformVisa3DHackId)));
+            return(-1);
+        }
+
         ret = xmlSecTransformVisa3DHackSetID(transform, xptr);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecTransformVisa3DHackSetID",  
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	    if(buf != NULL) {
-		xmlFree(buf);
-	    }
-	    return(-1);
-	}
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformVisa3DHackSetID",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+            if(buf != NULL) {
+                xmlFree(buf);
+            }
+            return(-1);
+        }
     }
     if(buf != NULL) {
-	xmlFree(buf);
+        xmlFree(buf);
     }
-    
+
     return(0);
 }
 
 /**
- * xmlSecTransformCtxPrepare: 
- * @ctx:		the pointer to transforms chain processing context.
- * @inputDataType:	the expected input type.
+ * xmlSecTransformCtxPrepare:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @inputDataType:      the expected input type.
  *
  * Prepares the transform context for processing data of @inputDataType.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxPrepare(xmlSecTransformCtxPtr ctx, xmlSecTransformDataType inputDataType) {
     xmlSecTransformDataType firstType;
     xmlSecTransformPtr transform;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->result == NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
-    
+
     /* add binary buffer to store result */
     transform = xmlSecTransformCtxCreateAndAppend(ctx, xmlSecTransformMemBufId);
     if(!xmlSecTransformIsValid(transform)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCreate",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+        return(-1);
     }
     ctx->result = xmlSecTransformMemBufGetBuffer(transform);
     if(ctx->result == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformMemBufGetBuffer",  
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformMemBufGetBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+        return(-1);
+    }
 
     firstType = xmlSecTransformGetDataType(ctx->first, xmlSecTransformModePush, ctx);
     if(((firstType & xmlSecTransformDataTypeBin) == 0) &&
        ((inputDataType & xmlSecTransformDataTypeBin) != 0)) {
-	
+
         /* need to add parser transform */
-	transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformXmlParserId);
-	if(transform == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndPrepend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXmlParserId)));
-	    return(-1);
-	}
+        transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformXmlParserId);
+        if(transform == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndPrepend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformXmlParserId)));
+            return(-1);
+        }
     } else if(((firstType & xmlSecTransformDataTypeXml) == 0) &&
        ((inputDataType & xmlSecTransformDataTypeXml) != 0)) {
 
-	/* need to add c14n transform */
-	transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformInclC14NId);
-	if(transform == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndPrepend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NId)));
-	    return(-1);
-	}
+        /* need to add c14n transform */
+        transform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformInclC14NId);
+        if(transform == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndPrepend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInclC14NId)));
+            return(-1);
+        }
     }
 
     /* finally let application a chance to verify that it's ok to execte
      * this transforms chain */
     if(ctx->preExecCallback != NULL) {
-	ret = (ctx->preExecCallback)(ctx);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"ctx->preExecCallback", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-    	    return(-1);
-	}	
-    }
-
-    ctx->status = xmlSecTransformStatusWorking;    
+        ret = (ctx->preExecCallback)(ctx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "ctx->preExecCallback",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
+    ctx->status = xmlSecTransformStatusWorking;
     return(0);
 }
 
 /**
- * xmlSecTransformCtxBinaryExecute: 
- * @ctx:		the pointer to transforms chain processing context.
- * @data:		the input binary data buffer.
- * @dataSize:		the input data size.
+ * xmlSecTransformCtxBinaryExecute:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @data:               the input binary data buffer.
+ * @dataSize:           the input data size.
  *
  * Processes binary data using transforms chain in the @ctx.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
 int
-xmlSecTransformCtxBinaryExecute(xmlSecTransformCtxPtr ctx, 
-				const xmlSecByte* data, xmlSecSize dataSize) {
+xmlSecTransformCtxBinaryExecute(xmlSecTransformCtxPtr ctx,
+                                const xmlSecByte* data, xmlSecSize dataSize) {
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->result == NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
@@ -1092,107 +1102,107 @@ xmlSecTransformCtxBinaryExecute(xmlSecTransformCtxPtr ctx,
 
     /* we should not have uri stored in ctx */
     xmlSecAssert2(ctx->uri == NULL, -1);
-    
+
     ret = xmlSecTransformCtxPrepare(ctx, xmlSecTransformDataTypeBin);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPrepare", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "type=bin");
-    	return(-1);
-    }	
-    
+                    NULL,
+                    "xmlSecTransformCtxPrepare",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=bin");
+        return(-1);
+    }
+
     ret = xmlSecTransformPushBin(ctx->first, data, dataSize, 1, ctx);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPushBin", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataSize=%d", dataSize);
-    	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxPushBin",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataSize=%d", dataSize);
+        return(-1);
     }
 
     ctx->status = xmlSecTransformStatusFinished;
-    return(0);    
+    return(0);
 }
 
 /**
- * xmlSecTransformCtxUriExecute: 
- * @ctx:		the pointer to transforms chain processing context.
- * @uri:		the URI.
+ * xmlSecTransformCtxUriExecute:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @uri:                the URI.
  *
  * Process binary data from the URI using transforms chain in @ctx.
  *
  * Returns: 0 on success or a negative value otherwise.
  */
-int 
+int
 xmlSecTransformCtxUriExecute(xmlSecTransformCtxPtr ctx, const xmlChar* uri) {
     xmlSecTransformPtr uriTransform;
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(uri != NULL, -1);
 
     /* we should not execute transform for a different uri */
     xmlSecAssert2((ctx->uri == NULL) || (uri == ctx->uri) || xmlStrEqual(uri, ctx->uri), -1);
-    
+
     uriTransform = xmlSecTransformCtxCreateAndPrepend(ctx, xmlSecTransformInputURIId);
     if(uriTransform == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxCreateAndPrepend",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInputURIId)));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxCreateAndPrepend",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformInputURIId)));
+        return(-1);
+    }
+
     ret = xmlSecTransformInputURIOpen(uriTransform, uri);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformInputURIOpen",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformInputURIOpen",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
 
     /* we do not need to do something special for this transform */
     ret = xmlSecTransformCtxPrepare(ctx, xmlSecTransformDataTypeUnknown);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPrepare", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "type=bin");
-    	return(-1);
-    }	
-    
-    /* Now we have a choice: we either can push from first transform or pop 
+                    NULL,
+                    "xmlSecTransformCtxPrepare",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=bin");
+        return(-1);
+    }
+
+    /* Now we have a choice: we either can push from first transform or pop
      * from last. Our C14N transforms prefers push, so push data!
      */
-    ret = xmlSecTransformPump(uriTransform, uriTransform->next, ctx);     
+    ret = xmlSecTransformPump(uriTransform, uriTransform->next, ctx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformPump",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
-    }
-     
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformPump",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
+    }
+
     ctx->status = xmlSecTransformStatusFinished;
     return(0);
 }
 
 /**
- * xmlSecTransformCtxXmlExecute: 
- * @ctx:		the pointer to transforms chain processing context.
- * @nodes:		the input node set.
+ * xmlSecTransformCtxXmlExecute:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @nodes:              the input node set.
  *
  * Process @nodes using transforms in the transforms chain in @ctx.
  *
@@ -1201,35 +1211,35 @@ xmlSecTransformCtxUriExecute(xmlSecTransformCtxPtr ctx, const xmlChar* uri) {
 int
 xmlSecTransformCtxXmlExecute(xmlSecTransformCtxPtr ctx, xmlSecNodeSetPtr nodes) {
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->result == NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(nodes != NULL, -1);
-    
-    xmlSecAssert2((ctx->uri == NULL) || (xmlStrlen(ctx->uri) == 0), -1); 
+
+    xmlSecAssert2((ctx->uri == NULL) || (xmlStrlen(ctx->uri) == 0), -1);
 
     ret = xmlSecTransformCtxPrepare(ctx, xmlSecTransformDataTypeXml);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPrepare", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "type=xml");
-    	return(-1);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxPrepare",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=xml");
+        return(-1);
+    }
 
     /* it's better to do push than pop because all XML transform
      * just don't care and c14n likes push more than pop */
     ret = xmlSecTransformPushXml(ctx->first, nodes, ctx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformPushXml", 
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(ctx->first)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformPushXml",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(ctx->first)));
+        return(-1);
     }
 
     ctx->status = xmlSecTransformStatusFinished;
@@ -1237,9 +1247,9 @@ xmlSecTransformCtxXmlExecute(xmlSecTransformCtxPtr ctx, xmlSecNodeSetPtr nodes)
 }
 
 /**
- * xmlSecTransformCtxExecute: 
- * @ctx:		the pointer to transforms chain processing context.
- * @doc:		the pointer to input document.
+ * xmlSecTransformCtxExecute:
+ * @ctx:                the pointer to transforms chain processing context.
+ * @doc:                the pointer to input document.
  *
  * Executes transforms chain in @ctx.
  *
@@ -1248,139 +1258,139 @@ xmlSecTransformCtxXmlExecute(xmlSecTransformCtxPtr ctx, xmlSecNodeSetPtr nodes)
 int
 xmlSecTransformCtxExecute(xmlSecTransformCtxPtr ctx, xmlDocPtr doc) {
     int ret;
-        
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->result == NULL, -1);
     xmlSecAssert2(ctx->status == xmlSecTransformStatusNone, -1);
     xmlSecAssert2(doc != NULL, -1);
-    
+
     if((ctx->uri == NULL) || (xmlStrlen(ctx->uri) == 0)) {
-	xmlSecNodeSetPtr nodes;
-        
-	if((ctx->xptrExpr != NULL) && (xmlStrlen(ctx->xptrExpr) > 0)){
-	    /* our xpointer transform takes care of providing correct nodes set */
-	    nodes = xmlSecNodeSetCreate(doc, NULL, xmlSecNodeSetNormal);
-	    if(nodes == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecNodeSetCreate", 
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-	
-	} else {
-	    /* we do not want to have comments for empty URI */
-	    nodes = xmlSecNodeSetGetChildren(doc, NULL, 0, 0);
-	    if(nodes == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecNodeSetGetChildren", 
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-	}
-	ret = xmlSecTransformCtxXmlExecute(ctx, nodes);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxXmlExecute", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecNodeSetDestroy(nodes);
-	    return(-1);
-	}
-	/* TODO: don't destroy nodes here */
-	xmlSecNodeSetDestroy(nodes);
+        xmlSecNodeSetPtr nodes;
+
+        if((ctx->xptrExpr != NULL) && (xmlStrlen(ctx->xptrExpr) > 0)){
+            /* our xpointer transform takes care of providing correct nodes set */
+            nodes = xmlSecNodeSetCreate(doc, NULL, xmlSecNodeSetNormal);
+            if(nodes == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecNodeSetCreate",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+        } else {
+            /* we do not want to have comments for empty URI */
+            nodes = xmlSecNodeSetGetChildren(doc, NULL, 0, 0);
+            if(nodes == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecNodeSetGetChildren",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        ret = xmlSecTransformCtxXmlExecute(ctx, nodes);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxXmlExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecNodeSetDestroy(nodes);
+            return(-1);
+        }
+        /* TODO: don't destroy nodes here */
+        xmlSecNodeSetDestroy(nodes);
     } else {
-	ret = xmlSecTransformCtxUriExecute(ctx, ctx->uri);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxUriExecute", 
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    } 
-    
+        ret = xmlSecTransformCtxUriExecute(ctx, ctx->uri);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxUriExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     return(0);
 }
 
 /**
  * xmlSecTransformCtxDebugDump:
- * @ctx:		the pointer to transforms chain processing context.
- * @output:		the pointer to output FILE.
- * 
+ * @ctx:                the pointer to transforms chain processing context.
+ * @output:             the pointer to output FILE.
+ *
  * Prints transforms context debug information to @output.
  */
-void 
+void
 xmlSecTransformCtxDebugDump(xmlSecTransformCtxPtr ctx, FILE* output) {
-    xmlSecTransformPtr transform;    
-    
+    xmlSecTransformPtr transform;
+
     xmlSecAssert(ctx != NULL);
     xmlSecAssert(output != NULL);
 
-    fprintf(output, "== TRANSFORMS CTX (status=%d)\n", ctx->status);    
+    fprintf(output, "== TRANSFORMS CTX (status=%d)\n", ctx->status);
 
     fprintf(output, "== flags: 0x%08x\n", ctx->flags);
     fprintf(output, "== flags2: 0x%08x\n", ctx->flags2);
     if(xmlSecPtrListGetSize(&(ctx->enabledTransforms)) > 0) {
-	fprintf(output, "== enabled transforms: ");
-	xmlSecTransformIdListDebugDump(&(ctx->enabledTransforms), output);
+        fprintf(output, "== enabled transforms: ");
+        xmlSecTransformIdListDebugDump(&(ctx->enabledTransforms), output);
     } else {
-	fprintf(output, "== enabled transforms: all\n");
+        fprintf(output, "== enabled transforms: all\n");
     }
-    
-    fprintf(output, "=== uri: %s\n", 
-	    (ctx->uri != NULL) ? ctx->uri : BAD_CAST "NULL");    
-    fprintf(output, "=== uri xpointer expr: %s\n", 
-	    (ctx->xptrExpr != NULL) ? ctx->xptrExpr : BAD_CAST "NULL");    
+
+    fprintf(output, "=== uri: %s\n",
+            (ctx->uri != NULL) ? ctx->uri : BAD_CAST "NULL");
+    fprintf(output, "=== uri xpointer expr: %s\n",
+            (ctx->xptrExpr != NULL) ? ctx->xptrExpr : BAD_CAST "NULL");
     for(transform = ctx->first; transform != NULL; transform = transform->next) {
-	xmlSecTransformDebugDump(transform, output);
+        xmlSecTransformDebugDump(transform, output);
     }
 }
 
 /**
  * xmlSecTransformCtxDebugXmlDump:
- * @ctx:		the pointer to transforms chain processing context.
- * @output:		the pointer to output FILE.
- * 
+ * @ctx:                the pointer to transforms chain processing context.
+ * @output:             the pointer to output FILE.
+ *
  * Prints transforms context debug information to @output in XML format.
  */
-void 
+void
 xmlSecTransformCtxDebugXmlDump(xmlSecTransformCtxPtr ctx, FILE* output) {
-    xmlSecTransformPtr transform;    
-    
+    xmlSecTransformPtr transform;
+
     xmlSecAssert(ctx != NULL);
     xmlSecAssert(output != NULL);
- 
+
     fprintf(output, "<TransformCtx status=\"%d\">\n", ctx->status);
 
     fprintf(output, "<Flags>%08x</Flags>\n", ctx->flags);
     fprintf(output, "<Flags2>%08x</Flags2>\n", ctx->flags2);
     if(xmlSecPtrListGetSize(&(ctx->enabledTransforms)) > 0) {
-	fprintf(output, "<EnabledTransforms>\n");
-	xmlSecTransformIdListDebugXmlDump(&(ctx->enabledTransforms), output);
-	fprintf(output, "</EnabledTransforms>\n");
+        fprintf(output, "<EnabledTransforms>\n");
+        xmlSecTransformIdListDebugXmlDump(&(ctx->enabledTransforms), output);
+        fprintf(output, "</EnabledTransforms>\n");
     } else {
-	fprintf(output, "<EnabledTransforms>all</EnabledTransforms>\n");
+        fprintf(output, "<EnabledTransforms>all</EnabledTransforms>\n");
     }
 
 
     fprintf(output, "<Uri>");
     xmlSecPrintXmlString(output, ctx->uri);
     fprintf(output, "</Uri>\n");
-    
+
     fprintf(output, "<UriXPointer>");
     xmlSecPrintXmlString(output, ctx->xptrExpr);
     fprintf(output, "</UriXPointer>\n");
 
     for(transform = ctx->first; transform != NULL; transform = transform->next) {
-	xmlSecTransformDebugXmlDump(transform, output);
+        xmlSecTransformDebugXmlDump(transform, output);
     }
-    fprintf(output, "</TransformCtx>\n");    
+    fprintf(output, "</TransformCtx>\n");
 }
 
 /**************************************************************************
@@ -1390,77 +1400,77 @@ xmlSecTransformCtxDebugXmlDump(xmlSecTransformCtxPtr ctx, FILE* output) {
  *************************************************************************/
 /**
  * xmlSecTransformCreate:
- * @id: 		the transform id to create.
+ * @id:                 the transform id to create.
  *
  * Creates new transform of the @id klass. The caller is responsible for
  * destroying returned tansform using #xmlSecTransformDestroy function.
  *
  * Returns: pointer to newly created transform or NULL if an error occurs.
- */ 
-xmlSecTransformPtr	
+ */
+xmlSecTransformPtr
 xmlSecTransformCreate(xmlSecTransformId id) {
     xmlSecTransformPtr transform;
     int ret;
-    
+
     xmlSecAssert2(id != NULL, NULL);
     xmlSecAssert2(id->klassSize >= sizeof(xmlSecTransformKlass), NULL);
     xmlSecAssert2(id->objSize >= sizeof(xmlSecTransform), NULL);
     xmlSecAssert2(id->name != NULL, NULL);
-        
+
     /* Allocate a new xmlSecTransform and fill the fields. */
     transform = (xmlSecTransformPtr)xmlMalloc(id->objSize);
     if(transform == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", id->objSize); 
-	return(NULL);
-    }
-    memset(transform, 0, id->objSize);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", id->objSize);
+        return(NULL);
+    }
+    memset(transform, 0, id->objSize);
     transform->id = id;
-    
+
     if(id->initialize != NULL) {
-	ret = (id->initialize)(transform);
+        ret = (id->initialize)(transform);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"id->initialize",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecTransformDestroy(transform);
-	    return(NULL);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "id->initialize",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecTransformDestroy(transform);
+            return(NULL);
+        }
     }
 
     ret = xmlSecBufferInitialize(&(transform->inBuf), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", 0);
-	xmlSecTransformDestroy(transform);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", 0);
+        xmlSecTransformDestroy(transform);
+        return(NULL);
     }
 
     ret = xmlSecBufferInitialize(&(transform->outBuf), 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "size=%d", 0);
-	xmlSecTransformDestroy(transform);
-	return(NULL);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "size=%d", 0);
+        xmlSecTransformDestroy(transform);
+        return(NULL);
+    }
+
     return(transform);
 }
 
 /**
  * xmlSecTransformDestroy:
- * @transform: 		the pointer to transform.
+ * @transform:          the pointer to transform.
  *
  * Destroys transform created with #xmlSecTransformCreate function.
  */
@@ -1468,7 +1478,7 @@ void
 xmlSecTransformDestroy(xmlSecTransformPtr transform) {
     xmlSecAssert(xmlSecTransformIsValid(transform));
     xmlSecAssert(transform->id->objSize > 0);
-    
+
     /* first need to remove ourselves from chain */
     xmlSecTransformRemove(transform);
 
@@ -1477,23 +1487,23 @@ xmlSecTransformDestroy(xmlSecTransformPtr transform) {
 
     /* we never destroy input nodes, output nodes
      * are destroyed if and only if they are different
-     * from input nodes 
+     * from input nodes
      */
     if((transform->outNodes != NULL) && (transform->outNodes != transform->inNodes)) {
-	xmlSecNodeSetDestroy(transform->outNodes);
+        xmlSecNodeSetDestroy(transform->outNodes);
     }
-    if(transform->id->finalize != NULL) { 
-	(transform->id->finalize)(transform);
+    if(transform->id->finalize != NULL) {
+        (transform->id->finalize)(transform);
     }
     memset(transform, 0, transform->id->objSize);
     xmlFree(transform);
 }
 
-/** 
+/**
  * xmlSecTransformNodeRead:
- * @node: 		the pointer to the transform's node.
- * @usage:		the transform usage (signature, encryption, ...).
- * @transformCtx:	the transform's chaing processing context.
+ * @node:               the pointer to the transform's node.
+ * @usage:              the transform usage (signature, encryption, ...).
+ * @transformCtx:       the transform's chaing processing context.
  *
  * Reads transform from the @node as follows:
  *
@@ -1519,154 +1529,154 @@ xmlSecTransformNodeRead(xmlNodePtr node, xmlSecTransformUsage usage, xmlSecTrans
 
     href = xmlGetProp(node, xmlSecAttrAlgorithm);
     if(href == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
-		    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	return(NULL);		
-    }
-    
-    id = xmlSecTransformIdListFindByHref(xmlSecTransformIdsGet(), href, usage);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecAttrAlgorithm),
+                    XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+        return(NULL);
+    }
+
+    id = xmlSecTransformIdListFindByHref(xmlSecTransformIdsGet(), href, usage);
     if(id == xmlSecTransformIdUnknown) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdListFindByHref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "href=%s", 
-		    xmlSecErrorsSafeString(href));
-	xmlFree(href);
-	return(NULL);		
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdListFindByHref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "href=%s",
+                    xmlSecErrorsSafeString(href));
+        xmlFree(href);
+        return(NULL);
     }
 
     /* check with enabled transforms list */
     if((xmlSecPtrListGetSize(&(transformCtx->enabledTransforms)) > 0) &&
        (xmlSecTransformIdListFind(&(transformCtx->enabledTransforms), id) != 1)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
-		    XMLSEC_ERRORS_R_TRANSFORM_DISABLED,
-		    "href=%s",
-		    xmlSecErrorsSafeString(href));
-	xmlFree(href);
-	return(NULL);
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)),
+                    XMLSEC_ERRORS_R_TRANSFORM_DISABLED,
+                    "href=%s",
+                    xmlSecErrorsSafeString(href));
+        xmlFree(href);
+        return(NULL);
+    }
+
     transform = xmlSecTransformCreate(id);
     if(!xmlSecTransformIsValid(transform)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCreate",		    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
-	xmlFree(href);
-	return(NULL);		
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(id)));
+        xmlFree(href);
+        return(NULL);
     }
 
     if(transform->id->readNode != NULL) {
-	ret = transform->id->readNode(transform, node, transformCtx);
+        ret = transform->id->readNode(transform, node, transformCtx);
         if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"id->readNode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
-	    xmlSecTransformDestroy(transform);
-	    xmlFree(href);
-	    return(NULL);		
-	}
-    }
-
-    /* finally remember the transform node */    
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "id->readNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)));
+            xmlSecTransformDestroy(transform);
+            xmlFree(href);
+            return(NULL);
+        }
+    }
+
+    /* finally remember the transform node */
     transform->hereNode = node;
-    xmlFree(href);   
+    xmlFree(href);
     return(transform);
 }
 
 /**
  * xmlSecTransformPump:
- * @left:		the source pumping transform.
- * @right:		the destination pumping transform.
- * @transformCtx:	the transform's chaing processing context.
+ * @left:               the source pumping transform.
+ * @right:              the destination pumping transform.
+ * @transformCtx:       the transform's chaing processing context.
  *
  * Pops data from @left transform and pushes to @right transform until
  * no more data is available.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformPump(xmlSecTransformPtr left, xmlSecTransformPtr right, xmlSecTransformCtxPtr transformCtx) {
     xmlSecTransformDataType leftType;
     xmlSecTransformDataType rightType;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(left), -1);
     xmlSecAssert2(xmlSecTransformIsValid(right), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     leftType = xmlSecTransformGetDataType(left, xmlSecTransformModePop, transformCtx);
     rightType = xmlSecTransformGetDataType(right, xmlSecTransformModePush, transformCtx);
 
-    if(((leftType & xmlSecTransformDataTypeXml) != 0) && 
+    if(((leftType & xmlSecTransformDataTypeXml) != 0) &&
        ((rightType & xmlSecTransformDataTypeXml) != 0)) {
-       
+
        xmlSecNodeSetPtr nodes = NULL;
 
        ret = xmlSecTransformPopXml(left, &nodes, transformCtx);
        if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
-			"xmlSecTransformPopXml",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
+                        "xmlSecTransformPopXml",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
        }
 
        ret = xmlSecTransformPushXml(right, nodes, transformCtx);
        if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
-			"xmlSecTransformPushXml",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
+                        "xmlSecTransformPushXml",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
        }
-    }  else if(((leftType & xmlSecTransformDataTypeBin) != 0) && 
-    	       ((rightType & xmlSecTransformDataTypeBin) != 0)) {	
-	xmlSecByte buf[XMLSEC_TRANSFORM_BINARY_CHUNK];
-	xmlSecSize bufSize;
-	int final;
-	
-	do {
-	    ret = xmlSecTransformPopBin(left, buf, sizeof(buf), &bufSize, transformCtx);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
-			    "xmlSecTransformPopBin",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	    final = (bufSize == 0) ? 1 : 0;
-	    ret = xmlSecTransformPushBin(right, buf, bufSize, final, transformCtx);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
-			    "xmlSecTransformPushBin",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	} while(final == 0);
+    }  else if(((leftType & xmlSecTransformDataTypeBin) != 0) &&
+               ((rightType & xmlSecTransformDataTypeBin) != 0)) {
+        xmlSecByte buf[XMLSEC_TRANSFORM_BINARY_CHUNK];
+        xmlSecSize bufSize;
+        int final;
+
+        do {
+            ret = xmlSecTransformPopBin(left, buf, sizeof(buf), &bufSize, transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
+                            "xmlSecTransformPopBin",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+            final = (bufSize == 0) ? 1 : 0;
+            ret = xmlSecTransformPushBin(right, buf, bufSize, final, transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
+                            "xmlSecTransformPushBin",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } while(final == 0);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    "transforms input/output data formats do not match");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    "transforms input/output data formats do not match");
     }
     return(0);
 }
@@ -1674,8 +1684,8 @@ xmlSecTransformPump(xmlSecTransformPtr left, xmlSecTransformPtr right, xmlSecTra
 
 /**
  * xmlSecTransformSetKey:
- * @transform: 		the pointer to transform.
- * @key: 		the pointer to key. 
+ * @transform:          the pointer to transform.
+ * @key:                the pointer to key.
  *
  * Sets the transform's key.
  *
@@ -1685,17 +1695,17 @@ int
 xmlSecTransformSetKey(xmlSecTransformPtr transform, xmlSecKeyPtr key) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(key != NULL, -1);
-        
+
     if(transform->id->setKey != NULL) {
-	return((transform->id->setKey)(transform, key));
+        return((transform->id->setKey)(transform, key));
     }
     return(0);
 }
 
 /**
  * xmlSecTransformSetKeyReq:
- * @transform: 		the pointer to transform.
- * @keyReq: 		the pointer to keys requirements object. 
+ * @transform:          the pointer to transform.
+ * @keyReq:             the pointer to keys requirements object.
  *
  * Sets the key requirements for @transform in the @keyReq.
  *
@@ -1705,24 +1715,24 @@ int
 xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(keyReq != NULL, -1);
-        
-    keyReq->keyId   	= xmlSecKeyDataIdUnknown;
-    keyReq->keyType 	= xmlSecKeyDataTypeUnknown;
-    keyReq->keyUsage	= xmlSecKeyUsageAny;
-    keyReq->keyBitsSize	= 0;
-        
+
+    keyReq->keyId       = xmlSecKeyDataIdUnknown;
+    keyReq->keyType     = xmlSecKeyDataTypeUnknown;
+    keyReq->keyUsage    = xmlSecKeyUsageAny;
+    keyReq->keyBitsSize = 0;
+
     if(transform->id->setKeyReq != NULL) {
-	return((transform->id->setKeyReq)(transform, keyReq));
+        return((transform->id->setKeyReq)(transform, keyReq));
     }
     return(0);
 }
 
 /**
  * xmlSecTransformVerify:
- * @transform:		the pointer to transform.
- * @data:		the binary data for verification.
- * @dataSize:		the data size.
- * @transformCtx:	the transform's chaing processing context.
+ * @transform:          the pointer to transform.
+ * @data:               the binary data for verification.
+ * @dataSize:           the data size.
+ * @transformCtx:       the transform's chaing processing context.
  *
  * Verifies the data with transform's processing results
  * (for digest, HMAC and signature transforms). The verification
@@ -1730,9 +1740,9 @@ xmlSecTransformSetKeyReq(xmlSecTransformPtr transform, xmlSecKeyReqPtr keyReq) {
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformVerify(xmlSecTransformPtr transform, const xmlSecByte* data,
-		    xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) {
+                    xmlSecSize dataSize, xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->verify != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
@@ -1742,56 +1752,56 @@ xmlSecTransformVerify(xmlSecTransformPtr transform, const xmlSecByte* data,
 
 /**
  * xmlSecTransformVerifyNodeContent:
- * @transform:		the pointer to transform.
- * @node:		the pointer to node.
- * @transformCtx:	the transform's chaing processing context.
+ * @transform:          the pointer to transform.
+ * @node:               the pointer to node.
+ * @transformCtx:       the transform's chaing processing context.
  *
  * Gets the @node content, base64 decodes it and calls #xmlSecTransformVerify
  * function to verify binary results.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformVerifyNodeContent(xmlSecTransformPtr transform, xmlNodePtr node,
-				 xmlSecTransformCtxPtr transformCtx) {
+                                 xmlSecTransformCtxPtr transformCtx) {
     xmlSecBuffer buffer;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     ret = xmlSecBufferInitialize(&buffer, 0);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     ret = xmlSecBufferBase64NodeContentRead(&buffer, node);
     if((ret < 0) || (xmlSecBufferGetData(&buffer) == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecBufferBase64NodeContentRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecBufferBase64NodeContentRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
+    }
+
     ret = xmlSecTransformVerify(transform, xmlSecBufferGetData(&buffer),
-				xmlSecBufferGetSize(&buffer), transformCtx);
+                                xmlSecBufferGetSize(&buffer), transformCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformVerify",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformVerify",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(-1);
     }
 
     xmlSecBufferFinalize(&buffer);
@@ -1800,125 +1810,125 @@ xmlSecTransformVerifyNodeContent(xmlSecTransformPtr transform, xmlNodePtr node,
 
 /**
  * xmlSecTransformGetDataType:
- * @transform:		the pointer to transform.
- * @mode:		the data mode (push or pop).
- * @transformCtx:	the transform's chaing processing context.
+ * @transform:          the pointer to transform.
+ * @mode:               the data mode (push or pop).
+ * @transformCtx:       the transform's chaing processing context.
  *
- * Gets transform input (@mode is "push") or output (@mode is "pop") data 
+ * Gets transform input (@mode is "push") or output (@mode is "pop") data
  * type (binary or XML).
  *
  * Returns: the transform's data type for the @mode operation.
  */
-xmlSecTransformDataType	
-xmlSecTransformGetDataType(xmlSecTransformPtr transform, xmlSecTransformMode mode, 
-		    xmlSecTransformCtxPtr transformCtx) {
+xmlSecTransformDataType
+xmlSecTransformGetDataType(xmlSecTransformPtr transform, xmlSecTransformMode mode,
+                    xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), xmlSecTransformDataTypeUnknown);
     xmlSecAssert2(transform->id->getDataType != NULL, xmlSecTransformDataTypeUnknown);
-    
-    return((transform->id->getDataType)(transform, mode, transformCtx));    
+
+    return((transform->id->getDataType)(transform, mode, transformCtx));
 }
 
 /**
  * xmlSecTransformPushBin:
- * @transform:		the pointer to transform object.
- * @data:		the input binary data,
- * @dataSize:		the input data size.
- * @final:		the flag: if set to 1 then it's the last
- *			data chunk.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @data:               the input binary data,
+ * @dataSize:           the input data size.
+ * @final:              the flag: if set to 1 then it's the last
+ *                      data chunk.
+ * @transformCtx:       the pointer to transform context object.
  *
  * Process binary @data and pushes results to next transform.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
-		    xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+                    xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->pushBin != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
-    return((transform->id->pushBin)(transform, data, dataSize, final, transformCtx));    
+
+    return((transform->id->pushBin)(transform, data, dataSize, final, transformCtx));
 }
 
 /**
  * xmlSecTransformPopBin:
- * @transform:		the pointer to transform object.
- * @data:		the buffer to store result data.
- * @maxDataSize:	the size of the buffer #data.
- * @dataSize:		the pointer to returned data size.
- * @transformCtx:	the pointer to transform context object.
- *
- * Pops data from previous transform in the chain, processes data and 
- * returns result in the @data buffer. The size of returned data is 
+ * @transform:          the pointer to transform object.
+ * @data:               the buffer to store result data.
+ * @maxDataSize:        the size of the buffer #data.
+ * @dataSize:           the pointer to returned data size.
+ * @transformCtx:       the pointer to transform context object.
+ *
+ * Pops data from previous transform in the chain, processes data and
+ * returns result in the @data buffer. The size of returned data is
  * placed in the @dataSize.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
-		    xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx) {
+                    xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->popBin != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(dataSize != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    return((transform->id->popBin)(transform, data, maxDataSize, dataSize, transformCtx));    
+    return((transform->id->popBin)(transform, data, maxDataSize, dataSize, transformCtx));
 }
 
 /**
  * xmlSecTransformPushXml:
- * @transform:		the pointer to transform object.
- * @nodes:		the input nodes.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @nodes:              the input nodes.
+ * @transformCtx:       the pointer to transform context object.
  *
  * Processes @nodes and pushes result to the next transform in the chain.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
-		    xmlSecTransformCtxPtr transformCtx) {
+                    xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->pushXml != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    return((transform->id->pushXml)(transform, nodes, transformCtx));    
+    return((transform->id->pushXml)(transform, nodes, transformCtx));
 }
 
 /**
  * xmlSecTransformPopXml:
- * @transform:		the pointer to transform object.
- * @nodes:		the pointer to store popinter to result nodes.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @nodes:              the pointer to store popinter to result nodes.
+ * @transformCtx:       the pointer to transform context object.
  *
- * Pops data from previous transform in the chain, processes the data and 
+ * Pops data from previous transform in the chain, processes the data and
  * returns result in @nodes.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
-		    xmlSecTransformCtxPtr transformCtx) {
+                    xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->popXml != NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
 
-    return((transform->id->popXml)(transform, nodes, transformCtx));    
+    return((transform->id->popXml)(transform, nodes, transformCtx));
 }
 
 /**
  * xmlSecTransformExecute:
- * @transform:		the pointer to transform.
- * @last:		the flag: if set to 1 then it's the last data chunk.
- * @transformCtx:	the transform's chaing processing context.
+ * @transform:          the pointer to transform.
+ * @last:               the flag: if set to 1 then it's the last data chunk.
+ * @transformCtx:       the transform's chaing processing context.
  *
  * Executes transform (used by default popBin/pushBin/popXml/pushXml methods).
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->id->execute != NULL, -1);
@@ -1929,29 +1939,29 @@ xmlSecTransformExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCt
 
 /**
  * xmlSecTransformDebugDump:
- * @transform:		the pointer to transform.
- * @output:		the pointer to output FILE.
+ * @transform:          the pointer to transform.
+ * @output:             the pointer to output FILE.
  *
  * Prints transform's debug information to @output.
  */
-void 
+void
 xmlSecTransformDebugDump(xmlSecTransformPtr transform, FILE* output) {
     xmlSecAssert(xmlSecTransformIsValid(transform));
     xmlSecAssert(output != NULL);
-    
+
     fprintf(output, "=== Transform: %s (href=%s)\n",
-		xmlSecErrorsSafeString(transform->id->name),
-		xmlSecErrorsSafeString(transform->id->href));
+                xmlSecErrorsSafeString(transform->id->name),
+                xmlSecErrorsSafeString(transform->id->href));
 }
 
 /**
  * xmlSecTransformDebugXmlDump:
- * @transform:		the pointer to transform.
- * @output:		the pointer to output FILE.
+ * @transform:          the pointer to transform.
+ * @output:             the pointer to output FILE.
  *
  * Prints transform's debug information to @output in XML format.
  */
-void 
+void
 xmlSecTransformDebugXmlDump(xmlSecTransformPtr transform, FILE* output) {
     xmlSecAssert(xmlSecTransformIsValid(transform));
     xmlSecAssert(output != NULL);
@@ -1967,41 +1977,41 @@ xmlSecTransformDebugXmlDump(xmlSecTransformPtr transform, FILE* output) {
  *
  * Operations on transforms chain
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecTransformConnect:
- * @left:		the pointer to left (prev) transform.
- * @right:		the pointer to right (next) transform.
- * @transformCtx:	the transform's chaing processing context.
+ * @left:               the pointer to left (prev) transform.
+ * @right:              the pointer to right (next) transform.
+ * @transformCtx:       the transform's chaing processing context.
  *
- * If the data object is a node-set and the next transform requires octets, 
- * the signature application MUST attempt to convert the node-set to an octet 
- * stream using Canonical XML [XML-C14N].  
+ * If the data object is a node-set and the next transform requires octets,
+ * the signature application MUST attempt to convert the node-set to an octet
+ * stream using Canonical XML [XML-C14N].
  *
  * The story is different if the right transform is base64 decode
  * (http://www.w3.org/TR/xmldsig-core/#sec-Base-64):
  *
- * This transform requires an octet stream for input. If an XPath node-set 
- * (or sufficiently functional alternative) is given as input, then it is 
- * converted to an octet stream by performing operations logically equivalent 
- * to 1) applying an XPath transform with expression self::text(), then 2) 
- * taking the string-value of the node-set. Thus, if an XML element is 
- * identified by a barename XPointer in the Reference URI, and its content 
- * consists solely of base64 encoded character data, then this transform 
- * automatically strips away the start and end tags of the identified element 
- * and any of its descendant elements as well as any descendant comments and 
+ * This transform requires an octet stream for input. If an XPath node-set
+ * (or sufficiently functional alternative) is given as input, then it is
+ * converted to an octet stream by performing operations logically equivalent
+ * to 1) applying an XPath transform with expression self::text(), then 2)
+ * taking the string-value of the node-set. Thus, if an XML element is
+ * identified by a barename XPointer in the Reference URI, and its content
+ * consists solely of base64 encoded character data, then this transform
+ * automatically strips away the start and end tags of the identified element
+ * and any of its descendant elements as well as any descendant comments and
  * processing instructions. The output of this transform is an octet stream.
  *
- * Returns: 0 on success or a negative value if an error occurs. 
+ * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
-xmlSecTransformConnect(xmlSecTransformPtr left, xmlSecTransformPtr right, 
-		       xmlSecTransformCtxPtr transformCtx) {
+int
+xmlSecTransformConnect(xmlSecTransformPtr left, xmlSecTransformPtr right,
+                       xmlSecTransformCtxPtr transformCtx) {
     xmlSecTransformDataType leftType;
     xmlSecTransformDataType rightType;
     xmlSecTransformId middleId;
     xmlSecTransformPtr middle;
-        
+
     xmlSecAssert2(xmlSecTransformIsValid(left), -1);
     xmlSecAssert2(xmlSecTransformIsValid(right), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
@@ -2009,52 +2019,52 @@ xmlSecTransformConnect(xmlSecTransformPtr left, xmlSecTransformPtr right,
     leftType = xmlSecTransformGetDataType(left, xmlSecTransformModePop, transformCtx);
     rightType = xmlSecTransformGetDataType(right, xmlSecTransformModePush, transformCtx);
 
-    /* happy case first: nothing need to be done */    
-    if((((leftType & xmlSecTransformDataTypeBin) != 0) && 
-        ((rightType & xmlSecTransformDataTypeBin) != 0)) || 
-       (((leftType & xmlSecTransformDataTypeXml) != 0) && 
+    /* happy case first: nothing need to be done */
+    if((((leftType & xmlSecTransformDataTypeBin) != 0) &&
+        ((rightType & xmlSecTransformDataTypeBin) != 0)) ||
+       (((leftType & xmlSecTransformDataTypeXml) != 0) &&
         ((rightType & xmlSecTransformDataTypeXml) != 0))) {
-	
-	left->next = right;
-	right->prev = left;
-	return(0);
-    } 
-    
-    if(((leftType & xmlSecTransformDataTypeBin) != 0) && 
+
+        left->next = right;
+        right->prev = left;
+        return(0);
+    }
+
+    if(((leftType & xmlSecTransformDataTypeBin) != 0) &&
         ((rightType & xmlSecTransformDataTypeXml) != 0)) {
-	    
-	/* need to insert parser */
-	middleId = xmlSecTransformXmlParserId;
-    } else if(((leftType & xmlSecTransformDataTypeXml) != 0) && 
+
+        /* need to insert parser */
+        middleId = xmlSecTransformXmlParserId;
+    } else if(((leftType & xmlSecTransformDataTypeXml) != 0) &&
         ((rightType & xmlSecTransformDataTypeBin) != 0)) {
-	
-	/* need to insert c14n or special pre-base64 transform */
-	if(xmlSecTransformCheckId(right, xmlSecTransformBase64Id)) {
-	    middleId = xmlSecTransformRemoveXmlTagsC14NId;
-	} else {
-	    middleId = xmlSecTransformInclC14NId;
-	}
+
+        /* need to insert c14n or special pre-base64 transform */
+        if(xmlSecTransformCheckId(right, xmlSecTransformBase64Id)) {
+            middleId = xmlSecTransformRemoveXmlTagsC14NId;
+        } else {
+            middleId = xmlSecTransformInclC14NId;
+        }
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    "leftType=%d;rightType=%d", 
-		    leftType, rightType);
-	return(-1);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(right)),
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    "leftType=%d;rightType=%d",
+                    leftType, rightType);
+        return(-1);
+    }
+
     /* insert transform */
     middle = xmlSecTransformCreate(middleId);
     if(middle == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
-		    "xmlSecTransformCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(middleId)));
-	return(-1);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(left)),
+                    "xmlSecTransformCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformKlassGetName(middleId)));
+        return(-1);
+    }
     left->next = middle;
     middle->prev = left;
     middle->next = right;
@@ -2066,17 +2076,17 @@ xmlSecTransformConnect(xmlSecTransformPtr left, xmlSecTransformPtr right,
  * xmlSecTransformRemove:
  * @transform: the pointer to #xmlSecTransform structure.
  *
- * Removes @transform from the chain. 
+ * Removes @transform from the chain.
  */
 void
 xmlSecTransformRemove(xmlSecTransformPtr transform) {
     xmlSecAssert(xmlSecTransformIsValid(transform));
 
     if(transform->next != NULL) {
-	transform->next->prev = transform->prev;
+        transform->next->prev = transform->prev;
     }
     if(transform->prev != NULL) {
-	transform->prev->next = transform->next;
+        transform->prev->next = transform->next;
     }
     transform->next = transform->prev = NULL;
 }
@@ -2086,184 +2096,184 @@ xmlSecTransformRemove(xmlSecTransformPtr transform) {
  *
  * Default callbacks, most of the transforms can use them
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecTransformDefaultGetDataType:
- * @transform:		the pointer to transform.
- * @mode:		the data mode (push or pop).
- * @transformCtx:	the transform's chaing processing context.
+ * @transform:          the pointer to transform.
+ * @mode:               the data mode (push or pop).
+ * @transformCtx:       the transform's chaing processing context.
  *
- * Gets transform input (@mode is "push") or output (@mode is "pop") data 
+ * Gets transform input (@mode is "push") or output (@mode is "pop") data
  * type (binary or XML) by analyzing available pushBin/popBin/pushXml/popXml
  * methods.
  *
  * Returns: the transform's data type for the @mode operation.
  */
-xmlSecTransformDataType 
+xmlSecTransformDataType
 xmlSecTransformDefaultGetDataType(xmlSecTransformPtr transform, xmlSecTransformMode mode,
-				  xmlSecTransformCtxPtr transformCtx) {
+                                  xmlSecTransformCtxPtr transformCtx) {
     xmlSecTransformDataType type = xmlSecTransformDataTypeUnknown;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), xmlSecTransformDataTypeUnknown);
     xmlSecAssert2(transformCtx != NULL, xmlSecTransformDataTypeUnknown);
 
     /* we'll try to guess the data type based on the handlers we have */
     switch(mode) {
-	case xmlSecTransformModePush:
-	    if(transform->id->pushBin != NULL) {
-		type |= xmlSecTransformDataTypeBin;
-	    } 
-	    if(transform->id->pushXml != NULL) {
-		type |= xmlSecTransformDataTypeXml;
-	    } 
-	    break;
-	case xmlSecTransformModePop:
-	    if(transform->id->popBin != NULL) {
-		type |= xmlSecTransformDataTypeBin;
-	    } 
-	    if(transform->id->popXml != NULL) {
-		type |= xmlSecTransformDataTypeXml;
-	    } 
-	    break;
-	default:
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			NULL,
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-			"mode=%d", mode);
-	    return(xmlSecTransformDataTypeUnknown);
-    }
-    
+        case xmlSecTransformModePush:
+            if(transform->id->pushBin != NULL) {
+                type |= xmlSecTransformDataTypeBin;
+            }
+            if(transform->id->pushXml != NULL) {
+                type |= xmlSecTransformDataTypeXml;
+            }
+            break;
+        case xmlSecTransformModePop:
+            if(transform->id->popBin != NULL) {
+                type |= xmlSecTransformDataTypeBin;
+            }
+            if(transform->id->popXml != NULL) {
+                type |= xmlSecTransformDataTypeXml;
+            }
+            break;
+        default:
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        "mode=%d", mode);
+            return(xmlSecTransformDataTypeUnknown);
+    }
+
     return(type);
 }
 
 /**
  * xmlSecTransformDefaultPushBin:
- * @transform:		the pointer to transform object.
- * @data:		the input binary data,
- * @dataSize:		the input data size.
- * @final:		the flag: if set to 1 then it's the last
- *			data chunk.
- * @transformCtx:	the pointer to transform context object.
- *
- * Process binary @data by calling transform's execute method and pushes 
+ * @transform:          the pointer to transform object.
+ * @data:               the input binary data,
+ * @dataSize:           the input data size.
+ * @final:              the flag: if set to 1 then it's the last
+ *                      data chunk.
+ * @transformCtx:       the pointer to transform context object.
+ *
+ * Process binary @data by calling transform's execute method and pushes
  * results to next transform.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformDefaultPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
-			xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+                        xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
     xmlSecSize inSize = 0;
     xmlSecSize outSize = 0;
     int finalData = 0;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     do {
-        /* append data to input buffer */    
-	if(dataSize > 0) {
-	    xmlSecSize chunkSize;
-	    
-	    xmlSecAssert2(data != NULL, -1);
-
-	    chunkSize = dataSize;
-	    if(chunkSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
-		chunkSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
-	    }
-	    
-	    ret = xmlSecBufferAppend(&(transform->inBuf), data, chunkSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferAppend",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", chunkSize);
-		return(-1);
-	    }	
-
-	    dataSize -= chunkSize;
-	    data += chunkSize;
-	}
-
-	/* process data */
-	inSize = xmlSecBufferGetSize(&(transform->inBuf));
-	outSize = xmlSecBufferGetSize(&(transform->outBuf));
-	finalData = (((dataSize == 0) && (final != 0)) ? 1 : 0);
-	ret = xmlSecTransformExecute(transform, finalData, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"final=%d", final);
-	    return(-1);
-	}
-
-	/* push data to the next transform */
-	inSize = xmlSecBufferGetSize(&(transform->inBuf));
-	outSize = xmlSecBufferGetSize(&(transform->outBuf));
-	if(inSize > 0) {
-	    finalData = 0;
-	}
-
-	/* we don't want to puch too much */
-	if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
-	    outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
-	    finalData = 0;
-	}
-	if((transform->next != NULL) && ((outSize > 0) || (finalData != 0))) {
-	    ret = xmlSecTransformPushBin(transform->next, 
-			    xmlSecBufferGetData(&(transform->outBuf)),
-			    outSize,
-			    finalData,
-			    transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform->next)),
-			    "xmlSecTransformPushBin",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "final=%d;outSize=%d", final, outSize);
-		return(-1);
-	    }
-	}
-	
-	/* remove data anyway */
-	if(outSize > 0) {
-	    ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferAppend",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", outSize);
-		return(-1);
-	    }
-	}
+        /* append data to input buffer */
+        if(dataSize > 0) {
+            xmlSecSize chunkSize;
+
+            xmlSecAssert2(data != NULL, -1);
+
+            chunkSize = dataSize;
+            if(chunkSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
+                chunkSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+            }
+
+            ret = xmlSecBufferAppend(&(transform->inBuf), data, chunkSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferAppend",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", chunkSize);
+                return(-1);
+            }
+
+            dataSize -= chunkSize;
+            data += chunkSize;
+        }
+
+        /* process data */
+        inSize = xmlSecBufferGetSize(&(transform->inBuf));
+        outSize = xmlSecBufferGetSize(&(transform->outBuf));
+        finalData = (((dataSize == 0) && (final != 0)) ? 1 : 0);
+        ret = xmlSecTransformExecute(transform, finalData, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "final=%d", final);
+            return(-1);
+        }
+
+        /* push data to the next transform */
+        inSize = xmlSecBufferGetSize(&(transform->inBuf));
+        outSize = xmlSecBufferGetSize(&(transform->outBuf));
+        if(inSize > 0) {
+            finalData = 0;
+        }
+
+        /* we don't want to puch too much */
+        if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
+            outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+            finalData = 0;
+        }
+        if((transform->next != NULL) && ((outSize > 0) || (finalData != 0))) {
+            ret = xmlSecTransformPushBin(transform->next,
+                            xmlSecBufferGetData(&(transform->outBuf)),
+                            outSize,
+                            finalData,
+                            transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform->next)),
+                            "xmlSecTransformPushBin",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "final=%d;outSize=%d", final, outSize);
+                return(-1);
+            }
+        }
+
+        /* remove data anyway */
+        if(outSize > 0) {
+            ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferAppend",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", outSize);
+                return(-1);
+            }
+        }
     } while((dataSize > 0) || (outSize > 0));
-    
+
     return(0);
 }
 
 /**
  * xmlSecTransformDefaultPopBin:
- * @transform:		the pointer to transform object.
- * @data:		the buffer to store result data.
- * @maxDataSize:	the size of the buffer #data.
- * @dataSize:		the pointer to returned data size.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @data:               the buffer to store result data.
+ * @maxDataSize:        the size of the buffer #data.
+ * @dataSize:           the pointer to returned data size.
+ * @transformCtx:       the pointer to transform context object.
  *
  * Pops data from previous transform in the chain, processes data by calling
- * transform's execute method and returns result in the @data buffer. The 
+ * transform's execute method and returns result in the @data buffer. The
  * size of returned data is placed in the @dataSize.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
-			    xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx) {
+                            xmlSecSize maxDataSize, xmlSecSize* dataSize, xmlSecTransformCtxPtr transformCtx) {
     xmlSecSize outSize;
     int final = 0;
     int ret;
@@ -2274,94 +2284,94 @@ xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
     xmlSecAssert2(transformCtx != NULL, -1);
 
     while((xmlSecBufferGetSize(&(transform->outBuf)) == 0) && (final == 0)) {
-	/* read data from previous transform if exist */
-	if(transform->prev != NULL) {    
-    	    xmlSecSize inSize, chunkSize;
-
-	    inSize = xmlSecBufferGetSize(&(transform->inBuf));
-	    chunkSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
-
-	    /* ensure that we have space for at least one data chunk */
-    	    ret = xmlSecBufferSetMaxSize(&(transform->inBuf), inSize + chunkSize);
-    	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferSetMaxSize",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "size=%d", inSize + chunkSize);
-		return(-1);
-	    }	
-
-	    /* get data from previous transform */
-	    ret = xmlSecTransformPopBin(transform->prev, 
-			    xmlSecBufferGetData(&(transform->inBuf)) + inSize,
-			    chunkSize, &chunkSize, transformCtx);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform->prev)),
-			    "xmlSecTransformPopBin",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	
-	    /* adjust our size if needed */
-	    if(chunkSize > 0) {
-		ret = xmlSecBufferSetSize(&(transform->inBuf), inSize + chunkSize);
-		if(ret < 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-				"xmlSecBufferSetSize",
-				XMLSEC_ERRORS_R_XMLSEC_FAILED,
-				"size=%d", inSize + chunkSize);
-		    return(-1);
-	        }
-		final = 0; /* the previous transform returned some data..*/
-	    } else {
-		final = 1; /* no data returned from previous transform, we are done */
-	    }
-	} else {
-	    final = 1; /* no previous transform, we are "permanently final" */
-	}	
-
-	/* execute our transform */
-    	ret = xmlSecTransformExecute(transform, final, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    }
-    
+        /* read data from previous transform if exist */
+        if(transform->prev != NULL) {
+            xmlSecSize inSize, chunkSize;
+
+            inSize = xmlSecBufferGetSize(&(transform->inBuf));
+            chunkSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+
+            /* ensure that we have space for at least one data chunk */
+            ret = xmlSecBufferSetMaxSize(&(transform->inBuf), inSize + chunkSize);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferSetMaxSize",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "size=%d", inSize + chunkSize);
+                return(-1);
+            }
+
+            /* get data from previous transform */
+            ret = xmlSecTransformPopBin(transform->prev,
+                            xmlSecBufferGetData(&(transform->inBuf)) + inSize,
+                            chunkSize, &chunkSize, transformCtx);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform->prev)),
+                            "xmlSecTransformPopBin",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            /* adjust our size if needed */
+            if(chunkSize > 0) {
+                ret = xmlSecBufferSetSize(&(transform->inBuf), inSize + chunkSize);
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                                "xmlSecBufferSetSize",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "size=%d", inSize + chunkSize);
+                    return(-1);
+                }
+                final = 0; /* the previous transform returned some data..*/
+            } else {
+                final = 1; /* no data returned from previous transform, we are done */
+            }
+        } else {
+            final = 1; /* no previous transform, we are "permanently final" */
+        }
+
+        /* execute our transform */
+        ret = xmlSecTransformExecute(transform, final, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     /* copy result (if any) */
-    outSize = xmlSecBufferGetSize(&(transform->outBuf)); 
+    outSize = xmlSecBufferGetSize(&(transform->outBuf));
     if(outSize > maxDataSize) {
-	outSize = maxDataSize;
+        outSize = maxDataSize;
     }
-    
+
     /* we don't want to put too much */
     if(outSize > XMLSEC_TRANSFORM_BINARY_CHUNK) {
-	outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
+        outSize = XMLSEC_TRANSFORM_BINARY_CHUNK;
     }
     if(outSize > 0) {
-	xmlSecAssert2(xmlSecBufferGetData(&(transform->outBuf)), -1);
-	
-	memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
-
-	ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
-    	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", outSize);
-	    return(-1);
-	}	
-    }
-    
+        xmlSecAssert2(xmlSecBufferGetData(&(transform->outBuf)), -1);
+
+        memcpy(data, xmlSecBufferGetData(&(transform->outBuf)), outSize);
+
+        ret = xmlSecBufferRemoveHead(&(transform->outBuf), outSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", outSize);
+            return(-1);
+        }
+    }
+
     /* set the result size */
     (*dataSize) = outSize;
     return(0);
@@ -2369,18 +2379,18 @@ xmlSecTransformDefaultPopBin(xmlSecTransformPtr transform, xmlSecByte* data,
 
 /**
  * xmlSecTransformDefaultPushXml:
- * @transform:		the pointer to transform object.
- * @nodes:		the input nodes.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @nodes:              the input nodes.
+ * @transformCtx:       the pointer to transform context object.
  *
- * Processes @nodes by calling transform's execute method and pushes 
+ * Processes @nodes by calling transform's execute method and pushes
  * result to the next transform in the chain.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
-xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes, 
-			    xmlSecTransformCtxPtr transformCtx) {
+int
+xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nodes,
+                            xmlSecTransformCtxPtr transformCtx) {
     int ret;
 
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
@@ -2392,79 +2402,79 @@ xmlSecTransformDefaultPushXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr nod
     transform->inNodes = nodes;
     ret = xmlSecTransformExecute(transform, 1, transformCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* push result to the next transform (if exist) */
     if(transform->next != NULL) {
-	ret = xmlSecTransformPushXml(transform->next, transform->outNodes, transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformPushXml",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    }        
+        ret = xmlSecTransformPushXml(transform->next, transform->outNodes, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformPushXml",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
     return(0);
 }
 
 /**
  * xmlSecTransformDefaultPopXml:
- * @transform:		the pointer to transform object.
- * @nodes:		the pointer to store popinter to result nodes.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform object.
+ * @nodes:              the pointer to store popinter to result nodes.
+ * @transformCtx:       the pointer to transform context object.
  *
- * Pops data from previous transform in the chain, processes the data 
+ * Pops data from previous transform in the chain, processes the data
  * by calling transform's execute method and returns result in @nodes.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
-xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes, 
-			    xmlSecTransformCtxPtr transformCtx) {
+int
+xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nodes,
+                            xmlSecTransformCtxPtr transformCtx) {
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), -1);
     xmlSecAssert2(transform->inNodes == NULL, -1);
     xmlSecAssert2(transform->outNodes == NULL, -1);
     xmlSecAssert2(transformCtx != NULL, -1);
-    
+
     /* pop result from the prev transform (if exist) */
     if(transform->prev != NULL) {
-	ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecTransformPopXml",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    }        
+        ret = xmlSecTransformPopXml(transform->prev, &(transform->inNodes), transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecTransformPopXml",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
 
     /* execute our transform */
     ret = xmlSecTransformExecute(transform, 1, transformCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* return result if requested */
     if(nodes != NULL) {
-	(*nodes) = transform->outNodes;
+        (*nodes) = transform->outNodes;
     }
-    
+
     return(0);
 }
 
@@ -2475,153 +2485,153 @@ xmlSecTransformDefaultPopXml(xmlSecTransformPtr transform, xmlSecNodeSetPtr* nod
  **********************************************************************/
 static xmlSecPtrListKlass xmlSecTransformIdListKlass = {
     BAD_CAST "transform-ids-list",
-    NULL, 							/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    NULL,							/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,							/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                       /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    NULL,                                                       /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                                       /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
  * xmlSecTransformIdListGetKlass:
- * 
+ *
  * The transform id list klass.
  *
  * Returns: pointer to the transform id list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecTransformIdListGetKlass(void) {
     return(&xmlSecTransformIdListKlass);
 }
 
 /**
  * xmlSecTransformIdListFind:
- * @list:		the pointer to transform ids list.
- * @transformId:	the transform klass.
+ * @list:               the pointer to transform ids list.
+ * @transformId:        the transform klass.
  *
  * Lookups @dataId in @list.
  *
  * Returns: 1 if @dataId is found in the @list, 0 if not and a negative
  * value if an error occurs.
  */
-int 
+int
 xmlSecTransformIdListFind(xmlSecPtrListPtr list, xmlSecTransformId transformId) {
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecTransformIdListId), -1);
     xmlSecAssert2(transformId != NULL, -1);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	if((xmlSecTransformId)xmlSecPtrListGetItem(list, i) == transformId) {
-	    return(1);
-	}
+        if((xmlSecTransformId)xmlSecPtrListGetItem(list, i) == transformId) {
+            return(1);
+        }
     }
     return(0);
 }
 
-/** 
+/**
  * xmlSecTransformIdListFindByHref:
- * @list:		the pointer to transform ids list.
- * @href:		the desired transform klass href.
- * @usage:		the desired transform usage.
+ * @list:               the pointer to transform ids list.
+ * @href:               the desired transform klass href.
+ * @usage:              the desired transform usage.
  *
  * Lookups data klass in the list with given @href and @usage in @list.
  *
  * Returns: transform klass is found and NULL otherwise.
- */ 
-xmlSecTransformId	
+ */
+xmlSecTransformId
 xmlSecTransformIdListFindByHref(xmlSecPtrListPtr list, const xmlChar* href,
-			    xmlSecTransformUsage usage) {
+                            xmlSecTransformUsage usage) {
     xmlSecTransformId transformId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecTransformIdListId), xmlSecTransformIdUnknown);
     xmlSecAssert2(href != NULL, xmlSecTransformIdUnknown);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(transformId != xmlSecTransformIdUnknown, xmlSecTransformIdUnknown);
+        transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(transformId != xmlSecTransformIdUnknown, xmlSecTransformIdUnknown);
 
-	if(((usage & transformId->usage) != 0) && (transformId->href != NULL) && 
-	   xmlStrEqual(href, transformId->href)) {
-	   return(transformId);	   
-	}
+        if(((usage & transformId->usage) != 0) && (transformId->href != NULL) &&
+           xmlStrEqual(href, transformId->href)) {
+           return(transformId);
+        }
     }
     return(xmlSecTransformIdUnknown);
 }
 
-/** 
+/**
  * xmlSecTransformIdListFindByName:
- * @list:		the pointer to transform ids list.
- * @name:		the desired transform klass name.
- * @usage:		the desired transform usage.
+ * @list:               the pointer to transform ids list.
+ * @name:               the desired transform klass name.
+ * @usage:              the desired transform usage.
  *
  * Lookups data klass in the list with given @name and @usage in @list.
  *
  * Returns: transform klass is found and NULL otherwise.
- */ 
-xmlSecTransformId	
-xmlSecTransformIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name, 
-			    xmlSecTransformUsage usage) {
+ */
+xmlSecTransformId
+xmlSecTransformIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name,
+                            xmlSecTransformUsage usage) {
     xmlSecTransformId transformId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecTransformIdListId), xmlSecTransformIdUnknown);
     xmlSecAssert2(name != NULL, xmlSecTransformIdUnknown);
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert2(transformId != xmlSecTransformIdUnknown, xmlSecTransformIdUnknown);
+        transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert2(transformId != xmlSecTransformIdUnknown, xmlSecTransformIdUnknown);
+
+        if(((usage & transformId->usage) != 0) && (transformId->name != NULL) &&
+           xmlStrEqual(name, BAD_CAST transformId->name)) {
 
-	if(((usage & transformId->usage) != 0) && (transformId->name != NULL) &&
-	   xmlStrEqual(name, BAD_CAST transformId->name)) {
-	   
-	   return(transformId);	   
-	}
+           return(transformId);
+        }
     }
     return(xmlSecTransformIdUnknown);
 }
 
-/** 
+/**
  * xmlSecTransformIdListDebugDump:
- * @list:		the pointer to transform ids list.
- * @output:		the pointer to output FILE.
- * 
+ * @list:               the pointer to transform ids list.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary transform debug information to @output.
  */
-void 
+void
 xmlSecTransformIdListDebugDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecTransformId transformId;
     xmlSecSize i, size;
-    
+
     xmlSecAssert(xmlSecPtrListCheckId(list, xmlSecTransformIdListId));
     xmlSecAssert(output != NULL);
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert(transformId != NULL);
-	xmlSecAssert(transformId->name != NULL);
-	    
-	if(i > 0) {
-	    fprintf(output, ",\"%s\"", transformId->name);
-	} else {
-	    fprintf(output, "\"%s\"", transformId->name);
-	}	    
+        transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert(transformId != NULL);
+        xmlSecAssert(transformId->name != NULL);
+
+        if(i > 0) {
+            fprintf(output, ",\"%s\"", transformId->name);
+        } else {
+            fprintf(output, "\"%s\"", transformId->name);
+        }
     }
     fprintf(output, "\n");
 }
 
-/** 
+/**
  * xmlSecTransformIdListDebugXmlDump:
- * @list:		the pointer to transform ids list.
- * @output:		the pointer to output FILE.
- * 
+ * @list:               the pointer to transform ids list.
+ * @output:             the pointer to output FILE.
+ *
  * Prints binary transform debug information to @output in XML format.
  */
-void 
+void
 xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
     xmlSecTransformId transformId;
     xmlSecSize i, size;
@@ -2632,11 +2642,11 @@ xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
     fprintf(output, "<TransformIdsList>\n");
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
-	xmlSecAssert(transformId != NULL);
-	xmlSecAssert(transformId->name != NULL);
-	    
-	fprintf(output, "<TransformId name=\"");
+        transformId = (xmlSecTransformId)xmlSecPtrListGetItem(list, i);
+        xmlSecAssert(transformId != NULL);
+        xmlSecAssert(transformId->name != NULL);
+
+        fprintf(output, "<TransformId name=\"");
         xmlSecPrintXmlString(output, transformId->name);
         fprintf(output, "\" />");
     }
@@ -2647,172 +2657,172 @@ xmlSecTransformIdListDebugXmlDump(xmlSecPtrListPtr list, FILE* output) {
  *
  * IO buffers for transforms
  *
- ************************************************************************/ 
-typedef struct _xmlSecTransformIOBuffer			xmlSecTransformIOBuffer,
-							*xmlSecTransformIOBufferPtr;
+ ************************************************************************/
+typedef struct _xmlSecTransformIOBuffer                 xmlSecTransformIOBuffer,
+                                                        *xmlSecTransformIOBufferPtr;
 typedef enum {
     xmlSecTransformIOBufferModeRead,
     xmlSecTransformIOBufferModeWrite
 } xmlSecTransformIOBufferMode;
 
 struct _xmlSecTransformIOBuffer {
-    xmlSecTransformIOBufferMode		mode;
-    xmlSecTransformPtr			transform;
-    xmlSecTransformCtxPtr		transformCtx;
+    xmlSecTransformIOBufferMode         mode;
+    xmlSecTransformPtr                  transform;
+    xmlSecTransformCtxPtr               transformCtx;
 };
 
-static xmlSecTransformIOBufferPtr xmlSecTransformIOBufferCreate	(xmlSecTransformIOBufferMode mode,
-								 xmlSecTransformPtr transform,
-								 xmlSecTransformCtxPtr transformCtx);
-static void	xmlSecTransformIOBufferDestroy			(xmlSecTransformIOBufferPtr buffer);
-static int	xmlSecTransformIOBufferRead			(xmlSecTransformIOBufferPtr buffer,
-								 xmlSecByte *buf,
-								 xmlSecSize size);		
-static int	xmlSecTransformIOBufferWrite			(xmlSecTransformIOBufferPtr buffer,
-								 const xmlSecByte *buf,
-								 xmlSecSize size);		
-static int	xmlSecTransformIOBufferClose			(xmlSecTransformIOBufferPtr buffer);
+static xmlSecTransformIOBufferPtr xmlSecTransformIOBufferCreate (xmlSecTransformIOBufferMode mode,
+                                                                 xmlSecTransformPtr transform,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static void     xmlSecTransformIOBufferDestroy                  (xmlSecTransformIOBufferPtr buffer);
+static int      xmlSecTransformIOBufferRead                     (xmlSecTransformIOBufferPtr buffer,
+                                                                 xmlSecByte *buf,
+                                                                 xmlSecSize size);
+static int      xmlSecTransformIOBufferWrite                    (xmlSecTransformIOBufferPtr buffer,
+                                                                 const xmlSecByte *buf,
+                                                                 xmlSecSize size);
+static int      xmlSecTransformIOBufferClose                    (xmlSecTransformIOBufferPtr buffer);
 
 
 /**
  * xmlSecTransformCreateOutputBuffer:
- * @transform:		the pointer to transform.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform.
+ * @transformCtx:       the pointer to transform context object.
  *
  * Creates output buffer to write data to @transform.
  *
  * Returns: pointer to new output buffer or NULL if an error occurs.
  */
-xmlOutputBufferPtr 
+xmlOutputBufferPtr
 xmlSecTransformCreateOutputBuffer(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecTransformIOBufferPtr buffer; 
+    xmlSecTransformIOBufferPtr buffer;
     xmlSecTransformDataType type;
     xmlOutputBufferPtr output;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), NULL);
     xmlSecAssert2(transformCtx != NULL, NULL);
-    
+
     /* check that we have binary push method for this transform */
     type = xmlSecTransformDefaultGetDataType(transform, xmlSecTransformModePush, transformCtx);
     if((type & xmlSecTransformDataTypeBin) == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    "push binary data not supported");
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    "push binary data not supported");
+        return(NULL);
+    }
+
     buffer = xmlSecTransformIOBufferCreate(xmlSecTransformIOBufferModeWrite, transform, transformCtx);
     if(buffer == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformIOBufferCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformIOBufferCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     output = xmlOutputBufferCreateIO((xmlOutputWriteCallback)xmlSecTransformIOBufferWrite,
-				     (xmlOutputCloseCallback)xmlSecTransformIOBufferClose,
-				     buffer,
-				     NULL); 
+                                     (xmlOutputCloseCallback)xmlSecTransformIOBufferClose,
+                                     buffer,
+                                     NULL);
     if(output == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlOutputBufferCreateIO",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecTransformIOBufferDestroy(buffer);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlOutputBufferCreateIO",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecTransformIOBufferDestroy(buffer);
+        return(NULL);
+    }
+
     return(output);
 }
 
 /**
  * xmlSecTransformCreateInputBuffer:
- * @transform:		the pointer to transform.
- * @transformCtx:	the pointer to transform context object.
+ * @transform:          the pointer to transform.
+ * @transformCtx:       the pointer to transform context object.
  *
  * Creates input buffer to read data from @transform.
  *
  * Returns: pointer to new input buffer or NULL if an error occurs.
  */
-xmlParserInputBufferPtr 
+xmlParserInputBufferPtr
 xmlSecTransformCreateInputBuffer(xmlSecTransformPtr transform, xmlSecTransformCtxPtr transformCtx) {
-    xmlSecTransformIOBufferPtr buffer;    
+    xmlSecTransformIOBufferPtr buffer;
     xmlSecTransformDataType type;
     xmlParserInputBufferPtr input;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), NULL);
     xmlSecAssert2(transformCtx != NULL, NULL);
 
     /* check that we have binary pop method for this transform */
     type = xmlSecTransformDefaultGetDataType(transform, xmlSecTransformModePop, transformCtx);
     if((type & xmlSecTransformDataTypeBin) == 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
-		    "pop binary data not supported");
-	return(NULL);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TRANSFORM,
+                    "pop binary data not supported");
+        return(NULL);
+    }
 
     buffer = xmlSecTransformIOBufferCreate(xmlSecTransformIOBufferModeRead, transform, transformCtx);
     if(buffer == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecTransformIOBufferCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecTransformIOBufferCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     input = xmlParserInputBufferCreateIO((xmlInputReadCallback)xmlSecTransformIOBufferRead,
-				     (xmlInputCloseCallback)xmlSecTransformIOBufferClose,
-				     buffer,
-				     XML_CHAR_ENCODING_NONE); 
+                                     (xmlInputCloseCallback)xmlSecTransformIOBufferClose,
+                                     buffer,
+                                     XML_CHAR_ENCODING_NONE);
     if(input == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlParserInputBufferCreateIO",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecTransformIOBufferDestroy(buffer);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlParserInputBufferCreateIO",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecTransformIOBufferDestroy(buffer);
+        return(NULL);
+    }
+
     return(input);
 }
 
-static xmlSecTransformIOBufferPtr 
+static xmlSecTransformIOBufferPtr
 xmlSecTransformIOBufferCreate(xmlSecTransformIOBufferMode mode, xmlSecTransformPtr transform,
-			      xmlSecTransformCtxPtr transformCtx) {
+                              xmlSecTransformCtxPtr transformCtx) {
     xmlSecTransformIOBufferPtr buffer;
-    
+
     xmlSecAssert2(xmlSecTransformIsValid(transform), NULL);
     xmlSecAssert2(transformCtx != NULL, NULL);
-    
+
     buffer = (xmlSecTransformIOBufferPtr)xmlMalloc(sizeof(xmlSecTransformIOBuffer));
     if(buffer == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d", sizeof(xmlSecTransformIOBuffer)); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d", sizeof(xmlSecTransformIOBuffer));
+        return(NULL);
     }
     memset(buffer, 0, sizeof(xmlSecTransformIOBuffer));
-    
+
     buffer->mode = mode;
     buffer->transform = transform;
     buffer->transformCtx = transformCtx;
-    
+
     return(buffer);
 }
 
-static void 
+static void
 xmlSecTransformIOBufferDestroy(xmlSecTransformIOBufferPtr buffer) {
     xmlSecAssert(buffer != NULL);
 
@@ -2820,34 +2830,34 @@ xmlSecTransformIOBufferDestroy(xmlSecTransformIOBufferPtr buffer) {
     xmlFree(buffer);
 }
 
-static int 
-xmlSecTransformIOBufferRead(xmlSecTransformIOBufferPtr buffer, 
-			    xmlSecByte *buf, xmlSecSize size) {
+static int
+xmlSecTransformIOBufferRead(xmlSecTransformIOBufferPtr buffer,
+                            xmlSecByte *buf, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(buffer->mode == xmlSecTransformIOBufferModeRead, -1);
     xmlSecAssert2(xmlSecTransformIsValid(buffer->transform), -1);
     xmlSecAssert2(buffer->transformCtx != NULL, -1);
     xmlSecAssert2(buf != NULL, -1);
-    
+
     ret = xmlSecTransformPopBin(buffer->transform, buf, size, &size, buffer->transformCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
-		    "xmlSecTransformPopBin",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
+                    "xmlSecTransformPopBin",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(size);
 }
 
-static int 
-xmlSecTransformIOBufferWrite(xmlSecTransformIOBufferPtr buffer, 
-			    const xmlSecByte *buf, xmlSecSize size) {
+static int
+xmlSecTransformIOBufferWrite(xmlSecTransformIOBufferPtr buffer,
+                            const xmlSecByte *buf, xmlSecSize size) {
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(buffer->mode == xmlSecTransformIOBufferModeWrite, -1);
     xmlSecAssert2(xmlSecTransformIsValid(buffer->transform), -1);
@@ -2856,37 +2866,37 @@ xmlSecTransformIOBufferWrite(xmlSecTransformIOBufferPtr buffer,
 
     ret = xmlSecTransformPushBin(buffer->transform, buf, size, 0, buffer->transformCtx);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
-		    "xmlSecTransformPushBin",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
+                    "xmlSecTransformPushBin",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(size);
 }
 
-static int 
+static int
 xmlSecTransformIOBufferClose(xmlSecTransformIOBufferPtr buffer) {
     int ret;
-    
+
     xmlSecAssert2(buffer != NULL, -1);
     xmlSecAssert2(xmlSecTransformIsValid(buffer->transform), -1);
     xmlSecAssert2(buffer->transformCtx != NULL, -1);
-    
-    /* need to flush write buffer before destroing */
+
+    /* need to flush write buffer before destroying */
     if(buffer->mode == xmlSecTransformIOBufferModeWrite) {
         ret = xmlSecTransformPushBin(buffer->transform, NULL, 0, 1, buffer->transformCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
-			"xmlSecTransformPushBin",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    }
-    
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(buffer->transform)),
+                        "xmlSecTransformPushBin",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     xmlSecTransformIOBufferDestroy(buffer);
     return(0);
 }
diff --git a/src/x509.c b/src/x509.c
index 22f5a196..028030ef 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -1,21 +1,21 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #ifndef XMLSEC_NO_X509
- 
+
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -29,9 +29,9 @@
 
 /**
  * xmlSecX509DataGetNodeContent:
- * @node:		the pointer to <dsig:X509Data/> node.
- * @deleteChildren:	the flag that indicates whether to remove node children after reading.
- * @keyInfoCtx:		the pointer to <dsig:KeyInfo/> node processing context.
+ * @node:               the pointer to <dsig:X509Data/> node.
+ * @deleteChildren:     the flag that indicates whether to remove node children after reading.
+ * @keyInfoCtx:         the pointer to <dsig:KeyInfo/> node processing context.
  *
  * Reads the contents of <dsig:X509Data/> node and returns it as
  * a bits mask.
@@ -41,7 +41,7 @@
  */
 int
 xmlSecX509DataGetNodeContent (xmlNodePtr node, int deleteChildren,
-			    xmlSecKeyInfoCtxPtr keyInfoCtx) {
+                            xmlSecKeyInfoCtxPtr keyInfoCtx) {
     xmlNodePtr cur, next;
     int deleteCurNode;
     int content = 0;
@@ -50,44 +50,44 @@ xmlSecX509DataGetNodeContent (xmlNodePtr node, int deleteChildren,
     xmlSecAssert2(keyInfoCtx != NULL, -1);
 
     /* determine the current node content */
-    cur = xmlSecGetNextElementNode(node->children); 
+    cur = xmlSecGetNextElementNode(node->children);
     while(cur != NULL) {
-	deleteCurNode = 0;
-	if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
-	    if(xmlSecIsEmptyNode(cur) == 1) {
-		content |= XMLSEC_X509DATA_CERTIFICATE_NODE;
-		deleteCurNode = 1;
-	    }
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
-	    if(xmlSecIsEmptyNode(cur) == 1) {
-    	        content |= XMLSEC_X509DATA_SUBJECTNAME_NODE;
-		deleteCurNode = 1;
-	    }
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
-	    if(xmlSecIsEmptyNode(cur) == 1) {
-		content |= XMLSEC_X509DATA_ISSUERSERIAL_NODE;
-		deleteCurNode = 1;
-	    }
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
-	    if(xmlSecIsEmptyNode(cur) == 1) {
-		content |= XMLSEC_X509DATA_SKI_NODE;
-		deleteCurNode = 1;
-	    }
-	} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
-	    if(xmlSecIsEmptyNode(cur) == 1) {
-		content |= XMLSEC_X509DATA_CRL_NODE;
-		deleteCurNode = 1;
-	    }
-	} else {
-	    /* todo: fail on unknown child node? */
-	}
-	next = xmlSecGetNextElementNode(cur->next);
-	if((deleteCurNode != 0) && (deleteChildren != 0)) {
-	    /* remove "template" nodes */
-	    xmlUnlinkNode(cur);
-	    xmlFreeNode(cur);
-	}
-	cur = next;
+        deleteCurNode = 0;
+        if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) {
+            if(xmlSecIsEmptyNode(cur) == 1) {
+                content |= XMLSEC_X509DATA_CERTIFICATE_NODE;
+                deleteCurNode = 1;
+            }
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
+            if(xmlSecIsEmptyNode(cur) == 1) {
+                content |= XMLSEC_X509DATA_SUBJECTNAME_NODE;
+                deleteCurNode = 1;
+            }
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
+            if(xmlSecIsEmptyNode(cur) == 1) {
+                content |= XMLSEC_X509DATA_ISSUERSERIAL_NODE;
+                deleteCurNode = 1;
+            }
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
+            if(xmlSecIsEmptyNode(cur) == 1) {
+                content |= XMLSEC_X509DATA_SKI_NODE;
+                deleteCurNode = 1;
+            }
+        } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
+            if(xmlSecIsEmptyNode(cur) == 1) {
+                content |= XMLSEC_X509DATA_CRL_NODE;
+                deleteCurNode = 1;
+            }
+        } else {
+            /* todo: fail on unknown child node? */
+        }
+        next = xmlSecGetNextElementNode(cur->next);
+        if((deleteCurNode != 0) && (deleteChildren != 0)) {
+            /* remove "template" nodes */
+            xmlUnlinkNode(cur);
+            xmlFreeNode(cur);
+        }
+        cur = next;
     }
 
     return (content);
diff --git a/src/xkms.c b/src/xkms.c
index 7b475301..d10099bb 100644
--- a/src/xkms.c
+++ b/src/xkms.c
@@ -1,24 +1,24 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Key Management Specification v 2.0" implementation
  *  http://www.w3.org/TR/xkms2/
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #ifndef XMLSEC_NO_XKMS
- 
+
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -33,119 +33,119 @@
 #include <xmlsec/private/xkms.h>
 #include <xmlsec/errors.h>
 
-#define XMLSEC_XKMS_ID_ATTRIBUTE_LEN		32
+#define XMLSEC_XKMS_ID_ATTRIBUTE_LEN            32
 
 /* The ID attribute in XKMS is 'Id' */
 static const xmlChar* xmlSecXkmsServerIds[] = { BAD_CAST "Id", NULL };
 
 #ifndef XMLSEC_NO_SOAP
-static int      xmlSecXkmsServerCtxWriteSoap11FatalError	(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr envNode);
-static int      xmlSecXkmsServerCtxWriteSoap12FatalError	(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr envNode);
+static int      xmlSecXkmsServerCtxWriteSoap11FatalError        (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr envNode);
+static int      xmlSecXkmsServerCtxWriteSoap12FatalError        (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr envNode);
 #endif /* XMLSEC_NO_SOAP */
 
-static int	xmlSecXkmsServerCtxRequestAbstractTypeNodeRead	(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxSignatureNodeRead		(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxMessageExtensionNodesRead	(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxOpaqueClientDataNodeRead	(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxPendingNotificationNodeRead	(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxRespondWithNodesRead		(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxPendingRequestNodeRead	(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxQueryKeyBindingNodeRead	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx,
-							         xmlNodePtr node,
-								 xmlSecKeyPtr key);
-static int	xmlSecXkmsServerCtxKeyInfoNodeWrite		(xmlSecXkmsServerCtxPtr ctx,
-							    	 xmlNodePtr node,
-								 xmlSecKeyPtr key);
-static int	xmlSecXkmsServerCtxUseKeyWithNodesRead		(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr* node);
-static int	xmlSecXkmsServerCtxUseKeyWithNodesWrite		(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node,
-								 xmlSecKeyPtr key);
-static int	xmlSecXkmsServerCtxTimeInstantNodeRead		(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxResultTypeNodeWrite		(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx, 
-								 xmlNodePtr node);
-static int	xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx,
-							    	 xmlNodePtr node,
-								 xmlSecKeyPtr key);
-static int	xmlSecXkmsServerCtxKeyBindingNodeWrite		(xmlSecXkmsServerCtxPtr ctx,
-							    	 xmlNodePtr node,
-								 xmlSecKeyPtr key);
-static int 	xmlSecXkmsServerCtxValidityIntervalNodeWrite	(xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node, 
-								 xmlSecKeyPtr key);
-static int	xmlSecXkmsServerCtxKeyBindingStatusNodeWrite	(xmlSecXkmsServerCtxPtr ctx,
-							    	 xmlNodePtr node,
-								 xmlSecKeyPtr key);
-
-
-static const xmlSecQName2IntegerInfo gXmlSecXkmsResultMajorInfo[] = 
+static int      xmlSecXkmsServerCtxRequestAbstractTypeNodeRead  (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxSignatureNodeRead            (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxMessageExtensionNodesRead    (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxOpaqueClientDataNodeRead     (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxPendingNotificationNodeRead  (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxRespondWithNodesRead         (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxPendingRequestNodeRead       (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxQueryKeyBindingNodeRead      (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxKeyInfoNodeWrite             (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxUseKeyWithNodesRead          (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr* node);
+static int      xmlSecXkmsServerCtxUseKeyWithNodesWrite         (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxTimeInstantNodeRead          (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxResultTypeNodeWrite          (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int      xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxKeyBindingNodeWrite          (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxValidityIntervalNodeWrite    (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+static int      xmlSecXkmsServerCtxKeyBindingStatusNodeWrite    (xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecKeyPtr key);
+
+
+static const xmlSecQName2IntegerInfo gXmlSecXkmsResultMajorInfo[] =
 {
   { xmlSecXkmsNs, xmlSecResultMajorCodeSuccess,
     xmlSecXkmsResultMajorSuccess },
   { xmlSecXkmsNs, xmlSecResultMajorCodeVersionMismatch,
     xmlSecXkmsResultMajorVersionMismatch },
-  { xmlSecXkmsNs, xmlSecResultMajorCodeSender, 
+  { xmlSecXkmsNs, xmlSecResultMajorCodeSender,
     xmlSecXkmsResultMajorSender },
   { xmlSecXkmsNs, xmlSecResultMajorCodeReceiver,
     xmlSecXkmsResultMajorReceiver },
-  { xmlSecXkmsNs, xmlSecResultMajorCodeRepresent,     
+  { xmlSecXkmsNs, xmlSecResultMajorCodeRepresent,
     xmlSecXkmsResultMajorRepresent },
-  { xmlSecXkmsNs, xmlSecResultMajorCodePending, 
+  { xmlSecXkmsNs, xmlSecResultMajorCodePending,
     xmlSecXkmsResultMajorPending, },
-  { NULL , NULL, 0 }	/* MUST be last in the list */
+  { NULL , NULL, 0 }    /* MUST be last in the list */
 };
 
-static const xmlSecQName2IntegerInfo gXmlSecXkmsMinorErrorInfo[] = 
+static const xmlSecQName2IntegerInfo gXmlSecXkmsMinorErrorInfo[] =
 {
   { xmlSecXkmsNs, xmlSecResultMinorCodeNoMatch,
     xmlSecXkmsResultMinorNoMatch },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeTooManyResponses, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeTooManyResponses,
     xmlSecXkmsResultMinorTooManyResponses },
   { xmlSecXkmsNs, xmlSecResultMinorCodeIncomplete,
     xmlSecXkmsResultMinorIncomplete },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeFailure, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeFailure,
     xmlSecXkmsResultMinorFailure },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeRefused, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeRefused,
     xmlSecXkmsResultMinorRefused },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeNoAuthentication, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeNoAuthentication,
     xmlSecXkmsResultMinorNoAuthentication },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeMessageNotSupported, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeMessageNotSupported,
     xmlSecXkmsResultMinorMessageNotSupported },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeUnknownResponseId, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeUnknownResponseId,
     xmlSecXkmsResultMinorUnknownResponseId },
-  { xmlSecXkmsNs, xmlSecResultMinorCodeNotSynchronous, 
+  { xmlSecXkmsNs, xmlSecResultMinorCodeNotSynchronous,
     xmlSecXkmsResultMinorSynchronous },
-  { NULL, NULL, 0 }	/* MUST be last in the list */
+  { NULL, NULL, 0 }     /* MUST be last in the list */
 };
 
-static const xmlSecQName2IntegerInfo gXmlSecXkmsKeyBindingStatusInfo[] = 
+static const xmlSecQName2IntegerInfo gXmlSecXkmsKeyBindingStatusInfo[] =
 {
-  { xmlSecXkmsNs, xmlSecKeyBindingStatusValid, 
+  { xmlSecXkmsNs, xmlSecKeyBindingStatusValid,
     xmlSecXkmsKeyBindingStatusValid },
   { xmlSecXkmsNs, xmlSecKeyBindingStatusInvalid,
     xmlSecXkmsKeyBindingStatusInvalid },
-  { xmlSecXkmsNs, xmlSecKeyBindingStatusIndeterminate, 
+  { xmlSecXkmsNs, xmlSecKeyBindingStatusIndeterminate,
     xmlSecXkmsKeyBindingStatusIndeterminate },
-  { NULL, NULL, 0 }	/* MUST be last in the list */
+  { NULL, NULL, 0 }     /* MUST be last in the list */
 };
 
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] = 
+static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] =
 {
   { xmlSecXkmsNs, xmlSecKeyUsageEncryption,
     xmlSecKeyUsageEncrypt | xmlSecKeyUsageDecrypt },
@@ -153,10 +153,10 @@ static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyUsageInfo[] =
     xmlSecKeyUsageSign | xmlSecKeyUsageVerify },
   { xmlSecXkmsNs, xmlSecKeyUsageExchange,
     xmlSecKeyUsageKeyExchange},
-  { NULL, NULL, 0 }	/* MUST be last in the list */
+  { NULL, NULL, 0 }     /* MUST be last in the list */
 };
 
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] = 
+static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] =
 {
     { xmlSecXkmsNs, xmlSecKeyBindingReasonIssuerTrust,
       XMLSEC_XKMS_KEY_BINDING_REASON_MASK_ISSUER_TRAST },
@@ -166,10 +166,10 @@ static const xmlSecQName2BitMaskInfo gXmlSecXkmsKeyBindingReasonInfo[] =
       XMLSEC_XKMS_KEY_BINDING_REASON_MASK_VALIDITY_INTERVAL },
     { xmlSecXkmsNs, xmlSecKeyBindingReasonSignature,
       XMLSEC_XKMS_KEY_BINDING_REASON_MASK_SIGNATURE },
-    { NULL, NULL, 0 }	/* MUST be last in the list */
+    { NULL, NULL, 0 }   /* MUST be last in the list */
 };
 
-static const xmlSecQName2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] = 
+static const xmlSecQName2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] =
 {
     { xmlSecXkmsNs, xmlSecResponseMechanismRepresent,
       XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REPRESENT },
@@ -177,46 +177,46 @@ static const xmlSecQName2BitMaskInfo gXmlSecXkmsResponseMechanismInfo[] =
       XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_PENDING },
     { xmlSecXkmsNs, xmlSecResponseMechanismRequestSignatureValue,
       XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE },
-    { NULL, NULL, 0 }	/* MUST be last in the list */
+    { NULL, NULL, 0 }   /* MUST be last in the list */
 };
 
-static const xmlSecQName2IntegerInfo gXmlSecXkmsFormatInfo[] = 
+static const xmlSecQName2IntegerInfo gXmlSecXkmsFormatInfo[] =
 {
-  { NULL, xmlSecXkmsFormatStrPlain, 
+  { NULL, xmlSecXkmsFormatStrPlain,
     xmlSecXkmsServerFormatPlain },
 #ifndef XMLSEC_NO_SOAP
   { NULL, xmlSecXkmsFormatStrSoap11,
     xmlSecXkmsServerFormatSoap11 },
-  { NULL, xmlSecXkmsFormatStrSoap12, 
+  { NULL, xmlSecXkmsFormatStrSoap12,
     xmlSecXkmsServerFormatSoap12 },
 #endif /* XMLSEC_NO_SOAP */
-  { NULL, NULL, 0 }	/* MUST be last in the list */
+  { NULL, NULL, 0 }     /* MUST be last in the list */
 };
 
 /**
  * xmlSecXkmsServerFormatFromString:
  * @str         the string.
- *  
+ *
  * Gets xmlSecXkmsServerFormat from string @str.
- * 
+ *
  * Returns: corresponding format or xmlSecXkmsServerFormatUnknown
  * if format could not be recognized.
- */ 
-xmlSecXkmsServerFormat 
+ */
+xmlSecXkmsServerFormat
 xmlSecXkmsServerFormatFromString(const xmlChar* str) {
     int res;
     int ret;
 
     xmlSecAssert2(str != NULL, xmlSecXkmsServerFormatUnknown);
-    
+
     ret = xmlSecQName2IntegerGetInteger(gXmlSecXkmsFormatInfo, NULL, str, &res);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetInteger",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(xmlSecXkmsServerFormatUnknown);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetInteger",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(xmlSecXkmsServerFormatUnknown);
     }
 
     return((xmlSecXkmsServerFormat)res);
@@ -230,19 +230,19 @@ xmlSecXkmsServerFormatFromString(const xmlChar* str) {
  *
  * Returns: string corresponding to @format or NULL if an error occurs.
  */
-const xmlChar* 
+const xmlChar*
 xmlSecXkmsServerFormatToString (xmlSecXkmsServerFormat format) {
     xmlSecQName2IntegerInfoConstPtr info;
-    
+
     xmlSecAssert2(format != xmlSecXkmsServerFormatUnknown, NULL);
 
     info = xmlSecQName2IntegerGetInfo(gXmlSecXkmsFormatInfo, format);
     if(info == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetInfo",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetInfo",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(NULL);
     }
     return(info->qnameLocalPart);
@@ -250,125 +250,125 @@ xmlSecXkmsServerFormatToString (xmlSecXkmsServerFormat format) {
 
 /**
  * xmlSecXkmsServerCtxCreate:
- * @keysMngr: 	the pointer to keys manager.
+ * @keysMngr:   the pointer to keys manager.
  *
  * Creates XKMS request server side processing context.
- * The caller is responsible for destroying returend object by calling 
+ * The caller is responsible for destroying returned object by calling
  * #xmlSecXkmsServerCtxDestroy function.
  *
  * Returns: pointer to newly allocated context object or NULL if an error
  * occurs.
  */
-xmlSecXkmsServerCtxPtr	
+xmlSecXkmsServerCtxPtr
 xmlSecXkmsServerCtxCreate(xmlSecKeysMngrPtr keysMngr) {
     xmlSecXkmsServerCtxPtr ctx;
     int ret;
-    
+
     ctx = (xmlSecXkmsServerCtxPtr) xmlMalloc(sizeof(xmlSecXkmsServerCtx));
     if(ctx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecXkmsServerCtx)=%d", 
-		    sizeof(xmlSecXkmsServerCtx));
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecXkmsServerCtx)=%d",
+                    sizeof(xmlSecXkmsServerCtx));
+        return(NULL);
+    }
+
     ret = xmlSecXkmsServerCtxInitialize(ctx, keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXkmsServerCtxDestroy(ctx);
-	return(NULL);   
-    }
-    return(ctx);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXkmsServerCtxDestroy(ctx);
+        return(NULL);
+    }
+    return(ctx);
 }
 
 /**
  * xmlSecXkmsServerCtxDestroy:
- * @ctx:	the pointer to XKMS processing context.
+ * @ctx:        the pointer to XKMS processing context.
  *
  * Destroy context object created with #xmlSecXkmsServerCtxCreate function.
  */
-void  
+void
 xmlSecXkmsServerCtxDestroy(xmlSecXkmsServerCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     xmlSecXkmsServerCtxFinalize(ctx);
     xmlFree(ctx);
 }
 
 /**
  * xmlSecXkmsServerCtxInitialize:
- * @ctx:	the pointer to XKMS processing context.
- * @keysMngr: 	the pointer to keys manager.
+ * @ctx:        the pointer to XKMS processing context.
+ * @keysMngr:   the pointer to keys manager.
  *
  * Initializes XKMS element processing context.
- * The caller is responsible for cleaing up returend object by calling 
+ * The caller is responsible for cleaning up returned object by calling
  * #xmlSecXkmsServerCtxFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerCtxInitialize(xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keysMngr) {
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     memset(ctx, 0, sizeof(xmlSecXkmsServerCtx));
 
-    ctx->resultMajor 	= xmlSecXkmsResultMajorSuccess;
-    ctx->resultMinor 	= xmlSecXkmsResultMinorNone;
+    ctx->resultMajor    = xmlSecXkmsResultMajorSuccess;
+    ctx->resultMinor    = xmlSecXkmsResultMinorNone;
     ctx->responseLimit  = XMLSEC_XKMS_NO_RESPONSE_LIMIT;
-    ctx->idLen		= XMLSEC_XKMS_ID_ATTRIBUTE_LEN;
+    ctx->idLen          = XMLSEC_XKMS_ID_ATTRIBUTE_LEN;
 
     /* initialize key info */
     ret = xmlSecKeyInfoCtxInitialize(&(ctx->keyInfoReadCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     ctx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
-    
+
     ret = xmlSecKeyInfoCtxInitialize(&(ctx->keyInfoWriteCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     ctx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
 
     /* enabled RespondWith */
     ret = xmlSecPtrListInitialize(&(ctx->enabledRespondWithIds), xmlSecXkmsRespondWithIdListId);
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* enabled ServerRequest */
     ret = xmlSecPtrListInitialize(&(ctx->enabledServerRequestIds), xmlSecXkmsServerRequestIdListId);
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
 
@@ -376,23 +376,23 @@ xmlSecXkmsServerCtxInitialize(xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keys
     /* initialize keys list */
     ret = xmlSecPtrListInitialize(&(ctx->keys), xmlSecKeyPtrListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* initialize RespondWith list */
     ret = xmlSecPtrListInitialize(&(ctx->respWithList), xmlSecXkmsRespondWithIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -400,21 +400,21 @@ xmlSecXkmsServerCtxInitialize(xmlSecXkmsServerCtxPtr ctx, xmlSecKeysMngrPtr keys
 
 /**
  * xmlSecXkmsServerCtxFinalize:
- * @ctx:	the pointer to XKMS processing context.
+ * @ctx:        the pointer to XKMS processing context.
  *
  * Cleans up @ctx object.
  */
-void 
+void
 xmlSecXkmsServerCtxFinalize(xmlSecXkmsServerCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
 
     xmlSecXkmsServerCtxReset(ctx);
-    
+
     if(ctx->expectedService != NULL) {
-	xmlFree(ctx->expectedService);
+        xmlFree(ctx->expectedService);
     }
     if(ctx->idPrefix != NULL) {
-	xmlFree(ctx->idPrefix);
+        xmlFree(ctx->idPrefix);
     }
 
     xmlSecKeyInfoCtxFinalize(&(ctx->keyInfoReadCtx));
@@ -428,14 +428,14 @@ xmlSecXkmsServerCtxFinalize(xmlSecXkmsServerCtxPtr ctx) {
 
 /**
  * xmlSecXkmsServerCtxReset:
- * @ctx:	the pointer to XKMS processing context.
+ * @ctx:        the pointer to XKMS processing context.
  *
  * Resets @ctx object, user settings are not touched.
  */
-void 
+void
 xmlSecXkmsServerCtxReset(xmlSecXkmsServerCtxPtr ctx) {
     xmlSecAssert(ctx != NULL);
-    
+
     ctx->resultMajor = xmlSecXkmsResultMajorSuccess;
     ctx->resultMinor = xmlSecXkmsResultMinorNone;
     xmlSecKeyInfoCtxReset(&(ctx->keyInfoReadCtx));
@@ -443,145 +443,145 @@ xmlSecXkmsServerCtxReset(xmlSecXkmsServerCtxPtr ctx) {
     xmlSecPtrListEmpty(&(ctx->keys));
     xmlSecPtrListEmpty(&(ctx->respWithList));
 
-    ctx->requestNode            = NULL;    
-    ctx->opaqueClientDataNode   = NULL;    
-    ctx->firtsMsgExtNode 	= NULL;
-    ctx->keyInfoNode		= NULL;
-    ctx->requestId		= xmlSecXkmsServerRequestIdUnknown;
-    
+    ctx->requestNode            = NULL;
+    ctx->opaqueClientDataNode   = NULL;
+    ctx->firtsMsgExtNode        = NULL;
+    ctx->keyInfoNode            = NULL;
+    ctx->requestId              = xmlSecXkmsServerRequestIdUnknown;
+
     if(ctx->id != NULL) {
-	xmlFree(ctx->id); ctx->id = NULL;
+        xmlFree(ctx->id); ctx->id = NULL;
     }
     if(ctx->service != NULL) {
-	xmlFree(ctx->service); ctx->service = NULL;
+        xmlFree(ctx->service); ctx->service = NULL;
     }
     if(ctx->nonce != NULL) {
-	xmlFree(ctx->nonce); ctx->nonce = NULL;
+        xmlFree(ctx->nonce); ctx->nonce = NULL;
     }
     if(ctx->originalRequestId != NULL) {
-	xmlFree(ctx->originalRequestId); ctx->originalRequestId = NULL;
+        xmlFree(ctx->originalRequestId); ctx->originalRequestId = NULL;
     }
     if(ctx->pendingNotificationMechanism != NULL) {
-	xmlFree(ctx->pendingNotificationMechanism); 
-	ctx->pendingNotificationMechanism = NULL;
+        xmlFree(ctx->pendingNotificationMechanism);
+        ctx->pendingNotificationMechanism = NULL;
     }
     if(ctx->pendingNotificationIdentifier != NULL) {
-	xmlFree(ctx->pendingNotificationIdentifier); 
-	ctx->pendingNotificationIdentifier = NULL;
+        xmlFree(ctx->pendingNotificationIdentifier);
+        ctx->pendingNotificationIdentifier = NULL;
     }
     if(ctx->compoundRequestContexts != NULL) {
         xmlSecPtrListDestroy(ctx->compoundRequestContexts);
         ctx->compoundRequestContexts = NULL;
     }
-    
-    ctx->responseLimit 		= XMLSEC_XKMS_NO_RESPONSE_LIMIT;
+
+    ctx->responseLimit          = XMLSEC_XKMS_NO_RESPONSE_LIMIT;
     ctx->responseMechanismMask  = 0;
 }
 
 /**
  * xmlSecXkmsServerCtxCopyUserPref:
- * @dst:	the pointer to destination context.
- * @src:	the pointer to source context.
- * 
+ * @dst:        the pointer to destination context.
+ * @src:        the pointer to source context.
+ *
  * Copies user preference from @src context to @dst.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerCtxCopyUserPref(xmlSecXkmsServerCtxPtr dst, xmlSecXkmsServerCtxPtr src) {
     int ret;
-    
+
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
 
-    dst->userData 	= src->userData;
-    dst->flags		= src->flags;
-    dst->flags2		= src->flags2;
+    dst->userData       = src->userData;
+    dst->flags          = src->flags;
+    dst->flags2         = src->flags2;
 
     ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoReadCtx), &(src->keyInfoReadCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoWriteCtx), &(src->keyInfoWriteCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     if(src->expectedService != NULL) {
-	dst->expectedService = xmlStrdup(src->expectedService);
-	if(dst->expectedService == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlStrdup",
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        dst->expectedService = xmlStrdup(src->expectedService);
+        if(dst->expectedService == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     if(src->idPrefix != NULL) {
-	dst->idPrefix = xmlStrdup(src->idPrefix);
-	if(dst->idPrefix == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlStrdup",
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        dst->idPrefix = xmlStrdup(src->idPrefix);
+        if(dst->idPrefix == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
     src->idLen = dst->idLen;
 
 
     ret = xmlSecPtrListCopy(&(dst->enabledRespondWithIds), &(src->enabledRespondWithIds));
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecPtrListCopy(&(dst->enabledServerRequestIds), &(src->enabledServerRequestIds));
-    if(ret < 0) { 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCopy",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCopy",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
-} 
+}
 
-/** 
- * xmlSecXkmsServerCtxProcess: 
- * @ctx:	the pointer to XKMS processing context.
- * @node:	the pointer to request node.
+/**
+ * xmlSecXkmsServerCtxProcess:
+ * @ctx:        the pointer to XKMS processing context.
+ * @node:       the pointer to request node.
  * @format:     the request/response format.
- * @doc:	the pointer to response parent XML document (might be NULL).
- * 
- * Reads XKMS request from @node and creates response to a newly created node. 
+ * @doc:        the pointer to response parent XML document (might be NULL).
+ *
+ * Reads XKMS request from @node and creates response to a newly created node.
  * Caller is responsible for adding the returned node to the XML document.
  *
  * Returns: pointer to newly created XKMS response node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
-xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, 
+xmlNodePtr
+xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,
                               xmlSecXkmsServerFormat format, xmlDocPtr doc) {
     int ret;
 
@@ -592,136 +592,136 @@ xmlSecXkmsServerCtxProcess(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,
 
     ctx->requestNode = xmlSecXkmsServerCtxRequestUnwrap(ctx, node, format);
     if(ctx->requestNode == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestUnwrap",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(node->name));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	goto done;
-    }    
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestUnwrap",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(node->name));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        goto done;
+    }
+
     ret = xmlSecXkmsServerCtxRequestRead(ctx, ctx->requestNode);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdListFindByNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "ctx->requestNode=%s",
-		    xmlSecErrorsSafeString(ctx->requestNode->name));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	goto done;
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdListFindByNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ctx->requestNode=%s",
+                    xmlSecErrorsSafeString(ctx->requestNode->name));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        goto done;
+    }
 
     ret = xmlSecXkmsServerRequestExecute(ctx->requestId, ctx);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "ctx->requestNode=%s",
-		    xmlSecErrorsSafeString(ctx->requestNode->name));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	goto done;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ctx->requestNode=%s",
+                    xmlSecErrorsSafeString(ctx->requestNode->name));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        goto done;
     }
 
 done:
-    /* always try to write response back */    
+    /* always try to write response back */
     if(ctx->requestId != NULL) {
         xmlNodePtr respNode;
         xmlNodePtr wrappedRespNode;
-        
+
         respNode = xmlSecXkmsServerCtxResponseWrite(ctx, doc);
         if(respNode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxResponseWrite",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "ctx->requestNode=%s",
-		        xmlSecErrorsSafeString(ctx->requestNode->name));
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-            goto error;    
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxResponseWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "ctx->requestNode=%s",
+                        xmlSecErrorsSafeString(ctx->requestNode->name));
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            goto error;
         }
-    
+
 
         wrappedRespNode = xmlSecXkmsServerCtxResponseWrap(ctx, respNode, format, doc);
         if(wrappedRespNode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxResponseWrite",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "ctx->requestNode=%s",
-		        xmlSecErrorsSafeString(ctx->requestNode->name));
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxResponseWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "ctx->requestNode=%s",
+                        xmlSecErrorsSafeString(ctx->requestNode->name));
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             xmlFreeNode(respNode);
-            goto error;    
+            goto error;
         }
 
         return(wrappedRespNode);
     }
-    
+
 error:
     /* last attempt: create fatatl error response */
     return(xmlSecXkmsServerCtxFatalErrorResponseCreate(ctx, format, doc));
 }
 
-/** 
- * xmlSecXkmsServerCtxRequestRead: 
- * @ctx:	the pointer to XKMS processing context.
- * @node:	the pointer to request node.
+/**
+ * xmlSecXkmsServerCtxRequestRead:
+ * @ctx:        the pointer to XKMS processing context.
+ * @node:       the pointer to request node.
  *
  * Reads XKMS request from @node and stores data in @ctx.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerCtxRequestRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->requestId == NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* find out what the request is */
     if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
-	ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(&(ctx->enabledServerRequestIds), node);
+        ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(&(ctx->enabledServerRequestIds), node);
     } else {
-	ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(xmlSecXkmsServerRequestIdsGet(), node);
+        ctx->requestId = xmlSecXkmsServerRequestIdListFindByNode(xmlSecXkmsServerRequestIdsGet(), node);
     }
     if(ctx->requestId == xmlSecXkmsServerRequestIdUnknown) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdListFindByNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(node->name));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdListFindByNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(node->name));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
+        return(-1);
     }
 
     xmlSecAddIDs(node->doc, node, xmlSecXkmsServerIds);
     ret = xmlSecXkmsServerRequestNodeRead(ctx->requestId, ctx, node);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "request=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	return(-1);
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "request=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+        return(-1);
+    }
+
     return(0);
 }
 
-/** 
- * xmlSecXkmsServerCtxResponseWrite: 
- * @ctx:	the pointer to XKMS processing context.
- * @doc:	the pointer to response parent XML document (might be NULL).
+/**
+ * xmlSecXkmsServerCtxResponseWrite:
+ * @ctx:        the pointer to XKMS processing context.
+ * @doc:        the pointer to response parent XML document (might be NULL).
  *
- * Writes XKMS response from context to a newly created node. Caller is 
+ * Writes XKMS response from context to a newly created node. Caller is
  * responsible for adding the returned node to the XML document.
  *
  * Returns: pointer to newly created XKMS response node or NULL
@@ -730,43 +730,43 @@ xmlSecXkmsServerCtxRequestRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
 xmlNodePtr
 xmlSecXkmsServerCtxResponseWrite(xmlSecXkmsServerCtxPtr ctx, xmlDocPtr doc) {
     xmlNodePtr respNode;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(ctx->requestId != NULL, NULL);
 
     /* now write results */
     respNode = xmlSecXkmsServerRequestNodeWrite(ctx->requestId, ctx, doc, NULL);
     if(respNode == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "request=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "request=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctx->requestId)));
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
         return(NULL);
     }
-    
+
     return(respNode);
 }
 
 /**
  * xmlSecXkmsServerCtxRequestUnwrap:
- * @ctx:	the pointer to XKMS processing context.
- * @node:	the pointer to request node.
+ * @ctx:        the pointer to XKMS processing context.
+ * @node:       the pointer to request node.
  * @format:     the request/response format.
- * 
+ *
  * Removes SOAP or other envelope from XKMS request.
  *
- * Returns: pointer to "real" XKMS request node or NULL if an error occurs. 
+ * Returns: pointer to "real" XKMS request node or NULL if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,  xmlSecXkmsServerFormat format) {
     xmlNodePtr result = NULL;
-        
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(node != NULL, NULL);
-    
+
     switch(format) {
     case xmlSecXkmsServerFormatPlain:
         result = node;
@@ -776,95 +776,95 @@ xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,  x
         /* verify that it is actually soap Envelope node */
         if(xmlSecSoap11CheckEnvelope(node) != 1) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11CheckEnvelope",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
-        }   
-        
+                        NULL,
+                        "xmlSecSoap11CheckEnvelope",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
+        }
+
         /* check that Body has exactly one entry */
         if(xmlSecSoap11GetBodyEntriesNumber(node) != 1) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11GetBodyEntriesNumber",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap11GetBodyEntriesNumber",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         /* this one enntry is our xkms request */
         result = xmlSecSoap11GetBodyEntry(node, 0);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11GetBodyEntry",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap11GetBodyEntry",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         break;
     case xmlSecXkmsServerFormatSoap12:
         /* verify that it is actually soap Envelope node */
         if(xmlSecSoap12CheckEnvelope(node) != 1) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12CheckEnvelope",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
-        }   
-        
+                        NULL,
+                        "xmlSecSoap12CheckEnvelope",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
+        }
+
         /* check that Body has exactly one entry */
         if(xmlSecSoap12GetBodyEntriesNumber(node) != 1) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12GetBodyEntriesNumber",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap12GetBodyEntriesNumber",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         /* this one enntry is our xkms request */
         result = xmlSecSoap12GetBodyEntry(node, 0);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12GetBodyEntry",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap12GetBodyEntry",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         break;
 #endif /* XMLSEC_NO_SOAP */
     default:
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    "format=%d",
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    "format=%d",
                     format);
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	return(NULL);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+        return(NULL);
     }
-    
+
     return(result);
 }
 
-/** 
- * xmlSecXkmsServerCtxResponseWrap: 
- * @ctx:	the pointer to XKMS processing context.
- * @node:	the pointer to response node.
+/**
+ * xmlSecXkmsServerCtxResponseWrap:
+ * @ctx:        the pointer to XKMS processing context.
+ * @node:       the pointer to response node.
  * @format:     the request/response format.
- * @doc:	the pointer to response parent XML document (might be NULL).
+ * @doc:        the pointer to response parent XML document (might be NULL).
  *
  * Creates SOAP or other envelope around XKMS response.
  * Caller is responsible for adding the returned node to the XML document.
@@ -872,13 +872,13 @@ xmlSecXkmsServerCtxRequestUnwrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,  x
  * Returns: pointer to newly created response envelope node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecXkmsServerCtxResponseWrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecXkmsServerFormat format, xmlDocPtr doc) {
     xmlNodePtr result = NULL;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
     xmlSecAssert2(node != NULL, NULL);
-    
+
     switch(format) {
     case xmlSecXkmsServerFormatPlain:
         result = node; /* do nothing */
@@ -888,95 +888,95 @@ xmlSecXkmsServerCtxResponseWrap(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xml
         result = xmlSecSoap11CreateEnvelope(doc);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11CreateEnvelope",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap11CreateEnvelope",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         if(xmlSecSoap11AddBodyEntry(result, node) == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11AddBodyEntry",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap11AddBodyEntry",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
         break;
     case xmlSecXkmsServerFormatSoap12:
         result = xmlSecSoap12CreateEnvelope(doc);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12CreateEnvelope",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap12CreateEnvelope",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         if(xmlSecSoap12AddBodyEntry(result, node) == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12AddBodyEntry",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap12AddBodyEntry",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
         break;
 #endif /* XMLSEC_NO_SOAP */
     default:
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    "format=%d",
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    "format=%d",
                     format);
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	return(NULL);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+        return(NULL);
     }
-    
+
     return(result);
 }
 
-/** 
- * xmlSecXkmsServerCtxFatalErrorResponseCreate: 
- * @ctx:	the pointer to XKMS processing context.
+/**
+ * xmlSecXkmsServerCtxFatalErrorResponseCreate:
+ * @ctx:        the pointer to XKMS processing context.
  * @format:     the request/response format.
- * @doc:	the pointer to response parent XML document (might be NULL).
+ * @doc:        the pointer to response parent XML document (might be NULL).
  *
- * Creates a "fatal error" SOAP or other envelope respons. Caller is 
+ * Creates a "fatal error" SOAP or other envelope respons. Caller is
  * responsible for adding the returned node to the XML document.
  *
  * Returns: pointer to newly created fatal error response (it might be NULL).
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecXkmsServerCtxFatalErrorResponseCreate(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsServerFormat format, xmlDocPtr doc) {
     xmlNodePtr result = NULL;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, NULL);
 
     /* make sure that we have an error */
     if(ctx->resultMajor == xmlSecXkmsResultMajorSuccess) {
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
     }
-    
+
     switch(format) {
     case xmlSecXkmsServerFormatPlain:
         /* try to create fatal error response with XKMS Status request */
         result = xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestResultId, ctx, doc, NULL);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerRequestNodeWrite",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
+                        NULL,
+                        "xmlSecXkmsServerRequestNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
         }
         break;
 #ifndef XMLSEC_NO_SOAP
@@ -984,75 +984,75 @@ xmlSecXkmsServerCtxFatalErrorResponseCreate(xmlSecXkmsServerCtxPtr ctx, xmlSecXk
         result = xmlSecSoap11CreateEnvelope(doc);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap11CreateEnvelope",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap11CreateEnvelope",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         ret = xmlSecXkmsServerCtxWriteSoap11FatalError(ctx, result);
         if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxWriteSoap11FatalError",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlSecXkmsServerCtxWriteSoap11FatalError",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             xmlFreeNode(result);
-	    return(NULL);
+            return(NULL);
         }
-                
+
         break;
     case xmlSecXkmsServerFormatSoap12:
         result = xmlSecSoap12CreateEnvelope(doc);
         if(result == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12CreateEnvelope",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	    return(NULL);
+                        NULL,
+                        "xmlSecSoap12CreateEnvelope",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+            return(NULL);
         }
-        
+
         ret = xmlSecXkmsServerCtxWriteSoap12FatalError(ctx, result);
         if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxWriteSoap12FatalError",
-		        XMLSEC_ERRORS_R_INVALID_DATA,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlSecXkmsServerCtxWriteSoap12FatalError",
+                        XMLSEC_ERRORS_R_INVALID_DATA,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             xmlFreeNode(result);
-	    return(NULL);
+            return(NULL);
         }
-                
+
         break;
 #endif /* XMLSEC_NO_SOAP */
     default:
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    "format=%d",
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    "format=%d",
                     format);
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	return(NULL);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+        return(NULL);
     }
-    
+
     return(result);
 }
 
 #ifndef XMLSEC_NO_SOAP
-static int 
+static int
 xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr envNode) {
     const xmlChar* faultCodeHref = NULL;
     const xmlChar* faultCodeLocalPart = NULL;
     xmlChar* faultString = NULL;
     int len;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(envNode != NULL, -1);
 
@@ -1064,14 +1064,14 @@ xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonUnsupportedVersion);
         if(faultString == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
-    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) && 
+    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) &&
               (ctx->requestId == NULL)) {
         /* we understood the request but were not able to parse input message */
         faultCodeHref = xmlSecSoap11Ns;
@@ -1082,15 +1082,15 @@ xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultString = xmlMalloc(len + 1);
         if(faultString == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlMalloc",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
         xmlSecStrPrintf(faultString, len , xmlSecXkmsSoapFaultReasonMessageInvalid,
-                        xmlSecErrorsSafeString(ctx->requestNode->name));        
+                        xmlSecErrorsSafeString(ctx->requestNode->name));
     } else if((ctx->resultMajor == xmlSecXkmsResultMajorReceiver) &&
               (ctx->requestId == NULL)) {
         /* we understood the request but were not able to process it */
@@ -1099,11 +1099,11 @@ xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
         if(faultString == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
     } else if((ctx->requestId == NULL) && (ctx->requestNode != NULL)) {
@@ -1111,16 +1111,16 @@ xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultCodeHref = xmlSecSoap11Ns;
         faultCodeLocalPart = xmlSecSoapFaultCodeClient;
 
-        len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) + 
+        len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
               xmlStrlen(xmlSecXkmsSoapFaultReasonMessageNotSupported) + 1;
         faultString = xmlMalloc(len + 1);
         if(faultString == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlMalloc",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
         xmlSecStrPrintf(faultString, len , xmlSecXkmsSoapFaultReasonMessageNotSupported,
@@ -1132,31 +1132,31 @@ xmlSecXkmsServerCtxWriteSoap11FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultString = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
         if(faultString == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
     }
-    
+
     if(xmlSecSoap11AddFaultEntry(envNode, faultCodeHref, faultCodeLocalPart, faultString, NULL) == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap11AddFaultEntry",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-        xmlFree(faultString);    
+                    NULL,
+                    "xmlSecSoap11AddFaultEntry",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        xmlFree(faultString);
         return(-1);
     }
 
-    xmlFree(faultString);    
+    xmlFree(faultString);
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr envNode) {
     xmlSecSoap12FaultCode faultCode = xmlSecSoap12FaultCodeUnknown;
     const xmlChar* faultSubCodeHref = NULL;
@@ -1164,7 +1164,7 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
     xmlChar* faultReason = NULL;
     int len;
     xmlNodePtr faultNode;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(envNode != NULL, -1);
 
@@ -1175,14 +1175,14 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonUnsupportedVersion);
         if(faultReason == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
-    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) && 
+    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSender) &&
               (ctx->requestId == NULL)) {
         /* we understood the request but were not able to parse input message */
         faultCode = xmlSecSoap12FaultCodeSender;
@@ -1194,15 +1194,15 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultReason = xmlMalloc(len + 1);
         if(faultReason == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlMalloc",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
         xmlSecStrPrintf(faultReason, len , xmlSecXkmsSoapFaultReasonMessageInvalid,
-                        xmlSecErrorsSafeString(ctx->requestNode->name));        
+                        xmlSecErrorsSafeString(ctx->requestNode->name));
     } else if((ctx->resultMajor == xmlSecXkmsResultMajorReceiver) &&
               (ctx->requestId == NULL)) {
         /* we understood the request but were not able to process it */
@@ -1210,11 +1210,11 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
         if(faultReason == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
     } else if((ctx->requestId == NULL) && (ctx->requestNode != NULL)) {
@@ -1223,16 +1223,16 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultSubCodeHref = xmlSecXkmsNs;
         faultSubCodeLocalPart = xmlSecXkmsSoapSubcodeValueBadMessage;
 
-        len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) + 
+        len = xmlStrlen(BAD_CAST xmlSecErrorsSafeString(ctx->requestNode->name)) +
               xmlStrlen(xmlSecXkmsSoapFaultReasonMessageNotSupported) + 1;
         faultReason = xmlMalloc(len + 1);
         if(faultReason == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlMalloc",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
         xmlSecStrPrintf(faultReason, len , xmlSecXkmsSoapFaultReasonMessageNotSupported,
@@ -1243,50 +1243,50 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
         faultReason = xmlStrdup(xmlSecXkmsSoapFaultReasonServiceUnavailable);
         if(faultReason == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
             return(-1);
         }
     }
     xmlSecAssert2(faultCode != xmlSecSoap12FaultCodeUnknown, -1);
     xmlSecAssert2(faultReason != NULL, -1);
-    
-    faultNode = xmlSecSoap12AddFaultEntry(envNode, faultCode, faultReason, 
+
+    faultNode = xmlSecSoap12AddFaultEntry(envNode, faultCode, faultReason,
                                     xmlSecXkmsSoapFaultReasonLang, NULL, NULL);
     if(faultNode == NULL) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecSoap12AddFaultEntry",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-        xmlFree(faultReason);    
+                    NULL,
+                    "xmlSecSoap12AddFaultEntry",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+        xmlFree(faultReason);
         return(-1);
     }
-    xmlFree(faultReason);    
+    xmlFree(faultReason);
 
     if((faultSubCodeHref != NULL) && (faultSubCodeLocalPart != NULL)) {
         /* make sure that we have subcode (xkms) namespace declared */
         if(xmlNewNs(faultNode, faultSubCodeHref, BAD_CAST "xkms") == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlNewNs",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "ns=%s",
-		        xmlSecErrorsSafeString(faultSubCodeHref));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewNs",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "ns=%s",
+                        xmlSecErrorsSafeString(faultSubCodeHref));
             return(-1);
         }
         if(xmlSecSoap12AddFaultSubcode(faultNode, faultSubCodeHref, faultSubCodeLocalPart) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecSoap12AddFaultSubcode",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "href=%s,value=%s",
-		        xmlSecErrorsSafeString(faultSubCodeHref),
-		        xmlSecErrorsSafeString(faultSubCodeLocalPart));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecSoap12AddFaultSubcode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "href=%s,value=%s",
+                        xmlSecErrorsSafeString(faultSubCodeHref),
+                        xmlSecErrorsSafeString(faultSubCodeLocalPart));
             return(-1);
         }
     }
@@ -1297,79 +1297,79 @@ xmlSecXkmsServerCtxWriteSoap12FatalError(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
 #endif /* XMLSEC_NO_SOAP */
 
 
-/** 
- * xmlSecXkmsServerCtxSetResult: 
- * @ctx:	 the pointer to XKMS processing context.
+/**
+ * xmlSecXkmsServerCtxSetResult:
+ * @ctx:         the pointer to XKMS processing context.
  * @resultMajor: the major result code.
  * @resultMinor: the minor result code.
- * 
+ *
  * Sets the major/minor result code in the context if no other result is already
  * reported.
  */
-void 
-xmlSecXkmsServerCtxSetResult(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsResultMajor resultMajor, 
+void
+xmlSecXkmsServerCtxSetResult(xmlSecXkmsServerCtxPtr ctx, xmlSecXkmsResultMajor resultMajor,
                              xmlSecXkmsResultMinor resultMinor) {
     xmlSecAssert(ctx != NULL);
-    
-    if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && 
+
+    if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) &&
        (resultMinor != xmlSecXkmsResultMajorSuccess)) {
-	ctx->resultMajor = resultMajor;
-	ctx->resultMinor = resultMinor;
-    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && 
+        ctx->resultMajor = resultMajor;
+        ctx->resultMinor = resultMinor;
+    } else if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) &&
        (ctx->resultMinor == xmlSecXkmsResultMinorNone)) {
-	xmlSecAssert(resultMajor == xmlSecXkmsResultMajorSuccess);
-	
-	ctx->resultMinor = resultMinor;
+        xmlSecAssert(resultMajor == xmlSecXkmsResultMajorSuccess);
+
+        ctx->resultMinor = resultMinor;
     }
 }
 
 
 /**
  * xmlSecXkmsServerCtxDebugDump:
- * @ctx:	the pointer to XKMS processing context.
- * @output:	the pointer to output FILE.
+ * @ctx:        the pointer to XKMS processing context.
+ * @output:     the pointer to output FILE.
  *
  * Prints the debug information about @ctx to @output.
  */
-void 
+void
 xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
     xmlSecAssert(ctx != NULL);
     xmlSecAssert(output != NULL);
-    
+
     fprintf(output, "= XKMS SERVER CONTEXT: %s\n",
-	    (ctx->requestId != xmlSecXkmsServerRequestIdUnknown && 
-	     xmlSecXkmsServerRequestKlassGetName(ctx->requestId)) ? 
-		xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
-		BAD_CAST "NULL");
-
-    xmlSecQName2IntegerDebugDump(gXmlSecXkmsResultMajorInfo, 
-		ctx->resultMajor, BAD_CAST "resultMajor", output);    
-    xmlSecQName2IntegerDebugDump(gXmlSecXkmsMinorErrorInfo, 
-		ctx->resultMinor, BAD_CAST "resultMinor", output);    
-
-    fprintf(output, "== id: %s\n", 
-		(ctx->id) ? ctx->id : BAD_CAST "");
-    fprintf(output, "== service: %s\n", 
-		(ctx->service) ? ctx->service : BAD_CAST "");
-    fprintf(output, "== nonce: %s\n", 
-		(ctx->nonce) ? ctx->nonce : BAD_CAST "");
-    fprintf(output, "== originalRequestId: %s\n", 
-		(ctx->originalRequestId) ? ctx->originalRequestId : BAD_CAST "");
-    fprintf(output, "== pendingNotificationMechanism: %s\n", 
-		(ctx->pendingNotificationMechanism) ? 
-		    ctx->pendingNotificationMechanism : 
-		    BAD_CAST "");
-    fprintf(output, "== pendingNotificationIdentifier: %s\n", 
-		(ctx->pendingNotificationIdentifier) ? 
-		    ctx->pendingNotificationIdentifier : 
-		    BAD_CAST "");
+            (ctx->requestId != xmlSecXkmsServerRequestIdUnknown &&
+             xmlSecXkmsServerRequestKlassGetName(ctx->requestId)) ?
+                xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
+                BAD_CAST "NULL");
+
+    xmlSecQName2IntegerDebugDump(gXmlSecXkmsResultMajorInfo,
+                ctx->resultMajor, BAD_CAST "resultMajor", output);
+    xmlSecQName2IntegerDebugDump(gXmlSecXkmsMinorErrorInfo,
+                ctx->resultMinor, BAD_CAST "resultMinor", output);
+
+    fprintf(output, "== id: %s\n",
+                (ctx->id) ? ctx->id : BAD_CAST "");
+    fprintf(output, "== service: %s\n",
+                (ctx->service) ? ctx->service : BAD_CAST "");
+    fprintf(output, "== nonce: %s\n",
+                (ctx->nonce) ? ctx->nonce : BAD_CAST "");
+    fprintf(output, "== originalRequestId: %s\n",
+                (ctx->originalRequestId) ? ctx->originalRequestId : BAD_CAST "");
+    fprintf(output, "== pendingNotificationMechanism: %s\n",
+                (ctx->pendingNotificationMechanism) ?
+                    ctx->pendingNotificationMechanism :
+                    BAD_CAST "");
+    fprintf(output, "== pendingNotificationIdentifier: %s\n",
+                (ctx->pendingNotificationIdentifier) ?
+                    ctx->pendingNotificationIdentifier :
+                    BAD_CAST "");
     if(ctx->responseLimit != XMLSEC_XKMS_NO_RESPONSE_LIMIT) {
         fprintf(output, "== ResponseLimit: %d\n", ctx->responseLimit);
     }
-    xmlSecQName2BitMaskDebugDump(gXmlSecXkmsResponseMechanismInfo, 
-		ctx->responseMechanismMask, BAD_CAST "responseMechanism", output);    
+    xmlSecQName2BitMaskDebugDump(gXmlSecXkmsResponseMechanismInfo,
+                ctx->responseMechanismMask, BAD_CAST "responseMechanism", output);
 
-    if(ctx->expectedService != NULL) {    
+    if(ctx->expectedService != NULL) {
         fprintf(output, "== expected service: %s\n", ctx->expectedService);
     }
     fprintf(output, "== flags: 0x%08x\n", ctx->flags);
@@ -1377,22 +1377,22 @@ xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
 
     fprintf(output, "== Key Info Read Ctx:\n");
     xmlSecKeyInfoCtxDebugDump(&(ctx->keyInfoReadCtx), output);
-    
+
     fprintf(output, "== Key Info Write Ctx:\n");
     xmlSecKeyInfoCtxDebugDump(&(ctx->keyInfoWriteCtx), output);
 
     if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
-	fprintf(output, "== Enabled RespondWith: ");
-	xmlSecTransformIdListDebugDump(&(ctx->enabledRespondWithIds), output);
+        fprintf(output, "== Enabled RespondWith: ");
+        xmlSecTransformIdListDebugDump(&(ctx->enabledRespondWithIds), output);
     } else {
-	fprintf(output, "== Enabled RespondWith: all\n");
+        fprintf(output, "== Enabled RespondWith: all\n");
     }
 
     if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
-	fprintf(output, "== Enabled ServerRequest: ");
-	xmlSecTransformIdListDebugDump(&(ctx->enabledServerRequestIds), output);
+        fprintf(output, "== Enabled ServerRequest: ");
+        xmlSecTransformIdListDebugDump(&(ctx->enabledServerRequestIds), output);
     } else {
-	fprintf(output, "== Enabled ServerRequest: all\n");
+        fprintf(output, "== Enabled ServerRequest: all\n");
     }
 
     fprintf(output, "== RespondWith List:\n");
@@ -1400,7 +1400,7 @@ xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
 
     fprintf(output, "== Keys:\n");
     xmlSecPtrListDebugDump(&(ctx->keys), output);
-    
+
     if(ctx->compoundRequestContexts != NULL) {
         fprintf(output, "== Compound Request:\n");
         xmlSecPtrListDebugDump(ctx->compoundRequestContexts, output);
@@ -1409,28 +1409,28 @@ xmlSecXkmsServerCtxDebugDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
 
 /**
  * xmlSecXkmsServerCtxDebugXmlDump:
- * @ctx:	the pointer to XKMS processing context.
- * @output:	the pointer to output FILE.
+ * @ctx:        the pointer to XKMS processing context.
+ * @output:     the pointer to output FILE.
  *
  * Prints the debug information about @ctx to @output in XML format.
  */
-void 
+void
 xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
     xmlSecAssert(ctx != NULL);
     xmlSecAssert(output != NULL);
 
     fprintf(output, "<XkmsServerRequestContext name=\"");
-    xmlSecPrintXmlString(output, 
-	    (ctx->requestId != xmlSecXkmsServerRequestIdUnknown) ?
-		xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
-		BAD_CAST "NULL"
+    xmlSecPrintXmlString(output,
+            (ctx->requestId != xmlSecXkmsServerRequestIdUnknown) ?
+                xmlSecXkmsServerRequestKlassGetName(ctx->requestId) :
+                BAD_CAST "NULL"
     );
     fprintf(output, "\">\n");
 
-    xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsResultMajorInfo, 
-		ctx->resultMajor, BAD_CAST "MajorError", output);    
-    xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsMinorErrorInfo, 
-		ctx->resultMinor, BAD_CAST "MinorError", output);    
+    xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsResultMajorInfo,
+                ctx->resultMajor, BAD_CAST "MajorError", output);
+    xmlSecQName2IntegerDebugXmlDump(gXmlSecXkmsMinorErrorInfo,
+                ctx->resultMinor, BAD_CAST "MinorError", output);
 
     fprintf(output, "<Id>");
     xmlSecPrintXmlString(output, ctx->id);
@@ -1447,7 +1447,7 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
     fprintf(output, "<OriginalRequestId>");
     xmlSecPrintXmlString(output, ctx->originalRequestId);
     fprintf(output, "</OriginalRequestId>\n");
-    
+
     fprintf(output, "<PendingNotificationMechanism>");
     xmlSecPrintXmlString(output, ctx->pendingNotificationMechanism);
     fprintf(output, "</PendingNotificationMechanism>\n");
@@ -1459,14 +1459,14 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
     if(ctx->responseLimit != XMLSEC_XKMS_NO_RESPONSE_LIMIT) {
         fprintf(output, "<ResponseLimit>%d</ResponseLimit>\n", ctx->responseLimit);
     }
-    xmlSecQName2BitMaskDebugXmlDump(gXmlSecXkmsResponseMechanismInfo, 
-		ctx->responseMechanismMask, BAD_CAST "ResponseMechanism", output);    
+    xmlSecQName2BitMaskDebugXmlDump(gXmlSecXkmsResponseMechanismInfo,
+                ctx->responseMechanismMask, BAD_CAST "ResponseMechanism", output);
 
 
     fprintf(output, "<ExpectedService>");
     xmlSecPrintXmlString(output, ctx->expectedService);
     fprintf(output, "</ExpectedService>\n");
-    
+
     fprintf(output, "<Flags>%08x</Flags>\n", ctx->flags);
     fprintf(output, "<Flags2>%08x</Flags2>\n", ctx->flags2);
 
@@ -1479,19 +1479,19 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
     fprintf(output, "</KeyInfoWriteCtx>\n");
 
     if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
-	fprintf(output, "<EnabledRespondWith>\n");
-	xmlSecTransformIdListDebugXmlDump(&(ctx->enabledRespondWithIds), output);
-	fprintf(output, "</EnabledRespondWith>\n");
+        fprintf(output, "<EnabledRespondWith>\n");
+        xmlSecTransformIdListDebugXmlDump(&(ctx->enabledRespondWithIds), output);
+        fprintf(output, "</EnabledRespondWith>\n");
     } else {
-	fprintf(output, "<EnabledRespondWith>all</EnabledRespondWith>\n");
+        fprintf(output, "<EnabledRespondWith>all</EnabledRespondWith>\n");
     }
 
     if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
-	fprintf(output, "<EnabledServerRequest>\n");
-	xmlSecTransformIdListDebugXmlDump(&(ctx->enabledServerRequestIds), output);
-	fprintf(output, "</EnabledServerRequest>\n");
+        fprintf(output, "<EnabledServerRequest>\n");
+        xmlSecTransformIdListDebugXmlDump(&(ctx->enabledServerRequestIds), output);
+        fprintf(output, "</EnabledServerRequest>\n");
     } else {
-	fprintf(output, "<EnabledServerRequest>all</EnabledServerRequest>\n");
+        fprintf(output, "<EnabledServerRequest>all</EnabledServerRequest>\n");
     }
 
 
@@ -1519,7 +1519,7 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
  *      (<xkms:OpaqueClientData>
  *          <xkms:OpaqueData>?
  *      )?
- *  
+ *
  *  <xkms:RequestAbstractType Id Service Nonce? OriginalRequestId? ResponseLimit?>
  *      <ds:Signature>?
  *      <xkms:MessageExtension>*
@@ -1537,13 +1537,13 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
  *      <complexContent>
  *         <extension base="xkms:MessageAbstractType">
  *            <sequence>
- *              <element ref="xkms:ResponseMechanism" minOccurs="0" 
+ *              <element ref="xkms:ResponseMechanism" minOccurs="0"
  *                     maxOccurs="unbounded"/>
- *               <element ref="xkms:RespondWith" minOccurs="0" 
+ *               <element ref="xkms:RespondWith" minOccurs="0"
  *                     maxOccurs="unbounded"/>
  *               <element ref="xkms:PendingNotification" minOccurs="0"/>
  *            </sequence>
- *            <attribute name="OriginalRequestId" type="anyURI" 
+ *            <attribute name="OriginalRequestId" type="anyURI"
  *                  use="optional"/>
  *            <attribute name="ResponseLimit" type="integer" use="optional"/>
  *         </extension>
@@ -1555,7 +1555,7 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
  *   <complexType name="MessageAbstractType" abstract="true">
  *      <sequence>
  *         <element ref="ds:Signature" minOccurs="0"/>
- *         <element ref="xkms:MessageExtension" minOccurs="0" 
+ *         <element ref="xkms:MessageExtension" minOccurs="0"
  *               maxOccurs="unbounded"/>
  *         <element ref="xkms:OpaqueClientData" minOccurs="0"/>
  *      </sequence>
@@ -1565,7 +1565,7 @@ xmlSecXkmsServerCtxDebugXmlDump(xmlSecXkmsServerCtxPtr ctx, FILE* output) {
  *   </complexType>
  *   <!-- /MessageAbstractType -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
     xmlNodePtr cur;
     xmlChar* tmp;
@@ -1574,7 +1574,7 @@ xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2((*node) != NULL, -1);
-    
+
     cur = (*node);
     xmlSecAssert2(cur != NULL, -1);
 
@@ -1582,40 +1582,40 @@ xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
     xmlSecAssert2(ctx->id == NULL, -1);
     ctx->id = xmlGetProp(cur, xmlSecAttrId);
     if(ctx->id == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlGetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s;node=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrId),
-		    xmlSecErrorsSafeString(cur->name));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlGetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s;node=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrId),
+                    xmlSecErrorsSafeString(cur->name));
+        return(-1);
+    }
+
     /* required Service attribute */
     xmlSecAssert2(ctx->service == NULL, -1);
     ctx->service = xmlGetProp(cur, xmlSecAttrService);
     if(ctx->service == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlGetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s;node=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrService),
-		    xmlSecErrorsSafeString(cur->name));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlGetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s;node=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrService),
+                    xmlSecErrorsSafeString(cur->name));
+        return(-1);
+    }
+
     /* check service */
     if((ctx->expectedService != NULL) && (!xmlStrEqual(ctx->expectedService, ctx->service))) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "expectedService=%s;actualService=%s",
-		    xmlSecErrorsSafeString(ctx->expectedService),
-		    xmlSecErrorsSafeString(ctx->service));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "expectedService=%s;actualService=%s",
+                    xmlSecErrorsSafeString(ctx->expectedService),
+                    xmlSecErrorsSafeString(ctx->service));
+        return(-1);
     }
 
     /* optional Nonce attribute */
@@ -1630,106 +1630,106 @@ xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
     xmlSecAssert2(ctx->responseLimit == XMLSEC_XKMS_NO_RESPONSE_LIMIT, -1);
     tmp = xmlGetProp(cur, xmlSecAttrResponseLimit);
     if(tmp != NULL) {
-	ctx->responseLimit = atoi((char*)tmp);
-	xmlFree(tmp);
+        ctx->responseLimit = atoi((char*)tmp);
+        xmlFree(tmp);
     }
 
-    /* now read children */   
+    /* now read children */
     cur = xmlSecGetNextElementNode(cur->children);
-    
+
     /* first node is optional <dsig:Signature/> node */
     if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeSignature, xmlSecDSigNs)) {
-	ret = xmlSecXkmsServerCtxSignatureNodeRead(ctx, cur);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxSignatureNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-    
+        ret = xmlSecXkmsServerCtxSignatureNodeRead(ctx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxSignatureNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
     /* next is zero or more <xkms:MessageExtension/> nodes */
     ret = xmlSecXkmsServerCtxMessageExtensionNodesRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxMessageExtensionNodesRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxMessageExtensionNodesRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* next is optional <xkms:OpaqueClientData/> node */
     if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeOpaqueClientData, xmlSecXkmsNs)) {
-	ret = xmlSecXkmsServerCtxOpaqueClientDataNodeRead(ctx, cur);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxOpaqueClientDataNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        ret = xmlSecXkmsServerCtxOpaqueClientDataNodeRead(ctx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxOpaqueClientDataNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* next is zero or more <xkms:ResponseMechanism/> nodes */
-    ret = xmlSecQName2BitMaskNodesRead(gXmlSecXkmsResponseMechanismInfo, &cur, 
-			xmlSecNodeResponseMechanism, xmlSecXkmsNs,
-                        ((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM) != 0) ? 1 : 0, 
-			&ctx->responseMechanismMask);
+    ret = xmlSecQName2BitMaskNodesRead(gXmlSecXkmsResponseMechanismInfo, &cur,
+                        xmlSecNodeResponseMechanism, xmlSecXkmsNs,
+                        ((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPONSE_MECHANISM) != 0) ? 1 : 0,
+                        &ctx->responseMechanismMask);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2BitMaskNodesRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeResponseMechanism));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2BitMaskNodesRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeResponseMechanism));
+        return(-1);
+    }
+
     /* next is zero or more <xkms:RespondWith/> nodes */
     ret = xmlSecXkmsServerCtxRespondWithNodesRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRespondWithNodesRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRespondWithNodesRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* next is optional <xkms:PendingNotification/> node */
     if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodePendingNotification, xmlSecXkmsNs)) {
-	ret = xmlSecXkmsServerCtxPendingNotificationNodeRead(ctx, cur);    
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxPendingNotificationNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-
-    (*node) = cur;    
+        ret = xmlSecXkmsServerCtxPendingNotificationNodeRead(ctx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxPendingNotificationNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    (*node) = cur;
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxSignatureNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* todo: verify signature and make sure that correct data was signed */
     return(0);
 }
 
-/** 
+/**
  *   <!-- MessageExtension -->
  *   <element name="MessageExtension" type="xkms:MessageExtensionAbstractType"
  *         abstract="true"/>
@@ -1746,17 +1746,17 @@ xmlSecXkmsServerCtxMessageExtensionNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNode
 
     cur = (*node);
     while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeMessageExtension, xmlSecXkmsNs)) {
-	if(ctx->firtsMsgExtNode == NULL) {
-	    ctx->firtsMsgExtNode = cur;
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        if(ctx->firtsMsgExtNode == NULL) {
+            ctx->firtsMsgExtNode = cur;
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
-    (*node) = cur;    
+    (*node) = cur;
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxOpaqueClientDataNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->opaqueClientDataNode == NULL, -1);
@@ -1777,48 +1777,48 @@ xmlSecXkmsServerCtxRespondWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr*
 
     cur = (*node);
     while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeRespondWith, xmlSecXkmsNs)) {
-	xmlSecXkmsRespondWithId id = xmlSecXkmsRespondWithIdUnknown;
-
-	if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
-	    id = xmlSecXkmsRespondWithIdListFindByNodeValue(&(ctx->enabledRespondWithIds), cur);
-	} else {
-	    id = xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecXkmsRespondWithIdsGet(), cur);	
-	}
-
-	if(id != xmlSecXkmsRespondWithIdUnknown) {	
-	    ret = xmlSecXkmsRespondWithNodeRead(id, ctx, cur);
-	    if(ret < 0) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecCreateTree",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	} else if((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH) != 0) {
+        xmlSecXkmsRespondWithId id = xmlSecXkmsRespondWithIdUnknown;
+
+        if(xmlSecPtrListGetSize(&(ctx->enabledRespondWithIds)) > 0) {
+            id = xmlSecXkmsRespondWithIdListFindByNodeValue(&(ctx->enabledRespondWithIds), cur);
+        } else {
+            id = xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecXkmsRespondWithIdsGet(), cur);
+        }
+
+        if(id != xmlSecXkmsRespondWithIdUnknown) {
+            ret = xmlSecXkmsRespondWithNodeRead(id, ctx, cur);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecCreateTree",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        } else if((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_RESPOND_WITH) != 0) {
             xmlChar* content ;
-            
+
             content = xmlNodeGetContent(cur);
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s,value=%s",
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s,value=%s",
                         xmlSecErrorsSafeString(cur->name),
                         xmlSecErrorsSafeString(content));
             if(content != NULL) {
                 xmlFree(content);
             }
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
-    (*node) = cur;    
+
+    (*node) = cur;
     return(0);
 }
 
-/** 
+/**
  * XML Schema:
  *   <!-- PendingNotification -->
  *   <element name="PendingNotification" type="xkms:PendingNotificationType"/>
@@ -1828,7 +1828,7 @@ xmlSecXkmsServerCtxRespondWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr*
  *   </complexType>
  *   <!-- /PendingNotification -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxPendingNotificationNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -1836,29 +1836,29 @@ xmlSecXkmsServerCtxPendingNotificationNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
     xmlSecAssert2(ctx->pendingNotificationMechanism == NULL, -1);
     ctx->pendingNotificationMechanism = xmlGetProp(node, xmlSecAttrMechanism);
     if(ctx->pendingNotificationMechanism == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlGetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s;node=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrMechanism),
-		    xmlSecErrorsSafeString(node->name));
-    	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlGetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s;node=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrMechanism),
+                    xmlSecErrorsSafeString(node->name));
+        return(-1);
     }
 
     xmlSecAssert2(ctx->pendingNotificationIdentifier == NULL, -1);
     ctx->pendingNotificationIdentifier = xmlGetProp(node, xmlSecAttrIdentifier);
     if(ctx->pendingNotificationIdentifier == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlGetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s;node=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrIdentifier),
-		    xmlSecErrorsSafeString(node->name));
-    	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlGetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s;node=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrIdentifier),
+                    xmlSecErrorsSafeString(node->name));
+        return(-1);
+    }
+
     return(0);
 }
 
@@ -1872,11 +1872,11 @@ xmlSecXkmsServerCtxPendingNotificationNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
  *      <xkms:ResponseMechanism>*
  *      <xkms:RespondWith>*
  *      <xkms:PendingNotification Mechanism Identifier>?
- *  
+ *
  * XML Schema:
  *
- *   <!-- PendingRequest -->  
- *   <element name="PendingRequest" type="xkms:PendingRequestType"/>   
+ *   <!-- PendingRequest -->
+ *   <element name="PendingRequest" type="xkms:PendingRequestType"/>
  *   <complexType name="PendingRequestType">
  *       <complexContent>
  *           <extension base="xkms:RequestAbstractType">
@@ -1884,24 +1884,24 @@ xmlSecXkmsServerCtxPendingNotificationNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNo
  *            </extension>
  *       </complexContent>
  *    </complexType>
- *    <!-- /PendingRequest --> * 
+ *    <!-- /PendingRequest --> *
  */
-static int 
+static int
 xmlSecXkmsServerCtxPendingRequestNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
     int ret;
 
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* first read "parent" type */
     ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, node);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* todo: read responseId */
@@ -1914,67 +1914,67 @@ xmlSecXkmsServerCtxPendingRequestNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
- *      <xkms:UseKeyWith Application Identifier>*    
+ *      <xkms:UseKeyWith Application Identifier>*
  *      <xkms:TimeInstant Time>?
- *  
+ *
  * XML Schema:
  *   <!-- QueryKeyBinding -->
  *   <element name="QueryKeyBinding" type="xkms:QueryKeyBindingType"/>
  *   <complexType name="QueryKeyBindingType">
  *      <complexContent>
  *          <extension base="xkms:KeyBindingAbstractType">
- *	        <sequence>
- *		    <element ref="xkms:TimeInstant" minOccurs="0"/>
- *		</sequence>
- *	    </extension>
- *	</complexContent>
+ *              <sequence>
+ *                  <element ref="xkms:TimeInstant" minOccurs="0"/>
+ *              </sequence>
+ *          </extension>
+ *      </complexContent>
  *   </complexType>
  *   <!-- /QueryKeyBinding -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxQueryKeyBindingNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* first read "parent" type */
     cur = node;
     ret = xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* next is optional <xkms:TimeInstant/> node */
     if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeTimeInstant, xmlSecXkmsNs)) {
-	ret = xmlSecXkmsServerCtxTimeInstantNodeRead(ctx, cur);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecXkmsServerCtxTimeInstantNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        ret = xmlSecXkmsServerCtxTimeInstantNodeRead(ctx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxTimeInstantNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* check that there is nothing after the last node */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
@@ -1992,66 +1992,66 @@ xmlSecXkmsServerCtxQueryKeyBindingNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePt
  *       <sequence>
  *          <element ref="ds:KeyInfo" minOccurs="0"/>
  *          <element ref="xkms:KeyUsage" minOccurs="0" maxOccurs="3"/>
- *          <element ref="xkms:UseKeyWith" minOccurs="0" 
+ *          <element ref="xkms:UseKeyWith" minOccurs="0"
  *                   maxOccurs="unbounded"/>
  *       </sequence>
  *       <attribute name="Id" type="ID" use="optional"/>
  *    </complexType>
  *    <!-- /KeyBindingAbstractType-->
  */
-static int 
+static int
 xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2((*node) != NULL, -1);
-    
+
     cur = (*node);
     xmlSecAssert2(cur != NULL, -1);
-    
+
     /* we don't care about Id attribute in this node */
     cur = xmlSecGetNextElementNode(cur->children);
-    
+
     /* first node is optional <dsig:KeyInfo/> node. for now we only remember pointer */
     xmlSecAssert2(ctx->keyInfoNode == NULL, -1);
     if((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs)) {
-	ctx->keyInfoNode = cur;
-	cur = xmlSecGetNextElementNode(cur->next);
+        ctx->keyInfoNode = cur;
+        cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     /* next is zero or more <xkms:KeyUsage/> nodes */
     ret = xmlSecQName2BitMaskNodesRead(gXmlSecXkmsKeyUsageInfo, &cur,
-		    xmlSecNodeKeyUsage, xmlSecXkmsNs, 
+                    xmlSecNodeKeyUsage, xmlSecXkmsNs,
                     ((ctx->flags & XMLSEC_XKMS_SERVER_FLAGS_STOP_ON_UNKNOWN_KEY_USAGE) != 0) ? 1 : 0,
-		    &(ctx->keyInfoReadCtx.keyReq.keyUsage));
+                    &(ctx->keyInfoReadCtx.keyReq.keyUsage));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2BitMaskNodesRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2BitMaskNodesRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
+        return(-1);
+    }
+
     /* next is zero or more <xkms:UseKeyWith/> nodes */
     ret = xmlSecXkmsServerCtxUseKeyWithNodesRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxUseKeyWithNodesRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxUseKeyWithNodesRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     (*node) = cur;
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     xmlNodePtr cur;
     int ret;
@@ -2063,65 +2063,65 @@ xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, x
     /* generate and add Id attribute */
     ret = xmlSecGenerateAndAddID(node, xmlSecAttrId, ctx->idPrefix, ctx->idLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecGenerateAndAddID",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGenerateAndAddID",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* <dsig:KeyInfo/> node */
     cur = xmlSecAddChild(node, xmlSecNodeKeyInfo, xmlSecDSigNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyInfo));
+        return(-1);
     }
 
     ret = xmlSecXkmsServerCtxKeyInfoNodeWrite(ctx, cur, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxKeyInfoNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxKeyInfoNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* next is <xkms:KeyUsage/> node */
     ret = xmlSecQName2BitMaskNodesWrite(gXmlSecXkmsKeyUsageInfo, node,
-		    xmlSecNodeKeyUsage, xmlSecXkmsNs, 
-		    key->usage);
+                    xmlSecNodeKeyUsage, xmlSecXkmsNs,
+                    key->usage);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2BitMaskNodesWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2BitMaskNodesWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeKeyUsage));
+        return(-1);
     }
 
     /* and the last node is <xkms:UseKeyWith/> */
     ret = xmlSecXkmsServerCtxUseKeyWithNodesWrite(ctx, node, key);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxUseKeyWithNodesWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxUseKeyWithNodesWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxKeyInfoNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     int ret;
 
@@ -2132,22 +2132,22 @@ xmlSecXkmsServerCtxKeyInfoNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node,
     /* add child nodes as requested in <xkms:RespondWith/> nodes */
     ret = xmlSecXkmsRespondWithIdListWrite(&(ctx->respWithList), ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdListWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdListWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecKeyInfoNodeWrite(node, key, &(ctx->keyInfoWriteCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -2172,7 +2172,7 @@ xmlSecXkmsServerCtxUseKeyWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* n
     xmlChar* application;
     xmlChar* identifier;
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
@@ -2181,64 +2181,64 @@ xmlSecXkmsServerCtxUseKeyWithNodesRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr* n
 
     cur = (*node);
     while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeUseKeyWith, xmlSecXkmsNs)) {
-	application = xmlGetProp(cur, xmlSecAttrApplication);
-	if(application == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlGetProp",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"name=%s;node=%s",
-			xmlSecErrorsSafeString(xmlSecAttrApplication),
-			xmlSecErrorsSafeString(cur->name));
-    	    return(-1);
-	}
-
-	identifier = xmlGetProp(cur, xmlSecAttrIdentifier);
-	if(identifier == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlGetProp",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"name=%s;node=%s",
-			xmlSecErrorsSafeString(xmlSecAttrIdentifier),
-			xmlSecErrorsSafeString(cur->name));
-	    xmlFree(application);
-    	    return(-1);
-	}
-	
-	keyUseWith = xmlSecKeyUseWithCreate(application, identifier);
-	if(keyUseWith == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSecKeyUseWithCreate",
-		    	XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(application);
-	    xmlFree(identifier);
-    	    return(-1);
-	}
-	xmlFree(application);
-	xmlFree(identifier);
-	
-	ret = xmlSecPtrListAdd(list, keyUseWith);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSecPtrListAdd",
-		    	XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecKeyUseWithDestroy(keyUseWith);
-    	    return(-1);
-	}
-	
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-
-    (*node) = cur;    
+        application = xmlGetProp(cur, xmlSecAttrApplication);
+        if(application == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlGetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s;node=%s",
+                        xmlSecErrorsSafeString(xmlSecAttrApplication),
+                        xmlSecErrorsSafeString(cur->name));
+            return(-1);
+        }
+
+        identifier = xmlGetProp(cur, xmlSecAttrIdentifier);
+        if(identifier == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlGetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s;node=%s",
+                        xmlSecErrorsSafeString(xmlSecAttrIdentifier),
+                        xmlSecErrorsSafeString(cur->name));
+            xmlFree(application);
+            return(-1);
+        }
+
+        keyUseWith = xmlSecKeyUseWithCreate(application, identifier);
+        if(keyUseWith == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyUseWithCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(application);
+            xmlFree(identifier);
+            return(-1);
+        }
+        xmlFree(application);
+        xmlFree(identifier);
+
+        ret = xmlSecPtrListAdd(list, keyUseWith);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecKeyUseWithDestroy(keyUseWith);
+            return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
+    (*node) = cur;
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxUseKeyWithNodesWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -2249,7 +2249,7 @@ xmlSecXkmsServerCtxUseKeyWithNodesWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr n
 }
 
 
-static int 
+static int
 xmlSecXkmsServerCtxTimeInstantNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
@@ -2275,174 +2275,174 @@ xmlSecXkmsServerCtxTimeInstantNodeRead(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no
  *          <extension base="xkms:MessageAbstractType">
  *             <sequence>
  *                <element ref="xkms:RequestSignatureValue" minOccurs="0"/>
- *	       </sequence>
- *	       <attribute name="ResultMajor" type="QName" use="required"/>
- *	       <attribute name="ResultMinor" type="QName" use="optional"/>
- *	       <attribute name="RequestId" type="anyURI" use="optional"/>
- *	    </extension>
- *	 </complexContent>
+ *             </sequence>
+ *             <attribute name="ResultMajor" type="QName" use="required"/>
+ *             <attribute name="ResultMinor" type="QName" use="optional"/>
+ *             <attribute name="RequestId" type="anyURI" use="optional"/>
+ *          </extension>
+ *       </complexContent>
  *    </complexType>
  *    <!-- /ResultType -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxResultTypeNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* generate and add Id attribute */
     ret = xmlSecGenerateAndAddID(node, xmlSecAttrId, ctx->idPrefix, ctx->idLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecGenerateAndAddID",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecGenerateAndAddID",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* todo: generate nonce? */
 
-    /* set Service atribute (required) */   
+    /* set Service atribute (required) */
     if((ctx->service == NULL) || (xmlSetProp(node, xmlSecAttrService, ctx->service) == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrService),
-		    xmlSecErrorsSafeString(ctx->service));
-	return(-1);	
-    }
-    
-
-    /* set RequestId atribute (optional) */   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrService),
+                    xmlSecErrorsSafeString(ctx->service));
+        return(-1);
+    }
+
+
+    /* set RequestId atribute (optional) */
     if((ctx->id != NULL) && (xmlSetProp(node, xmlSecAttrRequestId, ctx->id) == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSetProp",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "name=%s,value=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrRequestId),
-		    xmlSecErrorsSafeString(ctx->id));
-	return(-1);	
-    }
-    
-    
-    /* set major code (required) */ 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "name=%s,value=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrRequestId),
+                    xmlSecErrorsSafeString(ctx->id));
+        return(-1);
+    }
+
+
+    /* set major code (required) */
     ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsResultMajorInfo, node,
-					     xmlSecAttrResultMajor, ctx->resultMajor);
+                                             xmlSecAttrResultMajor, ctx->resultMajor);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerAttributeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s,value=%d",
-		    xmlSecErrorsSafeString(xmlSecAttrResultMajor),
-		    ctx->resultMajor);
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerAttributeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s,value=%d",
+                    xmlSecErrorsSafeString(xmlSecAttrResultMajor),
+                    ctx->resultMajor);
+        return(-1);
     }
 
-    /* set minor code (optional) */ 
+    /* set minor code (optional) */
     if(ctx->resultMinor != xmlSecXkmsResultMinorNone) {
         ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsMinorErrorInfo, node,
-					     xmlSecAttrResultMinor, ctx->resultMinor);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecQName2IntegerAttributeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "name=%s,value=%d",
-			xmlSecErrorsSafeString(xmlSecAttrResultMinor),
-			ctx->resultMinor);
-	    return(-1);	
-	}
+                                             xmlSecAttrResultMinor, ctx->resultMinor);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecQName2IntegerAttributeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s,value=%d",
+                        xmlSecErrorsSafeString(xmlSecAttrResultMinor),
+                        ctx->resultMinor);
+            return(-1);
+        }
     }
 
     /* todo: create signature template */
-    
+
     /* todo: create message extension nodes? */
 
-    /* <xkms:OpaqueClientData/>: An XKMS service SHOULD return the value of 
-     * the <OpaqueClientData> element unmodified in a request in a response 
+    /* <xkms:OpaqueClientData/>: An XKMS service SHOULD return the value of
+     * the <OpaqueClientData> element unmodified in a request in a response
      * with status code Succes */
     if((ctx->resultMajor == xmlSecXkmsResultMajorSuccess) && (ctx->opaqueClientDataNode != NULL)) {
         xmlNodePtr copyNode;
 
-	copyNode = xmlDocCopyNode(ctx->opaqueClientDataNode, node->doc, 1);
-	if(copyNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSetProp",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(ctx->opaqueClientDataNode->name));
-	    return(-1);
-	}	
-	
-	if(xmlSecAddChildNode(node, copyNode) == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSecAddChildNode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"name=%s",
-			xmlSecErrorsSafeString(copyNode->name));
-	    return(-1);
-	}
+        copyNode = xmlDocCopyNode(ctx->opaqueClientDataNode, node->doc, 1);
+        if(copyNode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSetProp",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(ctx->opaqueClientDataNode->name));
+            return(-1);
+        }
+
+        if(xmlSecAddChildNode(node, copyNode) == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChildNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "name=%s",
+                        xmlSecErrorsSafeString(copyNode->name));
+            return(-1);
+        }
     }
 
     ret = xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestSignatureValueNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestSignatureValueNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-/** 
- * A service SHOULD include the <RequestSignatureValue> element in a response 
- * if the following conditions are satisfied and MUST NOT include the value 
+/**
+ * A service SHOULD include the <RequestSignatureValue> element in a response
+ * if the following conditions are satisfied and MUST NOT include the value
  * otherwise:
  *
  *
  *  - The <ds:Signature> element was present in the corresponding request
- *  - The service successfully verified the <ds:Signature> element in the 
+ *  - The service successfully verified the <ds:Signature> element in the
  *  corresponding request, and
  *  - The ResponseMechanism RequestSignatureValue was specified.
- *    
+ *
  */
-static int 
+static int
 xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* todo: check all conditions for RequestSignatureValue */
     if((ctx->responseMechanismMask & XMLSEC_XKMS_RESPONSE_MECHANISM_MASK_REQUEST_SIGNATURE_VALUE) == 0) {
-	/* The ResponseMechanism RequestSignatureValue was not specified. */
-	return(0);
+        /* The ResponseMechanism RequestSignatureValue was not specified. */
+        return(0);
     }
-    
+
     /* todo: write RequestSignatureValue */
     return(0);
 }
 
 
-/** 
- *  
+/**
+ *
  *  <xkms:UnverifiedKeyBindingType Id?>
  *      <ds:KeyInfo>?
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
- *      <xkms:UseKeyWith Application Identifier>*    
+ *      <xkms:UseKeyWith Application Identifier>*
  *      <xkms:ValidityInterval NotBefore NotOnOrAfter>?
- *  
+ *
  * XML Schema:
  *
  *    <!-- UnverifiedKeyBinding -->
@@ -2458,7 +2458,7 @@ xmlSecXkmsServerCtxRequestSignatureValueNodeWrite(xmlSecXkmsServerCtxPtr ctx, xm
  *    </complexType>
  *    <!-- /UnverifiedKeyBinding -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     int ret;
 
@@ -2467,47 +2467,47 @@ xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xml
     xmlSecAssert2(node != NULL, -1);
 
     /* first write "parent" type */
-    ret = xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(ctx, node, key);    
+    ret = xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite(ctx, node, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* <xkms:ValidityInterval/> node */
-    ret = xmlSecXkmsServerCtxValidityIntervalNodeWrite(ctx, node, key);    
+    ret = xmlSecXkmsServerCtxValidityIntervalNodeWrite(ctx, node, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxValidityIntervalNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxValidityIntervalNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerCtxValidityIntervalNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(key != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* todo: write key validity interval */
     return(0);
 }
 
-/** 
+/**
  *  <xkms:KeyBinding Id?>
  *      <ds:KeyInfo>?
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
  *      <xkms:KeyUsage>?
- *      <xkms:UseKeyWith Application Identifier>*    
+ *      <xkms:UseKeyWith Application Identifier>*
  *      <xkms:ValidityInterval NotBefore NotOnOrAfter>?
  *      <xkms:Status StatusValue>
  *          (<xkms:ValidReason>?
@@ -2516,13 +2516,13 @@ xmlSecXkmsServerCtxValidityIntervalNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNode
  *           )*
  *
  * XML Schema:
- * 
- *    <!-- KeyBinding -->   
- *    <element name="KeyBinding" type="xkms:KeyBindingType"/>   
- *    <complexType name="KeyBindingType">      
- *        <complexContent>         
- *            <extension base="xkms:UnverifiedKeyBindingType">            
- *                <sequence>               
+ *
+ *    <!-- KeyBinding -->
+ *    <element name="KeyBinding" type="xkms:KeyBindingType"/>
+ *    <complexType name="KeyBindingType">
+ *        <complexContent>
+ *            <extension base="xkms:UnverifiedKeyBindingType">
+ *                <sequence>
  *                    <element ref="xkms:Status"/>
  *                </sequence>
  *            </extension>
@@ -2530,7 +2530,7 @@ xmlSecXkmsServerCtxValidityIntervalNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNode
  *    </complexType>
  *    <!-- /KeyBinding -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     int ret;
 
@@ -2539,25 +2539,25 @@ xmlSecXkmsServerCtxKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no
     xmlSecAssert2(node != NULL, -1);
 
     /* first write "parent" type */
-    ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, node, key);    
+    ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, node, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxKeyBindingAbstractTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* <xkms:Status/> node */
-    ret = xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(ctx, node, key);    
+    ret = xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(ctx, node, key);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxKeyBindingStatusNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxKeyBindingStatusNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -2569,21 +2569,21 @@ xmlSecXkmsServerCtxKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no
  *       <xkms:IndeterminateReason>?
  *       <xkms:InvalidReason>?
  *      )*
- * 
+ *
  * XML Schema:
  *
- *    <!-- Status -->   
+ *    <!-- Status -->
  *    <element name="Status" type="xkms:StatusType"/>
  *    <complexType name="StatusType">
  *       <sequence>
- *          <element ref="xkms:ValidReason" minOccurs="0" 
+ *          <element ref="xkms:ValidReason" minOccurs="0"
  *                maxOccurs="unbounded"/>
- *          <element ref="xkms:IndeterminateReason" minOccurs="0" 
+ *          <element ref="xkms:IndeterminateReason" minOccurs="0"
  *                maxOccurs="unbounded"/>
- *          <element ref="xkms:InvalidReason" minOccurs="0" 
+ *          <element ref="xkms:InvalidReason" minOccurs="0"
  *                maxOccurs="unbounded"/>
  *       </sequence>
- *       <attribute name="StatusValue" type="xkms:KeyBindingStatus" 
+ *       <attribute name="StatusValue" type="xkms:KeyBindingStatus"
  *             use="required"/>
  *    </complexType>
  *    <simpleType name="KeyBindingStatus">
@@ -2595,7 +2595,7 @@ xmlSecXkmsServerCtxKeyBindingNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr no
  *    </simpleType>
  *    <!-- /Status -->
  */
-static int 
+static int
 xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node, xmlSecKeyPtr key) {
     xmlNodePtr cur;
     int ret;
@@ -2606,28 +2606,28 @@ xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNode
 
     cur = xmlSecAddChild(node, xmlSecNodeStatus, xmlSecXkmsNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeStatus));
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeStatus));
+        return(-1);
     }
 
     /* if we are here then the key was validated */
-    ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsKeyBindingStatusInfo, cur, 
-		    xmlSecAttrStatusValue, xmlSecXkmsKeyBindingStatusValid);
+    ret = xmlSecQName2IntegerAttributeWrite(gXmlSecXkmsKeyBindingStatusInfo, cur,
+                    xmlSecAttrStatusValue, xmlSecXkmsKeyBindingStatusValid);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerAttributeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecAttrStatusValue));
-	return(-1);	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerAttributeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecAttrStatusValue));
+        return(-1);
+    }
+
     /* todo: write the reasons */
     return(0);
 }
@@ -2636,16 +2636,16 @@ xmlSecXkmsServerCtxKeyBindingStatusNodeWrite(xmlSecXkmsServerCtxPtr ctx, xmlNode
  *
  * xmlSecXkmsServerCtx list
  *
- ************************************************************************/ 
+ ************************************************************************/
 static xmlSecPtrListKlass xmlSecXkmsServerCtxPtrListKlass = {
     BAD_CAST "xkms-server-ctx-list",
-    NULL, 								/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecXkmsServerCtxDestroy,	        /* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugDump,	        /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecXkmsServerCtxDestroy,             /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugDump,         /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerCtxDebugXmlDump,      /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
-xmlSecPtrListId	
+xmlSecPtrListId
 xmlSecXkmsServerCtxPtrListGetKlass(void) {
     return(&xmlSecXkmsServerCtxPtrListKlass);
 }
@@ -2659,11 +2659,11 @@ xmlSecXkmsServerCtxPtrListGetKlass(void) {
 static xmlSecPtrList xmlSecAllXkmsRespondWithIds;
 
 
-/** 
+/**
  * xmlSecXkmsRespondWithIdsGet:
  *
  * Gets global registered RespondWith klasses list.
- * 
+ *
  * Returns: the pointer to list of all registered RespondWith klasses.
  */
 xmlSecPtrListPtr
@@ -2671,45 +2671,45 @@ xmlSecXkmsRespondWithIdsGet(void) {
     return(&xmlSecAllXkmsRespondWithIds);
 }
 
-/** 
+/**
  * xmlSecXkmsRespondWithIdsInit:
  *
- * Initializes the RespondWith klasses. This function is called from the 
+ * Initializes the RespondWith klasses. This function is called from the
  * #xmlSecInit function and the application should not call it directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsRespondWithIdsInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(xmlSecXkmsRespondWithIdsGet(), xmlSecXkmsRespondWithIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecXkmsRespondWithIdListId");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecXkmsRespondWithIdListId");
         return(-1);
     }
-    
+
     ret = xmlSecXkmsRespondWithIdsRegisterDefault();
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegisterDefault",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegisterDefault",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  * xmlSecXkmsRespondWithIdsShutdown:
- * 
- * Shuts down the keys data klasses. This function is called from the 
+ *
+ * Shuts down the keys data klasses. This function is called from the
  * #xmlSecShutdown function and the application should not call it directly.
  */
 void
@@ -2717,32 +2717,32 @@ xmlSecXkmsRespondWithIdsShutdown(void) {
     xmlSecPtrListFinalize(xmlSecXkmsRespondWithIdsGet());
 }
 
-/** 
+/**
  * xmlSecXkmsRespondWithIdsRegister:
- * @id:		the RespondWith klass.
+ * @id:         the RespondWith klass.
  *
  * Registers @id in the global list of RespondWith klasses.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id) {
     int ret;
-        
+
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
-    
+
     ret = xmlSecPtrListAdd(xmlSecXkmsRespondWithIdsGet(), (xmlSecPtr)id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "RespondWith=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "RespondWith=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)));
         return(-1);
     }
-    
-    return(0);    
+
+    return(0);
 }
 
 /**
@@ -2753,98 +2753,98 @@ xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithId id) {
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsRespondWithIdsRegisterDefault(void) {
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithKeyNameId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyNameId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyNameId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithKeyValueId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyValueId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithKeyValueId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithPrivateKeyId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPrivateKeyId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPrivateKeyId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithRetrievalMethodId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithRetrievalMethodId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithRetrievalMethodId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509CertId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CertId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CertId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509ChainId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509ChainId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509ChainId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithX509CRLId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CRLId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithX509CRLId)));
+        return(-1);
     }
 
     /* TODO: OCSP, PGP, PGPWeb, SPKI */
     /*
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithPGPId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPGPId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithPGPId)));
+        return(-1);
     }
 
     if(xmlSecXkmsRespondWithIdsRegister(xmlSecXkmsRespondWithSPKIId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithSPKIId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(xmlSecXkmsRespondWithSPKIId)));
+        return(-1);
     }
     */
     return(0);
@@ -2855,78 +2855,78 @@ xmlSecXkmsRespondWithIdsRegisterDefault(void) {
  *
  * XKMS RespondWith Klass
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecXkmsRespondWithNodeRead:
- * @id:		the RespondWith class.
- * @ctx:	the XKMS request processing context.
- * @node:	the pointer to <xkms:RespondWith/> node.
+ * @id:         the RespondWith class.
+ * @ctx:        the XKMS request processing context.
+ * @node:       the pointer to <xkms:RespondWith/> node.
  *
  * Reads the content of the <xkms:RespondWith/> @node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int  
+int
 xmlSecXkmsRespondWithNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-			      xmlNodePtr node) {
+                              xmlNodePtr node) {
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     if(id->readNode != NULL) {
-	return((id->readNode)(id, ctx, node));
+        return((id->readNode)(id, ctx, node));
     }
     return(0);
 }
 
 /**
  * xmlSecXkmsRespondWithNodeWrite:
- * @id:		the RespondWith class.
- * @ctx:	the XKMS request processing context.
- * @node:	the pointer to <xkms:RespondWith/> node.
+ * @id:         the RespondWith class.
+ * @ctx:        the XKMS request processing context.
+ * @node:       the pointer to <xkms:RespondWith/> node.
  *
  * Writes the content of the <xkms:RespondWith/> @node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsRespondWithNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-			     xmlNodePtr node) {
+                             xmlNodePtr node) {
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     if(id->writeNode != NULL) {
-	return((id->writeNode)(id, ctx, node));
+        return((id->writeNode)(id, ctx, node));
     }
     return(0);
 }
 
 /**
  * xmlSecXkmsRespondWithDebugDump:
- * @id:		the RespondWith class.
- * @output:	the output file.
+ * @id:         the RespondWith class.
+ * @output:     the output file.
  *
  * Writes debug information about @id into the @output.
  */
-void 
+void
 xmlSecXkmsRespondWithDebugDump(xmlSecXkmsRespondWithId id, FILE* output) {
     xmlSecAssert(id != xmlSecXkmsRespondWithIdUnknown);
     xmlSecAssert(output != NULL);
 
-    fprintf(output, "=== RespondWith: \"%s\" (href=\"%s\")\n", 
+    fprintf(output, "=== RespondWith: \"%s\" (href=\"%s\")\n",
         xmlSecErrorsSafeString(id->valueName),
         xmlSecErrorsSafeString(id->valueNs));
 }
 
 /**
  * xmlSecXkmsRespondWithDebugXmlDump:
- * @id:		the RespondWith class.
- * @output:	the output file.
+ * @id:         the RespondWith class.
+ * @output:     the output file.
  *
  * Writes debug information about @id into the @output in XML format.
  */
-void 
+void
 xmlSecXkmsRespondWithDebugXmlDump(xmlSecXkmsRespondWithId id, FILE* output) {
     xmlSecAssert(id != xmlSecXkmsRespondWithIdUnknown);
     xmlSecAssert(output != NULL);
@@ -2938,9 +2938,9 @@ xmlSecXkmsRespondWithDebugXmlDump(xmlSecXkmsRespondWithId id, FILE* output) {
     fprintf(output, "</RespondWith>\n");
 }
 
-int 
+int
 xmlSecXkmsRespondWithDefaultNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-			    xmlNodePtr node) {
+                            xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
@@ -2949,33 +2949,33 @@ xmlSecXkmsRespondWithDefaultNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServe
 
     ret = xmlSecXkmsRespondWithIdListFind(&(ctx->respWithList), id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithIdListFind",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithIdListFind",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     } else if(ret > 0) {
-	/* do nothing, we already have it in the list */
-	return(0);
-    }    
-    
+        /* do nothing, we already have it in the list */
+        return(0);
+    }
+
     ret = xmlSecPtrListAdd(&(ctx->respWithList), id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-int  
+int
 xmlSecXkmsRespondWithDefaultNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-			    xmlNodePtr node) {
+                            xmlNodePtr node) {
     xmlNodePtr cur;
 
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
@@ -2985,13 +2985,13 @@ xmlSecXkmsRespondWithDefaultNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServ
 
     cur = xmlSecAddChild(node, id->nodeName, id->nodeNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecAddChild",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(id->nodeName));
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(id->nodeName));
+        return(-1);
     }
 
     return(0);
@@ -3001,37 +3001,37 @@ xmlSecXkmsRespondWithDefaultNodeWrite(xmlSecXkmsRespondWithId id, xmlSecXkmsServ
  *
  * XKMS RespondWith Klass List
  *
- ************************************************************************/ 
+ ************************************************************************/
 static xmlSecPtrListKlass xmlSecXkmsRespondWithIdListKlass = {
     BAD_CAST "respond-with-ids-list",
-    NULL, 								/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    NULL,								/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    NULL,                                                               /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugDump,       /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsRespondWithDebugXmlDump,    /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
-xmlSecPtrListId	
+xmlSecPtrListId
 xmlSecXkmsRespondWithIdListGetKlass(void) {
     return(&xmlSecXkmsRespondWithIdListKlass);
 }
 
-int 
+int
 xmlSecXkmsRespondWithIdListFind(xmlSecPtrListPtr list, xmlSecXkmsRespondWithId id) {
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsRespondWithIdListId), -1);
     xmlSecAssert2(id != xmlSecXkmsRespondWithIdUnknown, -1);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	if((xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i) == id) {
-	    return(1);
-	}
+        if((xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i) == id) {
+            return(1);
+        }
     }
     return(0);
 }
 
-xmlSecXkmsRespondWithId 
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecPtrListPtr list, xmlNodePtr node) {
     xmlSecXkmsRespondWithId result = xmlSecXkmsRespondWithIdUnknown;
     xmlSecXkmsRespondWithId id;
@@ -3041,19 +3041,19 @@ xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecPtrListPtr list, xmlNodePtr nod
     const xmlChar* qnameHref;
     xmlNsPtr ns;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsRespondWithIdListId), xmlSecXkmsRespondWithIdUnknown);
     xmlSecAssert2(node != NULL, xmlSecXkmsRespondWithIdUnknown);
 
     content = xmlNodeGetContent(node);
     if(content == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
+        xmlSecError(XMLSEC_ERRORS_HERE,
                     NULL,
-		    "xmlNodeGetContent",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(node->name));
-	return(xmlSecXkmsRespondWithIdUnknown);  	
+                    "xmlNodeGetContent",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(node->name));
+        return(xmlSecXkmsRespondWithIdUnknown);
     }
 
     qnameLocalPart = (xmlChar*)xmlStrchr(content, ':');
@@ -3064,38 +3064,38 @@ xmlSecXkmsRespondWithIdListFindByNodeValue(xmlSecPtrListPtr list, xmlNodePtr nod
         qnamePrefix = NULL;
         qnameLocalPart = content;
     }
-    
+
     /* search namespace href */
     ns = xmlSearchNs(node->doc, node, qnamePrefix);
     if((ns == NULL) && (qnamePrefix != NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSearchNs",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s,qnamePrefix=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSearchNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s,qnamePrefix=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(qnamePrefix));
         xmlFree(content);
-	return(xmlSecXkmsRespondWithIdUnknown);	
+        return(xmlSecXkmsRespondWithIdUnknown);
     }
     qnameHref = (ns != NULL) ? ns->href : BAD_CAST NULL;
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
-	if((id !=  xmlSecXkmsRespondWithIdUnknown) && 
+        id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
+        if((id !=  xmlSecXkmsRespondWithIdUnknown) &&
                 xmlStrEqual(id->valueName, qnameLocalPart) &&
                 xmlStrEqual(id->valueNs, qnameHref)) {
-	    result = id;
+            result = id;
             break;
-	}
+        }
     }
-    
+
     xmlFree(content);
-    return(result);    
+    return(result);
 }
 
-int 
+int
 xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecXkmsRespondWithId id;
     xmlSecSize i, size;
@@ -3107,35 +3107,35 @@ xmlSecXkmsRespondWithIdListWrite(xmlSecPtrListPtr list, xmlSecXkmsServerCtxPtr c
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
-	if(id !=  xmlSecXkmsRespondWithIdUnknown) {
-	    ret = xmlSecXkmsRespondWithNodeWrite(id, ctx, node);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-			    "xmlSecXkmsRespondWithNodeWrite",
-		    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);
-	    }
-	}
+        id = (xmlSecXkmsRespondWithId)xmlSecPtrListGetItem(list, i);
+        if(id !=  xmlSecXkmsRespondWithIdUnknown) {
+            ret = xmlSecXkmsRespondWithNodeWrite(id, ctx, node);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                            "xmlSecXkmsRespondWithNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
     }
 
     return(0);
 }
 
-/******************************************************************** 
+/********************************************************************
  *
  * XML Sec Library RespondWith Ids
  *
  *******************************************************************/
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyNameKlass = {
-    xmlSecRespondWithKeyName,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeKeyName,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithDefaultNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithKeyName,                   /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeKeyName,                          /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithDefaultNodeRead,       /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3146,24 +3146,24 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyNameKlass = {
  * The respond with KeyName klass.
  *
  * Returns: respond with KeyName klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithKeyNameGetKlass(void) {
     return(&xmlSecXkmsRespondWithKeyNameKlass);
 }
 
 
 
-static  int  		xmlSecXkmsRespondWithKeyValueNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static  int             xmlSecXkmsRespondWithKeyValueNodeRead   (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyValueKlass = {
-    xmlSecRespondWithKeyValue,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeKeyValue,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithKeyValueNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithKeyValue,                  /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeKeyValue,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithKeyValueNodeRead,      /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3174,15 +3174,15 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithKeyValueKlass = {
  * The respond with KeyValue klass.
  *
  * Returns: respond with KeyValue klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithKeyValueGetKlass(void) {
     return(&xmlSecXkmsRespondWithKeyValueKlass);
 }
 
-static  int  
+static  int
 xmlSecXkmsRespondWithKeyValueNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-				      xmlNodePtr node) {
+                                      xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id == xmlSecXkmsRespondWithKeyValueId, -1);
@@ -3192,15 +3192,15 @@ xmlSecXkmsRespondWithKeyValueNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServ
     /* do usual stuff */
     ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithDefaultNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
-    /* and now set some parameters in the ctx to look for a public or private 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithDefaultNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* and now set some parameters in the ctx to look for a public or private
      * key and to write a public key
      */
     ctx->keyInfoReadCtx.keyReq.keyType  |= (xmlSecKeyDataTypePublic | xmlSecKeyDataTypePrivate);
@@ -3209,16 +3209,16 @@ xmlSecXkmsRespondWithKeyValueNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServ
     return(0);
 }
 
-static  int  		xmlSecXkmsRespondWithPrivateKeyNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static  int             xmlSecXkmsRespondWithPrivateKeyNodeRead (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPrivateKeyKlass = {
-    xmlSecRespondWithPrivateKey,		/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeKeyValue,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithPrivateKeyNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithPrivateKey,                /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeKeyValue,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithPrivateKeyNodeRead,    /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3229,15 +3229,15 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPrivateKeyKlass = {
  * The respond with PrivateKey klass.
  *
  * Returns: respond with PrivateKey klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithPrivateKeyGetKlass(void) {
     return(&xmlSecXkmsRespondWithPrivateKeyKlass);
 }
 
-static  int  
+static  int
 xmlSecXkmsRespondWithPrivateKeyNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-				      xmlNodePtr node) {
+                                      xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id == xmlSecXkmsRespondWithPrivateKeyId, -1);
@@ -3247,15 +3247,15 @@ xmlSecXkmsRespondWithPrivateKeyNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsSe
     /* do usual stuff */
     ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithDefaultNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
-    /* and now set some parameters in the ctx to look for a private 
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithDefaultNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
+    /* and now set some parameters in the ctx to look for a private
      * key and to write a private key
      */
     ctx->keyInfoReadCtx.keyReq.keyType  |= xmlSecKeyDataTypePrivate;
@@ -3265,12 +3265,12 @@ xmlSecXkmsRespondWithPrivateKeyNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsSe
 }
 
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithRetrievalMethodKlass = {
-    xmlSecRespondWithRetrievalMethod,		/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeRetrievalMethod,			/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithDefaultNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithRetrievalMethod,           /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeRetrievalMethod,                  /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithDefaultNodeRead,       /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3281,24 +3281,24 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithRetrievalMethodKlass = {
  * The respond with RetrievalMethod klass.
  *
  * Returns: respond with RetrievalMethod klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithRetrievalMethodGetKlass(void) {
     return(&xmlSecXkmsRespondWithRetrievalMethodKlass);
 }
 
 
 
-static  int  		xmlSecXkmsRespondWithX509CertNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static  int             xmlSecXkmsRespondWithX509CertNodeRead   (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CertKlass = {
-    xmlSecRespondWithX509Cert,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeX509Data,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithX509CertNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithX509Cert,                  /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeX509Data,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithX509CertNodeRead,      /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3309,15 +3309,15 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CertKlass = {
  * The respond with X509Cert klass.
  *
  * Returns: respond with X509Cert klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithX509CertGetKlass(void) {
     return(&xmlSecXkmsRespondWithX509CertKlass);
 }
 
-static  int  
+static  int
 xmlSecXkmsRespondWithX509CertNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-				      xmlNodePtr node) {
+                                      xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id == xmlSecXkmsRespondWithX509CertId, -1);
@@ -3327,27 +3327,27 @@ xmlSecXkmsRespondWithX509CertNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServ
     /* do usual stuff */
     ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithDefaultNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithDefaultNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
-static  int  		xmlSecXkmsRespondWithX509ChainNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static  int             xmlSecXkmsRespondWithX509ChainNodeRead  (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509ChainKlass = {
-    xmlSecRespondWithX509Chain,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeX509Data,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithX509ChainNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithX509Chain,                 /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeX509Data,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithX509ChainNodeRead,     /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3358,15 +3358,15 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509ChainKlass = {
  * The respond with X509Chain klass.
  *
  * Returns: respond with X509Chain klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithX509ChainGetKlass(void) {
     return(&xmlSecXkmsRespondWithX509ChainKlass);
 }
 
-static  int  
+static  int
 xmlSecXkmsRespondWithX509ChainNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-				      xmlNodePtr node) {
+                                      xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id == xmlSecXkmsRespondWithX509ChainId, -1);
@@ -3376,27 +3376,27 @@ xmlSecXkmsRespondWithX509ChainNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsSer
     /* do usual stuff */
     ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithDefaultNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithDefaultNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
-static  int  		xmlSecXkmsRespondWithX509CRLNodeRead	(xmlSecXkmsRespondWithId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static  int             xmlSecXkmsRespondWithX509CRLNodeRead    (xmlSecXkmsRespondWithId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CRLKlass = {
-    xmlSecRespondWithX509CRL,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeX509Data,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithX509CRLNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithX509CRL,                   /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeX509Data,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithX509CRLNodeRead,       /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3407,15 +3407,15 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithX509CRLKlass = {
  * The respond with X509CRL klass.
  *
  * Returns: respond with X509CRL klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithX509CRLGetKlass(void) {
     return(&xmlSecXkmsRespondWithX509CRLKlass);
 }
 
-static  int  
+static  int
 xmlSecXkmsRespondWithX509CRLNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServerCtxPtr ctx,
-				      xmlNodePtr node) {
+                                      xmlNodePtr node) {
     int ret;
 
     xmlSecAssert2(id == xmlSecXkmsRespondWithX509CRLId, -1);
@@ -3425,24 +3425,24 @@ xmlSecXkmsRespondWithX509CRLNodeRead(xmlSecXkmsRespondWithId id, xmlSecXkmsServe
     /* do usual stuff */
     ret = xmlSecXkmsRespondWithDefaultNodeRead(id, ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
-		    "xmlSecXkmsRespondWithDefaultNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecXkmsRespondWithKlassGetName(id)),
+                    "xmlSecXkmsRespondWithDefaultNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPGPKlass = {
-    xmlSecRespondWithPGP,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodePGPData,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithDefaultNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithPGP,                       /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodePGPData,                          /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithDefaultNodeRead,       /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3453,19 +3453,19 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithPGPKlass = {
  * The respond with PGP klass.
  *
  * Returns: respond with PGP klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithPGPGetKlass(void) {
     return(&xmlSecXkmsRespondWithPGPKlass);
 }
 
 static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithSPKIKlass = {
-    xmlSecRespondWithSPKI,			/* const xmlChar* valueName; */
-    xmlSecXkmsNs,			        /* const xmlChar* valueNs; */
-    xmlSecNodeSPKIData,				/* const xmlChar* nodeName; */
-    xmlSecDSigNs,				/* const xmlChar* nodeNs; */
-    xmlSecXkmsRespondWithDefaultNodeRead,	/* xmlSecXkmsRespondWithNodeReadMethod readNode; */
-    xmlSecXkmsRespondWithDefaultNodeWrite,	/* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
+    xmlSecRespondWithSPKI,                      /* const xmlChar* valueName; */
+    xmlSecXkmsNs,                               /* const xmlChar* valueNs; */
+    xmlSecNodeSPKIData,                         /* const xmlChar* nodeName; */
+    xmlSecDSigNs,                               /* const xmlChar* nodeNs; */
+    xmlSecXkmsRespondWithDefaultNodeRead,       /* xmlSecXkmsRespondWithNodeReadMethod readNode; */
+    xmlSecXkmsRespondWithDefaultNodeWrite,      /* xmlSecXkmsRespondWithNodeWriteMethod writeNode; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3476,8 +3476,8 @@ static xmlSecXkmsRespondWithKlass xmlSecXkmsRespondWithSPKIKlass = {
  * The respond with SPKI klass.
  *
  * Returns: respond with SPKI klass.
- */ 
-xmlSecXkmsRespondWithId	
+ */
+xmlSecXkmsRespondWithId
 xmlSecXkmsRespondWithSPKIGetKlass(void) {
     return(&xmlSecXkmsRespondWithSPKIKlass);
 }
@@ -3490,11 +3490,11 @@ xmlSecXkmsRespondWithSPKIGetKlass(void) {
 static xmlSecPtrList xmlSecAllXkmsServerRequestIds;
 
 
-/** 
+/**
  * xmlSecXkmsServerRequestIdsGet:
  *
  * Gets global registered ServerRequest klasses list.
- * 
+ *
  * Returns: the pointer to list of all registered ServerRequest klasses.
  */
 xmlSecPtrListPtr
@@ -3502,45 +3502,45 @@ xmlSecXkmsServerRequestIdsGet(void) {
     return(&xmlSecAllXkmsServerRequestIds);
 }
 
-/** 
+/**
  * xmlSecXkmsServerRequestIdsInit:
  *
- * Initializes the ServerRequest klasses. This function is called from the 
+ * Initializes the ServerRequest klasses. This function is called from the
  * #xmlSecInit function and the application should not call it directly.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerRequestIdsInit(void) {
     int ret;
-    
+
     ret = xmlSecPtrListInitialize(xmlSecXkmsServerRequestIdsGet(), xmlSecXkmsServerRequestIdListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListPtrInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "xmlSecXkmsServerRequestIdListId");
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListPtrInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "xmlSecXkmsServerRequestIdListId");
         return(-1);
     }
-    
+
     ret = xmlSecXkmsServerRequestIdsRegisterDefault();
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegisterDefault",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegisterDefault",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(0);
 }
 
 /**
  *  xmlSecXkmsServerRequestIdsShutdown:
- * 
- * Shuts down the keys data klasses. This function is called from the 
+ *
+ * Shuts down the keys data klasses. This function is called from the
  * #xmlSecShutdown function and the application should not call it directly.
  */
 void
@@ -3548,32 +3548,32 @@ xmlSecXkmsServerRequestIdsShutdown(void) {
     xmlSecPtrListFinalize(xmlSecXkmsServerRequestIdsGet());
 }
 
-/** 
+/**
  * xmlSecXkmsServerRequestIdsRegister:
- * @id:		the ServerRequest klass.
+ * @id:         the ServerRequest klass.
  *
  * Registers @id in the global list of ServerRequest klasses.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestId id) {
     int ret;
-        
+
     xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
-    
+
     ret = xmlSecPtrListAdd(xmlSecXkmsServerRequestIdsGet(), (xmlSecPtr)id);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "ServerRequest=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(id)));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "ServerRequest=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(id)));
         return(-1);
     }
-    
-    return(0);    
+
+    return(0);
 }
 
 /**
@@ -3584,56 +3584,56 @@ xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestId id) {
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecXkmsServerRequestIdsRegisterDefault(void) {
     if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestResultId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestResultId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestResultId)));
+        return(-1);
     }
 
     if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestStatusId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestStatusId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestStatusId)));
+        return(-1);
     }
 
     if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestCompoundId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestCompoundId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestCompoundId)));
+        return(-1);
     }
 
     if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestLocateId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestLocateId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestLocateId)));
+        return(-1);
     }
 
     if(xmlSecXkmsServerRequestIdsRegister(xmlSecXkmsServerRequestValidateId) < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsRegister",	    
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "name=%s",
-		    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestValidateId)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsRegister",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "name=%s",
+                    xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(xmlSecXkmsServerRequestValidateId)));
+        return(-1);
     }
 
     return(0);
@@ -3644,46 +3644,46 @@ xmlSecXkmsServerRequestIdsRegisterDefault(void) {
  *
  * XKMS ServerRequest Klass
  *
- ************************************************************************/ 
+ ************************************************************************/
 /**
  * xmlSecXkmsServerRequestNodeRead:
- * @id:		the ServerRequest class.
- * @ctx:	the XKMS request processing context.
- * @node:	the pointer to <xkms:ServerRequest/> node.
+ * @id:         the ServerRequest class.
+ * @ctx:        the XKMS request processing context.
+ * @node:       the pointer to <xkms:ServerRequest/> node.
  *
  * Reads the content of the <xkms:ServerRequest/> @node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int  
+int
 xmlSecXkmsServerRequestNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx,
-			      xmlNodePtr node) {
+                              xmlNodePtr node) {
     xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     if(id->readNode != NULL) {
-	return((id->readNode)(id, ctx, node));
+        return((id->readNode)(id, ctx, node));
     }
     return(0);
 }
 
 /**
  * xmlSecXkmsServerExecute:
- * @id:		the ServerRequest class.
- * @ctx:	the XKMS request processing context.
+ * @id:         the ServerRequest class.
+ * @ctx:        the XKMS request processing context.
  *
  * Executes XKMS server request.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int  
+int
 xmlSecXkmsServerRequestExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
     xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
     xmlSecAssert2(ctx != NULL, -1);
 
     if(id->execute != NULL) {
-	return((id->execute)(id, ctx));
+        return((id->execute)(id, ctx));
     }
     return(0);
 }
@@ -3691,48 +3691,48 @@ xmlSecXkmsServerRequestExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtx
 
 /**
  * xmlSecXkmsServerResponseNodeWrite:
- * @id:		the ServerRequest class.
- * @ctx:	the XKMS request processing context.
- * @doc:	the pointer to response parent XML document (might be NULL).
+ * @id:         the ServerRequest class.
+ * @ctx:        the XKMS request processing context.
+ * @doc:        the pointer to response parent XML document (might be NULL).
  * @node:       the pointer to response parent XML node (might be NULL).
  *
- * Writes XKMS response from context to a newly created node. Caller is 
+ * Writes XKMS response from context to a newly created node. Caller is
  * responsible for adding the returned node to the XML document.
  *
  * Returns: pointer to newly created XKMS response node or NULL
  * if an error occurs.
  */
-xmlNodePtr 
+xmlNodePtr
 xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx,
-			         xmlDocPtr doc, xmlNodePtr node) {
+                                 xmlDocPtr doc, xmlNodePtr node) {
     xmlNodePtr respNode;
     int ret;
-    
+
     xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, NULL);
     xmlSecAssert2(ctx != NULL, NULL);
 
     /* create the response root node */
     if(node == NULL) {
         xmlNsPtr ns;
-        
+
         respNode = xmlNewDocNode(doc, NULL, id->resultNodeName, NULL);
         if(respNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlNewDocNode",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(id->resultNodeName));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewDocNode",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(id->resultNodeName));
             return(NULL);
         }
         ns = xmlNewNs(respNode, id->resultNodeNs, NULL);
         if(ns == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlNewNs",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "ns=%s",
-		        xmlSecErrorsSafeString(id->resultNodeNs));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewNs",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "ns=%s",
+                        xmlSecErrorsSafeString(id->resultNodeNs));
             xmlFreeNode(respNode);
             return(NULL);
         }
@@ -3740,41 +3740,41 @@ xmlSecXkmsServerRequestNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerC
     } else {
         respNode = xmlSecAddChild(node, id->resultNodeName, id->resultNodeNs);
         if(respNode == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecAddChild",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(id->resultNodeName));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(id->resultNodeName));
             return(NULL);
         }
     }
-    
+
     if(id->writeNode != NULL) {
-	ret = (id->writeNode)(id, ctx, respNode);
-	if(ret < 0) {
+        ret = (id->writeNode)(id, ctx, respNode);
+        if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "writeNode",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(id->resultNodeName));
+                        NULL,
+                        "writeNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(id->resultNodeName));
             xmlFreeNode(respNode);
             return(NULL);
         }
     }
-    
+
     return(respNode);
 }
 
 /**
  * xmlSecXkmsServerRequestDebugDump:
- * @id:			the ServerRequest class.
- * @output:		the output file.
+ * @id:                 the ServerRequest class.
+ * @output:             the output file.
  *
  * Writes debug information about @id into the @output.
  */
-void 
+void
 xmlSecXkmsServerRequestDebugDump(xmlSecXkmsServerRequestId id, FILE* output) {
     xmlSecAssert(id != xmlSecXkmsServerRequestIdUnknown);
     xmlSecAssert(output != NULL);
@@ -3784,12 +3784,12 @@ xmlSecXkmsServerRequestDebugDump(xmlSecXkmsServerRequestId id, FILE* output) {
 
 /**
  * xmlSecXkmsServerRequestDebugXmlDump:
- * @id:			the ServerRequest class.
- * @output:		the output file.
+ * @id:                 the ServerRequest class.
+ * @output:             the output file.
  *
  * Writes debug information about @id into the @output in XML format.
  */
-void 
+void
 xmlSecXkmsServerRequestDebugXmlDump(xmlSecXkmsServerRequestId id, FILE* output) {
     xmlSecAssert(id != xmlSecXkmsServerRequestIdUnknown);
     xmlSecAssert(output != NULL);
@@ -3803,100 +3803,100 @@ xmlSecXkmsServerRequestDebugXmlDump(xmlSecXkmsServerRequestId id, FILE* output)
  *
  * XKMS ServerRequest Klass List
  *
- ************************************************************************/ 
+ ************************************************************************/
 static xmlSecPtrListKlass xmlSecXkmsServerRequestIdListKlass = {
     BAD_CAST "xkms-server-request-ids-list",
-    NULL, 								/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    NULL,								/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    NULL,                                                               /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugDump,     /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecXkmsServerRequestDebugXmlDump,  /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
-xmlSecPtrListId	
+xmlSecPtrListId
 xmlSecXkmsServerRequestIdListGetKlass(void) {
     return(&xmlSecXkmsServerRequestIdListKlass);
 }
 
-int 
+int
 xmlSecXkmsServerRequestIdListFind(xmlSecPtrListPtr list, xmlSecXkmsServerRequestId id) {
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), -1);
     xmlSecAssert2(id != xmlSecXkmsServerRequestIdUnknown, -1);
-    
+
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	if((xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i) == id) {
-	    return(1);
-	}
+        if((xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i) == id) {
+            return(1);
+        }
     }
     return(0);
 }
 
-xmlSecXkmsServerRequestId 
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestIdListFindByName(xmlSecPtrListPtr list, const xmlChar* name) {
     xmlSecXkmsServerRequestId id;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), xmlSecXkmsServerRequestIdUnknown);
     xmlSecAssert2(name != NULL, xmlSecXkmsServerRequestIdUnknown);
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
-	if((id !=  xmlSecXkmsServerRequestIdUnknown) && xmlStrEqual(id->name, name)) {
-	    return(id);
-	}
+        id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
+        if((id !=  xmlSecXkmsServerRequestIdUnknown) && xmlStrEqual(id->name, name)) {
+            return(id);
+        }
     }
-    return(xmlSecXkmsServerRequestIdUnknown);    
+    return(xmlSecXkmsServerRequestIdUnknown);
 }
 
-xmlSecXkmsServerRequestId 
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestIdListFindByNode(xmlSecPtrListPtr list, xmlNodePtr node) {
     xmlSecXkmsServerRequestId id;
     xmlSecSize i, size;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(list, xmlSecXkmsServerRequestIdListId), xmlSecXkmsServerRequestIdUnknown);
     xmlSecAssert2(node != NULL, xmlSecXkmsServerRequestIdUnknown);
 
     size = xmlSecPtrListGetSize(list);
     for(i = 0; i < size; ++i) {
-	id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
-	if((id !=  xmlSecXkmsServerRequestIdUnknown) &&
+        id = (xmlSecXkmsServerRequestId)xmlSecPtrListGetItem(list, i);
+        if((id !=  xmlSecXkmsServerRequestIdUnknown) &&
             xmlSecCheckNodeName(node, id->requestNodeName, id->requestNodeNs)) {
 
-	    return(id);
-	}
+            return(id);
+        }
     }
-    return(xmlSecXkmsServerRequestIdUnknown);    
+    return(xmlSecXkmsServerRequestIdUnknown);
 }
 
-/******************************************************************** 
+/********************************************************************
  *
  * XML Sec Library ServerRequest Ids
  *
  *******************************************************************/
 
 
-/******************************************************************** 
+/********************************************************************
  *
  * Result response
  *
  *******************************************************************/
-static int		xmlSecXkmsServerRequestResultNodeWrite	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestResultNodeWrite  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 
 static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestResultKlass = {
-    xmlSecXkmsServerRequestResultName,		/* const xmlChar* name; */
-    NULL,					/* const xmlChar* requestNodeName; */
-    NULL,					/* const xmlChar* requestNodeNs; */
-    xmlSecNodeResult,				/* const xmlChar* responseNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* responseNodeNs; */
+    xmlSecXkmsServerRequestResultName,          /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* requestNodeName; */
+    NULL,                                       /* const xmlChar* requestNodeNs; */
+    xmlSecNodeResult,                           /* const xmlChar* responseNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* responseNodeNs; */
     0,                                          /* xmlSecBitMask flags; */
-    NULL,					/* xmlSecXkmsServerRequestNodeReadMethod readNode; */
-    xmlSecXkmsServerRequestResultNodeWrite,	/* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecXkmsServerRequestExecuteMethod execute; */
+    NULL,                                       /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
+    xmlSecXkmsServerRequestResultNodeWrite,     /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecXkmsServerRequestExecuteMethod execute; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3907,69 +3907,69 @@ static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestResultKlass = {
  * The Result response klass.
  *
  * Returns: Result response klass.
- */ 
-xmlSecXkmsServerRequestId	
+ */
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestResultGetKlass(void) {
     return(&xmlSecXkmsServerRequestResultKlass);
 }
 
-static int 
+static int
 xmlSecXkmsServerRequestResultNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestResultId, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* set missing parameters (if any) */
     if(ctx->service == NULL) {
-	ctx->service = xmlStrdup((ctx->expectedService != NULL) ? ctx->expectedService : BAD_CAST "");
-	if(ctx->service == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlStrdup",
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    }
-    
+        ctx->service = xmlStrdup((ctx->expectedService != NULL) ? ctx->expectedService : BAD_CAST "");
+        if(ctx->service == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     /* first write the "parent" type */
     ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxResultTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxResultTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
-/******************************************************************** 
+/********************************************************************
  *
  * StatusRequest/StatusResponse
  *
  *******************************************************************/
-static int  		xmlSecXkmsServerRequestStatusNodeRead	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int		xmlSecXkmsServerRequestStatusNodeWrite	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestStatusNodeRead   (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestStatusNodeWrite  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
 
 static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestStatusKlass = {
-    xmlSecXkmsServerRequestStatusName,		/* const xmlChar* name; */
-    xmlSecNodeStatusRequest,			/* const xmlChar* requestNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* requestNodeNs; */
-    xmlSecNodeStatusResult,			/* const xmlChar* responseNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* responseNodeNs; */
+    xmlSecXkmsServerRequestStatusName,          /* const xmlChar* name; */
+    xmlSecNodeStatusRequest,                    /* const xmlChar* requestNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* requestNodeNs; */
+    xmlSecNodeStatusResult,                     /* const xmlChar* responseNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* responseNodeNs; */
     0,                                          /* xmlSecBitMask flags; */
-    xmlSecXkmsServerRequestStatusNodeRead,	/* xmlSecXkmsServerRequestNodeReadMethod readNode; */
-    xmlSecXkmsServerRequestStatusNodeWrite,	/* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecXkmsServerRequestExecuteMethod execute; */
+    xmlSecXkmsServerRequestStatusNodeRead,      /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
+    xmlSecXkmsServerRequestStatusNodeWrite,     /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecXkmsServerRequestExecuteMethod execute; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -3980,14 +3980,14 @@ static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestStatusKlass = {
  * The StatusRequest klass.
  *
  * Returns: StatusRequest klass.
- */ 
-xmlSecXkmsServerRequestId	
+ */
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestStatusGetKlass(void) {
     return(&xmlSecXkmsServerRequestStatusKlass);
 }
 
 /**
- * 
+ *
  *  <xkms:StatusRequest Id Service Nonce? OriginalRequestId? ResponseLimit? ResponseId?>
  *      <ds:Signature>?
  *      <xkms:MessageExtension>*
@@ -3997,54 +3997,54 @@ xmlSecXkmsServerRequestStatusGetKlass(void) {
  *      <xkms:ResponseMechanism>*
  *      <xkms:RespondWith>*
  *      <xkms:PendingNotification Mechanism Identifier>?
- *  
+ *
  * XML Schema:
- *    <!-- StatusRequest -->   
- *    <element name="StatusRequest" type="xkms:StatusRequestType"/>   
- *    <complexType name="StatusRequestType">      
- *        <complexContent>         
- *            <extension base="xkms:PendingRequestType"/>      
- *        </complexContent>   
- *    </complexType>   
+ *    <!-- StatusRequest -->
+ *    <element name="StatusRequest" type="xkms:StatusRequestType"/>
+ *    <complexType name="StatusRequestType">
+ *        <complexContent>
+ *            <extension base="xkms:PendingRequestType"/>
+ *        </complexContent>
+ *    </complexType>
  *    <!-- /StatusRequest -->
  */
-static int  
+static int
 xmlSecXkmsServerRequestStatusNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestStatusId, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     cur = node;
-    
+
     /* first read "parent" type */
     ret = xmlSecXkmsServerCtxPendingRequestNodeRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxPendingRequestNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxPendingRequestNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* check that there is nothing after the last node */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
 /**
- * 
+ *
  *  <xkms:StatusResult Id Service Nonce? ResultMajor ResultMinor? RequestId? Success? Failure? Pending?>
  *      <ds:Signature>?
  *      <xkms:MessageExtension>*
@@ -4054,10 +4054,10 @@ xmlSecXkmsServerRequestStatusNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsSe
  *      <xkms:RequestSignatureValue>*
  *
  * XML Schema:
- * 
- *    <!-- StatusResult -->   
- *    <element name="StatusResult" type="xkms:StatusResultType"/>   
- *    <complexType name="StatusResultType">      
+ *
+ *    <!-- StatusResult -->
+ *    <element name="StatusResult" type="xkms:StatusResultType"/>
+ *    <complexType name="StatusResultType">
  *        <complexContent>
  *            <extension base="xkms:ResultType">
  *                <attribute name="Success" type="integer" use="optional"/>
@@ -4067,8 +4067,8 @@ xmlSecXkmsServerRequestStatusNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsSe
  *        </complexContent>
  *    </complexType>
  *    <!-- /StatusResult --> *
- */ 
-static int 
+ */
+static int
 xmlSecXkmsServerRequestStatusNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     int ret;
 
@@ -4079,42 +4079,42 @@ xmlSecXkmsServerRequestStatusNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsS
     /* first write the "parent" type */
     ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxResultTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxResultTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* todo: add optional StatusResult attributes */
     return(0);
 }
 
-/******************************************************************** 
+/********************************************************************
  *
  * CompoundRequest/CompoundResponse
  *
  *******************************************************************/
-static int  		xmlSecXkmsServerRequestCompoundNodeRead	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int		xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int 		xmlSecXkmsServerRequestCompoundExecute	(xmlSecXkmsServerRequestId id, 
-								 xmlSecXkmsServerCtxPtr ctx);
+static int              xmlSecXkmsServerRequestCompoundNodeRead (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestCompoundExecute  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx);
 
 static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestCompoundKlass = {
-    xmlSecXkmsServerRequestCompoundName,	/* const xmlChar* name; */
-    xmlSecNodeCompoundRequest,			/* const xmlChar* requestNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* requestNodeNs; */
-    xmlSecNodeCompoundResult,			/* const xmlChar* responseNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* responseNodeNs; */
+    xmlSecXkmsServerRequestCompoundName,        /* const xmlChar* name; */
+    xmlSecNodeCompoundRequest,                  /* const xmlChar* requestNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* requestNodeNs; */
+    xmlSecNodeCompoundResult,                   /* const xmlChar* responseNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* responseNodeNs; */
     0,                                          /* xmlSecBitMask flags; */
-    xmlSecXkmsServerRequestCompoundNodeRead,	/* xmlSecXkmsServerRequestNodeReadMethod readNode; */
-    xmlSecXkmsServerRequestCompoundNodeWrite,	/* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
-    xmlSecXkmsServerRequestCompoundExecute,	/* xmlSecXkmsServerRequestExecuteMethod execute; */
+    xmlSecXkmsServerRequestCompoundNodeRead,    /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
+    xmlSecXkmsServerRequestCompoundNodeWrite,   /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
+    xmlSecXkmsServerRequestCompoundExecute,     /* xmlSecXkmsServerRequestExecuteMethod execute; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -4125,8 +4125,8 @@ static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestCompoundKlass = {
  * The CompoundRequest klass.
  *
  * Returns: CompoundRequest klass.
- */ 
-xmlSecXkmsServerRequestId	
+ */
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestCompoundGetKlass(void) {
     return(&xmlSecXkmsServerRequestCompoundKlass);
 }
@@ -4149,144 +4149,144 @@ xmlSecXkmsServerRequestCompoundGetKlass(void) {
  *       <xkms:RecoverRequest>?
  *       <xkms:RevokeRequest>?
  *      )*
- *       
+ *
  * XML Schema:
  *
- *    <!-- CompoundRequest -->   
- *    <element name="CompoundRequest" type="xkms:CompoundRequestType"/>   
- *    <complexType name="CompoundRequestType">      
- *        <complexContent>         
- *            <extension base="xkms:RequestAbstractType">            
- *                <choice maxOccurs="unbounded">               
- *                    <element ref="xkms:LocateRequest"/>               
- *                    <element ref="xkms:ValidateRequest"/>               
- *                    <element ref="xkms:RegisterRequest"/>               
- *                    <element ref="xkms:ReissueRequest"/>               
- *                    <element ref="xkms:RecoverRequest"/>               
- *                    <element ref="xkms:RevokeRequest"/>            
- *                </choice>         
- *            </extension>      
- *        </complexContent>   
- *    </complexType>   
+ *    <!-- CompoundRequest -->
+ *    <element name="CompoundRequest" type="xkms:CompoundRequestType"/>
+ *    <complexType name="CompoundRequestType">
+ *        <complexContent>
+ *            <extension base="xkms:RequestAbstractType">
+ *                <choice maxOccurs="unbounded">
+ *                    <element ref="xkms:LocateRequest"/>
+ *                    <element ref="xkms:ValidateRequest"/>
+ *                    <element ref="xkms:RegisterRequest"/>
+ *                    <element ref="xkms:ReissueRequest"/>
+ *                    <element ref="xkms:RecoverRequest"/>
+ *                    <element ref="xkms:RevokeRequest"/>
+ *                </choice>
+ *            </extension>
+ *        </complexContent>
+ *    </complexType>
  *    <!-- /CompoundRequest -->
  */
-static int  
+static int
 xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecPtrListPtr serverRequestIdsList;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestCompoundId, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     cur = node;
-    
+
     /* first read "parent" type */
     ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* create list for compound requests */
     xmlSecAssert2(ctx->compoundRequestContexts == NULL, -1);
     ctx->compoundRequestContexts = xmlSecPtrListCreate(xmlSecXkmsServerCtxPtrListId);
     if(ctx->compoundRequestContexts == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* get the list of enabled or all request klasses */
     if(xmlSecPtrListGetSize(&(ctx->enabledServerRequestIds)) > 0) {
-	serverRequestIdsList = &(ctx->enabledServerRequestIds);
+        serverRequestIdsList = &(ctx->enabledServerRequestIds);
     } else {
-	serverRequestIdsList = xmlSecXkmsServerRequestIdsGet();
+        serverRequestIdsList = xmlSecXkmsServerRequestIdsGet();
     }
-    xmlSecAssert2(serverRequestIdsList != NULL, -1); 
-    
+    xmlSecAssert2(serverRequestIdsList != NULL, -1);
+
     while(cur != NULL) {
-        xmlSecXkmsServerCtxPtr ctxChild;    
-        
+        xmlSecXkmsServerCtxPtr ctxChild;
+
         /* create a new context */
         ctxChild = xmlSecXkmsServerCtxCreate(ctx->keyInfoReadCtx.keysMngr);
         if(ctxChild == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxCreate",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
+                        NULL,
+                        "xmlSecXkmsServerCtxCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
         }
 
         /* copy all settings from us */
         ret = xmlSecXkmsServerCtxCopyUserPref(ctxChild, ctx);
         if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerCtxCopyUserPref",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
+                        NULL,
+                        "xmlSecXkmsServerCtxCopyUserPref",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
             xmlSecXkmsServerCtxDestroy(ctxChild);
-	    return(-1);
+            return(-1);
         }
 
         /* add it to the list */
         ret = xmlSecPtrListAdd(ctx->compoundRequestContexts, ctxChild);
         if(ret < 0) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecPtrListAdd",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
+                        NULL,
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
             xmlSecXkmsServerCtxDestroy(ctxChild);
-	    return(-1);
+            return(-1);
         }
 
         /* and now process request from current node */
         ctxChild->requestId = xmlSecXkmsServerRequestIdListFindByNode(serverRequestIdsList, cur);
-        if((ctxChild->requestId == xmlSecXkmsServerRequestIdUnknown) || 
+        if((ctxChild->requestId == xmlSecXkmsServerRequestIdUnknown) ||
            ((ctxChild->requestId->flags & XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND) == 0)) {
             xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerRequestIdListFindByNode",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(node->name));
-	    xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
-	    return(-1);
+                        NULL,
+                        "xmlSecXkmsServerRequestIdListFindByNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(node->name));
+            xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorMessageNotSupported);
+            return(-1);
         }
 
         ret = xmlSecXkmsServerRequestNodeRead(ctxChild->requestId, ctxChild, cur);
         if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecXkmsServerRequestNodeRead",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "request=%s",
-		        xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
-	    xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerRequestNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "request=%s",
+                        xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
+            xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+            return(-1);
         }
         cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* check that there is nothing after the last node */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -4309,15 +4309,15 @@ xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms
  *       <xkms:RevokeResult>?
  *      )*
  *
- * 
+ *
  * XML Schema:
  *
- *    <!-- CompoundResponse -->   
- *    <element name="CompoundResult" type="xkms:CompoundResultType"/>   
- *    <complexType name="CompoundResultType">      
- *        <complexContent>         
- *            <extension base="xkms:ResultType">            
- *                <choice maxOccurs="unbounded">               
+ *    <!-- CompoundResponse -->
+ *    <element name="CompoundResult" type="xkms:CompoundResultType"/>
+ *    <complexType name="CompoundResultType">
+ *        <complexContent>
+ *            <extension base="xkms:ResultType">
+ *                <choice maxOccurs="unbounded">
  *                    <element ref="xkms:LocateResult"/>
  *                    <element ref="xkms:ValidateResult"/>
  *                    <element ref="xkms:RegisterResult"/>
@@ -4329,8 +4329,8 @@ xmlSecXkmsServerRequestCompoundNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms
  *        </complexContent>
  *   </complexType>
  *   <!-- /CompoundResponse -->
- */ 
-static int 
+ */
+static int
 xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     int ret;
 
@@ -4347,32 +4347,32 @@ xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkm
 
             ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
             if(ctxChild == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecPtrListGetItem",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);  	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecPtrListGetItem",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+
+            if(ctxChild->resultMajor != xmlSecXkmsResultMajorSuccess) {
+                xmlSecXkmsServerCtxSetResult(ctx, ctxChild->resultMajor, ctxChild->resultMinor);
+                break;
             }
-	    
-	    if(ctxChild->resultMajor != xmlSecXkmsResultMajorSuccess) {
-	        xmlSecXkmsServerCtxSetResult(ctx, ctxChild->resultMajor, ctxChild->resultMinor);
-		break;
-	    }
-	}
-    }
-    
+        }
+    }
+
     /* first write the "parent" type */
     ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxResultTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxResultTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* write compound result */
     if(ctx->compoundRequestContexts != NULL) {
         xmlSecSize pos;
@@ -4383,44 +4383,44 @@ xmlSecXkmsServerRequestCompoundNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkm
 
             ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
             if(ctxChild == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecPtrListGetItem",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);  	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecPtrListGetItem",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
             }
-            
+
             cur = xmlSecXkmsServerRequestNodeWrite(ctxChild->requestId, ctxChild, node->doc, node);
             if(cur == NULL) {
-    	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecXkmsServerRequestNodeWrite",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            "request=%s",
-		            xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecXkmsServerRequestNodeWrite",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "request=%s",
+                            xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
                 return(-1);
             }
-            
+
             if(xmlSecAddChildNode(node, cur) == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecAddChildNode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecAddChildNode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
                 xmlFreeNode(cur);
                 return(-1);
-	    }
+            }
         }
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestCompoundId, -1);
     xmlSecAssert2(ctx != NULL, -1);
 
@@ -4432,25 +4432,25 @@ xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsS
 
             ctxChild = (xmlSecXkmsServerCtxPtr)xmlSecPtrListGetItem(ctx->compoundRequestContexts, pos);
             if(ctxChild == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecPtrListGetItem",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            XMLSEC_ERRORS_NO_MESSAGE);
-	        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
-	        continue;  	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecPtrListGetItem",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorReceiver, xmlSecXkmsResultMinorFailure);
+                continue;
             }
-            
+
             ret = xmlSecXkmsServerRequestExecute(ctxChild->requestId, ctxChild);
             if(ret < 0) {
-    	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecXkmsServerRequestExecute",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            "request=%s",
-		            xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
-	        xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
-	        continue;  	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecXkmsServerRequestExecute",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "request=%s",
+                            xmlSecErrorsSafeString(xmlSecXkmsServerRequestKlassGetName(ctxChild->requestId)));
+                xmlSecXkmsServerCtxSetResult(ctxChild, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorFailure);
+                continue;
             }
         }
     }
@@ -4459,30 +4459,30 @@ xmlSecXkmsServerRequestCompoundExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsS
 }
 
 
-/******************************************************************** 
+/********************************************************************
  *
  * LocateRequest/LocateResponse
  *
  *******************************************************************/
-static int  		xmlSecXkmsServerRequestLocateNodeRead	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int		xmlSecXkmsServerRequestLocateNodeWrite	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int 		xmlSecXkmsServerRequestLocateExecute	(xmlSecXkmsServerRequestId id, 
-								 xmlSecXkmsServerCtxPtr ctx);
+static int              xmlSecXkmsServerRequestLocateNodeRead   (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestLocateNodeWrite  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestLocateExecute    (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx);
 
 static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestLocateKlass = {
-    xmlSecXkmsServerRequestLocateName,		/* const xmlChar* name; */
-    xmlSecNodeLocateRequest,			/* const xmlChar* requestNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* requestNodeNs; */
-    xmlSecNodeLocateResult,			/* const xmlChar* responseNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* responseNodeNs; */
+    xmlSecXkmsServerRequestLocateName,          /* const xmlChar* name; */
+    xmlSecNodeLocateRequest,                    /* const xmlChar* requestNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* requestNodeNs; */
+    xmlSecNodeLocateResult,                     /* const xmlChar* responseNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* responseNodeNs; */
     XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND,      /* xmlSecBitMask flags; */
-    xmlSecXkmsServerRequestLocateNodeRead,	/* xmlSecXkmsServerRequestNodeReadMethod readNode; */
-    xmlSecXkmsServerRequestLocateNodeWrite,	/* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
-    xmlSecXkmsServerRequestLocateExecute,	/* xmlSecXkmsServerRequestExecuteMethod execute; */
+    xmlSecXkmsServerRequestLocateNodeRead,      /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
+    xmlSecXkmsServerRequestLocateNodeWrite,     /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
+    xmlSecXkmsServerRequestLocateExecute,       /* xmlSecXkmsServerRequestExecuteMethod execute; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -4493,8 +4493,8 @@ static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestLocateKlass = {
  * The LocateRequest klass.
  *
  * Returns: LocateRequest klass.
- */ 
-xmlSecXkmsServerRequestId	
+ */
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestLocateGetKlass(void) {
     return(&xmlSecXkmsServerRequestLocateKlass);
 }
@@ -4514,7 +4514,7 @@ xmlSecXkmsServerRequestLocateGetKlass(void) {
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
- *          <xkms:UseKeyWith Application Identifier>*    
+ *          <xkms:UseKeyWith Application Identifier>*
  *          <xkms:TimeInstant Time>?
  *
  * XML Schema:
@@ -4532,59 +4532,59 @@ xmlSecXkmsServerRequestLocateGetKlass(void) {
  *    </complexType>
  *    <!-- /LocateRequest -->
  */
-static int  
+static int
 xmlSecXkmsServerRequestLocateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestLocateId, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     cur = node;
-    
+
     /* first read "parent" type */
     ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* now read required <xkms:QueryKeyBinding/> node */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeQueryKeyBinding, xmlSecXkmsNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
-	return(-1);
-    }
-    
-    /* read <xkms:QueryKeyBinding/> node */    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
+        return(-1);
+    }
+
+    /* read <xkms:QueryKeyBinding/> node */
     ret = xmlSecXkmsServerCtxQueryKeyBindingNodeRead(ctx, cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next);    
+    cur = xmlSecGetNextElementNode(cur->next);
 
     /* check that there is nothing after the last node */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -4603,26 +4603,26 @@ xmlSecXkmsServerRequestLocateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsSe
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
- *          <xkms:UseKeyWith Application Identifier>*    
+ *          <xkms:UseKeyWith Application Identifier>*
  *          <xkms:ValidityInterval NotBefore NotOnOrAfter>?
  *      )*
- * 
+ *
  * XML Schema:
  *    <!-- LocateResult -->
  *    <element name="LocateResult" type="xkms:LocateResultType"/>
  *    <complexType name="LocateResultType">
  *         <complexContent>
- *	        <extension base="xkms:ResultType">
- *		     <sequence>
- *		         <element ref="xkms:UnverifiedKeyBinding" minOccurs="0" 
- *			          maxOccurs="unbounded"/>
- *		     </sequence>
- *		</extension>
- *	   </complexContent>
+ *              <extension base="xkms:ResultType">
+ *                   <sequence>
+ *                       <element ref="xkms:UnverifiedKeyBinding" minOccurs="0"
+ *                                maxOccurs="unbounded"/>
+ *                   </sequence>
+ *              </extension>
+ *         </complexContent>
  *    </complexType>
  *    <!-- /LocateResult -->
- */ 
-static int 
+ */
+static int
 xmlSecXkmsServerRequestLocateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecSize pos, size;
     xmlSecKeyPtr key;
@@ -4636,110 +4636,110 @@ xmlSecXkmsServerRequestLocateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsS
     /* first write the "parent" type */
     ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxResultTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxResultTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* write keys in <xkms:UnverifiedKeyBinding> nodes */
     size = xmlSecPtrListGetSize(&(ctx->keys));
     for(pos = 0; pos < size; ++pos) {
-	key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
-	if(key == NULL) {
-	    continue;
-	}
-            
-	cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
-	    return(-1);  	
-    	}
-
-	ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, cur, key);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);  	
-	}
+        key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
+        if(key == NULL) {
+            continue;
+        }
+
+        cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
+            return(-1);
+        }
+
+        ret = xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite(ctx, cur, key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxUnverifiedKeyBindingNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerRequestLocateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
     xmlSecKeyPtr key = NULL;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestLocateId, -1);
     xmlSecAssert2(ctx != NULL, -1);
 
     /* now we are ready to search for key */
     if((ctx->keyInfoReadCtx.keysMngr != NULL) && (ctx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
-	/* todo: set parameters to locate but not validate the key */
-	key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
+        /* todo: set parameters to locate but not validate the key */
+        key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
     }
-    
+
     /* check that we got what we needed */
     if((key == NULL) || (!xmlSecKeyMatch(key, NULL, &(ctx->keyInfoReadCtx.keyReq)))) {
-	if(key != NULL) {
-    	    xmlSecKeyDestroy(key);
-	}
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
-	return(-1);
-    } 
-        
+        if(key != NULL) {
+            xmlSecKeyDestroy(key);
+        }
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
+        return(-1);
+    }
+
     xmlSecAssert2(key != NULL, -1);
     ret = xmlSecPtrListAdd(&(ctx->keys), key);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
+    }
+
     return(0);
 }
 
 
-/******************************************************************** 
+/********************************************************************
  *
  * ValidateRequest/ValidateResponse
  *
  *******************************************************************/
-static int  		xmlSecXkmsServerRequestValidateNodeRead	(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int		xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id,
-								 xmlSecXkmsServerCtxPtr ctx,
-								 xmlNodePtr node);
-static int 		xmlSecXkmsServerRequestValidateExecute	(xmlSecXkmsServerRequestId id, 
-								 xmlSecXkmsServerCtxPtr ctx);
+static int              xmlSecXkmsServerRequestValidateNodeRead (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx,
+                                                                 xmlNodePtr node);
+static int              xmlSecXkmsServerRequestValidateExecute  (xmlSecXkmsServerRequestId id,
+                                                                 xmlSecXkmsServerCtxPtr ctx);
 
 static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestValidateKlass = {
-    xmlSecXkmsServerRequestValidateName,	/* const xmlChar* name; */
-    xmlSecNodeValidateRequest,			/* const xmlChar* requestNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* requestNodeNs; */
-    xmlSecNodeValidateResult,			/* const xmlChar* responseNodeName; */
-    xmlSecXkmsNs,				/* const xmlChar* responseNodeNs; */
+    xmlSecXkmsServerRequestValidateName,        /* const xmlChar* name; */
+    xmlSecNodeValidateRequest,                  /* const xmlChar* requestNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* requestNodeNs; */
+    xmlSecNodeValidateResult,                   /* const xmlChar* responseNodeName; */
+    xmlSecXkmsNs,                               /* const xmlChar* responseNodeNs; */
     XMLSEC_XKMS_SERVER_REQUEST_KLASS_ALLOWED_IN_COUMPOUND,      /* xmlSecBitMask flags; */
-    xmlSecXkmsServerRequestValidateNodeRead,	/* xmlSecXkmsServerRequestNodeReadMethod readNode; */
-    xmlSecXkmsServerRequestValidateNodeWrite,	/* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
-    xmlSecXkmsServerRequestValidateExecute,	/* xmlSecXkmsServerRequestExecuteMethod execute; */
+    xmlSecXkmsServerRequestValidateNodeRead,    /* xmlSecXkmsServerRequestNodeReadMethod readNode; */
+    xmlSecXkmsServerRequestValidateNodeWrite,   /* xmlSecXkmsServerRequestNodeWriteMethod writeNode; */
+    xmlSecXkmsServerRequestValidateExecute,     /* xmlSecXkmsServerRequestExecuteMethod execute; */
     NULL,                                       /* void* reserved1; */
     NULL                                        /* void* reserved2; */
 };
@@ -4750,8 +4750,8 @@ static xmlSecXkmsServerRequestKlass xmlSecXkmsServerRequestValidateKlass = {
  * The ValidateRequest klass.
  *
  * Returns: ValidateRequest klass.
- */ 
-xmlSecXkmsServerRequestId	
+ */
+xmlSecXkmsServerRequestId
 xmlSecXkmsServerRequestValidateGetKlass(void) {
     return(&xmlSecXkmsServerRequestValidateKlass);
 }
@@ -4771,77 +4771,77 @@ xmlSecXkmsServerRequestValidateGetKlass(void) {
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
- *          <xkms:UseKeyWith Application Identifier>*    
+ *          <xkms:UseKeyWith Application Identifier>*
  *          <xkms:TimeInstant Time>?
- * 
+ *
  * XML Schema:
- * 
- *    <!-- ValidateRequest -->   
- *    <element name="ValidateRequest" type="xkms:ValidateRequestType"/>   
- *    <complexType name="ValidateRequestType">      
- *        <complexContent>         
+ *
+ *    <!-- ValidateRequest -->
+ *    <element name="ValidateRequest" type="xkms:ValidateRequestType"/>
+ *    <complexType name="ValidateRequestType">
+ *        <complexContent>
  *            <extension base="xkms:RequestAbstractType">
  *                <sequence>
  *                    <element ref="xkms:QueryKeyBinding"/>
  *                </sequence>
- *            </extension>						         
- *        </complexContent> 
+ *            </extension>
+ *        </complexContent>
  *    </complexType>
- *    <!-- /ValidateRequest -->							        
+ *    <!-- /ValidateRequest -->
  */
-static int  
+static int
 xmlSecXkmsServerRequestValidateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestValidateId, -1);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     cur = node;
-    
+
     /* first read "parent" type */
     ret = xmlSecXkmsServerCtxRequestAbstractTypeNodeRead(ctx, &cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxRequestAbstractTypeNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* now read required <xkms:QueryKeyBinding/> node */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeQueryKeyBinding, xmlSecXkmsNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s", 
-		    xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
-	return(-1);
-    }
-    
-    /* read <xkms:QueryKeyBinding/> node */    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeQueryKeyBinding));
+        return(-1);
+    }
+
+    /* read <xkms:QueryKeyBinding/> node */
     ret = xmlSecXkmsServerCtxQueryKeyBindingNodeRead(ctx, cur);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxQueryKeyBindingNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    cur = xmlSecGetNextElementNode(cur->next);    
+    cur = xmlSecGetNextElementNode(cur->next);
 
     /* check that there is nothing after the last node */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -4860,7 +4860,7 @@ xmlSecXkmsServerRequestValidateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
  *          <xkms:KeyUsage>?
- *          <xkms:UseKeyWith Application Identifier>*    
+ *          <xkms:UseKeyWith Application Identifier>*
  *          <xkms:ValidityInterval NotBefore NotOnOrAfter>?
  *          <xkms:Status StatusValue>
  *              (<xkms:ValidReason>?
@@ -4868,24 +4868,24 @@ xmlSecXkmsServerRequestValidateNodeRead(xmlSecXkmsServerRequestId id, xmlSecXkms
  *               <xkms:InvalidReason>?
  *              )*
  *      )*
- * 
+ *
  * XML Schema:
  *
- *    <!-- ValidateResult -->   
+ *    <!-- ValidateResult -->
  *    <element name="ValidateResult" type="xkms:ValidateResultType"/>
  *    <complexType name="ValidateResultType">
  *        <complexContent>
  *            <extension base="xkms:ResultType">
  *                <sequence>
- *                    <element ref="xkms:KeyBinding" minOccurs="0" 
- *				    maxOccurs="unbounded"/>
+ *                    <element ref="xkms:KeyBinding" minOccurs="0"
+ *                                  maxOccurs="unbounded"/>
  *                </sequence>
  *            </extension>
  *        </complexContent>
  *    </complexType>
  *    <!-- /ValidateResult -->
- */ 
-static int 
+ */
+static int
 xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx, xmlNodePtr node) {
     xmlSecSize pos, size;
     xmlSecKeyPtr key;
@@ -4899,81 +4899,81 @@ xmlSecXkmsServerRequestValidateNodeWrite(xmlSecXkmsServerRequestId id, xmlSecXkm
     /* first write the "parent" type */
     ret = xmlSecXkmsServerCtxResultTypeNodeWrite(ctx, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerCtxResultTypeNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);  	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerCtxResultTypeNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* write keys in <xkms:UnverifiedKeyBinding> nodes */
     size = xmlSecPtrListGetSize(&(ctx->keys));
     for(pos = 0; pos < size; ++pos) {
-	key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
-	if(key == NULL) {
-	    continue;
-	}
-            
-	cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
-	if(cur == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecAddChild",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
-	    return(-1);  	
-    	}
-
-	ret = xmlSecXkmsServerCtxKeyBindingNodeWrite(ctx, cur, key);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecXkmsServerCtxKeyBindingNodeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);  	
-	}
+        key = (xmlSecKeyPtr)xmlSecPtrListGetItem(&(ctx->keys), pos);
+        if(key == NULL) {
+            continue;
+        }
+
+        cur = xmlSecAddChild(node, xmlSecNodeUnverifiedKeyBinding, xmlSecXkmsNs);
+        if(cur == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecAddChild",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeUnverifiedKeyBinding));
+            return(-1);
+        }
+
+        ret = xmlSecXkmsServerCtxKeyBindingNodeWrite(ctx, cur, key);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXkmsServerCtxKeyBindingNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecXkmsServerRequestValidateExecute(xmlSecXkmsServerRequestId id, xmlSecXkmsServerCtxPtr ctx) {
     xmlSecKeyPtr key = NULL;
     int ret;
-    
+
     xmlSecAssert2(id == xmlSecXkmsServerRequestValidateId, -1);
     xmlSecAssert2(ctx != NULL, -1);
 
     /* now we are ready to search for key */
     if((ctx->keyInfoReadCtx.keysMngr != NULL) && (ctx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
-	key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
+        key = (ctx->keyInfoReadCtx.keysMngr->getKey)(ctx->keyInfoNode, &(ctx->keyInfoReadCtx));
     }
-    
+
     /* check that we got what we needed */
     if((key == NULL) || (!xmlSecKeyMatch(key, NULL, &(ctx->keyInfoReadCtx.keyReq)))) {
-	if(key != NULL) {
-    	    xmlSecKeyDestroy(key);
-	}
-	xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
-	return(-1);
-    } 
-        
+        if(key != NULL) {
+            xmlSecKeyDestroy(key);
+        }
+        xmlSecXkmsServerCtxSetResult(ctx, xmlSecXkmsResultMajorSender, xmlSecXkmsResultMinorNoMatch);
+        return(-1);
+    }
+
     xmlSecAssert2(key != NULL, -1);
     ret = xmlSecPtrListAdd(&(ctx->keys), key);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecKeyDestroy(key);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecKeyDestroy(key);
+        return(-1);
+    }
+
     return(0);
 }
 
diff --git a/src/xmldsig.c b/src/xmldsig.c
index cbd825e5..b08b8b11 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -1,13 +1,13 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Digital Signature" implementation
  *  http://www.w3.org/TR/xmldsig-core/
  *  http://www.w3.org/Signature/Overview.html
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -19,7 +19,7 @@
 #include <string.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -36,113 +36,113 @@
  * xmlSecDSigCtx
  *
  *************************************************************************/
-static int	xmlSecDSigCtxProcessSignatureNode	(xmlSecDSigCtxPtr dsigCtx, 
-							 xmlNodePtr node);
-static int	xmlSecDSigCtxProcessSignedInfoNode	(xmlSecDSigCtxPtr dsigCtx, 
-							 xmlNodePtr node);
-static int	xmlSecDSigCtxProcessKeyInfoNode		(xmlSecDSigCtxPtr dsigCtx, 
-							 xmlNodePtr node);
-static int	xmlSecDSigCtxProcessObjectNode		(xmlSecDSigCtxPtr dsigCtx, 
-							 xmlNodePtr node);
-static int	xmlSecDSigCtxProcessManifestNode	(xmlSecDSigCtxPtr dsigCtx, 
-							 xmlNodePtr node);
+static int      xmlSecDSigCtxProcessSignatureNode       (xmlSecDSigCtxPtr dsigCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecDSigCtxProcessSignedInfoNode      (xmlSecDSigCtxPtr dsigCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecDSigCtxProcessKeyInfoNode         (xmlSecDSigCtxPtr dsigCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecDSigCtxProcessObjectNode          (xmlSecDSigCtxPtr dsigCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecDSigCtxProcessManifestNode        (xmlSecDSigCtxPtr dsigCtx,
+                                                         xmlNodePtr node);
 
 /* The ID attribute in XMLDSig is 'Id' */
-static const xmlChar*		xmlSecDSigIds[] = { xmlSecAttrId, NULL };
+static const xmlChar*           xmlSecDSigIds[] = { xmlSecAttrId, NULL };
 
 /**
  * xmlSecDSigCtxCreate:
- * @keysMngr: 		the pointer to keys manager.
+ * @keysMngr:           the pointer to keys manager.
  *
  * Creates <dsig:Signature/> element processing context.
- * The caller is responsible for destroying returend object by calling 
+ * The caller is responsible for destroying returned object by calling
  * #xmlSecDSigCtxDestroy function.
  *
  * Returns: pointer to newly allocated context object or NULL if an error
  * occurs.
  */
-xmlSecDSigCtxPtr	
+xmlSecDSigCtxPtr
 xmlSecDSigCtxCreate(xmlSecKeysMngrPtr keysMngr) {
     xmlSecDSigCtxPtr dsigCtx;
     int ret;
-    
+
     dsigCtx = (xmlSecDSigCtxPtr) xmlMalloc(sizeof(xmlSecDSigCtx));
     if(dsigCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecDSigCtx)=%d", 
-		    sizeof(xmlSecDSigCtx));
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecDSigCtx)=%d",
+                    sizeof(xmlSecDSigCtx));
+        return(NULL);
+    }
+
     ret = xmlSecDSigCtxInitialize(dsigCtx, keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecDSigCtxDestroy(dsigCtx);
-	return(NULL);   
-    }
-    return(dsigCtx);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecDSigCtxDestroy(dsigCtx);
+        return(NULL);
+    }
+    return(dsigCtx);
 }
 
 /**
  * xmlSecDSigCtxDestroy:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
  *
  * Destroy context object created with #xmlSecDSigCtxCreate function.
  */
-void  
+void
 xmlSecDSigCtxDestroy(xmlSecDSigCtxPtr dsigCtx) {
     xmlSecAssert(dsigCtx != NULL);
-    
+
     xmlSecDSigCtxFinalize(dsigCtx);
     xmlFree(dsigCtx);
 }
 
 /**
  * xmlSecDSigCtxInitialize:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @keysMngr: 		the pointer to keys manager.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @keysMngr:           the pointer to keys manager.
  *
  * Initializes <dsig:Signature/> element processing context.
- * The caller is responsible for cleaing up returend object by calling 
+ * The caller is responsible for cleaning up returned object by calling
  * #xmlSecDSigCtxFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
-    
+
     memset(dsigCtx, 0, sizeof(xmlSecDSigCtx));
 
     /* initialize key info */
     ret = xmlSecKeyInfoCtxInitialize(&(dsigCtx->keyInfoReadCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     dsigCtx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
-    
+
     ret = xmlSecKeyInfoCtxInitialize(&(dsigCtx->keyInfoWriteCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     dsigCtx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
     /* it's not wise to write private key :) */
@@ -151,19 +151,19 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
     /* initializes transforms dsigCtx */
     ret = xmlSecTransformCtxInitialize(&(dsigCtx->transformCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* references lists from SignedInfo and Manifest elements */
-    xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences), 
-			    xmlSecDSigReferenceCtxListId);
-    xmlSecPtrListInitialize(&(dsigCtx->manifestReferences), 
-			    xmlSecDSigReferenceCtxListId);    
+    xmlSecPtrListInitialize(&(dsigCtx->signedInfoReferences),
+                            xmlSecDSigReferenceCtxListId);
+    xmlSecPtrListInitialize(&(dsigCtx->manifestReferences),
+                            xmlSecDSigReferenceCtxListId);
 
     dsigCtx->enabledReferenceUris = xmlSecTransformUriTypeAny;
     return(0);
@@ -171,11 +171,11 @@ xmlSecDSigCtxInitialize(xmlSecDSigCtxPtr dsigCtx, xmlSecKeysMngrPtr keysMngr) {
 
 /**
  * xmlSecDSigCtxFinalize:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
  *
  * Cleans up @dsigCtx object initialized with #xmlSecDSigCtxInitialize function.
  */
-void 
+void
 xmlSecDSigCtxFinalize(xmlSecDSigCtxPtr dsigCtx) {
     xmlSecAssert(dsigCtx != NULL);
 
@@ -186,68 +186,68 @@ xmlSecDSigCtxFinalize(xmlSecDSigCtxPtr dsigCtx) {
     xmlSecPtrListFinalize(&(dsigCtx->manifestReferences));
 
     if(dsigCtx->enabledReferenceTransforms != NULL) {
-	xmlSecPtrListDestroy(dsigCtx->enabledReferenceTransforms);	
+        xmlSecPtrListDestroy(dsigCtx->enabledReferenceTransforms);
     }
     if(dsigCtx->signKey != NULL) {
-	xmlSecKeyDestroy(dsigCtx->signKey);
+        xmlSecKeyDestroy(dsigCtx->signKey);
     }
     if(dsigCtx->id != NULL) {
-	xmlFree(dsigCtx->id);
-    }	
+        xmlFree(dsigCtx->id);
+    }
     memset(dsigCtx, 0, sizeof(xmlSecDSigCtx));
 }
 
 /**
  * xmlSecDSigCtxEnableReferenceTransform:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @transformId:	the transform klass.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @transformId:        the transform klass.
  *
  * Enables @transformId for <dsig:Reference/> elements processing.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecDSigCtxEnableReferenceTransform(xmlSecDSigCtxPtr dsigCtx, xmlSecTransformId transformId) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->result == NULL, -1);
     xmlSecAssert2(transformId != xmlSecTransformIdUnknown, -1);
 
     if(dsigCtx->enabledReferenceTransforms == NULL) {
-	dsigCtx->enabledReferenceTransforms = xmlSecPtrListCreate(xmlSecTransformIdListId);
-	if(dsigCtx->enabledReferenceTransforms == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);   
-	}
-    }	
-	
+        dsigCtx->enabledReferenceTransforms = xmlSecPtrListCreate(xmlSecTransformIdListId);
+        if(dsigCtx->enabledReferenceTransforms == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     ret = xmlSecPtrListAdd(dsigCtx->enabledReferenceTransforms, (void*)transformId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
 /**
  * xmlSecDSigCtxEnableSignatureTransform:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @transformId:	the transform klass.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @transformId:        the transform klass.
  *
  * Enables @transformId for <dsig:SignedInfo/> element processing.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecDSigCtxEnableSignatureTransform(xmlSecDSigCtxPtr dsigCtx, xmlSecTransformId transformId) {
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->result == NULL, -1);
@@ -258,138 +258,138 @@ xmlSecDSigCtxEnableSignatureTransform(xmlSecDSigCtxPtr dsigCtx, xmlSecTransformI
 
 /**
  * xmlSecDSigCtxGetPreSignBuffer:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * 
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ *
  * Gets pointer to the buffer with serialized <dsig:SignedInfo/> element
- * just before signature claculation (valid if and only if 
+ * just before signature claculation (valid if and only if
  * #XMLSEC_DSIG_FLAGS_STORE_SIGNATURE context flag is set.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-xmlSecBufferPtr 
+xmlSecBufferPtr
 xmlSecDSigCtxGetPreSignBuffer(xmlSecDSigCtxPtr dsigCtx) {
     xmlSecAssert2(dsigCtx != NULL, NULL);
-    
-    return((dsigCtx->preSignMemBufMethod != NULL) ? 
-	    xmlSecTransformMemBufGetBuffer(dsigCtx->preSignMemBufMethod) : NULL);
+
+    return((dsigCtx->preSignMemBufMethod != NULL) ?
+            xmlSecTransformMemBufGetBuffer(dsigCtx->preSignMemBufMethod) : NULL);
 }
 
 /**
  * xmlSecDSigCtxSign:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @tmpl:		the pointer to <dsig:Signature/> node with signature template.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @tmpl:               the pointer to <dsig:Signature/> node with signature template.
  *
  * Signs the data as described in @tmpl node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecDSigCtxSign(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr tmpl) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->result == NULL, -1);
     xmlSecAssert2(tmpl != NULL, -1);
     xmlSecAssert2(tmpl->doc != NULL, -1);
 
     /* add ids for Signature nodes */
-    dsigCtx->operation 	= xmlSecTransformOperationSign;
-    dsigCtx->status 	= xmlSecDSigStatusUnknown;
+    dsigCtx->operation  = xmlSecTransformOperationSign;
+    dsigCtx->status     = xmlSecDSigStatusUnknown;
     xmlSecAddIDs(tmpl->doc, tmpl, xmlSecDSigIds);
 
     /* read signature template */
     ret = xmlSecDSigCtxProcessSignatureNode(dsigCtx, tmpl);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigCtxSigantureProcessNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigCtxSignatureProcessNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
     xmlSecAssert2(dsigCtx->signValueNode != NULL, -1);
 
     /* references processing might change the status */
     if(dsigCtx->status != xmlSecDSigStatusUnknown) {
-	return(0);
+        return(0);
     }
 
     /* check what we've got */
     dsigCtx->result = dsigCtx->transformCtx.result;
     if((dsigCtx->result == NULL) || (xmlSecBufferGetData(dsigCtx->result) == NULL)) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_RESULT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_RESULT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* write signed data to xml */
     xmlNodeSetContentLen(dsigCtx->signValueNode,
-			    xmlSecBufferGetData(dsigCtx->result),
-			    xmlSecBufferGetSize(dsigCtx->result));
-    
+                            xmlSecBufferGetData(dsigCtx->result),
+                            xmlSecBufferGetSize(dsigCtx->result));
+
     /* set success status and we are done */
     dsigCtx->status = xmlSecDSigStatusSucceeded;
-    return(0);    
+    return(0);
 }
 
 /**
  * xmlSecDSigCtxVerify:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @node:		the pointer with <dsig:Signature/> node.
- * 
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @node:               the pointer with <dsig:Signature/> node.
+ *
  * Vaidates signature in the @node. The verification result is returned
  * in #status member of the @dsigCtx object.
  *
- * Returns: 0 on success (check #status member of @dsigCtx to get 
+ * Returns: 0 on success (check #status member of @dsigCtx to get
  * signature verification result) or a negative value if an error occurs.
  */
-int 
+int
 xmlSecDSigCtxVerify(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(node->doc != NULL, -1);
 
     /* add ids for Signature nodes */
-    dsigCtx->operation 	= xmlSecTransformOperationVerify;
-    dsigCtx->status 	= xmlSecDSigStatusUnknown;
+    dsigCtx->operation  = xmlSecTransformOperationVerify;
+    dsigCtx->status     = xmlSecDSigStatusUnknown;
     xmlSecAddIDs(node->doc, node, xmlSecDSigIds);
-    
-    /* read siganture info */
+
+    /* read signature info */
     ret = xmlSecDSigCtxProcessSignatureNode(dsigCtx, node);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigCtxSigantureProcessNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigCtxSignatureProcessNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
     xmlSecAssert2(dsigCtx->signValueNode != NULL, -1);
 
     /* references processing might change the status */
     if(dsigCtx->status != xmlSecDSigStatusUnknown) {
-	return(0);
+        return(0);
     }
 
     /* verify SignatureValue node content */
     ret = xmlSecTransformVerifyNodeContent(dsigCtx->signMethod, dsigCtx->signValueNode,
-					   &(dsigCtx->transformCtx));
+                                           &(dsigCtx->transformCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformVerifyNodeContent",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformVerifyNodeContent",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* set status and we are done */
     if(dsigCtx->signMethod->status == xmlSecTransformStatusOk) {
         dsigCtx->status = xmlSecDSigStatusSucceeded;
@@ -404,47 +404,47 @@ xmlSecDSigCtxVerify(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
  *
  * The Signature  element (http://www.w3.org/TR/xmldsig-core/#sec-Signature)
  *
- * The Signature element is the root element of an XML Signature. 
- * Implementation MUST generate laxly schema valid [XML-schema] Signature 
+ * The Signature element is the root element of an XML Signature.
+ * Implementation MUST generate laxly schema valid [XML-schema] Signature
  * elements as specified by the following schema:
- * The way in which the SignedInfo element is presented to the 
- * canonicalization method is dependent on that method. The following 
+ * The way in which the SignedInfo element is presented to the
+ * canonicalization method is dependent on that method. The following
  * applies to algorithms which process XML as nodes or characters:
  *
- *  - XML based canonicalization implementations MUST be provided with 
- *  a [XPath] node-set originally formed from the document containing 
+ *  - XML based canonicalization implementations MUST be provided with
+ *  a [XPath] node-set originally formed from the document containing
  *  the SignedInfo and currently indicating the SignedInfo, its descendants,
- *  and the attribute and namespace nodes of SignedInfo and its descendant 
+ *  and the attribute and namespace nodes of SignedInfo and its descendant
  *  elements.
  *
- *  - Text based canonicalization algorithms (such as CRLF and charset 
- *  normalization) should be provided with the UTF-8 octets that represent 
- *  the well-formed SignedInfo element, from the first character to the 
- *  last character of the XML representation, inclusive. This includes 
- *  the entire text of the start and end tags of the SignedInfo element 
- *  as well as all descendant markup and character data (i.e., the text) 
- *  between those tags. Use of text based canonicalization of SignedInfo 
- *  is NOT RECOMMENDED.   	     
+ *  - Text based canonicalization algorithms (such as CRLF and charset
+ *  normalization) should be provided with the UTF-8 octets that represent
+ *  the well-formed SignedInfo element, from the first character to the
+ *  last character of the XML representation, inclusive. This includes
+ *  the entire text of the start and end tags of the SignedInfo element
+ *  as well as all descendant markup and character data (i.e., the text)
+ *  between those tags. Use of text based canonicalization of SignedInfo
+ *  is NOT RECOMMENDED.
  *
  *  =================================
- *  we do not support any non XML based C14N 
+ *  we do not support any non XML based C14N
  *
  * Schema Definition:
  *
  *  <element name="Signature" type="ds:SignatureType"/>
  *  <complexType name="SignatureType">
- *  <sequence> 
- *     <element ref="ds:SignedInfo"/> 
- *     <element ref="ds:SignatureValue"/> 
- *     <element ref="ds:KeyInfo" minOccurs="0"/> 
- *     <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/> 
+ *  <sequence>
+ *     <element ref="ds:SignedInfo"/>
+ *     <element ref="ds:SignatureValue"/>
+ *     <element ref="ds:KeyInfo" minOccurs="0"/>
+ *     <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
  *     </sequence> <attribute name="Id" type="ID" use="optional"/>
  *  </complexType>
- *    
+ *
  * DTD:
- *    
+ *
  *  <!ELEMENT Signature (SignedInfo, SignatureValue, KeyInfo?, Object*)  >
- *  <!ATTLIST Signature  
+ *  <!ATTLIST Signature
  *      xmlns   CDATA   #FIXED 'http://www.w3.org/2000/09/xmldsig#'
  *      Id      ID  #IMPLIED >
  *
@@ -456,7 +456,7 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     xmlNodePtr keyInfoNode = NULL;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
@@ -466,13 +466,13 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     xmlSecAssert2(node != NULL, -1);
 
     if(!xmlSecCheckNodeName(node, xmlSecNodeSignature, xmlSecDSigNs)) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignature));
-	return(-1);	    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignature));
+        return(-1);
     }
 
     /* read node data */
@@ -480,14 +480,14 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     dsigCtx->id = xmlGetProp(node, xmlSecAttrId);
 
     /* first node is required SignedInfo */
-    cur = xmlSecGetNextElementNode(node->children);    
+    cur = xmlSecGetNextElementNode(node->children);
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeSignedInfo, xmlSecDSigNs))) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignedInfo));
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignedInfo));
         return(-1);
     }
     signedInfoNode = cur;
@@ -495,441 +495,441 @@ xmlSecDSigCtxProcessSignatureNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
 
     /* next node is required SignatureValue */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignatureValue));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignatureValue));
+        return(-1);
     }
     dsigCtx->signValueNode = cur;
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next node is optional KeyInfo */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs))) {
-	keyInfoNode = cur;
-	cur = xmlSecGetNextElementNode(cur->next);
+        keyInfoNode = cur;
+        cur = xmlSecGetNextElementNode(cur->next);
     } else {
-	keyInfoNode = NULL;
+        keyInfoNode = NULL;
     }
-    
+
     /* next nodes are optional Object nodes */
     while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeObject, xmlSecDSigNs))) {
-	/* read manifests from objects */
-	if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS) == 0) {
-	    ret = xmlSecDSigCtxProcessObjectNode(dsigCtx, cur);
-	    if(ret < 0) {
-    		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecDSigCtxProcessObjectNode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);	    	    
-	    }
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
-    }
-    
+        /* read manifests from objects */
+        if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_IGNORE_MANIFESTS) == 0) {
+            ret = xmlSecDSigCtxProcessObjectNode(dsigCtx, cur);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecDSigCtxProcessObjectNode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
+
     /* if there is something left than it's an error */
     if(cur != NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* now validated all the references and prepare transform */
     ret = xmlSecDSigCtxProcessSignedInfoNode(dsigCtx, signedInfoNode);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigCtxProcessSignedInfoNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }				
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigCtxProcessSignedInfoNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     /* references processing might change the status */
     if(dsigCtx->status != xmlSecDSigStatusUnknown) {
-	return(0);
+        return(0);
     }
-    
-    /* as the result, we should have sign and c14n methods set */    
+
+    /* as the result, we should have sign and c14n methods set */
     xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
     xmlSecAssert2(dsigCtx->c14nMethod != NULL, -1);
 
     ret = xmlSecDSigCtxProcessKeyInfoNode(dsigCtx, keyInfoNode);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigCtxProcessKeyInfoNode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);	
-    }				
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigCtxProcessKeyInfoNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     /* as the result, we should have a key */
     xmlSecAssert2(dsigCtx->signKey != NULL, -1);
 
     /* if we need to write result to xml node then we need base64 encode result */
-    if(dsigCtx->operation == xmlSecTransformOperationSign) {	
-	xmlSecTransformPtr base64Encode;
-	
-	/* we need to add base64 encode transform */
-	base64Encode = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx), 
-							 xmlSecTransformBase64Id);
-    	if(base64Encode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	base64Encode->operation = xmlSecTransformOperationEncode;
-    }
-
-    firstType = xmlSecTransformGetDataType(dsigCtx->transformCtx.first, 
-					   xmlSecTransformModePush, 
-					   &(dsigCtx->transformCtx));
+    if(dsigCtx->operation == xmlSecTransformOperationSign) {
+        xmlSecTransformPtr base64Encode;
+
+        /* we need to add base64 encode transform */
+        base64Encode = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
+                                                         xmlSecTransformBase64Id);
+        if(base64Encode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        base64Encode->operation = xmlSecTransformOperationEncode;
+    }
+
+    firstType = xmlSecTransformGetDataType(dsigCtx->transformCtx.first,
+                                           xmlSecTransformModePush,
+                                           &(dsigCtx->transformCtx));
     if((firstType & xmlSecTransformDataTypeXml) != 0) {
-	xmlSecNodeSetPtr nodeset = NULL;
+        xmlSecNodeSetPtr nodeset = NULL;
 
-	xmlSecAssert2(signedInfoNode != NULL, -1);
+        xmlSecAssert2(signedInfoNode != NULL, -1);
         nodeset = xmlSecNodeSetGetChildren(signedInfoNode->doc, signedInfoNode, 1, 0);
-	if(nodeset == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNodeSetGetChildren",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-		        xmlSecErrorsSafeString(xmlSecNodeGetName(signedInfoNode)));
-	    return(-1);
-	}
-
-	/* calculate the signature */
-	ret = xmlSecTransformCtxXmlExecute(&(dsigCtx->transformCtx), nodeset);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecTransformCtxXmlExecute",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecNodeSetDestroy(nodeset);
-	    return(-1);
-	}
-	xmlSecNodeSetDestroy(nodeset);
+        if(nodeset == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNodeSetGetChildren",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(signedInfoNode)));
+            return(-1);
+        }
+
+        /* calculate the signature */
+        ret = xmlSecTransformCtxXmlExecute(&(dsigCtx->transformCtx), nodeset);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxXmlExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecNodeSetDestroy(nodeset);
+            return(-1);
+        }
+        xmlSecNodeSetDestroy(nodeset);
     } else {
-	/* TODO */
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "the binary c14n transforms are not supported yet",
-		    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        /* TODO */
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "the binary c14n transforms are not supported yet",
+                    XMLSEC_ERRORS_R_NOT_IMPLEMENTED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-/** 
+/**
  * xmlSecDSigCtxProcessSignedInfoNode:
  *
  * The SignedInfo Element (http://www.w3.org/TR/xmldsig-core/#sec-SignedInfo)
- * 
- * The structure of SignedInfo includes the canonicalization algorithm, 
- * a result algorithm, and one or more references. The SignedInfo element 
- * may contain an optional ID attribute that will allow it to be referenced by 
+ *
+ * The structure of SignedInfo includes the canonicalization algorithm,
+ * a result algorithm, and one or more references. The SignedInfo element
+ * may contain an optional ID attribute that will allow it to be referenced by
  * other signatures and objects.
  *
  * SignedInfo does not include explicit result or digest properties (such as
- * calculation time, cryptographic device serial number, etc.). If an 
- * application needs to associate properties with the result or digest, 
- * it may include such information in a SignatureProperties element within 
+ * calculation time, cryptographic device serial number, etc.). If an
+ * application needs to associate properties with the result or digest,
+ * it may include such information in a SignatureProperties element within
  * an Object element.
  *
  * Schema Definition:
  *
- *  <element name="SignedInfo" type="ds:SignedInfoType"/> 
+ *  <element name="SignedInfo" type="ds:SignedInfoType"/>
  *  <complexType name="SignedInfoType">
- *    <sequence> 
+ *    <sequence>
  *      <element ref="ds:CanonicalizationMethod"/>
- *      <element ref="ds:SignatureMethod"/> 
- *      <element ref="ds:Reference" maxOccurs="unbounded"/> 
- *    </sequence> 
- *    <attribute name="Id" type="ID" use="optional"/> 
+ *      <element ref="ds:SignatureMethod"/>
+ *      <element ref="ds:Reference" maxOccurs="unbounded"/>
+ *    </sequence>
+ *    <attribute name="Id" type="ID" use="optional"/>
  *  </complexType>
- *    
+ *
  * DTD:
- *    
+ *
  *  <!ELEMENT SignedInfo (CanonicalizationMethod, SignatureMethod,  Reference+) >
  *  <!ATTLIST SignedInfo  Id   ID      #IMPLIED>
- * 
+ *
  */
-static int 
+static int
 xmlSecDSigCtxProcessSignedInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     xmlSecDSigReferenceCtxPtr dsigRefCtx;
     xmlNodePtr cur;
     int ret;
-    
-    xmlSecAssert2(dsigCtx != NULL, -1);	
+
+    xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
     xmlSecAssert2(dsigCtx->signMethod == NULL, -1);
     xmlSecAssert2(dsigCtx->c14nMethod == NULL, -1);
     xmlSecAssert2((dsigCtx->operation == xmlSecTransformOperationSign) || (dsigCtx->operation == xmlSecTransformOperationVerify), -1);
     xmlSecAssert2(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* first node is required CanonicalizationMethod. */
     cur = xmlSecGetNextElementNode(node->children);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCanonicalizationMethod, xmlSecDSigNs))) {
-	dsigCtx->c14nMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx), 
-					cur, xmlSecTransformUsageC14NMethod);
-	if(dsigCtx->c14nMethod == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);	
-	}	
+        dsigCtx->c14nMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx),
+                                        cur, xmlSecTransformUsageC14NMethod);
+        if(dsigCtx->c14nMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
     } else if(dsigCtx->defC14NMethodId != xmlSecTransformIdUnknown) {
-	/* the dsig spec does require CanonicalizationMethod node
-	 * to be present but in some case it application might decide to
-	 * minimize traffic */
-	dsigCtx->c14nMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx), 
-							      dsigCtx->defC14NMethodId);
-	if(dsigCtx->c14nMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        /* the dsig spec does require CanonicalizationMethod node
+         * to be present but in some case it application might decide to
+         * minimize traffic */
+        dsigCtx->c14nMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
+                                                              dsigCtx->defC14NMethodId);
+        if(dsigCtx->c14nMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "CanonicalizationMethod",
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeCanonicalizationMethod));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "CanonicalizationMethod",
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCanonicalizationMethod));
+        return(-1);
+    }
+
     /* insert membuf if requested */
     if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) {
-	xmlSecAssert2(dsigCtx->preSignMemBufMethod == NULL, -1);
-	dsigCtx->preSignMemBufMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx), 
-						xmlSecTransformMemBufId);
-	if(dsigCtx->preSignMemBufMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
-	}
-    }
-        
+        xmlSecAssert2(dsigCtx->preSignMemBufMethod == NULL, -1);
+        dsigCtx->preSignMemBufMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
+                                                xmlSecTransformMemBufId);
+        if(dsigCtx->preSignMemBufMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+        }
+    }
+
     /* next node is required SignatureMethod. */
     cur = xmlSecGetNextElementNode( ((cur != NULL) ? cur->next : node->children) );
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeSignatureMethod, xmlSecDSigNs))) {
-	dsigCtx->signMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx), 
-					cur, xmlSecTransformUsageSignatureMethod);
-	if(dsigCtx->signMethod == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);	
-	}	
+        dsigCtx->signMethod = xmlSecTransformCtxNodeRead(&(dsigCtx->transformCtx),
+                                        cur, xmlSecTransformUsageSignatureMethod);
+        if(dsigCtx->signMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
     } else if(dsigCtx->defSignMethodId != xmlSecTransformIdUnknown) {
-	/* the dsig spec does require SignatureMethod node
-	 * to be present but in some case it application might decide to
-	 * minimize traffic */
-	dsigCtx->signMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx), 
-							      dsigCtx->defSignMethodId);
-	if(dsigCtx->signMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        /* the dsig spec does require SignatureMethod node
+         * to be present but in some case it application might decide to
+         * minimize traffic */
+        dsigCtx->signMethod = xmlSecTransformCtxCreateAndAppend(&(dsigCtx->transformCtx),
+                                                              dsigCtx->defSignMethodId);
+        if(dsigCtx->signMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeSignatureMethod));
-	return(-1);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeSignatureMethod));
+        return(-1);
+    }
     dsigCtx->signMethod->operation = dsigCtx->operation;
-    
+
     /* calculate references */
     cur = xmlSecGetNextElementNode(cur->next);
     while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs))) {
         /* create reference */
-	dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
-	if(dsigRefCtx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-		        "xmlSecDSigReferenceCtxCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	    
-	}
-
-	/* add to the list */
-	ret = xmlSecPtrListAdd(&(dsigCtx->signedInfoReferences), dsigRefCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListAdd",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
-	    return(-1);	    
-	}
-
-	/* process */
-	ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecDSigReferenceCtxProcessNode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);	    
-	}
-
-	/* bail out if next Reference processing failed */
-	if(dsigRefCtx->status != xmlSecDSigStatusSucceeded) {
-	    dsigCtx->status = xmlSecDSigStatusInvalid;
-	    return(0); 
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginSignedInfo);
+        if(dsigRefCtx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecDSigReferenceCtxCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* add to the list */
+        ret = xmlSecPtrListAdd(&(dsigCtx->signedInfoReferences), dsigRefCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
+            return(-1);
+        }
+
+        /* process */
+        ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecDSigReferenceCtxProcessNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
+        /* bail out if next Reference processing failed */
+        if(dsigRefCtx->status != xmlSecDSigStatusSucceeded) {
+            dsigCtx->status = xmlSecDSigStatusInvalid;
+            return(0);
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* check that we have at least one Reference */
     if(xmlSecPtrListGetSize(&(dsigCtx->signedInfoReferences)) == 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_DSIG_NO_REFERENCES,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* if there is something left than it's an error */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->signMethod != NULL, -1);
 
     /* set key requirements */
     ret = xmlSecTransformSetKeyReq(dsigCtx->signMethod, &(dsigCtx->keyInfoReadCtx.keyReq));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformSetKeyReq",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
-	return(-1);
-    }	
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformSetKeyReq",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
+        return(-1);
+    }
+
     /* ignore <dsig:KeyInfo /> if there is the key is already set */
     /* todo: throw an error if key is set and node != NULL? */
-    if((dsigCtx->signKey == NULL) && (dsigCtx->keyInfoReadCtx.keysMngr != NULL) 
-			&& (dsigCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) {	
-	dsigCtx->signKey = (dsigCtx->keyInfoReadCtx.keysMngr->getKey)(node, &(dsigCtx->keyInfoReadCtx));
+    if((dsigCtx->signKey == NULL) && (dsigCtx->keyInfoReadCtx.keysMngr != NULL)
+                        && (dsigCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
+        dsigCtx->signKey = (dsigCtx->keyInfoReadCtx.keysMngr->getKey)(node, &(dsigCtx->keyInfoReadCtx));
     }
-    
+
     /* check that we have exactly what we want */
     if((dsigCtx->signKey == NULL) || (!xmlSecKeyMatch(dsigCtx->signKey, NULL, &(dsigCtx->keyInfoReadCtx.keyReq)))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_KEY_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_KEY_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* set the key to the transform */
     ret = xmlSecTransformSetKey(dsigCtx->signMethod, dsigCtx->signKey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformSetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformSetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(dsigCtx->signMethod)));
+        return(-1);
     }
 
     /* if we are signing document, update <dsig:KeyInfo/> node */
-    if((node != NULL) && (dsigCtx->operation == xmlSecTransformOperationSign)) {	
-	ret = xmlSecKeyInfoNodeWrite(node, dsigCtx->signKey, &(dsigCtx->keyInfoWriteCtx));
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyInfoNodeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-    }
-    
+    if((node != NULL) && (dsigCtx->operation == xmlSecTransformOperationSign)) {
+        ret = xmlSecKeyInfoNodeWrite(node, dsigCtx->signKey, &(dsigCtx->keyInfoWriteCtx));
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyInfoNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     return(0);
 }
 
 /**
  * xmlSecDSigCtxProcessObjectNode:
- * 	
+ *
  * The Object Element (http://www.w3.org/TR/xmldsig-core/#sec-Object)
- * 
- * Object is an optional element that may occur one or more times. When 
- * present, this element may contain any data. The Object element may include 
+ *
+ * Object is an optional element that may occur one or more times. When
+ * present, this element may contain any data. The Object element may include
  * optional MIME type, ID, and encoding attributes.
- *     
+ *
  * Schema Definition:
- *     
- * <element name="Object" type="ds:ObjectType"/> 
+ *
+ * <element name="Object" type="ds:ObjectType"/>
  * <complexType name="ObjectType" mixed="true">
  *   <sequence minOccurs="0" maxOccurs="unbounded">
  *     <any namespace="##any" processContents="lax"/>
  *   </sequence>
- *   <attribute name="Id" type="ID" use="optional"/> 
+ *   <attribute name="Id" type="ID" use="optional"/>
  *   <attribute name="MimeType" type="string" use="optional"/>
- *   <attribute name="Encoding" type="anyURI" use="optional"/> 
+ *   <attribute name="Encoding" type="anyURI" use="optional"/>
  * </complexType>
- *	
+ *
  * DTD:
- *	
+ *
  * <!ELEMENT Object (#PCDATA|Signature|SignatureProperties|Manifest %Object.ANY;)* >
- * <!ATTLIST Object  Id  ID  #IMPLIED 
- *                   MimeType    CDATA   #IMPLIED 
+ * <!ATTLIST Object  Id  ID  #IMPLIED
+ *                   MimeType    CDATA   #IMPLIED
  *                   Encoding    CDATA   #IMPLIED >
  */
 static int
@@ -937,54 +937,54 @@ xmlSecDSigCtxProcessObjectNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
 
-    xmlSecAssert2(dsigCtx != NULL, -1);	
+    xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* we care about Manifest nodes only; ignore everything else */
     cur = xmlSecGetNextElementNode(node->children);
     while(cur != NULL) {
-	if(xmlSecCheckNodeName(cur, xmlSecNodeManifest, xmlSecDSigNs)) {
-	    ret = xmlSecDSigCtxProcessManifestNode(dsigCtx, cur);
-	    if(ret < 0){
-    		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecDSigCtxProcessManifestNode",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		return(-1);	    
-	    }
-	}
-	cur = xmlSecGetNextElementNode(cur->next);
+        if(xmlSecCheckNodeName(cur, xmlSecNodeManifest, xmlSecDSigNs)) {
+            ret = xmlSecDSigCtxProcessManifestNode(dsigCtx, cur);
+            if(ret < 0){
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecDSigCtxProcessManifestNode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        cur = xmlSecGetNextElementNode(cur->next);
     }
     return(0);
 }
 
 /**
- * xmlSecDSigCtxProcessManifestNode: 
+ * xmlSecDSigCtxProcessManifestNode:
  *
  * The Manifest  Element (http://www.w3.org/TR/xmldsig-core/#sec-Manifest)
  *
- * The Manifest element provides a list of References. The difference from 
- * the list in SignedInfo is that it is application defined which, if any, of 
- * the digests are actually checked against the objects referenced and what to 
- * do if the object is inaccessible or the digest compare fails. If a Manifest 
- * is pointed to from SignedInfo, the digest over the Manifest itself will be 
- * checked by the core result validation behavior. The digests within such 
- * a Manifest are checked at the application's discretion. If a Manifest is 
- * referenced from another Manifest, even the overall digest of this two level 
+ * The Manifest element provides a list of References. The difference from
+ * the list in SignedInfo is that it is application defined which, if any, of
+ * the digests are actually checked against the objects referenced and what to
+ * do if the object is inaccessible or the digest compare fails. If a Manifest
+ * is pointed to from SignedInfo, the digest over the Manifest itself will be
+ * checked by the core result validation behavior. The digests within such
+ * a Manifest are checked at the application's discretion. If a Manifest is
+ * referenced from another Manifest, even the overall digest of this two level
  * deep Manifest might not be checked.
- *     
+ *
  * Schema Definition:
- *     
- * <element name="Manifest" type="ds:ManifestType"/> 
+ *
+ * <element name="Manifest" type="ds:ManifestType"/>
  * <complexType name="ManifestType">
  *   <sequence>
- *     <element ref="ds:Reference" maxOccurs="unbounded"/> 
- *   </sequence> 
- *   <attribute name="Id" type="ID" use="optional"/> 
+ *     <element ref="ds:Reference" maxOccurs="unbounded"/>
+ *   </sequence>
+ *   <attribute name="Id" type="ID" use="optional"/>
  *  </complexType>
- *	
+ *
  * DTD:
  *
  * <!ELEMENT Manifest (Reference+)  >
@@ -996,7 +996,7 @@ xmlSecDSigCtxProcessManifestNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
 
-    xmlSecAssert2(dsigCtx != NULL, -1);	
+    xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigCtx->status == xmlSecDSigStatusUnknown, -1);
     xmlSecAssert2(node != NULL, -1);
 
@@ -1004,92 +1004,92 @@ xmlSecDSigCtxProcessManifestNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
     cur = xmlSecGetNextElementNode(node->children);
     while((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs))) {
         /* create reference */
-	dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginManifest);
-	if(dsigRefCtx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-		        "xmlSecDSigReferenceCtxCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);	    
-	}
-
-	/* add to the list */
-	ret = xmlSecPtrListAdd(&(dsigCtx->manifestReferences), dsigRefCtx);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListAdd",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
-	    return(-1);	    
-	}
-
-	/* process */
-	ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecDSigReferenceCtxProcessNode",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);	    
-	}
-
-	/* we don;t care if Reference processing failed because
-	 * it's Manifest node */
-	cur = xmlSecGetNextElementNode(cur->next);
+        dsigRefCtx = xmlSecDSigReferenceCtxCreate(dsigCtx, xmlSecDSigReferenceOriginManifest);
+        if(dsigRefCtx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecDSigReferenceCtxCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* add to the list */
+        ret = xmlSecPtrListAdd(&(dsigCtx->manifestReferences), dsigRefCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
+            return(-1);
+        }
+
+        /* process */
+        ret = xmlSecDSigReferenceCtxProcessNode(dsigRefCtx, cur);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecDSigReferenceCtxProcessNode",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
+        /* we don;t care if Reference processing failed because
+         * it's Manifest node */
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* we should have nothing else here */
     if(cur != NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     return(0);
 }
 
 /**
  * xmlSecDSigCtxDebugDump:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @output:		the pointer to output FILE.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints the debug information about @dsigCtx to @output.
  */
-void 
+void
 xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
     xmlSecAssert(dsigCtx != NULL);
     xmlSecAssert(output != NULL);
 
-    if(dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "= SIGNATURE CONTEXT\n");
+    if(dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "= SIGNATURE CONTEXT\n");
     } else {
-	fprintf(output, "= VERIFICATION CONTEXT\n");
+        fprintf(output, "= VERIFICATION CONTEXT\n");
     }
     switch(dsigCtx->status) {
-	case xmlSecDSigStatusUnknown:
-	    fprintf(output, "== Status: unknown\n");
-	    break;
-	case xmlSecDSigStatusSucceeded:
-	    fprintf(output, "== Status: succeeded\n");
-	    break;
-	case xmlSecDSigStatusInvalid:
-	    fprintf(output, "== Status: invalid\n");
-	    break;
+        case xmlSecDSigStatusUnknown:
+            fprintf(output, "== Status: unknown\n");
+            break;
+        case xmlSecDSigStatusSucceeded:
+            fprintf(output, "== Status: succeeded\n");
+            break;
+        case xmlSecDSigStatusInvalid:
+            fprintf(output, "== Status: invalid\n");
+            break;
     }
     fprintf(output, "== flags: 0x%08x\n", dsigCtx->flags);
     fprintf(output, "== flags2: 0x%08x\n", dsigCtx->flags2);
 
     if(dsigCtx->id != NULL) {
-	fprintf(output, "== Id: \"%s\"\n", dsigCtx->id);
+        fprintf(output, "== Id: \"%s\"\n", dsigCtx->id);
     }
-    
+
     fprintf(output, "== Key Info Read Ctx:\n");
     xmlSecKeyInfoCtxDebugDump(&(dsigCtx->keyInfoReadCtx), output);
     fprintf(output, "== Key Info Write Ctx:\n");
@@ -1100,68 +1100,68 @@ xmlSecDSigCtxDebugDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
 
     if(dsigCtx->signMethod != NULL) {
         fprintf(output, "== Signature Method:\n");
-	xmlSecTransformDebugDump(dsigCtx->signMethod, output);
+        xmlSecTransformDebugDump(dsigCtx->signMethod, output);
     }
 
     if(dsigCtx->signKey != NULL) {
         fprintf(output, "== Signature Key:\n");
-	xmlSecKeyDebugDump(dsigCtx->signKey, output);
+        xmlSecKeyDebugDump(dsigCtx->signKey, output);
     }
-    
+
     fprintf(output, "== SignedInfo References List:\n");
     xmlSecPtrListDebugDump(&(dsigCtx->signedInfoReferences), output);
 
     fprintf(output, "== Manifest References List:\n");
     xmlSecPtrListDebugDump(&(dsigCtx->manifestReferences), output);
-    
-    if((dsigCtx->result != NULL) && 
+
+    if((dsigCtx->result != NULL) &&
        (xmlSecBufferGetData(dsigCtx->result) != NULL)) {
 
-	fprintf(output, "== Result - start buffer:\n");
-	fwrite(xmlSecBufferGetData(dsigCtx->result), 
-	       xmlSecBufferGetSize(dsigCtx->result), 
-	       1, output);
-	fprintf(output, "\n== Result - end buffer\n");
+        fprintf(output, "== Result - start buffer:\n");
+        fwrite(xmlSecBufferGetData(dsigCtx->result),
+               xmlSecBufferGetSize(dsigCtx->result),
+               1, output);
+        fprintf(output, "\n== Result - end buffer\n");
     }
     if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
        (xmlSecDSigCtxGetPreSignBuffer(dsigCtx) != NULL) &&
        (xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
-       
-	fprintf(output, "== PreSigned data - start buffer:\n");
-	fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)), 
-	       xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)), 
-	       1, output);
-	fprintf(output, "\n== PreSigned data - end buffer\n");       
+
+        fprintf(output, "== PreSigned data - start buffer:\n");
+        fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+               xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+               1, output);
+        fprintf(output, "\n== PreSigned data - end buffer\n");
     }
 }
 
 /**
  * xmlSecDSigCtxDebugXmlDump:
- * @dsigCtx:		the pointer to <dsig:Signature/> processing context.
- * @output:		the pointer to output FILE.
+ * @dsigCtx:            the pointer to <dsig:Signature/> processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints the debug information about @dsigCtx to @output in XML format.
  */
-void 
+void
 xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
     xmlSecAssert(dsigCtx != NULL);
     xmlSecAssert(output != NULL);
 
-    if(dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "<SignatureContext \n");
+    if(dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "<SignatureContext \n");
     } else {
-	fprintf(output, "<VerificationContext \n");
+        fprintf(output, "<VerificationContext \n");
     }
     switch(dsigCtx->status) {
-	case xmlSecDSigStatusUnknown:
-	    fprintf(output, "status=\"unknown\" >\n");
-	    break;
-	case xmlSecDSigStatusSucceeded:
-	    fprintf(output, "status=\"succeeded\" >\n");
-	    break;
-	case xmlSecDSigStatusInvalid:
-	    fprintf(output, "status=\"invalid\" >\n");
-	    break;
+        case xmlSecDSigStatusUnknown:
+            fprintf(output, "status=\"unknown\" >\n");
+            break;
+        case xmlSecDSigStatusSucceeded:
+            fprintf(output, "status=\"succeeded\" >\n");
+            break;
+        case xmlSecDSigStatusInvalid:
+            fprintf(output, "status=\"invalid\" >\n");
+            break;
     }
 
     fprintf(output, "<Flags>%08x</Flags>\n", dsigCtx->flags);
@@ -1185,13 +1185,13 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
 
     if(dsigCtx->signMethod != NULL) {
         fprintf(output, "<SignatureMethod>\n");
-	xmlSecTransformDebugXmlDump(dsigCtx->signMethod, output);
+        xmlSecTransformDebugXmlDump(dsigCtx->signMethod, output);
         fprintf(output, "</SignatureMethod>\n");
     }
 
     if(dsigCtx->signKey != NULL) {
         fprintf(output, "<SignatureKey>\n");
-	xmlSecKeyDebugXmlDump(dsigCtx->signKey, output);
+        xmlSecKeyDebugXmlDump(dsigCtx->signKey, output);
         fprintf(output, "</SignatureKey>\n");
     }
 
@@ -1203,30 +1203,30 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
     xmlSecPtrListDebugXmlDump(&(dsigCtx->manifestReferences), output);
     fprintf(output, "</ManifestReferences>\n");
 
-    if((dsigCtx->result != NULL) && 
+    if((dsigCtx->result != NULL) &&
        (xmlSecBufferGetData(dsigCtx->result) != NULL)) {
 
-	fprintf(output, "<Result>");
-	fwrite(xmlSecBufferGetData(dsigCtx->result), 
-	       xmlSecBufferGetSize(dsigCtx->result), 
-	       1, output);
-	fprintf(output, "</Result>\n");
+        fprintf(output, "<Result>");
+        fwrite(xmlSecBufferGetData(dsigCtx->result),
+               xmlSecBufferGetSize(dsigCtx->result),
+               1, output);
+        fprintf(output, "</Result>\n");
     }
     if(((dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNATURE) != 0) &&
        (xmlSecDSigCtxGetPreSignBuffer(dsigCtx) != NULL) &&
        (xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)) != NULL)) {
-       
-	fprintf(output, "<PreSignedData>");
-	fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)), 
-	       xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)), 
-	       1, output);
-	fprintf(output, "</PreSignedData>\n");       
+
+        fprintf(output, "<PreSignedData>");
+        fwrite(xmlSecBufferGetData(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+               xmlSecBufferGetSize(xmlSecDSigCtxGetPreSignBuffer(dsigCtx)),
+               1, output);
+        fprintf(output, "</PreSignedData>\n");
     }
 
-    if(dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "</SignatureContext>\n");
+    if(dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "</SignatureContext>\n");
     } else {
-	fprintf(output, "</VerificationContext>\n");
+        fprintf(output, "</VerificationContext>\n");
     }
 }
 
@@ -1237,8 +1237,8 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
  *************************************************************************/
 /**
  * xmlSecDSigReferenceCtxCreate:
- * @dsigCtx:		the pointer to parent <dsig:Signature/> node processing context.
- * @origin:		the reference origin (<dsig:SignedInfo/> or <dsig:Manifest/> node).
+ * @dsigCtx:            the pointer to parent <dsig:Signature/> node processing context.
+ * @origin:             the reference origin (<dsig:SignedInfo/> or <dsig:Manifest/> node).
  *
  * Creates new <dsig:Reference/> element processing context. Caller is responsible
  * for destroying the returned context by calling #xmlSecDSigReferenceCtxDestroy
@@ -1246,56 +1246,56 @@ xmlSecDSigCtxDebugXmlDump(xmlSecDSigCtxPtr dsigCtx, FILE* output) {
  *
  * Returns: pointer to newly created context or NULL if an error occurs.
  */
-xmlSecDSigReferenceCtxPtr	
+xmlSecDSigReferenceCtxPtr
 xmlSecDSigReferenceCtxCreate(xmlSecDSigCtxPtr dsigCtx, xmlSecDSigReferenceOrigin origin) {
     xmlSecDSigReferenceCtxPtr dsigRefCtx;
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, NULL);
-    
+
     dsigRefCtx = (xmlSecDSigReferenceCtxPtr) xmlMalloc(sizeof(xmlSecDSigReferenceCtx));
     if(dsigRefCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecDSigReferenceCtx)=%d", 
-		    sizeof(xmlSecDSigReferenceCtx));
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecDSigReferenceCtx)=%d",
+                    sizeof(xmlSecDSigReferenceCtx));
+        return(NULL);
+    }
+
     ret = xmlSecDSigReferenceCtxInitialize(dsigRefCtx, dsigCtx, origin);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecDSigReferenceCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
-	return(NULL);   
-    }
-    return(dsigRefCtx);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecDSigReferenceCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecDSigReferenceCtxDestroy(dsigRefCtx);
+        return(NULL);
+    }
+    return(dsigRefCtx);
 }
 
-/** 
+/**
  * xmlSecDSigReferenceCtxDestroy:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
  *
  * Destroy context object created with #xmlSecDSigReferenceCtxCreate function.
  */
-void  
+void
 xmlSecDSigReferenceCtxDestroy(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
     xmlSecAssert(dsigRefCtx != NULL);
-    
+
     xmlSecDSigReferenceCtxFinalize(dsigRefCtx);
     xmlFree(dsigRefCtx);
 }
 
 /**
  * xmlSecDSigReferenceCtxInitialize:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
- * @dsigCtx:		the pointer to parent <dsig:Signature/> node processing context.
- * @origin:		the reference origin (<dsig:SignedInfo/> or <dsig:Manifest/> node).
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
+ * @dsigCtx:            the pointer to parent <dsig:Signature/> node processing context.
+ * @origin:             the reference origin (<dsig:SignedInfo/> or <dsig:Manifest/> node).
  *
  * Initializes new <dsig:Reference/> element processing context. Caller is responsible
  * for cleaning up the returned context by calling #xmlSecDSigReferenceCtxFinalize
@@ -1303,79 +1303,79 @@ xmlSecDSigReferenceCtxDestroy(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
  *
  * Returns: 0 on succes or aa negative value otherwise.
  */
-int 
+int
 xmlSecDSigReferenceCtxInitialize(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlSecDSigCtxPtr dsigCtx,
-				xmlSecDSigReferenceOrigin origin) {
+                                xmlSecDSigReferenceOrigin origin) {
     int ret;
-    
+
     xmlSecAssert2(dsigCtx != NULL, -1);
     xmlSecAssert2(dsigRefCtx != NULL, -1);
-    
+
     memset(dsigRefCtx, 0, sizeof(xmlSecDSigReferenceCtx));
-    
+
     dsigRefCtx->dsigCtx = dsigCtx;
     dsigRefCtx->origin = origin;
-    
+
     /* initializes transforms dsigRefCtx */
     ret = xmlSecTransformCtxInitialize(&(dsigRefCtx->transformCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* copy enabled transforms */
     if(dsigCtx->enabledReferenceTransforms != NULL) {
-	ret = xmlSecPtrListCopy(&(dsigRefCtx->transformCtx.enabledTransforms), 
-				     dsigCtx->enabledReferenceTransforms);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecPtrListCopy",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);   
-	}
-    }    
+        ret = xmlSecPtrListCopy(&(dsigRefCtx->transformCtx.enabledTransforms),
+                                     dsigCtx->enabledReferenceTransforms);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListCopy",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
     dsigRefCtx->transformCtx.preExecCallback = dsigCtx->referencePreExecuteCallback;
     dsigRefCtx->transformCtx.enabledUris = dsigCtx->enabledReferenceUris;
 
     if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_USE_VISA3D_HACK) != 0) {
-	dsigRefCtx->transformCtx.flags |= XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK;
+        dsigRefCtx->transformCtx.flags |= XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK;
     }
     return(0);
 }
 
-/** 
+/**
  * xmlSecDSigReferenceCtxFinalize:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
  *
  * Cleans up context object created with #xmlSecDSigReferenceCtxInitialize function.
  */
-void 
+void
 xmlSecDSigReferenceCtxFinalize(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
     xmlSecAssert(dsigRefCtx != NULL);
 
     xmlSecTransformCtxFinalize(&(dsigRefCtx->transformCtx));
     if(dsigRefCtx->id != NULL) {
-	xmlFree(dsigRefCtx->id);
-    }	
+        xmlFree(dsigRefCtx->id);
+    }
     if(dsigRefCtx->uri != NULL) {
-	xmlFree(dsigRefCtx->uri);
-    }	
+        xmlFree(dsigRefCtx->uri);
+    }
     if(dsigRefCtx->type != NULL) {
-	xmlFree(dsigRefCtx->type);
-    }	
+        xmlFree(dsigRefCtx->type);
+    }
     memset(dsigRefCtx, 0, sizeof(xmlSecDSigReferenceCtx));
 }
 
 /**
  * xmlSecDSigReferenceCtxGetPreDigestBuffer:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
- * 
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
+ *
  * Gets the results of <dsig:Reference/> node processing just before digesting
  * (valid only if #XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES or
  * #XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES flas of signature context
@@ -1383,41 +1383,41 @@ xmlSecDSigReferenceCtxFinalize(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
  *
  * Returns: pointer to the buffer or NULL if an error occurs.
  */
-xmlSecBufferPtr 
+xmlSecBufferPtr
 xmlSecDSigReferenceCtxGetPreDigestBuffer(xmlSecDSigReferenceCtxPtr dsigRefCtx) {
     xmlSecAssert2(dsigRefCtx != NULL, NULL);
-    
-    return((dsigRefCtx->preDigestMemBufMethod != NULL) ? 
-	    xmlSecTransformMemBufGetBuffer(dsigRefCtx->preDigestMemBufMethod) : NULL);
+
+    return((dsigRefCtx->preDigestMemBufMethod != NULL) ?
+            xmlSecTransformMemBufGetBuffer(dsigRefCtx->preDigestMemBufMethod) : NULL);
 }
 
 /**
  * xmlSecDSigReferenceCtxProcessNode:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
- * @node:		the pointer to <dsig:Reference/> node.
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
+ * @node:               the pointer to <dsig:Reference/> node.
 
  * The Reference Element (http://www.w3.org/TR/xmldsig-core/#sec-Reference)
- * 
- * Reference is an element that may occur one or more times. It specifies 
- * a digest algorithm and digest value, and optionally an identifier of the 
- * object being signed, the type of the object, and/or a list of transforms 
- * to be applied prior to digesting. The identification (URI) and transforms 
- * describe how the digested content (i.e., the input to the digest method) 
- * was created. The Type attribute facilitates the processing of referenced 
- * data. For example, while this specification makes no requirements over 
- * external data, an application may wish to signal that the referent is a 
- * Manifest. An optional ID attribute permits a Reference to be referenced 
+ *
+ * Reference is an element that may occur one or more times. It specifies
+ * a digest algorithm and digest value, and optionally an identifier of the
+ * object being signed, the type of the object, and/or a list of transforms
+ * to be applied prior to digesting. The identification (URI) and transforms
+ * describe how the digested content (i.e., the input to the digest method)
+ * was created. The Type attribute facilitates the processing of referenced
+ * data. For example, while this specification makes no requirements over
+ * external data, an application may wish to signal that the referent is a
+ * Manifest. An optional ID attribute permits a Reference to be referenced
  * from elsewhere.
  *
  * Returns: 0 on succes or aa negative value otherwise.
  */
-int 
+int
 xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodePtr node) {
     xmlSecTransformCtxPtr transformCtx;
     xmlNodePtr digestValueNode;
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(dsigRefCtx != NULL, -1);
     xmlSecAssert2(dsigRefCtx->dsigCtx != NULL, -1);
     xmlSecAssert2(dsigRefCtx->digestMethod == NULL, -1);
@@ -1436,183 +1436,183 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
     /* set start URI (and check that it is enabled!) */
     ret = xmlSecTransformCtxSetUri(transformCtx, dsigRefCtx->uri, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxSetUri",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(dsigRefCtx->uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxSetUri",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(dsigRefCtx->uri));
+        return(-1);
     }
 
     /* first is optional Transforms node */
     cur  = xmlSecGetNextElementNode(node->children);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeTransforms, xmlSecDSigNs))) {
-	ret = xmlSecTransformCtxNodesListRead(transformCtx, 
-					cur, xmlSecTransformUsageDSigTransform);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxNodesListRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}	
-        
-	cur = xmlSecGetNextElementNode(cur->next);
+        ret = xmlSecTransformCtxNodesListRead(transformCtx,
+                                        cur, xmlSecTransformUsageDSigTransform);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodesListRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* insert membuf if requested */
     if(((dsigRefCtx->origin == xmlSecDSigReferenceOriginSignedInfo) &&
-	((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES) != 0)) ||
+        ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_SIGNEDINFO_REFERENCES) != 0)) ||
        ((dsigRefCtx->origin == xmlSecDSigReferenceOriginManifest) &&
-	((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES) != 0))) {
-
-	xmlSecAssert2(dsigRefCtx->preDigestMemBufMethod == NULL, -1);
-	dsigRefCtx->preDigestMemBufMethod = xmlSecTransformCtxCreateAndAppend(
-						transformCtx, 
-						xmlSecTransformMemBufId);
-	if(dsigRefCtx->preDigestMemBufMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"transform=%s",
-			xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
-	    return(-1);
-	}
-    }
-        
+        ((dsigRefCtx->dsigCtx->flags & XMLSEC_DSIG_FLAGS_STORE_MANIFEST_REFERENCES) != 0))) {
+
+        xmlSecAssert2(dsigRefCtx->preDigestMemBufMethod == NULL, -1);
+        dsigRefCtx->preDigestMemBufMethod = xmlSecTransformCtxCreateAndAppend(
+                                                transformCtx,
+                                                xmlSecTransformMemBufId);
+        if(dsigRefCtx->preDigestMemBufMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "transform=%s",
+                        xmlSecErrorsSafeString(xmlSecTransformKlassGetName(xmlSecTransformMemBufId)));
+            return(-1);
+        }
+    }
+
     /* next node is required DigestMethod. */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDigestMethod, xmlSecDSigNs))) {
-	dsigRefCtx->digestMethod = xmlSecTransformCtxNodeRead(&(dsigRefCtx->transformCtx), 
-					cur, xmlSecTransformUsageDigestMethod);
-	if(dsigRefCtx->digestMethod == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);	
-	}	
-	
-	cur = xmlSecGetNextElementNode(cur->next);     
+        dsigRefCtx->digestMethod = xmlSecTransformCtxNodeRead(&(dsigRefCtx->transformCtx),
+                                        cur, xmlSecTransformUsageDigestMethod);
+        if(dsigRefCtx->digestMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
+
+        cur = xmlSecGetNextElementNode(cur->next);
     } else if(dsigRefCtx->dsigCtx->defSignMethodId != xmlSecTransformIdUnknown) {
-	/* the dsig spec does require DigestMethod node
-	 * to be present but in some case it application might decide to
-	 * minimize traffic */
-	dsigRefCtx->digestMethod = xmlSecTransformCtxCreateAndAppend(&(dsigRefCtx->transformCtx), 
-							      dsigRefCtx->dsigCtx->defSignMethodId);
-	if(dsigRefCtx->digestMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        /* the dsig spec does require DigestMethod node
+         * to be present but in some case it application might decide to
+         * minimize traffic */
+        dsigRefCtx->digestMethod = xmlSecTransformCtxCreateAndAppend(&(dsigRefCtx->transformCtx),
+                                                              dsigRefCtx->dsigCtx->defSignMethodId);
+        if(dsigRefCtx->digestMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeDigestMethod));
-	return(-1);
-    }	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDigestMethod));
+        return(-1);
+    }
     dsigRefCtx->digestMethod->operation = dsigRefCtx->dsigCtx->operation;
 
     /* last node is required DigestValue */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeDigestValue, xmlSecDSigNs))) {
-	digestValueNode = cur;
-	cur = xmlSecGetNextElementNode(cur->next);     
+        digestValueNode = cur;
+        cur = xmlSecGetNextElementNode(cur->next);
     } else {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeDigestValue));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeDigestValue));
+        return(-1);
     }
 
     /* if we have something else then it's an error */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* if we need to write result to xml node then we need base64 encode result */
-    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {	
-	xmlSecTransformPtr base64Encode;
-	
-	/* we need to add base64 encode transform */
-	base64Encode = xmlSecTransformCtxCreateAndAppend(transformCtx, xmlSecTransformBase64Id);
-    	if(base64Encode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	base64Encode->operation = xmlSecTransformOperationEncode;
+    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+        xmlSecTransformPtr base64Encode;
+
+        /* we need to add base64 encode transform */
+        base64Encode = xmlSecTransformCtxCreateAndAppend(transformCtx, xmlSecTransformBase64Id);
+        if(base64Encode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        base64Encode->operation = xmlSecTransformOperationEncode;
     }
 
     /* finally get transforms results */
     ret = xmlSecTransformCtxExecute(transformCtx, node->doc);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxExecute",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     dsigRefCtx->result = transformCtx->result;
 
-    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {	
-	if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxExecute",
-	    		XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	/* write signed data to xml */
-	xmlNodeSetContentLen(digestValueNode,
-			    xmlSecBufferGetData(dsigRefCtx->result),
-			    xmlSecBufferGetSize(dsigRefCtx->result));
-    
-	/* set success status and we are done */
-	dsigRefCtx->status = xmlSecDSigStatusSucceeded;
+    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+        if((dsigRefCtx->result == NULL) || (xmlSecBufferGetData(dsigRefCtx->result) == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* write signed data to xml */
+        xmlNodeSetContentLen(digestValueNode,
+                            xmlSecBufferGetData(dsigRefCtx->result),
+                            xmlSecBufferGetSize(dsigRefCtx->result));
+
+        /* set success status and we are done */
+        dsigRefCtx->status = xmlSecDSigStatusSucceeded;
     } else {
-	/* verify SignatureValue node content */
-	ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod, 
-			    digestValueNode, transformCtx);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformVerifyNodeContent",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-    
+        /* verify SignatureValue node content */
+        ret = xmlSecTransformVerifyNodeContent(dsigRefCtx->digestMethod,
+                            digestValueNode, transformCtx);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformVerifyNodeContent",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
         /* set status and we are done */
-	if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) {
-	    dsigRefCtx->status = xmlSecDSigStatusSucceeded;
-	} else {
-    	    dsigRefCtx->status = xmlSecDSigStatusInvalid;
-	}
+        if(dsigRefCtx->digestMethod->status == xmlSecTransformStatusOk) {
+            dsigRefCtx->status = xmlSecDSigStatusSucceeded;
+        } else {
+            dsigRefCtx->status = xmlSecDSigStatusInvalid;
+        }
     }
 
     return(0);
@@ -1620,41 +1620,41 @@ xmlSecDSigReferenceCtxProcessNode(xmlSecDSigReferenceCtxPtr dsigRefCtx, xmlNodeP
 
 /**
  * xmlSecDSigReferenceCtxDebugDump:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
- * @output:		the pointer to output FILE.
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @dsigRefCtx to @output.
  */
-void 
+void
 xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* output) {
     xmlSecAssert(dsigRefCtx != NULL);
     xmlSecAssert(dsigRefCtx->dsigCtx != NULL);
     xmlSecAssert(output != NULL);
 
-    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "= REFERENCE CALCULATION CONTEXT\n");
+    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "= REFERENCE CALCULATION CONTEXT\n");
     } else {
-	fprintf(output, "= REFERENCE VERIFICATION CONTEXT\n");
+        fprintf(output, "= REFERENCE VERIFICATION CONTEXT\n");
     }
     switch(dsigRefCtx->status) {
-	case xmlSecDSigStatusUnknown:
-	    fprintf(output, "== Status: unknown\n");
-	    break;
-	case xmlSecDSigStatusSucceeded:
-	    fprintf(output, "== Status: succeeded\n");
-	    break;
-	case xmlSecDSigStatusInvalid:
-	    fprintf(output, "== Status: invalid\n");
-	    break;
+        case xmlSecDSigStatusUnknown:
+            fprintf(output, "== Status: unknown\n");
+            break;
+        case xmlSecDSigStatusSucceeded:
+            fprintf(output, "== Status: succeeded\n");
+            break;
+        case xmlSecDSigStatusInvalid:
+            fprintf(output, "== Status: invalid\n");
+            break;
     }
     if(dsigRefCtx->id != NULL) {
-	fprintf(output, "== Id: \"%s\"\n", dsigRefCtx->id);
+        fprintf(output, "== Id: \"%s\"\n", dsigRefCtx->id);
     }
     if(dsigRefCtx->uri != NULL) {
-	fprintf(output, "== URI: \"%s\"\n", dsigRefCtx->uri);
+        fprintf(output, "== URI: \"%s\"\n", dsigRefCtx->uri);
     }
     if(dsigRefCtx->type != NULL) {
-	fprintf(output, "== Type: \"%s\"\n", dsigRefCtx->type);
+        fprintf(output, "== Type: \"%s\"\n", dsigRefCtx->type);
     }
 
     fprintf(output, "== Reference Transform Ctx:\n");
@@ -1662,58 +1662,58 @@ xmlSecDSigReferenceCtxDebugDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* outp
 
     if(dsigRefCtx->digestMethod != NULL) {
         fprintf(output, "== Digest Method:\n");
-	xmlSecTransformDebugDump(dsigRefCtx->digestMethod, output);
+        xmlSecTransformDebugDump(dsigRefCtx->digestMethod, output);
     }
 
     if((xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx) != NULL) &&
        (xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
-       
-	fprintf(output, "== PreDigest data - start buffer:\n");
-	fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)), 
-	       xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)), 
-	       1, output);
-	fprintf(output, "\n== PreDigest data - end buffer\n");       
+
+        fprintf(output, "== PreDigest data - start buffer:\n");
+        fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+               xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+               1, output);
+        fprintf(output, "\n== PreDigest data - end buffer\n");
     }
 
-    if((dsigRefCtx->result != NULL) && 
+    if((dsigRefCtx->result != NULL) &&
        (xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
 
-	fprintf(output, "== Result - start buffer:\n");
-	fwrite(xmlSecBufferGetData(dsigRefCtx->result), 
-	       xmlSecBufferGetSize(dsigRefCtx->result), 1,
-	       output);
-	fprintf(output, "\n== Result - end buffer\n");
+        fprintf(output, "== Result - start buffer:\n");
+        fwrite(xmlSecBufferGetData(dsigRefCtx->result),
+               xmlSecBufferGetSize(dsigRefCtx->result), 1,
+               output);
+        fprintf(output, "\n== Result - end buffer\n");
     }
 }
 
 /**
  * xmlSecDSigReferenceCtxDebugXmlDump:
- * @dsigRefCtx:		the pointer to <dsig:Reference/> element processing context.
- * @output:		the pointer to output FILE.
+ * @dsigRefCtx:         the pointer to <dsig:Reference/> element processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints debug information about @dsigRefCtx to @output in output format.
  */
-void 
+void
 xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* output) {
     xmlSecAssert(dsigRefCtx != NULL);
     xmlSecAssert(dsigRefCtx->dsigCtx != NULL);
     xmlSecAssert(output != NULL);
 
-    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "<ReferenceCalculationContext ");
+    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "<ReferenceCalculationContext ");
     } else {
-	fprintf(output, "<ReferenceVerificationContext ");
+        fprintf(output, "<ReferenceVerificationContext ");
     }
     switch(dsigRefCtx->status) {
-	case xmlSecDSigStatusUnknown:
-	    fprintf(output, "status=\"unknown\" >\n");
-	    break;
-	case xmlSecDSigStatusSucceeded:
-	    fprintf(output, "status=\"succeeded\" >\n");
-	    break;
-	case xmlSecDSigStatusInvalid:
-	    fprintf(output, "status=\"invalid\" >\n");
-	    break;
+        case xmlSecDSigStatusUnknown:
+            fprintf(output, "status=\"unknown\" >\n");
+            break;
+        case xmlSecDSigStatusSucceeded:
+            fprintf(output, "status=\"succeeded\" >\n");
+            break;
+        case xmlSecDSigStatusInvalid:
+            fprintf(output, "status=\"invalid\" >\n");
+            break;
     }
 
     fprintf(output, "<Id>");
@@ -1734,33 +1734,33 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
 
     if(dsigRefCtx->digestMethod != NULL) {
         fprintf(output, "<DigestMethod>\n");
-	xmlSecTransformDebugXmlDump(dsigRefCtx->digestMethod, output);
+        xmlSecTransformDebugXmlDump(dsigRefCtx->digestMethod, output);
         fprintf(output, "</DigestMethod>\n");
     }
 
-    if((dsigRefCtx->result != NULL) && 
+    if((dsigRefCtx->result != NULL) &&
        (xmlSecBufferGetData(dsigRefCtx->result) != NULL)) {
 
-	fprintf(output, "<Result>");
-	fwrite(xmlSecBufferGetData(dsigRefCtx->result), 
-	       xmlSecBufferGetSize(dsigRefCtx->result), 1,
-	       output);
-	fprintf(output, "</Result>\n");
+        fprintf(output, "<Result>");
+        fwrite(xmlSecBufferGetData(dsigRefCtx->result),
+               xmlSecBufferGetSize(dsigRefCtx->result), 1,
+               output);
+        fprintf(output, "</Result>\n");
     }
 
     if((xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx) != NULL) &&
        (xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)) != NULL)) {
-       
-	fprintf(output, "<PreDigestData>");
-	fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)), 
-	       xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)), 
-	       1, output);
-	fprintf(output, "</PreDigestData>\n");       
-    }
-    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {    
-	fprintf(output, "</ReferenceCalculationContext>\n");
+
+        fprintf(output, "<PreDigestData>");
+        fwrite(xmlSecBufferGetData(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+               xmlSecBufferGetSize(xmlSecDSigReferenceCtxGetPreDigestBuffer(dsigRefCtx)),
+               1, output);
+        fprintf(output, "</PreDigestData>\n");
+    }
+    if(dsigRefCtx->dsigCtx->operation == xmlSecTransformOperationSign) {
+        fprintf(output, "</ReferenceCalculationContext>\n");
     } else {
-	fprintf(output, "</ReferenceVerificationContext>\n");
+        fprintf(output, "</ReferenceVerificationContext>\n");
     }
 }
 
@@ -1772,10 +1772,10 @@ xmlSecDSigReferenceCtxDebugXmlDump(xmlSecDSigReferenceCtxPtr dsigRefCtx, FILE* o
  *************************************************************************/
 static xmlSecPtrListKlass xmlSecDSigReferenceCtxListKlass = {
     BAD_CAST "dsig-reference-list",
-    NULL,								/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecDSigReferenceCtxDestroy,		/* xmlSecPtrDestroyItemMethod destroyItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecDSigReferenceCtxDebugDump,	/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    (xmlSecPtrDebugDumpItemMethod)xmlSecDSigReferenceCtxDebugXmlDump,	/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecDSigReferenceCtxDestroy,          /* xmlSecPtrDestroyItemMethod destroyItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecDSigReferenceCtxDebugDump,      /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    (xmlSecPtrDebugDumpItemMethod)xmlSecDSigReferenceCtxDebugXmlDump,   /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
 /**
@@ -1785,7 +1785,7 @@ static xmlSecPtrListKlass xmlSecDSigReferenceCtxListKlass = {
  *
  * Returns: <dsig:Reference/> element processing context list klass.
  */
-xmlSecPtrListId 
+xmlSecPtrListId
 xmlSecDSigReferenceCtxListGetKlass(void) {
     return(&xmlSecDSigReferenceCtxListKlass);
 }
diff --git a/src/xmlenc.c b/src/xmlenc.c
index cd226a5a..44c98779 100644
--- a/src/xmlenc.c
+++ b/src/xmlenc.c
@@ -1,24 +1,24 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * "XML Encryption" implementation
  *  http://www.w3.org/TR/xmlenc-core
- * 
+ *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
 
 #ifndef XMLSEC_NO_XMLENC
- 
+
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 
 #include <libxml/tree.h>
-#include <libxml/parser.h> 
+#include <libxml/parser.h>
 
 #include <xmlsec/xmlsec.h>
 #include <xmlsec/buffer.h>
@@ -30,111 +30,111 @@
 #include <xmlsec/xmlenc.h>
 #include <xmlsec/errors.h>
 
-static int 	xmlSecEncCtxEncDataNodeRead		(xmlSecEncCtxPtr encCtx, 
-							 xmlNodePtr node);
-static int 	xmlSecEncCtxEncDataNodeWrite		(xmlSecEncCtxPtr encCtx);
-static int 	xmlSecEncCtxCipherDataNodeRead		(xmlSecEncCtxPtr encCtx, 
-							 xmlNodePtr node);
-static int 	xmlSecEncCtxCipherReferenceNodeRead	(xmlSecEncCtxPtr encCtx, 
-							 xmlNodePtr node);
+static int      xmlSecEncCtxEncDataNodeRead             (xmlSecEncCtxPtr encCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecEncCtxEncDataNodeWrite            (xmlSecEncCtxPtr encCtx);
+static int      xmlSecEncCtxCipherDataNodeRead          (xmlSecEncCtxPtr encCtx,
+                                                         xmlNodePtr node);
+static int      xmlSecEncCtxCipherReferenceNodeRead     (xmlSecEncCtxPtr encCtx,
+                                                         xmlNodePtr node);
 
 /* The ID attribute in XMLEnc is 'Id' */
-static const xmlChar*		xmlSecEncIds[] = { BAD_CAST "Id", NULL };
+static const xmlChar*           xmlSecEncIds[] = { BAD_CAST "Id", NULL };
 
 
 /**
  * xmlSecEncCtxCreate:
- * @keysMngr: 		the pointer to keys manager.
+ * @keysMngr:           the pointer to keys manager.
  *
  * Creates <enc:EncryptedData/> element processing context.
- * The caller is responsible for destroying returend object by calling 
+ * The caller is responsible for destroying returned object by calling
  * #xmlSecEncCtxDestroy function.
  *
  * Returns: pointer to newly allocated context object or NULL if an error
  * occurs.
  */
-xmlSecEncCtxPtr	
+xmlSecEncCtxPtr
 xmlSecEncCtxCreate(xmlSecKeysMngrPtr keysMngr) {
     xmlSecEncCtxPtr encCtx;
     int ret;
-    
+
     encCtx = (xmlSecEncCtxPtr) xmlMalloc(sizeof(xmlSecEncCtx));
     if(encCtx == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecEncCtx)=%d", 
-		    sizeof(xmlSecEncCtx));
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecEncCtx)=%d",
+                    sizeof(xmlSecEncCtx));
+        return(NULL);
+    }
+
     ret = xmlSecEncCtxInitialize(encCtx, keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecEncCtxDestroy(encCtx);
-	return(NULL);   
-    }
-    return(encCtx);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecEncCtxDestroy(encCtx);
+        return(NULL);
+    }
+    return(encCtx);
 }
 
 /**
  * xmlSecEncCtxDestroy:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
  *
  * Destroy context object created with #xmlSecEncCtxCreate function.
  */
-void  
+void
 xmlSecEncCtxDestroy(xmlSecEncCtxPtr encCtx) {
     xmlSecAssert(encCtx != NULL);
-    
+
     xmlSecEncCtxFinalize(encCtx);
     xmlFree(encCtx);
 }
 
 /**
  * xmlSecEncCtxInitialize:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @keysMngr: 		the pointer to keys manager.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @keysMngr:           the pointer to keys manager.
  *
  * Initializes <enc:EncryptedData/> element processing context.
- * The caller is responsible for cleaing up returend object by calling 
+ * The caller is responsible for cleaning up returned object by calling
  * #xmlSecEncCtxFinalize function.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecEncCtxInitialize(xmlSecEncCtxPtr encCtx, xmlSecKeysMngrPtr keysMngr) {
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
-    
+
     memset(encCtx, 0, sizeof(xmlSecEncCtx));
 
     /* initialize key info */
     ret = xmlSecKeyInfoCtxInitialize(&(encCtx->keyInfoReadCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     encCtx->keyInfoReadCtx.mode = xmlSecKeyInfoModeRead;
-    
+
     ret = xmlSecKeyInfoCtxInitialize(&(encCtx->keyInfoWriteCtx), keysMngr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     encCtx->keyInfoWriteCtx.mode = xmlSecKeyInfoModeWrite;
     /* it's not wise to write private key :) */
@@ -143,12 +143,12 @@ xmlSecEncCtxInitialize(xmlSecEncCtxPtr encCtx, xmlSecKeysMngrPtr keysMngr) {
     /* initializes transforms encCtx */
     ret = xmlSecTransformCtxInitialize(&(encCtx->transformCtx));
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);   
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
@@ -156,16 +156,16 @@ xmlSecEncCtxInitialize(xmlSecEncCtxPtr encCtx, xmlSecKeysMngrPtr keysMngr) {
 
 /**
  * xmlSecEncCtxFinalize:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
  *
  * Cleans up @encCtx object.
  */
-void 
+void
 xmlSecEncCtxFinalize(xmlSecEncCtxPtr encCtx) {
     xmlSecAssert(encCtx != NULL);
 
     xmlSecEncCtxReset(encCtx);
-    
+
     xmlSecTransformCtxFinalize(&(encCtx->transformCtx));
     xmlSecKeyInfoCtxFinalize(&(encCtx->keyInfoReadCtx));
     xmlSecKeyInfoCtxFinalize(&(encCtx->keyInfoWriteCtx));
@@ -175,290 +175,290 @@ xmlSecEncCtxFinalize(xmlSecEncCtxPtr encCtx) {
 
 /**
  * xmlSecEncCtxReset:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
  *
  * Resets @encCtx object, user settings are not touched.
  */
-void 
+void
 xmlSecEncCtxReset(xmlSecEncCtxPtr encCtx) {
     xmlSecAssert(encCtx != NULL);
-    
+
     xmlSecTransformCtxReset(&(encCtx->transformCtx));
     xmlSecKeyInfoCtxReset(&(encCtx->keyInfoReadCtx));
     xmlSecKeyInfoCtxReset(&(encCtx->keyInfoWriteCtx));
 
-    encCtx->operation 		= xmlSecTransformOperationNone;
-    encCtx->result		= NULL;
+    encCtx->operation           = xmlSecTransformOperationNone;
+    encCtx->result              = NULL;
     encCtx->resultBase64Encoded = 0;
-    encCtx->resultReplaced	= 0;
-    encCtx->encMethod		= NULL;
-    
-    if (encCtx->replacedNodeList != NULL) { 
-	  	xmlFreeNodeList(encCtx->replacedNodeList);
-    	encCtx->replacedNodeList = NULL;
-    }
-    
+    encCtx->resultReplaced      = 0;
+    encCtx->encMethod           = NULL;
+
+    if (encCtx->replacedNodeList != NULL) {
+                xmlFreeNodeList(encCtx->replacedNodeList);
+        encCtx->replacedNodeList = NULL;
+    }
+
     if(encCtx->encKey != NULL) {
-	    xmlSecKeyDestroy(encCtx->encKey);
-	    encCtx->encKey = NULL;
+            xmlSecKeyDestroy(encCtx->encKey);
+            encCtx->encKey = NULL;
     }
-    
+
     if(encCtx->id != NULL) {
-	    xmlFree(encCtx->id);
-	    encCtx->id = NULL;
-    }	
+            xmlFree(encCtx->id);
+            encCtx->id = NULL;
+    }
 
     if(encCtx->type != NULL) {
-	    xmlFree(encCtx->type);
-	    encCtx->type = NULL;
+            xmlFree(encCtx->type);
+            encCtx->type = NULL;
     }
 
     if(encCtx->mimeType != NULL) {
-	    xmlFree(encCtx->mimeType);
-	    encCtx->mimeType = NULL;
+            xmlFree(encCtx->mimeType);
+            encCtx->mimeType = NULL;
     }
 
     if(encCtx->encoding != NULL) {
-	    xmlFree(encCtx->encoding);
-	    encCtx->encoding = NULL;
-    }	
+            xmlFree(encCtx->encoding);
+            encCtx->encoding = NULL;
+    }
 
     if(encCtx->recipient != NULL) {
-	    xmlFree(encCtx->recipient);
-	    encCtx->recipient = NULL;
+            xmlFree(encCtx->recipient);
+            encCtx->recipient = NULL;
     }
 
     if(encCtx->carriedKeyName != NULL) {
-	    xmlFree(encCtx->carriedKeyName);
-	    encCtx->carriedKeyName = NULL;
+            xmlFree(encCtx->carriedKeyName);
+            encCtx->carriedKeyName = NULL;
     }
-    
-    encCtx->encDataNode = encCtx->encMethodNode = 
-	encCtx->keyInfoNode = encCtx->cipherValueNode = NULL;
+
+    encCtx->encDataNode = encCtx->encMethodNode =
+        encCtx->keyInfoNode = encCtx->cipherValueNode = NULL;
 }
 
 /**
  * xmlSecEncCtxCopyUserPref:
- * @dst:		the pointer to destination context.
- * @src:		the pointer to source context.
- * 
+ * @dst:                the pointer to destination context.
+ * @src:                the pointer to source context.
+ *
  * Copies user preference from @src context to @dst.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecEncCtxCopyUserPref(xmlSecEncCtxPtr dst, xmlSecEncCtxPtr src) {
     int ret;
-    
+
     xmlSecAssert2(dst != NULL, -1);
     xmlSecAssert2(src != NULL, -1);
 
-    dst->userData 	= src->userData;
-    dst->flags		= src->flags;
-    dst->flags2		= src->flags2;
+    dst->userData       = src->userData;
+    dst->flags          = src->flags;
+    dst->flags2         = src->flags2;
     dst->defEncMethodId = src->defEncMethodId;
-    dst->mode 		= src->mode;
-    
+    dst->mode           = src->mode;
+
     ret = xmlSecTransformCtxCopyUserPref(&(dst->transformCtx), &(src->transformCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoReadCtx), &(src->keyInfoReadCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecKeyInfoCtxCopyUserPref(&(dst->keyInfoWriteCtx), &(src->keyInfoWriteCtx));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyInfoCtxCopyUserPref",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyInfoCtxCopyUserPref",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
-} 
+}
 
 /**
  * xmlSecEncCtxBinaryEncrypt:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @tmpl:		the pointer to <enc:EncryptedData/> template node.
- * @data:		the pointer for binary buffer.
- * @dataSize:		the @data buffer size.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @tmpl:               the pointer to <enc:EncryptedData/> template node.
+ * @data:               the pointer for binary buffer.
+ * @dataSize:           the @data buffer size.
  *
  * Encrypts @data according to template @tmpl.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
-xmlSecEncCtxBinaryEncrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr tmpl, 
-			  const xmlSecByte* data, xmlSecSize dataSize) {
+int
+xmlSecEncCtxBinaryEncrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr tmpl,
+                          const xmlSecByte* data, xmlSecSize dataSize) {
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(encCtx->result == NULL, -1);
     xmlSecAssert2(tmpl != NULL, -1);
     xmlSecAssert2(data != NULL, -1);
 
-    /* initialize context and add ID atributes to the list of known ids */    
+    /* initialize context and add ID atributes to the list of known ids */
     encCtx->operation = xmlSecTransformOperationEncrypt;
     xmlSecAddIDs(tmpl->doc, tmpl, xmlSecEncIds);
 
     /* read the template and set encryption method, key, etc. */
     ret = xmlSecEncCtxEncDataNodeRead(encCtx, tmpl);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecTransformCtxBinaryExecute(&(encCtx->transformCtx), data, dataSize);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxBinaryExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "dataSize=%d",
-		    dataSize);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxBinaryExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "dataSize=%d",
+                    dataSize);
+        return(-1);
     }
 
     encCtx->result = encCtx->transformCtx.result;
     xmlSecAssert2(encCtx->result != NULL, -1);
-    
+
     ret = xmlSecEncCtxEncDataNodeWrite(encCtx);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    return(0);    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+    return(0);
 }
 
 /**
  * xmlSecEncCtxXmlEncrypt:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @tmpl:		the pointer to <enc:EncryptedData/> template node.
- * @node:		the pointer to node for encryption.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @tmpl:               the pointer to <enc:EncryptedData/> template node.
+ * @node:               the pointer to node for encryption.
  *
  * Encrypts @node according to template @tmpl. If requested, @node is replaced
  * with result <enc:EncryptedData/> node.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecEncCtxXmlEncrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr tmpl, xmlNodePtr node) {
     xmlOutputBufferPtr output;
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(encCtx->result == NULL, -1);
     xmlSecAssert2(tmpl != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(node->doc != NULL, -1);
 
-    /* initialize context and add ID atributes to the list of known ids */    
+    /* initialize context and add ID atributes to the list of known ids */
     encCtx->operation = xmlSecTransformOperationEncrypt;
     xmlSecAddIDs(tmpl->doc, tmpl, xmlSecEncIds);
 
     /* read the template and set encryption method, key, etc. */
     ret = xmlSecEncCtxEncDataNodeRead(encCtx, tmpl);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecTransformCtxPrepare(&(encCtx->transformCtx), xmlSecTransformDataTypeBin);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxPrepare",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "type=bin");
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxPrepare",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=bin");
+        return(-1);
+    }
+
     xmlSecAssert2(encCtx->transformCtx.first != NULL, -1);
-    output = xmlSecTransformCreateOutputBuffer(encCtx->transformCtx.first, 
-						&(encCtx->transformCtx));
+    output = xmlSecTransformCreateOutputBuffer(encCtx->transformCtx.first,
+                                                &(encCtx->transformCtx));
     if(output == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->transformCtx.first)),
-		    "xmlSecTransformCreateOutputBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->transformCtx.first)),
+                    "xmlSecTransformCreateOutputBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* push data thru */
     if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncElement)) {
-	/* get the content of the node */
-	xmlNodeDumpOutput(output, node->doc, node, 0, 0, NULL);
+        /* get the content of the node */
+        xmlNodeDumpOutput(output, node->doc, node, 0, 0, NULL);
     } else if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncContent)) {
-	xmlNodePtr cur;
+        xmlNodePtr cur;
 
-	/* get the content of the nodes childs */
-	for(cur = node->children; cur != NULL; cur = cur->next) {
-	    xmlNodeDumpOutput(output, node->doc, cur, 0, 0, NULL);
-	}
+        /* get the content of the nodes childs */
+        for(cur = node->children; cur != NULL; cur = cur->next) {
+            xmlNodeDumpOutput(output, node->doc, cur, 0, 0, NULL);
+        }
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_TYPE,
-		    "type=%s", 
-		    xmlSecErrorsSafeString(encCtx->type));
-	xmlOutputBufferClose(output);
-	return(-1);	    	
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_TYPE,
+                    "type=%s",
+                    xmlSecErrorsSafeString(encCtx->type));
+        xmlOutputBufferClose(output);
+        return(-1);
+    }
+
     /* close the buffer and flush everything */
     ret = xmlOutputBufferClose(output);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlOutputBufferClose",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlOutputBufferClose",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     encCtx->result = encCtx->transformCtx.result;
     xmlSecAssert2(encCtx->result != NULL, -1);
-    
+
     ret = xmlSecEncCtxEncDataNodeWrite(encCtx);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-    	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* now we need to update our original document */
     if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncElement)) {
         /* check if we need to return the replaced node */
@@ -477,213 +477,213 @@ xmlSecEncCtxXmlEncrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr tmpl, xmlNodePtr node)
             ret = xmlSecReplaceNode(node, tmpl);
             if(ret < 0) {
                 xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecReplaceNode",
-		            XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		            "node=%s",
-		            xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                            NULL,
+                            "xmlSecReplaceNode",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
                 return(-1);
             }
         }
 
-	    encCtx->resultReplaced = 1;			       
+            encCtx->resultReplaced = 1;
     } else if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncContent)) {
         /* check if we need to return the replaced node */
-        if((encCtx->flags & XMLSEC_ENC_RETURN_REPLACED_NODE) != 0) {        
+        if((encCtx->flags & XMLSEC_ENC_RETURN_REPLACED_NODE) != 0) {
             ret = xmlSecReplaceContentAndReturn(node, tmpl, &(encCtx->replacedNodeList));
             if(ret < 0) {
                 xmlSecError(XMLSEC_ERRORS_HERE,
-	                NULL,
-	                "xmlSecReplaceContentAndReturn",
-	                XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	                "node=%s",
-	                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                        NULL,
+                        "xmlSecReplaceContentAndReturn",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
                 return(-1);
             }
         } else {
             ret = xmlSecReplaceContent(node, tmpl);
             if(ret < 0) {
                 xmlSecError(XMLSEC_ERRORS_HERE,
-	                NULL,
-	                "xmlSecReplaceContent",
-	                XMLSEC_ERRORS_R_XMLSEC_FAILED,
-	                "node=%s",
-	                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                        NULL,
+                        "xmlSecReplaceContent",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
                 return(-1);
             }
         }
 
-        encCtx->resultReplaced = 1;			       
+        encCtx->resultReplaced = 1;
     } else {
-	    /* we should've catached this error before */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        NULL,
-		        XMLSEC_ERRORS_R_INVALID_TYPE,
-		        "type=%s", 
-		        xmlSecErrorsSafeString(encCtx->type));
-	    return(-1);	    	
-    }
-    return(0);    
+            /* we should've catached this error before */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_INVALID_TYPE,
+                        "type=%s",
+                        xmlSecErrorsSafeString(encCtx->type));
+            return(-1);
+    }
+    return(0);
 }
 
 /**
  * xmlSecEncCtxUriEncrypt:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @tmpl:		the pointer to <enc:EncryptedData/> template node.
- * @uri:		the URI.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @tmpl:               the pointer to <enc:EncryptedData/> template node.
+ * @uri:                the URI.
  *
  * Encrypts data from @uri according to template @tmpl.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecEncCtxUriEncrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr tmpl, const xmlChar *uri) {
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(encCtx->result == NULL, -1);
     xmlSecAssert2(tmpl != NULL, -1);
     xmlSecAssert2(uri != NULL, -1);
 
-    /* initialize context and add ID atributes to the list of known ids */    
+    /* initialize context and add ID atributes to the list of known ids */
     encCtx->operation = xmlSecTransformOperationEncrypt;
     xmlSecAddIDs(tmpl->doc, tmpl, xmlSecEncIds);
 
     /* we need to add input uri transform first */
     ret = xmlSecTransformCtxSetUri(&(encCtx->transformCtx), uri, tmpl);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxSetUri",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(uri));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxSetUri",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        return(-1);
     }
 
     /* read the template and set encryption method, key, etc. */
     ret = xmlSecEncCtxEncDataNodeRead(encCtx, tmpl);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* encrypt the data */
     ret = xmlSecTransformCtxExecute(&(encCtx->transformCtx), tmpl->doc);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-        
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     encCtx->result = encCtx->transformCtx.result;
     xmlSecAssert2(encCtx->result != NULL, -1);
-    
+
     ret = xmlSecEncCtxEncDataNodeWrite(encCtx);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeWrite",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeWrite",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     return(0);
 }
 
 /**
  * xmlSecEncCtxDecrypt:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @node:		the pointer to <enc:EncryptedData/> node.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @node:               the pointer to <enc:EncryptedData/> node.
  *
  * Decrypts @node and if necessary replaces @node with decrypted data.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecEncCtxDecrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     xmlSecBufferPtr buffer;
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* decrypt */
     buffer = xmlSecEncCtxDecryptToBuffer(encCtx, node);
     if(buffer == NULL) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxDecryptToBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxDecryptToBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
+
     /* replace original node if requested */
     if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncElement)) {
         /* check if we need to return the replaced node */
         if((encCtx->flags & XMLSEC_ENC_RETURN_REPLACED_NODE) != 0) {
-	        ret = xmlSecReplaceNodeBufferAndReturn(node, xmlSecBufferGetData(buffer),  xmlSecBufferGetSize(buffer), &(encCtx->replacedNodeList));
-	        if(ret < 0) {
-	            xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecReplaceNodeBufferAndReturn",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "node=%s",
-			        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	            return(-1);	    	
-	        }
+                ret = xmlSecReplaceNodeBufferAndReturn(node, xmlSecBufferGetData(buffer),  xmlSecBufferGetSize(buffer), &(encCtx->replacedNodeList));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecReplaceNodeBufferAndReturn",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "node=%s",
+                                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                    return(-1);
+                }
         } else {
-	        ret = xmlSecReplaceNodeBuffer(node, xmlSecBufferGetData(buffer),  xmlSecBufferGetSize(buffer));
-	        if(ret < 0) {
-	            xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecReplaceNodeBuffer",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "node=%s",
-			        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	            return(-1);	    	
-	        }
+                ret = xmlSecReplaceNodeBuffer(node, xmlSecBufferGetData(buffer),  xmlSecBufferGetSize(buffer));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecReplaceNodeBuffer",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "node=%s",
+                                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                    return(-1);
+                }
         }
 
-        encCtx->resultReplaced = 1;			       
+        encCtx->resultReplaced = 1;
     } else if((encCtx->type != NULL) && xmlStrEqual(encCtx->type, xmlSecTypeEncContent)) {
         /* replace the node with the buffer */
 
         /* check if we need to return the replaced node */
         if((encCtx->flags & XMLSEC_ENC_RETURN_REPLACED_NODE) != 0) {
-	        ret = xmlSecReplaceNodeBufferAndReturn(node, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), &(encCtx->replacedNodeList));
-	        if(ret < 0) {
-	            xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecReplaceNodeBufferAndReturn",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "node=%s",
-			        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	            return(-1);	    	
-	        }	
+                ret = xmlSecReplaceNodeBufferAndReturn(node, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer), &(encCtx->replacedNodeList));
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecReplaceNodeBufferAndReturn",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "node=%s",
+                                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                    return(-1);
+                }
         } else {
             ret = xmlSecReplaceNodeBuffer(node, xmlSecBufferGetData(buffer), xmlSecBufferGetSize(buffer));
-	        if(ret < 0) {
-	            xmlSecError(XMLSEC_ERRORS_HERE,
-			        NULL,
-			        "xmlSecReplaceNodeBuffer",
-			        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			        "node=%s",
-			        xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
-	            return(-1);	    	
-	        }	  
+                if(ret < 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlSecReplaceNodeBuffer",
+                                XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                                "node=%s",
+                                xmlSecErrorsSafeString(xmlSecNodeGetName(node)));
+                    return(-1);
+                }
         }
-    	encCtx->resultReplaced = 1;			       
+        encCtx->resultReplaced = 1;
     }
 
     return(0);
@@ -691,9 +691,9 @@ xmlSecEncCtxDecrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
 
 /**
  * xmlSecEncCtxDecryptToBuffer:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @node:		the pointer to <enc:EncryptedData/> node.
- * 
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @node:               the pointer to <enc:EncryptedData/> node.
+ *
  * Decrypts @node data to the @encCtx buffer.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -701,23 +701,23 @@ xmlSecEncCtxDecrypt(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
 xmlSecBufferPtr
 xmlSecEncCtxDecryptToBuffer(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, NULL);
     xmlSecAssert2(encCtx->result == NULL, NULL);
     xmlSecAssert2(node != NULL, NULL);
 
-    /* initialize context and add ID atributes to the list of known ids */    
+    /* initialize context and add ID atributes to the list of known ids */
     encCtx->operation = xmlSecTransformOperationDecrypt;
     xmlSecAddIDs(node->doc, node, xmlSecEncIds);
 
     ret = xmlSecEncCtxEncDataNodeRead(encCtx, node);
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxEncDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecEncCtxEncDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* decrypt the data */
@@ -725,84 +725,84 @@ xmlSecEncCtxDecryptToBuffer(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
         xmlChar* data = NULL;
         xmlSecSize dataSize = 0;
 
-	data = xmlNodeGetContent(encCtx->cipherValueNode);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->cipherValueNode)),
-			XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}	
-	dataSize = xmlStrlen(data);
+        data = xmlNodeGetContent(encCtx->cipherValueNode);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->cipherValueNode)),
+                        XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        dataSize = xmlStrlen(data);
 
         ret = xmlSecTransformCtxBinaryExecute(&(encCtx->transformCtx), data, dataSize);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxBinaryExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    if(data != NULL) {
-		xmlFree(data);
-	    }
-	    return(NULL);
-	}
-	if(data != NULL) {
-	    xmlFree(data);
-	}
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxBinaryExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            if(data != NULL) {
+                xmlFree(data);
+            }
+            return(NULL);
+        }
+        if(data != NULL) {
+            xmlFree(data);
+        }
     } else {
         ret = xmlSecTransformCtxExecute(&(encCtx->transformCtx), node->doc);
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxBinaryExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}
-    }
-    
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxBinaryExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+    }
+
     encCtx->result = encCtx->transformCtx.result;
     xmlSecAssert2(encCtx->result != NULL, NULL);
-    
+
     return(encCtx->result);
 }
 
-static int 
+static int
 xmlSecEncCtxEncDataNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2((encCtx->operation == xmlSecTransformOperationEncrypt) || (encCtx->operation == xmlSecTransformOperationDecrypt), -1);
     xmlSecAssert2(node != NULL, -1);
 
     switch(encCtx->mode) {
-	case xmlEncCtxModeEncryptedData:
-	    if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedData, xmlSecEncNs)) {
-    		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			    XMLSEC_ERRORS_R_INVALID_NODE,
-			    "expected=%s",
-			    xmlSecErrorsSafeString(xmlSecNodeEncryptedData));
-		return(-1);	    
-	    }
-	    break;
-	case xmlEncCtxModeEncryptedKey:
-	    if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedKey, xmlSecEncNs)) {
-    		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-			    XMLSEC_ERRORS_R_INVALID_NODE,
-			    "expected=%s",
-			    xmlSecErrorsSafeString(xmlSecNodeEncryptedKey));
-		return(-1);	    
-	    }
-	    break;
-    }
-    
+        case xmlEncCtxModeEncryptedData:
+            if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedData, xmlSecEncNs)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                            XMLSEC_ERRORS_R_INVALID_NODE,
+                            "expected=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeEncryptedData));
+                return(-1);
+            }
+            break;
+        case xmlEncCtxModeEncryptedKey:
+            if(!xmlSecCheckNodeName(node, xmlSecNodeEncryptedKey, xmlSecEncNs)) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                            XMLSEC_ERRORS_R_INVALID_NODE,
+                            "expected=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeEncryptedKey));
+                return(-1);
+            }
+            break;
+    }
+
     /* first read node data */
     xmlSecAssert2(encCtx->id == NULL, -1);
     xmlSecAssert2(encCtx->type == NULL, -1);
@@ -810,390 +810,390 @@ xmlSecEncCtxEncDataNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     xmlSecAssert2(encCtx->encoding == NULL, -1);
     xmlSecAssert2(encCtx->recipient == NULL, -1);
     xmlSecAssert2(encCtx->carriedKeyName == NULL, -1);
-    
+
     encCtx->id = xmlGetProp(node, xmlSecAttrId);
     encCtx->type = xmlGetProp(node, xmlSecAttrType);
     encCtx->mimeType = xmlGetProp(node, xmlSecAttrMimeType);
-    encCtx->encoding = xmlGetProp(node, xmlSecAttrEncoding);    
+    encCtx->encoding = xmlGetProp(node, xmlSecAttrEncoding);
     if(encCtx->mode == xmlEncCtxModeEncryptedKey) {
-	encCtx->recipient = xmlGetProp(node, xmlSecAttrRecipient);    
-	/* todo: check recipient? */
+        encCtx->recipient = xmlGetProp(node, xmlSecAttrRecipient);
+        /* todo: check recipient? */
     }
     cur = xmlSecGetNextElementNode(node->children);
-    
+
     /* first node is optional EncryptionMethod, we'll read it later */
     xmlSecAssert2(encCtx->encMethodNode == NULL, -1);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionMethod, xmlSecEncNs))) {
-	encCtx->encMethodNode = cur;
+        encCtx->encMethodNode = cur;
         cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* next node is optional KeyInfo, we'll process it later */
     xmlSecAssert2(encCtx->keyInfoNode == NULL, -1);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeKeyInfo, xmlSecDSigNs))) {
-	encCtx->keyInfoNode = cur;
-	cur = xmlSecGetNextElementNode(cur->next);
-    }    
+        encCtx->keyInfoNode = cur;
+        cur = xmlSecGetNextElementNode(cur->next);
+    }
 
     /* next is required CipherData node */
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeCipherData, xmlSecEncNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "node=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeCipherData));
-	return(-1);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "node=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeCipherData));
+        return(-1);
+    }
+
     ret = xmlSecEncCtxCipherDataNodeRead(encCtx, cur);
     if(ret < 0) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecEncCtxCipherDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+                    NULL,
+                    "xmlSecEncCtxCipherDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     cur = xmlSecGetNextElementNode(cur->next);
 
     /* next is optional EncryptionProperties node (we simply ignore it) */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeEncryptionProperties, xmlSecEncNs))) {
-	cur = xmlSecGetNextElementNode(cur->next);
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* there are more possible nodes for the <EncryptedKey> node */
     if(encCtx->mode == xmlEncCtxModeEncryptedKey) {
-	/* next is optional ReferenceList node (we simply ignore it) */
+        /* next is optional ReferenceList node (we simply ignore it) */
         if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeReferenceList, xmlSecEncNs))) {
-	    cur = xmlSecGetNextElementNode(cur->next);
-	}
+            cur = xmlSecGetNextElementNode(cur->next);
+        }
 
         /* next is optional CarriedKeyName node (we simply ignore it) */
-	if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCarriedKeyName, xmlSecEncNs))) {
-	    encCtx->carriedKeyName = xmlNodeGetContent(cur);
-	    if(encCtx->carriedKeyName == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-			    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-			    "node=%s",
-			    xmlSecErrorsSafeString(xmlSecNodeCipherData));
-		return(-1);
-	    }
-	    /* TODO: decode the name? */
-	    cur = xmlSecGetNextElementNode(cur->next);
-	}
+        if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCarriedKeyName, xmlSecEncNs))) {
+            encCtx->carriedKeyName = xmlNodeGetContent(cur);
+            if(encCtx->carriedKeyName == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                            XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeCipherData));
+                return(-1);
+            }
+            /* TODO: decode the name? */
+            cur = xmlSecGetNextElementNode(cur->next);
+        }
     }
 
     /* if there is something left than it's an error */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     /* now read the encryption method node */
     xmlSecAssert2(encCtx->encMethod == NULL, -1);
     if(encCtx->encMethodNode != NULL) {
-	encCtx->encMethod = xmlSecTransformCtxNodeRead(&(encCtx->transformCtx), encCtx->encMethodNode,
-						xmlSecTransformUsageEncryptionMethod);
-	if(encCtx->encMethod == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSecTransformCtxNodeRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode)));
-	    return(-1);	    
-	}	
+        encCtx->encMethod = xmlSecTransformCtxNodeRead(&(encCtx->transformCtx), encCtx->encMethodNode,
+                                                xmlSecTransformUsageEncryptionMethod);
+        if(encCtx->encMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode)));
+            return(-1);
+        }
     } else if(encCtx->defEncMethodId != xmlSecTransformIdUnknown) {
-	encCtx->encMethod = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), 
-							      encCtx->defEncMethodId);
-	if(encCtx->encMethod == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        encCtx->encMethod = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx),
+                                                              encCtx->defEncMethodId);
+        if(encCtx->encMethod == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_DATA,
-		    "encryption method not specified");
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_DATA,
+                    "encryption method not specified");
+        return(-1);
     }
     encCtx->encMethod->operation = encCtx->operation;
-    
+
     /* we have encryption method, find key */
     ret = xmlSecTransformSetKeyReq(encCtx->encMethod, &(encCtx->keyInfoReadCtx.keyReq));
     if(ret < 0) {
-    	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformSetKeyReq",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
-	return(-1);
-    }	
-
-    /* TODO: KeyInfo node != NULL and encKey != NULL */    	
-    if((encCtx->encKey == NULL) && (encCtx->keyInfoReadCtx.keysMngr != NULL) 
-			&& (encCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
-	encCtx->encKey = (encCtx->keyInfoReadCtx.keysMngr->getKey)(encCtx->keyInfoNode, 
-							     &(encCtx->keyInfoReadCtx));
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformSetKeyReq",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
+        return(-1);
+    }
+
+    /* TODO: KeyInfo node != NULL and encKey != NULL */
+    if((encCtx->encKey == NULL) && (encCtx->keyInfoReadCtx.keysMngr != NULL)
+                        && (encCtx->keyInfoReadCtx.keysMngr->getKey != NULL)) {
+        encCtx->encKey = (encCtx->keyInfoReadCtx.keysMngr->getKey)(encCtx->keyInfoNode,
+                                                             &(encCtx->keyInfoReadCtx));
+    }
+
     /* check that we have exactly what we want */
-    if((encCtx->encKey == NULL) || 
+    if((encCtx->encKey == NULL) ||
        (!xmlSecKeyMatch(encCtx->encKey, NULL, &(encCtx->keyInfoReadCtx.keyReq)))) {
 
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_KEY_NOT_FOUND,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_KEY_NOT_FOUND,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     /* set the key to the transform */
     ret = xmlSecTransformSetKey(encCtx->encMethod, encCtx->encKey);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformSetKey",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "transform=%s",
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformSetKey",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "transform=%s",
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(encCtx->encMethod)));
+        return(-1);
     }
 
     /* if we need to write result to xml node then we need base64 encode it */
-    if((encCtx->operation == xmlSecTransformOperationEncrypt) && (encCtx->cipherValueNode != NULL)) {	
-	xmlSecTransformPtr base64Encode;
-	
-	/* we need to add base64 encode transform */
-	base64Encode = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), xmlSecTransformBase64Id);
-    	if(base64Encode == NULL) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecTransformCtxCreateAndAppend",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	base64Encode->operation 	= xmlSecTransformOperationEncode;
-	encCtx->resultBase64Encoded 	= 1;
-    }
-    
+    if((encCtx->operation == xmlSecTransformOperationEncrypt) && (encCtx->cipherValueNode != NULL)) {
+        xmlSecTransformPtr base64Encode;
+
+        /* we need to add base64 encode transform */
+        base64Encode = xmlSecTransformCtxCreateAndAppend(&(encCtx->transformCtx), xmlSecTransformBase64Id);
+        if(base64Encode == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxCreateAndAppend",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+        base64Encode->operation         = xmlSecTransformOperationEncode;
+        encCtx->resultBase64Encoded     = 1;
+    }
+
     return(0);
 }
 
-static int 
+static int
 xmlSecEncCtxEncDataNodeWrite(xmlSecEncCtxPtr encCtx) {
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(encCtx->result != NULL, -1);
     xmlSecAssert2(encCtx->encKey != NULL, -1);
-    
+
     /* write encrypted data to xml (if requested) */
-    if(encCtx->cipherValueNode != NULL) {	
-	xmlSecAssert2(xmlSecBufferGetData(encCtx->result) != NULL, -1);
+    if(encCtx->cipherValueNode != NULL) {
+        xmlSecAssert2(xmlSecBufferGetData(encCtx->result) != NULL, -1);
 
-	xmlNodeSetContentLen(encCtx->cipherValueNode,
-			    xmlSecBufferGetData(encCtx->result),
-			    xmlSecBufferGetSize(encCtx->result));
-	encCtx->resultReplaced = 1;
+        xmlNodeSetContentLen(encCtx->cipherValueNode,
+                            xmlSecBufferGetData(encCtx->result),
+                            xmlSecBufferGetSize(encCtx->result));
+        encCtx->resultReplaced = 1;
     }
 
     /* update <enc:KeyInfo/> node */
     if(encCtx->keyInfoNode != NULL) {
-	ret = xmlSecKeyInfoNodeWrite(encCtx->keyInfoNode, encCtx->encKey, &(encCtx->keyInfoWriteCtx));
-	if(ret < 0) {
-    	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecKeyInfoNodeWrite",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-    }
-    
+        ret = xmlSecKeyInfoNodeWrite(encCtx->keyInfoNode, encCtx->encKey, &(encCtx->keyInfoWriteCtx));
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecKeyInfoNodeWrite",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+    }
+
     return(0);
 }
 
-static int 
+static int
 xmlSecEncCtxCipherDataNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     xmlNodePtr cur;
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     cur = xmlSecGetNextElementNode(node->children);
-    
+
     /* we either have CipherValue or CipherReference node  */
     xmlSecAssert2(encCtx->cipherValueNode == NULL, -1);
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCipherValue, xmlSecEncNs))) {
         /* don't need data from CipherData node when we are encrypting */
-	if(encCtx->operation == xmlSecTransformOperationDecrypt) {
-	    xmlSecTransformPtr base64Decode;
-	
-	    /* we need to add base64 decode transform */
-	    base64Decode = xmlSecTransformCtxCreateAndPrepend(&(encCtx->transformCtx), xmlSecTransformBase64Id);
-    	    if(base64Decode == NULL) {
-    		xmlSecError(XMLSEC_ERRORS_HERE,
-			    NULL,
-			    "xmlSecTransformCtxCreateAndPrepend",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-	        return(-1);
-	    }
-	}
-	encCtx->cipherValueNode = cur;
+        if(encCtx->operation == xmlSecTransformOperationDecrypt) {
+            xmlSecTransformPtr base64Decode;
+
+            /* we need to add base64 decode transform */
+            base64Decode = xmlSecTransformCtxCreateAndPrepend(&(encCtx->transformCtx), xmlSecTransformBase64Id);
+            if(base64Decode == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecTransformCtxCreateAndPrepend",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                return(-1);
+            }
+        }
+        encCtx->cipherValueNode = cur;
         cur = xmlSecGetNextElementNode(cur->next);
     } else if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeCipherReference, xmlSecEncNs))) {
         /* don't need data from CipherReference node when we are encrypting */
-	if(encCtx->operation == xmlSecTransformOperationDecrypt) {
-    	    ret = xmlSecEncCtxCipherReferenceNodeRead(encCtx, cur);
-	    if(ret < 0) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-		    	    NULL,
-			    "xmlSecEncCtxCipherReferenceNodeRead",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    "node=%s",
-			    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-		return(-1);	    
-	    }
-	}	
+        if(encCtx->operation == xmlSecTransformOperationDecrypt) {
+            ret = xmlSecEncCtxCipherReferenceNodeRead(encCtx, cur);
+            if(ret < 0) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecEncCtxCipherReferenceNodeRead",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+                return(-1);
+            }
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
-static int 
+static int
 xmlSecEncCtxCipherReferenceNodeRead(xmlSecEncCtxPtr encCtx, xmlNodePtr node) {
     xmlNodePtr cur;
     xmlChar* uri;
     int ret;
-    
+
     xmlSecAssert2(encCtx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
-    
+
     /* first read the optional uri attr and check that we can process it */
     uri = xmlGetProp(node, xmlSecAttrURI);
     ret = xmlSecTransformCtxSetUri(&(encCtx->transformCtx), uri, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformCtxSetUri",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "uri=%s",
-		    xmlSecErrorsSafeString(uri));
-	xmlFree(uri);
-	return(-1);	    
-    }		
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformCtxSetUri",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "uri=%s",
+                    xmlSecErrorsSafeString(uri));
+        xmlFree(uri);
+        return(-1);
+    }
     xmlFree(uri);
 
     cur = xmlSecGetNextElementNode(node->children);
-    
+
     /* the only one node is optional Transforms node */
     if((cur != NULL) && (xmlSecCheckNodeName(cur, xmlSecNodeTransforms, xmlSecEncNs))) {
-	ret = xmlSecTransformCtxNodesListRead(&(encCtx->transformCtx), cur,
-				    xmlSecTransformUsageDSigTransform);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		    	NULL,
-			"xmlSecTransformCtxNodesListRead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode)));
-	    return(-1);	    
-	}	
+        ret = xmlSecTransformCtxNodesListRead(&(encCtx->transformCtx), cur,
+                                    xmlSecTransformUsageDSigTransform);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecTransformCtxNodesListRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(encCtx->encMethodNode)));
+            return(-1);
+        }
         cur = xmlSecGetNextElementNode(cur->next);
     }
-    
+
     /* if there is something left than it's an error */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
 
 /**
  * xmlSecEncCtxDebugDump:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @output:		the pointer to output FILE.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints the debug information about @encCtx to @output.
  */
-void 
+void
 xmlSecEncCtxDebugDump(xmlSecEncCtxPtr encCtx, FILE* output) {
     xmlSecAssert(encCtx != NULL);
     xmlSecAssert(output != NULL);
 
     switch(encCtx->mode) {
-	case xmlEncCtxModeEncryptedData:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "= DATA ENCRYPTION CONTEXT\n");
-	    } else {
-		fprintf(output, "= DATA DECRYPTION CONTEXT\n");
-	    }
-	    break;
-	case xmlEncCtxModeEncryptedKey:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "= KEY ENCRYPTION CONTEXT\n");
-	    } else {
-		fprintf(output, "= KEY DECRYPTION CONTEXT\n");
-	    }
-	    break;
+        case xmlEncCtxModeEncryptedData:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "= DATA ENCRYPTION CONTEXT\n");
+            } else {
+                fprintf(output, "= DATA DECRYPTION CONTEXT\n");
+            }
+            break;
+        case xmlEncCtxModeEncryptedKey:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "= KEY ENCRYPTION CONTEXT\n");
+            } else {
+                fprintf(output, "= KEY DECRYPTION CONTEXT\n");
+            }
+            break;
     }
     fprintf(output, "== Status: %s\n",
-	    (encCtx->resultReplaced) ? "replaced" : "not-replaced" );
+            (encCtx->resultReplaced) ? "replaced" : "not-replaced" );
 
     fprintf(output, "== flags: 0x%08x\n", encCtx->flags);
     fprintf(output, "== flags2: 0x%08x\n", encCtx->flags2);
 
     if(encCtx->id != NULL) {
-	fprintf(output, "== Id: \"%s\"\n", encCtx->id);
+        fprintf(output, "== Id: \"%s\"\n", encCtx->id);
     }
     if(encCtx->type != NULL) {
-	fprintf(output, "== Type: \"%s\"\n", encCtx->type);
+        fprintf(output, "== Type: \"%s\"\n", encCtx->type);
     }
     if(encCtx->mimeType != NULL) {
-	fprintf(output, "== MimeType: \"%s\"\n", encCtx->mimeType);
+        fprintf(output, "== MimeType: \"%s\"\n", encCtx->mimeType);
     }
     if(encCtx->encoding != NULL) {
-	fprintf(output, "== Encoding: \"%s\"\n", encCtx->encoding);
+        fprintf(output, "== Encoding: \"%s\"\n", encCtx->encoding);
     }
     if(encCtx->recipient != NULL) {
-	fprintf(output, "== Recipient: \"%s\"\n", encCtx->recipient);
+        fprintf(output, "== Recipient: \"%s\"\n", encCtx->recipient);
     }
     if(encCtx->carriedKeyName != NULL) {
-	fprintf(output, "== CarriedKeyName: \"%s\"\n", encCtx->carriedKeyName);
+        fprintf(output, "== CarriedKeyName: \"%s\"\n", encCtx->carriedKeyName);
     }
-    
+
     fprintf(output, "== Key Info Read Ctx:\n");
     xmlSecKeyInfoCtxDebugDump(&(encCtx->keyInfoReadCtx), output);
 
@@ -1205,53 +1205,53 @@ xmlSecEncCtxDebugDump(xmlSecEncCtxPtr encCtx, FILE* output) {
 
     if(encCtx->encMethod != NULL) {
         fprintf(output, "== Encryption Method:\n");
-	xmlSecTransformDebugDump(encCtx->encMethod, output);
+        xmlSecTransformDebugDump(encCtx->encMethod, output);
     }
 
     if(encCtx->encKey != NULL) {
         fprintf(output, "== Encryption Key:\n");
-	xmlSecKeyDebugDump(encCtx->encKey, output);
+        xmlSecKeyDebugDump(encCtx->encKey, output);
     }
-    
-    if((encCtx->result != NULL) && 
-       (xmlSecBufferGetData(encCtx->result) != NULL) && 
+
+    if((encCtx->result != NULL) &&
+       (xmlSecBufferGetData(encCtx->result) != NULL) &&
        (encCtx->resultBase64Encoded != 0)) {
 
-	fprintf(output, "== Result - start buffer:\n");
-	fwrite(xmlSecBufferGetData(encCtx->result), 
-	       xmlSecBufferGetSize(encCtx->result), 1,
-	       output);
-	fprintf(output, "\n== Result - end buffer\n");
+        fprintf(output, "== Result - start buffer:\n");
+        fwrite(xmlSecBufferGetData(encCtx->result),
+               xmlSecBufferGetSize(encCtx->result), 1,
+               output);
+        fprintf(output, "\n== Result - end buffer\n");
     }
 }
 
 /**
  * xmlSecEncCtxDebugXmlDump:
- * @encCtx:		the pointer to <enc:EncryptedData/> processing context.
- * @output:		the pointer to output FILE.
+ * @encCtx:             the pointer to <enc:EncryptedData/> processing context.
+ * @output:             the pointer to output FILE.
  *
  * Prints the debug information about @encCtx to @output in XML format.
  */
-void 
+void
 xmlSecEncCtxDebugXmlDump(xmlSecEncCtxPtr encCtx, FILE* output) {
     xmlSecAssert(encCtx != NULL);
     xmlSecAssert(output != NULL);
 
     switch(encCtx->mode) {
-	case xmlEncCtxModeEncryptedData:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "<DataEncryptionContext ");
-	    } else {
-		fprintf(output, "<DataDecryptionContext ");
-	    }
-	    break;
-	case xmlEncCtxModeEncryptedKey:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "<KeyEncryptionContext ");
-	    } else {
-		fprintf(output, "<KeyDecryptionContext ");
-	    }
-	    break;
+        case xmlEncCtxModeEncryptedData:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "<DataEncryptionContext ");
+            } else {
+                fprintf(output, "<DataDecryptionContext ");
+            }
+            break;
+        case xmlEncCtxModeEncryptedKey:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "<KeyEncryptionContext ");
+            } else {
+                fprintf(output, "<KeyDecryptionContext ");
+            }
+            break;
     }
     fprintf(output, "status=\"%s\" >\n", (encCtx->resultReplaced) ? "replaced" : "not-replaced" );
 
@@ -1265,7 +1265,7 @@ xmlSecEncCtxDebugXmlDump(xmlSecEncCtxPtr encCtx, FILE* output) {
     fprintf(output, "<Type>");
     xmlSecPrintXmlString(output, encCtx->type);
     fprintf(output, "</Type>");
-    
+
     fprintf(output, "<MimeType>");
     xmlSecPrintXmlString(output, encCtx->mimeType);
     fprintf(output, "</MimeType>");
@@ -1296,42 +1296,42 @@ xmlSecEncCtxDebugXmlDump(xmlSecEncCtxPtr encCtx, FILE* output) {
 
     if(encCtx->encMethod != NULL) {
         fprintf(output, "<EncryptionMethod>\n");
-	xmlSecTransformDebugXmlDump(encCtx->encMethod, output);
+        xmlSecTransformDebugXmlDump(encCtx->encMethod, output);
         fprintf(output, "</EncryptionMethod>\n");
     }
 
     if(encCtx->encKey != NULL) {
         fprintf(output, "<EncryptionKey>\n");
-	xmlSecKeyDebugXmlDump(encCtx->encKey, output);
+        xmlSecKeyDebugXmlDump(encCtx->encKey, output);
         fprintf(output, "</EncryptionKey>\n");
     }
-    
-    if((encCtx->result != NULL) && 
-       (xmlSecBufferGetData(encCtx->result) != NULL) && 
+
+    if((encCtx->result != NULL) &&
+       (xmlSecBufferGetData(encCtx->result) != NULL) &&
        (encCtx->resultBase64Encoded != 0)) {
 
-	fprintf(output, "<Result>");
-	fwrite(xmlSecBufferGetData(encCtx->result), 
-	       xmlSecBufferGetSize(encCtx->result), 1,
-	       output);
-	fprintf(output, "</Result>\n");
+        fprintf(output, "<Result>");
+        fwrite(xmlSecBufferGetData(encCtx->result),
+               xmlSecBufferGetSize(encCtx->result), 1,
+               output);
+        fprintf(output, "</Result>\n");
     }
 
     switch(encCtx->mode) {
-	case xmlEncCtxModeEncryptedData:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "</DataEncryptionContext>\n");
-	    } else {
-		fprintf(output, "</DataDecryptionContext>\n");
-	    }
-	    break;
-	case xmlEncCtxModeEncryptedKey:
-	    if(encCtx->operation == xmlSecTransformOperationEncrypt) {    
-		fprintf(output, "</KeyEncryptionContext>\n");
-	    } else {
-		fprintf(output, "</KeyDecryptionContext>\n");
-	    }
-	    break;
+        case xmlEncCtxModeEncryptedData:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "</DataEncryptionContext>\n");
+            } else {
+                fprintf(output, "</DataDecryptionContext>\n");
+            }
+            break;
+        case xmlEncCtxModeEncryptedKey:
+            if(encCtx->operation == xmlSecTransformOperationEncrypt) {
+                fprintf(output, "</KeyEncryptionContext>\n");
+            } else {
+                fprintf(output, "</KeyDecryptionContext>\n");
+            }
+            break;
     }
 }
 
diff --git a/src/xmlsec.c b/src/xmlsec.c
index 3baa81a0..8b6d0cab 100644
--- a/src/xmlsec.c
+++ b/src/xmlsec.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * General functions.
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -36,52 +36,52 @@ int
 xmlSecInit(void) {
     xmlSecErrorsInit();
     xmlSecIOInit();
-    
+
 #ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 #endif /* XMLSEC_NO_CRYPTO_DYNAMIC_LOADING */
-    
+
     if(xmlSecKeyDataIdsInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecKeyDataIdsInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecKeyDataIdsInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     if(xmlSecTransformIdsInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecTransformIdsInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecTransformIdsInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
-#ifndef XMLSEC_NO_XKMS    
+
+#ifndef XMLSEC_NO_XKMS
     if(xmlSecXkmsRespondWithIdsInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsRespondWithIdsInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsRespondWithIdsInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     if(xmlSecXkmsServerRequestIdsInit() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXkmsServerRequestIdsInit",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXkmsServerRequestIdsInit",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 #endif /* XMLSEC_NO_XKMS */
 
@@ -99,9 +99,9 @@ xmlSecInit(void) {
  */
 int
 xmlSecShutdown(void) {
-    int res = 0;    
+    int res = 0;
 
-#ifndef XMLSEC_NO_XKMS    
+#ifndef XMLSEC_NO_XKMS
     xmlSecXkmsServerRequestIdsShutdown();
     xmlSecXkmsRespondWithIdsShutdown();
 #endif /* XMLSEC_NO_XKMS */
@@ -111,74 +111,74 @@ xmlSecShutdown(void) {
 
 #ifndef XMLSEC_NO_CRYPTO_DYNAMIC_LOADING
     if(xmlSecCryptoDLShutdown() < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecCryptoDLShutdown",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	res = -1;
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecCryptoDLShutdown",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        res = -1;
     }
 #endif /* XMLSEC_NO_CRYPTO_DYNAMIC_LOADING */
 
     xmlSecIOShutdown();
-    xmlSecErrorsShutdown();    
+    xmlSecErrorsShutdown();
     return(res);
 }
 
-/** 
+/**
  * xmlSecCheckVersionExt:
- * @major:		the major version number.
- * @minor:		the minor version number.
- * @subminor:		the subminor version number.
- * @mode:		the version check mode.
+ * @major:              the major version number.
+ * @minor:              the minor version number.
+ * @subminor:           the subminor version number.
+ * @mode:               the version check mode.
  *
  * Checks if the loaded version of xmlsec library could be used.
  *
  * Returns: 1 if the loaded xmlsec library version is OK to use
  * 0 if it is not or a negative value if an error occurs.
  */
-int 
+int
 xmlSecCheckVersionExt(int major, int minor, int subminor, xmlSecCheckVersionMode mode) {
     /* we always want to have a match for major version number */
     if(major != XMLSEC_VERSION_MAJOR) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "expected major version=%d;real major version=%d",
-		    XMLSEC_VERSION_MAJOR, major);
-	return(0);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "expected major version=%d;real major version=%d",
+                    XMLSEC_VERSION_MAJOR, major);
+        return(0);
     }
-    
+
     switch(mode) {
     case xmlSecCheckVersionExactMatch:
-	if((minor != XMLSEC_VERSION_MINOR) || (subminor != XMLSEC_VERSION_SUBMINOR)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"mode=exact;expected minor version=%d;real minor version=%d;expected subminor version=%d;real subminor version=%d",
-			XMLSEC_VERSION_MINOR, minor,
-			XMLSEC_VERSION_SUBMINOR, subminor);
-	    return(0);
-	}
-	break;
+        if((minor != XMLSEC_VERSION_MINOR) || (subminor != XMLSEC_VERSION_SUBMINOR)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "mode=exact;expected minor version=%d;real minor version=%d;expected subminor version=%d;real subminor version=%d",
+                        XMLSEC_VERSION_MINOR, minor,
+                        XMLSEC_VERSION_SUBMINOR, subminor);
+            return(0);
+        }
+        break;
     case xmlSecCheckVersionABICompatible:
-	if((minor < XMLSEC_VERSION_MINOR) ||
-	   ((minor == XMLSEC_VERSION_MINOR) && 
-	    (subminor < XMLSEC_VERSION_SUBMINOR))) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			NULL,
-			NULL,
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"mode=abi compatible;expected minor version=%d;real minor version=%d;expected subminor version=%d;real subminor version=%d",
-			XMLSEC_VERSION_MINOR, minor,
-			XMLSEC_VERSION_SUBMINOR, subminor);
-	    return(0);
-	}
-	break;
+        if((minor > XMLSEC_VERSION_MINOR) ||
+           ((minor == XMLSEC_VERSION_MINOR) &&
+            (subminor > XMLSEC_VERSION_SUBMINOR))) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        NULL,
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "mode=abi compatible;expected minor version=%d;real minor version=%d;expected subminor version=%d;real subminor version=%d",
+                        XMLSEC_VERSION_MINOR, minor,
+                        XMLSEC_VERSION_SUBMINOR, subminor);
+            return(0);
+        }
+        break;
     }
-    
+
     return(1);
 }
 
diff --git a/src/xmltree.c b/src/xmltree.c
index 96ea53c1..27ad09e2 100644
--- a/src/xmltree.c
+++ b/src/xmltree.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * Common XML Doc utility functions
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -14,7 +14,7 @@
 #include <string.h>
 #include <ctype.h>
 #include <errno.h>
- 
+
 #include <libxml/tree.h>
 #include <libxml/valid.h>
 #include <libxml/xpath.h>
@@ -29,128 +29,128 @@
 
 /**
  * xmlSecFindChild:
- * @parent: 		the pointer to XML node.
- * @name: 		the name.
- * @ns: 		the namespace href (may be NULL).
+ * @parent:             the pointer to XML node.
+ * @name:               the name.
+ * @ns:                 the namespace href (may be NULL).
  *
- * Searches a direct child of the @parent node having given name and 
+ * Searches a direct child of the @parent node having given name and
  * namespace href.
- * 
- * Returns: the pointer to the found node or NULL if an error occurs or 
+ *
+ * Returns: the pointer to the found node or NULL if an error occurs or
  * node is not found.
  */
 xmlNodePtr
 xmlSecFindChild(const xmlNodePtr parent, const xmlChar *name, const xmlChar *ns) {
     xmlNodePtr cur;
-        
+
     xmlSecAssert2(parent != NULL, NULL);
     xmlSecAssert2(name != NULL, NULL);
-    
+
     cur = parent->children;
     while(cur != NULL) {
         if(cur->type == XML_ELEMENT_NODE) {
-	    if(xmlSecCheckNodeName(cur, name, ns)) {
-		return(cur);
-	    }
-	}
-	cur = cur->next;
+            if(xmlSecCheckNodeName(cur, name, ns)) {
+                return(cur);
+            }
+        }
+        cur = cur->next;
     }
     return(NULL);
 }
 
 /**
  * xmlSecFindParent:
- * @cur: 		the pointer to an XML node.
- * @name: 		the name.
- * @ns: 		the namespace href (may be NULL).
+ * @cur:                the pointer to an XML node.
+ * @name:               the name.
+ * @ns:                 the namespace href (may be NULL).
  *
- * Searches the ancestors axis of the @cur node for a node having given name 
+ * Searches the ancestors axis of the @cur node for a node having given name
  * and namespace href.
- * 
- * Returns: the pointer to the found node or NULL if an error occurs or 
+ *
+ * Returns: the pointer to the found node or NULL if an error occurs or
  * node is not found.
  */
 xmlNodePtr
 xmlSecFindParent(const xmlNodePtr cur, const xmlChar *name, const xmlChar *ns) {
     xmlSecAssert2(cur != NULL, NULL);
-    xmlSecAssert2(name != NULL, NULL);        
+    xmlSecAssert2(name != NULL, NULL);
 
     if(xmlSecCheckNodeName(cur, name, ns)) {
-	return(cur);
+        return(cur);
     } else if(cur->parent != NULL) {
-	return(xmlSecFindParent(cur->parent, name, ns));
+        return(xmlSecFindParent(cur->parent, name, ns));
     }
     return(NULL);
 }
 
 /**
  * xmlSecFindNode:
- * @parent: 		the pointer to XML node.
- * @name: 		the name.
- * @ns: 		the namespace href (may be NULL).
+ * @parent:             the pointer to XML node.
+ * @name:               the name.
+ * @ns:                 the namespace href (may be NULL).
  *
- * Searches all children of the @parent node having given name and 
+ * Searches all children of the @parent node having given name and
  * namespace href.
- * 
- * Returns: the pointer to the found node or NULL if an error occurs or 
+ *
+ * Returns: the pointer to the found node or NULL if an error occurs or
  * node is not found.
  */
-xmlNodePtr		
+xmlNodePtr
 xmlSecFindNode(const xmlNodePtr parent, const xmlChar *name, const xmlChar *ns) {
     xmlNodePtr cur;
     xmlNodePtr ret;
-        
-    xmlSecAssert2(name != NULL, NULL); 
-    
+
+    xmlSecAssert2(name != NULL, NULL);
+
     cur = parent;
     while(cur != NULL) {
         if((cur->type == XML_ELEMENT_NODE) && xmlSecCheckNodeName(cur, name, ns)) {
-	    return(cur);
-	}
-	if(cur->children != NULL) {
-	    ret = xmlSecFindNode(cur->children, name, ns);
-	    if(ret != NULL) {
-	        return(ret);	    
-	    }
-	}
-	cur = cur->next;
+            return(cur);
+        }
+        if(cur->children != NULL) {
+            ret = xmlSecFindNode(cur->children, name, ns);
+            if(ret != NULL) {
+                return(ret);
+            }
+        }
+        cur = cur->next;
     }
     return(NULL);
 }
 
 /**
  * xmlSecGetNodeNsHref:
- * @cur:		the pointer to node.
+ * @cur:                the pointer to node.
  *
  * Get's node's namespace href.
  *
  * Returns: node's namespace href.
  */
-const xmlChar* 
+const xmlChar*
 xmlSecGetNodeNsHref(const xmlNodePtr cur) {
     xmlNsPtr ns;
-    
+
     xmlSecAssert2(cur != NULL, NULL);
-    
+
     /* do we have a namespace in the node? */
     if(cur->ns != NULL) {
-	return(cur->ns->href);
+        return(cur->ns->href);
     }
-    
+
     /* search for default namespace */
     ns = xmlSearchNs(cur->doc, cur, NULL);
     if(ns != NULL) {
-	return(ns->href);
+        return(ns->href);
     }
-	
+
     return(NULL);
 }
 
-/** 
+/**
  * xmlSecCheckNodeName:
- * @cur: 		the pointer to an XML node.
- * @name: 		the name,
- * @ns: 		the namespace href.
+ * @cur:                the pointer to an XML node.
+ * @name:               the name,
+ * @ns:                 the namespace href.
  *
  * Checks that the node has a given name and a given namespace href.
  *
@@ -159,74 +159,74 @@ xmlSecGetNodeNsHref(const xmlNodePtr cur) {
 int
 xmlSecCheckNodeName(const xmlNodePtr cur, const xmlChar *name, const xmlChar *ns) {
     xmlSecAssert2(cur != NULL, 0);
-    
-    return(xmlStrEqual(cur->name, name) && 
-	   xmlStrEqual(xmlSecGetNodeNsHref(cur), ns));
+
+    return(xmlStrEqual(cur->name, name) &&
+           xmlStrEqual(xmlSecGetNodeNsHref(cur), ns));
 }
 
 /**
  * xmlSecAddChild:
- * @parent: 		the pointer to an XML node.
- * @name: 		the new node name.
- * @ns: 		the new node namespace.
+ * @parent:             the pointer to an XML node.
+ * @name:               the new node name.
+ * @ns:                 the new node namespace.
  *
  * Adds a child to the node @parent with given @name and namespace @ns.
  *
  * Returns: pointer to the new node or NULL if an error occurs.
  */
-xmlNodePtr		
+xmlNodePtr
 xmlSecAddChild(xmlNodePtr parent, const xmlChar *name, const xmlChar *ns) {
     xmlNodePtr cur;
     xmlNodePtr text;
 
     xmlSecAssert2(parent != NULL, NULL);
-    xmlSecAssert2(name != NULL, NULL);        
+    xmlSecAssert2(name != NULL, NULL);
 
     if(parent->children == NULL) {
         /* TODO: add indents */
-	text = xmlNewText(xmlSecStringCR); 
-        if(text == NULL) {	
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlNewText",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}
-	xmlAddChild(parent, text);
+        text = xmlNewText(xmlSecStringCR);
+        if(text == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewText",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        xmlAddChild(parent, text);
     }
 
     cur = xmlNewChild(parent, NULL, name, NULL);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewChild",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewChild",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
 
     /* namespaces support */
     if(ns != NULL) {
-	xmlNsPtr nsPtr;
-	
+        xmlNsPtr nsPtr;
+
         /* find namespace by href and check that its prefix is not overwritten */
-	nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
-	if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
-	    nsPtr = xmlNewNs(cur, ns, NULL);
-	}
-	xmlSetNs(cur, nsPtr);
+        nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
+        if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
+            nsPtr = xmlNewNs(cur, ns, NULL);
+        }
+        xmlSetNs(cur, nsPtr);
     }
-    
+
     /* TODO: add indents */
-    text = xmlNewText(xmlSecStringCR); 
-    if(text == NULL) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewText",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+    text = xmlNewText(xmlSecStringCR);
+    if(text == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewText",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddChild(parent, text);
 
@@ -235,45 +235,45 @@ xmlSecAddChild(xmlNodePtr parent, const xmlChar *name, const xmlChar *ns) {
 
 /**
  * xmlSecAddChildNode:
- * @parent: 		the pointer to an XML node.
- * @child: 		the new node.
+ * @parent:             the pointer to an XML node.
+ * @child:              the new node.
  *
  * Adds @child node to the @parent node.
  *
  * Returns: pointer to the new node or NULL if an error occurs.
  */
-xmlNodePtr		
+xmlNodePtr
 xmlSecAddChildNode(xmlNodePtr parent, xmlNodePtr child) {
     xmlNodePtr text;
 
     xmlSecAssert2(parent != NULL, NULL);
-    xmlSecAssert2(child != NULL, NULL);        
+    xmlSecAssert2(child != NULL, NULL);
 
     if(parent->children == NULL) {
         /* TODO: add indents */
-	text = xmlNewText(xmlSecStringCR); 
-        if(text == NULL) {	
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlNewText",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(NULL);
-	}
-	xmlAddChild(parent, text);
+        text = xmlNewText(xmlSecStringCR);
+        if(text == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNewText",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(NULL);
+        }
+        xmlAddChild(parent, text);
     }
 
     xmlAddChild(parent, child);
 
     /* TODO: add indents */
-    text = xmlNewText(xmlSecStringCR); 
-    if(text == NULL) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewText",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+    text = xmlNewText(xmlSecStringCR);
+    if(text == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewText",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddChild(parent, text);
 
@@ -282,9 +282,9 @@ xmlSecAddChildNode(xmlNodePtr parent, xmlNodePtr child) {
 
 /**
  * xmlSecAddNextSibling
- * @node: 		the pointer to an XML node.
- * @name: 		the new node name.
- * @ns: 		the new node namespace.
+ * @node:               the pointer to an XML node.
+ * @name:               the new node name.
+ * @ns:                 the new node namespace.
  *
  * Adds next sibling to the node @node with given @name and namespace @ns.
  *
@@ -296,51 +296,51 @@ xmlSecAddNextSibling(xmlNodePtr node, const xmlChar *name, const xmlChar *ns) {
     xmlNodePtr text;
 
     xmlSecAssert2(node != NULL, NULL);
-    xmlSecAssert2(name != NULL, NULL);    
+    xmlSecAssert2(name != NULL, NULL);
 
     cur = xmlNewNode(NULL, name);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddNextSibling(node, cur);
 
     /* namespaces support */
     if(ns != NULL) {
-	xmlNsPtr nsPtr;
-	
+        xmlNsPtr nsPtr;
+
         /* find namespace by href and check that its prefix is not overwritten */
-	nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
-	if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
-	    nsPtr = xmlNewNs(cur, ns, NULL);
-	}
-	xmlSetNs(cur, nsPtr);
+        nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
+        if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
+            nsPtr = xmlNewNs(cur, ns, NULL);
+        }
+        xmlSetNs(cur, nsPtr);
     }
 
     /* TODO: add indents */
     text = xmlNewText(xmlSecStringCR);
-    if(text == NULL) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewText",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+    if(text == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewText",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddNextSibling(node, text);
-    
+
     return(cur);
 }
 
 /**
  * xmlSecAddPrevSibling
- * @node: 		the pointer to an XML node.
- * @name: 		the new node name.
- * @ns: 		the new node namespace.
+ * @node:               the pointer to an XML node.
+ * @name:               the new node name.
+ * @ns:                 the new node namespace.
  *
  * Adds prev sibling to the node @node with given @name and namespace @ns.
  *
@@ -352,40 +352,40 @@ xmlSecAddPrevSibling(xmlNodePtr node, const xmlChar *name, const xmlChar *ns) {
     xmlNodePtr text;
 
     xmlSecAssert2(node != NULL, NULL);
-    xmlSecAssert2(name != NULL, NULL);    
+    xmlSecAssert2(name != NULL, NULL);
 
     cur = xmlNewNode(NULL, name);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddPrevSibling(node, cur);
 
     /* namespaces support */
     if(ns != NULL) {
-	xmlNsPtr nsPtr;
-	
+        xmlNsPtr nsPtr;
+
         /* find namespace by href and check that its prefix is not overwritten */
-	nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
-	if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
-	    nsPtr = xmlNewNs(cur, ns, NULL);
-	}
-	xmlSetNs(cur, nsPtr);
+        nsPtr = xmlSearchNsByHref(cur->doc, cur, ns);
+        if((nsPtr == NULL) || (xmlSearchNs(cur->doc, cur, nsPtr->prefix) != nsPtr)) {
+            nsPtr = xmlNewNs(cur, ns, NULL);
+        }
+        xmlSetNs(cur, nsPtr);
     }
 
     /* TODO: add indents */
     text = xmlNewText(xmlSecStringCR);
-    if(text == NULL) {	
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewText",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
+    if(text == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewText",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlAddPrevSibling(node, text);
 
@@ -394,7 +394,7 @@ xmlSecAddPrevSibling(xmlNodePtr node, const xmlChar *name, const xmlChar *ns) {
 
 /**
  * xmlSecGetNextElementNode:
- * @cur: 		the pointer to an XML node.
+ * @cur:                the pointer to an XML node.
  *
  * Seraches for the next element node.
  *
@@ -402,18 +402,18 @@ xmlSecAddPrevSibling(xmlNodePtr node, const xmlChar *name, const xmlChar *ns) {
  */
 xmlNodePtr
 xmlSecGetNextElementNode(xmlNodePtr cur) {
-    
+
     while((cur != NULL) && (cur->type != XML_ELEMENT_NODE)) {
-	cur = cur->next;
+        cur = cur->next;
     }
     return(cur);
 }
 
 /**
  * xmlSecReplaceNode:
- * @node: 		the current node.
- * @newNode: 		the new node.
- * 
+ * @node:               the current node.
+ * @newNode:            the new node.
+ *
  * Swaps the @node and @newNode in the XML tree.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -423,12 +423,12 @@ xmlSecReplaceNode(xmlNodePtr node, xmlNodePtr newNode) {
     return xmlSecReplaceNodeAndReturn(node, newNode, NULL);
 }
 
-/**                 
+/**
  * xmlSecReplaceNodeAndReturn:
- * @node: 		the current node.
- * @newNode: 		the new node.
- * @replaced:   	the replaced node, or release it if NULL is given
- * 
+ * @node:               the current node.
+ * @newNode:            the new node.
+ * @replaced:           the replaced node, or release it if NULL is given
+ *
  * Swaps the @node and @newNode in the XML tree.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -437,48 +437,48 @@ int
 xmlSecReplaceNodeAndReturn(xmlNodePtr node, xmlNodePtr newNode, xmlNodePtr* replaced) {
     xmlNodePtr oldNode;
     int restoreRoot = 0;
-    
+
     xmlSecAssert2(node != NULL, -1);
-    xmlSecAssert2(newNode != NULL, -1);    
+    xmlSecAssert2(newNode != NULL, -1);
 
     /* fix documents children if necessary first */
     if((node->doc != NULL) && (node->doc->children == node)) {
-	node->doc->children = node->next;
-	restoreRoot = 1;
+        node->doc->children = node->next;
+        restoreRoot = 1;
     }
     if((newNode->doc != NULL) && (newNode->doc->children == newNode)) {
-	newNode->doc->children = newNode->next;
+        newNode->doc->children = newNode->next;
     }
 
     oldNode = xmlReplaceNode(node, newNode);
     if(oldNode == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
                     "xmlReplaceNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     if(restoreRoot != 0) {
-	xmlDocSetRootElement(oldNode->doc, newNode);
+        xmlDocSetRootElement(oldNode->doc, newNode);
     }
 
     /* return the old node if requested */
     if(replaced != NULL) {
-     	(*replaced) = oldNode;  	  	
+        (*replaced) = oldNode;
     } else {
-   	xmlFreeNode(oldNode); 
+        xmlFreeNode(oldNode);
     }
-   
+
     return(0);
 }
 
 /**
  * xmlSecReplaceContent
- * @node: 		the current node.
- * @newNode: 		the new node.
- * 
+ * @node:               the current node.
+ * @newNode:            the new node.
+ *
  * Swaps the content of @node and @newNode.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -490,10 +490,10 @@ xmlSecReplaceContent(xmlNodePtr node, xmlNodePtr newNode) {
 
 /**
  * xmlSecReplaceContentAndReturn
- * @node: 		the current node.
- * @newNode: 		the new node.
- * @replaced:   	the replaced nodes, or release them if NULL is given
- * 
+ * @node:               the current node.
+ * @newNode:            the new node.
+ * @replaced:           the replaced nodes, or release them if NULL is given
+ *
  * Swaps the content of @node and @newNode.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -501,7 +501,7 @@ xmlSecReplaceContent(xmlNodePtr node, xmlNodePtr newNode) {
 int
 xmlSecReplaceContentAndReturn(xmlNodePtr node, xmlNodePtr newNode, xmlNodePtr *replaced) {
     xmlSecAssert2(node != NULL, -1);
-    xmlSecAssert2(newNode != NULL, -1);  
+    xmlSecAssert2(newNode != NULL, -1);
 
     xmlUnlinkNode(newNode);
     xmlSetTreeDoc(newNode, node->doc);
@@ -514,17 +514,17 @@ xmlSecReplaceContentAndReturn(xmlNodePtr node, xmlNodePtr newNode, xmlNodePtr *r
         for(cur = node->children; (cur != NULL); cur = next) {
             next = cur->next;
             if((*replaced) != NULL) {
-		/* n is unlinked in this function */        	
-                xmlAddNextSibling(tail, cur); 
-		tail = cur;
+                /* n is unlinked in this function */
+                xmlAddNextSibling(tail, cur);
+                tail = cur;
             } else {
-		/* this is the first node, (*replaced) is the head */
+                /* this is the first node, (*replaced) is the head */
                 xmlUnlinkNode(cur);
-    	        (*replaced) = tail = cur;    	    
+                (*replaced) = tail = cur;
           }
         }
     } else {
-	/* just delete the content */
+        /* just delete the content */
         xmlNodeSetContent(node, NULL);
     }
 
@@ -536,10 +536,10 @@ xmlSecReplaceContentAndReturn(xmlNodePtr node, xmlNodePtr newNode, xmlNodePtr *r
 
 /**
  * xmlSecReplaceNodeBuffer:
- * @node: 		the current node.
- * @buffer: 		the XML data.
- * @size: 		the XML data size.
- * 
+ * @node:               the current node.
+ * @buffer:             the XML data.
+ * @size:               the XML data size.
+ *
  * Swaps the @node and the parsed XML data from the @buffer in the XML tree.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -551,11 +551,11 @@ xmlSecReplaceNodeBuffer(xmlNodePtr node, const xmlSecByte *buffer, xmlSecSize si
 
 /**
  * xmlSecReplaceNodeBufferAndReturn:
- * @node: 		the current node.
- * @buffer: 		the XML data.
- * @size: 		the XML data size.
- * @replaced: 		the replaced nodes, or release them if NULL is given
- * 
+ * @node:               the current node.
+ * @buffer:             the XML data.
+ * @size:               the XML data size.
+ * @replaced:           the replaced nodes, or release them if NULL is given
+ *
  * Swaps the @node and the parsed XML data from the @buffer in the XML tree.
  *
  * Returns: 0 on success or a negative value if an error occurs.
@@ -575,7 +575,7 @@ xmlSecReplaceNodeBufferAndReturn(xmlNodePtr node, const xmlSecByte *buffer, xmlS
                     "xmlParseInNodeContext",
                     XMLSEC_ERRORS_R_XML_FAILED,
                     "Failed to parse content");
-        return(-1);         
+        return(-1);
     }
 
     /* add new nodes */
@@ -590,9 +590,9 @@ xmlSecReplaceNodeBufferAndReturn(xmlNodePtr node, const xmlSecByte *buffer, xmlS
 
     /* return the old node if requested */
     if(replaced != NULL) {
-     	(*replaced) = node;  	  	
+        (*replaced) = node;
     } else {
-   	xmlFreeNode(node); 
+        xmlFreeNode(node);
     }
 
     return(0);
@@ -600,8 +600,8 @@ xmlSecReplaceNodeBufferAndReturn(xmlNodePtr node, const xmlSecByte *buffer, xmlS
 
 /**
  * xmlSecNodeEncodeAndSetContent:
- * @node: 		    the pointer to an XML node.
- * @buffer: 		the pointer to the node content.
+ * @node:                   the pointer to an XML node.
+ * @buffer:             the pointer to the node content.
  *
  * Encodes "special" characters in the @buffer and sets the result
  * as the node content.
@@ -612,18 +612,18 @@ int
 xmlSecNodeEncodeAndSetContent(xmlNodePtr node, const xmlChar * buffer) {
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(node->doc != NULL, -1);
-    
+
     if(buffer != NULL) {
-	    xmlChar * tmp;
+            xmlChar * tmp;
 
-        tmp = xmlEncodeSpecialChars(node->doc, buffer);        
+        tmp = xmlEncodeSpecialChars(node->doc, buffer);
         if (tmp == NULL) {
             xmlSecError(XMLSEC_ERRORS_HERE,
                         NULL,
                         "xmlEncodeSpecialChars",
                         XMLSEC_ERRORS_R_XML_FAILED,
                         "Failed to encode special characters");
-            return(-1);         
+            return(-1);
         }
 
         xmlNodeSetContent(node, tmp);
@@ -637,109 +637,109 @@ xmlSecNodeEncodeAndSetContent(xmlNodePtr node, const xmlChar * buffer) {
 
 /**
  * xmlSecAddIDs:
- * @doc: 		the pointer to an XML document.
- * @cur: 		the pointer to an XML node.
- * @ids: 		the pointer to a NULL terminated list of ID attributes.
+ * @doc:                the pointer to an XML document.
+ * @cur:                the pointer to an XML node.
+ * @ids:                the pointer to a NULL terminated list of ID attributes.
  *
- * Walks thru all children of the @cur node and adds all attributes 
+ * Walks thru all children of the @cur node and adds all attributes
  * from the @ids list to the @doc document IDs attributes hash.
  */
-void	
+void
 xmlSecAddIDs(xmlDocPtr doc, xmlNodePtr cur, const xmlChar** ids) {
     xmlNodePtr children = NULL;
 
     xmlSecAssert(doc != NULL);
-    xmlSecAssert(ids != NULL);    
-    
+    xmlSecAssert(ids != NULL);
+
     if((cur != NULL) && (cur->type == XML_ELEMENT_NODE)) {
-	xmlAttrPtr attr;
-	xmlAttrPtr tmp;
-	int i;
-	xmlChar* name;
-	
-	for(attr = cur->properties; attr != NULL; attr = attr->next) {
-	    for(i = 0; ids[i] != NULL; ++i) {
-		if(xmlStrEqual(attr->name, ids[i])) {
-		    name = xmlNodeListGetString(doc, attr->children, 1);
-		    if(name != NULL) {
-			tmp = xmlGetID(doc, name);
-			if(tmp == NULL) {
-			    xmlAddID(NULL, doc, name, attr);
-			} else if(tmp != attr) {
-			    xmlSecError(XMLSEC_ERRORS_HERE,
-					NULL,
-					NULL,
-					XMLSEC_ERRORS_R_INVALID_DATA,
-					"id=%s already defined", 
-					xmlSecErrorsSafeString(name));
-			}
-			xmlFree(name);
-		    }		    
-		}
-	    }
-	}
-	
-	children = cur->children;
+        xmlAttrPtr attr;
+        xmlAttrPtr tmp;
+        int i;
+        xmlChar* name;
+
+        for(attr = cur->properties; attr != NULL; attr = attr->next) {
+            for(i = 0; ids[i] != NULL; ++i) {
+                if(xmlStrEqual(attr->name, ids[i])) {
+                    name = xmlNodeListGetString(doc, attr->children, 1);
+                    if(name != NULL) {
+                        tmp = xmlGetID(doc, name);
+                        if(tmp == NULL) {
+                            xmlAddID(NULL, doc, name, attr);
+                        } else if(tmp != attr) {
+                            xmlSecError(XMLSEC_ERRORS_HERE,
+                                        NULL,
+                                        NULL,
+                                        XMLSEC_ERRORS_R_INVALID_DATA,
+                                        "id=%s already defined",
+                                        xmlSecErrorsSafeString(name));
+                        }
+                        xmlFree(name);
+                    }
+                }
+            }
+        }
+
+        children = cur->children;
     } else if(cur == NULL) {
-	children = doc->children;
+        children = doc->children;
     }
-    
+
     while(children != NULL) {
-	if(children->type == XML_ELEMENT_NODE) {
-	    xmlSecAddIDs(doc, children, ids);
-	}
-	children = children->next;
+        if(children->type == XML_ELEMENT_NODE) {
+            xmlSecAddIDs(doc, children, ids);
+        }
+        children = children->next;
     }
 }
 
 /**
  * xmlSecGenerateAndAddID:
- * @node:			the node to ID attr to.
- * @attrName:			the ID attr name.
- * @prefix:			the prefix to add to the generated ID (can be NULL).
- * @len:			the length of ID.
+ * @node:                       the node to ID attr to.
+ * @attrName:                   the ID attr name.
+ * @prefix:                     the prefix to add to the generated ID (can be NULL).
+ * @len:                        the length of ID.
  *
  * Generates a unique ID in the format <@prefix>base64-encoded(@len random bytes)
  * and puts it in the attribute @attrName.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecGenerateAndAddID(xmlNodePtr node, const xmlChar* attrName, const xmlChar* prefix, xmlSecSize len) {
     xmlChar* id;
     int count;
-    
-    xmlSecAssert2(node != NULL, -1);    
-    xmlSecAssert2(attrName != NULL, -1);    
+
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(attrName != NULL, -1);
 
     /* we will try 5 times before giving up */
     for(count = 0; count < 5; count++) {
-	id = xmlSecGenerateID(prefix, len);
-	if(id == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecGenerateID",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-
-	if((node->doc == NULL) || (xmlGetID(node->doc, id) == NULL)) {
-	    /* this is a unique ID in the document and we can use it */
-	    if(xmlSetProp(node, attrName, id) == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		    	    "xmlSetProp",
-			    XMLSEC_ERRORS_R_XML_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlFree(id);
-	        return(-1);	
-	    }
-	    
-	    xmlFree(id);
-	    return(0);
-	}
-	xmlFree(id);
+        id = xmlSecGenerateID(prefix, len);
+        if(id == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecGenerateID",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        if((node->doc == NULL) || (xmlGetID(node->doc, id) == NULL)) {
+            /* this is a unique ID in the document and we can use it */
+            if(xmlSetProp(node, attrName, id) == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSetProp",
+                            XMLSEC_ERRORS_R_XML_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFree(id);
+                return(-1);
+            }
+
+            xmlFree(id);
+            return(0);
+        }
+        xmlFree(id);
     }
 
     return(-1);
@@ -747,8 +747,8 @@ xmlSecGenerateAndAddID(xmlNodePtr node, const xmlChar* attrName, const xmlChar*
 
 /**
  * xmlSecGenerateID:
- * @prefix:			the prefix to add to the generated ID (can be NULL).
- * @len:			the length of ID.
+ * @prefix:                     the prefix to add to the generated ID (can be NULL).
+ * @len:                        the length of ID.
  *
  * Generates a unique ID in the format <@prefix>base64-encoded(@len random bytes).
  * The caller is responsible for freeing returned string using @xmlFree function.
@@ -757,155 +757,155 @@ xmlSecGenerateAndAddID(xmlNodePtr node, const xmlChar* attrName, const xmlChar*
  */
 xmlChar*
 xmlSecGenerateID(const xmlChar* prefix, xmlSecSize len) {
-    xmlSecBuffer buffer;    
+    xmlSecBuffer buffer;
     xmlSecSize i, binLen;
     xmlChar* res;
     xmlChar* p;
     int ret;
 
-    xmlSecAssert2(len > 0, NULL);    
-    
+    xmlSecAssert2(len > 0, NULL);
+
     /* we will do base64 decoding later */
     binLen = (3 * len + 1) / 4;
-    
+
     ret = xmlSecBufferInitialize(&buffer, binLen + 1);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
     }
     xmlSecAssert2(xmlSecBufferGetData(&buffer) != NULL, NULL);
     xmlSecAssert2(xmlSecBufferGetMaxSize(&buffer) >= binLen, NULL);
-    
+
     ret = xmlSecBufferSetSize(&buffer, binLen);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferSetSize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferSetSize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
     xmlSecAssert2(xmlSecBufferGetSize(&buffer) == binLen, NULL);
-    
+
     /* create random bytes */
     for(i = 0; i < binLen; i++) {
-	(xmlSecBufferGetData(&buffer)) [i] = (xmlSecByte) (256.0 * rand() / (RAND_MAX + 1.0));
+        (xmlSecBufferGetData(&buffer)) [i] = (xmlSecByte) (256.0 * rand() / (RAND_MAX + 1.0));
     }
-    
+
     /* base64 encode random bytes */
     res = xmlSecBase64Encode(xmlSecBufferGetData(&buffer), xmlSecBufferGetSize(&buffer), 0);
     if((res == NULL) || (xmlStrlen(res) == 0)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBase64Encode",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecBufferFinalize(&buffer);
-	return(NULL);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBase64Encode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecBufferFinalize(&buffer);
+        return(NULL);
     }
     xmlSecBufferFinalize(&buffer);
 
     /* truncate the generated id attribute if needed */
     if(xmlStrlen(res) > (int)len) {
-	res[len] = '\0';
+        res[len] = '\0';
     }
 
-    /* we need to cleanup base64 encoded id because ID attr can't have '+' or '/' characters */ 
+    /* we need to cleanup base64 encoded id because ID attr can't have '+' or '/' characters */
     for(p = res; (*p) != '\0'; p++) {
-	if(((*p) == '+') || ((*p) == '/')) {
-	    (*p) = '_';
-	}
+        if(((*p) == '+') || ((*p) == '/')) {
+            (*p) = '_';
+        }
     }
-    
+
     /* add prefix if exist */
     if(prefix) {
-	xmlChar* tmp;
-	xmlSecSize tmpLen;
-	
-	tmpLen = xmlStrlen(prefix) + xmlStrlen(res) + 1;
-	tmp = xmlMalloc(tmpLen + 1);
-	if(tmp == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlMalloc",
-		        XMLSEC_ERRORS_R_MALLOC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFree(res);
-	    return(NULL);
-	}
-	
-	xmlSecStrPrintf(tmp, tmpLen, BAD_CAST "%s%s", prefix, res);
-	xmlFree(res);
-	res = tmp;    
+        xmlChar* tmp;
+        xmlSecSize tmpLen;
+
+        tmpLen = xmlStrlen(prefix) + xmlStrlen(res) + 1;
+        tmp = xmlMalloc(tmpLen + 1);
+        if(tmp == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFree(res);
+            return(NULL);
+        }
+
+        xmlSecStrPrintf(tmp, tmpLen, BAD_CAST "%s%s", prefix, res);
+        xmlFree(res);
+        res = tmp;
     } else {
-	/* no prefix: check that ID attribute starts from a letter */
-	if(!(((res[0] >= 'A') && (res[0] <= 'Z')) || 
-	     ((res[0] >= 'a') && (res[0] <= 'z')))) {
-	     res[0] = 'A';
-	}
+        /* no prefix: check that ID attribute starts from a letter */
+        if(!(((res[0] >= 'A') && (res[0] <= 'Z')) ||
+             ((res[0] >= 'a') && (res[0] <= 'z')))) {
+             res[0] = 'A';
+        }
     }
-    
+
     return(res);
 }
 
 
 /**
  * xmlSecCreateTree:
- * @rootNodeName:	the root node name.
- * @rootNodeNs:		the root node namespace (otpional).
+ * @rootNodeName:       the root node name.
+ * @rootNodeNs:         the root node namespace (otpional).
  *
  * Creates a new XML tree with one root node @rootNodeName.
  *
  * Returns: pointer to the newly created tree or NULL if an error occurs.
  */
-xmlDocPtr 
+xmlDocPtr
 xmlSecCreateTree(const xmlChar* rootNodeName, const xmlChar* rootNodeNs) {
     xmlDocPtr doc;
     xmlNodePtr root;
     xmlNsPtr ns;
-    
+
     xmlSecAssert2(rootNodeName != NULL, NULL);
 
     /* create doc */
     doc = xmlNewDoc(BAD_CAST "1.0");
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewDoc",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(NULL);
-    }
-    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDoc",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(NULL);
+    }
+
     /* create root node */
-    root = xmlNewDocNode(doc, NULL, rootNodeName, NULL); 
+    root = xmlNewDocNode(doc, NULL, rootNodeName, NULL);
     if(root == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,	
-		    NULL,
-		    "xmlNewDocNode",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=Keys");
-	xmlFreeDoc(doc);
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewDocNode",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=Keys");
+        xmlFreeDoc(doc);
+        return(NULL);
     }
     xmlDocSetRootElement(doc, root);
 
     /* and set root node namespace */
     ns = xmlNewNs(root, rootNodeNs, NULL);
     if(ns == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNewNs",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "ns=%s",
-		    xmlSecErrorsSafeString(rootNodeNs));
-	xmlFreeDoc(doc); 
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNewNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "ns=%s",
+                    xmlSecErrorsSafeString(rootNodeNs));
+        xmlFreeDoc(doc);
+        return(NULL);
     }
     xmlSetNs(root, ns);
 
@@ -914,28 +914,28 @@ xmlSecCreateTree(const xmlChar* rootNodeName, const xmlChar* rootNodeNs) {
 
 /**
  * xmlSecIsEmptyNode:
- * @node:		the node to check
+ * @node:               the node to check
  *
  * Checks whethere the @node is empty (i.e. has only whitespaces children).
  *
  * Returns: 1 if @node is empty, 0 otherwise or a negative value if an error occurs.
  */
-int 
+int
 xmlSecIsEmptyNode(xmlNodePtr node) {
     xmlChar* content;
     int res;
-    
+
     xmlSecAssert2(node != NULL, -1);
 
     if(xmlSecGetNextElementNode(node->children) != NULL) {
-	return(0);
+        return(0);
     }
-    
+
     content = xmlNodeGetContent(node);
     if(content == NULL) {
-	return(1);
+        return(1);
     }
-    
+
     res = xmlSecIsEmptyString(content);
     xmlFree(content);
     return(res);
@@ -943,26 +943,26 @@ xmlSecIsEmptyNode(xmlNodePtr node) {
 
 /**
  * xmlSecIsEmptyString:
- * @str:		the string to check
+ * @str:                the string to check
  *
  * Checks whethere the @str is empty (i.e. has only whitespaces children).
  *
  * Returns: 1 if @str is empty, 0 otherwise or a negative value if an error occurs.
  */
-int 
+int
 xmlSecIsEmptyString(const xmlChar* str) {
     xmlSecAssert2(str != NULL, -1);
-    
+
     for( ;*str != '\0'; ++str) {
-	if(!isspace((int)(*str))) {
-	    return(0);
-	}
+        if(!isspace((int)(*str))) {
+            return(0);
+        }
     }
     return(1);
 }
 
 /**
- * xmlSecPrintXmlString: 
+ * xmlSecPrintXmlString:
  * @fd:                the file descriptor to write the XML string to
  * @str:               the string
  *
@@ -970,54 +970,54 @@ xmlSecIsEmptyString(const xmlChar* str) {
  *
  * Returns: he number of bytes transmitted or a negative value if an error occurs.
  */
-int 
+int
 xmlSecPrintXmlString(FILE * fd, const xmlChar * str) {
     int res;
-    
-    if(str != NULL) {    
+
+    if(str != NULL) {
         xmlChar * encoded_str = NULL;
         encoded_str = xmlEncodeSpecialChars(NULL, str);
         if(encoded_str == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,	
-		        NULL,
-		        "xmlEncodeSpecialChars",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-		        "string=%s",
-		        xmlSecErrorsSafeString(str));
-	    return(-1);
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlEncodeSpecialChars",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "string=%s",
+                        xmlSecErrorsSafeString(str));
+            return(-1);
         }
-    
+
         res = fprintf(fd, "%s", (const char*)encoded_str);
-	xmlFree(encoded_str);
+        xmlFree(encoded_str);
     } else {
         res = fprintf(fd, "NULL");
     }
-    
+
     if(res < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,	
-		    NULL,
-		    "fprintf",
-		    XMLSEC_ERRORS_R_IO_FAILED,
-		    "res=%d,errno=%d",
-		    res, errno);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "fprintf",
+                    XMLSEC_ERRORS_R_IO_FAILED,
+                    "res=%d,errno=%d",
+                    res, errno);
+        return(-1);
     }
     return(res);
 }
 
 
-/** 
+/**
  * xmlSecGetQName:
- * @node:		the context node.
- * @href:		the QName href (can be NULL).
- * @local:		the QName local part.
+ * @node:               the context node.
+ * @href:               the QName href (can be NULL).
+ * @local:              the QName local part.
  *
  * Creates QName (prefix:local) from @href and @local in the context of the @node.
  * Caller is responsible for freeing returned string with xmlFree.
  *
  * Returns: qname or NULL if an error occurs.
  */
-xmlChar* 
+xmlChar*
 xmlSecGetQName(xmlNodePtr node, const xmlChar* href, const xmlChar* local) {
     xmlChar* qname;
     xmlNsPtr ns;
@@ -1030,39 +1030,39 @@ xmlSecGetQName(xmlNodePtr node, const xmlChar* href, const xmlChar* local) {
     ns = xmlSearchNsByHref(node->doc, node, href);
     if((ns == NULL) && (href != NULL)) {
         xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSearchNsByHref",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s,href=%s",
-    		    xmlSecErrorsSafeString(node->name),
-    		    xmlSecErrorsSafeString(href));
+                    NULL,
+                    "xmlSearchNsByHref",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s,href=%s",
+                    xmlSecErrorsSafeString(node->name),
+                    xmlSecErrorsSafeString(href));
         return(NULL);
     }
-        
+
     if((ns != NULL) && (ns->prefix != NULL)) {
-	xmlSecSize len;
-	
+        xmlSecSize len;
+
         len = xmlStrlen(local) + xmlStrlen(ns->prefix) + 4;
         qname = xmlMalloc(len);
         if(qname == NULL) {
-  	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlMalloc",
-	    	        XMLSEC_ERRORS_R_MALLOC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(node->name));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlMalloc",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(node->name));
             return(NULL);
         }
         xmlSecStrPrintf(qname, len, BAD_CAST "%s:%s", ns->prefix, local);
     } else {
         qname = xmlStrdup(local);
         if(qname == NULL) {
-  	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrdup",
-	    	        XMLSEC_ERRORS_R_MALLOC_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(node->name));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrdup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(node->name));
             return(NULL);
         }
     }
@@ -1077,17 +1077,17 @@ xmlSecGetQName(xmlNodePtr node, const xmlChar* href, const xmlChar* local) {
  * QName <-> Integer mapping
  *
  ************************************************************************/
-/** 
+/**
  * xmlSecQName2IntegerGetInfo:
  * @info:               the qname<->integer mapping information.
  * @intValue:           the integer value.
  *
  * Maps integer @intValue to a QName prefix.
- * 
+ *
  * Returns: the QName info that is mapped to @intValue or NULL if such value
  * is not found.
  */
-xmlSecQName2IntegerInfoConstPtr 
+xmlSecQName2IntegerInfoConstPtr
 xmlSecQName2IntegerGetInfo(xmlSecQName2IntegerInfoConstPtr info, int intValue) {
     unsigned int ii;
 
@@ -1102,20 +1102,20 @@ xmlSecQName2IntegerGetInfo(xmlSecQName2IntegerInfoConstPtr info, int intValue) {
     return(NULL);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerGetInteger:
  * @info:               the qname<->integer mapping information.
  * @qnameHref:          the qname href value.
  * @qnameLocalPart:     the qname local part value.
  * @intValue:           the pointer to result integer value.
- * 
+ *
  * Maps qname qname to an integer and returns it in @intValue.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
-xmlSecQName2IntegerGetInteger(xmlSecQName2IntegerInfoConstPtr info, 
-                             const xmlChar* qnameHref, const xmlChar* qnameLocalPart, 
+int
+xmlSecQName2IntegerGetInteger(xmlSecQName2IntegerInfoConstPtr info,
+                             const xmlChar* qnameHref, const xmlChar* qnameLocalPart,
                              int* intValue) {
     unsigned int ii;
 
@@ -1124,7 +1124,7 @@ xmlSecQName2IntegerGetInteger(xmlSecQName2IntegerInfoConstPtr info,
     xmlSecAssert2(intValue != NULL, -1);
 
     for(ii = 0; info[ii].qnameLocalPart != NULL; ii++) {
-        if(xmlStrEqual(info[ii].qnameLocalPart, qnameLocalPart) && 
+        if(xmlStrEqual(info[ii].qnameLocalPart, qnameLocalPart) &&
            xmlStrEqual(info[ii].qnameHref, qnameHref)) {
             (*intValue) = info[ii].intValue;
             return(0);
@@ -1134,83 +1134,83 @@ xmlSecQName2IntegerGetInteger(xmlSecQName2IntegerInfoConstPtr info,
     return(-1);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerGetIntegerFromString:
  * @info:               the qname<->integer mapping information.
  * @node:               the pointer to node.
  * @qname:              the qname string.
  * @intValue:           the pointer to result integer value.
- * 
+ *
  * Converts @qname into integer in context of @node.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2IntegerGetIntegerFromString(xmlSecQName2IntegerInfoConstPtr info,
-					xmlNodePtr node, const xmlChar* qname,
+                                        xmlNodePtr node, const xmlChar* qname,
                                         int* intValue) {
     const xmlChar* qnameLocalPart = NULL;
     xmlChar* qnamePrefix = NULL;
     const xmlChar* qnameHref;
     xmlNsPtr ns;
     int ret;
-    
+
     xmlSecAssert2(info != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(qname != NULL, -1);
     xmlSecAssert2(intValue != NULL, -1);
-    
+
     qnameLocalPart = xmlStrchr(qname, ':');
     if(qnameLocalPart != NULL) {
         qnamePrefix = xmlStrndup(qname, qnameLocalPart - qname);
         if(qnamePrefix == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrndup",
-	    	        XMLSEC_ERRORS_R_MALLOC_FAILED,
-		        "node=%s,value=%s",
-		        xmlSecErrorsSafeString(node->name),
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrndup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "node=%s,value=%s",
+                        xmlSecErrorsSafeString(node->name),
                         xmlSecErrorsSafeString(qname));
-	    return(-1);	
+            return(-1);
         }
         qnameLocalPart++;
     } else {
         qnamePrefix = NULL;
         qnameLocalPart = qname;
     }
-    
+
     /* search namespace href */
     ns = xmlSearchNs(node->doc, node, qnamePrefix);
     if((ns == NULL) && (qnamePrefix != NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSearchNs",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s,qnamePrefix=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSearchNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s,qnamePrefix=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(qnamePrefix));
         if(qnamePrefix != NULL) {
             xmlFree(qnamePrefix);
         }
-	return(-1);	
+        return(-1);
     }
     qnameHref = (ns != NULL) ? ns->href : BAD_CAST NULL;
 
     /* and finally search for integer */
     ret = xmlSecQName2IntegerGetInteger(info, qnameHref, qnameLocalPart, intValue);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetInteger",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,qnameLocalPart=%s,qnameHref=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetInteger",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,qnameLocalPart=%s,qnameHref=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(qnameLocalPart),
                     xmlSecErrorsSafeString(qnameHref));
         if(qnamePrefix != NULL) {
             xmlFree(qnamePrefix);
         }
-	return(-1);	
+        return(-1);
     }
 
     if(qnamePrefix != NULL) {
@@ -1220,20 +1220,20 @@ xmlSecQName2IntegerGetIntegerFromString(xmlSecQName2IntegerInfoConstPtr info,
 }
 
 
-/** 
+/**
  * xmlSecQName2IntegerGetStringFromInteger:
  * @info:               the qname<->integer mapping information.
  * @node:               the pointer to node.
  * @intValue:           the integer value.
- * 
+ *
  * Creates qname string for @intValue in context of given @node. Caller
  * is responsible for freeing returned string with @xmlFree.
- * 
+ *
  * Returns: pointer to newly allocated string on success or NULL if an error occurs,
  */
-xmlChar* 
+xmlChar*
 xmlSecQName2IntegerGetStringFromInteger(xmlSecQName2IntegerInfoConstPtr info,
-					xmlNodePtr node, int intValue) {
+                                        xmlNodePtr node, int intValue) {
     xmlSecQName2IntegerInfoConstPtr qnameInfo;
 
     xmlSecAssert2(info != NULL, NULL);
@@ -1241,31 +1241,31 @@ xmlSecQName2IntegerGetStringFromInteger(xmlSecQName2IntegerInfoConstPtr info,
 
     qnameInfo = xmlSecQName2IntegerGetInfo(info, intValue);
     if(qnameInfo == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetInfo",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,intValue=%d",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetInfo",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,intValue=%d",
+                    xmlSecErrorsSafeString(node->name),
                     intValue);
         return(NULL);
     }
-    
+
     return (xmlSecGetQName(node, qnameInfo->qnameHref, qnameInfo->qnameLocalPart));
 }
 
-/** 
+/**
  * xmlSecQName2IntegerNodeRead:
  * @info:               the qname<->integer mapping information.
  * @node:               the pointer to node.
  * @intValue:           the pointer to result integer value.
- * 
- * Reads the content of @node and converts it to an integer using mapping 
+ *
+ * Reads the content of @node and converts it to an integer using mapping
  * from @info.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2IntegerNodeRead(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr node, int* intValue) {
     xmlChar* content = NULL;
     int ret;
@@ -1276,48 +1276,48 @@ xmlSecQName2IntegerNodeRead(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr nod
 
     content = xmlNodeGetContent(node);
     if(content == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlNodeGetContent",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s",
-		    xmlSecErrorsSafeString(node->name));
-	return(-1);	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlNodeGetContent",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s",
+                    xmlSecErrorsSafeString(node->name));
+        return(-1);
     }
     /* todo: trim content? */
 
     ret = xmlSecQName2IntegerGetIntegerFromString(info, node, content, intValue);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetIntegerFromString",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,value=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetIntegerFromString",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,value=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(content));
         xmlFree(content);
-	return(-1);	
+        return(-1);
     }
 
     xmlFree(content);
     return(0);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerNodeWrite:
  * @info:               the qname<->integer mapping information.
  * @node:               the parent node.
  * @nodeName:           the child node name.
  * @nodeNs:             the child node namespace.
  * @intValue:           the integer value.
- * 
+ *
  * Creates new child node in @node and sets its value to @intValue.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2IntegerNodeWrite(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr node,
-			    const xmlChar* nodeName, const xmlChar* nodeNs, int intValue) {
+                            const xmlChar* nodeName, const xmlChar* nodeNs, int intValue) {
     xmlNodePtr cur;
     xmlChar* qname = NULL;
 
@@ -1328,24 +1328,24 @@ xmlSecQName2IntegerNodeWrite(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr no
     /* find and build qname */
     qname = xmlSecQName2IntegerGetStringFromInteger(info, node, intValue);
     if(qname == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetStringFromInteger",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,intValue=%d",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetStringFromInteger",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,intValue=%d",
+                    xmlSecErrorsSafeString(node->name),
                     intValue);
         return(-1);
     }
-    
+
     cur = xmlSecAddChild(node, nodeName, nodeNs);
     if(cur == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChild",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,intValue=%d",
-		    xmlSecErrorsSafeString(nodeName),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChild",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,intValue=%d",
+                    xmlSecErrorsSafeString(nodeName),
                     intValue);
         xmlFree(qname);
         return(-1);
@@ -1356,21 +1356,21 @@ xmlSecQName2IntegerNodeWrite(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr no
     return(0);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerAttributeRead:
  * @info:               the qname<->integer mapping information.
- * @node:               the element node. 
+ * @node:               the element node.
  * @attrName:           the attribute name.
  * @intValue:           the pointer to result integer value.
- * 
+ *
  * Gets the value of @attrName atrtibute from @node and converts it to integer
  * according to @info.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2IntegerAttributeRead(xmlSecQName2IntegerInfoConstPtr info, xmlNodePtr node,
-			    const xmlChar* attrName, int* intValue) {
+                            const xmlChar* attrName, int* intValue) {
     xmlChar* attrValue;
     int ret;
 
@@ -1381,45 +1381,45 @@ xmlSecQName2IntegerAttributeRead(xmlSecQName2IntegerInfoConstPtr info, xmlNodePt
 
     attrValue = xmlGetProp(node, attrName);
     if(attrValue == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlGetProp",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s,attrValue=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlGetProp",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s,attrValue=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(attrName));
-	return(-1);	
+        return(-1);
     }
     /* todo: trim value? */
 
     ret = xmlSecQName2IntegerGetIntegerFromString(info, node, attrValue, intValue);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetIntegerFromString",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,attrName=%s,attrValue=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetIntegerFromString",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,attrName=%s,attrValue=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(attrName),
                     xmlSecErrorsSafeString(attrValue));
         xmlFree(attrValue);
-	return(-1);	
+        return(-1);
     }
 
     xmlFree(attrValue);
     return(0);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerAttributeWrite:
  * @info:               the qname<->integer mapping information.
  * @node:               the parent node.
  * @attrName:           the name of attribute.
  * @intValue:           the integer value.
- * 
- * Converts @intValue to a qname and sets it to the value of 
+ *
+ * Converts @intValue to a qname and sets it to the value of
  * attribute @attrName in @node.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
 int
@@ -1435,26 +1435,26 @@ xmlSecQName2IntegerAttributeWrite(xmlSecQName2IntegerInfoConstPtr info, xmlNodeP
     /* find and build qname */
     qname = xmlSecQName2IntegerGetStringFromInteger(info, node, intValue);
     if(qname == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2IntegerGetStringFromInteger",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,attrName=%s,intValue=%d",
-		    xmlSecErrorsSafeString(node->name),
-		    xmlSecErrorsSafeString(attrName),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2IntegerGetStringFromInteger",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,attrName=%s,intValue=%d",
+                    xmlSecErrorsSafeString(node->name),
+                    xmlSecErrorsSafeString(attrName),
                     intValue);
         return(-1);
     }
 
     attr = xmlSetProp(node, attrName, qname);
     if(attr == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecAddChildNode",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,attrName=%s,intValue=%d",
-		    xmlSecErrorsSafeString(node->name),
-		    xmlSecErrorsSafeString(attrName),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecAddChildNode",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,attrName=%s,intValue=%d",
+                    xmlSecErrorsSafeString(node->name),
+                    xmlSecErrorsSafeString(attrName),
                     intValue);
         xmlFree(qname);
         return(-1);
@@ -1464,16 +1464,16 @@ xmlSecQName2IntegerAttributeWrite(xmlSecQName2IntegerInfoConstPtr info, xmlNodeP
     return(0);
 }
 
-/** 
+/**
  * xmlSecQName2IntegerDebugDump:
  * @info:               the qname<->integer mapping information.
  * @intValue:           the integer value.
- * @name: 		the value name to print.
+ * @name:               the value name to print.
  * @output:             the pointer to output FILE.
- * 
+ *
  * Prints @intValue into @output.
  */
-void 
+void
 xmlSecQName2IntegerDebugDump(xmlSecQName2IntegerInfoConstPtr info, int intValue,
                             const xmlChar* name, FILE* output) {
     xmlSecQName2IntegerInfoConstPtr qnameInfo;
@@ -1484,24 +1484,24 @@ xmlSecQName2IntegerDebugDump(xmlSecQName2IntegerInfoConstPtr info, int intValue,
 
     qnameInfo = xmlSecQName2IntegerGetInfo(info, intValue);
     if(qnameInfo != NULL) {
-        fprintf(output, "== %s: %d (name=\"%s\", href=\"%s\")\n", name, intValue, 
+        fprintf(output, "== %s: %d (name=\"%s\", href=\"%s\")\n", name, intValue,
             (qnameInfo->qnameLocalPart) ? qnameInfo->qnameLocalPart : BAD_CAST NULL,
             (qnameInfo->qnameHref) ? qnameInfo->qnameHref : BAD_CAST NULL);
-    }    
+    }
 }
 
-/** 
+/**
  * xmlSecQName2IntegerDebugXmlDump:
  * @info:               the qname<->integer mapping information.
  * @intValue:           the integer value.
- * @name: 		the value name to print.
+ * @name:               the value name to print.
  * @output:             the pointer to output FILE.
- * 
- * Prints @intValue into @output in XML format. 
+ *
+ * Prints @intValue into @output in XML format.
  */
-void 
+void
 xmlSecQName2IntegerDebugXmlDump(xmlSecQName2IntegerInfoConstPtr info, int intValue,
-			    const xmlChar* name, FILE* output) {
+                            const xmlChar* name, FILE* output) {
     xmlSecQName2IntegerInfoConstPtr qnameInfo;
 
     xmlSecAssert(info != NULL);
@@ -1510,24 +1510,24 @@ xmlSecQName2IntegerDebugXmlDump(xmlSecQName2IntegerInfoConstPtr info, int intVal
 
     qnameInfo = xmlSecQName2IntegerGetInfo(info, intValue);
     if(qnameInfo != NULL) {
-        fprintf(output, "<%s value=\"%d\" href=\"%s\">%s<%s>\n", name, intValue, 
+        fprintf(output, "<%s value=\"%d\" href=\"%s\">%s<%s>\n", name, intValue,
             (qnameInfo->qnameHref) ? qnameInfo->qnameHref : BAD_CAST NULL,
             (qnameInfo->qnameLocalPart) ? qnameInfo->qnameLocalPart : BAD_CAST NULL,
             name);
-    }    
+    }
 }
-								 
+
 
 /*************************************************************************
  *
  * QName <-> Bits mask mapping
  *
  ************************************************************************/
-/** 
+/**
  * xmlSecQName2BitMaskGetInfo:
  * @info:               the qname<->bit mask mapping information.
  * @mask:               the bit mask.
- * 
+ *
  * Converts @mask to qname.
  *
  * Returns: pointer to the qname info for @mask or NULL if mask is unknown.
@@ -1548,21 +1548,21 @@ xmlSecQName2BitMaskGetInfo(xmlSecQName2BitMaskInfoConstPtr info, xmlSecBitMask m
     return(NULL);
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskGetBitMask:
  * @info:               the qname<->bit mask mapping information.
  * @qnameHref:          the qname Href value.
  * @qnameLocalPart:     the qname LocalPart value.
  * @mask:               the pointer to result mask.
- * 
+ *
  * Converts @qnameLocalPart to @mask.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
-xmlSecQName2BitMaskGetBitMask(xmlSecQName2BitMaskInfoConstPtr info, 
+int
+xmlSecQName2BitMaskGetBitMask(xmlSecQName2BitMaskInfoConstPtr info,
                             const xmlChar* qnameHref, const xmlChar* qnameLocalPart,
-			    xmlSecBitMask* mask) {
+                            xmlSecBitMask* mask) {
     unsigned int ii;
 
     xmlSecAssert2(info != NULL, -1);
@@ -1571,7 +1571,7 @@ xmlSecQName2BitMaskGetBitMask(xmlSecQName2BitMaskInfoConstPtr info,
 
     for(ii = 0; info[ii].qnameLocalPart != NULL; ii++) {
         xmlSecAssert2(info[ii].mask != 0, -1);
-        if(xmlStrEqual(info[ii].qnameLocalPart, qnameLocalPart) && 
+        if(xmlStrEqual(info[ii].qnameLocalPart, qnameLocalPart) &&
            xmlStrEqual(info[ii].qnameHref, qnameHref)) {
 
             (*mask) = info[ii].mask;
@@ -1582,27 +1582,27 @@ xmlSecQName2BitMaskGetBitMask(xmlSecQName2BitMaskInfoConstPtr info,
     return(-1);
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskGetBitMaskFromString:
  * @info:               the qname<->integer mapping information.
  * @node:               the pointer to node.
  * @qname:              the qname string.
  * @mask:               the pointer to result msk value.
- * 
+ *
  * Converts @qname into integer in context of @node.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2BitMaskGetBitMaskFromString(xmlSecQName2BitMaskInfoConstPtr info,
-					xmlNodePtr node, const xmlChar* qname,
+                                        xmlNodePtr node, const xmlChar* qname,
                                         xmlSecBitMask* mask) {
     const xmlChar* qnameLocalPart = NULL;
     xmlChar* qnamePrefix = NULL;
     const xmlChar* qnameHref;
     xmlNsPtr ns;
     int ret;
-    
+
     xmlSecAssert2(info != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
     xmlSecAssert2(qname != NULL, -1);
@@ -1612,53 +1612,53 @@ xmlSecQName2BitMaskGetBitMaskFromString(xmlSecQName2BitMaskInfoConstPtr info,
     if(qnameLocalPart != NULL) {
         qnamePrefix = xmlStrndup(qname, qnameLocalPart - qname);
         if(qnamePrefix == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlStrndup",
-	    	        XMLSEC_ERRORS_R_MALLOC_FAILED,
-		        "node=%s,value=%s",
-		        xmlSecErrorsSafeString(node->name),
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlStrndup",
+                        XMLSEC_ERRORS_R_MALLOC_FAILED,
+                        "node=%s,value=%s",
+                        xmlSecErrorsSafeString(node->name),
                         xmlSecErrorsSafeString(qname));
-	    return(-1);	
+            return(-1);
         }
         qnameLocalPart++;
     } else {
         qnamePrefix = NULL;
         qnameLocalPart = qname;
     }
-    
+
     /* search namespace href */
     ns = xmlSearchNs(node->doc, node, qnamePrefix);
     if((ns == NULL) && (qnamePrefix != NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSearchNs",
-	    	    XMLSEC_ERRORS_R_XML_FAILED,
-		    "node=%s,qnamePrefix=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSearchNs",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "node=%s,qnamePrefix=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(qnamePrefix));
         if(qnamePrefix != NULL) {
             xmlFree(qnamePrefix);
         }
-	return(-1);	
+        return(-1);
     }
     qnameHref = (ns != NULL) ? ns->href : BAD_CAST NULL;
 
     /* and finally search for integer */
     ret = xmlSecQName2BitMaskGetBitMask(info, qnameHref, qnameLocalPart, mask);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2BitMaskGetBitMask",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,qnameLocalPart=%s,qnameHref=%s",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2BitMaskGetBitMask",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,qnameLocalPart=%s,qnameHref=%s",
+                    xmlSecErrorsSafeString(node->name),
                     xmlSecErrorsSafeString(qnameLocalPart),
                     xmlSecErrorsSafeString(qnameHref));
         if(qnamePrefix != NULL) {
             xmlFree(qnamePrefix);
         }
-	return(-1);	
+        return(-1);
     }
 
     if(qnamePrefix != NULL) {
@@ -1668,20 +1668,20 @@ xmlSecQName2BitMaskGetBitMaskFromString(xmlSecQName2BitMaskInfoConstPtr info,
 }
 
 
-/** 
+/**
  * xmlSecQName2BitMaskGetStringFromBitMask:
  * @info:               the qname<->integer mapping information.
  * @node:               the pointer to node.
  * @mask:               the mask.
- * 
+ *
  * Creates qname string for @mask in context of given @node. Caller
  * is responsible for freeing returned string with @xmlFree.
- * 
+ *
  * Returns: pointer to newly allocated string on success or NULL if an error occurs,
  */
-xmlChar* 
+xmlChar*
 xmlSecQName2BitMaskGetStringFromBitMask(xmlSecQName2BitMaskInfoConstPtr info,
-					xmlNodePtr node, xmlSecBitMask mask) {
+                                        xmlNodePtr node, xmlSecBitMask mask) {
     xmlSecQName2BitMaskInfoConstPtr qnameInfo;
 
     xmlSecAssert2(info != NULL, NULL);
@@ -1689,38 +1689,38 @@ xmlSecQName2BitMaskGetStringFromBitMask(xmlSecQName2BitMaskInfoConstPtr info,
 
     qnameInfo = xmlSecQName2BitMaskGetInfo(info, mask);
     if(qnameInfo == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecQName2BitMaskGetInfo",
-	    	    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "node=%s,mask=%d",
-		    xmlSecErrorsSafeString(node->name),
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecQName2BitMaskGetInfo",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "node=%s,mask=%d",
+                    xmlSecErrorsSafeString(node->name),
                     mask);
         return(NULL);
     }
-    
+
     return(xmlSecGetQName(node, qnameInfo->qnameHref, qnameInfo->qnameLocalPart));
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskNodesRead:
  * @info:               the qname<->bit mask mapping information.
  * @node:               the start.
  * @nodeName:           the mask nodes name.
  * @nodeNs:             the mask nodes namespace.
- * @stopOnUnknown:	if this flag is set then function exits if unknown
- *			value was found.
+ * @stopOnUnknown:      if this flag is set then function exits if unknown
+ *                      value was found.
  * @mask:               the pointer to result mask.
- * 
+ *
  * Reads <@nodeNs:@nodeName> elements and puts the result bit mask
  * into @mask. When function exits, @node points to the first element node
  * after all the <@nodeNs:@nodeName> elements.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2BitMaskNodesRead(xmlSecQName2BitMaskInfoConstPtr info, xmlNodePtr* node,
-			    const xmlChar* nodeName, const xmlChar* nodeNs, 
+                            const xmlChar* nodeName, const xmlChar* nodeNs,
                             int stopOnUnknown, xmlSecBitMask* mask) {
     xmlNodePtr cur;
     xmlChar* content;
@@ -1736,62 +1736,62 @@ xmlSecQName2BitMaskNodesRead(xmlSecQName2BitMaskInfoConstPtr info, xmlNodePtr* n
     while((cur != NULL) && (xmlSecCheckNodeName(cur, nodeName, nodeNs))) {
         content = xmlNodeGetContent(cur);
         if(content == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlNodeGetContent",
-	    	        XMLSEC_ERRORS_R_XML_FAILED,
-		        "node=%s",
-		        xmlSecErrorsSafeString(cur->name));
-	    return(-1);	
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlNodeGetContent",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "node=%s",
+                        xmlSecErrorsSafeString(cur->name));
+            return(-1);
         }
-        
+
         ret = xmlSecQName2BitMaskGetBitMaskFromString(info, cur, content, &tmp);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecQName2BitMaskGetBitMaskFromString",
-	    	        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "value=%s",
-		        xmlSecErrorsSafeString(content));
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecQName2BitMaskGetBitMaskFromString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "value=%s",
+                        xmlSecErrorsSafeString(content));
             xmlFree(content);
-	    return(-1);	
+            return(-1);
         }
         xmlFree(content);
 
-	if((stopOnUnknown != 0) && (tmp == 0)) {
-	    /* todo: better error */
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-		        "xmlSecQName2BitMaskGetBitMaskFromString",
-	    	        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        "value=%s",
-		        xmlSecErrorsSafeString(content));
-	    return(-1);	
-	}
-	
+        if((stopOnUnknown != 0) && (tmp == 0)) {
+            /* todo: better error */
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecQName2BitMaskGetBitMaskFromString",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "value=%s",
+                        xmlSecErrorsSafeString(content));
+            return(-1);
+        }
+
         (*mask) |= tmp;
-	cur = xmlSecGetNextElementNode(cur->next);
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
-    (*node) = cur;    
-    return(0); 
+    (*node) = cur;
+    return(0);
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskNodesWrite:
  * @info:               the qname<->bit mask mapping information.
  * @node:               the parent element for mask nodes.
  * @nodeName:           the mask nodes name.
  * @nodeNs:             the mask nodes namespace.
  * @mask:               the bit mask.
- * 
+ *
  * Writes <@nodeNs:@nodeName> elemnts with values from @mask to @node.
- * 
+ *
  * Returns: 0 on success or a negative value if an error occurs,
  */
-int 
+int
 xmlSecQName2BitMaskNodesWrite(xmlSecQName2BitMaskInfoConstPtr info, xmlNodePtr node,
-			    const xmlChar* nodeName, const xmlChar* nodeNs, 
+                            const xmlChar* nodeName, const xmlChar* nodeNs,
                             xmlSecBitMask mask) {
     unsigned int ii;
 
@@ -1805,30 +1805,30 @@ xmlSecQName2BitMaskNodesWrite(xmlSecQName2BitMaskInfoConstPtr info, xmlNodePtr n
         if((mask & info[ii].mask) != 0) {
             xmlNodePtr cur;
             xmlChar* qname;
-            
-	    qname = xmlSecGetQName(node, info[ii].qnameHref, info[ii].qnameLocalPart);
+
+            qname = xmlSecGetQName(node, info[ii].qnameHref, info[ii].qnameLocalPart);
             if(qname == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecGetQName",
-	    	            XMLSEC_ERRORS_R_XML_FAILED,
-		            "node=%s",
-		            xmlSecErrorsSafeString(nodeName));
-	        return(-1);	
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecGetQName",
+                            XMLSEC_ERRORS_R_XML_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(nodeName));
+                return(-1);
             }
-            
+
             cur = xmlSecAddChild(node, nodeName, nodeNs);
             if(cur == NULL) {
-	        xmlSecError(XMLSEC_ERRORS_HERE,
-		            NULL,
-		            "xmlSecAddChild",
-	    	            XMLSEC_ERRORS_R_XML_FAILED,
-		            "node=%s",
-		            xmlSecErrorsSafeString(nodeName));
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            NULL,
+                            "xmlSecAddChild",
+                            XMLSEC_ERRORS_R_XML_FAILED,
+                            "node=%s",
+                            xmlSecErrorsSafeString(nodeName));
                 xmlFree(qname);
-	        return(-1);
+                return(-1);
             }
-            
+
             xmlNodeSetContent(cur, qname);
             xmlFree(qname);
         }
@@ -1836,18 +1836,18 @@ xmlSecQName2BitMaskNodesWrite(xmlSecQName2BitMaskInfoConstPtr info, xmlNodePtr n
     return(0);
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskDebugDump:
  * @info:               the qname<->bit mask mapping information.
  * @mask:               the bit mask.
- * @name: 		the value name to print.
+ * @name:               the value name to print.
  * @output:             the pointer to output FILE.
- * 
+ *
  * Prints debug information about @mask to @output.
  */
-void 
+void
 xmlSecQName2BitMaskDebugDump(xmlSecQName2BitMaskInfoConstPtr info, xmlSecBitMask mask,
-			    const xmlChar* name, FILE* output) {
+                            const xmlChar* name, FILE* output) {
     unsigned int ii;
 
     xmlSecAssert(info != NULL);
@@ -1869,18 +1869,18 @@ xmlSecQName2BitMaskDebugDump(xmlSecQName2BitMaskInfoConstPtr info, xmlSecBitMask
     fprintf(output, "\n");
 }
 
-/** 
+/**
  * xmlSecQName2BitMaskDebugXmlDump:
  * @info:               the qname<->bit mask mapping information.
  * @mask:               the bit mask.
- * @name: 		the value name to print.
+ * @name:               the value name to print.
  * @output:             the pointer to output FILE.
- * 
+ *
  * Prints debug information about @mask to @output in XML format.
  */
-void 
+void
 xmlSecQName2BitMaskDebugXmlDump(xmlSecQName2BitMaskInfoConstPtr info, xmlSecBitMask mask,
-			    const xmlChar* name, FILE* output) {
+                            const xmlChar* name, FILE* output) {
     unsigned int ii;
 
     xmlSecAssert(info != NULL);
@@ -1896,13 +1896,13 @@ xmlSecQName2BitMaskDebugXmlDump(xmlSecQName2BitMaskInfoConstPtr info, xmlSecBitM
         xmlSecAssert(info[ii].mask != 0);
 
         if((mask & info[ii].mask) != 0) {
-            fprintf(output, "<%s href=\"%s\">%s</%s>\n", name, 
+            fprintf(output, "<%s href=\"%s\">%s</%s>\n", name,
                     info[ii].qnameHref, info[ii].qnameLocalPart, name);
         }
     }
     fprintf(output, "</%sList>\n", name);
 }
-								 
+
 
 
 
diff --git a/src/xpath.c b/src/xpath.c
index 8b0b4f8e..e67631e7 100644
--- a/src/xpath.c
+++ b/src/xpath.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * XPath transform
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -29,20 +29,20 @@
 /**************************************************************************
  *
  * xmlSecXPathHereFunction:
- * @ctxt:		the ponter to XPath context.
- * @nargs:		the arguments nubmer.
+ * @ctxt:               the ponter to XPath context.
+ * @nargs:              the arguments nubmer.
  *
  * The implementation of XPath "here()" function.
- * See xmlXPtrHereFunction() in xpointer.c. the only change is that 
+ * See xmlXPtrHereFunction() in xpointer.c. the only change is that
  * we return NodeSet instead of NodeInterval.
  *
  *****************************************************************************/
-static void 
+static void
 xmlSecXPathHereFunction(xmlXPathParserContextPtr ctxt, int nargs) {
     CHECK_ARITY(0);
 
     if((ctxt == NULL) || (ctxt->context == NULL) || (ctxt->context->here == NULL)) {
-	XP_ERROR(XPTR_SYNTAX_ERROR);
+        XP_ERROR(XPTR_SYNTAX_ERROR);
     }
     valuePush(ctxt, xmlXPathNewNodeSet(ctxt->context->here));
 }
@@ -52,8 +52,8 @@ xmlSecXPathHereFunction(xmlXPathParserContextPtr ctxt, int nargs) {
  * XPath/XPointer data
  *
  *****************************************************************************/
-typedef struct _xmlSecXPathData			xmlSecXPathData,
-						*xmlSecXPathDataPtr;
+typedef struct _xmlSecXPathData                 xmlSecXPathData,
+                                                *xmlSecXPathDataPtr;
 typedef enum {
     xmlSecXPathDataTypeXPath,
     xmlSecXPathDataTypeXPath2,
@@ -61,182 +61,182 @@ typedef enum {
 } xmlSecXPathDataType;
 
 struct _xmlSecXPathData {
-    xmlSecXPathDataType			type;
-    xmlXPathContextPtr			ctx;
-    xmlChar*				expr;
-    xmlSecNodeSetOp			nodeSetOp;
-    xmlSecNodeSetType			nodeSetType;    
+    xmlSecXPathDataType                 type;
+    xmlXPathContextPtr                  ctx;
+    xmlChar*                            expr;
+    xmlSecNodeSetOp                     nodeSetOp;
+    xmlSecNodeSetType                   nodeSetType;
 };
 
-static xmlSecXPathDataPtr 	xmlSecXPathDataCreate		(xmlSecXPathDataType type);
-static void		  	xmlSecXPathDataDestroy		(xmlSecXPathDataPtr data);
-static int		  	xmlSecXPathDataSetExpr		(xmlSecXPathDataPtr data,
-								 const xmlChar* expr);
-static int 			xmlSecXPathDataRegisterNamespaces(xmlSecXPathDataPtr data, 
-								 xmlNodePtr node);
-static int		  	xmlSecXPathDataNodeRead		(xmlSecXPathDataPtr data,
-								 xmlNodePtr node);
-static xmlSecNodeSetPtr		xmlSecXPathDataExecute		(xmlSecXPathDataPtr data,
-								 xmlDocPtr doc,
-								 xmlNodePtr hereNode);
-
-static xmlSecXPathDataPtr  
+static xmlSecXPathDataPtr       xmlSecXPathDataCreate           (xmlSecXPathDataType type);
+static void                     xmlSecXPathDataDestroy          (xmlSecXPathDataPtr data);
+static int                      xmlSecXPathDataSetExpr          (xmlSecXPathDataPtr data,
+                                                                 const xmlChar* expr);
+static int                      xmlSecXPathDataRegisterNamespaces(xmlSecXPathDataPtr data,
+                                                                 xmlNodePtr node);
+static int                      xmlSecXPathDataNodeRead         (xmlSecXPathDataPtr data,
+                                                                 xmlNodePtr node);
+static xmlSecNodeSetPtr         xmlSecXPathDataExecute          (xmlSecXPathDataPtr data,
+                                                                 xmlDocPtr doc,
+                                                                 xmlNodePtr hereNode);
+
+static xmlSecXPathDataPtr
 xmlSecXPathDataCreate(xmlSecXPathDataType type) {
     xmlSecXPathDataPtr data;
 
     data = (xmlSecXPathDataPtr) xmlMalloc(sizeof(xmlSecXPathData));
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "sizeof(xmlSecXPathData)=%d",
-		    sizeof(xmlSecXPathData));
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "sizeof(xmlSecXPathData)=%d",
+                    sizeof(xmlSecXPathData));
+        return(NULL);
     }
-    memset(data, 0, sizeof(xmlSecXPathData)); 
+    memset(data, 0, sizeof(xmlSecXPathData));
 
     data->type = type;
     data->nodeSetType = xmlSecNodeSetTree;
 
     /* create xpath or xpointer context */
     switch(data->type) {
-    case xmlSecXPathDataTypeXPath:    
-    case xmlSecXPathDataTypeXPath2:    
-	data->ctx = xmlXPathNewContext(NULL); /* we'll set doc in the context later */
-	if(data->ctx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlXPathNewContext",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXPathDataDestroy(data);
-	    return(NULL);
-	}
-	break;
-    case xmlSecXPathDataTypeXPointer:    
-	data->ctx = xmlXPtrNewContext(NULL, NULL, NULL); /* we'll set doc in the context later */
-	if(data->ctx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlXPtrNewContext",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXPathDataDestroy(data);
-	    return(NULL);
-	}
-	break;
+    case xmlSecXPathDataTypeXPath:
+    case xmlSecXPathDataTypeXPath2:
+        data->ctx = xmlXPathNewContext(NULL); /* we'll set doc in the context later */
+        if(data->ctx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlXPathNewContext",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXPathDataDestroy(data);
+            return(NULL);
+        }
+        break;
+    case xmlSecXPathDataTypeXPointer:
+        data->ctx = xmlXPtrNewContext(NULL, NULL, NULL); /* we'll set doc in the context later */
+        if(data->ctx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlXPtrNewContext",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXPathDataDestroy(data);
+            return(NULL);
+        }
+        break;
     }
 
     return(data);
 }
 
-static void				
+static void
 xmlSecXPathDataDestroy(xmlSecXPathDataPtr data) {
-    xmlSecAssert(data != NULL);    
+    xmlSecAssert(data != NULL);
 
     if(data->expr != NULL) {
-	xmlFree(data->expr);
+        xmlFree(data->expr);
     }
     if(data->ctx != NULL) {
-	xmlXPathFreeContext(data->ctx);
+        xmlXPathFreeContext(data->ctx);
     }
-    memset(data, 0, sizeof(xmlSecXPathData));  
+    memset(data, 0, sizeof(xmlSecXPathData));
     xmlFree(data);
 }
 
-static int 
+static int
 xmlSecXPathDataSetExpr(xmlSecXPathDataPtr data, const xmlChar* expr) {
-    xmlSecAssert2(data != NULL, -1);    
+    xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(data->expr == NULL, -1);
     xmlSecAssert2(data->ctx != NULL, -1);
-    xmlSecAssert2(expr != NULL, -1);    
-            
+    xmlSecAssert2(expr != NULL, -1);
+
     data->expr = xmlStrdup(expr);
     if(data->expr == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    NULL,
-		    XMLSEC_ERRORS_R_STRDUP_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    NULL,
+                    XMLSEC_ERRORS_R_STRDUP_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
     return(0);
 }
 
 
-static int 
+static int
 xmlSecXPathDataRegisterNamespaces(xmlSecXPathDataPtr data, xmlNodePtr node) {
     xmlNodePtr cur;
     xmlNsPtr ns;
     int ret;
-    
-    xmlSecAssert2(data != NULL, -1);    
+
+    xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(data->ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     /* register namespaces */
     for(cur = node; cur != NULL; cur = cur->parent) {
-	for(ns = cur->nsDef; ns != NULL; ns = ns->next) {
-	    /* check that we have no other namespace with same prefix already */
-	    if((ns->prefix != NULL) && (xmlXPathNsLookup(data->ctx, ns->prefix) == NULL)){
-	        ret = xmlXPathRegisterNs(data->ctx, ns->prefix, ns->href);
-		if(ret != 0) {
-		    xmlSecError(XMLSEC_ERRORS_HERE,
-				NULL,
-			        "xmlXPathRegisterNs",
-				XMLSEC_ERRORS_R_XML_FAILED,
-			        "href=%s;prefix=%s",
-			        xmlSecErrorsSafeString(ns->href),
-				xmlSecErrorsSafeString(ns->prefix)); 
-		    return(-1);
-		}
-	    }
-	}
+        for(ns = cur->nsDef; ns != NULL; ns = ns->next) {
+            /* check that we have no other namespace with same prefix already */
+            if((ns->prefix != NULL) && (xmlXPathNsLookup(data->ctx, ns->prefix) == NULL)){
+                ret = xmlXPathRegisterNs(data->ctx, ns->prefix, ns->href);
+                if(ret != 0) {
+                    xmlSecError(XMLSEC_ERRORS_HERE,
+                                NULL,
+                                "xmlXPathRegisterNs",
+                                XMLSEC_ERRORS_R_XML_FAILED,
+                                "href=%s;prefix=%s",
+                                xmlSecErrorsSafeString(ns->href),
+                                xmlSecErrorsSafeString(ns->prefix));
+                    return(-1);
+                }
+            }
+        }
     }
-    
+
     return(0);
 }
 
-static int 
+static int
 xmlSecXPathDataNodeRead(xmlSecXPathDataPtr data, xmlNodePtr node) {
     int ret;
-    
-    xmlSecAssert2(data != NULL, -1);    
+
+    xmlSecAssert2(data != NULL, -1);
     xmlSecAssert2(data->expr == NULL, -1);
     xmlSecAssert2(data->ctx != NULL, -1);
     xmlSecAssert2(node != NULL, -1);
 
     ret = xmlSecXPathDataRegisterNamespaces (data, node);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecXPathDataRegisterNamespaces",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXPathDataRegisterNamespaces",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     /* read node content and set expr */
     data->expr = xmlNodeGetContent(node);
     if(data->expr == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
-		    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
-		    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(node)),
+                    XMLSEC_ERRORS_R_INVALID_NODE_CONTENT,
+                    XMLSEC_ERRORS_NO_MESSAGE);
         return(-1);
     }
-    
+
     return(0);
 }
 
 static xmlSecNodeSetPtr
 xmlSecXPathDataExecute(xmlSecXPathDataPtr data, xmlDocPtr doc, xmlNodePtr hereNode) {
-    xmlXPathObjectPtr xpathObj = NULL; 
+    xmlXPathObjectPtr xpathObj = NULL;
     xmlSecNodeSetPtr nodes;
 
-    xmlSecAssert2(data != NULL, NULL);    
+    xmlSecAssert2(data != NULL, NULL);
     xmlSecAssert2(data->expr != NULL, NULL);
     xmlSecAssert2(data->ctx != NULL, NULL);
     xmlSecAssert2(doc != NULL, NULL);
@@ -244,56 +244,73 @@ xmlSecXPathDataExecute(xmlSecXPathDataPtr data, xmlDocPtr doc, xmlNodePtr hereNo
 
     /* do not forget to set the doc */
     data->ctx->doc = doc;
-    
+
     /* here function works only on the same document */
     if(hereNode->doc == doc) {
-	xmlXPathRegisterFunc(data->ctx, (xmlChar *)"here", xmlSecXPathHereFunction);
-	data->ctx->here = hereNode;
-	data->ctx->xptr = 1;
+        xmlXPathRegisterFunc(data->ctx, (xmlChar *)"here", xmlSecXPathHereFunction);
+        data->ctx->here = hereNode;
+        data->ctx->xptr = 1;
     }
 
     /* execute xpath or xpointer expression */
     switch(data->type) {
-    case xmlSecXPathDataTypeXPath:    
-    case xmlSecXPathDataTypeXPath2:    
-	xpathObj = xmlXPathEvalExpression(data->expr, data->ctx);
-	if(xpathObj == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlXPathEvalExpression",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"expr=%s", 
-			xmlSecErrorsSafeString(data->expr));
-	    return(NULL);
-	}
-	break;
-    case xmlSecXPathDataTypeXPointer:    
-	xpathObj = xmlXPtrEval(data->expr, data->ctx);
-	if(xpathObj == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
+    case xmlSecXPathDataTypeXPath:
+    case xmlSecXPathDataTypeXPath2:
+        xpathObj = xmlXPathEvalExpression(data->expr, data->ctx);
+        if(xpathObj == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlXPathEvalExpression",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "expr=%s",
+                        xmlSecErrorsSafeString(data->expr));
+            return(NULL);
+        }
+        break;
+    case xmlSecXPathDataTypeXPointer:
+        xpathObj = xmlXPtrEval(data->expr, data->ctx);
+        if(xpathObj == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlXPtrEval",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "expr=%s",
+                        xmlSecErrorsSafeString(data->expr));
+            return(NULL);
+        }
+        break;
+    }
+
+    /* sometime LibXML2 returns an empty nodeset or just NULL, we want
+    to reserve NULL for our own purposes so we simply create an empty
+    node set here */
+    if(xpathObj->nodesetval == NULL) {
+	xpathObj->nodesetval = xmlXPathNodeSetCreate(NULL);
+	if(xpathObj->nodesetval == NULL) {
+		xmlXPathFreeObject(xpathObj);
+		xmlSecError(XMLSEC_ERRORS_HERE,
 			NULL,
-			"xmlXPtrEval",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"expr=%s", 
-			xmlSecErrorsSafeString(data->expr));
-	    return(NULL);
+                        "xmlXPathNodeSetCreate",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "expr=%s",
+                        xmlSecErrorsSafeString(data->expr));
+            	return(NULL);
 	}
-	break;
     }
-    
+
     nodes = xmlSecNodeSetCreate(doc, xpathObj->nodesetval, data->nodeSetType);
     if(nodes == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecNodeSetCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    "type=%d", data->nodeSetType);
-	xmlXPathFreeObject(xpathObj);     
-	return(NULL);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecNodeSetCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    "type=%d", data->nodeSetType);
+        xmlXPathFreeObject(xpathObj);
+        return(NULL);
     }
     xpathObj->nodesetval = NULL;
-    xmlXPathFreeObject(xpathObj); 
-    
+    xmlXPathFreeObject(xpathObj);
+
     return(nodes);
 }
 
@@ -303,34 +320,34 @@ xmlSecXPathDataExecute(xmlSecXPathDataPtr data, xmlDocPtr doc, xmlNodePtr hereNo
  * XPath data list
  *
  *****************************************************************************/
-#define xmlSecXPathDataListId	\
-	xmlSecXPathDataListGetKlass()
-static xmlSecPtrListId 	xmlSecXPathDataListGetKlass		(void);
-static xmlSecNodeSetPtr	xmlSecXPathDataListExecute		(xmlSecPtrListPtr dataList,
-								 xmlDocPtr doc,
-								 xmlNodePtr hereNode,
-								 xmlSecNodeSetPtr nodes);
+#define xmlSecXPathDataListId   \
+        xmlSecXPathDataListGetKlass()
+static xmlSecPtrListId  xmlSecXPathDataListGetKlass             (void);
+static xmlSecNodeSetPtr xmlSecXPathDataListExecute              (xmlSecPtrListPtr dataList,
+                                                                 xmlDocPtr doc,
+                                                                 xmlNodePtr hereNode,
+                                                                 xmlSecNodeSetPtr nodes);
 
 static xmlSecPtrListKlass xmlSecXPathDataListKlass = {
     BAD_CAST "xpath-data-list",
-    NULL,						/* xmlSecPtrDuplicateItemMethod duplicateItem; */
-    (xmlSecPtrDestroyItemMethod)xmlSecXPathDataDestroy,	/* xmlSecPtrDestroyItemMethod destroyItem; */
-    NULL,						/* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
-    NULL,						/* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
+    NULL,                                               /* xmlSecPtrDuplicateItemMethod duplicateItem; */
+    (xmlSecPtrDestroyItemMethod)xmlSecXPathDataDestroy, /* xmlSecPtrDestroyItemMethod destroyItem; */
+    NULL,                                               /* xmlSecPtrDebugDumpItemMethod debugDumpItem; */
+    NULL,                                               /* xmlSecPtrDebugDumpItemMethod debugXmlDumpItem; */
 };
 
-static xmlSecPtrListId 
+static xmlSecPtrListId
 xmlSecXPathDataListGetKlass(void) {
     return(&xmlSecXPathDataListKlass);
 }
 
-static xmlSecNodeSetPtr	
-xmlSecXPathDataListExecute(xmlSecPtrListPtr dataList, xmlDocPtr doc, 
-		    	   xmlNodePtr hereNode, xmlSecNodeSetPtr nodes) {
+static xmlSecNodeSetPtr
+xmlSecXPathDataListExecute(xmlSecPtrListPtr dataList, xmlDocPtr doc,
+                           xmlNodePtr hereNode, xmlSecNodeSetPtr nodes) {
     xmlSecXPathDataPtr data;
     xmlSecNodeSetPtr res, tmp, tmp2;
     xmlSecSize pos;
-    
+
     xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), NULL);
     xmlSecAssert2(xmlSecPtrListGetSize(dataList) > 0, NULL);
     xmlSecAssert2(doc != NULL, NULL);
@@ -339,45 +356,45 @@ xmlSecXPathDataListExecute(xmlSecPtrListPtr dataList, xmlDocPtr doc,
     res = nodes;
     for(pos = 0; pos < xmlSecPtrListGetSize(dataList); ++pos) {
         data = (xmlSecXPathDataPtr)xmlSecPtrListGetItem(dataList, pos);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        NULL,
-			"xmlSecPtrListGetItem",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"pos=%d", pos);
-	    if((res != NULL) && (res != nodes)) {
-		xmlSecNodeSetDestroy(res);
-	    }
-	    return(NULL);
-	}
-
-	tmp = xmlSecXPathDataExecute(data, doc, hereNode);
-	if(tmp == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecXPathDataExecute",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    if((res != NULL) && (res != nodes)) {
-		xmlSecNodeSetDestroy(res);
-	    }
-	    return(NULL);
-	}    
-
-	tmp2 = xmlSecNodeSetAdd(res, tmp, data->nodeSetOp);
-	if(tmp2 == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			NULL,
-			"xmlSecNodeSetAdd",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"xmlSecNodeSetIntersection");
-	    if((res != NULL) && (res != nodes)) {
-		xmlSecNodeSetDestroy(res);
-	    }
-	    xmlSecNodeSetDestroy(tmp);
-	    return(NULL);
-	}
-	res = tmp2;
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecPtrListGetItem",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "pos=%d", pos);
+            if((res != NULL) && (res != nodes)) {
+                xmlSecNodeSetDestroy(res);
+            }
+            return(NULL);
+        }
+
+        tmp = xmlSecXPathDataExecute(data, doc, hereNode);
+        if(tmp == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecXPathDataExecute",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            if((res != NULL) && (res != nodes)) {
+                xmlSecNodeSetDestroy(res);
+            }
+            return(NULL);
+        }
+
+        tmp2 = xmlSecNodeSetAdd(res, tmp, data->nodeSetOp);
+        if(tmp2 == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        NULL,
+                        "xmlSecNodeSetAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "xmlSecNodeSetIntersection");
+            if((res != NULL) && (res != nodes)) {
+                xmlSecNodeSetDestroy(res);
+            }
+            xmlSecNodeSetDestroy(tmp);
+            return(NULL);
+        }
+        res = tmp2;
     }
 
     return(res);
@@ -388,43 +405,43 @@ xmlSecXPathDataListExecute(xmlSecPtrListPtr dataList, xmlDocPtr doc,
  * XPath/XPointer transforms
  *
  * xmlSecXPathDataList is located after xmlSecTransform structure
- * 
+ *
  *****************************************************************************/
-#define xmlSecXPathTransformSize	\
+#define xmlSecXPathTransformSize        \
     (sizeof(xmlSecTransform) + sizeof(xmlSecPtrList))
 #define xmlSecXPathTransformGetDataList(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecXPathTransformSize)) ? \
-	(xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlSecPtrListPtr)NULL)
+        (xmlSecPtrListPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlSecPtrListPtr)NULL)
 #define xmlSecTransformXPathCheckId(transform) \
     (xmlSecTransformCheckId((transform), xmlSecTransformXPathId) || \
      xmlSecTransformCheckId((transform), xmlSecTransformXPath2Id) || \
      xmlSecTransformCheckId((transform), xmlSecTransformXPointerId))
 
-static int 		xmlSecTransformXPathInitialize	(xmlSecTransformPtr transform);
-static void		xmlSecTransformXPathFinalize	(xmlSecTransformPtr transform);
-static int 		xmlSecTransformXPathExecute	(xmlSecTransformPtr transform,
-							 int last, 
-							 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformXPathInitialize  (xmlSecTransformPtr transform);
+static void             xmlSecTransformXPathFinalize    (xmlSecTransformPtr transform);
+static int              xmlSecTransformXPathExecute     (xmlSecTransformPtr transform,
+                                                         int last,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 static int
-xmlSecTransformXPathInitialize(xmlSecTransformPtr transform) {	
+xmlSecTransformXPathInitialize(xmlSecTransformPtr transform) {
     xmlSecPtrListPtr dataList;
     int ret;
-        
+
     xmlSecAssert2(xmlSecTransformXPathCheckId(transform), -1);
 
     dataList = xmlSecXPathTransformGetDataList(transform);
     xmlSecAssert2(dataList != NULL, -1);
-    
+
     ret = xmlSecPtrListInitialize(dataList, xmlSecXPathDataListId);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecPtrListInitialize",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecPtrListInitialize",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -437,16 +454,16 @@ xmlSecTransformXPathFinalize(xmlSecTransformPtr transform) {
 
     dataList = xmlSecXPathTransformGetDataList(transform);
     xmlSecAssert(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId));
-    
+
     xmlSecPtrListFinalize(dataList);
 }
 
 static int
 xmlSecTransformXPathExecute(xmlSecTransformPtr transform, int last,
-			    xmlSecTransformCtxPtr transformCtx) {
+                            xmlSecTransformCtxPtr transformCtx) {
     xmlSecPtrListPtr dataList;
     xmlDocPtr doc;
-    
+
     xmlSecAssert2(xmlSecTransformXPathCheckId(transform), -1);
     xmlSecAssert2(transform->hereNode != NULL, -1);
     xmlSecAssert2(transform->outNodes == NULL, -1);
@@ -460,71 +477,71 @@ xmlSecTransformXPathExecute(xmlSecTransformPtr transform, int last,
     doc = (transform->inNodes != NULL) ? transform->inNodes->doc : transform->hereNode->doc;
     xmlSecAssert2(doc != NULL, -1);
 
-    transform->outNodes = xmlSecXPathDataListExecute(dataList, doc, 
-				transform->hereNode, transform->inNodes);
+    transform->outNodes = xmlSecXPathDataListExecute(dataList, doc,
+                                transform->hereNode, transform->inNodes);
     if(transform->outNodes == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataExecute",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataExecute",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     return(0);
 }
 
 /******************************************************************************
  *
  * XPath transform
- * 
+ *
  *****************************************************************************/
-static int 		xmlSecTransformXPathNodeRead	(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformXPathNodeRead    (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecTransformXPathKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecXPathTransformSize,			/* xmlSecSize objSize */
-
-    xmlSecNameXPath,				/* const xmlChar* name; */
-    xmlSecXPathNs, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-
-    xmlSecTransformXPathInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformXPathFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecTransformXPathNodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformDefaultPushXml,		/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecTransformDefaultPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformXPathExecute,		/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecXPathTransformSize,                   /* xmlSecSize objSize */
+
+    xmlSecNameXPath,                            /* const xmlChar* name; */
+    xmlSecXPathNs,                              /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    xmlSecTransformXPathInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformXPathFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecTransformXPathNodeRead,               /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformDefaultPushXml,              /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecTransformDefaultPopXml,               /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformXPathExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformXPathGetKlass:
  *
- * The XPath transform evaluates given XPath expression and 
- * intersects the result with the previous nodes set. See 
+ * The XPath transform evaluates given XPath expression and
+ * intersects the result with the previous nodes set. See
  * http://www.w3.org/TR/xmldsig-core/#sec-XPath for more details.
  *
  * Returns: XPath transform id.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformXPathGetKlass(void) {
     return(&xmlSecTransformXPathKlass);
 }
 
 static const char xpathPattern[] = "(//. | //@* | //namespace::*)[boolean(%s)]";
-static int 
+static int
 xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
     xmlSecPtrListPtr dataList;
     xmlSecXPathDataPtr data;
@@ -541,81 +558,81 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS
     xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
 
     /* there is only one required node */
-    cur = xmlSecGetNextElementNode(node->children);  
+    cur = xmlSecGetNextElementNode(node->children);
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeXPath, xmlSecDSigNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeXPath));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeXPath));
+        return(-1);
     }
-    
+
     /* read information from the node */
     data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPath);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
-    
+
     ret = xmlSecXPathDataNodeRead(data, cur);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
-        
+
     /* append it to the list */
     ret = xmlSecPtrListAdd(dataList, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
-    
+
     /* create full XPath expression */
     xmlSecAssert2(data->expr != NULL, -1);
-    tmp = (xmlChar*) xmlMalloc(sizeof(xmlChar) * (xmlStrlen(data->expr) + 
-						  strlen(xpathPattern) + 1));
+    tmp = (xmlChar*) xmlMalloc(sizeof(xmlChar) * (xmlStrlen(data->expr) +
+                                                  strlen(xpathPattern) + 1));
     if(tmp == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    "size=%d",
-		    xmlStrlen(data->expr) + strlen(xpathPattern) + 1);
-    	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    "size=%d",
+                    xmlStrlen(data->expr) + strlen(xpathPattern) + 1);
+        return(-1);
     }
-    sprintf((char*)tmp, xpathPattern, (char*)data->expr);	
+    sprintf((char*)tmp, xpathPattern, (char*)data->expr);
     xmlFree(data->expr);
     data->expr = tmp;
 
     /* set correct node set type and operation */
-    data->nodeSetOp 	= xmlSecNodeSetIntersection;
-    data->nodeSetType 	= xmlSecNodeSetNormal;
-    
+    data->nodeSetOp     = xmlSecNodeSetIntersection;
+    data->nodeSetType   = xmlSecNodeSetNormal;
+
     /* check that we have nothing else */
-    cur = xmlSecGetNextElementNode(cur->next);        
+    cur = xmlSecGetNextElementNode(cur->next);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -623,51 +640,51 @@ xmlSecTransformXPathNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlS
 /******************************************************************************
  *
  * XPath2 transform
- * 
+ *
  *****************************************************************************/
-static int 		xmlSecTransformXPath2NodeRead	(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformXPath2NodeRead   (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
 static xmlSecTransformKlass xmlSecTransformXPath2Klass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecXPathTransformSize,			/* xmlSecSize objSize */
-
-    xmlSecNameXPath2,				/* const xmlChar* name; */
-    xmlSecXPath2Ns, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-
-    xmlSecTransformXPathInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformXPathFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecTransformXPath2NodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformDefaultPushXml,		/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecTransformDefaultPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformXPathExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecXPathTransformSize,                   /* xmlSecSize objSize */
+
+    xmlSecNameXPath2,                           /* const xmlChar* name; */
+    xmlSecXPath2Ns,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    xmlSecTransformXPathInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformXPathFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecTransformXPath2NodeRead,              /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformDefaultPushXml,              /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecTransformDefaultPopXml,               /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformXPathExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformXPath2GetKlass:
- * 
+ *
  * The XPath2 transform (http://www.w3.org/TR/xmldsig-filter2/).
  *
  * Returns: XPath2 transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformXPath2GetKlass(void) {
     return(&xmlSecTransformXPath2Klass);
 }
 
-static int 
+static int
 xmlSecTransformXPath2NodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
     xmlSecPtrListPtr dataList;
     xmlSecXPathDataPtr data;
@@ -682,85 +699,85 @@ xmlSecTransformXPath2NodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xml
     dataList = xmlSecXPathTransformGetDataList(transform);
     xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
     xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
-    
+
     /* There are only xpath nodes */
-    cur = xmlSecGetNextElementNode(node->children);  
+    cur = xmlSecGetNextElementNode(node->children);
     while((cur != NULL) && xmlSecCheckNodeName(cur, xmlSecNodeXPath2, xmlSecXPath2Ns)) {
         /* read information from the node */
-	data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPath2);
-	if(data == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecXPathDataCreate",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPath2);
+        if(data == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecXPathDataCreate",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
 
         ret = xmlSecXPathDataNodeRead(data, cur);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecXPathDataNodeRead",
-		        XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXPathDataDestroy(data);
-	    return(-1);
-	}
-    
-        /* append it to the list */
-	ret = xmlSecPtrListAdd(dataList, data);
         if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		        "xmlSecPtrListAdd",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlSecXPathDataDestroy(data);
-	    return(-1);
-	}
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecXPathDataNodeRead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXPathDataDestroy(data);
+            return(-1);
+        }
 
-	/* set correct node set type and operation */
-	data->nodeSetType = xmlSecNodeSetTree;
-	op = xmlGetProp(cur, xmlSecAttrFilter);
-	if(op == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(xmlSecAttrFilter),
-			XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-			"node=%s",
-			xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
-	    return(-1);
-	}
+        /* append it to the list */
+        ret = xmlSecPtrListAdd(dataList, data);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecPtrListAdd",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlSecXPathDataDestroy(data);
+            return(-1);
+        }
+
+        /* set correct node set type and operation */
+        data->nodeSetType = xmlSecNodeSetTree;
+        op = xmlGetProp(cur, xmlSecAttrFilter);
+        if(op == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecAttrFilter),
+                        XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                        "node=%s",
+                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+            return(-1);
+        }
         if(xmlStrEqual(op, xmlSecXPath2FilterIntersect)) {
-    	    data->nodeSetOp = xmlSecNodeSetIntersection;
-	} else if(xmlStrEqual(op, xmlSecXPath2FilterSubtract)) {
-	    data->nodeSetOp = xmlSecNodeSetSubtraction;
-	} else if(xmlStrEqual(op, xmlSecXPath2FilterUnion)) {
-	    data->nodeSetOp = xmlSecNodeSetUnion;
-	} else {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			xmlSecErrorsSafeString(xmlSecAttrFilter),
-			XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
-			"filter=%s", 
-			xmlSecErrorsSafeString(op));
-	    xmlFree(op);
-	    return(-1);
-	}
-	xmlFree(op);
-
-        cur = xmlSecGetNextElementNode(cur->next);  
+            data->nodeSetOp = xmlSecNodeSetIntersection;
+        } else if(xmlStrEqual(op, xmlSecXPath2FilterSubtract)) {
+            data->nodeSetOp = xmlSecNodeSetSubtraction;
+        } else if(xmlStrEqual(op, xmlSecXPath2FilterUnion)) {
+            data->nodeSetOp = xmlSecNodeSetUnion;
+        } else {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        xmlSecErrorsSafeString(xmlSecAttrFilter),
+                        XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+                        "filter=%s",
+                        xmlSecErrorsSafeString(op));
+            xmlFree(op);
+            return(-1);
+        }
+        xmlFree(op);
+
+        cur = xmlSecGetNextElementNode(cur->next);
     }
 
     /* check that we have nothing else */
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -768,65 +785,65 @@ xmlSecTransformXPath2NodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xml
 /******************************************************************************
  *
  * XPointer transform
- * 
+ *
  *****************************************************************************/
-static int 		xmlSecTransformXPointerNodeRead	(xmlSecTransformPtr transform,
-							 xmlNodePtr node,
-							 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformXPointerNodeRead (xmlSecTransformPtr transform,
+                                                         xmlNodePtr node,
+                                                         xmlSecTransformCtxPtr transformCtx);
 static xmlSecTransformKlass xmlSecTransformXPointerKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecXPathTransformSize,			/* xmlSecSize objSize */
-
-    xmlSecNameXPointer,				/* const xmlChar* name; */
-    xmlSecXPointerNs, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-
-    xmlSecTransformXPathInitialize,		/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformXPathFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecTransformXPointerNodeRead,		/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformDefaultPushXml,		/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecTransformDefaultPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformXPathExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecXPathTransformSize,                   /* xmlSecSize objSize */
+
+    xmlSecNameXPointer,                         /* const xmlChar* name; */
+    xmlSecXPointerNs,                           /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    xmlSecTransformXPathInitialize,             /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformXPathFinalize,               /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecTransformXPointerNodeRead,            /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformDefaultPushXml,              /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecTransformDefaultPopXml,               /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformXPathExecute,                /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformXPointerGetKlass:
- * 
- * The XPointer transform klass 
+ *
+ * The XPointer transform klass
  * (http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt).
  *
  * Returns: XPointer transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformXPointerGetKlass(void) {
     return(&xmlSecTransformXPointerKlass);
 }
 
 /**
- * xmlSecTransformXPointerSetExpr: 
- * @transform:		the pointer to XPointer transform.
- * @expr:		the XPointer expression.
- * @nodeSetType:	the type of evaluated XPointer expression.
- * @hereNode:		the pointer to "here" node.
+ * xmlSecTransformXPointerSetExpr:
+ * @transform:          the pointer to XPointer transform.
+ * @expr:               the XPointer expression.
+ * @nodeSetType:        the type of evaluated XPointer expression.
+ * @hereNode:           the pointer to "here" node.
  *
  * Sets the XPointer expression for an XPointer @transform.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
-xmlSecTransformXPointerSetExpr(xmlSecTransformPtr transform, const xmlChar* expr, 
-			    xmlSecNodeSetType  nodeSetType, xmlNodePtr hereNode) {
+int
+xmlSecTransformXPointerSetExpr(xmlSecTransformPtr transform, const xmlChar* expr,
+                            xmlSecNodeSetType  nodeSetType, xmlNodePtr hereNode) {
     xmlSecPtrListPtr dataList;
     xmlSecXPathDataPtr data;
     int ret;
@@ -834,66 +851,66 @@ xmlSecTransformXPointerSetExpr(xmlSecTransformPtr transform, const xmlChar* expr
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXPointerId), -1);
     xmlSecAssert2(transform->hereNode == NULL, -1);
     xmlSecAssert2(expr != NULL, -1);
-    xmlSecAssert2(hereNode != NULL, -1);    
+    xmlSecAssert2(hereNode != NULL, -1);
 
     transform->hereNode = hereNode;
-    
+
     dataList = xmlSecXPathTransformGetDataList(transform);
     xmlSecAssert2(xmlSecPtrListCheckId(dataList, xmlSecXPathDataListId), -1);
     xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
 
     data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPointer);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecXPathDataRegisterNamespaces(data, hereNode);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataRegisterNamespaces",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataRegisterNamespaces",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
+    }
 
     ret = xmlSecXPathDataSetExpr(data, expr);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataSetExpr",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataSetExpr",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
-    
+
     /* append it to the list */
     ret = xmlSecPtrListAdd(dataList, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
 
     /* set correct node set type and operation */
-    data->nodeSetOp 	= xmlSecNodeSetIntersection;
-    data->nodeSetType 	= nodeSetType;
-    
+    data->nodeSetOp     = xmlSecNodeSetIntersection;
+    data->nodeSetType   = nodeSetType;
+
     return(0);
 }
 
-static int 
+static int
 xmlSecTransformXPointerNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransformCtxPtr transformCtx) {
     xmlSecPtrListPtr dataList;
     xmlSecXPathDataPtr data;
@@ -909,64 +926,64 @@ xmlSecTransformXPointerNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, x
     xmlSecAssert2(xmlSecPtrListGetSize(dataList) == 0, -1);
 
     /* there is only one required node */
-    cur = xmlSecGetNextElementNode(node->children);  
+    cur = xmlSecGetNextElementNode(node->children);
     if((cur == NULL) || (!xmlSecCheckNodeName(cur, xmlSecNodeXPointer, xmlSecXPointerNs))) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_INVALID_NODE,
-		    "expected=%s",
-		    xmlSecErrorsSafeString(xmlSecNodeXPath));
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_INVALID_NODE,
+                    "expected=%s",
+                    xmlSecErrorsSafeString(xmlSecNodeXPath));
+        return(-1);
     }
-    
+
     /* read information from the node */
     data = xmlSecXPathDataCreate(xmlSecXPathDataTypeXPointer);
     if(data == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     ret = xmlSecXPathDataNodeRead(data, cur);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecXPathDataNodeRead",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecXPathDataNodeRead",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
-    
+
     /* append it to the list */
     ret = xmlSecPtrListAdd(dataList, data);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecPtrListAdd",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlSecXPathDataDestroy(data);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecPtrListAdd",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlSecXPathDataDestroy(data);
+        return(-1);
     }
 
     /* set correct node set type and operation */
-    data->nodeSetOp 	= xmlSecNodeSetIntersection;
-    data->nodeSetType 	= xmlSecNodeSetTree;
-    
+    data->nodeSetOp     = xmlSecNodeSetIntersection;
+    data->nodeSetType   = xmlSecNodeSetTree;
+
     /* check that we have nothing else */
-    cur = xmlSecGetNextElementNode(cur->next);        
+    cur = xmlSecGetNextElementNode(cur->next);
     if(cur != NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
-		    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
+                    XMLSEC_ERRORS_R_UNEXPECTED_NODE,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
     return(0);
 }
@@ -975,78 +992,78 @@ xmlSecTransformXPointerNodeRead(xmlSecTransformPtr transform, xmlNodePtr node, x
 /******************************************************************************
  *
  * Visa3DHack transform
- * 
+ *
  *****************************************************************************/
-#define xmlSecVisa3DHackTransformSize	\
+#define xmlSecVisa3DHackTransformSize   \
     (sizeof(xmlSecTransform) + sizeof(xmlChar*))
 #define xmlSecVisa3DHackTransformGetIDPtr(transform) \
     ((xmlSecTransformCheckSize((transform), xmlSecVisa3DHackTransformSize)) ? \
-	(xmlChar**)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
-	(xmlChar**)NULL)
+        (xmlChar**)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)) : \
+        (xmlChar**)NULL)
 #define xmlSecTransformVisa3DHackCheckId(transform) \
     (xmlSecTransformCheckId((transform), xmlSecTransformVisa3DHackId))
 
-static int 		xmlSecTransformVisa3DHackInitialize	(xmlSecTransformPtr transform);
-static void		xmlSecTransformVisa3DHackFinalize	(xmlSecTransformPtr transform);
-static int 		xmlSecTransformVisa3DHackExecute	(xmlSecTransformPtr transform,
-								 int last, 
-								 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecTransformVisa3DHackInitialize     (xmlSecTransformPtr transform);
+static void             xmlSecTransformVisa3DHackFinalize       (xmlSecTransformPtr transform);
+static int              xmlSecTransformVisa3DHackExecute        (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
 
 static xmlSecTransformKlass xmlSecTransformVisa3DHackKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecVisa3DHackTransformSize,		/* xmlSecSize objSize */
-
-    BAD_CAST "Visa3DHackTransform",		/* const xmlChar* name; */
-    NULL,					/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecTransformUsage	usage; */
-
-    xmlSecTransformVisa3DHackInitialize,	/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecTransformVisa3DHackFinalize,		/* xmlSecTransformFinalizeMethod finalize; */
-    NULL,					/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    NULL,					/* xmlSecTransformPushBinMethod pushBin; */
-    NULL,					/* xmlSecTransformPopBinMethod popBin; */
-    xmlSecTransformDefaultPushXml,		/* xmlSecTransformPushXmlMethod pushXml; */
-    xmlSecTransformDefaultPopXml,		/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecTransformVisa3DHackExecute,		/* xmlSecTransformExecuteMethod execute; */
-
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecVisa3DHackTransformSize,              /* xmlSecSize objSize */
+
+    BAD_CAST "Visa3DHackTransform",             /* const xmlChar* name; */
+    NULL,                                       /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecTransformUsage usage; */
+
+    xmlSecTransformVisa3DHackInitialize,        /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecTransformVisa3DHackFinalize,          /* xmlSecTransformFinalizeMethod finalize; */
+    NULL,                                       /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    NULL,                                       /* xmlSecTransformPushBinMethod pushBin; */
+    NULL,                                       /* xmlSecTransformPopBinMethod popBin; */
+    xmlSecTransformDefaultPushXml,              /* xmlSecTransformPushXmlMethod pushXml; */
+    xmlSecTransformDefaultPopXml,               /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecTransformVisa3DHackExecute,           /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
 /**
  * xmlSecTransformVisa3DHackGetKlass:
- * 
- * The Visa3DHack transform klass. The only reason why we need this 
- * is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows 
- * invalid XPointer expressions in the URI attribute. Since we couldn't evaluate 
- * such expressions thru XPath/XPointer engine, we need to have this hack here. 
+ *
+ * The Visa3DHack transform klass. The only reason why we need this
+ * is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
+ * invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
+ * such expressions thru XPath/XPointer engine, we need to have this hack here.
  *
  * Returns: Visa3DHack transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformVisa3DHackGetKlass(void) {
     return(&xmlSecTransformVisa3DHackKlass);
 }
 
 /**
  * xmlSecTransformVisa3DHackSetID:
- * @transform:		the pointer to Visa3DHack transform.
- * @id:			the ID value.
+ * @transform:          the pointer to Visa3DHack transform.
+ * @id:                 the ID value.
  *
  * Sets the ID value for an Visa3DHack @transform.
  *
  * Returns: 0 on success or a negative value if an error occurs.
  */
-int 
+int
 xmlSecTransformVisa3DHackSetID(xmlSecTransformPtr transform, const xmlChar* id) {
     xmlChar** idPtr;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformVisa3DHackId), -1);
     xmlSecAssert2(id != NULL, -1);
 
@@ -1056,19 +1073,19 @@ xmlSecTransformVisa3DHackSetID(xmlSecTransformPtr transform, const xmlChar* id)
 
     (*idPtr) = xmlStrdup(id);
     if((*idPtr) == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlStrdup",
-		    XMLSEC_ERRORS_R_MALLOC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlStrdup",
+                    XMLSEC_ERRORS_R_MALLOC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     return(0);
 }
 
 static int
-xmlSecTransformVisa3DHackInitialize(xmlSecTransformPtr transform) {	
+xmlSecTransformVisa3DHackInitialize(xmlSecTransformPtr transform) {
     xmlSecAssert2(xmlSecTransformVisa3DHackCheckId(transform), -1);
 
     return(0);
@@ -1082,21 +1099,21 @@ xmlSecTransformVisa3DHackFinalize(xmlSecTransformPtr transform) {
 
     idPtr = xmlSecVisa3DHackTransformGetIDPtr(transform);
     xmlSecAssert(idPtr != NULL);
-    
+
     if((*idPtr) != NULL) {
-	xmlFree((*idPtr));
+        xmlFree((*idPtr));
     }
     (*idPtr) = NULL;
 }
 
 static int
 xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last,
-			    xmlSecTransformCtxPtr transformCtx) {
+                            xmlSecTransformCtxPtr transformCtx) {
     xmlChar** idPtr;
     xmlDocPtr doc;
     xmlAttrPtr attr;
     xmlNodeSetPtr nodeSet;
-    
+
     xmlSecAssert2(xmlSecTransformVisa3DHackCheckId(transform), -1);
     xmlSecAssert2(transform->outNodes == NULL, -1);
     xmlSecAssert2(last != 0, -1);
@@ -1111,36 +1128,36 @@ xmlSecTransformVisa3DHackExecute(xmlSecTransformPtr transform, int last,
 
     attr = xmlGetID(doc, (*idPtr));
     if((attr == NULL) || (attr->parent == NULL)) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlGetID",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "id=\"%s\"",
-		    xmlSecErrorsSafeString((*idPtr)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlGetID",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "id=\"%s\"",
+                    xmlSecErrorsSafeString((*idPtr)));
+        return(-1);
+    }
 
     nodeSet = xmlXPathNodeSetCreate(attr->parent);
     if(nodeSet == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlXPathNodeSetCreate",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    "id=\"%s\"",
-		    xmlSecErrorsSafeString((*idPtr)));
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlXPathNodeSetCreate",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    "id=\"%s\"",
+                    xmlSecErrorsSafeString((*idPtr)));
+        return(-1);
+    }
 
     transform->outNodes = xmlSecNodeSetCreate(doc, nodeSet, xmlSecNodeSetTreeWithoutComments);
     if(transform->outNodes == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecNodeSetCreate",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlXPathFreeNodeSet(nodeSet);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecNodeSetCreate",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlXPathFreeNodeSet(nodeSet);
+        return(-1);
+    }
     return(0);
 }
 
diff --git a/src/xslt.c b/src/xslt.c
index e5e52685..0353a251 100644
--- a/src/xslt.c
+++ b/src/xslt.c
@@ -1,11 +1,11 @@
-/** 
+/**
  * XML Security Library (http://www.aleksey.com/xmlsec).
  *
  * XSLT Transform (http://www.w3.org/TR/xmldsig-core/#sec-XSLT)
  *
  * This is free software; see Copyright file in the source
  * distribution for preciese wording.
- * 
+ *
  * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com>
  */
 #include "globals.h"
@@ -14,7 +14,7 @@
 
 #include <stdlib.h>
 #include <string.h>
- 
+
 #include <libxml/tree.h>
 #include <libxslt/xslt.h>
 #include <libxslt/xsltInternals.h>
@@ -28,122 +28,173 @@
 #include <xmlsec/keys.h>
 #include <xmlsec/parser.h>
 #include <xmlsec/errors.h>
+#include <xmlsec/private/xslt.h>
 
 /**************************************************************************
  *
  * Internal xslt ctx
  *
  *****************************************************************************/
-typedef struct _xmlSecXsltCtx			xmlSecXsltCtx, *xmlSecXsltCtxPtr;
+typedef struct _xmlSecXsltCtx                   xmlSecXsltCtx, *xmlSecXsltCtxPtr;
 struct _xmlSecXsltCtx {
-    xsltStylesheetPtr	xslt;
-    xmlParserCtxtPtr 	parserCtx;
-};	    
+    xsltStylesheetPtr   xslt;
+    xmlParserCtxtPtr    parserCtx;
+};
 
 /****************************************************************************
  *
  * XSLT transform
  *
  * xmlSecXsltCtx is located after xmlSecTransform
- * 
+ *
  ***************************************************************************/
-#define xmlSecXsltSize	\
-    (sizeof(xmlSecTransform) + sizeof(xmlSecXsltCtx))	
+#define xmlSecXsltSize  \
+    (sizeof(xmlSecTransform) + sizeof(xmlSecXsltCtx))
 #define xmlSecXsltGetCtx(transform) \
     ((xmlSecXsltCtxPtr)(((xmlSecByte*)(transform)) + sizeof(xmlSecTransform)))
 
-static int		xmlSecXsltInitialize			(xmlSecTransformPtr transform);
-static void		xmlSecXsltFinalize			(xmlSecTransformPtr transform);
-static int 		xmlSecXsltReadNode			(xmlSecTransformPtr transform,
-								 xmlNodePtr node,
-								 xmlSecTransformCtxPtr transformCtx);
-static int 		xmlSecXsltPushBin			(xmlSecTransformPtr transform, 
-								 const xmlSecByte* data,
-								 xmlSecSize dataSize,
-								 int final,
-							         xmlSecTransformCtxPtr transformCtx);
-static int  		xmlSecXsltExecute			(xmlSecTransformPtr transform, 
-								 int last,
-								 xmlSecTransformCtxPtr transformCtx);
-static int		xmlSecXslProcess			(xmlSecBufferPtr in,
-								 xmlSecBufferPtr out,
-								 xsltStylesheetPtr stylesheet);
+static int              xmlSecXsltInitialize                    (xmlSecTransformPtr transform);
+static void             xmlSecXsltFinalize                      (xmlSecTransformPtr transform);
+static int              xmlSecXsltReadNode                      (xmlSecTransformPtr transform,
+                                                                 xmlNodePtr node,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecXsltPushBin                       (xmlSecTransformPtr transform,
+                                                                 const xmlSecByte* data,
+                                                                 xmlSecSize dataSize,
+                                                                 int final,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecXsltExecute                       (xmlSecTransformPtr transform,
+                                                                 int last,
+                                                                 xmlSecTransformCtxPtr transformCtx);
+static int              xmlSecXslProcess                        (xmlSecXsltCtxPtr ctx,
+                                                                 xmlSecBufferPtr in,
+                                                                 xmlSecBufferPtr out);
+static xmlDocPtr        xmlSecXsApplyStylesheet                 (xmlSecXsltCtxPtr ctx,
+                                                                 xmlDocPtr doc);
+                                                                 
 static xmlSecTransformKlass xmlSecXsltKlass = {
     /* klass/object sizes */
-    sizeof(xmlSecTransformKlass),		/* xmlSecSize klassSize */
-    xmlSecXsltSize,				/* xmlSecSize objSize */
-
-    xmlSecNameXslt,				/* const xmlChar* name; */
-    xmlSecHrefXslt, 				/* const xmlChar* href; */
-    xmlSecTransformUsageDSigTransform,		/* xmlSecAlgorithmUsage usage; */
-
-    xmlSecXsltInitialize,			/* xmlSecTransformInitializeMethod initialize; */
-    xmlSecXsltFinalize,				/* xmlSecTransformFinalizeMethod finalize; */
-    xmlSecXsltReadNode,				/* xmlSecTransformNodeReadMethod readNode; */
-    NULL,					/* xmlSecTransformNodeWriteMethod writeNode; */
-    NULL,					/* xmlSecTransformSetKeyReqMethod setKeyReq; */
-    NULL,					/* xmlSecTransformSetKeyMethod setKey; */
-    NULL,					/* xmlSecTransformValidateMethod validate; */
-    xmlSecTransformDefaultGetDataType,		/* xmlSecTransformGetDataTypeMethod getDataType; */
-    xmlSecXsltPushBin,				/* xmlSecTransformPushBinMethod pushBin; */
-    xmlSecTransformDefaultPopBin,		/* xmlSecTransformPopBinMethod popBin; */
-    NULL,					/* xmlSecTransformPushXmlMethod pushXml; */
-    NULL,					/* xmlSecTransformPopXmlMethod popXml; */
-    xmlSecXsltExecute,				/* xmlSecTransformExecuteMethod execute; */
-    
-    NULL,					/* void* reserved0; */
-    NULL,					/* void* reserved1; */
+    sizeof(xmlSecTransformKlass),               /* xmlSecSize klassSize */
+    xmlSecXsltSize,                             /* xmlSecSize objSize */
+
+    xmlSecNameXslt,                             /* const xmlChar* name; */
+    xmlSecHrefXslt,                             /* const xmlChar* href; */
+    xmlSecTransformUsageDSigTransform,          /* xmlSecAlgorithmUsage usage; */
+
+    xmlSecXsltInitialize,                       /* xmlSecTransformInitializeMethod initialize; */
+    xmlSecXsltFinalize,                         /* xmlSecTransformFinalizeMethod finalize; */
+    xmlSecXsltReadNode,                         /* xmlSecTransformNodeReadMethod readNode; */
+    NULL,                                       /* xmlSecTransformNodeWriteMethod writeNode; */
+    NULL,                                       /* xmlSecTransformSetKeyReqMethod setKeyReq; */
+    NULL,                                       /* xmlSecTransformSetKeyMethod setKey; */
+    NULL,                                       /* xmlSecTransformValidateMethod validate; */
+    xmlSecTransformDefaultGetDataType,          /* xmlSecTransformGetDataTypeMethod getDataType; */
+    xmlSecXsltPushBin,                          /* xmlSecTransformPushBinMethod pushBin; */
+    xmlSecTransformDefaultPopBin,               /* xmlSecTransformPopBinMethod popBin; */
+    NULL,                                       /* xmlSecTransformPushXmlMethod pushXml; */
+    NULL,                                       /* xmlSecTransformPopXmlMethod popXml; */
+    xmlSecXsltExecute,                          /* xmlSecTransformExecuteMethod execute; */
+
+    NULL,                                       /* void* reserved0; */
+    NULL,                                       /* void* reserved1; */
 };
 
+
+#define XMLSEC_XSLT_COPY_SEC_PREF(src, dst, pref) \
+    xsltSetSecurityPrefs((dst), (pref),  xsltGetSecurityPrefs((src), (pref)))
+
+static xsltSecurityPrefsPtr g_xslt_default_security_prefs = NULL;
+
+void xmlSecTransformXsltInitialize(void) {
+    xmlSecAssert(g_xslt_default_security_prefs == NULL);
+
+    g_xslt_default_security_prefs = xsltNewSecurityPrefs();
+    xmlSecAssert(g_xslt_default_security_prefs != NULL);
+    xsltSetSecurityPrefs(g_xslt_default_security_prefs,  XSLT_SECPREF_READ_FILE,        xsltSecurityForbid);
+    xsltSetSecurityPrefs(g_xslt_default_security_prefs,  XSLT_SECPREF_WRITE_FILE,       xsltSecurityForbid);
+    xsltSetSecurityPrefs(g_xslt_default_security_prefs,  XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid);
+    xsltSetSecurityPrefs(g_xslt_default_security_prefs,  XSLT_SECPREF_READ_NETWORK,     xsltSecurityForbid);
+    xsltSetSecurityPrefs(g_xslt_default_security_prefs,  XSLT_SECPREF_WRITE_NETWORK,    xsltSecurityForbid);
+}
+
+void xmlSecTransformXsltShutdown(void) {
+    if(g_xslt_default_security_prefs != NULL) {
+        xsltFreeSecurityPrefs(g_xslt_default_security_prefs);
+        g_xslt_default_security_prefs = NULL;
+    }
+}
+
+/**
+ * xmlSecTransformXsltSetDefaultSecurityPrefs:
+ * @sec: the new security preferences
+ *
+ * Sets the new default security preferences. The xmlsec default security policy is 
+ * to disable everything.
+ */
+XMLSEC_EXPORT void
+xmlSecTransformXsltSetDefaultSecurityPrefs(xsltSecurityPrefsPtr sec) {
+    xmlSecAssert(sec != NULL);
+    xmlSecAssert(g_xslt_default_security_prefs != NULL);
+    
+    /* copy prefs */
+    XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_READ_FILE);
+    XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_WRITE_FILE);
+    XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_CREATE_DIRECTORY);
+    XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_READ_NETWORK);
+    XMLSEC_XSLT_COPY_SEC_PREF(sec, g_xslt_default_security_prefs, XSLT_SECPREF_WRITE_NETWORK);
+}
+
 /**
  * xmlSecTransformXsltGetKlass:
  *
  * XSLT transform klass (http://www.w3.org/TR/xmldsig-core/#sec-XSLT):
  *
- * The normative specification for XSL Transformations is [XSLT]. 
- * Specification of a namespace-qualified stylesheet element, which MUST be 
- * the sole child of the Transform element, indicates that the specified style 
- * sheet should be used. Whether this instantiates in-line processing of local 
- * XSLT declarations within the resource is determined by the XSLT processing 
- * model; the ordered application of multiple stylesheet may require multiple 
- * Transforms. No special provision is made for the identification of a remote 
- * stylesheet at a given URI because it can be communicated via an  xsl:include 
+ * The normative specification for XSL Transformations is [XSLT].
+ * Specification of a namespace-qualified stylesheet element, which MUST be
+ * the sole child of the Transform element, indicates that the specified style
+ * sheet should be used. Whether this instantiates in-line processing of local
+ * XSLT declarations within the resource is determined by the XSLT processing
+ * model; the ordered application of multiple stylesheet may require multiple
+ * Transforms. No special provision is made for the identification of a remote
+ * stylesheet at a given URI because it can be communicated via an  xsl:include
  * or  xsl:import within the stylesheet child of the Transform.
  *
- * This transform requires an octet stream as input. If the actual input is an 
- * XPath node-set, then the signature application should attempt to convert it 
- * to octets (apply Canonical XML]) as described in the Reference Processing 
+ * This transform requires an octet stream as input. If the actual input is an
+ * XPath node-set, then the signature application should attempt to convert it
+ * to octets (apply Canonical XML]) as described in the Reference Processing
  * Model (section 4.3.3.2).]
  *
- * The output of this transform is an octet stream. The processing rules for 
+ * The output of this transform is an octet stream. The processing rules for
  * the XSL style sheet or transform element are stated in the XSLT specification
- * [XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml 
- * for XML and HTML. As XSLT implementations do not produce consistent 
- * serializations of their output, we further RECOMMEND inserting a transform 
- * after the XSLT transform to canonicalize the output. These steps will help 
- * to ensure interoperability of the resulting signatures among applications 
- * that support the XSLT transform. Note that if the output is actually HTML, 
+ * [XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml
+ * for XML and HTML. As XSLT implementations do not produce consistent
+ * serializations of their output, we further RECOMMEND inserting a transform
+ * after the XSLT transform to canonicalize the output. These steps will help
+ * to ensure interoperability of the resulting signatures among applications
+ * that support the XSLT transform. Note that if the output is actually HTML,
  * then the result of these steps is logically equivalent [XHTML].
  *
  * Returns: pointer to XSLT transform klass.
  */
-xmlSecTransformId 
+xmlSecTransformId
 xmlSecTransformXsltGetKlass(void) {
     return(&xmlSecXsltKlass);
 }
-    
-static int 
-xmlSecXsltInitialize(xmlSecTransformPtr transform) {    
+
+static int
+xmlSecXsltInitialize(xmlSecTransformPtr transform) {
     xmlSecXsltCtxPtr ctx;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXsltId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecXsltSize), -1);
 
     ctx = xmlSecXsltGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
-    
+
     /* initialize context */
     memset(ctx, 0, sizeof(xmlSecXsltCtx));
+    
+    /* done */
     return(0);
 }
 
@@ -156,12 +207,12 @@ xmlSecXsltFinalize(xmlSecTransformPtr transform) {
 
     ctx = xmlSecXsltGetCtx(transform);
     xmlSecAssert(ctx != NULL);
-    
+
     if(ctx->xslt != NULL) {
-	xsltFreeStylesheet(ctx->xslt);
+        xsltFreeStylesheet(ctx->xslt);
     }
     if(ctx->parserCtx != NULL) {
-	xmlFreeParserCtxt(ctx->parserCtx);
+        xmlFreeParserCtxt(ctx->parserCtx);
     }
     memset(ctx, 0, sizeof(xmlSecXsltCtx));
 }
@@ -172,70 +223,70 @@ xmlSecXsltReadNode(xmlSecTransformPtr transform, xmlNodePtr node, xmlSecTransfor
     xmlBufferPtr buffer;
     xmlDocPtr doc;
     xmlNodePtr cur;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXsltId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecXsltSize), -1);
-    xmlSecAssert2(node != NULL, -1);    
-    xmlSecAssert2(transformCtx != NULL, -1);    
+    xmlSecAssert2(node != NULL, -1);
+    xmlSecAssert2(transformCtx != NULL, -1);
 
     ctx = xmlSecXsltGetCtx(transform);
     xmlSecAssert2(ctx != NULL, -1);
     xmlSecAssert2(ctx->xslt == NULL, -1);
 
-    /* read content in the buffer */    
+    /* read content in the buffer */
     buffer = xmlBufferCreate();
     if(buffer == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlBufferCreate",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
-    }    
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlBufferCreate",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
+    }
     cur = node->children;
     while(cur != NULL) {
-	xmlNodeDump(buffer, cur->doc, cur, 0, 0);
-	cur = cur->next;
+        xmlNodeDump(buffer, cur->doc, cur, 0, 0);
+        cur = cur->next;
     }
-    
+
     /* parse the buffer */
-    doc = xmlSecParseMemory(xmlBufferContent(buffer), 
-			     xmlBufferLength(buffer), 1);
+    doc = xmlSecParseMemory(xmlBufferContent(buffer),
+                             xmlBufferLength(buffer), 1);
     if(doc == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xmlSecParseMemory",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	xmlBufferFree(buffer);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xmlSecParseMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        xmlBufferFree(buffer);
+        return(-1);
     }
 
-    /* pre-process stylesheet */    
+    /* pre-process stylesheet */
     ctx->xslt = xsltParseStylesheetDoc(doc);
     if(ctx->xslt == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    "xsltParseStylesheetDoc",
-		    XMLSEC_ERRORS_R_XSLT_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	/* after parsing stylesheet doc is assigned
-	 * to it and will be freed by xsltFreeStylesheet() */    
-	xmlFreeDoc(doc);
-	xmlBufferFree(buffer);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    "xsltParseStylesheetDoc",
+                    XMLSEC_ERRORS_R_XSLT_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        /* after parsing stylesheet doc is assigned
+         * to it and will be freed by xsltFreeStylesheet() */
+        xmlFreeDoc(doc);
+        xmlBufferFree(buffer);
+        return(-1);
     }
-    
+
     xmlBufferFree(buffer);
     return(0);
 }
 
-static int 
+static int
 xmlSecXsltPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
-				xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
+                                xmlSecSize dataSize, int final, xmlSecTransformCtxPtr transformCtx) {
     xmlSecXsltCtxPtr ctx;
     int ret;
-    
+
     xmlSecAssert2(xmlSecTransformCheckId(transform, xmlSecTransformXsltId), -1);
     xmlSecAssert2(xmlSecTransformCheckSize(transform, xmlSecXsltSize), -1);
     xmlSecAssert2(transformCtx != NULL, -1);
@@ -246,136 +297,136 @@ xmlSecXsltPushBin(xmlSecTransformPtr transform, const xmlSecByte* data,
 
     /* check/update current transform status */
     if(transform->status == xmlSecTransformStatusNone) {
-	xmlSecAssert2(ctx->parserCtx == NULL, -1);
-	
-	ctx->parserCtx = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
-	if(ctx->parserCtx == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlCreatePushParserCtxt",
-		        XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
+        xmlSecAssert2(ctx->parserCtx == NULL, -1);
+
+        ctx->parserCtx = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
+        if(ctx->parserCtx == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlCreatePushParserCtxt",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
 
         /* required for c14n! */
-	ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 
-	ctx->parserCtx->replaceEntities = 1;
+        ctx->parserCtx->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
+        ctx->parserCtx->replaceEntities = 1;
 
-	transform->status = xmlSecTransformStatusWorking;
+        transform->status = xmlSecTransformStatusWorking;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	return(0);
+        return(0);
     } else if(transform->status != xmlSecTransformStatusWorking) {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     xmlSecAssert2(transform->status == xmlSecTransformStatusWorking, -1);
     xmlSecAssert2(ctx->parserCtx != NULL, -1);
-    
+
     /* push data to the input buffer */
     if((data != NULL) && (dataSize > 0)) {
-	ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
-	if(ret != 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			"size=%d", dataSize);
-	    return(-1);
-	}	
-    }    
-    
+        ret = xmlParseChunk(ctx->parserCtx, (const char*)data, dataSize, 0);
+        if(ret != 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        "size=%d", dataSize);
+            return(-1);
+        }
+    }
+
     /* finish parsing, apply xslt transforms and push to next in the chain */
     if(final != 0) {
         xmlDocPtr docIn;
         xmlDocPtr docOut;
         xmlOutputBufferPtr output;
 
-	/* finalize */
-	ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
-	if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlParseChunk",
-			XMLSEC_ERRORS_R_XML_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}	
-
-	/* todo: check that document is well formed? */
-	docIn = ctx->parserCtx->myDoc;
-	ctx->parserCtx->myDoc = NULL;
-
-	docOut = xsltApplyStylesheet(ctx->xslt, docIn, NULL);
-	if(docOut == NULL) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xsltApplyStylesheet",
-			XMLSEC_ERRORS_R_XSLT_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFreeDoc(docIn);
-	    return(-1);
-	}
-	xmlFreeDoc(docIn);
-    
-	if(transform->next != NULL) {
-	    output = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
-	    if(output == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-		    	    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecTransformCreateOutputBuffer",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlFreeDoc(docOut);
-		return(-1);
-	    }
-	} else {
-	    output = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
-	    if(output == NULL) {
-		xmlSecError(XMLSEC_ERRORS_HERE,
-			    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			    "xmlSecBufferCreateOutputBuffer",
-			    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			    XMLSEC_ERRORS_NO_MESSAGE);
-		xmlFreeDoc(docOut);
-		return(-1);
-	    }
-	}	
-
-	ret = xsltSaveResultTo(output, docOut, ctx->xslt);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xsltSaveResultTo",
-			XMLSEC_ERRORS_R_XSLT_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlOutputBufferClose(output);
-	    xmlFreeDoc(docOut);
-	    return(-1);
-	}
-	ret = xmlOutputBufferClose(output);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE,
-		        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlOutputBufferClose",
-			XMLSEC_ERRORS_R_XML_FAILED,
-		        XMLSEC_ERRORS_NO_MESSAGE);
-	    xmlFreeDoc(docOut);
-	    return(-1);
-	}
-	xmlFreeDoc(docOut);
-
-	transform->status = xmlSecTransformStatusFinished;
+        /* finalize */
+        ret = xmlParseChunk(ctx->parserCtx, NULL, 0, 1);
+        if((ret != 0) || (ctx->parserCtx->myDoc == NULL)) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlParseChunk",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        /* todo: check that document is well formed? */
+        docIn = ctx->parserCtx->myDoc;
+        ctx->parserCtx->myDoc = NULL;
+
+        docOut = xmlSecXsApplyStylesheet(ctx, docIn);
+        if(docOut == NULL) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecXsApplyStylesheet",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFreeDoc(docIn);
+            return(-1);
+        }
+        xmlFreeDoc(docIn);
+
+        if(transform->next != NULL) {
+            output = xmlSecTransformCreateOutputBuffer(transform->next, transformCtx);
+            if(output == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecTransformCreateOutputBuffer",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFreeDoc(docOut);
+                return(-1);
+            }
+        } else {
+            output = xmlSecBufferCreateOutputBuffer(&(transform->outBuf));
+            if(output == NULL) {
+                xmlSecError(XMLSEC_ERRORS_HERE,
+                            xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                            "xmlSecBufferCreateOutputBuffer",
+                            XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                            XMLSEC_ERRORS_NO_MESSAGE);
+                xmlFreeDoc(docOut);
+                return(-1);
+            }
+        }
+
+        ret = xsltSaveResultTo(output, docOut, ctx->xslt);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xsltSaveResultTo",
+                        XMLSEC_ERRORS_R_XSLT_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlOutputBufferClose(output);
+            xmlFreeDoc(docOut);
+            return(-1);
+        }
+        ret = xmlOutputBufferClose(output);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlOutputBufferClose",
+                        XMLSEC_ERRORS_R_XML_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            xmlFreeDoc(docOut);
+            return(-1);
+        }
+        xmlFreeDoc(docOut);
+
+        transform->status = xmlSecTransformStatusFinished;
     }
 
     return(0);
 }
 
-static int 
+static int
 xmlSecXsltExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr transformCtx) {
     xmlSecXsltCtxPtr ctx;
     xmlSecBufferPtr in, out;
@@ -393,57 +444,57 @@ xmlSecXsltExecute(xmlSecTransformPtr transform, int last, xmlSecTransformCtxPtr
     in = &(transform->inBuf);
     out = &(transform->outBuf);
     inSize = xmlSecBufferGetSize(in);
-    outSize = xmlSecBufferGetSize(out);    
-    
+    outSize = xmlSecBufferGetSize(out);
+
     if(transform->status == xmlSecTransformStatusNone) {
-	transform->status = xmlSecTransformStatusWorking;
-    } 
-    
+        transform->status = xmlSecTransformStatusWorking;
+    }
+
     if((transform->status == xmlSecTransformStatusWorking) && (last == 0)) {
-	/* just do nothing */
-	xmlSecAssert2(outSize == 0, -1);
+        /* just do nothing */
+        xmlSecAssert2(outSize == 0, -1);
 
     } else  if((transform->status == xmlSecTransformStatusWorking) && (last != 0)) {
-	xmlSecAssert2(outSize == 0, -1);
-
-	ret = xmlSecXslProcess(in, out, ctx->xslt);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecXslProcess",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			XMLSEC_ERRORS_NO_MESSAGE);
-	    return(-1);
-	}
-	
-	ret = xmlSecBufferRemoveHead(in, inSize);
-	if(ret < 0) {
-	    xmlSecError(XMLSEC_ERRORS_HERE, 
-			xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-			"xmlSecBufferRemoveHead",
-			XMLSEC_ERRORS_R_XMLSEC_FAILED,
-			"size=%d", inSize);
-	    return(-1);
-	}
-	
-	transform->status = xmlSecTransformStatusFinished;
+        xmlSecAssert2(outSize == 0, -1);
+
+        ret = xmlSecXslProcess(ctx, in, out);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecXslProcess",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        XMLSEC_ERRORS_NO_MESSAGE);
+            return(-1);
+        }
+
+        ret = xmlSecBufferRemoveHead(in, inSize);
+        if(ret < 0) {
+            xmlSecError(XMLSEC_ERRORS_HERE,
+                        xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                        "xmlSecBufferRemoveHead",
+                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                        "size=%d", inSize);
+            return(-1);
+        }
+
+        transform->status = xmlSecTransformStatusFinished;
     } else if(transform->status == xmlSecTransformStatusFinished) {
-	/* the only way we can get here is if there is no input */
-	xmlSecAssert2(inSize == 0, -1);
+        /* the only way we can get here is if there is no input */
+        xmlSecAssert2(inSize == 0, -1);
     } else {
-	xmlSecError(XMLSEC_ERRORS_HERE, 
-		    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
-		    NULL,
-		    XMLSEC_ERRORS_R_INVALID_STATUS,
-		    "status=%d", transform->status);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    xmlSecErrorsSafeString(xmlSecTransformGetName(transform)),
+                    NULL,
+                    XMLSEC_ERRORS_R_INVALID_STATUS,
+                    "status=%d", transform->status);
+        return(-1);
     }
     return(0);
 }
 
 /* TODO: create PopBin method instead */
-static int 
-xmlSecXslProcess(xmlSecBufferPtr in, xmlSecBufferPtr out,  xsltStylesheetPtr stylesheet) {
+static int
+xmlSecXslProcess(xmlSecXsltCtxPtr ctx, xmlSecBufferPtr in, xmlSecBufferPtr out) {
     xmlDocPtr docIn = NULL;
     xmlDocPtr docOut = NULL;
     xmlOutputBufferPtr output = NULL;
@@ -452,67 +503,115 @@ xmlSecXslProcess(xmlSecBufferPtr in, xmlSecBufferPtr out,  xsltStylesheetPtr sty
 
     xmlSecAssert2(in != NULL, -1);
     xmlSecAssert2(out != NULL, -1);
-    xmlSecAssert2(stylesheet != NULL, -1);
+    xmlSecAssert2(ctx != NULL, -1);
 
     docIn = xmlSecParseMemory(xmlSecBufferGetData(in), xmlSecBufferGetSize(in), 1);
     if(docIn == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecParseMemory",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecParseMemory",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    docOut = xsltApplyStylesheet(stylesheet, docIn, NULL);
+    docOut = xmlSecXsApplyStylesheet(ctx, docIn);
     if(docOut == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xsltApplyStylesheet",
-		    XMLSEC_ERRORS_R_XSLT_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecXsApplyStylesheet",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     output = xmlSecBufferCreateOutputBuffer(out);
     if(output == NULL) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlSecBufferCreateOutputBuffer",
-		    XMLSEC_ERRORS_R_XMLSEC_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlSecBufferCreateOutputBuffer",
+                    XMLSEC_ERRORS_R_XMLSEC_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
-    ret = xsltSaveResultTo(output, docOut, stylesheet);
+    ret = xsltSaveResultTo(output, docOut, ctx->xslt);
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xsltSaveResultTo",
-		    XMLSEC_ERRORS_R_XSLT_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	goto done;	
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xsltSaveResultTo",
+                    XMLSEC_ERRORS_R_XSLT_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
     }
 
     ret = xmlOutputBufferClose(output);
     output = NULL;
     if(ret < 0) {
-	xmlSecError(XMLSEC_ERRORS_HERE,
-		    NULL,
-		    "xmlOutputBufferClose",
-		    XMLSEC_ERRORS_R_XML_FAILED,
-		    XMLSEC_ERRORS_NO_MESSAGE);
-	return(-1);
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xmlOutputBufferClose",
+                    XMLSEC_ERRORS_R_XML_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        return(-1);
     }
 
     res = 0;
 
-done:   
+done:
     if(output != NULL) xmlOutputBufferClose(output);
     if(docIn != NULL) xmlFreeDoc(docIn);
     if(docOut != NULL) xmlFreeDoc(docOut);
-    return(res);    
+    return(res);
+}
+
+
+static xmlDocPtr
+xmlSecXsApplyStylesheet(xmlSecXsltCtxPtr ctx, xmlDocPtr doc) {
+    xsltTransformContextPtr xsltCtx = NULL;
+    xmlDocPtr res = NULL;
+    int ret;
+    
+    xmlSecAssert2(ctx != NULL, NULL);
+    xmlSecAssert2(ctx->xslt != NULL, NULL);
+    xmlSecAssert2(doc != NULL, NULL);
+
+    xsltCtx = xsltNewTransformContext(ctx->xslt, doc);
+    if(xsltCtx == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xsltNewTransformContext",
+                    XMLSEC_ERRORS_R_XSLT_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }	    
+
+    /* set security prefs  */
+    ret = xsltSetCtxtSecurityPrefs(g_xslt_default_security_prefs, xsltCtx);
+    if(ret < 0) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xsltSetCtxtSecurityPrefs",
+                    XMLSEC_ERRORS_R_XSLT_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+
+    res = xsltApplyStylesheetUser(ctx->xslt, doc, NULL, NULL, NULL, xsltCtx);
+    if(res == NULL) {
+        xmlSecError(XMLSEC_ERRORS_HERE,
+                    NULL,
+                    "xsltApplyStylesheetUser",
+                    XMLSEC_ERRORS_R_XSLT_FAILED,
+                    XMLSEC_ERRORS_NO_MESSAGE);
+        goto done;
+    }
+    
+done:
+    if(xsltCtx != NULL) xsltFreeTransformContext(xsltCtx);
+    return res;    
 }
 
+
 #endif /* XMLSEC_NO_XSLT */
 
diff --git a/tests/keys/README b/tests/keys/README
index 555fe512..14515024 100644
--- a/tests/keys/README
+++ b/tests/keys/README
@@ -181,3 +181,23 @@ README
        # (used in above step)
        > pk12util -d <nss_config_dir> -i keycert.p12
     
+6. On Windows, one needs to specify Crypto Service Provider (CSP) in the 
+pkcs12 file to ensure it is loaded correctly to be used with SHA2 algorithms. 
+Worse, the CSP is different for XP and older versions
+
+
+   Input: DSA/RSA private key in PEM or DER format
+   Output: A PKCS12 file containing the private key, and a self-signed 
+           certificate with the corresponding public key. Plus the CSP 
+           name to be used for this key/cert.
+
+
+    > cat rsakey.pem rsacert.pem ca2cert.pem cacert.pem > allrsa.pem
+    > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+    > openssl pkcs12 -export -in allrsa.pem -name TestRsaKey -out rsakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+
+
+    > cat largersakey.pem largersacert.pem ca2cert.pem cacert.pem > alllargersa.pem
+    > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-winxp.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)"
+    > openssl pkcs12 -export -in alllargersa.pem -name TestLargeRsaKey -out largersakey-win.p12 -CSP "Microsoft Enhanced RSA and AES Cryptographic Provider"
+
diff --git a/tests/keys/largersakey-win.p12 b/tests/keys/largersakey-win.p12
new file mode 100644
index 00000000..af04b9e4
--- /dev/null
+++ b/tests/keys/largersakey-win.p12
diff --git a/tests/keys/largersakey-winxp.p12 b/tests/keys/largersakey-winxp.p12
new file mode 100644
index 00000000..75746297
--- /dev/null
+++ b/tests/keys/largersakey-winxp.p12
diff --git a/tests/keys/rsakey-win.p12 b/tests/keys/rsakey-win.p12
new file mode 100644
index 00000000..e0281f7d
--- /dev/null
+++ b/tests/keys/rsakey-win.p12
diff --git a/tests/keys/rsakey-winxp.p12 b/tests/keys/rsakey-winxp.p12
new file mode 100644
index 00000000..3817a7e1
--- /dev/null
+++ b/tests/keys/rsakey-winxp.p12
diff --git a/tests/testDSig.sh b/tests/testDSig.sh
index 1f86f8e1..b8d85aa8 100755
--- a/tests/testDSig.sh
+++ b/tests/testDSig.sh
@@ -1,136 +1,23 @@
-#!/bin/sh 
-
-OS_ARCH=`uname -o`
-
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
-	topfolder=`cygpath -wa $2`
-	xmlsec_app=`cygpath -a $3`
-else
-	topfolder=$2
-	xmlsec_app=$3
-fi
-crypto=$1
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
-    TMPFOLDER=/tmp
-fi
-timestamp=`date +%Y%m%d_%H%M%S` 
-if [ "z$OS_ARCH" = "zCygwin" ] ; then
-	tmpfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.tmp`
-	logfile=`cygpath -wa $TMPFOLDER/testDSig.$timestamp-$$.log`
-else
-	tmpfile=$TMPFOLDER/testDSig.$timestamp-$$.tmp
-	logfile=$TMPFOLDER/testDSig.$timestamp-$$.log
-fi
-
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
-    xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then 
-    export VALGRIND="valgrind $valgrind_options"
-    export REPEAT=3
-    xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then 
-    xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {
-    if [ $1 = 0 ]; then
-	echo "   OK"
-    else 
-        echo " Fail"
-    fi
-    if [ -f .memdump ] ; then 
-	cat .memdump >> $logfile 
-    fi
-}
-
-execDSigTest() {    
-    folder=$1
-    file=$2
-    req_transforms=$3
-    params1=$4
-    params2=$5
-    params3=$6
-    old_pwd=`pwd`    
-    rm -f $tmpfile
-
-    if [ -n "$folder" ] ; then 
-	cd $topfolder/$folder        
-        full_file=$file
-	echo $folder/$file
-	echo "Test: $folder/$file in folder " `pwd` >> $logfile
-    else
-	full_file=$topfolder/$file        
-        echo $file 
-	echo "Test: $folder/$file" >> $logfile
-    fi
-
-    if [ -n "$req_transforms" ] ; then
-	printf "    Checking required transforms                         "
-        echo "$xmlsec_app check-transforms $req_transforms" >> $logfile
-	$xmlsec_app check-transforms $req_transforms >> $logfile 2>> $logfile
-	res=$?
-	if [ $res = 0 ]; then
-    	    echo "   OK"	    
-	else
-	    echo " Skip"
-	    cd $old_pwd
-	    return
-	fi
-    fi
-
-    
-    printf "    Verify existing signature                            "
-    echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
-    $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
-    printRes $?
-
-    if [ -n "$params2"  -a -z "$PERF_TEST" ] ; then
-	printf "    Create new signature                                 "
-	echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
-	$VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
-	printRes $?
-	
-	if [ -n "$params3" ] ; then 
-	    if [ -z "$VALGRIND" ] ; then 
-		printf "    Verify new signature                                 "
-		echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
-		$VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
-		printRes $?
-	    fi
-	fi
-    fi
-    
-    cd $old_pwd
-}
-
-echo "--- testDSig started for xmlsec-$crypto library ($timestamp)" 
+#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
+
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--- testDSig started for xmlsec-$crypto library ($timestamp)"
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
 echo "--- log file is $logfile"
 echo "--- testDSig started for xmlsec-$crypto library ($timestamp)" >> $logfile
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
 
 ##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+##########################################################################
 #
 # xmldsig2ed-tests
 #
@@ -138,50 +25,77 @@ echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
 #
 ##########################################################################
 
-execDSigTest "xmldsig2ed-tests" "defCan-1" \
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "defCan-1" \
     "c14n11 sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "xmldsig2ed-tests" "defCan-2" \
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "defCan-2" \
     "c14n11 xslt xpath sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
 #
 # differences in XSLT transform output, tbd
-# 
-# execDSigTest "xmldsig2ed-tests" "defCan-3" \
-#     "c14n11 xslt xpath sha1 hmac-sha1" \
-#     "--hmackey $topfolder/keys/hmackey.bin" \
-#     "--hmackey $topfolder/keys/hmackey.bin" \
-#     "--hmackey $topfolder/keys/hmackey.bin" 
-# 
-
-execDSigTest "xmldsig2ed-tests" "xpointer-1-SUN" \
-     "c14n11 xpointer sha1 hmac-sha1" \
-     "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-2-SUN" \
-     "c14n11 xpointer sha1 hmac-sha1" \
-     "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-3-SUN" \
-     "c14n11 xpointer sha1 hmac-sha1" \
-     "--hmackey $topfolder/keys/hmackey.bin"
-
-execDSigTest "xmldsig2ed-tests" "xpointer-4-SUN" \
-     "c14n11 xpointer sha1 hmac-sha1" \
-     "--hmackey $topfolder/keys/hmackey.bin"
+#
+# execDSigTest $res_success \
+#    "xmldsig2ed-tests" \
+#    "defCan-3" \
+#    "c14n11 xslt xpath sha1 hmac-sha1" \
+#    "hmac" \
+#    "--hmackey $topfolder/keys/hmackey.bin" \
+#    "--hmackey $topfolder/keys/hmackey.bin" \
+#    "--hmackey $topfolder/keys/hmackey.bin" 
+#
 
-execDSigTest "xmldsig2ed-tests" "xpointer-5-SUN" \
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-1-SUN" \
+    "c14n11 xpointer sha1 hmac-sha1" \
+    "hmac" \
+    "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-2-SUN" \
+    "c14n11 xpointer sha1 hmac-sha1" \
+    "hmac" \
+    "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-3-SUN" \
+    "c14n11 xpointer sha1 hmac-sha1" \
+    "hmac" \
+    "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-4-SUN" \
+    "c14n11 xpointer sha1 hmac-sha1" \
+    "hmac" \
+    "--hmackey $topfolder/keys/hmackey.bin"
+
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-5-SUN" \
      "c14n11 xpointer sha1 hmac-sha1" \
+     "hmac" \
      "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
+execDSigTest $res_success \
+    "xmldsig2ed-tests" \
+    "xpointer-6-SUN" \
      "c14n11 xpointer sha1 hmac-sha1" \
+     "hmac" \
      "--hmackey $topfolder/keys/hmackey.bin"
 
 ##########################################################################
@@ -190,175 +104,259 @@ execDSigTest "xmldsig2ed-tests" "xpointer-6-SUN" \
 #
 ##########################################################################
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-dsa-x509chain" \
     "sha1 dsa-sha1" \
+    "dsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-rsa-x509chain" \
     "sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-md5-hmac-md5" \
     "md5 hmac-md5" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-md5-hmac-md5-64" \
     "md5 hmac-md5" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160" \
     "ripemd160 hmac-ripemd160" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-ripemd160-hmac-ripemd160-64" \
     "ripemd160 hmac-ripemd160" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/xpointer-hmac" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/xpointer-hmac" \
     "xpointer sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha1-hmac-sha1-64" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224" \
     "sha224 hmac-sha224" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha224-hmac-sha224-64" \
     "sha224 hmac-sha224" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256" \
     "sha256 hmac-sha256" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha256-hmac-sha256-64" \
     "sha256 hmac-sha256" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384" \
     "sha384 hmac-sha384" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha384-hmac-sha384-64" \
     "sha384 hmac-sha384" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512" \
     "sha512 hmac-sha512" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha512-hmac-sha512-64" \
     "sha512 hmac-sha512" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
-    "--hmackey $topfolder/keys/hmackey.bin" 
+    "--hmackey $topfolder/keys/hmackey.bin"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-md5-rsa-md5" \
     "md5 rsa-md5" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-ripemd160-rsa-ripemd160" \
     "ripemd160 rsa-ripemd160" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha1-rsa-sha1" \
     "sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha224-rsa-sha224" \
     "sha224 rsa-sha224" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
-    "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha256-rsa-sha256" \
     "sha256 rsa-sha256" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
-    "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/rsakey$priv_key_suffix.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha384-rsa-sha384" \
     "sha384 rsa-sha384" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
-    "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-sha512-rsa-sha512" \
     "sha512 rsa-sha512" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" \
-    "$priv_key_option $topfolder/keys/largersakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/largersakey$priv_key_suffix.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509"
 
 #
 # To generate expired cert run the following command
 # > xmlsec1 sign --pkcs12 tests/keys/expiredkey.p12 --pwd secret --output out.xml ./tests/aleksey-xmldsig-01/enveloping-expired-cert.tmpl
 #
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloping-expired-cert" \
     "sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509 --verification-time 2005-07-10+10:00:00" 
 
 
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/dtd-hmac-91" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
     "--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" \
     "--hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd"
 
-execDSigTest "" "aleksey-xmldsig-01/x509data-test" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/x509data-test" \
     "xpath2 sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format" \
-    "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
 
-execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/x509data-sn-test" \
     "xpath2 sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format  --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509" \
-    "$priv_key_option tests/keys/rsakey.$priv_key_format --pwd secret" \
+    "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format  --untrusted-$cert_format $topfolder/keys/rsacert.$cert_format --enabled-key-data x509"
 
 ##########################################################################
@@ -366,138 +364,216 @@ execDSigTest "" "aleksey-xmldsig-01/x509data-sn-test" \
 # merlin-xmldsig-twenty-three
 #
 ##########################################################################
-
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloped-dsa" \
     "enveloped-signature sha1 dsa-sha1" \
+    "dsa" \
     " " \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloping-dsa" \
     "sha1 dsa-sha1" \
+    "dsa" \
     " " \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloping-b64-dsa" \
     "base64 sha1 dsa-sha1" \
+    "dsa" \
     " " \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1-40" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloping-hmac-sha1" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" \
     "--hmackey $topfolder/keys/hmackey.bin" 
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-enveloping-rsa" \
     "sha1 rsa-sha1" \
+    "rsa" \
     " " \
     "$priv_key_option $topfolder/keys/rsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-external-b64-dsa" \
     "base64 sha1 dsa-sha1" \
+    "dsa" \
     " " \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-external-dsa" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-external-dsa" \
     "sha1 dsa-sha1" \
-    " " \
+    "dsa" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
+    " "
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-keyname" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-keyname" \
     "sha1 dsa-sha1" \
-    "--pubkey-cert-$cert_format:Lugh $topfolder/merlin-xmldsig-twenty-three/certs/lugh-cert.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
     "$priv_key_option:test-dsa $topfolder/keys/dsakey.$priv_key_format --pwd secret"
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-x509-crt" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-sn" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-x509-sn" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/badb.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-is" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-x509-is" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/macha.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-ski" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-x509-ski" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format"
 
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-retrievalmethod-rawx509crt" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format --untrusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/nemain.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret"\
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --trusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
-    
-execDSigTest "" "merlin-xmldsig-twenty-three/signature" \
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmldsig-twenty-three/signature" \
     "base64 xpath enveloped-signature c14n-with-comments sha1 dsa-sha1" \
-    "--trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/merlin.$cert_format" \
+    "dsa x509" \
+    "" \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format"
 
+
 ##########################################################################
 #
 # merlin-xmlenc-five
 #
+# While the main operation is signature (and this is why we have these 
+# tests here instead of testEnc.sh), these tests check the encryption
+# key transport/wrapper algorightms
+#
 ##########################################################################
-
-execDSigTest "" "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-ripemd160-hmac-ripemd160-kw-tripledes" \
     "ripemd160 hmac-ripemd160 kw-tripledes" \
-    "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
+    "hmac des" \
+    "" \
     "--session-key hmac-192 --keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" 
 
-execDSigTest "" "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-sha256-hmac-sha256-kw-aes128" \
     "sha256 hmac-sha256 kw-aes128" \
-    "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" 
+    "hmac aes" \
+    "" 
 
-execDSigTest "" "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-sha384-hmac-sha384-kw-aes192" \
     "sha384 hmac-sha384 kw-aes192" \
-    "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" 
+    "hmac aes" \
+    ""
 
-execDSigTest "" "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-sha512-hmac-sha512-kw-aes256" \
     "sha512 hmac-sha512 kw-aes256" \
-    "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" 
+    "hmac aes" \
+    ""
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5" \
+    "sha1 hmac-sha256 rsa-1_5" \
+    "hmac rsa" \
+    ""
+
+execDSigTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p" \
+    "sha1 hmac-sha256 rsa-oaep-mgf1p" \
+    "hmac rsa" \
+    ""
+
 
-#merlin-xmlenc-five/encsig-hmac-sha256-rsa-1_5.xml
-#merlin-xmlenc-five/encsig-hmac-sha256-rsa-oaep-mgf1p.xml
 
 ##########################################################################
 #
 # merlin-exc-c14n-one
 #
 ##########################################################################
-    
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+execDSigTest $res_success \
+    "" \
+    "merlin-exc-c14n-one/exc-signature" \
     "exc-c14n sha1 dsa-sha1" \
+    "dsa" \
     " " \
     "$priv_key_option $topfolder/keys/dsakey.$priv_key_format --pwd secret" \
-    " " 
-    
-execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
+    " "
+
+execDSigTest $res_success \
+    "" \
+    "merlin-exc-c14n-one/exc-signature" \
     "exc-c14n sha1 dsa-sha1" \
+    "dsa" \
     " "
 
 ##########################################################################
@@ -505,125 +581,206 @@ execDSigTest "" "merlin-exc-c14n-one/exc-signature" \
 # merlin-c14n-three
 #
 ##########################################################################
-    
-execDSigTest "" "merlin-c14n-three/signature" \
+
+execDSigTest $res_success \
+    "" \
+    "merlin-c14n-three/signature" \
     "c14n c14n-with-comments exc-c14n exc-c14n-with-comments xpath sha1 dsa-sha1" \
+    "dsa" \
     " "
-    
+
 ##########################################################################
 #
 # merlin-xpath-filter2-three
 #
 ##########################################################################
 
-execDSigTest "" "merlin-xpath-filter2-three/sign-xfdl" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xpath-filter2-three/sign-xfdl" \
     "enveloped-signature xpath2 sha1 dsa-sha1" \
-    ""
+    "dsa" \
+    " "
 
-execDSigTest "" "merlin-xpath-filter2-three/sign-spec" \
+execDSigTest $res_success \
+    "" \
+    "merlin-xpath-filter2-three/sign-spec" \
     "enveloped-signature xpath2 sha1 dsa-sha1" \
-    ""
+    "dsa" \
+    " "
 ##########################################################################
 #
 # phaos-xmldsig-three
 #
 ##########################################################################
 
-execDSigTest "phaos-xmldsig-three" "signature-big" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-big" \
     "base64 xslt xpath sha1 rsa-sha1" \
+    "rsa x509" \
     "--pubkey-cert-$cert_format certs/rsa-cert.$cert_format" 
 
-execDSigTest "phaos-xmldsig-three" "signature-dsa-detached" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-dsa-detached" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+    "dsa x509" \
+    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloped" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-dsa-enveloped" \
     "enveloped-signature sha1 dsa-sha1" \
-    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
-    
-execDSigTest "phaos-xmldsig-three" "signature-dsa-enveloping" \
+    "dsa x509" \
+    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
+
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-dsa-enveloping" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+    "dsa x509" \
+    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-dsa-manifest" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-dsa-manifest" \
     "sha1 dsa-sha1" \
-    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format"
+    "dsa x509" \
+    "--trusted-$cert_format certs/dsa-ca-cert.$cert_format --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-hmac-md5-c14n-enveloping" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-hmac-md5-c14n-enveloping" \
     "md5 hmac-md5" \
+    "hmac" \
     "--hmackey certs/hmackey.bin"
-    
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-c14n-comments-detached" \
+
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-hmac-sha1-40-c14n-comments-detached" \
     "c14n-with-comments sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey certs/hmackey.bin"
-    
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-hmac-sha1-40-exclusive-c14n-comments-detached" \
     "exc-c14n-with-comments sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey certs/hmackey.bin"
-    
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-comments-detached" \
+
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-hmac-sha1-exclusive-c14n-comments-detached" \
     "exc-c14n-with-comments sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey certs/hmackey.bin"
-    
-execDSigTest "phaos-xmldsig-three" "signature-hmac-sha1-exclusive-c14n-enveloped" \
+
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-hmac-sha1-exclusive-c14n-enveloped" \
     "enveloped-signature exc-c14n sha1 hmac-sha1" \
+    "hmac" \
     "--hmackey certs/hmackey.bin"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-b64-transform" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached-b64-transform" \
     "base64 sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xpath-transform" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached-xpath-transform" \
     "xpath sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-retrieval-method" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached-xslt-transform-retrieval-method" \
     "xslt sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached-xslt-transform" \
     "xslt sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-enveloped" \
     "enveloped-signature sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloping" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-enveloping" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert-chain" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-cert-chain" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-cert" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-cert" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-issuer-serial" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-issuer-serial" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-ski" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-ski" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-subject-name" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-subject-name" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --untrusted-$cert_format certs/rsa-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest" \
     "sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
+execDSigTest $res_success \
+    "phaos-xmldsig-three" \
+    "signature-rsa-xpath-transform-enveloped" \
     "enveloped-signature xpath sha1 rsa-sha1" \
-    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
+    "rsa x509" \
+    "--trusted-$cert_format certs/rsa-ca-cert.$cert_format --X509-skip-strict-checks --verification-time 2009-01-01+10:00:00"
 
 
 ##########################################################################
@@ -631,58 +788,88 @@ execDSigTest "phaos-xmldsig-three" "signature-rsa-xpath-transform-enveloped" \
 # test dynamic signature
 #
 ##########################################################################
-
 echo "Dynamic signature template"
 printf "    Create new signature                                 "
 echo "$xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
 $VALGRIND $xmlsec_app sign-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
 printf "    Verify new signature                                 "
 echo "$xmlsec_app verify --keys-file $keysfile $tmpfile" >> $logfile
 $VALGRIND $xmlsec_app verify $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
 
 
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--------- These tests CAN FAIL (extra OS config required) ----------"
-execDSigTest "" "aleksey-xmldsig-01/enveloped-gost" \
-    "enveloped-signature gostr34102001-gostr3411 gostr3411" \
-    "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format  --enabled-key-data x509" \
+execDSigTest $res_success \
+    "" \
+    "aleksey-xmldsig-01/enveloped-gost" \
+    "enveloped-signature gostr3411" \
+    "gost2001" \
+    "--trusted-$cert_format $topfolder/keys/gost2001ca.$cert_format --untrusted-$cert_format $topfolder/keys/ca2cert.$cert_format  --enabled-key-data x509 --verification-time 2007-01-01+10:00:00" \
     "" \
     ""
 
 
-echo "--------- Negative Testing: next test MUST FAIL ----------"
-execDSigTest "" "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Negative Testing ----------"
+execDSigTest $res_fail \
+    "" \
+    "merlin-xmldsig-twenty-three/signature-x509-crt-crl" \
     "sha1 rsa-sha1" \
+    "rsa x509" \
     "--X509-skip-strict-checks --trusted-$cert_format $topfolder/merlin-xmldsig-twenty-three/certs/ca.$cert_format"
 
-execDSigTest "" "aleksey-xmldsig-01/enveloping-expired-cert" \
+execDSigTest $res_fail \
+    "" \
+    "aleksey-xmldsig-01/enveloping-expired-cert" \
     "sha1 dsa-sha1" \
+    "dsa x509" \
     "--trusted-$cert_format $topfolder/keys/cacert.$cert_format --enabled-key-data x509" 
 
-execDSigTest "" "aleksey-xmldsig-01/dtd-hmac-91" \
+execDSigTest $res_fail \
+    "" \
+    "aleksey-xmldsig-01/dtd-hmac-91" \
     "sha1 hmac-sha1" \
+    "hmac" \
     "--enabled-reference-uris empty --hmackey $topfolder/keys/hmackey.bin --dtd-file $topfolder/aleksey-xmldsig-01/dtd-hmac-91.dtd" 
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
+execDSigTest $res_fail \
+    "phaos-xmldsig-three" \
+    "signature-rsa-detached-xslt-transform-bad-retrieval-method" \
     "xslt sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-digest-val" \
+execDSigTest $res_fail \
+    "phaos-xmldsig-three" \
+    "signature-rsa-enveloped-bad-digest-val" \
     "enveloped-signature sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-enveloped-bad-sig" \
+execDSigTest $res_fail \
+    "phaos-xmldsig-three" \
+    "signature-rsa-enveloped-bad-sig" \
     "enveloped-signature sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
 
-execDSigTest "phaos-xmldsig-three" "signature-rsa-manifest-x509-data-crl" \
+execDSigTest $res_fail \
+    "phaos-xmldsig-three" \
+    "signature-rsa-manifest-x509-data-crl" \
     "sha1 rsa-sha1" \
+    "rsa x509" \
     "--trusted-$cert_format certs/rsa-ca-cert.$cert_format"
 
-rm -rf $tmpfile
-
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testDSig finished" >> $logfile
 echo "--- testDSig finished"
-echo "--- detailed log is written to  $logfile" 
+echo "--- detailed log is written to  $logfile"
 
diff --git a/tests/testEnc.sh b/tests/testEnc.sh
index bf2de36a..54d1ca81 100755
--- a/tests/testEnc.sh
+++ b/tests/testEnc.sh
@@ -1,368 +1,353 @@
-#!/bin/sh 
-
-OS_ARCH=`uname -o`
-
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
-    TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S` 
-tmpfile=$TMPFOLDER/testEnc.$timestamp-$$.tmp
-logfile=$TMPFOLDER/testEnc.$timestamp-$$.log
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
-    xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then 
-    export VALGRIND="valgrind $valgrind_options"
-    export REPEAT=3
-    xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then 
-    export xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {
-    if [ $1 = 0 ]; then
-	echo "   OK"
-    else 
-        echo " Fail"
-    fi
-    if [ -f .memdump ] ; then 
-	cat .memdump >> $logfile 
-    fi
-}
-
-execEncTest() {    
-    filename=$1
-    req_transforms=$2
-    params1=$3
-    params2=$4
-    params3=$5
-
-    echo $filename
-    echo $filename >>  $logfile 
-    file=$topfolder/$filename      
-
-    if [ -n "$req_transforms" ] ; then
-	printf "    Checking required transforms                         "
-        echo "$xmlsec_app check-transforms $req_transforms" >> $logfile
-	$xmlsec_app check-transforms $req_transforms >> $logfile 2>> $logfile
-	res=$?
-	if [ $res = 0 ]; then
-    	    echo "   OK"	    
-	else
-	    echo " Skip"
-	    return
-	fi
-    fi
-    
-    printf "    Decrypt existing document                            "
-    rm -f $tmpfile
-
-    if [ "z$OS_ARCH" = "zCygwin" ] ; then
-	diff_param=-uw
-    else
-	diff_param=-u
-    fi
-
-    echo "$xmlsec_app decrypt $xmlsec_params $params1 $file.xml" >>  $logfile 
-    $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $file.xml > $tmpfile 2>> $logfile
-    if [ $? = 0 ]; then
-	diff $diff_param $file.data $tmpfile >> $logfile 2>> $logfile
-	printRes $?
-    else 
-	echo " Error"
-    fi
-
-    if [ -n "$params2"  -a -z "$PERF_TEST" ] ; then
-	printf "    Encrypt document                                     "
-	rm -f $tmpfile
-	echo "$xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $file.tmpl" >>  $logfile 
-	$VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $file.tmpl >> $logfile 2>> $logfile
-	printRes $?
-	
-	if [ -n "$params4" ] ; then 
-	    if [ -z "$VALGRIND" ] ; then
-	        printf "    Decrypt new document                                 "
-		echo "$xmlsec_app decrypt $xmlsec_params $params4 --output $tmpfile.2 $tmpfile" >>  $logfile 
-	        $VALGRIND $xmlsec_app decrypt $xmlsec_params $params4 --output $tmpfile.2 $tmpfile >> $logfile 2>> $logfile
-		if [ $? = 0 ]; then
-		    diff $diff_param $file.data $tmpfile.2 >> $logfile 2>> $logfile
-		    printRes $?
-    		else 
-		    echo " Error"
-		fi
-	    fi
-	fi
-    fi
-    rm -f $tmpfile $tmpfile.2
-}
-
+#!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
+
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testEnc started for xmlsec-$crypto library ($timestamp)"
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" 
 echo "--- log file is $logfile"
 echo "--- testEnc started for xmlsec-$crypto library ($timestamp)" >> $logfile
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
 
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+##########################################################################
+#
+# aleksey-xmlenc-01
+#
+##########################################################################
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-keyname" \
     "tripledes-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname.data" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname2" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-keyname2" \
     "tripledes-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname2.data" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-aes128cbc-keyname" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-aes128cbc-keyname" \
     "aes128-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes128cbc-keyname.data" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-aes192cbc-keyname" \
     "aes192-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes192cbc-keyname.data" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
     "aes192-cbc" \
     "--keys-file $topfolder/keys/keys.xml"
 
-execEncTest "aleksey-xmlenc-01/enc-aes256cbc-keyname" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-aes256cbc-keyname" \
     "aes256-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --binary-data $topfolder/aleksey-xmlenc-01/enc-aes256cbc-keyname.data" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-content" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-keyname-content" \
     "tripledes-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-content.data --node-id Test" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-element" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-keyname-element" \
     "tripledes-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-element.data --node-id Test" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-keyname-element-root" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-keyname-element-root" \
     "tripledes-cbc" \
     "--keys-file $topfolder/keys/keys.xml" \
     "--keys-file $keysfile --xml-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-keyname-element-root.data --node-id Test" \
     "--keys-file $keysfile"
 
-execEncTest "aleksey-xmlenc-01/enc-des3cbc-aes192-keyname" \
+execEncTest $res_success \
+    "" \
+    "aleksey-xmlenc-01/enc-des3cbc-aes192-keyname" \
     "tripledes-cbc kw-aes192" \
     "--keys-file $topfolder/keys/keys.xml --enabled-key-data key-name,enc-key" \
     "--keys-file $keysfile  --session-key des-192  --binary-data $topfolder/aleksey-xmlenc-01/enc-des3cbc-aes192-keyname.data" \
     "--keys-file $keysfile"
 
-# Merlin's tests
-execEncTest "merlin-xmlenc-five/encrypt-data-aes128-cbc" \
+##########################################################################
+#
+# merlin-xmlenc-five
+#
+##########################################################################
+
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-data-aes128-cbc" \
     "aes128-cbc" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes128-cbc.data" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-content-tripledes-cbc" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-content-tripledes-cbc" \
     "tripledes-cbc" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --enabled-key-data key-name --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-tripledes-cbc.data --node-id Payment" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-content-aes256-cbc-prop" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-content-aes256-cbc-prop" \
     "aes256-cbc" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --enabled-key-data key-name --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-aes256-cbc-prop.data --node-id Payment" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-element-aes192-cbc-ref" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-element-aes192-cbc-ref" \
     "aes192-cbc" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5" \
     "aes128-cbc rsa-1_5" \
     "$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-128 $priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --xml-data $topfolder/merlin-xmlenc-five/encrypt-element-aes128-cbc-rsa-1_5.data --node-id Purchase --pwd secret"  \
     "$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
 
-execEncTest "merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p" \
     "tripledes-cbc rsa-oaep-mgf1p" \
     "$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key des-192 $priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p.data --pwd secret"  \
     "$priv_key_option $topfolder/merlin-xmlenc-five/rsapriv.$priv_key_format --pwd secret"
 
-execEncTest "merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes" \
     "aes256-cbc kw-tripledes" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-256 --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes256-cbc-kw-tripledes.data" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192" \
     "aes128-cbc kw-aes192" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-128 --node-name urn:example:po:PaymentInfo --xml-data $topfolder/merlin-xmlenc-five/encrypt-content-aes128-cbc-kw-aes192.data" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256" \
     "aes192-cbc kw-aes256" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml --session-key aes-192 --binary-data $topfolder/merlin-xmlenc-five/encrypt-data-aes192-cbc-kw-aes256.data" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
 
-execEncTest "merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128" \
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128" \
     "tripledes-cbc kw-aes128" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml  --session-key des-192 --node-name urn:example:po:PaymentInfo --xml-data $topfolder/merlin-xmlenc-five/encrypt-element-tripledes-cbc-kw-aes128.data" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml"
-        
-execEncTest "merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256" \
+
+execEncTest $res_success \
+    "" \
+    "merlin-xmlenc-five/encrypt-element-aes256-cbc-retrieved-kw-aes256" \
     "aes256-cbc kw-aes256" \
     "--keys-file $topfolder/merlin-xmlenc-five/keys.xml" 
 
 
+#merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
+
 #merlin-xmlenc-five/encrypt-element-aes256-cbc-carried-kw-aes256.xml
 #merlin-xmlenc-five/decryption-transform-except.xml
 #merlin-xmlenc-five/decryption-transform.xml
 
 #merlin-xmlenc-five/encrypt-element-aes256-cbc-kw-aes256-dh-ripemd160.xml
 #merlin-xmlenc-five/encrypt-content-aes192-cbc-dh-sha512.xml
-#merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml
 #merlin-xmlenc-five/encsig-hmac-sha256-dh.xml
 #merlin-xmlenc-five/encsig-hmac-sha256-kw-tripledes-dh.xml
 
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5" \
+##########################################################################
+#
+# 01-phaos-xmlenc-3
+#
+##########################################################################
+
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5" \
     "tripledes-cbc rsa-1_5" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1" \
     "tripledes-cbc rsa-oaep-mgf1p" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5" \
     "aes128-cbc rsa-1_5" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1" \
     "aes128-cbc rsa-oaep-mgf1p" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1" \
     "aes192-cbc rsa-oaep-mgf1p" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5" \
     "aes192-cbc rsa-1_5" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes192-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
     "aes256-cbc rsa-1_5" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1" \
     "aes256-cbc rsa-oaep-mgf1p" \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret" \
     "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1.data --node-name http://example.org/paymentv2:CreditCard"  \
     "$priv_key_option $topfolder/01-phaos-xmlenc-3/rsa-priv-key.$priv_key_format --pwd secret"
 
-execEncTest "01-phaos-xmlenc-3/enc-element-3des-kw-3des" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-3des-kw-3des" \
     "tripledes-cbc kw-tripledes" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-3des-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-content-aes128-kw-3des" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-content-aes128-kw-3des" \
     "aes128-cbc kw-tripledes" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes128-kw-3des.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes128" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes128-kw-aes128" \
     "aes128-cbc kw-aes128" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes128.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes128-kw-aes256" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes128-kw-aes256" \
     "aes128-cbc kw-aes256" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes128-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-content-3des-kw-aes192" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-content-3des-kw-aes192" \
     "tripledes-cbc kw-aes192" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-3des-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-content-aes192-kw-aes256" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-content-aes192-kw-aes256" \
     "aes192-cbc kw-aes256" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-content-aes192-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes192-kw-aes192" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes192-kw-aes192" \
     "aes192-cbc kw-aes192" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes192-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-element-aes256-kw-aes256" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-element-aes256-kw-aes256" \
     "aes256-cbc kw-aes256" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-256 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-element-aes256-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" 
 
-execEncTest "01-phaos-xmlenc-3/enc-text-3des-kw-aes256" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-text-3des-kw-aes256" \
     "tripledes-cbc kw-aes256" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key des-192 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-3des-kw-aes256.data --node-name http://example.org/paymentv2:CreditCard"  \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
 
-execEncTest "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
+execEncTest $res_success \
+    "" \
+    "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
     "aes128-cbc kw-aes192" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml" \
     "--session-key aes-128 --keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-key-data key-name --xml-data $topfolder/01-phaos-xmlenc-3/enc-text-aes128-kw-aes192.data --node-name http://example.org/paymentv2:CreditCard"  \
@@ -376,38 +361,51 @@ execEncTest "01-phaos-xmlenc-3/enc-text-aes128-kw-aes192" \
 #01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha256.xml
 #01-phaos-xmlenc-3/enc-element-3des-kt-rsa_oaep_sha512.xml
 
-# test dynamic encryption
+##########################################################################
+#
+# test dynamicencryption
+#
+##########################################################################
 echo "Dynamic encryption template"
 printf "    Encrypt template                                     "
 echo "$xmlsec_app encrypt-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile" >> $logfile
 $VALGRIND $xmlsec_app encrypt-tmpl $xmlsec_params --keys-file $keysfile --output $tmpfile >> $logfile 2>> $logfile
-printRes $?
+printRes $res_success $?
 printf "    Decrypt document                                     "
 echo "$xmlsec_app decrypt $xmlsec_params $keysfile $tmpfile" >> $logfile
 $VALGRIND $xmlsec_app decrypt $xmlsec_params --keys-file $keysfile $tmpfile >> $logfile 2>> $logfile
-printRes $?
-
+printRes $res_success $?
 
 
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--------- Negative Testing: Following tests MUST FAIL ----------"
 echo "--- detailed log is written to  $logfile" 
-execEncTest "01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des" \
+execEncTest $res_fail \
+    "" \
+    "01-phaos-xmlenc-3/bad-alg-enc-element-aes128-kw-3des" \
     "" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml"
 
-execEncTest "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
+execEncTest $res_fail \
+    "" \
+    "aleksey-xmlenc-01/enc-aes192cbc-keyname-ref" \
     "" \
     "--keys-file $topfolder/keys/keys.xml --enabled-cipher-reference-uris empty" 
 
-execEncTest "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
+execEncTest $res_fail \
+    "" \
+    "01-phaos-xmlenc-3/enc-content-aes256-kt-rsa1_5" \
     "" \
     "--keys-file $topfolder/01-phaos-xmlenc-3/keys.xml --enabled-retrieval-method-uris empty"
-    
+
 rm -rf $tmpfile
 
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testEnc finished" >> $logfile
 echo "--- testEnc finished"
-echo "--- detailed log is written to  $logfile" 
-
-#more $logfile
+echo "--- detailed log is written to  $logfile"
 
diff --git a/tests/testKeys.sh b/tests/testKeys.sh
index 385caf37..1bf7dc23 100755
--- a/tests/testKeys.sh
+++ b/tests/testKeys.sh
@@ -1,133 +1,69 @@
 #!/bin/sh
+#
+# This script needs to be called from testrun.sh script
+#
 
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
-    TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S` 
-tmpfile=$TMPFOLDER/testKeys.$timestamp-$$.tmp
-logfile=$TMPFOLDER/testKeys.$timestamp-$$.log
-script="$0"
-nssdbfolder=$topfolder/nssdb
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-mkdir -p $crypto_config
-rm -rf $crypto_config/*
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
-    xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then 
-    export VALGRIND="valgrind $valgrind_options"
-    export REPEAT=3
-    xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then 
-    export xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-printRes() {	
-    if [ $1 = 0 ]; then
-	echo "   OK"
-    else 
-        echo " Fail"
-    fi
-    if [ -f .memdump ] ; then 
-	cat .memdump >> $logfile 
-    fi
-}
-
-execKeysTest() {    
-    req_key_data=$1
-    key_name=$2
-    alg_name=$3
-
-    if [ -n "$req_key_data" ] ; then
-	printf "    Checking $req_key_data key data presense                      "
-        echo "$xmlsec_app check-key-data $req_key_data" >> $logfile
-	$xmlsec_app check-key-data $req_key_data >> $logfile 2>> $logfile
-	res=$?
-	if [ $res = 0 ]; then
-    	    echo "   OK"	    
-	else
-	    echo " Skip"
-	    return
-	fi
-    fi
-
-    printf "    Creating new key: $alg_name                           "
-
-    params="--gen-key:$key_name $alg_name"
-    if [ -f $keysfile ] ; then
-	params="$params --keys-file $keysfile"	
-    fi
-
-    echo "$xmlsec_app keys $params $xmlsec_params $keysfile" >>  $logfile 
-    $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $logfile 2>> $logfile
-    printRes $?
-}
-
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testKeys started for xmlsec-$crypto library ($timestamp) ---"
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
 echo "--- log file is $logfile"
 echo "--- testKeys started for xmlsec-$crypto library ($timestamp) ---" >> $logfile
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
 
+# cleanup crypto config folder
+mkdir -p $crypto_config
+rm -rf $crypto_config/*
+
 # remove old keys file and copy NSS DB files if needed
 rm -rf $keysfile
 if [ "z$crypto" = "znss" ] ; then
     cp -f $nssdbfolder/*.db $crypto_config
 fi
 
-execKeysTest \
-	"hmac" \
-	"test-hmac-sha1" \
-	"hmac-192"
-execKeysTest \
-	"rsa " \
-	"test-rsa      " \
-	"rsa-1024"
-execKeysTest \
-	"dsa " \
-	"test-dsa      " \
-	"dsa-1024"
-execKeysTest \
-	"des " \
-	"test-des      " \
-    	"des-192 "
-execKeysTest \
-	"aes " \
-	"test-aes128   " \
-	"aes-128 "
-execKeysTest \
-	"aes " \
-	"test-aes192   " \
-	"aes-192 "
-execKeysTest \
-	"aes " \
-	"test-aes256   " \
-	"aes-256 "
-
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+execKeysTest $res_success \
+    "hmac" \
+    "test-hmac-sha1" \
+    "hmac-192"
+
+execKeysTest $res_success \
+    "rsa " \
+    "test-rsa      " \
+    "rsa-1024"
+
+execKeysTest $res_success \
+    "dsa " \
+    "test-dsa      " \
+    "dsa-1024"
+
+execKeysTest $res_success \
+    "des " \
+    "test-des      " \
+    "des-192 "
+
+execKeysTest $res_success \
+    "aes " \
+    "test-aes128   " \
+    "aes-128 "
+
+execKeysTest $res_success \
+    "aes " \
+    "test-aes192   " \
+    "aes-192 "
+
+execKeysTest $res_success \
+    "aes " \
+    "test-aes256   " \
+    "aes-256 "
+
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testKeys finished ---" >> $logfile
 echo "--- testKeys finished ---"
-echo "--- detailed log is written to  $logfile ---" 
-
+echo "--- detailed log is written to  $logfile ---"
diff --git a/tests/testXKMS.sh b/tests/testXKMS.sh
index 6c46c814..be972dd1 100755
--- a/tests/testXKMS.sh
+++ b/tests/testXKMS.sh
@@ -1,149 +1,128 @@
 #!/bin/sh 
+#
+# This script needs to be called from testrun.sh script
+#
 
-crypto=$1
-topfolder=$2
-xmlsec_app=$3
-file_format=$4
-
-pub_key_format=$file_format
-cert_format=$file_format
-priv_key_option="--pkcs12"
-priv_key_format="p12"
-
-if [ "z$TMPFOLDER" = "z" ] ; then
-    TMPFOLDER=/tmp
-fi
-
-timestamp=`date +%Y%m%d_%H%M%S` 
-tmpfile=$TMPFOLDER/testXKMS.$timestamp-$$.tmp
-tmpfile2=$TMPFOLDER/testXKMS.$timestamp-$$-2.tmp
-tmpfile3=$TMPFOLDER/testXKMS.$timestamp-$$-3.tmp
-logfile=$TMPFOLDER/testXKMS.$timestamp-$$.log
-script="$0"
-
-# prepate crypto config folder
-crypto_config=$TMPFOLDER/xmlsec-crypto-config
-keysfile=$crypto_config/keys.xml
-
-valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
-valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
-
-if [ "z$crypto" != "z" -a "z$crypto" != "zdefault" ] ; then
-    xmlsec_params="$xmlsec_params --crypto $crypto"
-fi
-xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
-
-if [ -n "$DEBUG_MEMORY" ] ; then 
-    export VALGRIND="valgrind $valgrind_options"
-    export REPEAT=3
-    xmlsec_params="$xmlsec_params --repeat $REPEAT"
-fi
-
-if [ -n "$PERF_TEST" ] ; then 
-    xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
-fi
-
-# debug 
-# xmlsec_params="$xmlsec_params --xkms-stop-on-unknown-response-mechanism --xkms-stop-on-unknown-respond-with --xkms-stop-on-unknown-key-usage"
-        
-
-printRes() {
-    if [ $1 = 0 ]; then
-	echo "   OK"
-    else 
-        echo " Fail"
-    fi
-    if [ -f .memdump ] ; then 
-	cat .memdump >> $logfile 
-    fi
-}
-
-execXkmsServerRequestTest() {    
-    src_file=$topfolder/$1.xml
-    res_file=$topfolder/$1-$2.xml
-    echo "$1 ($2)"
-
-    rm -f $tmpfile $tmpfile2 $tmpfile3
-    
-    printf "    Processing xkms request                              "
-    echo "$xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $3 $src_file" >> $logfile
-    $VALGRIND $xmlsec_app --xkms-server-request  --output $tmpfile $xmlsec_params $3 $src_file >> $logfile 2>> $logfile
-    if [ $? = 0 ]; then
-	# cleanup Id attribute because it is generated every time
-	sed 's/ Id="[^\"]*"/ Id=""/g' $res_file > $tmpfile2
-	sed 's/ Id="[^\"]*"/ Id=""/g' $tmpfile > $tmpfile3
-	diff $tmpfile2 $tmpfile3 >> $logfile 2>> $logfile
-	printRes $?
-    else 
-	echo " Error"
-    fi
-}
-
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testXKMS started for xmlsec-$crypto library ($timestamp)" 
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
 echo "--- log file is $logfile"
 echo "--- testXKMS started for xmlsec-$crypto library ($timestamp)" >> $logfile
 echo "--- LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $logfile
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/locate-example-1" "no-match" \
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Positive Testing ----------"
+
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/locate-example-1" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/locate-example-1" "bad-service" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/locate-example-1" \
+    "" \
+    "bad-service" \
     "--xkms-service http://www.example.com/xkms-bad-service"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/locate-example-2" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/locate-example-2" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/validate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/validate-example-1" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/locate-opaque-client-data" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/locate-opaque-client-data" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/compound-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/compound-example-1" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/status-request" "success" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/status-request" \
+    "" \
+    "success" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/bad-request-name" "not-supported" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/bad-request-name" \
+    "" \
+    "not-supported" \
     "--xkms-service http://www.example.com/xkms"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap12-locate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap12-locate-example-1" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap11-locate-example-1" "unsupported" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap11-locate-example-1" \
+    "" \
+    "unsupported" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap12-bad-request-name" "msg-invalid" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap12-bad-request-name" \
+    "" \
+    "msg-invalid" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.2"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap11-locate-example-1" "no-match" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap11-locate-example-1" \
+    "" \
+    "no-match" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap12-locate-example-1" "unsupported" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap12-locate-example-1" \
+    "" \
+    "unsupported" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
 
-execXkmsServerRequestTest \
-    "aleksey-xkms-01/soap11-bad-request-name" "msg-invalid" \
+execXkmsServerRequestTest $res_success \
+    "" \
+    "aleksey-xkms-01/soap11-bad-request-name" \
+    "" \
+    "msg-invalid" \
     "--xkms-service http://www.example.com/xkms --xkms-format soap-1.1"
 
+##########################################################################
+##########################################################################
+##########################################################################
+echo "--------- Negative Testing ----------"
 
-rm -f $tmpfile $tmpfile2 $tmpfile3
-
+##########################################################################
+##########################################################################
+##########################################################################
 echo "--- testXKMS finished" >> $logfile
 echo "--- testXKMS finished"
 echo "--- detailed log is written to  $logfile" 
diff --git a/tests/testrun.sh b/tests/testrun.sh
new file mode 100755
index 00000000..c1f629b8
--- /dev/null
+++ b/tests/testrun.sh
@@ -0,0 +1,443 @@
+#!/bin/sh
+
+OS_ARCH=`uname -o`
+OS_KERNEL=`uname -s`
+
+#
+# Get command line params
+#
+testfile="$1"
+crypto="$2"
+topfolder="$3"
+xmlsec_app="$4"
+file_format="$5"
+timestamp=`date +%Y%m%d_%H%M%S`
+
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+    topfolder=`cygpath -wa "$topfolder"`
+    xmlsec_app=`cygpath -a "$xmlsec_app"`
+fi
+
+#
+# Prepare folders
+#
+if [ "z$TMPFOLDER" = "z" ] ; then
+    TMPFOLDER=/tmp
+fi
+testname=`basename $testfile`
+if [ "z$OS_ARCH" = "zCygwin" ] ; then
+    tmpfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.tmp`
+    logfile=`cygpath -wa $TMPFOLDER/$testname.$timestamp-$$.log`
+else
+    tmpfile=$TMPFOLDER/$testname.$timestamp-$$.tmp
+    logfile=$TMPFOLDER/$testname.$timestamp-$$.log
+fi
+nssdbfolder=$topfolder/nssdb
+
+#
+# Valgrind
+#
+valgrind_suppression="--suppressions=$topfolder/openssl.supp --suppressions=$topfolder/nss.supp"
+valgrind_options="--leak-check=yes --show-reachable=yes --num-callers=32 -v"
+if [ -n "$DEBUG_MEMORY" ] ; then 
+    export VALGRIND="valgrind $valgrind_options"
+    export REPEAT=3
+    xmlsec_params="$xmlsec_params --repeat $REPEAT"
+fi
+
+#
+# Setup crypto engine
+#
+crypto_config=$TMPFOLDER/xmlsec-crypto-config
+keysfile=$crypto_config/keys.xml
+if [ "z$XMLSEC_DEFAULT_CRYPTO" != "z" ] ; then
+    xmlsec_params="$xmlsec_params --crypto $XMLSEC_DEFAULT_CRYPTO"
+elif [ "z$crypto" != "z" ] ; then
+    xmlsec_params="$xmlsec_params --crypto $crypto"
+fi
+xmlsec_params="$xmlsec_params --crypto-config $crypto_config"
+
+#
+# Setup keys config
+#
+pub_key_format=$file_format
+cert_format=$file_format
+
+#
+# GCrypt/GnuTLS only supports DER format for now, others are good to go with PKCS12
+#
+if [ "z$crypto" != "zgcrypt" ] ; then
+    priv_key_option="--pkcs12"
+    priv_key_format="p12"
+else
+    priv_key_option="--privkey-der"
+    priv_key_format="der"
+    pub_key_format="der"
+fi
+
+# On Windows, one needs to specify Crypto Service Provider (CSP)
+# in the pkcs12 file to ensure it is loaded correctly to be used
+# with SHA2 algorithms. Worse, the CSP is different for XP and older 
+# versions
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
+    # Samples:
+    #   Cygwin	: CYGWIN_NT-5.1
+    #   Msys	: MINGW32_NT-5.1
+    if expr "$OS_KERNEL" : '.*_NT-5\.1' > /dev/null; then
+        priv_key_suffix="-winxp"
+    else
+        priv_key_suffix="-win"
+    fi
+else
+    priv_key_suffix=""
+fi
+
+
+#
+# Misc
+#
+if [ -n "$PERF_TEST" ] ; then 
+    xmlsec_params="$xmlsec_params --repeat $PERF_TEST"
+fi
+
+if test "z$OS_ARCH" = "zCygwin" || test "z$OS_ARCH" = "zMsys" ; then
+    diff_param=-uw
+else
+    diff_param=-u
+fi
+
+#
+# Check the command result and print it to stdout
+#
+res_success="success"
+res_fail="fail"
+printRes() {
+    expected_res="$1"
+    actual_res="$2"
+
+    # convert status to string
+    if [ $actual_res = 0 ]; then
+        actual_res=$res_success
+    else
+        actual_res=$res_fail
+    fi
+
+    # check
+    if [ "z$expected_res" = "z$actual_res" ] ; then
+        echo "   OK"
+    else
+        echo " Fail"
+    fi
+
+    # memlog
+    if [ -f .memdump ] ; then
+        cat .memdump >> $logfile
+    fi
+}
+
+#
+# Keys Manager test function
+#
+execKeysTest() {
+    expected_res="$1"
+    req_key_data="$2"
+    key_name="$3"
+    alg_name="$4"
+
+    # prepare
+    rm -f $tmpfile
+    old_pwd=`pwd`
+
+    # check params
+    if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+        echo " Bad parameter: expected_res=$expected_res"
+        cd $old_pwd
+        return
+    fi
+    echo "Test: $alg_name ($expected_res)"
+
+    # check key data
+    if [ -n "$req_key_data" ] ; then
+        printf "    Checking required key data                            "
+        echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $logfile
+        $xmlsec_app check-key-data $xmlsec_params $req_key_data >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            echo "   OK"
+        else
+            echo " Skip"
+            return
+        fi
+    fi
+
+    # run tests
+    printf "    Creating new key                                      "
+    params="--gen-key:$key_name $alg_name"
+    if [ -f $keysfile ] ; then
+        params="$params --keys-file $keysfile"
+    fi
+    echo "$xmlsec_app keys $params $xmlsec_params $keysfile" >>  $logfile 
+    $VALGRIND $xmlsec_app keys $params $xmlsec_params $keysfile >> $logfile 2>> $logfile
+    printRes $expected_res $?
+
+    # cleanup
+    cd $old_pwd
+    rm -f $tmpfile
+}
+
+#
+# DSig test function
+#
+execDSigTest() {
+    expected_res="$1"
+    folder="$2"
+    filename="$3"
+    req_transforms="$4"
+    req_key_data="$5"
+    params1="$6"
+    params2="$7"
+    params3="$8"
+
+    # prepare
+    rm -f $tmpfile
+    old_pwd=`pwd`
+
+    # check params
+    if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+        echo " Bad parameter: expected_res=$expected_res"
+        cd $old_pwd
+        return
+    fi
+    if [ -n "$folder" ] ; then
+        cd $topfolder/$folder
+        full_file=$filename
+        echo $folder/$filename
+        echo "Test: $folder/$filename in folder " `pwd` " ($expected_res)" >> $logfile
+    else
+        full_file=$topfolder/$filename
+        echo $filename
+        echo "Test: $folder/$filename ($expected_res)" >> $logfile
+    fi
+
+    # check transforms
+    if [ -n "$req_transforms" ] ; then
+        printf "    Checking required transforms                         "
+        echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+        $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            echo "   OK"
+        else
+            echo " Skip"
+            cd $old_pwd
+            return
+        fi
+    fi
+
+    # check key data
+    if [ -n "$req_key_data" ] ; then
+        printf "    Checking required key data                            "
+        echo "$xmlsec_app check-key-data $xmlsec_params $req_key_data" >> $logfile
+        $xmlsec_app check-key-data $xmlsec_params $req_key_data >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            echo "  OK"
+        else
+            echo "Skip"
+            return
+        fi
+    fi
+
+    # run tests
+    if [ -n "$params1" ] ; then
+        printf "    Verify existing signature                            "
+        echo "$xmlsec_app verify $xmlsec_params $params1 $full_file.xml" >> $logfile
+        $VALGRIND $xmlsec_app verify $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+        printRes $expected_res $?
+    fi
+
+    if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+        printf "    Create new signature                                 "
+        echo "$xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >> $logfile
+        $VALGRIND $xmlsec_app sign $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
+        printRes $expected_res $?
+    fi
+
+    if [ -n "$params3" -a -z "$PERF_TEST" ] ; then
+        printf "    Verify new signature                                 "
+        echo "$xmlsec_app verify $xmlsec_params $params3 $tmpfile" >> $logfile
+        $VALGRIND $xmlsec_app verify $xmlsec_params $params3 $tmpfile >> $logfile 2>> $logfile
+        printRes $expected_res $?
+    fi
+
+    # cleanup
+    cd $old_pwd
+    rm -f $tmpfile
+}
+
+#
+# Enc test function
+#
+execEncTest() {
+    expected_res="$1"
+    folder="$2"
+    filename="$3"
+    req_transforms="$4"
+    params1="$5"
+    params2="$6"
+    params3="$7"
+
+    # prepare
+    rm -f $tmpfile $tmpfile.2
+    old_pwd=`pwd`
+
+    # check params
+    if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+        echo " Bad parameter: expected_res=$expected_res"
+        cd $old_pwd
+        return
+    fi
+    if [ -n "$folder" ] ; then
+        cd $topfolder/$folder
+        full_file=$filename
+        echo $folder/$filename
+        echo "Test: $folder/$filename in folder " `pwd` " ($expected_res)" >> $logfile
+    else
+        full_file=$topfolder/$filename
+        echo $filename
+        echo "Test: $folder/$filename ($expected_res)" >> $logfile
+    fi
+
+    # check transforms
+    if [ -n "$req_transforms" ] ; then
+        printf "    Checking required transforms                         "
+        echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+        $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            echo "   OK"
+        else
+            echo " Skip"
+            return
+        fi
+    fi
+
+    # run tests
+    if [ -n "$params1" ] ; then
+        rm -f $tmpfile
+        printf "    Decrypt existing document                            "
+        echo "$xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml" >>  $logfile 
+        $VALGRIND $xmlsec_app decrypt $xmlsec_params $params1 $full_file.xml > $tmpfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            diff $diff_param $full_file.data $tmpfile >> $logfile 2>> $logfile
+            printRes $expected_res $?
+        else
+            printRes $expected_res $res
+        fi
+    fi
+
+    if [ -n "$params2" -a -z "$PERF_TEST" ] ; then
+        rm -f $tmpfile
+        printf "    Encrypt document                                     "
+        echo "$xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl" >>  $logfile 
+        $VALGRIND $xmlsec_app encrypt $xmlsec_params $params2 --output $tmpfile $full_file.tmpl >> $logfile 2>> $logfile
+        printRes $expected_res $?
+    fi
+
+    if [ -n "$params3" -a -z "$PERF_TEST" ] ; then 
+        rm -f $tmpfile.2
+        printf "    Decrypt new document                                 "
+        echo "$xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile" >>  $logfile
+        $VALGRIND $xmlsec_app decrypt $xmlsec_params $params3 --output $tmpfile.2 $tmpfile >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            diff $diff_param $full_file.data $tmpfile.2 >> $logfile 2>> $logfile
+            printRes $expected_res $?
+        else
+            printRes $expected_res $res
+        fi
+    fi
+
+    # cleanup
+    cd $old_pwd
+    rm -f $tmpfile $tmpfile.2
+}
+
+execXkmsServerRequestTest() {
+    expected_res="$1"
+    folder="$2"
+    filename="$3"
+    req_transforms="$4"
+    response="$5"
+    params1="$6"
+
+    # prepare
+    rm -f $tmpfile $tmpfile.2 tmpfile.3
+    old_pwd=`pwd`
+
+    # check params
+    if [ "z$expected_res" != "z$res_success" -a "z$expected_res" != "z$res_fail" ] ; then
+        echo " Bad parameter: expected_res=$expected_res"
+        cd $old_pwd
+        return
+    fi
+    if [ -n "$folder" ] ; then
+        cd $topfolder/$folder
+        full_file=$filename
+        full_resfile=$filename-$response
+        echo "$folder/$filename ($response)"
+        echo "Test: $folder/$filename in folder " `pwd` " $response ($expected_res)" >> $logfile
+    else
+        full_file=$topfolder/$filename
+        full_resfile=$topfolder/$filename-$response
+        echo "$filename ($response)"
+        echo "Test: $folder/$filename $response ($expected_res)" >> $logfile
+    fi
+
+    # check transforms
+    if [ -n "$req_transforms" ] ; then
+        printf "    Checking required transforms                         "
+        echo "$xmlsec_app check-transforms $xmlsec_params $req_transforms" >> $logfile
+        $xmlsec_app check-transforms $xmlsec_params $req_transforms >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            echo "   OK"
+        else
+            echo " Skip"
+            return
+        fi
+    fi
+
+    # run tests
+    if [ -n "$params1" ] ; then
+        printf "    Processing xkms request                              "
+        echo "$xmlsec_app --xkms-server-request --output $tmpfile $xmlsec_params $params1 $full_file.xml" >> $logfile
+        $VALGRIND $xmlsec_app --xkms-server-request  --output $tmpfile $xmlsec_params $params1 $full_file.xml >> $logfile 2>> $logfile
+        res=$?
+        if [ $res = 0 ]; then
+            # cleanup Id attribute because it is generated every time
+            sed 's/ Id="[^\"]*"/ Id=""/g' $full_resfile > $tmpfile.2
+            sed 's/ Id="[^\"]*"/ Id=""/g' $tmpfile > $tmpfile.3
+            diff $tmpfile.2 $tmpfile.3 >> $logfile 2>> $logfile
+            printRes $expected_res $?
+        else
+            printRes $expected_res $res
+        fi
+    fi
+
+    # cleanup
+    cd $old_pwd
+    rm -f $tmpfile $tmpfile.2 tmpfile.3
+}
+
+
+# prepare
+rm -rf $tmpfile $tmpfile.2 tmpfile.3
+
+# run tests
+source "$testfile"
+
+# cleanup
+rm -rf $tmpfile $tmpfile.2 tmpfile.3
+
diff --git a/win32/Makefile.msvc b/win32/Makefile.msvc
index 362f41e8..2712a0ad 100644
--- a/win32/Makefile.msvc
+++ b/win32/Makefile.msvc
@@ -30,6 +30,7 @@ AUTOCONF = .\configure.txt
 #XMLSEC_MINOR_VERSION = 0 # set this to the right value.
 #XMLSEC_MICRO_VERSION = 0 # set this to the right value.
 #WITH_XMLSEC_DEBUG = 1
+#UNICODE = 1
 #DEBUG = 0
 #WITH_CRYPTO=openssl
 #WITH_CRYPTO=openssl
@@ -60,28 +61,33 @@ APP_NAME 		= xmlseca.exe
 !else
 APP_NAME 		= xmlsec.exe
 !endif
+APP_NAME_MANIFEST	= $(APP_NAME).manifest
 
 XMLSEC_NAME 		= xmlsec
 XMLSEC_BASENAME 	= lib$(XMLSEC_NAME)
 XMLSEC_SO 		= $(XMLSEC_BASENAME).dll
+XMLSEC_SO_MANIFEST	= $(XMLSEC_BASENAME).dll.manifest
 XMLSEC_IMP 		= $(XMLSEC_BASENAME).lib
 XMLSEC_A 		= $(XMLSEC_BASENAME)_a.lib
 
 XMLSEC_OPENSSL_NAME 	= $(XMLSEC_NAME)-openssl
 XMLSEC_OPENSSL_BASENAME = lib$(XMLSEC_OPENSSL_NAME)
 XMLSEC_OPENSSL_SO 	= $(XMLSEC_OPENSSL_BASENAME).dll
+XMLSEC_OPENSSL_SO_MANIFEST = $(XMLSEC_OPENSSL_BASENAME).dll.manifest
 XMLSEC_OPENSSL_IMP 	= $(XMLSEC_OPENSSL_BASENAME).lib
 XMLSEC_OPENSSL_A 	= $(XMLSEC_OPENSSL_BASENAME)_a.lib
 
 XMLSEC_NSS_NAME 	= $(XMLSEC_NAME)-nss
 XMLSEC_NSS_BASENAME 	= lib$(XMLSEC_NSS_NAME)
 XMLSEC_NSS_SO 		= $(XMLSEC_NSS_BASENAME).dll
+XMLSEC_NSS_SO_MANIFEST	= $(XMLSEC_NSS_BASENAME).dll.manifest
 XMLSEC_NSS_IMP 		= $(XMLSEC_NSS_BASENAME).lib
 XMLSEC_NSS_A 		= $(XMLSEC_NSS_BASENAME)_a.lib
 
 XMLSEC_MSCRYPTO_NAME 	= $(XMLSEC_NAME)-mscrypto
 XMLSEC_MSCRYPTO_BASENAME= lib$(XMLSEC_MSCRYPTO_NAME)
 XMLSEC_MSCRYPTO_SO 	= $(XMLSEC_MSCRYPTO_BASENAME).dll
+XMLSEC_MSCRYPTO_SO_MANIFEST = $(XMLSEC_MSCRYPTO_BASENAME).dll.manifest
 XMLSEC_MSCRYPTO_IMP 	= $(XMLSEC_MSCRYPTO_BASENAME).lib
 XMLSEC_MSCRYPTO_A 	= $(XMLSEC_MSCRYPTO_BASENAME)_a.lib
 
@@ -137,6 +143,7 @@ XMLSEC_OBJS = \
 	$(XMLSEC_INTDIR)\keys.obj \
 	$(XMLSEC_INTDIR)\keysdata.obj \
 	$(XMLSEC_INTDIR)\keysmngr.obj \
+	$(XMLSEC_INTDIR)\kw_aes_des.obj \
 	$(XMLSEC_INTDIR)\list.obj \
 	$(XMLSEC_INTDIR)\membuf.obj \
 	$(XMLSEC_INTDIR)\nodeset.obj \
@@ -167,6 +174,7 @@ XMLSEC_OBJS_A = \
 	$(XMLSEC_INTDIR_A)\keys.obj \
 	$(XMLSEC_INTDIR_A)\keysdata.obj \
 	$(XMLSEC_INTDIR_A)\keysmngr.obj \
+	$(XMLSEC_INTDIR_A)\kw_aes_des.obj \
 	$(XMLSEC_INTDIR_A)\list.obj \
 	$(XMLSEC_INTDIR_A)\membuf.obj \
 	$(XMLSEC_INTDIR_A)\nodeset.obj \
@@ -257,8 +265,11 @@ XMLSEC_MSCRYPTO_OBJS = \
 	$(XMLSEC_MSCRYPTO_INTDIR)\crypto.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\ciphers.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\digests.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR)\hmac.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\symkeys.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\kt_rsa.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR)\kw_aes.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR)\kw_des.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\strings.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\signatures.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR)\certkeys.obj \
@@ -270,8 +281,11 @@ XMLSEC_MSCRYPTO_OBJS_A = \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\crypto.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\ciphers.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\digests.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR_A)\hmac.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\symkeys.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\kt_rsa.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR_A)\kw_aes.obj \
+	$(XMLSEC_MSCRYPTO_INTDIR_A)\kw_des.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\strings.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\signatures.obj \
 	$(XMLSEC_MSCRYPTO_INTDIR_A)\certkeys.obj \
@@ -290,7 +304,7 @@ CPPFLAGS 		= /nologo
 #
 CC 			= cl.exe
 CFLAGS 			= /nologo /D "WIN32" /D "_WINDOWS" 
-CFLAGS 			= $(CFLAGS) /D "_MBCS" /D "_REENTRANT"  /W1 /MD 
+CFLAGS 			= $(CFLAGS) /D "_MBCS" /D "_REENTRANT"  /W1  
 CFLAGS 			= $(CFLAGS) /I$(BASEDIR) /I$(BASEDIR)\include
 CFLAGS 			= $(CFLAGS) /I$(INCPREFIX)
 CFLAGS 			= $(CFLAGS) /D PACKAGE=\"$(XMLSEC_NAME)\" 
@@ -298,11 +312,15 @@ CFLAGS 			= $(CFLAGS) /D "HAVE_STDIO_H" /D "HAVE_STDLIB_H"
 CFLAGS 			= $(CFLAGS) /D "HAVE_STRING_H" /D "HAVE_CTYPE_H"
 CFLAGS 			= $(CFLAGS) /D "HAVE_MALLOC_H" /D "HAVE_MEMORY_H"
 
+!if "$(UNICODE)" == "1"
+CFLAGS 			= $(CFLAGS) /D "UNICODE" /D "_UNICODE"
+!endif
+
 # Optimisation and debug symbols.
 !if "$(DEBUG)" == "1"
-CFLAGS 			= $(CFLAGS) /D "_DEBUG" /Od /Z7
+CFLAGS 			= $(CFLAGS) /D "_DEBUG" /Od /Z7 /MDd 
 !else
-CFLAGS 			= $(CFLAGS) /D "NDEBUG" /O2 
+CFLAGS 			= $(CFLAGS) /D "NDEBUG" /O2 /MD
 !endif
 
 # configurable options
@@ -445,28 +463,28 @@ check-keys : $(BINDIR)\$(APP_NAME)
 	cd ..
 	if not exist win32\tmp mkdir win32\tmp
 	set TMPFOLDER=win32/tmp
-	sh ./tests/testKeys.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
+	sh ./tests/testrun.sh ./tests/testKeys.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
 	cd win32
 
 check-dsig : $(BINDIR)\$(APP_NAME)	
 	cd ..
 	if not exist win32\tmp mkdir win32\tmp
 	set TMPFOLDER=win32/tmp
-	sh ./tests/testDSig.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
+	sh ./tests/testrun.sh ./tests/testDSig.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
 	cd win32
 
 check-enc : $(BINDIR)\$(APP_NAME)
 	cd ..
 	if not exist win32\tmp mkdir win32\tmp
 	set TMPFOLDER=win32/tmp
-	sh ./tests/testEnc.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
+	sh ./tests/testrun.sh ./tests/testEnc.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
 	cd win32
 
 check-xkms : $(BINDIR)\$(APP_NAME)
 	cd ..
 	if not exist win32\tmp mkdir win32\tmp
 	set TMPFOLDER=win32\tmp
-	sh ./tests/testXKMS.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
+	sh ./tests/testrun.sh ./tests/testXKMS.sh default ./tests win32/$(BINDIR)/$(APP_NAME) der
 	cd win32
 		
 clean :
@@ -486,44 +504,54 @@ rebuild : clean all
 
 install : all
 	if not exist $(INCPREFIX)\$(XMLSEC_NAME) mkdir $(INCPREFIX)\$(XMLSEC_NAME)
+	if not exist $(BINPREFIX) mkdir $(BINPREFIX)
+	if not exist $(LIBPREFIX) mkdir $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\openssl mkdir $(INCPREFIX)\$(XMLSEC_NAME)\openssl
 	if exist $(BINDIR)\$(XMLSEC_NSS_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\nss mkdir $(INCPREFIX)\$(XMLSEC_NAME)\nss
 	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) if not exist $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto mkdir $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
-	if not exist $(BINPREFIX) mkdir $(BINPREFIX)
-	if not exist $(LIBPREFIX) mkdir $(LIBPREFIX)
-	copy $(BASEDIR)\include\$(XMLSEC_NAME)\*.h $(INCPREFIX)\$(XMLSEC_NAME)
+	if exist $(BASEDIR)\include\$(XMLSEC_NAME) copy $(BASEDIR)\include\$(XMLSEC_NAME)\*.h $(INCPREFIX)\$(XMLSEC_NAME)
 	if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\openssl\*.h $(INCPREFIX)\$(XMLSEC_NAME)\openssl
 	if exist $(BINDIR)\$(XMLSEC_NSS_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\nss\*.h $(INCPREFIX)\$(XMLSEC_NAME)\nss
 	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) copy $(BASEDIR)\include\$(XMLSEC_NAME)\mscrypto\*.h $(INCPREFIX)\$(XMLSEC_NAME)\mscrypto
-	copy $(BINDIR)\$(XMLSEC_SO) $(SOPREFIX)
-	copy $(BINDIR)\$(XMLSEC_A) $(LIBPREFIX)
-	copy $(BINDIR)\$(XMLSEC_IMP) $(LIBPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_SO) copy $(BINDIR)\$(XMLSEC_SO) $(SOPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_SO_MANIFEST) copy $(BINDIR)\$(XMLSEC_SO_MANIFEST) $(SOPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_A) copy $(BINDIR)\$(XMLSEC_A) $(LIBPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_IMP) copy $(BINDIR)\$(XMLSEC_IMP) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO) copy $(BINDIR)\$(XMLSEC_OPENSSL_SO) $(SOPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_OPENSSL_SO_MANIFEST) copy $(BINDIR)\$(XMLSEC_OPENSSL_SO_MANIFEST) $(SOPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_OPENSSL_A) copy $(BINDIR)\$(XMLSEC_OPENSSL_A) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_OPENSSL_IMP) copy $(BINDIR)\$(XMLSEC_OPENSSL_IMP) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_NSS_SO) copy $(BINDIR)\$(XMLSEC_NSS_SO) $(SOPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_NSS_SO_MANIFEST) copy $(BINDIR)\$(XMLSEC_NSS_SO_MANIFEST) $(SOPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_NSS_A) copy $(BINDIR)\$(XMLSEC_NSS_A) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_NSS_IMP) copy $(BINDIR)\$(XMLSEC_NSS_IMP) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) copy $(BINDIR)\$(XMLSEC_MSCRYPTO_SO) $(SOPREFIX)
+	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_SO_MANIFEST) copy $(BINDIR)\$(XMLSEC_MSCRYPTO_SO_MANIFEST) $(SOPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_A) copy $(BINDIR)\$(XMLSEC_MSCRYPTO_A) $(LIBPREFIX)
 	if exist $(BINDIR)\$(XMLSEC_MSCRYPTO_IMP) copy $(BINDIR)\$(XMLSEC_MSCRYPTO_IMP) $(LIBPREFIX)
-	copy $(BINDIR)\$(APP_NAME) $(BINPREFIX)
+	if exist $(BINDIR)\$(APP_NAME) copy $(BINDIR)\$(APP_NAME) $(BINPREFIX)
+	if exist $(BINDIR)\$(APP_NAME_MANIFEST) copy $(BINDIR)\$(APP_NAME_MANIFEST) $(BINPREFIX)
 
 uninstall :
 	if exist $(INCPREFIX)\$(XMLSEC_NAME) rmdir /S /Q $(INCPREFIX)\$(XMLSEC_NAME)
 	if exist $(SOPREFIX)\$(XMLSEC_SO) del /F /S /Q $(SOPREFIX)\$(XMLSEC_SO)
+	if exist $(SOPREFIX)\$(XMLSEC_SO_MANIFEST) del /F /S /Q $(SOPREFIX)\$(XMLSEC_SO)
 	if exist $(LIBPREFIX)\$(XMLSEC_A) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_A)
 	if exist $(LIBPREFIX)\$(XMLSEC_IMP) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_IMP)
 	if exist $(SOPREFIX)\$(XMLSEC_OPENSSL_SO) del /F /S /Q $(SOPREFIX)\$(XMLSEC_OPENSSL_SO)
+	if exist $(SOPREFIX)\$(XMLSEC_OPENSSL_SO_MANIFEST) del /F /S /Q $(SOPREFIX)\$(XMLSEC_OPENSSL_SO)
 	if exist $(LIBPREFIX)\$(XMLSEC_OPENSSL_A) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_OPENSSL_A)
 	if exist $(LIBPREFIX)\$(XMLSEC_OPENSSL_IMP) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_OPENSSL_IMP)
 	if exist $(SOPREFIX)\$(XMLSEC_NSS_SO) del /F /S /Q $(SOPREFIX)\$(XMLSEC_NSS_SO)
+	if exist $(SOPREFIX)\$(XMLSEC_NSS_SO_MANIFEST) del /F /S /Q $(SOPREFIX)\$(XMLSEC_NSS_SO)
 	if exist $(LIBPREFIX)\$(XMLSEC_NSS_A) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_NSS_A)
 	if exist $(LIBPREFIX)\$(XMLSEC_NSS_IMP) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_NSS_IMP)
 	if exist $(SOPREFIX)\$(XMLSEC_MSCRYPTO_SO) del /F /S /Q $(SOPREFIX)\$(XMLSEC_MSCRYPTO_SO)
+	if exist $(SOPREFIX)\$(XMLSEC_MSCRYPTO_SO_MANIFEST) del /F /S /Q $(SOPREFIX)\$(XMLSEC_MSCRYPTO_SO)
 	if exist $(LIBPREFIX)\$(XMLSEC_MSCRYPTO_A) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_MSCRYPTO_A)
 	if exist $(LIBPREFIX)\$(XMLSEC_MSCRYPTO_IMP) del /F /S /Q $(LIBPREFIX)\$(XMLSEC_MSCRYPTO_IMP)
 	if exist $(BINPREFIX)\$(APP_NAME) del /F /S /Q $(BINPREFIX)\$(APP_NAME)
+	if exist $(BINPREFIX)\$(APP_NAME_MANIFEST) del /F /S /Q $(BINPREFIX)\$(APP_NAME_MANIFEST)
 
 # This is a target for me, to make a binary distribution. Not for the public use,
 # keep your hands off :-)
diff --git a/win32/configure.js b/win32/configure.js
index 02625b60..1d3622ca 100644
--- a/win32/configure.js
+++ b/win32/configure.js
@@ -45,9 +45,10 @@ var withNss = 0;
 var withMSCrypto = 0;
 var withLibXSLT = 1;
 var withIconv = 1;
-var withNT4 = 0;
+var withNT4 = 1;
 
 /* Win32 build options. */
+var buildUnicode = 1;
 var buildDebug = 0;
 var buildStatic = 1;
 var buildWithDLSupport = 1;
@@ -102,6 +103,7 @@ function usage()
  	txt += "  iconv:      Use the iconv library (" + (withIconv? "yes" : "no")  + ")\n";	
  	txt += "  nt4:        Enable NT 4.0 support (" + (withNT4? "yes" : "no")  + ")\n";	
 	txt += "\nWin32 build options, default value given in parentheses:\n\n";
+	txt += "  unicode:    Build Unicode version (" + (buildUnicode? "yes" : "no")  + ")\n";
 	txt += "  debug:      Build unoptimised debug executables (" + (buildDebug? "yes" : "no")  + ")\n";
 	txt += "  static:     Link libxmlsec statically to xmlsec (" + (buildStatic? "yes" : "no")  + ")\n";
 	txt += "  with-dl:    Enable dynamic loading of xmlsec-crypto libraries (" + (buildWithDLSupport? "yes" : "no")  + ")\n";
@@ -157,12 +159,13 @@ function discoverVersion()
 	vf.WriteLine("WITH_CRYPTO=" + withCrypto);	
 	vf.WriteLine("WITH_DEFAULT_CRYPTO=" + withDefaultCrypto);	
 	vf.WriteLine("WITH_OPENSSL=" + withOpenSSL);	
-	vf.WriteLine("WITH_OPENSSL_VERSION=" + withOpenSSLVersion);	
+	vf.WriteLine("WITH_OPENSSL_VERSION=XMLSEC_OPENSSL_" + withOpenSSLVersion);	
 	vf.WriteLine("WITH_NSS=" + withNss);	
 	vf.WriteLine("WITH_MSCRYPTO=" + withMSCrypto);	
 	vf.WriteLine("WITH_LIBXSLT=" + (withLibXSLT ? "1" : "0"));
 	vf.WriteLine("WITH_ICONV=" + (withIconv ? "1" : "0"));
 	vf.WriteLine("WITH_NT4=" + (withNT4 ? "1" : "0"));
+	vf.WriteLine("UNICODE=" + (buildUnicode? "1" : "0"));
 	vf.WriteLine("DEBUG=" + (buildDebug? "1" : "0"));
 	vf.WriteLine("STATIC=" + (buildStatic? "1" : "0"));
 	vf.WriteLine("WITH_DL=" + (buildWithDLSupport ? "1" : "0"));
@@ -254,6 +257,8 @@ for (i = 0; (i < WScript.Arguments.length) && (error == 0); i++) {
 			withIconv = strToBool(arg.substring(opt.length + 1, arg.length));
 		else if (opt == "nt4")
 			withNT4 = strToBool(arg.substring(opt.length + 1, arg.length));
+		else if (opt == "unicode")
+			buildUnicode = strToBool(arg.substring(opt.length + 1, arg.length));
 		else if (opt == "debug")
 			buildDebug = strToBool(arg.substring(opt.length + 1, arg.length));
 		else if (opt == "static")
@@ -306,19 +311,19 @@ for (j = 0; j < crlist.length; j++) {
 	if (crlist[j] == "openssl") {
 		curcrypto="openssl";
 		withOpenSSL = 1;
-		withOpenSSLVersion = "XMLSEC_OPENSSL_098"; /* default */
+		withOpenSSLVersion = "098"; /* default */
 	} else if (crlist[j] == "openssl=096") {
 		curcrypto="openssl";
 		withOpenSSL = 1;
-		withOpenSSLVersion = "XMLSEC_OPENSSL_096";
+		withOpenSSLVersion = "096";
 	} else if (crlist[j] == "openssl=097") {
 		curcrypto="openssl";
 		withOpenSSL = 1;
-		withOpenSSLVersion = "XMLSEC_OPENSSL_097";
+		withOpenSSLVersion = "097";
 	} else if (crlist[j] == "openssl=098") {
 		curcrypto="openssl";
 		withOpenSSL = 1;
-		withOpenSSLVersion = "XMLSEC_OPENSSL_098";
+		withOpenSSLVersion = "098";
 	} else if (crlist[j] == "nss") {
 		curcrypto="nss";
 		withNss = 1;
@@ -364,8 +369,8 @@ var txtOut = "\nXMLSEC configuration\n";
 txtOut += "----------------------------\n";
 txtOut += "         Use Crypto: " + withCrypto + "\n";
 txtOut += " Use Default Crypto: " + withDefaultCrypto + "\n";
-txtOut += "       Use OpenSSL: " + boolToStr(withOpenSSL) + "\n";
-txtOut += "Use OpenSSL Version: " + boolToStr(withOpenSSLVersion) + "\n";
+txtOut += "        Use OpenSSL: " + boolToStr(withOpenSSL) + "\n";
+txtOut += "Use OpenSSL Version: " + withOpenSSLVersion + "\n";
 txtOut += "            Use NSS: " + boolToStr(withNss) + "\n";
 txtOut += "       Use MSCrypto: " + boolToStr(withMSCrypto) + "\n";
 txtOut += "        Use LibXSLT: " + boolToStr(withLibXSLT) + "\n";
@@ -374,9 +379,10 @@ txtOut += "     NT 4.0 support: " + boolToStr(withNT4) + "\n";
 txtOut += "\n";
 txtOut += "Win32 build configuration\n";
 txtOut += "-------------------------\n";
+txtOut += "           Unicode: " + boolToStr(buildUnicode) + "\n";
 txtOut += "     Debug symbols: " + boolToStr(buildDebug) + "\n";
 txtOut += "     Static xmlsec: " + boolToStr(buildStatic) + "\n";
-txtOut += "  Enable DL suport: " + boolToStr(buildWithDLSupport) + "\n";
+txtOut += " Enable DL support: " + boolToStr(buildWithDLSupport) + "\n";
 txtOut += "    Install prefix: " + buildPrefix + "\n";
 txtOut += "      Put tools in: " + buildBinPrefix + "\n";
 txtOut += "    Put headers in: " + buildIncPrefix + "\n";
diff --git a/win32/mycfg.bat b/win32/mycfg.bat
index bf75ff03..9af468e3 100644
--- a/win32/mycfg.bat
+++ b/win32/mycfg.bat
@@ -11,7 +11,7 @@ REM
 SET PREFIX=C:\cygwin\home\local
 SET XMLSEC_INCLUDE=%PREFIX%\include;%PREFIX%\include\mozilla;%PREFIX%\include\mozilla\nspr;%PREFIX%\include\mozilla\nss;%MSSDK_INCLUDE%
 SET XMLSEC_LIB=%PREFIX%\lib;%MSSDK_LIB%
-SET XMLSEC_OPTIONS=static=no iconv=no nt4=yes debug=yes xslt=yes crypto=openssl=098,mscrypto
+SET XMLSEC_OPTIONS=static=no iconv=no debug=yes xslt=yes crypto=mscrypto,openssl unicode=yes
 
 del /F Makefile configure.txt
 cscript configure.js prefix=%PREFIX% %XMLSEC_OPTIONS% include=%XMLSEC_INCLUDE% lib=%XMLSEC_LIB% 
diff --git a/xmlsec-config.in b/xmlsec-config.in
index 646109cf..cb46909b 100644
--- a/xmlsec-config.in
+++ b/xmlsec-config.in
@@ -21,7 +21,7 @@ Known values for OPTION are:
   --help		display this help and exit
   --version		output version information
   --crypto=LIB		configure with XMLSEC crypto library (one of the
-			following: none default openssl gnutls nss) 
+			following: none default openssl nss gnutls gcrypt)
 EOF
 
     exit $1
@@ -167,6 +167,17 @@ gnutls)
     fi
     ;;
 
+gcrypt)
+    if test "@XMLSEC_NO_GCRYPT@" = "0"; then
+        the_crypto_flags="@GCRYPT_CFLAGS@ -DXMLSEC_CRYPTO=\\\"gcrypt\\\""
+	the_crypto_libs="@GCRYPT_LIBS@"
+        the_xmlsec_crypto_lib="-l@GCRYPT_CRYPTO_LIB@"
+    else
+        echo "Error: the \"$crypto\" cryptographic library is not supported"
+	usage 1
+    fi
+    ;;
+
 nss)
     if test "@XMLSEC_NO_NSS@" = "0"; then
         the_crypto_flags="@NSS_CFLAGS@ -DXMLSEC_CRYPTO=\\\"nss\\\""
diff --git a/xmlsec-gcrypt.pc.in b/xmlsec-gcrypt.pc.in
new file mode 100644
index 00000000..1c00496c
--- /dev/null
+++ b/xmlsec-gcrypt.pc.in
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: xmlsec1-gcrypt
+Version: @VERSION@
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
+Cflags: -DXMLSEC_CRYPTO=\"gcrypt\" @XMLSEC_GCRYPT_CFLAGS@
+Libs: @XMLSEC_GCRYPT_LIBS@
diff --git a/xmlsec-gnutls.pc.in b/xmlsec-gnutls.pc.in
index e2c50a07..e538cd43 100644
--- a/xmlsec-gnutls.pc.in
+++ b/xmlsec-gnutls.pc.in
@@ -6,6 +6,6 @@ includedir=@includedir@
 Name: xmlsec1-gnutls
 Version: @VERSION@
 Description: XML Security Library implements XML Signature and XML Encryption standards
-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ 
-Cflags: -DXMLSEC_CRYPTO=\\\"gnutls\\\" @XMLSEC_GNUTLS_CFLAGS@
-Libs: @XMLSEC_GNUTLS_LIBS@ 
+Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
+Cflags: -DXMLSEC_CRYPTO=\"gnutls\" @XMLSEC_GNUTLS_CFLAGS@
+Libs: @XMLSEC_GNUTLS_LIBS@
diff --git a/xmlsec-nss.pc.in b/xmlsec-nss.pc.in
index 0e71e9e3..a6d6c5c8 100644
--- a/xmlsec-nss.pc.in
+++ b/xmlsec-nss.pc.in
@@ -7,5 +7,5 @@ Name: xmlsec1-nss
 Version: @VERSION@
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@
-Cflags: -DXMLSEC_CRYPTO=\\\"nss\\\" -DXMLSEC_CRYPTO_NSS=1 @XMLSEC_CORE_CFLAGS@
+Cflags: -DXMLSEC_CRYPTO=\"nss\" -DXMLSEC_CRYPTO_NSS=1 @XMLSEC_CORE_CFLAGS@
 Libs: -L${libdir} -lxmlsec1-nss @XMLSEC_CORE_LIBS@
diff --git a/xmlsec-openssl.pc.in b/xmlsec-openssl.pc.in
index 31fe2611..85ee2b09 100644
--- a/xmlsec-openssl.pc.in
+++ b/xmlsec-openssl.pc.in
@@ -7,5 +7,5 @@ Name: xmlsec1-openssl
 Version: @VERSION@
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ 
-Cflags: -DXMLSEC_CRYPTO=\\\"openssl\\\" @XMLSEC_OPENSSL_CFLAGS@
+Cflags: -DXMLSEC_CRYPTO=\"openssl\" @XMLSEC_OPENSSL_CFLAGS@
 Libs: @XMLSEC_OPENSSL_LIBS@
diff --git a/xmlsec.pc.in b/xmlsec.pc.in
index 2207b27d..a750ab83 100644
--- a/xmlsec.pc.in
+++ b/xmlsec.pc.in
@@ -7,5 +7,5 @@ Name: xmlsec1
 Version: @VERSION@
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ 
-Cflags: -DXMLSEC_CRYPTO=\\\"@XMLSEC_CRYPTO@\\\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@
+Cflags: -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@
 Libs: -L${libdir} @XMLSEC_CORE_LIBS@ 
diff --git a/xmlsec1-config b/xmlsec1-config
index 78c06ca6..aa5861c2 100644
--- a/xmlsec1-config
+++ b/xmlsec1-config
@@ -21,7 +21,7 @@ Known values for OPTION are:
   --help		display this help and exit
   --version		output version information
   --crypto=LIB		configure with XMLSEC crypto library (one of the
-			following: none default openssl gnutls nss) 
+			following: none default openssl nss gnutls gcrypt)
 EOF
 
     exit $1
@@ -79,7 +79,7 @@ do
 	;;
 
     --version)
-	echo 1.2.14
+	echo 1.2.19
 	exit 0
 	;;
     
@@ -140,14 +140,14 @@ none)
     ;;
 
 default) 
-    the_crypto_flags="  -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
+    the_crypto_flags="  -DXMLSEC_OPENSSL_100=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
     the_crypto_libs="-lssl -lcrypto  "
     the_xmlsec_crypto_lib="-lxmlsec1-openssl"
     ;;
     
 openssl)
     if test "0" = "0"; then
-        the_crypto_flags="  -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
+        the_crypto_flags="  -DXMLSEC_OPENSSL_100=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
 	the_crypto_libs="-lssl -lcrypto  "
         the_xmlsec_crypto_lib="-lxmlsec1-openssl"
     else
@@ -158,7 +158,7 @@ openssl)
 
 gnutls)
     if test "0" = "0"; then
-        the_crypto_flags="  -DXMLSEC_CRYPTO_GNUTLS=1 -DXMLSEC_CRYPTO=\\\"gnutls\\\""
+        the_crypto_flags="-I/usr/include/p11-kit-1   -DXMLSEC_CRYPTO_GNUTLS=1 -DXMLSEC_CRYPTO=\\\"gnutls\\\""
 	the_crypto_libs="-lgnutls  "
         the_xmlsec_crypto_lib="-lxmlsec1-gnutls"
     else
@@ -167,10 +167,21 @@ gnutls)
     fi
     ;;
 
+gcrypt)
+    if test "0" = "0"; then
+        the_crypto_flags="  -DXMLSEC_CRYPTO_GCRYPT=1 -DXMLSEC_CRYPTO=\\\"gcrypt\\\""
+	the_crypto_libs=" -L/lib/i386-linux-gnu -lgcrypt"
+        the_xmlsec_crypto_lib="-lxmlsec1-gcrypt"
+    else
+        echo "Error: the \"$crypto\" cryptographic library is not supported"
+	usage 1
+    fi
+    ;;
+
 nss)
     if test "0" = "0"; then
         the_crypto_flags="-I/usr/include/nspr -I/usr/include/nss   -DXMLSEC_CRYPTO_NSS=1 -DXMLSEC_CRYPTO=\\\"nss\\\""
-	the_crypto_libs="-lnss3 -lnssutil3 -lsmime3 -lssl3 -lplds4 -lplc4 -lnspr4 -lpthread -ldl  "
+	the_crypto_libs="-lnss3 -lnssutil3 -lsmime3 -lssl3 -lplds4 -lplc4 -lnspr4  "
         the_xmlsec_crypto_lib="-lxmlsec1-nss"
     else
         echo "Error: the \"$crypto\" cryptographic library is not supported"
@@ -188,7 +199,7 @@ esac
 #
 # Assemble all the settings together
 #
-the_flags="$the_flags  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1   $the_xml_flags $the_xslt_flags $the_crypto_flags"
+the_flags="$the_flags  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1   $the_xml_flags $the_xslt_flags $the_crypto_flags"
 the_libs="$the_libs -L${package_libdir} -lxmlsec1 -lltdl  $the_xmlsec_crypto_lib -lxmlsec1 $the_xml_libs $the_xslt_libs $the_crypto_libs"
 
 if $cflags; then
diff --git a/xmlsec1-gcrypt.pc b/xmlsec1-gcrypt.pc
new file mode 100644
index 00000000..fa468758
--- /dev/null
+++ b/xmlsec1-gcrypt.pc
@@ -0,0 +1,11 @@
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name: xmlsec1-gcrypt
+Version: 1.2.19
+Description: XML Security Library implements XML Signature and XML Encryption standards
+Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20
+Cflags: -DXMLSEC_CRYPTO=\"gcrypt\"  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1     -DXMLSEC_CRYPTO_GCRYPT=1
+Libs: -L${exec_prefix}/lib -lxmlsec1-gcrypt -lxmlsec1 -lltdl   -L/lib/i386-linux-gnu -lgcrypt
diff --git a/xmlsec1-gnutls.pc b/xmlsec1-gnutls.pc
index 9dcde34c..9f2d6061 100644
--- a/xmlsec1-gnutls.pc
+++ b/xmlsec1-gnutls.pc
@@ -4,8 +4,8 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 
 Name: xmlsec1-gnutls
-Version: 1.2.14
+Version: 1.2.19
 Description: XML Security Library implements XML Signature and XML Encryption standards
-Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20 
-Cflags: -DXMLSEC_CRYPTO=\\\"gnutls\\\"  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1     -DXMLSEC_CRYPTO_GNUTLS=1
-Libs: -L${exec_prefix}/lib -lxmlsec1-gnutls -lxmlsec1 -lltdl  -lgnutls   
+Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20
+Cflags: -DXMLSEC_CRYPTO=\"gnutls\"  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1   -I/usr/include/p11-kit-1   -DXMLSEC_CRYPTO_GNUTLS=1
+Libs: -L${exec_prefix}/lib -lxmlsec1-gnutls -lxmlsec1-gcrypt -lxmlsec1 -lltdl  -lgnutls  
diff --git a/xmlsec1-nss.pc b/xmlsec1-nss.pc
index 2f3439db..6ed64460 100644
--- a/xmlsec1-nss.pc
+++ b/xmlsec1-nss.pc
@@ -4,8 +4,8 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 
 Name: xmlsec1-nss
-Version: 1.2.14
+Version: 1.2.19
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20 xulrunner-nspr >= 1.4 xulrunner-nss >= 1.4
-Cflags: -DXMLSEC_CRYPTO=\\\"nss\\\" -DXMLSEC_CRYPTO_NSS=1  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1  
+Cflags: -DXMLSEC_CRYPTO=\"nss\" -DXMLSEC_CRYPTO_NSS=1  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1  
 Libs: -L${libdir} -lxmlsec1-nss -lxmlsec1 -lltdl 
diff --git a/xmlsec1-openssl.pc b/xmlsec1-openssl.pc
index f749437c..14d95d82 100644
--- a/xmlsec1-openssl.pc
+++ b/xmlsec1-openssl.pc
@@ -4,8 +4,8 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 
 Name: xmlsec1-openssl
-Version: 1.2.14
+Version: 1.2.19
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20 
-Cflags: -DXMLSEC_CRYPTO=\\\"openssl\\\"  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1     -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1
+Cflags: -DXMLSEC_CRYPTO=\"openssl\"  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1     -DXMLSEC_OPENSSL_100=1 -DXMLSEC_CRYPTO_OPENSSL=1
 Libs: -L${exec_prefix}/lib -lxmlsec1-openssl -lxmlsec1 -lltdl  -lssl -lcrypto  
diff --git a/xmlsec1.m4 b/xmlsec1.m4
index 0f5e21aa..363c723d 100644
--- a/xmlsec1.m4
+++ b/xmlsec1.m4
@@ -108,7 +108,7 @@ int main(int argc, char **argv) {
 		printf("*** being found. The easiest way to fix this is to remove the old version\n");
 		printf("*** of libxmlsec1, but you can also set the XMLSEC1_CONFIG environment to point to the\n");
 		printf("*** correct copy of xmlsec1-config. (In this case, you will have to\n");
-		printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n");
+		printf("*** modify your LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf\n");
 		printf("*** so that the correct libraries are found at run-time))\n");
 		return 1;
 	}
diff --git a/xmlsec1.pc b/xmlsec1.pc
index 583092f0..25bf813a 100644
--- a/xmlsec1.pc
+++ b/xmlsec1.pc
@@ -4,8 +4,8 @@ libdir=${exec_prefix}/lib
 includedir=${prefix}/include
 
 Name: xmlsec1
-Version: 1.2.14
+Version: 1.2.19
 Description: XML Security Library implements XML Signature and XML Encryption standards
 Requires: libxml-2.0 >= 2.7.4 libxslt >= 1.0.20 
-Cflags: -DXMLSEC_CRYPTO=\\\"openssl\\\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1  
+Cflags: -DXMLSEC_CRYPTO=\"openssl\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1  -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1  
 Libs: -L${libdir} -lxmlsec1 -lltdl  
diff --git a/xmlsec1.spec b/xmlsec1.spec
index 9837ca9c..5c4f31b9 100644
--- a/xmlsec1.spec
+++ b/xmlsec1.spec
@@ -1,6 +1,6 @@
 Summary: Library providing support for "XML Signature" and "XML Encryption" standards
 Name: xmlsec1
-Version: 1.2.14
+Version: 1.2.19
 Release: 1
 License: MIT
 Group: Development/Libraries
diff --git a/xmlsec1Conf.sh b/xmlsec1Conf.sh
index 8b177d66..75f04415 100644
--- a/xmlsec1Conf.sh
+++ b/xmlsec1Conf.sh
@@ -7,7 +7,7 @@ libdir="${exec_prefix}/lib"
 includedir="${prefix}/include"
 
 XMLSEC_LIBDIR="${exec_prefix}/lib"
-XMLSEC_INCLUDEDIR=" -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1, -I${prefix}/include/xmlsec1   -I/usr/include/libxml2   -I/usr/include/libxml2     -DXMLSEC_OPENSSL_098=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
+XMLSEC_INCLUDEDIR=" -D__XMLSEC_FUNCTION__=__FUNCTION__ -DXMLSEC_NO_GOST=1 -DXMLSEC_NO_XKMS=1 -DXMLSEC_DL_LIBLTDL=1 -I${prefix}/include/xmlsec1   -I/usr/include/libxml2   -I/usr/include/libxml2     -DXMLSEC_OPENSSL_100=1 -DXMLSEC_CRYPTO_OPENSSL=1 -DXMLSEC_CRYPTO=\\\"openssl\\\""
 XMLSEC_LIBS="-L${exec_prefix}/lib -lxmlsec1-openssl -lxmlsec1 -lltdl  -lxml2   -lxslt -lxml2   -lssl -lcrypto  "
-MODULE_VERSION="xmlsec-1.2.14-openssl"
+MODULE_VERSION="xmlsec-1.2.19-openssl"